PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-02-02 19:49:11 +00:00
Code Issues Projects Releases Wiki Activity
6,508 Commits 2 Branches 0 Tags
e1c71046fe8d731415e8a4e628181c17eb8fde21
Commit Graph

1344 Commits

Author SHA1 Message Date
patrik
5575943ea0 o [NSE] Added url-snarf. The script sniffs the network for URLs in HTTP 
traffic and prints the URL together with the originating IP. [Patrik]
 2012-01-29 08:23:30 +00:00
patrik
3633c502b6 o [NSE] Added http-auth-finder. The scripts spiders a site looking for URLs 
requiring form- or HTTP-based authentication. [Patrik]
 2012-01-29 06:23:35 +00:00
henri
255c2a0a9b Fixed an assertion failure which could occur when connecting to an SSL server: 
nsock_core.c:186: update_events: Assertion `(ev_inc & ev_dec) == 0' failed.

Thanks to Ron for reporting the bug and testing.
See: http://seclists.org/nmap-dev/2012/q1/235
 2012-01-27 15:46:32 +00:00
david
22c17fa05d Add cccam-version.nse. 2012-01-27 01:13:35 +00:00
patrik
0ad978d3b8 o [NSE] Added the scripts xdmcp-discover, broadcast-xdmcp-discover and the 
X Display Manager Control Protocol (xdmcp) library. The scripts discover
  hosts either using unicast or broadcast and try to detect supported
  authentication and authorization mechanisms. [Patrik]
 2012-01-26 19:35:19 +00:00
david
74785f0591 Remove remaining unused nmap-service-probes captures. 2012-01-26 09:21:29 +00:00
david
6bf7110c89 Remove most unused captures from nmap-service-probes. 
This patch is from Lauri Kokkonen.
http://seclists.org/nmap-dev/2012/q1/219
 2012-01-26 09:21:22 +00:00
patrik
5b05cbe46e o [NSE] Added script iax2-brute and supporting IAX2 library that performs 
brute-force password guessing against the Asterisk IAX2 protocol. [Patrik]
 2012-01-24 20:55:29 +00:00
patrik
f3d48111b9 o Added service probe for the Erlang Port Mapper Daemon. [Patrik] 2012-01-24 20:18:47 +00:00
patrik
5ef9f2a70d o [NSE] Added script broadcast-dhcp6-discover and supporting DHCPv6 library. 
The script retrieves and prints an IPv6 address and some of the DHCP6
  options. [Patrik]
 2012-01-24 19:54:50 +00:00
david
b4dee08825 CHANGELOG for IPv6 OS novelty detection. 2012-01-21 16:05:23 +00:00
patrik
1670f59210 o [NSE] Added script dns-srv-enum that enumerates DNS service records for a 
given domain. [Patrik]
 2012-01-19 00:49:48 +00:00
patrik
2a2f64590a o [NSE] Added script nessus-xmlrpc-brute that performs brute force password 
guessing against the Nessus web GUI. [Patrik]
 2012-01-17 11:53:23 +00:00
patrik
c579d844ba o [NSE] Added script dns-nsid by John Bond, that retrieves name server ID and 
version information.

o [NSE] Applied patch to DNS library by John Bond that adds support for the
  CHAOS class and NSID requests.
 2012-01-17 11:37:19 +00:00
patrik
14c553c2e0 o [NSE] Changed the dnsbl library to take a threaded approach into querying 
DNSBL provides drastically improving performance. [Patrik]

o [NSE] Applied patch from Duarte Silva to dnsbl adding new services and the
  ATTACK category. [Duarte Silva]
 2012-01-15 11:38:35 +00:00
patrik
ef4be879e5 o [NSE] Added broadcast-ripng-discover that discovers IPv6 RIPng routers and 
displays their routing information. [Patrik]
 2012-01-14 18:44:07 +00:00
henri
487c08ff63 Make gathered CPE codes available to NSE. 
CPEs are available at host.os (for the ones from OS fingerprinting) and
port.version.cpe (for the version detection ones).

This patch also fix a memory leak that David noticed in
PortList::setServiceProbeResults().
 2012-01-13 10:24:19 +00:00
david
1a9700019f Add http-generator.nse by Michael Kohl. 2012-01-12 19:45:11 +00:00
patrik
956c9ffe53 o [NSE] Added the script broadcast-pppoe-discover that discovers PPPoE servers 
on the LAN using the PPPoE Discovery Protocol. [Patrik]
 2012-01-10 18:22:39 +00:00
patrik
0267b56a27 o [NSE] Added the script membase-brute that performs password brute force 
password guessing against the Membase TAP protocol. [Patrik]

o [NSE] Added the script membase-http-info that retrieves information from the
  Couchbase distributed key-value pair server. [Patrik]
 2012-01-10 18:19:21 +00:00
david
7d4c555712 Credit Daniel Miller in CHANGELOG for odd-port.nse. 
There were two implementations of this script; Daniel's was first but
fell through the cracks.

http://seclists.org/nmap-dev/2011/q2/1272
 2012-01-10 04:46:31 +00:00
david
2532c413b5 o [NSE] Fixed a race condition in broadcast-dhcp-discover.nse that 
could cause responses to be missed on fast networks. It was noticed
  by Vasiliy Kulikov. [David]
 2012-01-10 03:25:19 +00:00
henri
5268a3f39a CHANGELOG message for r27782. 2012-01-09 13:04:02 +00:00
david
c6ca94dc43 Fix encoded_name_to_normal for the name ".". 
When a DNS name was only "."; i.e., the first byte in its encoded
representation was 0, encoded_name_to_normal wouldn't null-terminate the
string. This caused multiple warnings
	Illegal character(s) in hostname -- replacing with '*'
as later code read from uninitialized memory. Now we null-terminate
whenever the function returns success, and treat "." as a special case
for which we retain the trailing dot.

