PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 12:41:29 +00:00
Code Issues Projects Releases Wiki Activity
13,301 Commits 2 Branches 0 Tags
e048a3e91de6f621df67102a63a3485e18182827
Commit Graph

29 Commits

Author SHA1 Message Date
dmiller
cc5759a6d2 Correctly decode MySql error packets. 2024-01-29 18:31:38 +00:00
nnposter
1d4d3536e3 Fix off-by-one bug when parsing MySQL EOF packet. Fixes #2128 2020-10-08 17:56:18 +00:00
dmiller
ff6b5b65a8 Remove more bin.lua packings. 2018-09-22 05:19:24 +00:00
dmiller
8b371c3b96 Add explicit endianness modifiers in several places. 2018-09-06 14:20:30 +00:00
dmiller
d84ddbe3fd Remove bit library from a few more libs 2018-08-28 03:52:55 +00:00
dmiller
f20589ca09 Use explicit endianness in pack/unpack. 2017-02-14 03:47:49 +00:00
dmiller
636823622c Fix parsing salt value for mysql. Fixes #596 2016-11-29 22:35:51 +00:00
dmiller
8c10485689 Fix MySQL version detection, greeting parsing. Fixes #529 2016-08-25 23:05:50 +00:00
dmiller
cb4b46bd53 Canonicalize authors as tables instead of comma-separated strings 2016-06-09 22:46:42 +00:00
dmiller
f4619edece Update http urls for nmap.org to https 2015-11-05 20:41:05 +00:00
dmiller
0e74dd7a35 Replace some string.char and bin.pack calls with literals 2015-02-27 19:42:56 +00:00
dmiller
40f36a4e3e Some string optimizations in NSE 
Changes fall into these categories:

1. Avoid pathological string building. Loops over x = x .. "foo" can
become very slow. Instead, use strbuf.lua, table.concat, or just one
continuous concatenation; a = x .. y .. z is one operation, better than
a = x .. y; a = a .. z

2. Use hex-escaped strings instead of string.char. I find this more
readable in many cases, and it avoids a table lookup and function call.

3. Don't duplicate code. A few libraries and scripts had re-implemented
stdnse.generate_random_string or openssl.rand_bytes.
 2014-09-03 04:49:54 +00:00
batrick
ee6622aea4 nselib stdnse.print_debug -> stdnse.debug 
$ f() { find -name \*.lua -exec /bin/echo sed -i "$1" {} \; ; }
$ f 's/stdnse.print_debug( *\([0-9]*\) *, */stdnse.debug\1(/'
$ f 's/stdnse.print_debug( *"\(.*\))/stdnse.debug1("\1)/'
 2014-08-03 00:56:45 +00:00
dmiller
ec9074f718 Correct "it's" to "its" where necessary 
it's = it is
its = belonging to it
 2014-06-19 04:58:46 +00:00
dmiller
1b71f75aad Spelling fixes for Lua files 
Mostly in documentation/comments, but a couple code bugs were caught,
including a call to stdnse.pirnt_debug and a mis-declared variable.
 2014-02-19 04:15:46 +00:00
dmiller
69e343f0aa Reindent the last of the NSE libraries. 
https://secwiki.org/w/Nmap/Code_Standards
 2014-02-04 19:47:26 +00:00
dmiller
620f9fdb34 Remove trailing whitespace in lua files 
Whitespace is not significant, so this should not be a problem.
https://secwiki.org/w/Nmap/Code_Standards
 2014-01-23 21:51:58 +00:00
patrik
6f43ac38b2 SSL overhaul fixing OpenSSL related problems when SSL has not been compiled in 
* replace require function calls with stndse.silent_require
* fixed a bug in nse_main that would fail creating scripts.db when a script
  fails to load
* reworked some code to provide limited functionality even though SSL is not
  present
 2012-08-05 12:05:07 +00:00
david
aa6717eb1f Lua 5.2 fixed from Daniel Miller. 
http://seclists.org/nmap-dev/2012/q2/525
 2012-05-29 20:11:39 +00:00
batrick
000f6dc4d9 Lua 5.2 upgrade [1] for NSE. 
[1] http://seclists.org/nmap-dev/2012/q2/34
 2012-05-27 08:53:32 +00:00
patrik
425ced35ab o Improved the mysql library to handle multiple columns with the same name, 
added a formatResultset function to format a query response to a table
  suitable for script output. [Patrik Karlsson]
 2012-05-19 12:23:41 +00:00
patrik
d4e0b179c1 Fixed a number of incorrect receives and replaced them with receive_bytes. 
Added some logic to make sure all data is read off the socket.
 2010-08-24 20:25:46 +00:00
david
7d0c08a097 Brief copyediting of NSEDoc for modules. 2010-07-12 19:42:43 +00:00
david
dc03a70c79 Fix some NSEDoc. Some libraries had @copyright and @author right at the 
top of the first comment, so the entire description got stuffed into the
@author field. I also discovered a limitation in the NSEDoc parser: the
first non-empty line following the first --- comment must be the
"module" call, or else the block isn't recognized as belonging to a
module. This was preventing @args from appearing in certain libraries.
Djalal Harouni told me about this.
 2010-04-15 19:21:13 +00:00
kris
0e579c71a4 o [NSE] Correct misspelled "Capabilities.IgnoreSpaceBeforeParanthesis" 
name in the MySQL library. [Kris]

The second "a" in "paranthesis" should be in "e".  No current scripts use
this name (yet).
 2010-04-06 02:05:07 +00:00
kris
c7d97ae2c4 fix function names in error messages 2010-04-05 00:12:58 +00:00
patrik
53460a9682 o [NSE] Fixed mysql-brute.nse error that would cause brute-forcing to fail 
if password contained a format string. Fixed a problem with SSL support
  detection in mysql.lua library. [Patrik]
 2010-03-17 09:30:26 +00:00
patrik
2a44a941af o [NSE] Added checks for missing OpenSSL to MySQL scripts and library [Patrik] 2010-03-09 20:27:48 +00:00
patrik
0bc8e65811 Add the scripts 
mysql-brute
  mysql-datatabase
  mysql-empty-password
  mysql-users
  mysql-variables
and the mysql module
 2010-01-26 09:40:38 +00:00