PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-19 22:19:02 +00:00
Code Issues Projects Releases Wiki Activity
7,705 Commits 2 Branches 0 Tags
cdfa6e711d92e294d76a6c36a73011b51b55c096
Commit Graph

7705 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
batrick
6cbcf02734 Get the closure from the library, don't make a new one. 2012-05-28 21:48:54 +00:00
aca
ba67aa5993 Commited rmi-vuln-classloader script 2012-05-28 18:04:28 +00:00
david
091d848838 Prevent a null pointer dereference in nse_nsock_get_ssl. 
This could be provoked by a script calling nmap.get_ssl_certificate on
an unconnected socket.
 2012-05-28 17:44:10 +00:00
david
fc49819007 Remove condition with no effect. 2012-05-28 17:08:18 +00:00
david
8175095717 Typo. 2012-05-28 17:08:17 +00:00
david
1b661b2da6 TODO for higher-res icons. 2012-05-28 06:41:05 +00:00
paulino
6404b3dca4 Adds vuln reference link and credits. 2012-05-27 21:00:08 +00:00
batrick
5a6ba87472 Fixed bug where directory iterator did not get the DIR_METATABLE upvalue. 2012-05-27 19:55:22 +00:00
patrik
656f03676e Added missing second parameter for receive_buf which caused errors with new 
Lua version.
 2012-05-27 19:20:34 +00:00
paulino
cc1ba1ff3d Adds http-huawei-hg5xx-vuln. Detects Huawei modems models HG530x, HG520x, HG510x and possibly others that are vulnerable to a remote credential and information disclosure vulnerability. It also extracts the PPPoE credentials 
and other interesting configuration values.
 2012-05-27 19:18:23 +00:00
batrick
0b41f81489 remove stray getfenv 2012-05-27 08:59:35 +00:00
batrick
000f6dc4d9 Lua 5.2 upgrade [1] for NSE. 
[1] http://seclists.org/nmap-dev/2012/q2/34
 2012-05-27 08:53:32 +00:00
aca
a839e69449 Rewrote mysql-brute to use brute library 2012-05-25 17:57:04 +00:00
david
92ba13be19 TODO to support more Next Header types in IPv6 protocol scan. 2012-05-24 21:01:26 +00:00
david
ae2f887af1 Ignore IPMP interfaces in SIOCGLIFCONF intf_loop. 
This is a (hopefully temporary) workaround for these virtual interfaces
on Solaris. They don't work for Nmap because they don't allow packet
sniffing, but you can use one of the physical interfaces they're
composed of.
 2012-05-24 02:56:08 +00:00
david
35d54e2db6 Allow nmap-update DEFAULT_CHANNEL to update to "6.00". 2012-05-24 02:28:21 +00:00
fyodor
9159da0db9 add a todo item for updating the Nmap.org page header 2012-05-23 19:47:26 +00:00
patrik
5368a4adea Fixed bug that would make the script fail with the error message: 
"invalid capture index" [Patrik Karlsson]
 2012-05-23 17:53:30 +00:00
kroosec
9300777ced Removed http-traceroute from default category. 2012-05-22 22:43:16 +00:00
jah
f116a4133a Added entry for r28658. 2012-05-22 21:08:45 +00:00
jah
99a37f8aa1 The greppable output was missing a new line character at the end of per host info lines when --host-timeout was used and the host timed-out (after something was received from that host). This issue was reported by Matthew Morgan. 2012-05-22 20:46:57 +00:00
david
ee8bdabb2b Our Zenmap packages don't run on PowerPC Macs anymore (since 5.61TEST4). 
This documentation discrepancy was noticed by Clemens Schaber.
