david
d759b485ea
Honor sin6_scope_id in route_dst_generic.
...
This is set nonzero when there is a scope identifier at the end of
an IPv6 address, like fe80::a8bb:ccff:fedd:eeff%eth0 or
fe80::a8bb:ccff:fedd:eeff%1 on Windows. When this happens, we look up
the interface by index and then act as if it was the interface given by
-e. (But -e always has precedence over this.)
2011-08-30 17:01:51 +00:00
david
12f4742f0f
Add intf_get_index to libdnet-stripped.
...
This function gets an interface from an internal interface number, such
as a sockaddr_in6.sin6_scope_id.
2011-08-30 17:01:50 +00:00
david
c5afa5b57b
Temporarily revert r26242.
...
if_indextoname doesn't work the same way on Windows.
2011-08-30 14:33:20 +00:00
david
053154e5c3
Honor sin6_scope_id in route_dst_generic.
...
This is set nonzero when there is a scope identifier at the end of
an IPv6 address, like fe80::a8bb:ccff:fedd:eeff%eth0. When this
happens, we look up the interface by index and then act as if it was the
interface given by -e. (But -e always has precedence over this.)
2011-08-30 04:18:58 +00:00
david
d7302d7608
Use if_indextoname instead of our own intf_name function.
2011-08-30 04:18:57 +00:00
david
96a785e67d
Honor sin6_scope_id in route_dst_netlink.
...
This is set nonzero when there is a scope identifier at the end of an
IPv6 address, like fe80::a8bb:ccff:fedd:eeff%eth0. When this happens, we
add an rtattr with type RTA_OIF to request a particular outgoing
interface.
In my tests, this does the right thing when the address is in fact the
assigned address of the interface; the interface becomes lo instead of
the physical interface name.
2011-08-30 04:18:56 +00:00
henri
afc3d2059c
Added http-vuln-cve2011-3192.nse from Duarte Silva.
2011-08-29 21:42:57 +00:00
patrik
bce29f44cd
Fixed typo in supported versions matrix in the TNS library [Patrik]
2011-08-27 08:12:59 +00:00
patrik
a52d443841
o [NSE] Fixed authentication problems in the TNS library that would prevent
...
authentication from working against Oracle 11.2.0.2.0 XE [Chris Woodbury]
2011-08-27 08:05:10 +00:00
fyodor
dfe031dbcb
Add Djalal
2011-08-27 07:08:58 +00:00
fyodor
2d80fb396b
sort fingerprints in nmap-os-db (my build scripts do this automatically)
2011-08-25 06:47:33 +00:00
fyodor
5b516e982d
Update svn version number to 5.59BETA3. There isn't an imminent release or anything, but I think bumping it will reduce confusion. Plus, I accidentally checked in a modified version number to some of the externals (when meaning to just modify a branch), so this will make the version consistent
2011-08-25 06:47:10 +00:00
david
3b500dc8df
Remove these condition on probe matching:
...
A RST/ACK can only be matched to a SYN or FIN. A bare RST cannot
be matched to a SYN or FIN.
Matthew Stickney and Joe McEachern found cases where this caused replies
to be missed (specifically, RST/ACK in reponse to a NULL probe) and also
found standards justification for hosts returning RST/ACK in such a
situation.
2011-08-25 05:35:03 +00:00
fyodor
71a3724543
We don't currently have a brute category. I'm not at all against having one though. So if someone wishes to create one, just be sure you put all the *-brute scripts in it
2011-08-25 02:57:17 +00:00
david
8ec0c1157a
o Rearranged some characters classes in service matches to avoid any
...
that look like POSIX collating symbols ("[.xyz.]"). John Hutchison
discovered this error caused by one of the match lines:
InitMatch: illegal regexp: POSIX collating elements are not supported
[Daniel Miller]
2011-08-24 15:44:21 +00:00
gorjan
b12bb4fba2
Adding address-info.nse, which shows extra information about IP addresses.
2011-08-23 10:36:16 +00:00
djalal
02b7d6e563
o [NSE] Use a table to store the output results, and use table.concat()
...
to concat data instead of classic concatenation. This can have a huge
performance boost, check this thread:
http://seclists.org/nmap-dev/2011/q3/623
2011-08-23 09:26:06 +00:00
paulino
b67b4a4c1e
Adds note about scripts http-wp-enum, http-awstatstotal-exec, http-joomla-brute and http-wordpress-brute.
2011-08-23 06:35:37 +00:00
paulino
b99a8bbd99
Adds http-awstatstotals-exec, http-joomla-brute, http-wordpress-brute and http-wp-enum.
