PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-20 21:29:06 +00:00
Code Issues Projects Releases Wiki Activity
9,190 Commits 2 Branches 0 Tags
d4cf544df6c80098d9b8dda92ee312e24d02c1db
Commit Graph

9190 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jay
d4cf544df6 Fix a missing bracket at the end of the IMPORTANT NMAP LICENSE TERMS part in each file 2014-08-02 19:29:50 +00:00
batrick
a19c9eb461 stdnse.print_verbose -> stdnse.verbose1 
$ sed -i 's/stdnse.print_verbose( *\([0-9]*\) *, *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.verbose\1("\2"/' *.nse
$ sed -i 's/stdnse.print_verbose( *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.verbose1("\1"/' *.nse

and some manual corrections.
 2014-08-02 18:32:26 +00:00
dmiller
9bf8974b38 Let nsock use /bin/sh instead of Bash for testing 2014-08-02 04:38:04 +00:00
dmiller
e7cd3a7f1e Fix ncat tests 
google.com can resolve to a different set of addresses each time you
resolve it, which makes the addrset tests fail. Use scanme.nmap.org
instead, since (at least for now) that has only one address assigned.
 2014-08-02 04:38:02 +00:00
batrick
59562d1c50 stdnse.print_debug -> stdnse.debug 2014-08-02 03:46:13 +00:00
batrick
4201aa8eac Fix stdnse undeclared variable warning. 
Also fixes a typo:

-function debug3 (...) return stdnse.debug(4, ...) end
+function debug4 (...) return _ENV.debug(4, ...) end
 2014-08-02 03:37:29 +00:00
batrick
91a106e7d5 more stdnse.print_debug -> stdnse.debug 
Manual corrections.
 2014-08-02 03:15:44 +00:00
batrick
6e3bde5de5 debug6 -> debug5 2014-08-02 02:56:31 +00:00
batrick
aeb5908481 more stdnse.print_debug -> stdnse.debug 
Manual corrections.
 2014-08-02 02:54:47 +00:00
batrick
810f7d4803 more stdnse.print_debug -> stdnse.debug 
This is a catchall pattern with a few exclusions.

$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *\(.*\))/stdnse.debug\1(\2)/' *.nse
$ sed -i 's/stdnse.print_debug(\(.*\))/stdnse.debug1(\1)/' *.nse

Excluded:
$ svn revert db2-das-info.nse
$ svn revert flume-master-info.nse
$ svn revert http-headers.nse
$ svn revert http-methods.nse
$ svn revert http-unsafe-output-escaping.nse
$ svn revert http-userdir-enum.nse
$ svn revert http-vuln-cve2011-3192.nse
$ svn revert http-vuln-wnr1000-creds.nse
$ svn revert http-wordpress-plugins.nse
$ svn revert telnet-brute.nse
 2014-08-02 02:46:16 +00:00
batrick
5e9a8d0777 more stdnse.print_debug -> stdnse.debug 
This one also fixes format string bugs:

stdnse.print_debug(foo) --> stdnse.debug1("%s", foo)

$ sed -i 's/stdnse.print_debug( *\([a-zA-Z0-9][a-zA-Z0-9_]*\) *)/stdnse.debug1("%s", \1)/' *.nse
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *\([a-zA-Z0-9][a-zA-Z0-9_]*\) *)/stdnse.debug\1("%s", \2)/' *.nse
 2014-08-02 02:18:48 +00:00
batrick
5d4c5a659c more stdnse.print_debug -> stdnse.debug 
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *SCRIPT_NAME *.. *" *:* *\([^"]*\)"/stdnse.debug\1("\2"/' *.nse
$ sed -i 's/stdnse.print_debug( *SCRIPT_NAME *.. *" *:* *\([^"]*\)"/stdnse.debug1("\1"/' *.nse
 2014-08-02 02:13:12 +00:00
batrick
d47acf9f5e more stdnse.print_debug -> stdnse.debug 
$ sed -i 's/stdnse.print_debug( *\([0-9]*\) *, *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.debug\1("\2"/' *.nse
$ sed -i 's/stdnse.print_debug( *" *%s *:* *\([^"]*\)" *, *SCRIPT_NAME/stdnse.debug1("\1"/' *.nse
 2014-08-02 02:08:12 +00:00
fyodor
a763dc81a8 Updated MAC Address prefixes from IEEE data 2014-08-02 01:19:55 +00:00
batrick
536075d3af stdnse.print_debug -> stdnse.debug 
$ sed -i 's/stdnse.print_debug("[-a-z0-9]*:\s*\([^"]*\)"/stdnse.debug1("\1"/' *.nse
$ sed -i 's/stdnse.print_debug(\([0-9]*\),\s*"[-a-z0-9]*:\s*\([^"]*\)"/stdnse.debug\1("\2"/' *.nse

