PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-21 06:59:01 +00:00
Code Issues Projects Releases Wiki Activity
5,872 Commits 2 Branches 0 Tags
d2bce72beeefea796e264aa46fd38c9db359e45c
Commit Graph

5872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
paulino
47a338c85a * Adds note about a desired feature: cache system for http pipelines 
* Adds note about the new signatures added to http-enum
 2011-07-01 20:45:28 +00:00
paulino
390eb9e4ab * Fixes bug when parsing script-args. The script was only using the value from the argument 'pipeline' but not from 'http-enum.pipeline'. 
* Makes clean_404 a public function. This function is used in the NSE script http-waf-detect to remove text that changes.
 2011-07-01 20:34:01 +00:00
paulino
d69d7aa820 No more duplicates in this database. 2011-07-01 19:27:53 +00:00
paulino
fb07b4082a Moves lotus domino fingerprints under the same one 2011-07-01 19:07:34 +00:00
paulino
ee66dfe6a5 Fixes duplicates and a couple of signatures that got copied incorrectly. These new fingerprints come from going through exploit-db.com's archives since July 1 2011 to July 1 2009. 2011-07-01 19:02:34 +00:00
paulino
e420332846 Adds 120 new entries under the categories: general, attacks, cms, security, management and database. 2011-07-01 10:18:10 +00:00
fyodor
f2d2cc6e87 Remove a change which actually got reverted a while back and is being redone 2011-07-01 06:45:39 +00:00
djalal
b4f865179b o [NSE] Added another missing check that will report that the server is not vulnerable. 2011-06-30 23:11:11 +00:00
fyodor
d498efba48 Apparently the require 'root' feature was removed 2011-06-30 22:39:23 +00:00
fyodor
e8b422e09a latest generated man pages 2011-06-30 22:38:52 +00:00
djalal
1c3d400822 o [NSE] Added ftp-vuln-cve2010-4221 script which checks if the ProFTPD 
server is vulnerable to the Telnet IAC stack overflow CVE-2010-4221
  [Djalal].
 2011-06-30 22:21:25 +00:00
djalal
fe981e5014 o [NSE] Added an ftp.connect() methode. 2011-06-30 22:14:58 +00:00
fyodor
9e1fc9cffb OK, I think I'm done with the CHANGELOG\! 2011-06-30 22:07:33 +00:00
gorjan
789977d8df Adding a dependency for backorifice-brute to backorifice-info 2011-06-30 15:47:32 +00:00
gorjan
88b994a451 Small fix 2011-06-30 15:46:50 +00:00
fyodor
1facb2572c Some minor work on CHANGELOG 2011-06-30 09:13:34 +00:00
fyodor
1c702ffad3 trivial nsedoc change 2011-06-30 09:11:57 +00:00
fyodor
8d8d16ec80 trivial nsedoc change 2011-06-30 08:59:30 +00:00
fyodor
e27ff18e56 trivial nsedoc change -- define NCP 2011-06-30 08:58:12 +00:00
fyodor
f802f7ac09 Made a bunch of additions to the CHANGELOG in prep for 5.59BETA1 release. It still needs some reorganization though 2011-06-30 08:50:24 +00:00
fyodor
a1fba2c7e0 Move up the priority of a task about fixing option ordering requirements. People shouldn't have to worry about things like making sure -6 always comes before -A. To move it up, I had to detach it from a cluster of feature creeper tasks though, so at least I added a note to it that it is a potential FC tasks. 2011-06-30 01:15:40 +00:00
fyodor
d6ec64ec2c Add an Ncat-portable-related task 2011-06-29 23:49:07 +00:00
shinnok
a1e9bf6683 Add Ncat Portable to CHANGELOG. 2011-06-29 15:03:19 +00:00
fyodor
130e417be9 fix a small nsedoc typo noted by Henri Doreau 2011-06-29 09:05:03 +00:00
fyodor
5ed369d576 Update nmap-mac-prefixes to the latest data as of 2011-06-29 2011-06-29 08:33:42 +00:00
fyodor
a5bfcedda3 Add an idea we talked about in the NSE meeting yesterday 2011-06-29 08:18:13 +00:00
fyodor
009f3fb2e4 Just added a missing period 2011-06-29 06:24:17 +00:00
david
9087668916 Add new OS fingerprint for scanme. 
Shows apparent new Linux TCP windows.
 2011-06-29 04:47:02 +00:00
fyodor
9a2b80c34d Remove ip-geolocation-quova -- it include an API key which apparently required agreeing to the Quova terms of service to obtain (http://developer.quova.com/apps/tos). And those seem to pretty clearly ban this sort of use. So we can only use this script if we get permission from Quova (best option), or we make it so that user is required to pass a key as nsearg 2011-06-29 03:34:47 +00:00
fyodor
53b61dac59 Added a TODO entry with summaries of all 41 (wow!) new NSE scripts! 2011-06-29 01:46:00 +00:00
david
07d1df5d59 Update ca-bundle.crt CHANGELOG entry. 2011-06-29 01:36:58 +00:00
fyodor
a683b6ae69 just added a word to the description 2011-06-29 01:36:34 +00:00
fyodor
511adcb497 Move the brief summary of both vulns into the summary sentence so people see them at a glance from the nsedoc script lists 2011-06-29 01:34:24 +00:00
fyodor
536e00ea42 Went through all the new (since 5.51) scripts and improved (I hope) the nsedoc descriptions a bit and made some other very minor cleanups 2011-06-29 01:29:14 +00:00
paulino
651197768b Adds http-barracuda-dir-traversal - 
Attempts to retrieve the configuration settings from the MySQL database 
dump on a Barracuda Networks Spam & Virus Firewall device using the 
directory traversal vulnerability in the "locale" parameter of 
"/cgi-mod/view_help.cgi" or "/cgi-bin/view_help.cgi".

