PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 04:09:01 +00:00
Code Issues Projects Releases Wiki Activity
4,948 Commits 2 Branches 0 Tags
dd9ae71020e6722fb52b06f7c7828d83c1faaa43
Commit Graph

842 Commits

Author SHA1 Message Date
patrik
7f95274f68 replaced -np with -p in usage as Linux reports the following error: 
nmap: option '-np' is ambiguous
 2011-01-18 19:41:05 +00:00
fyodor
b27c8e29d7 Apply a patch from Toni Ruottu with some small misc. improvements to the netbus-* scripts. Also I changed netbus-auth-bypass to the safe category as recommended by Toni 2011-01-15 21:28:45 +00:00
david
aef6f90991 Add gopher-ls and hddtemp-info @usage, adapted from Toni Ruotto. 2011-01-15 16:33:06 +00:00
fyodor
c0aa648851 Apply some nsedoc improvements sent in by Andrew Orr 2011-01-14 21:17:44 +00:00
fyodor
dc1f583a03 I've been putting periods at the end of these single sentence fragment descriptions for consistency, although I don't really know which way is best. When there are multiple setences in that first paragraph, we obviously need the paragraph even after an initial fragment. So I figured that we might as well include it when the fragment is all there is. But maybe when there is just one fragment, it looks better without a period. Who knows, and I guess it's not a particularly critical decision. But dns-update.nse now has a period in any case :) 2011-01-14 21:06:28 +00:00
patrik
583f65227c o [NSE] Added support for dynamic updates to the DNS library. Added the 
script dns-update.nse, which attempts to add a DNS record to a given zone.
  [Patrik]
 2011-01-14 15:15:24 +00:00
fyodor
b2598bc73d remove an email address so that Henri's author line for firewalk is the same as for his other new script (targets-traceroute). If he wants the email address there, we can add it to both. 2011-01-14 10:26:14 +00:00
fyodor
a84c2e4498 Did some NSEDoc cleanup on many of the 45 NSE scripts which are new since the 5.35DC1 Nmap release. Emphasis was on the first paragraph of the description, since that is shown on the front page of http://nmap.org/nsedoc and I'm planning to use that description verbatim (except for removing tags like <code>) for the CHANGELOG 2011-01-14 10:20:51 +00:00
fyodor
ed12841d70 minor NSEDoc updates 2011-01-14 06:32:16 +00:00
david
e54e940b10 Take broadcast-dropbox-listener out of "discovery" and put it in 
"broadcast".
 2011-01-13 07:18:03 +00:00
david
c7909b0b05 Rename p2p-dropbox-listener.nse to broadcast-dropbox-listener.nse. 2011-01-13 07:17:59 +00:00
david
6fbd739fac o [NSE] Added p2p-dropbox-listener.nse, which listens for Dropbox 
LanSync broadcasts and can optionally add discovered hosts to the
  scan queue. [Ron Bowes, Mak Kolybabi, Andrew Orr, Russ Tait Milne]
 2011-01-13 07:17:55 +00:00
david
a0f2fdbdb3 Move all broadcast-* scripts from the "discovery" category to 
"broadcast" (new category).
 2011-01-13 06:21:53 +00:00
fyodor
05f7c6ae07 Remove minecraft-auth for now -- see http://seclists.org/nmap-dev/2011/q1/85 2011-01-12 07:51:30 +00:00
david
42c14f507e Take minecraft-auth out of "vuln" and put it in "auth". From reading the 
Tumblr post, this sounds more like a way for people to set up a private
server on a LAN among trusted users than a vulnerability. Also link the
Tumblr post in the description.
 2011-01-10 01:14:16 +00:00
david
68ac93f69a o [NSE] Added minecraft-auth.nse by Toni Ruotto. It checks for 
Minecraft game servers that don't check usernames against a master
  server.
 2011-01-10 01:14:15 +00:00
david
2592194732 Add nrpe-enum.nse by Mak Kolybabi. 2011-01-09 03:43:41 +00:00
david
303123205e Updates to gopher-ls.nse from Toni Ruotto: 
* Added gopher-ls.maxfiles script argument.
* Included file descriptions.
 2011-01-08 05:12:01 +00:00
ron
fa5725ed05 Fixed a typo in the documentation 2011-01-08 00:25:48 +00:00
robert
063e780e1f Updated the hash information to include PHP/5.2.17 (released yesterday). 2011-01-07 10:24:59 +00:00
robert
d8ddf59203 Updated the hash information to include PHP/5.3.5 (released today). 2011-01-06 15:39:35 +00:00
djalal
6f390be198 Separate NFS Export entries with newlines. 2011-01-04 20:09:43 +00:00
ron
1dadea9407 added documentation for new script-arg 2011-01-03 03:51:11 +00:00
ron
229f118fdd Added a 'category' script-arg to http-enum.nse, which lets the user filter the fingerprints they want. This was requested by a user. 2011-01-03 03:48:48 +00:00
david
a9a5869173 Normalize tab.lua usage so that a call to tab.nextrow comes after (not 
before) each group of tab.add, and there is no tab.nextrow before or
after tab.addrow. Also remove manual indenting that was accomplished by
padding the first column with spaces; this is done by
stdnse.format_output now.
 2010-12-30 21:08:25 +00:00
david
357c15a165 Remove the "cols" parameter from calls to tab.new. 2010-12-30 21:08:18 +00:00
david
1046dcab57 Patch to hddtemp-info by Toni Ruotto that keeps reading past the first 
byte if there's a delay and supports different separator characters.
 2010-12-29 22:37:20 +00:00
david
77c5cd9d9a Use ftp.read_reply in ftp-proftpd-backdoor. Also, do a read_reply after 
sending the magic shell string but before sending a shell command.
Michael Meyer reported that the script would sometimes fail to report a
backdoor; I tracked this down to the sends happening in too-close
succession. The ProFTPD process could receive both sends
("HELP ACIDBITCHEZ\r\nid;\r\n"), read the first line, and execute the
shell, but then the shell would get no input because the "id;\r\n" had
already been read.

