PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 20:29:03 +00:00
Code Issues Projects Releases Wiki Activity
13,214 Commits 2 Branches 0 Tags
cf2403e9d77d4964b91573e158bae51a3d7aaf5e
Commit Graph

2995 Commits

Author SHA1 Message Date
nnposter
e73041f34b Optimize BPF to capture only DHCP responses 2022-04-24 01:22:54 +00:00
nnposter
81088425f3 Remove unused variables 2022-04-24 01:17:46 +00:00
dmiller
2543f2dd3c Refactor to avoid using packet.lua local functions. See #2464 2022-04-14 23:06:02 +00:00
nnposter
639efbd214 Refactor IP ID capture loop. Fixes #2464 
Rectify use of inaccessible library function packet.u16, incidentally
introduced in r38135 (041838d986)
 2022-04-10 20:13:06 +00:00
nnposter
be89acce39 Do not include whitespace in the size string 2022-02-04 02:27:15 +00:00
nnposter
9de580fe6f Allow more whitespace between HTML tags. Closes #2434 2022-02-04 02:17:39 +00:00
dmiller
0af0b822a1 Send DHCP requests on all interfaces, not only the lowest-metric one 2022-01-13 22:30:21 +00:00
dmiller
c3d54f1fac Change how ms-sql NSE scripts run 
MS SQL NSE scripts run on database instances, which can be TCP or named
pipes. With this change, all TCP instances on scanned ports will have
script output attached under the port as a portrule script. Named pipe
instances and TCP instances on unscanned ports will be displayed in the
hostrule script output at the end of the host's output. Utility function
mssql.Helper.InitScript makes it easy to write scripts that just work on
a per-instance basis, without bothering where to put the output.
Discovery will be done once per host, regardless of how many scripts are
run, and can be guaranteed to be done before the script's action takes
place.
 2022-01-03 21:08:52 +00:00
dmiller
33405fcfb5 Remove an unused include [ci skip] 2022-01-03 21:08:51 +00:00
dmiller
02c0354744 Avoid TOCTOU by checking discovery state in mssql.Discover 
A script might check WasDiscoveryPerformed and get a negative response,
then call Discover, during which time another script already called
Discover. Instead, check the condition *after* acquiring the mutex.
 2021-12-15 23:44:41 +00:00
dmiller
9b71516919 Better socket error handling in rdp-vuln-ms12-020 
Try to receive enough bytes for the next unpack. If any socket operation
fails, or if it doesn't receive enough for the unpack, a Lua error is
thrown. The pcall in the action function will catch that and interpret
it as not-vuln.

