PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-02-03 20:16:33 +00:00
Code Issues Projects Releases Wiki Activity
6,419 Commits 2 Branches 0 Tags
dbdbe4e07765d9cce99494135f1ce7653d8917dd
Commit Graph

1326 Commits

Author SHA1 Message Date
patrik
956c9ffe53 o [NSE] Added the script broadcast-pppoe-discover that discovers PPPoE servers 
on the LAN using the PPPoE Discovery Protocol. [Patrik]
 2012-01-10 18:22:39 +00:00
patrik
0267b56a27 o [NSE] Added the script membase-brute that performs password brute force 
password guessing against the Membase TAP protocol. [Patrik]

o [NSE] Added the script membase-http-info that retrieves information from the
  Couchbase distributed key-value pair server. [Patrik]
 2012-01-10 18:19:21 +00:00
david
7d4c555712 Credit Daniel Miller in CHANGELOG for odd-port.nse. 
There were two implementations of this script; Daniel's was first but
fell through the cracks.

http://seclists.org/nmap-dev/2011/q2/1272
 2012-01-10 04:46:31 +00:00
david
2532c413b5 o [NSE] Fixed a race condition in broadcast-dhcp-discover.nse that 
could cause responses to be missed on fast networks. It was noticed
  by Vasiliy Kulikov. [David]
 2012-01-10 03:25:19 +00:00
henri
5268a3f39a CHANGELOG message for r27782. 2012-01-09 13:04:02 +00:00
david
c6ca94dc43 Fix encoded_name_to_normal for the name ".". 
When a DNS name was only "."; i.e., the first byte in its encoded
representation was 0, encoded_name_to_normal wouldn't null-terminate the
string. This caused multiple warnings
	Illegal character(s) in hostname -- replacing with '*'
as later code read from uninitialized memory. Now we null-terminate
whenever the function returns success, and treat "." as a special case
for which we retain the trailing dot.

This bug was found by Gisle Vanem, who wrote a patch to fix it. I added
some more error checking to the patch.
 2012-01-08 04:41:58 +00:00
henri
856cd00a17 Merged nsock-engines from nmap-exp. This rewrite of the nsock library adds 
support for system-specific scalable IO notification facilities without breaking
portability. This initial version comes with an epoll(7)-based engine for Linux
and a select(2)-based fallback engine for all other operating systems.

This required an important refactoring of the library but the external API was
preserved.

The rewrite also tries to bring the coding standards of nmap to nsock.

See http://labs.unix-junkies.org/nsock_engines.html for the details.
 2012-01-05 01:08:16 +00:00
patrik
a1bdd51eaf Reverted change tom match.numbytes 2012-01-03 15:10:04 +00:00
patrik
1b370e16a4 o [NSE] Fixed bug in match.numbytes that would return one byte less than what 
was requested. Updated redis library to take the fix into account. [Patrik]
 2012-01-03 14:20:13 +00:00
patrik
b3c8df571f o Added probe and matchline for Couchbase Membase NoSQL database [Patrik] 2012-01-03 14:18:10 +00:00
fyodor
bb62bab448 o Added the new --script-args-file option which allows you to specify 
the name of a file containing all of your desired NSE script
  arguments.  The arguments may be separated with commas or newlines
  and may be overridden by arguments specified on the command-line
  with --script-args. [Daniel Miller]
 2012-01-03 07:14:20 +00:00
patrik
74d5ff04ef o [NSE] Added the script http-vuln-cve2009-3960 that detects and exploits the 
CVE 2009-3960 XML injection vulnerability in Adobe products. [Hani
  Benhabiles]
 2012-01-02 19:48:42 +00:00
patrik
4506c099ea o Added two new probes for the Basho Riak PBC and Tarantool protocols. 
[Patrik]
 2012-01-02 16:19:50 +00:00
patrik
2269e76438 o [NSE] Added a natpmp library and the script nat-pmp-mapport that allows 
NAT mapping of external TCP and UDP ports to internal addresses. [Patrik]
 2012-01-02 11:41:21 +00:00
patrik
f5b14a2099 o [NSE] Added the script riak-http-info that lists version and statistics 
information from the Basho Riak distributed database. [Patrik]
 2012-01-02 11:37:38 +00:00
patrik
54983f8127 o [NSE] Added the script socks-auth-info that lists supported SOCKS 5 
authentication mechanisms. [Patrik]
 2012-01-02 11:34:27 +00:00
patrik
b4fcd5e5fa o [NSE] Added the script memcached-info that lists version and statistics 
information from the distributed memory object caching service memcached
  [Patrik]
 2012-01-02 11:30:18 +00:00
patrik
4118ee064b o [NSE] Added the script redis-info that lists version and statistic information 
gathered from the Redis network key-value store. [Patrik]