This bug was found by Gisle Vanem, who wrote a patch to fix it. I added
some more error checking to the patch.
 2012-01-08 04:41:58 +00:00
henri
856cd00a17 Merged nsock-engines from nmap-exp. This rewrite of the nsock library adds 
support for system-specific scalable IO notification facilities without breaking
portability. This initial version comes with an epoll(7)-based engine for Linux
and a select(2)-based fallback engine for all other operating systems.

This required an important refactoring of the library but the external API was
preserved.

The rewrite also tries to bring the coding standards of nmap to nsock.

See http://labs.unix-junkies.org/nsock_engines.html for the details.
 2012-01-05 01:08:16 +00:00
patrik
a1bdd51eaf Reverted change tom match.numbytes 2012-01-03 15:10:04 +00:00
patrik
1b370e16a4 o [NSE] Fixed bug in match.numbytes that would return one byte less than what 
was requested. Updated redis library to take the fix into account. [Patrik]
 2012-01-03 14:20:13 +00:00
patrik
b3c8df571f o Added probe and matchline for Couchbase Membase NoSQL database [Patrik] 2012-01-03 14:18:10 +00:00
fyodor
bb62bab448 o Added the new --script-args-file option which allows you to specify 
the name of a file containing all of your desired NSE script
  arguments.  The arguments may be separated with commas or newlines
  and may be overridden by arguments specified on the command-line
  with --script-args. [Daniel Miller]
 2012-01-03 07:14:20 +00:00
patrik
74d5ff04ef o [NSE] Added the script http-vuln-cve2009-3960 that detects and exploits the 
CVE 2009-3960 XML injection vulnerability in Adobe products. [Hani
  Benhabiles]
 2012-01-02 19:48:42 +00:00
patrik
4506c099ea o Added two new probes for the Basho Riak PBC and Tarantool protocols. 
[Patrik]
 2012-01-02 16:19:50 +00:00
patrik
2269e76438 o [NSE] Added a natpmp library and the script nat-pmp-mapport that allows 
NAT mapping of external TCP and UDP ports to internal addresses. [Patrik]
 2012-01-02 11:41:21 +00:00
patrik
f5b14a2099 o [NSE] Added the script riak-http-info that lists version and statistics 
information from the Basho Riak distributed database. [Patrik]
 2012-01-02 11:37:38 +00:00
patrik
54983f8127 o [NSE] Added the script socks-auth-info that lists supported SOCKS 5 
authentication mechanisms. [Patrik]
 2012-01-02 11:34:27 +00:00
patrik
b4fcd5e5fa o [NSE] Added the script memcached-info that lists version and statistics 
information from the distributed memory object caching service memcached
  [Patrik]
 2012-01-02 11:30:18 +00:00
patrik
4118ee064b o [NSE] Added the script redis-info that lists version and statistic information 
gathered from the Redis network key-value store. [Patrik]

o [NSE] Added the script redis-brute that performs brute force password
  guessing against the Redis network key-value store. [Patrik]
 2012-01-02 11:27:06 +00:00
patrik
3491fdc1fa o [NSE] Added the script http-proxy-brute that performs brute force password 
guessing against HTTP proxy servers. [Patrik]
 2012-01-02 11:21:57 +00:00
patrik
0ee55f4651 o [NSE] Added the script socks-brute that performs brute force password 
guessing against SOCKS 5 servers. [Patrik]
 2012-01-02 11:15:34 +00:00
patrik
cac7c27dcb o [NSE] Added the script vmauthd-brute that performs brute force password 
guessing against the VMware authentication daemon. [Patrik]
 2012-01-02 11:12:46 +00:00
fyodor
86ea7b5ce8 spell check 2012-01-02 02:55:47 +00:00
fyodor
a91adda431 Some more improvements to CHANGELOG. I'm almost done with this 2012-01-02 02:32:56 +00:00
fyodor
158b912bf8 Some more improvements to the CHANGELOG 2012-01-02 00:35:16 +00:00
fyodor
e1c36c932a Update CHANGELOG to note the 51 (WOW!) new scripts since the last release. 2012-01-01 22:21:48 +00:00
david
3fdcc88446 CHANGELOG for response rate scaling in OS scan. 2011-12-31 22:00:00 +00:00
patrik
bed66d943c Added service probes for memcached and fingerprint for MochiWeb 2011-12-31 15:19:50 +00:00
patrik
0de5d57036 o Added service probe for Redis key-value store [Patrik] 2011-12-31 01:41:26 +00:00
david
9941656055 Require separate host groups for targets with different source addresses. 2011-12-30 18:19:07 +00:00
patrik
4e7db06f0c o [NSE] Added script broadcast-wpad-discover which detects proxy servers on the 
network by using the Web Proxy Auto Discover Protocol (WPAD). [Patrik]
 2011-12-29 14:43:37 +00:00
patrik
02c59d1292 o [NSE] Added local port to BPF filter in snmp-brute to fix bug that would 
prevent multiple scripts from receiving the correct responses. The bug was
  discovered by Brendan Bird. [Patrik]
 2011-12-29 08:49:38 +00:00
patrik
9ff471d906 o [NSE] Removed DoS code from dhcp-discover and placed it into the discover and 
safe categories. Added support for adding options to DHCP requests in the
  dhcp library. [Patrik]
 2011-12-29 08:07:26 +00:00