The web administration interface runs on port 8000 by default.

Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval
Original exploit by ShadowHatesYou <Shadow@SquatThis.net>
For more information, see:
http://seclists.org/fulldisclosure/2010/Oct/119
http://www.exploit-db.com/exploits/15130/
 2011-06-28 23:43:34 +00:00
fyodor
832d1e91fa Update version number for next release (5.59BETA1) 2011-06-28 22:19:31 +00:00
david
21cbe8ffba Use a big enough buffer in traceND. Same as r24365 in 
/nmap-exp/weiling/nmap-nd.
 2011-06-28 21:58:54 +00:00
fyodor
4b67955fd8 Minor CHANGELOG modifications, mostly just moving new NSE scripts together in one place 2011-06-28 08:29:15 +00:00
david
f5fe8fb6e9 Use the proper length in get_srcaddr, not sizeof(sockaddr_in6). 
This was a bug in r24413. The size needs to vary with the address family
on some platforms including OS X. This was noticed by Chris Clements.
 2011-06-28 00:35:01 +00:00
djalal
b9237eac33 If sending the big body message fails, then just assume that this is 
a network error, we are sending more than 50MB, but check and count
the result of the final "<CRLF>.<CRLF>" message.
 2011-06-27 22:24:13 +00:00
patrik
55da9dc683 added the creds-summary.nse script [Patrik] 2011-06-27 21:21:15 +00:00
patrik
baa404b050 improved documentation and added sample code 
add getCredentials function
[Patrik]
 2011-06-27 21:00:11 +00:00
paulino
bb61584d82 Updated CHANGELOG - Added http-majordomo2-dir-traversal and new version of http-trace 2011-06-27 20:46:36 +00:00
paulino
f2bbb0f9e8 Adds to "vuln" category 2011-06-27 20:40:19 +00:00
paulino
5effe4c770 New version of http-trace. It addresses issues discussed: 
* http://seclists.org/nmap-dev/2010/q2/295
    * http://seclists.org/nmap-dev/2007/q3/327
    * http://seclists.org/nmap-dev/2007/q4/610

    Features:
* This version will always show you if TRACE is enabled (Current http-trace only shows headers that are different from the original response causing confusion in cases where TRACE is not reported as enabled because the host did not return any additional headers)
    * Supports redirects.
 2011-06-27 20:38:59 +00:00
paulino
4f60960b29 Adds http-majordomo2-dir-traversal to the repository. This script exploits a directory traversal vulnerability existing in Majordomo2 to retrieve remote files. 2011-06-27 20:22:25 +00:00
fyodor
67ea9053b3 Note a finished task 2011-06-27 20:08:07 +00:00
david
fd259a2422 Use getsockname to get source addresses. 
This was previously gotten by setting the source address to be the same
of the interface address of the matching route. However this can be
wrong; when making a normal socket connection the source address is
chosen differently. We create a SOCK_DGRAM socket, connect it, and read
the local address with getsockname.
 2011-06-27 18:05:39 +00:00
paulino
4445ed7ed1 UPDATED TODO 2011-06-27 04:39:54 +00:00
paulino
29ff392125 Added new entries under 'general' and 'cms' . Extracted from exploit-db archives so the new software added is known to be vulnerable. 2011-06-27 03:40:22 +00:00