PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-02-16 02:16:34 +00:00
Code Issues Projects Releases Wiki Activity
7,339 Commits 2 Branches 0 Tags
d80183edab94ea7bd2ea0bf2fa6984b19a25985a
Commit Graph

934 Commits

Author SHA1 Message Date
aca
d80183edab Small refactorization to sslcert.lua, split specialized functions into two, with and without calling reconnect_ssl 2012-08-03 16:11:50 +00:00
patrik
e7cb28619e fixed a bug where any url would be treated as withinhost due to a lacking 
return statement in the removewww function
 2012-08-03 06:13:57 +00:00
david
21ba9f7b4a Undocument nmap.sleep and undeprecate stdnse.sleep. 
There are various functions in the internal nmap.socket and nmap.dnet
libraries that are there for technical reasons:
	http://seclists.org/nmap-dev/2012/q1/318
The sleep function is exposed through the stdnse namespace because it
fits that library better.

Some code comments said that names such as nmap.new_socket were
deprecated in favor of e.g. nmap.socket.new, but the old names were
never formally deprecated, so I removed those comments.
 2012-08-03 02:08:44 +00:00
david
bf69c6b5b9 port is part of a url table. 2012-08-02 04:29:56 +00:00
kroosec
17d27f76b0 Updated documentation for rpc.lua latest changes. 2012-08-01 10:02:22 +00:00
kroosec
3cd7f8865d Added ability to disable for program and version support checking in rpc.lua. Authentication now defaults to NULL. 2012-08-01 09:58:48 +00:00
henri
d0e684735a Typo (identfy_404 -> identify_404). 2012-08-01 07:53:16 +00:00
david
a2c2863531 Remove "hardmatched" argument from calls to nmap.set_port_version. 
This is the default and can be omitted. Seeing as the value of this
argument was "hardmatched" in 100% of cases, we're better off pretending
the parameter doesn't exist.
 2012-07-30 18:58:32 +00:00
kroosec
8c20c04d99 Documentation fixes. Changed host.name and host.targetname by host.ip and host.name 2012-07-30 13:33:05 +00:00
aca
68b2efd3db Merged msrpc changes from my branch, including spoolss functionality 2012-07-30 09:39:23 +00:00
patrik
bca0025032 nse_check_global cleanup 2012-07-29 09:26:23 +00:00
david
1441aea655 Reduce the number of names tried by http-vhosts by default. 
Vlatko reported that this script was taking an inordinate amount of time
even in typical scans. This patch reduces the number of domains tried by
default. The new http-vhosts.filelist script argument allows
substituting the original list or another of your choosing.

