PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-31 20:09:02 +00:00
Code Issues Projects Releases Wiki Activity
9,024 Commits 2 Branches 0 Tags
d6ebcf74ea4fef81e4bcc0cc0b5ef47f2223eeec
Commit Graph

9024 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
robert
d6ebcf74ea Added NetMotion Mobility VPN UDP probe submitted by Ben Campbell. 2014-05-04 15:20:45 +00:00
robert
926f3f7375 Tweaked the disclosure date in http-vuln-cve2012-1823 for consistency with other scripts that make use of the vulnerability library. 2014-05-04 15:13:57 +00:00
robert
32930ef6e6 Renamed the Zimbra LFI script to use the assigned CVE (and updated example output/usage). 2014-05-04 15:11:23 +00:00
robert
17ef614c49 Added Paul Amar's Webmin File Disclosure NSE script (CVE-2006-3392). 2014-05-04 15:00:06 +00:00
sophron
a64a785d79 [NSE] http-passwd should also send the payloads without appending NULL bytes. There are cases, (for example in PHP => 5.3.4) that include functions do not accept paths with NULL in them, hence all of the script's payloads would fail even if the app was vulnerable. 2014-05-02 12:49:40 +00:00
d33tah
eab18b4522 Get rid of stringisprintable() function - this wasn't used anywhere in the code, yet it was linked into the executable. 2014-04-29 10:56:28 +00:00
tomsellers
4e572fadb2 Change http-default-accounts.nse from safe to intrusive as it attempts to login to the target. 2014-04-27 12:33:10 +00:00
patrik
b440d9c064 fix redirect bug in head request where redirects would not be honored 2014-04-26 13:34:48 +00:00
dmiller
b09926a241 Fix crash in Zenmap DiffViewer 
http://seclists.org/nmap-dev/2014/q2/185
 2014-04-23 12:10:49 +00:00
fyodor
91645f1aee Change a couple files to unix line endings 2014-04-23 09:37:37 +00:00
fyodor
6ebff25d46 add another little issue 2014-04-22 07:41:02 +00:00
fyodor
afca0d3e58 Just add a little issue discussed on the mailing list 2014-04-22 07:35:50 +00:00
jah
c4fc2529a8 Update the way queries to ARIN are formed: from "+ <IP>" to "n + <IP>". 
Update CHANGELOG with recent improvements to whois-ip.nse.
 2014-04-21 14:20:36 +00:00
jah
338dca4cff Add a pattern for a "no match found" type of response from LACNIC. 2014-04-21 14:03:57 +00:00
jah
c47fff6fc2 Fix a problem which happens when a referred-to response cannot be understood, causing an unhandled error. 2014-04-21 13:59:46 +00:00
jah
0623907188 Fix some indentation which went awry in r32677 and r32704 and some which has always been less than ideal. 2014-04-21 13:22:12 +00:00
fyodor
2fb139161f Update categories of dns-update from discovery and safe to vuln and intrusive 2014-04-19 07:50:38 +00:00
fyodor
c5742668b7 just correcting an entry after some more experimentation 2014-04-18 06:42:06 +00:00
fyodor
b23000e08e Update Nmap version number from 6.45 to 6.46 and regen docs 2014-04-18 04:36:33 +00:00
fyodor
ac092cc153 Update CHANGELOG for upcoming 6.46 bugfix release 2014-04-18 04:34:49 +00:00
dmiller
b5e53fc1d8 Silence libc++ warnings, via Olli Hauer 2014-04-17 21:58:39 +00:00
dmiller
6bd9462dd6 Fix some CRLF line endings to LF 2014-04-17 19:50:24 +00:00
dmiller
9ca584d0b8 Make tls.record_read more strict about protocol correctness 2014-04-17 02:15:03 +00:00
patrik
91e1d21cc1 add nil checks to address bug discovered by Mike 
http://seclists.org/nmap-dev/2014/q2/120
 2014-04-17 01:00:01 +00:00
dmiller
d2009ab250 Prevent zenmapCore.NmapParser from looking up remote/system XML entities 2014-04-16 20:37:52 +00:00
dmiller
5087947a42 Prevent Ndiff from looking up remote/system entities 2014-04-16 20:37:50 +00:00
dmiller
2f2b99c941 Fix some service matches with 0-length captures 
http://seclists.org/nmap-dev/2014/q2/105