o [NSE] Added the script redis-brute that performs brute force password
  guessing against the Redis network key-value store. [Patrik]
 2012-01-02 11:27:06 +00:00
patrik
3491fdc1fa o [NSE] Added the script http-proxy-brute that performs brute force password 
guessing against HTTP proxy servers. [Patrik]
 2012-01-02 11:21:57 +00:00
patrik
0ee55f4651 o [NSE] Added the script socks-brute that performs brute force password 
guessing against SOCKS 5 servers. [Patrik]
 2012-01-02 11:15:34 +00:00
patrik
cac7c27dcb o [NSE] Added the script vmauthd-brute that performs brute force password 
guessing against the VMware authentication daemon. [Patrik]
 2012-01-02 11:12:46 +00:00
fyodor
86ea7b5ce8 spell check 2012-01-02 02:55:47 +00:00
fyodor
a91adda431 Some more improvements to CHANGELOG. I'm almost done with this 2012-01-02 02:32:56 +00:00
fyodor
158b912bf8 Some more improvements to the CHANGELOG 2012-01-02 00:35:16 +00:00
fyodor
e1c36c932a Update CHANGELOG to note the 51 (WOW!) new scripts since the last release. 2012-01-01 22:21:48 +00:00
david
3fdcc88446 CHANGELOG for response rate scaling in OS scan. 2011-12-31 22:00:00 +00:00
patrik
bed66d943c Added service probes for memcached and fingerprint for MochiWeb 2011-12-31 15:19:50 +00:00
patrik
0de5d57036 o Added service probe for Redis key-value store [Patrik] 2011-12-31 01:41:26 +00:00
david
9941656055 Require separate host groups for targets with different source addresses. 2011-12-30 18:19:07 +00:00
patrik
4e7db06f0c o [NSE] Added script broadcast-wpad-discover which detects proxy servers on the 
network by using the Web Proxy Auto Discover Protocol (WPAD). [Patrik]
 2011-12-29 14:43:37 +00:00
patrik
02c59d1292 o [NSE] Added local port to BPF filter in snmp-brute to fix bug that would 
prevent multiple scripts from receiving the correct responses. The bug was
  discovered by Brendan Bird. [Patrik]
 2011-12-29 08:49:38 +00:00
patrik
9ff471d906 o [NSE] Removed DoS code from dhcp-discover and placed it into the discover and 
safe categories. Added support for adding options to DHCP requests in the
  dhcp library. [Patrik]
 2011-12-29 08:07:26 +00:00
fyodor
93c0ae4f44 Add new telnet-encryption script 2011-12-28 00:57:48 +00:00
patrik
07e0426629 o [NSE] Changed the dhcp-discover script to use the DHCPINFORM request to query 
dhcp servers instead of DHCPDISCOVER. Cleaned up some code in the DHCP
  library. [Patrik]
 2011-12-27 18:48:34 +00:00
patrik
bb7d5a526f o [NSE] Added script dns-blacklist that performs DNSBL checks of given or 
scanned IP addresses against multiple DNSBL services. [Patrik]
 2011-12-26 14:22:25 +00:00
patrik
ff9d0eabab o [NSE] Applied patch to snmp-brute that solves problems with handling errors 
that occur when parsing files with community lists. [Duarte Silva]
 2011-12-25 22:51:56 +00:00
patrik
bd1b7dfaad o [NSE] Applied patch to http-fingerprints adding support for identifying DCVS 
systems Git, Mercurial and Bazaar. [Hani Benhabiles]
 2011-12-25 21:57:11 +00:00
patrik
068c6273ec o [NSE] Applied some code cleanup to the snmp library. [Brendan Byrd] 2011-12-25 20:48:17 +00:00
patrik
67338201c1 o [NSE] Fixed a bug with an undeclared variable in snmp-ios-config.nse [Patrik] 2011-12-25 19:38:08 +00:00
david
5d362169f2 o On Windows, the directory <HOME>\AppData\Roaming\nmap is now 
searched for data files. This is the equivalent of $HOME/.nmap on
  POSIX.
 2011-12-20 21:11:21 +00:00
patrik
5d0db9c7fc o [NSE] Applied patch to add additional version information to Mongodb scripts 
[Martin Swende]
 2011-12-20 18:54:03 +00:00
patrik
d3797510ee o [NSE] Added path argument to the http-auth script and changed so that script 
output was returned using stdnse.format_output [Duarte Silva, Patrik]
 2011-12-19 18:39:18 +00:00
patrik
f93b31373a o [NSE] Fixed bug in the http library that would fail parsing authentication 
headers if no parameters were present. [Patrik]
 2011-12-19 18:35:32 +00:00
patrik
c7231cf96f Reverted previous http-auth patch. [Patrik] 2011-12-19 06:57:51 +00:00
patrik
b6a56e9fa0 o [NSE] Modified http-auth to support multiple authentication mechanism and to 
allow for a path to be specified as an argument. [Patrik]
 2011-12-18 19:25:24 +00:00
patrik
215f697171 o Added new fingerprints to http-enum for Subversion, CVS and Apache Archiva 
[Duarte Silva]
 2011-12-18 19:11:24 +00:00
patrik
ca63146635 o [NSE] Added the script http-open-redirect that finds web pages that do not 
properly validate parameters used for HTTP redirects. [Martin Swende]
 2011-12-18 12:58:56 +00:00
patrik
3f50f9c95c o [NSE] Added the script broadcast-pc-anywhere that discovers host running the 
PC-Anywhere remote control software on the LAN. [Patrik]

o [NSE] Added the script broadcast-pc-duo that discovers hosts running the
  PC-Duo remote control software on the LAN. [Patrik]

o Added probes for discovering PC-Duo and PC-Anywhere hosts. [Patrik]
 2011-12-18 09:33:38 +00:00
patrik
2197116d18 o [NSE] Added support for forcing scripts to run agains certain ports by adding 
a plus in front of the script name. [Martin Swende]
 2011-12-16 20:37:46 +00:00
patrik
f749c7cd45 o [NSE] Added the script broadcast-wake-on-lan that wakes systems from sleep 
by sending a Wake On Lan packet. [Patrik]
 2011-12-16 18:00:34 +00:00