PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-28 00:59:04 +00:00
Code Issues Projects Releases Wiki Activity
8,927 Commits 2 Branches 0 Tags
e296cdea2a70ba1bb1663e4656dfe15d9c68e4d2
Commit Graph

8927 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
david
5273567981 Lower-case scheme comparisons. 
I'm seeing redirects to "HTTP://example.com/".
 2013-02-07 23:37:48 +00:00
david
a1cc3690cc Include the targetname if possible in NSE diagnostic messages. 2013-02-07 23:26:18 +00:00
david
9434dd7d2f parse_redirect: fill in port number even if authority but not scheme is present. 
For example "//example.com/en/": the function needs to return with
u.port set, just as it would with "http://example.com/en/".
 2013-02-07 23:12:41 +00:00
david
a210d38769 Allow empty path in url.parse. 
I got a redirect of "?p=indisponible" and url.parse returned
{query="p=indisponible"}. Now it returns
{path="", query="p=indisponible"}.
 2013-02-07 22:37:38 +00:00
david
4cdb5301dd 300 and 303 are also HTTP redirects. 2013-02-07 22:28:10 +00:00
david
ac5a479a73 Treat empty port in URL the same as absent. 
RFC 3986 says that these URLs are equivalent:

http://example.com/
http://example.com:/

url.parse was returning port="" for the latter. Make it instead return
port=nil like the former.
 2013-02-07 03:06:30 +00:00
david
1c7c414fbb URL ports have to be decimal digits. 
RFC 3986 section 3.2.3.
 2013-02-07 03:06:29 +00:00
david
45b5d92f3d Don't treat an empty string as an invalid URL. 
To me, this is a relative URL with a path of "". I.e., it refers to the
same document as wherever the URL appeared, like when people do
<form action="" enctype="multipart/form-data" method="POST">
 2013-02-07 02:28:23 +00:00
david
fd7cabf7db Remove some old Linux compatibility code from connect scan. 
This code was quite old (dating from r854 in 2000) and may not serve a
purpose anymore. Let's try removing it.

Apart from being obsolete, the code had a race condition where the
connection could be closed with a RST before getpeername was called,
leading to a fatal error message.
 2013-02-05 04:55:29 +00:00
fyodor
71a6c878ac Add a task suggested by David 2013-02-05 00:03:07 +00:00
david
7c7ffdb756 Typo. 2013-02-02 01:41:50 +00:00
david
2318ff2e70 Remove a too-generic service fingerprint for which we need more data. 
It was listed as "Microsoft UPnP", but was also matching a trivial
golang web server.
 2013-02-01 20:45:12 +00:00
david
37e0241276 CHANGELOG for route metrics. 2013-02-01 05:02:00 +00:00
david
5ab6c9fa93 Sort by metric. 2013-02-01 05:01:59 +00:00
david
8e20e6a65b Show route metrics in --iflist. 2013-02-01 05:01:58 +00:00
david
e2387e4693 Add metric to struct sys_route. 2013-02-01 05:01:57 +00:00
david
f55171a088 Add metric to struct route_entry. 
Actually getting a nonzero value for the metric is supported only on
Linux and Windows.
 2013-02-01 05:01:56 +00:00
paulino
913fbac6d1 Adds entry to detect SCADA SIMATIC S7. Signature taken from Jose Ramon Palanco's script https://github.com/drainware/nmap-scada/blob/master/SIEMENS-Simatic-HMI-miniweb.nse 2013-01-31 18:04:40 +00:00
paulino
b3d3553330 Adds entry to detect SCADA Siemens PCS7. Signature taken from Jose Ramon Palanco's script https://github.com/drainware/nmap-scada/blob/master/Siemens-PCS7.nse 2013-01-31 18:00:11 +00:00
david
5fd515b039 Get rid of ntohs in ip6_ntop. 
Byte-swapping is handled by the initial loop that reads into an array of
16-bit integers. That initial loop was added by me in r29708.
 2013-01-30 08:47:24 +00:00
david
570a77b414 Use binary strings, not hex strings, internally in ike-version. 
Patch by Jesper Kückelhahn.
http://seclists.org/nmap-dev/2013/q1/152
 2013-01-30 06:25:32 +00:00
fyodor
1164b75588 Note some done tasks 2013-01-29 00:42:06 +00:00
david
dbdee4792e Keep min/max/avg rtt outputs down to -q. 2013-01-28 22:55:31 +00:00
david
93a245d6e7 Require -v for 'Tx time' and friends in Nping. 2013-01-28 22:55:29 +00:00
david
41b397200b Show ICMP ID and seqno in packet trace by default. 
This was previously limited to ippackethdrinfo's medium detail and
above, which required -v in Nping and -d2 in Nmap.
 2013-01-28 22:34:37 +00:00
patrik
d79e431e7a nse_check_globals cleanup 2013-01-28 04:28:38 +00:00
david
37ab88e840 Change 'VPN' to 'security-misc' in ike-fingerprints. 
We don't have a 'VPN' device type.
http://nmap.org/book/osdetect-device-types.html
 2013-01-28 03:11:21 +00:00
david
710b460ac1 Add ike-version and ike library by Jesper Kückelhahn. 
http://seclists.org/nmap-dev/2013/q1/49
 2013-01-28 03:06:39 +00:00
david
7cb2946d60 Actually set the base addr in NetBlockIPv6Netmask. 
This is needed for proper copying of the scope_id.
 2013-01-26 05:31:33 +00:00
david
249c566196 Have NetBlock::next return the socklen. 
This matters on OS X; with the wrong size, connect scans give "Invalid
argument".
Reported by Jesper Kückelhahn.
http://seclists.org/nmap-dev/2013/q1/84
 2013-01-26 05:31:33 +00:00
david
010969b77f Set sa_len of IPv4 to sizeof(sockaddr_in), not sizeof(sockaddr_storage). 2013-01-26 05:31:32 +00:00
david
94fd369de7 Clear the sockaddr_in before filling it in. 2013-01-26 05:31:31 +00:00
david
b8e4f8832c Initialize NetBlock members. 2013-01-26 05:31:30 +00:00
dmiller
fd2130bae1 Update categories for jdwp-exec and jdwp-inject 
Categories for both: exploit, intrusive