Patch by Vlatko.
http://seclists.org/nmap-dev/2012/q3/432
 2012-07-29 03:39:11 +00:00
dmiller
b868e7f3ce Move caching code to datafiles lib 
Scripts no longer need to implement caching of datafiles tables in the
registry, since the datafiles.lua library keeps its own cache in the
registry. A side-effect is that scripts should not change the tables
returned by datafiles.parse_{protocols,rpc,services,mac_prefixes}(), as
doing so will affect all other scripts that use those functions.
 2012-07-27 20:07:38 +00:00
henri
d1d1c7a6f4 Re-enabled connection attempts to RPC services when running in non-privileged 
mode. This also fixes a bug in the privileged port binding loop, don't always try to
bind() to port 1000 but use the current resvport instead.
 2012-07-27 17:23:03 +00:00
patrik
6dc6b95377 fixed a bug in whitelisting code 2012-07-26 13:37:04 +00:00
patrik
d397ac4076 Fixed bug that would result in the stun-version script incorrectly reporting 
the stun port as open when the stun service would not respond to the service
probe and the port was reported as open|filtered.
 2012-07-24 18:41:42 +00:00
patrik
7880043ee2 minor fix in stun-version to remove a warning from ipOps.fromdword 
indentation fix in stun-version
 2012-07-24 12:05:57 +00:00
patrik
217b27bace nse_check_globals cleanup 2012-07-24 10:08:43 +00:00
perdo
8025ba5a5a Added some checks for http response's body being nil. 2012-07-23 22:47:11 +00:00
perdo
612ca59323 Modify pipelining implementation a bit, allow a user to specify size of the pipeline, fix some debugging messages. 2012-07-23 21:58:40 +00:00
perdo
09f7b93949 Modify http-enum and http-fingerprints file so they work with http pipeline better. 2012-07-23 21:55:13 +00:00
kroosec
4aebcc973b Small typo fix in rpc.lua. 2012-07-23 09:58:30 +00:00
aca
6fec00655d Added smb-ms10-054 vuln check script to trunk 2012-07-23 09:52:38 +00:00
patrik
977996e5fa o [NSE] Added rdp library and the script rdp-enum-encryption that enumerates 
both the Security Layer and Encryption level of the RDP service. [Patrik
  Karlsson]
 2012-07-21 21:24:14 +00:00
batrick
1054c3abc7 RC4 cipher for work Ron is doing. 2012-07-19 02:47:01 +00:00
dmiller
1aeec5790e Add more ssl-ciphers strength ratings 
Ratings generated with this perl script:
https://gist.github.com/3130353
 2012-07-18 22:14:30 +00:00
perdo
6e5b999c99 Add parts of LuaFileSystem to NSE (support for mkdir, rmdir, link). 2012-07-17 18:07:28 +00:00
kroosec
65a8490539 Small formatting change int creds.lua to adapt output when no state is provided. 2012-07-14 17:29:00 +00:00
kroosec
aac6c1d03a Added OSPF support to broadcast-listener. 2012-07-13 15:02:09 +00:00
kroosec
71bfe5c700 Added ospf library that was written by Patrik and added documentation and some bug fixes to it. 2012-07-13 14:55:34 +00:00
aca
f083222ea9 Ooops. Forgot the returns 2012-07-10 21:18:23 +00:00
aca
7161193756 Added a patch by Patrick. A cleaner way to deal with varargs. 2012-07-10 20:58:44 +00:00
aca
c6ed7023c4 Brute and unpwdb lib improvements that allow more flexible iterator specifications. Merge from my dev branch. 2012-07-10 16:35:48 +00:00
patrik
9236196d42 o [NSE] Added ms-sql-dac script which queries the Microsoft SQL Browser service 
for the DAC (Dedicated Admin Connection) port. [Patrik Karlsson]
 2012-07-10 09:50:51 +00:00
tomsellers
b82c819afb Update to add additional blacklist entries the httpspider library. The goal is to avoid downloading and processing certain additional video, audio and binary formats. 
This should speed up crawling certain sites.  In the case of http-email-harvest it should reduce some of the false positives generated by running the RegEx against binary data. The only script that this appears likely to have affected the results of would have been http-sitemap-generator and that script specifically disables the blacklist.
 2012-07-10 00:23:02 +00:00
batrick
4ef2bb978a add appropriate comment 2012-07-09 17:06:04 +00:00
perdo
614077f122 Functions from http library that make requests now always return a table. 2012-07-09 10:18:29 +00:00
paulino
469e6ca5ca Fixes crash when using identify_404() that happened when the status response changes in the second or third request and the return value is the string "<unknown>". 
Previously, the library only checked for nil. Updated it to check the type of the response value and change it to -1 if its not a number to fix crash when passing a string to %d.
 2012-07-04 20:21:08 +00:00
perdo
7443db6f37 Hosts that differ only on the 'www' prefix are now treated as being equal. Also added some documentation for httpspider.useheadfornonwebfiles. 2012-07-03 21:48:26 +00:00
fyodor
288a4dc4ad suggest http.max-cache-size argument for consistency rather than http-max-cache-size (both work) 2012-07-03 19:48:23 +00:00
fyodor
e97449e062 define IPP 2012-07-02 08:32:51 +00:00
fyodor
6133b64d6c Add a short description of Versant so users know what it is 2012-07-01 23:29:58 +00:00
fyodor
ff73f20356 Add a bit more information about what the STUN protocol is 2012-07-01 23:25:26 +00:00
perdo
33c3838c45 Fixed a missing require in httpspider. 2012-07-01 09:45:14 +00:00
perdo
3b8c88aac4 Added a list of common sql errors. 2012-06-30 12:28:15 +00:00
kroosec
2dffec733e Allowed support of SIP over TCP and made adequate changes to sip.lua 2012-06-28 08:47:07 +00:00
kroosec
0bdff46418 Added Timeout sip response code (408). 2012-06-26 09:26:01 +00:00
kroosec
cb38bebdce Added busy and decline response status code. 2012-06-26 00:35:23 +00:00
perdo
f7a02d8d19 Added a list of webpage file formats. 2012-06-25 17:56:21 +00:00
perdo
2730adc516 Modified the spidering library to allow to use a HEAD rather then GET request for files with certain extensions. 2012-06-25 17:54:38 +00:00