PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-08 15:39:05 +00:00
Code Issues Projects Releases Wiki Activity
2,628 Commits 2 Branches 0 Tags
dd814aeebc4cf2d0c23caa8618eebefe77cd3c4e
Commit Graph

210 Commits

Author SHA1 Message Date
ron
a251c563c3 fixed a <code> tag in smb.lua's NSEDoc 2009-04-19 17:44:45 +00:00
david
27e94c0b28 Remove documentation for the bit.cast NSE function, which doesn't seem 
to exist.
 2009-04-17 16:35:43 +00:00
ron
cd9098c48b Revert part of my previous commit -- forgot to remove some test code 2009-04-02 14:10:56 +00:00
ron
08fadd08fc Fixed a bug where the scan would hit a nil-pointer exception when scanning broken implementations (reported by Steve Horejsi -- http://www.skullsecurity.org/blog/?p=209&cpage=2#comment-219). This was due to using incorrect variable names. 2009-04-02 14:09:52 +00:00
ron
4b81a92681 Fixed a bug reported where running openssl.encrypt() on an emptys tring would cause an assertion failure. I fixed it by printing a warning message if an empty challenge is encountered and faking out the challenge (if they sent an empty challenge, they're breaking the protocol anyways). This will cause the login to fail, and it will fall back to an anonymous check. 2009-04-02 01:14:15 +00:00
ron
5939934979 Fixed a potential global variable mistake in smb-server-stats.nse 2009-04-01 18:23:18 +00:00
ron
74ffd7b4c7 Raise timeout for SMB scans to 20 seconds -- I got several error reports due to timeouts 2009-03-31 20:30:45 +00:00
ron
75b44c30ac Fix for forgotten endian-modifier (caused errors on Solaris) -- Stephane Rose pointed it out 2009-03-31 15:08:33 +00:00
ron
a0d8875867 Fixed a bug where MSRPC would try to sign messages using OpenSSL, even if it wasn't available 2009-03-30 21:32:41 +00:00
ron
9060d2fadd Modified smb-check-vulns.nse to check for Connficker infections. Got permission from authors of simple connficker scanner (scs.zip) to post this 2009-03-30 14:46:58 +00:00
ron
fa9a63bf0a Another typo fix 2009-03-12 18:27:52 +00:00
ron
80591c9cc6 Cleaned up output of smb-server-stats.nse 2009-03-12 14:56:23 +00:00
ron
9c6860615f Fixed a typo 2009-03-12 14:20:32 +00:00
ron
45744eddc3 Merge in changes from my private branch, primarily smb-brute.nse and smb-pwdump.nse, among other smaller changes. 2009-03-05 02:03:29 +00:00
david
54a8caae65 Make http.request conform to its documentation; it now interprets any header 
fields passed to it and adds them to the request. Previously it ignored them,
relying on http.get to concatentate the header fields into a string for it.
 2009-03-01 19:02:33 +00:00
david
62aa04c11a In dns-zone-transfer.nse, return "<parse error>" in case domain decoding fails. 
otherwise there is an assertion failure trying to insert a nil into an output
table in tab.lua. Increase the maximum number of message compression pointers
we will follow in dns.lua from 3 to 10, because Brandon found a server that
used 4..
 2009-02-27 20:16:29 +00:00
david
a173fe6ce1 Add the stdnse.sleep function. 2009-02-23 23:57:39 +00:00
david
9323b53c68 Fix NSEDoc in msrpctypes.lua. A <code> was unterminated, and bullet lists can't 
have newlines within each entry.
 2009-02-20 18:46:26 +00:00
david
d8c3cf21a5 Add missing module name prefixes to usage examples in some NSE documentation. 2009-02-17 19:53:02 +00:00
david
2d018963ca Use dns.decStr in dns-zone-transfer.nse instead of a custom DNS decoder. This 
avoids an infinite recursion bug present in the old decoder. I raised the
number of compression pointers that dns.decStr will follow from 1 to 3 because
I found a server that sent 2.
 2009-02-10 00:53:26 +00:00
ron
5ec608507a Backported a couple minor bugfixes from my experimental branch 2009-02-04 22:08:20 +00:00
jah
c622a1518e Pass "ssl" as the third paramater to connect() in pop3.lua capabilities() and 
smtp-commands.nse if version detection set the port service_tunnel to "ssl".
 2009-02-03 02:43:24 +00:00
jah
c8442d3946 Fix error: 
SCRIPT ENGINE (506.424s): ./scripts/pop3-capabilities.nse against a.b.1.47:995
ended with error: ./scripts/pop3-capabilities.nse:32: bad argument #1 to
'pairs' (table expected, got string)

which happens because pop3.lua returns a string error message instead of a table
of capabilities if it can't connect the socket or obtain a response from a
connected socket.
It now returns nil, err_message in these cases and the documentation now reflects
this - pop3-capabilities.nse silently returns and prints a debug message.