2011-08-23 06:29:12 +00:00
fyodor
c79146c9c9
add trivial task note
2011-08-22 21:47:46 +00:00
paulino
215550b8dc
Adds important task I just noticed its missing
2011-08-22 14:58:46 +00:00
gorjan
f46a8eb2de
Output fix
2011-08-22 13:48:44 +00:00
paulino
2ccaad4b8d
Tasks for next week
2011-08-22 07:48:12 +00:00
fyodor
92ceb70071
Duarte Silva asked that his email address be updated in these scripts.
2011-08-22 00:58:19 +00:00
fyodor
71773451d5
Mark an item done (fixed by Rob Nicholls\!)
2011-08-22 00:45:44 +00:00
fyodor
4b2528a3c9
make drive letter (for Windows VCExpress install path) case-insensitive. The registry key on my Win7 system uses c:\ instead of C:\ for some reason
2011-08-21 21:12:08 +00:00
patrik
5e2f67ae2e
o Fixed bugs that would prevent connections against certain versions
...
o Improved support for 64-bit database servers
o Tested the code against a larger number of databases running on both
32/64-bit Windows/Linux
o Improved library documentation
[patrik]
2011-08-21 19:18:53 +00:00
robert
328fb8091f
Fixed a "minor" problem with our WinPcap installer (instead of running our uninstaller if our InstalledBy string was present, it would run "Nmap /S _?=$INSTDIR"), which caused Nmap to briefly display its help output if it was in the same directory (or presumably in the system/user's PATH).
2011-08-20 21:57:29 +00:00
fyodor
975cc24cf9
Note a minor problem with Winpcap installer
2011-08-20 07:37:37 +00:00
fyodor
428e6b8f94
add a task about probe/response matching and also some changes from recent discussion w/David
2011-08-19 22:16:13 +00:00
david
31e0bd21cd
Add a Linux 2.6.39 fignerprint (my scan of scanme).
2011-08-19 00:44:44 +00:00
david
bc5b5f6cf0
OS fingerprint correction from my localhost.
2011-08-16 17:50:25 +00:00
david
d62da6eb45
Remove some code that only applied to gen-1 OS detection.
2011-08-16 17:50:23 +00:00
david
3731a3cb29
Fix an inaccurate comment.
...
We care about closed UDP ports for OS detection, not open.
2011-08-16 17:44:16 +00:00
colin
1ea9bc4480
Updated Changelog for r25754 and r25826
2011-08-16 02:10:56 +00:00
djalal
7d0df638ab
o [NSE] When the rule function failes include its type in the error message.
2011-08-16 01:24:46 +00:00
djalal
39be3a4621
o [NSE] Use the correct variable 'value' instead of 'rule_return' to
...
show the error message of the rule function and why it has failed.
2011-08-16 01:22:01 +00:00
fyodor
e605cb2beb
A couple more done tasks
2011-08-15 21:42:34 +00:00
fyodor
93cff22d4d
note some done tasks, etc.
2011-08-15 21:41:25 +00:00
paulino
4410450cf9
Adds entry about new NSE script: http-waf-detect.
2011-08-15 21:41:06 +00:00
paulino
172bf91228
Adds http-waf-detect:
...
Determines if a web server is protected by an IPS (Intrusion Prevention System), IDS (Intrusion Detection System) or WAF (Web Application Firewall) by probing the web server with malicious payloads and detecting changes in the response code and body.
2011-08-15 21:38:58 +00:00
luis
f150656540
Add a note about a core dump in Nping, reported by Vasiliy Kulikov
2011-08-15 11:15:12 +00:00
gorjan
5a93258a07
Added bittorrent entry in CHANGELOG
2011-08-14 14:56:37 +00:00
fyodor
a58bd79f2b
Note report of arp bug
2011-08-14 01:45:33 +00:00
gorjan
c6bf558a3c
Updated NSEDoc usage.
2011-08-13 19:26:24 +00:00
luis
db99143b5b
Remove item fixed in r25804
2011-08-12 15:34:31 +00:00
gorjan
aec7e1ab94
Add the architecture description in the bittorrent.lua library.
2011-08-11 09:54:38 +00:00
patrik
00b72547cf
Fixed bugs with empty resultsets returning data [Patrik]
2011-08-11 09:28:09 +00:00
djalal
fc79deba75
Made getInterfaceByName() return IPv6 interface information.
2011-08-10 22:56:34 +00:00
patrik
b593d0778a
o [NSE] Added basic query support to the Oracle TNS library making it possible
...
for scripts to query the database server using SQL. [Patrik]
2011-08-10 20:33:13 +00:00