This is only a temporary fix, since this restriction is hard to enforce.
We should really clean up the matching/substitution code to handle
0-length captures.
 2014-04-16 13:29:44 +00:00
tomsellers
cacf764754 Change to citrixxml.lua to improve performance of citrixlua library when handling large XML responses containing application lists. Large responses were causing the script to consume 100% CPU for extended periods of time. 
Reference:
http://seclists.org/nmap-dev/2014/q2/74
 2014-04-16 11:56:21 +00:00
dmiller
a343ea24cd Extend ssl-heartbleed to use every TLS cipher, prevent false negatives 2014-04-14 19:42:59 +00:00
fyodor
1d4fdaf2b3 Add another ndiff-related task 2014-04-13 07:10:09 +00:00
patrik
3dbe66e9be Change heartbeat request size from 0x0fe9 to 0x4000 2014-04-12 21:31:08 +00:00
fyodor
52dc994b05 regenerate man pages and resort nmap-os-db 2014-04-12 08:12:04 +00:00
fyodor
d7ab6f2001 I think INSTALL_LIB should be set to None by default so it is only used if the installer has set it to something specific. Otherwise I run into issues on Windows 2014-04-12 06:12:01 +00:00
fyodor
f83f67ccb9 add a note that our make uninstall should uninstall ndiff too (probably similar to how we do it for Zenmap) 2014-04-12 01:43:59 +00:00
fyodor
96eb55e419 Add some features from Zenmap's setup.pl to ndiff one. The main feature is adding the ndiff.py Python module install directory to ndiff script so it can always (we hope) be found even if the dir isn't in the user's PYTHONPATH. 2014-04-12 01:24:32 +00:00
fyodor
93e857ee81 Add code (taken from Zenmap) to make sure the install location of the Ndiff module can be found by the ndiff script 2014-04-12 00:16:30 +00:00
fyodor
1fc67280f7 Add "AutoReqProv:no" because automatic dependency calculation was adding "python(abi) = 2.4" even though our setup.py takes care of adjusting sys.path to point to wherever the modules were installed. We use this same approach for Zemap. Hopefully this doesn't cause problems. There were the dependencies before this change: 
$ rpm -qpR nmap-6.45-1.x86_64.rpm
/usr/bin/python
libc.so.6()(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
libc.so.6(GLIBC_2.3)(64bit)
libc.so.6(GLIBC_2.3.2)(64bit)
libc.so.6(GLIBC_2.3.4)(64bit)
libdl.so.2()(64bit)
libdl.so.2(GLIBC_2.2.5)(64bit)
libgcc_s.so.1()(64bit)
libgcc_s.so.1(GCC_3.0)(64bit)
libm.so.6()(64bit)
libm.so.6(GLIBC_2.2.5)(64bit)
libstdc++.so.6()(64bit)
libstdc++.so.6(CXXABI_1.3)(64bit)
libstdc++.so.6(GLIBCXX_3.4)(64bit)
libsvn_client-1.so.0()(64bit)
python >= 2.4
python(abi) = 2.4
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rtld(GNU_HASH)

And here they are after:
$ rpm -qpR nmap-6.45-1.x86_64.rpm
python >= 2.4
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(CompressedFileNames) <= 3.0.4-1
 2014-04-11 23:12:35 +00:00
fyodor
9bbf495448 Update 6.45 release date to today 2014-04-11 19:34:34 +00:00
dmiller
100ff6f238 Let sslcert do STARTTLS based on service, not just port number 2014-04-11 16:42:29 +00:00
dmiller
7170837c8b Add @usage nsedoc to UDP scripts (default is missing -sU in this case) 2014-04-11 16:42:26 +00:00
dmiller
54caea26b4 Unify comm.lua's is_ssl and shortport.ssl 
Heuristic detection of SSL ports was previously done in 2 different
places, leading to a divergence: shortport.ssl would return true for
more services than comm.tryssl would try, since comm.is_ssl was checking
a shorter list of port numbers and was ignoring
port.version.service_tunnel and port.version.name. Now any changes to
shortport.ssl will affect both libraries.
 2014-04-11 15:22:42 +00:00
david
3f3fafbbec Update MacPorts-ports.diff to remove pkgconfig dependency on libiconv. 2014-04-11 05:36:00 +00:00
david
31e4350dba Make the argument to checked_fd_isset non-const. 
I got this error compiling on OS X 10.6:
In file included from netutil.cc:132:
../nbase/nbase.h: In function 'int checked_fd_isset(int, const fd_set*)':
../nbase/nbase.h:385: error: invalid conversion from 'const fd_set*' to 'fd_set*'
../nbase/nbase.h:385: error:   initializing argument 2 of 'int __darwin_fd_isset(int, fd_set*)'
netutil.cc: In function 'int send_ipv6_ip(const sockaddr_in6*, const unsigned char*, size_t)':
netutil.cc:3846: warning: unused variable 'tclass'
make[2]: *** [netutil.o] Error 1
make[1]: *** [netutil_build] Error 2
 2014-04-11 05:08:30 +00:00
fyodor
f83dc2c6c2 Since ndiff is now module-based, add some code to the spec file to hopefully allow it to find the site-packages/ndiff* and ^Cild the RPM 2014-04-11 04:04:42 +00:00
fyodor
6bf513b42a Update Nmap version number from 6.41SVN to 6.45 and rebuild docs 2014-04-11 02:59:07 +00:00
fyodor
8be0cb3f5e Update to latest Mac prefix (vendor) list from IEEE 2014-04-11 02:56:08 +00:00
dmiller
b3b0bf2389 Handle multiple messages in a single record (ssl-heartbleed) 2014-04-10 20:53:14 +00:00
dmiller
353291aeba Remove hardcoded TLSv1.1 from heartbeat message build 2014-04-10 20:53:12 +00:00
dmiller
3fd18f7752 Use tls.lua functions to build messages in ssl-heartbleed 2014-04-10 15:14:14 +00:00
dmiller
582afb7746 Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV from RFC 5746 2014-04-10 15:14:12 +00:00