 2012-05-22 20:13:15 +00:00
david
a161ba5fff Update zenmap.pot. 2012-05-22 20:13:14 +00:00
patrik
49edb164d2 renamed distcc-CVE-2004-2687.nse to distcc-cve2004-2687.nse 2012-05-22 19:53:19 +00:00
david
7cd074f02e Add Japanese Zenmap translation by Yuji Tounai a.k.a. Yousuke Yamamoto. 2012-05-22 19:52:38 +00:00
patrik
a1c7c9d31c Added thread support to the ssl-enum-ciphers script which dramatically improves 
performance. [Patrik Karlsson]
 2012-05-22 19:44:27 +00:00
patrik
61501038d2 o [NSE] Added the script icap-info, which tries to identify common ICAP 
service names and list service and tag information. [Patrik Karlsson]
 2012-05-22 18:34:25 +00:00
patrik
cbf901c195 added coded to stop spidering if the base coroutine is dead. 2012-05-22 18:22:18 +00:00
jah
b47d946195 Fixed KeyError: 'osmatches', reported separately by Thomas Neumayer and Jan Reister. 2012-05-22 18:14:48 +00:00
patrik
84c3de36fc Applied patch from Daniel Miller to fix two bugs in the httpspider library: 
* First bug, the LinkExtractor portion of httpspider doesn't check for a negative
    maxdepth (indicating no limit), and rejects all links.
  * Second bug, the withinhost and withindomain matching functions would throw an error
    when presented with a URL without a host portion. 

In addition the validate_link function was moved out to a separate function in the
LinkExtractor Class. [Daniel Miller]
 2012-05-22 17:26:12 +00:00
fyodor
22c7faa94b move the svn version number up to 6.01 and rebuild 2012-05-22 09:51:42 +00:00
fyodor
51e01bc14a Reword the script description slightly 2012-05-22 09:49:36 +00:00
fyodor
7d65a2d801 latest todo updates 2012-05-21 22:49:46 +00:00
henri
15f7ad8f3c Fixed typo. 2012-05-21 15:44:25 +00:00
kroosec
b95ed1812e Fixed @usage for http-traceroute. 2012-05-21 14:37:45 +00:00
kroosec
fd98061754 Fixed a small typo (--script-arg ) in 5 scripts. 2012-05-20 16:05:55 +00:00
kroosec
855bdbd289 Added http-traceroute script which exploits Max-Forwards HTTP header to detect reverse proxies. 2012-05-20 15:42:33 +00:00
patrik
d9b67a884b Added missing author and licensing information. 2012-05-20 14:45:16 +00:00
david
df516bc398 Fix typo when self.root is not None. 2012-05-19 19:31:10 +00:00
patrik
322ed971a2 o Added the script distcc-CVE-2004-2687 that checks and exploits a remote 
command execution vulnerability in distcc. [Patrik Karlsson]
 2012-05-19 17:39:53 +00:00
patrik
af950450b7 o Added two new scripts mysql-query and mysql-dump-hashes, which add support 
for performing custom MySQL queries and dump MySQL password hashes. [Patrik
  Karlsson]
 2012-05-19 17:33:41 +00:00
aca
c6341d2245 Fixed a typo in the description. 2012-05-19 16:36:59 +00:00
patrik
425ced35ab o Improved the mysql library to handle multiple columns with the same name, 
added a formatResultset function to format a query response to a table
  suitable for script output. [Patrik Karlsson]
 2012-05-19 12:23:41 +00:00
fyodor
660cb42825 fix a tiny typo 2012-05-19 08:37:25 +00:00
david
b33dd2d1da Don't use getuid and getgid on Windows. 2012-05-19 01:15:36 +00:00
david
402960a2a7 Friendlier error message when Zenmap modules can't be imported. 2012-05-18 16:41:37 +00:00
david
0283d41798 Replace INSTALL_LIB on installation. 
This restores code removed in r28342, which rewrites sys.path to include
the directory in which the Zenmap modules are installed. This is needed
to run the program without changes to PYTHONPATH when the installation
directory is not among the Python interpreter's default search paths.
(/usr/local/lib/python2.7/site-packages/ or a user's home directory are
common cases.) A difference is that now we make sure that the directory
we are adding is not writable by any other users, to avoid installation
mistakes like Debian bug #663217.
 2012-05-18 16:34:40 +00:00
david
263f57e87b Placeholder for sys.path augmentation. 2012-05-18 16:34:39 +00:00
david
a177d86601 add is_secure_dir function. 2012-05-18 16:34:38 +00:00
batrick
3498086354 Corrected buggy formatting from lua-format. David had used the Lua formatter in 
r28582.
 2012-05-18 03:59:14 +00:00