Added a 10s timeout for the socket in pop3.lua capabilities - 30s was a bit much.
 2009-02-03 01:15:25 +00:00
batrick
06a18132b0 Removed another instance of the 'arg' table. 2009-02-02 07:58:10 +00:00
batrick
fe6c84fe00 Corrected legacy use of the 'arg' table for manipulating varargs. 2009-01-31 02:11:11 +00:00
david
1f76d5cc0b Rework shortport.lua to simplify some code and remove leading underscores from 
parameter names.
 2009-01-20 00:11:05 +00:00
david
d9db019495 Let the proto parameter in the shortport functions take a table like the other 
functions do, so you can say {"tcp", "udp"}.
 2009-01-19 21:54:00 +00:00
david
5a5df904f1 Factor out the code that checks for an element in a table from shortport.lua to 
eliminate some nested loops.
 2009-01-19 21:46:39 +00:00
david
d4b0fa6ece require 'bin' in base64.lua. 2009-01-19 04:57:34 +00:00
david
1d6011edbe Fix a couple of NSEDoc errors. 2009-01-13 15:30:05 +00:00
david
b504fb78fa Fix some NSEDoc errors. 2009-01-13 00:18:46 +00:00
david
a384e9016f Document script arguments in 
pop3-brute.nse: pop3loginmethod, userdb, passdb;
snmp-brute.nse: snmpcommunity, snmplist, userdb, passdb;
snmp-sysdecsr.nse: snmpcommunity;
snmp.lua: snmpcommunity;
unpwdb.lua: userdb, passdb.
 2009-01-13 00:10:33 +00:00
fyodor
98d06c4b33 note snmpcommunity script argument name 2009-01-09 20:26:23 +00:00
kris
5738b65f57 Update two @copyright lines to standard man-legal.html links 2009-01-07 16:15:05 +00:00
batrick
3016193c11 Improvements to the nmap library. See [1] for discussion and a full listing of 
the changes.

[1] http://seclists.org/nmap-dev/2008/q4/0663.html
 2008-12-29 21:59:08 +00:00
jah
3fb2b96f78 Fix a couple of typos in openssl.luadoc: 
Descrypt -> Decrypt
encrypt  -> decrypt
 2008-12-29 18:28:45 +00:00
david
9b82189c39 Make the documentation for nmap.new_try more clear on a suggestion by Patrick. 2008-12-29 04:08:43 +00:00
ron
67f9577de9 No longer erroring if a server leaves out the 'domain' section of packets (some configurations of Samba seem to do this) 2008-12-24 20:36:30 +00:00
ron
773000b65a Merging changes from my experimental branch; the new versions of this scripts, which have significant changes to their core functionality, managed to hold their own against Brandon's network. More testing would be very helpful, though, especially with credentials (most of Brandon's scans were anonymous). 2008-12-24 00:53:01 +00:00
bmenrigh
c4bebb3a01 Starting in Lua 5.1, string.gfind was renamed to string.gmatch. This commit fixes a warning when gfind is used by using gmatch instead. 2008-12-17 20:43:57 +00:00
batrick
f08596bf49 Fixed a misspelling. 2008-12-09 01:37:10 +00:00
ron
32f6181224 Updated some error messages for more clarity, and added a number after them to help track back issues that may arise. 2008-12-08 15:06:17 +00:00
ron
80dec40366 Added some more DOS constants that Brandon ran across 2008-12-08 03:48:23 +00:00
ron
86de493a3e Changed smb-enum-shares to detect a host that returns the incorrect value for unknown shares (happened against what appears to be a EMC SANS). Also added a check to stdnse.strjoin() to ensure that the first parameter is either nil or a string, I got the parameters wrong and spent awhile trying to figure otu why. 2008-12-08 03:33:25 +00:00
ron
da4a8ef302 Fixed a bug where int8 arrays wouldn't align properly (I hadn't noticed it before because the only place it's used is in registry functions, and all following variables were either ignored or set to the proper value by luck 2008-12-07 19:10:17 +00:00
ron
ea42f39faa Merged in significant changes to Microsoft RPC calls 2008-12-07 16:16:11 +00:00
batrick
b901089c19 Corrected documentation. 2008-12-01 04:12:13 +00:00
david
041e39f88a Fix a typo in nmap.luadoc. 2008-11-20 17:27:05 +00:00
david
f8987ac849 Avoid a stack overflow in dns.lua. A "compressed" DNS message can have its 
pointers arranged to form a loop. We put a limit on the number of pointers
we're willing to follow.
 2008-11-19 19:59:51 +00:00
david
a7629c94db Fix a typo in bin.luadoc. 2008-11-19 17:46:27 +00:00