This causes a delay up to the timeout when there is a backdoor, but it
still returns right away when there is no backdoor.
 2010-12-29 21:24:53 +00:00
david
e2f8d1f5cb Move the read_reply function out of ftp-anon.nse and into a new library 
ftp.lua.
 2010-12-29 21:24:52 +00:00
david
be20b513af Update @output of gopher-ls. 2010-12-29 18:47:17 +00:00
david
e6c8691007 Whitespace in gopher-ls.nse. 2010-12-29 18:46:20 +00:00
david
80f7754d01 Separate gopher-ls entries with newlines instead of commas. 2010-12-29 18:46:18 +00:00
david
0658e53070 Add gopher-ls.nse by Toni Ruotto. 2010-12-29 18:46:16 +00:00
robert
c2305f23a5 Added hashes for PHP 5.2.15 and 5.2.16. 2010-12-26 13:48:06 +00:00
david
87d8a793f3 Use stdnse.get_script_args for modbus-discover.aggressive. 2010-12-16 08:59:19 +00:00
david
41a81e1789 Documentation and whitespace in modbus-discover.nse. 2010-12-16 08:59:18 +00:00
david
ad40df2c9b Add modbus-discover.nse from Alexander Rudakov. 2010-12-16 08:59:16 +00:00
david
ddf05d7e1f Whitespace in lexmark-config.nse. 2010-12-15 18:57:22 +00:00
patrik
c9ba464c28 Renamed domino-enum-passwords script to http-domino-enum-passwords 2010-12-15 08:52:31 +00:00
david
fffe597ece Typo fix. 2010-12-13 18:16:06 +00:00
david
008a43e7e0 User shortport.version_port_or_service instead of just 
shortport.port_or_service in netbus-version.nse.
 2010-12-13 18:00:07 +00:00
david
573088f99c Change categories of netbus-auth-bypass from {"default", "vuln", "safe"} 
to {"auth", "intrusive", "vuln"}. The first categories are the same as
in realvnc-auth-bypass, which would seems to be a very similar script,
but netbus-auth-bypass can have the additional side effect of breaking
future authentication attempts for all users, which is solidly
intrusive.
 2010-12-13 18:00:06 +00:00
david
d6a89a6674 Fix capitalization of NetBuster. 2010-12-13 18:00:04 +00:00
david
90a2819a04 o [NSE] Added scripts by Toni Ruotto communicating with the NetBus 
remote administration/backdoor program.
  - netbus-info: gets configuration information.
  - netbus-brute: guesses passwords.
  - netbus-version: distinguishes NetBus from NetBuster, a program
    that mimics the protocol but doesn't actually allow any
    operations.
  - netbus-auth-bypass: Checks for a bug in the server that allows
    connecting without a password.
 2010-12-13 18:00:02 +00:00
david
a7e80b4cf3 Update script.db. 2010-12-13 17:30:08 +00:00
david
ccd901f918 Put realvnc-auth-bypass.nse in "auth" category. 2010-12-13 17:30:06 +00:00
david
00652cb231 o [NSE] Added stuxnet-detect.nse by Mak Kolybabi, which detects 
infections of the Stuxnet worm and can optionally download the
  Stuxnet executable.
 2010-12-12 22:40:42 +00:00
patrik
b484d08cfa Merged Martin Swende's patch to domino-enum-passwords that splits output 
based on different hash types.
 2010-12-11 06:47:49 +00:00
patrik
46cdf28fce o [NSE] Added a new iSCSI library and the two scripts iscsi-info and 
iscsi-brute. [Patrik]
 2010-12-10 23:20:59 +00:00
patrik
38a21c4d17 o [NSE] Add new script broadcast-ms-sql-discover and removed broadcast 
support from ms-sql-info. [Patrik]
 2010-12-10 23:12:27 +00:00