Except:
  o eap-info.nse
  o oracle-brute.nse

Modified:
  o couchdb-databases.nse
  o couchdb-stats.nse
  o http-open-redirect.nse
 2014-08-01 23:04:55 +00:00
dmiller
d23c46f3ac Remove unnecessary SCRIPT_NAME from stdnse.debug calls 2014-08-01 22:00:04 +00:00
dmiller
718c83f367 Check for actually-random TLS random instead of date in ssl-date 
Patch from nnposter here: http://seclists.org/nmap-dev/2014/q3/194
 2014-08-01 21:57:04 +00:00
batrick
2a8c81c4f6 stdnse.print_debug -> stdnse.debug1 
$ sed -i 's/stdnse.print_debug("%s \([^"]*\)", SCRIPT_NAME/stdnse.debug1("\1"/' *.nse
 2014-08-01 21:35:56 +00:00
batrick
c94d5970ff stdnse.print_debug -> stdnse.debug1 
sed -i 's/stdnse.print_debug("%s: \([^"]*\)", SCRIPT_NAME/stdnse.debug1("\1"/' *.nse
 2014-08-01 21:31:04 +00:00
batrick
5161b8642a stdnse.print_debug -> stdnse.debug1 
$ sed -i 's/stdnse.print_debug(1, "%s: \([^"]*\)", SCRIPT_NAME/stdnse.debug1("\1"/' *.nse
 2014-08-01 21:29:42 +00:00
dmiller
b7485a6e7f Add some missing NSEdoc params to re.lua 2014-07-31 19:18:04 +00:00
dmiller
7eb678a893 Move NSEdoc for unittest.run to unittest.nse 
This prevents unittest.run from being included in the Script Arguments
section of every script that includes a unittest-compatible library.
 2014-07-31 18:06:14 +00:00
dmiller
775ca4463f Add @usage to fcrdns.nse 2014-07-31 14:42:37 +00:00
dmiller
e8cfd3abe2 Add NSEdoc to re.lua 
NSE libs must have @class and @name elements, or must have an NSEdoc
block preceding a call to stdnse.seeall, otherwise NSEdoc generation
breaks.
 2014-07-31 14:39:35 +00:00
d33tah
fd3b2c79d3 Don't write to XML output directly in nmap.cc. Spotted and fixed by 
Michal Hrusecki (http://seclists.org/nmap-dev/2014/q3/180).
 2014-07-31 14:28:20 +00:00
dmiller
21ab5d78bd New NSE script: fcrdns 
Performs Forward-confirmed reverse DNS lookup of the target, a.k.a.
Full-circle reverse DNS, double-reverse DNS, or iprev.
 2014-07-31 05:34:19 +00:00
dmiller
fa65ff04d0 Restore verbosity boost for by-name scripts, broken in r33104 2014-07-31 05:34:17 +00:00
devin
e441e2a81d Applied Fabian Affolter's patch to make generator entry more generic 2014-07-30 22:16:32 +00:00
dmiller
0e24910267 New http-enum fingerprint for Metasploit's reverse_hop_http stager 2014-07-30 13:33:21 +00:00
jay
42510e649d Update scripts/script.db 2014-07-30 07:16:52 +00:00
jay
d93a78f502 Make version scripts (with non shortport portrules) obey nmap.version_intensity() >= 7 2014-07-30 07:12:50 +00:00
jay
61d13e12d2 Make version intensity scripts use shortport.version_port_or_service() instead of shortport.port_or_service() 2014-07-30 07:10:35 +00:00
jay
341e447868 Add the nmap.version_intensity() function for use in NSE version scripts. Modify shortport.version_port_or_service() to also take a rarity parameter. 2014-07-30 07:05:58 +00:00
jay
20235c2389 Improve OS detection by moving to a different port if 'tcpwrapped' is detected 2014-07-30 06:55:48 +00:00
jay
c613586570 Reduce Zenmap's Topology noise by collapsing equivalent 'anonymous' nodes 2014-07-30 06:37:24 +00:00
paulino
d98fd9c909 Adds mikrotik-routeros-brute to the CHANGELOG. 2014-07-30 03:51:56 +00:00
paulino
95f897fffb Updates category to 'intrusive'. 2014-07-30 03:49:26 +00:00
paulino
1cc4d246b9 Adds mikrotik-routeros-brute.nse. This script performs brute force password auditing against the Mikrotik RouterOS API. 2014-07-30 03:48:03 +00:00
dmiller
f17edebfc2 Fix IPv4 source address for host discovery 
Reported here: http://seclists.org/nmap-dev/2014/q3/137