per http://seclists.org/nmap-dev/2013/q1/105
 2013-01-25 21:23:02 +00:00
david
9827b75f82 Whitespace in http-headers. 2013-01-25 17:43:29 +00:00
david
60600a5a77 Update http-headers output. 2013-01-25 17:43:28 +00:00
david
ac2cf33113 http-headers uses HEAD by default, not GET. 2013-01-25 17:43:27 +00:00
david
6784954eee Use more automatic memory management in nmap_dns.cc. 2013-01-25 06:26:23 +00:00
david
c11ceacc1f Get rid of some struct typedefs. 
C++ does this automatically. We don't need typedefs here, just some
forward declarations.
 2013-01-25 06:26:22 +00:00
david
50a4817671 Remove dynamically allocated fakeargv. 
This used to be used to hold the original argv before quashing with -q.
Now that -q is gone, it was just a copy of argv.

fakeargv was also causing Valgrind to complain about leaked memory. it
wasn't a real leak, but now it's out of the report anyway.
 2013-01-25 06:26:21 +00:00
david
e77a084790 Restore original docs for ip-forwarding.target. 
It was hidden as a @param isntead of an @args.
 2013-01-24 18:11:06 +00:00
david
67fdf7fd63 CHANGELOG for Matousek NSEDoc fixes. 2013-01-24 18:04:43 +00:00
david
67aa5516f4 Fix various NSEDoc problems. 
Found by David Matousek.
http://seclists.org/nmap-dev/2013/q1/88
 2013-01-24 18:04:42 +00:00
david
11ba3ef045 Check NMAP_PRIVILEGED and NMAP_UNPRIVILEGED in Zenmap is_root. 
You won't get the "you're not root" dialog if NMAP_PRIVILEGED is set.
Patch by Tyler Wagner.
http://seclists.org/nmap-dev/2013/q1/87
 2013-01-24 17:18:13 +00:00
fyodor
572c5cf0cc note some new Nping tasks that David and I discussed today and also some debugging results related to a potential nping issue previously discussed 2013-01-23 23:47:38 +00:00
henri
b4400d0a44 Added static inline wrappers to simplify calls to I/O engine functions. 2013-01-23 22:06:40 +00:00
henri
a7f2788b26 Removed another forgotten vestige of nsock_trace. 2013-01-23 22:06:35 +00:00
henri
0e5e939c00 Added a special NSOCK_LOG_NONE value, to disable all messages. 2013-01-23 21:25:01 +00:00
david
eb98386809 Remove vestiges of nsp_settrace. 
Now you call nsock_set_log_function then nsock_set_loglevel.
http://seclists.org/nmap-dev/2013/q1/72
 2013-01-22 23:40:16 +00:00
david
01e4c23692 CHANGELOG a side effect of target refactoring: mixed IPv4 ranges and netmasks. 2013-01-22 00:07:16 +00:00