Fixes #2355
 2021-12-13 20:14:07 +00:00
dmiller
dd82097c80 Merge changes from 7.92 release branch 2021-08-08 21:20:19 +00:00
dmiller
51180ec958 Make a variable local 2021-07-02 20:01:31 +00:00
dmiller
7c61f7c9c3 TLS 1.3 support for NSE. Fixes #1691 2021-07-02 20:01:30 +00:00
nnposter
4b46fa7097 Label the function as intentionally empty 
See https://seclists.org/nmap-dev/2021/q1/31
 2021-04-07 18:42:28 +00:00
nnposter
068e77a37f Restore Supported Point Formats Extension. Fixes #1187 
Some servers are not compliant with RFC 4492, section 4,
and abort the handshake when the extension is missing.
 2021-03-21 02:37:18 +00:00
nnposter
58617a79f7 SMB2 dialect refactoring. Fixes #2203, closes #2208 2021-01-18 21:21:43 +00:00
fyodor
3bb502fcb0 Update author name/email 2021-01-14 18:26:56 +00:00
dmiller
9a3a8d1593 Check for output before returning. See #2212 2020-12-30 23:31:36 +00:00
nnposter
77f764fe72 Add script nbns-interfaces. Closes #2201 2020-12-30 03:51:21 +00:00
nnposter
f6fbb29481 Improve output formatting 
- EHLO output no longer has a trailing separator
- Strings "214" and "250" are now removed only from the line beginning
 2020-12-27 00:38:53 +00:00
nnposter
d0cf36c0a7 Fix false positives due to missing start/boot time 
SMB field ServerStartTime ['start_time'] of zero should be interpreted
as "no time provided", not as the start of the epoch.
The field is zeroed out in SMB dialect 3.1.1.
 2020-12-16 19:19:15 +00:00
nnposter
1b39988bf9 Correct the return value of smb2.negotiate_v2 
As documented, the function should return the negotiated SMB2 dialect,
not just reflect back the dialect override table.
 2020-12-16 17:54:15 +00:00
nnposter
15e529c64f Clarify default script behavior 2020-12-04 01:16:08 +00:00
dmiller
f4fb91912d New script port-states expands hidden port state summaries 2020-11-16 21:41:46 +00:00
nnposter
7400723efa Improvements to script hostmap-crtsh 
* Avoids accepting identities not representing hostnames as new targets
* Identity representing a wildcard certificate is reduced to its static portion
* Replaces custom crt.sh response parsing with JSON parser
* Adds more error-checking code
* Splits SANs into individual names (closes #2174)
 2020-11-15 01:37:45 +00:00
nnposter
f4e19b17ea Change PJL command termination from LF to CR/LF 
The PJL specification (HP publication 5021-0380) makes the CR optional
but apparently it is required by some implementations. Fixes #2182
 2020-11-14 23:29:05 +00:00
dmiller
a877e2cb9b Use string unpack instead of string.byte 2020-11-06 21:48:33 +00:00
dmiller
532d5a555e Add openflow-info.nse. Closes #711 2020-10-19 17:13:23 +00:00
dmiller
72ff06d02b Avoid testing invalid usernames 2020-10-19 17:13:22 +00:00
nnposter
e333addec4 Ability to set SNMP protocol version. Closes #1473 2020-10-09 02:43:26 +00:00
nnposter
1a87f11f42 Default rule base for script mysql-audit. See #2125 2020-10-04 02:52:31 +00:00
nnposter
fa6bd3f901 Update the SSH protocol flow. Closes #1460 
Allows the server to start the key exchange before the protocol version
exchange (banner exchange) is completed
 2020-09-13 00:12:48 +00:00
nnposter
dd6650b887 Replace hyphens in the client SSH banner 
Hyphen is not allowed in the software version string (RFC 4253, section 4.2)
 2020-09-13 00:01:40 +00:00
dmiller
3b633fd97c Try to make sure enough data is present before parsing. See #2117 2020-09-10 22:02:12 +00:00
dmiller
e278afa57d Handle too-short response in s7-info. See #2117 2020-09-09 17:16:13 +00:00
nnposter
05ad57df21 Speed improvement for script afp-ls. Closes #2098 2020-08-31 00:25:09 +00:00
nnposter
fd16f90242 Fix line wrapping 2020-08-30 22:59:57 +00:00
nnposter
c3431b9025 Stop using Shellshock in header name. Fixes #1983 2020-08-30 22:50:11 +00:00
dmiller
f4b0872288 fix license url: http -> https 2020-08-21 19:32:08 +00:00
dmiller
47cbe50afb Add cross references between the 2 whois scripts 2020-08-08 15:19:14 +00:00
nnposter
f278aca7ab Eliminate reflection false positives in http-shellshock. Closes #2089 2020-07-29 23:19:25 +00:00
nnposter
631d2556c0 SNMP scripts are enabled on non-standard ports. See #1473 2020-07-27 03:32:27 +00:00
nnposter
c4f9e48dd3 Output of matched fingerprints in http-default-accounts. Fixes #2077 2020-07-21 23:49:28 +00:00
nnposter
be25ad6005 Credential object is creds.Account, not brute.Account. See #2086 2020-07-20 20:58:30 +00:00
dmiller
030a58a26e Replace 'master' with 'controller thread' in NSE script docs/comments 2020-06-18 17:14:48 +00:00
nnposter
ae0babda4d Propagate unpwdb errors to script output. Fixes #2011 2020-06-15 03:01:35 +00:00
nnposter
e761d3e355 IPP printer status is already converted to an integer 2020-06-13 22:54:24 +00:00
nnposter
b64f17b1ad Already implemented in r29399 
See Github commit 1441aea655
 2020-05-19 23:26:10 +00:00
nnposter
eefc08e795 Add music/photo/video detection. Closes #2048 2020-05-19 22:51:29 +00:00