PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-20 13:19:01 +00:00
Code Issues Projects Releases Wiki Activity
9,190 Commits 2 Branches 0 Tags
d4cf544df6c80098d9b8dda92ee312e24d02c1db
Commit Graph

1199 Commits

Author SHA1 Message Date
batrick
4201aa8eac Fix stdnse undeclared variable warning. 
Also fixes a typo:

-function debug3 (...) return stdnse.debug(4, ...) end
+function debug4 (...) return _ENV.debug(4, ...) end
 2014-08-02 03:37:29 +00:00
dmiller
b7485a6e7f Add some missing NSEdoc params to re.lua 2014-07-31 19:18:04 +00:00
dmiller
7eb678a893 Move NSEdoc for unittest.run to unittest.nse 
This prevents unittest.run from being included in the Script Arguments
section of every script that includes a unittest-compatible library.
 2014-07-31 18:06:14 +00:00
dmiller
e8cfd3abe2 Add NSEdoc to re.lua 
NSE libs must have @class and @name elements, or must have an NSEdoc
block preceding a call to stdnse.seeall, otherwise NSEdoc generation
breaks.
 2014-07-31 14:39:35 +00:00
dmiller
0e24910267 New http-enum fingerprint for Metasploit's reverse_hop_http stager 2014-07-30 13:33:21 +00:00
jay
341e447868 Add the nmap.version_intensity() function for use in NSE version scripts. Modify shortport.version_port_or_service() to also take a rarity parameter. 2014-07-30 07:05:58 +00:00
devin
d68396d823 Merged Lpeg branch 2014-06-26 20:12:54 +00:00
claudiu
2772733958 STARTTLS support for LDAP 2014-06-20 10:11:38 +00:00
dmiller
ec9074f718 Correct "it's" to "its" where necessary 
it's = it is
its = belonging to it
 2014-06-19 04:58:46 +00:00
dmiller
af57ddfd90 Minor whitespace cleanup 2014-06-18 17:16:24 +00:00
claudiu
0f17475b15 Implemented STARTTLS support for IMAP and POP3 2014-06-17 07:46:55 +00:00
dmiller
b73a7254e0 NSEdoc for some sslcert.lua functions 2014-06-12 12:28:06 +00:00
paulino
34691d779d * Applies patch to Cacti fingerprint. 
* Adds Xplico (http://www.xplico.org/) fingerprint.
 2014-06-11 19:44:24 +00:00
patrik
0b0109d4af commit 7dae4affc23f9fd70e916bc461e45eafe4bcf99a 
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Thu May 29 21:33:18 2014 -0400

    fix to detect non ASA devices and unsupported versions
 2014-05-30 01:46:59 +00:00
devin
5e6c9d5f78 NSE enhanced output patch 2014-05-29 03:22:59 +00:00
devin
53ca0c01dd Added checks to prevent scripts from indexing a nill value when 
scanning localhost.
 2014-05-28 02:29:31 +00:00
patrik
c950dcb154 Squashed commit of the following: 
commit a78b6142449b71ccd1cd7061b5363f6882b2e00b
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:19:22 2014 -0400

    fix indentation

commit 5e61eba30f98343fb172687bd377acae6cb9e242
Merge: d446fa7 9696dd5
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:15:50 2014 -0400

    Merge branch 'master' into anyconnect

commit d446fa76181d97287604b48719dd3f714987b775
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:15:09 2014 -0400

    Update CHANGELOG

commit 1590b8a8598bfd06c767c31312dc56c8e306c556
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:13:27 2014 -0400

    update script.db

commit 93eb927e21d3e3702da36668628b70c42f14f0db
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:09:51 2014 -0400

    update anyconnect library to better capture version
    add missing libraries http-cisco-anyconnect.nse
    add new scripts to detect vulnerabilities cve2014-2126 through 2129

commit 92fecad07d340e60abbe502a4541d6e4f71af224
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sat May 24 09:09:14 2014 -0400