Hostgroups should have a common outgoing interface and source address,
determined by target_needs_new_hostgroup. Source address for raw IP
probes (sendIPScanProbe) is taken from the list of decoys (o.decoys),
which always at least contains a "self" element at index o.decoyturn.
This element was not being set while filling a hostgroup for massping,
so it was using whatever the value from the last hostgroup had. This
only matters when mixing targets that require different source
addresses, as demonstrated by scanning localhost and some other address.
 2014-07-28 22:23:07 +00:00
dmiller
b822aa9785 Fix Ncat's SOCKS5 password auth 
See http://seclists.org/nmap-dev/2014/q3/4
 2014-07-25 15:07:44 +00:00
dmiller
e45016ea61 Remove use of branch-reset pattern from nmap-service-probes 
branch-reset patterns (?|...) were introduced in Perl 5.10.0, but some
folks complained when their older PCRE libs crashed on this line.
This changes the use into a single outer capture, then uses the $P()
helper function to strip out the unprintable length bytes.
 2014-07-24 21:28:58 +00:00
dmiller
e525388f36 Make -Pn override all other -P* types 
This was a case where order of arguments affected the outcome: if -PE
came before -Pn, then -Pn took precedence. Otherwise, -PE took
precedence (except that o.pingtype would also contain PINGTYPE_NONE...
not sure how that affected things). This cleans things up by letting
PINGTYPE_NONE be OR'd into o.opingtype, then checking for it after all
options have been processed and clearing out the other types if it is
found.
 2014-07-23 22:01:35 +00:00
d33tah
6355a1bebe Revert my unfinished refactoring commit I pushed by mistake. 2014-07-23 14:43:12 +00:00
d33tah
308d924415 Remove an unneeded duplicate variable assignment. 2014-07-23 14:37:16 +00:00
d33tah
f3f2d57503 This should probably be static. 2014-07-23 14:37:07 +00:00
dmiller
51a633ac3c NSE: Add TLS_RSA_WITH_3DES_EDE_CBC_SHA to default ciphers 
As noted (http://seclists.org/nmap-dev/2014/q3/121), some versions of
Windows require a KB before supporting AES, so add a 3DES option.
 2014-07-23 01:52:41 +00:00
dmiller
453f655f89 Add mandatory cipher suite to appropriate scripts 
The TLS standard (TLS 1.2, but also probably the others) states:

> In the absence of an application profile standard specifying
> otherwise, a TLS-compliant application MUST implement the cipher
> suite TLS_RSA_WITH_AES_128_CBC_SHA

This was causing some problems with some implementations (See
http://seclists.org/nmap-dev/2014/q3/119)
 2014-07-22 22:20:34 +00:00
jay
d70f5b364a Show TTL in default output if "--reason -v" is asked for. 2014-07-22 01:55:04 +00:00
jay
f85416b75a If verbosity is greater than 1 (i.e. -vv or higher is used), automatically do reason display (i.e. --reason). 2014-07-22 01:51:46 +00:00
dmiller
eea45a5bf0 Process 177 more OS fingerprint submissions 2014-07-21 03:59:39 +00:00