    initial commit
 2014-05-26 01:28:38 +00:00
dmiller
125d84fd67 Allow stdnse.format_timestamp to take a Lua date table 
This will allow formatting of timestamps beyond 2036, which currently
are limited by the wrapping of the 32-bit Unix timestamp.
 2014-05-21 15:04:12 +00:00
sophron
efb73576e1 [NSE] A negative value should disable the maxpage limit according to NSEDoc. 2014-05-13 10:14:39 +00:00
patrik
b440d9c064 fix redirect bug in head request where redirects would not be honored 2014-04-26 13:34:48 +00:00
fyodor
91645f1aee Change a couple files to unix line endings 2014-04-23 09:37:37 +00:00
dmiller
6bd9462dd6 Fix some CRLF line endings to LF 2014-04-17 19:50:24 +00:00
dmiller
9ca584d0b8 Make tls.record_read more strict about protocol correctness 2014-04-17 02:15:03 +00:00
tomsellers
cacf764754 Change to citrixxml.lua to improve performance of citrixlua library when handling large XML responses containing application lists. Large responses were causing the script to consume 100% CPU for extended periods of time. 
Reference:
http://seclists.org/nmap-dev/2014/q2/74
 2014-04-16 11:56:21 +00:00
dmiller
100ff6f238 Let sslcert do STARTTLS based on service, not just port number 2014-04-11 16:42:29 +00:00
dmiller
54caea26b4 Unify comm.lua's is_ssl and shortport.ssl 
Heuristic detection of SSL ports was previously done in 2 different
places, leading to a divergence: shortport.ssl would return true for
more services than comm.tryssl would try, since comm.is_ssl was checking
a shorter list of port numbers and was ignoring
port.version.service_tunnel and port.version.name. Now any changes to
shortport.ssl will affect both libraries.
 2014-04-11 15:22:42 +00:00
dmiller
582afb7746 Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV from RFC 5746 2014-04-10 15:14:12 +00:00
dmiller
9e601256c6 Add parsing support for TLS heartbeat ContentType 2014-04-08 20:12:22 +00:00
dmiller
c87a4f1b3f Fix an off-by-one bug in TLS record parsing 2014-04-08 20:12:21 +00:00
henri
df4f3e77b8 Added TLS heartbeat Content Type, which everyone is needing today 2014-04-08 13:21:31 +00:00
dmiller
162a30b3cf Fix TLS SNI extension, by nnposter 2014-04-08 02:46:20 +00:00
dmiller
413bbf6e96 Revert r32789 in favor of lib-level fixes 
nmap.new_try() shouldn't be used in libraries. It results in Lua errors
being thrown that the script can't recover from without resorting to
pcall(). It has been replaced in proxy.lua with proper error handling
which did not require any changes to the scripts (http-open-proxy and
socks-open-proxy) that used it.
 2014-04-07 18:10:10 +00:00
dmiller
f081cf31bb Allow numeric TLS extensions for unassigned ExtensionTypes 2014-04-03 18:29:07 +00:00
dmiller
6c2ab1e289 Add missing TLS extension types registered with IANA 2014-03-21 20:49:35 +00:00
dmiller
58aa610671 Use a generic transcode function to implement utf16to8 etc. 2014-03-13 21:43:09 +00:00
dmiller
17c3e9755e NSEdoc cleanup. 
1. The first paragraph of a function's NSEdoc is used as a short
summary. Some of these were very long, so I split off a shorter summary.

2. Use asterisks (*) to denote bulletted lists, not 'o'

3. Wrap lines at 80 columns

4. a couple other spelling and formatting fixes
 2014-03-10 19:01:19 +00:00
dmiller
e0a0b616b4 remove trailing whitepace from *.luadoc 2014-03-10 19:01:14 +00:00
dmiller
3dcf997d60 Fix NSEdoc errors 
1. All @table blocks must have an explicit @name
2. All @field blocks must have both a name and description

Also added some more information to the creds.States table description
 2014-03-08 14:02:06 +00:00
dmiller
2d06ecf73c Fix NSEdoc generation problem 
@field tag names in NSEdoc must be valid identifiers, so they cannot
contain "-". As a general rule, anything that needs to be quoted like
this: mytable["field-name"] is invalid. In this case, the ajp library
had a field called "status-line", which caused NSEdoc generation to fail
when it was finally documented. This change renames it to "status_line",
which should fix the issue.
 2014-03-07 23:14:55 +00:00
dmiller
f4765340a3 Fix local variable shadowing a method. Credit Martin Holst Swende 2014-03-06 23:10:01 +00:00
dmiller
3b3131d635 Add class names to unittest.lua NSEdoc 2014-03-06 23:09:59 +00:00
dmiller
88146749f6 Add unittest.testing() to make test building conditional 2014-03-06 17:15:05 +00:00
dmiller
f8242124b8 Fix NSEdoc formatting in unittest.lua 2014-03-06 17:15:01 +00:00
dmiller
3187efdf81 Add extended-ASCII support to LM hashing 
Probably only works for US-English, since it uses Code Page 437. Adding
support for other locales would require detecting or setting the locale
for the remote system, since SMB has no way to negotiate code page. In
other words, Windows systems with different locales will have different
LM hashes for the same password.

Also added some tests. Hashes confirmed by googling for them and finding
the correct plaintext.
 2014-03-06 17:14:59 +00:00
dmiller
9697b6673c Add CP437 (native Windows OEM) to unicode.lua 2014-03-06 17:14:57 +00:00
dmiller
153e5f2124 unicode.lua: Add some UTF-8 decoding error checking 2014-03-06 17:14:56 +00:00
dmiller
a962973c06 Fix unicode module declaration (copy-paste error) 2014-03-06 17:14:54 +00:00
dmiller
9aa2d9a130 Clean up xmpp.lua NSEdoc 
https://secwiki.org/w/Nmap/Code_Standards#NSEdoc_best-practices
 2014-03-04 17:05:04 +00:00
dmiller
4e79e60547 Clean up smbauth.lua NSEdoc 
https://secwiki.org/w/Nmap/Code_Standards#NSEdoc_best-practices
 2014-03-04 17:05:02 +00:00
dmiller
f5be40278f Update sip.lua NSEdoc 
https://secwiki.org/w/Nmap/Code_Standards#NSEdoc_best-practices
 2014-03-04 17:05:00 +00:00