david
5ab63a55be
Say that @usage applies to modules. Say that @usage is automatically
...
generated for scripts if omitted.
2010-04-08 05:26:42 +00:00
david
838127d565
Remove the error element from the XML DTD. It was supposed to be a child
...
of trace, but I don't think it has ever been emitted since traceroute
was added in r4556.
2010-04-07 23:26:09 +00:00
ron
ab654ecc34
Fixed a bug in dhcp-discover -- the read_boolean() function appears to never have worked, but I didn't run into anything that returned a boolean value until Brandon tried running it. It now handles booleans properly, along with a lot of extra debug output (especially on -d2 and higher)
2010-04-07 21:47:22 +00:00
ron
398ecbcb62
Improved error handling (and messages) on dhcp-discover.nse. Hoping to track down a problem reported to me by Brandon Enright.
2010-04-07 21:03:51 +00:00
david
4332937a74
Fix typo.
2010-04-07 14:35:31 +00:00
david
db2a7826ab
Fix NSEDoc comments in ms-sql-config and ms-sql-query. They need three
...
dashes.
2010-04-06 21:42:17 +00:00
kris
0e579c71a4
o [NSE] Correct misspelled "Capabilities.IgnoreSpaceBeforeParanthesis"
...
name in the MySQL library. [Kris]
The second "a" in "paranthesis" should be in "e". No current scripts use
this name (yet).
2010-04-06 02:05:07 +00:00
david
741a9ddbf4
Change Ncat's fix_line_endings to take a state pointer, used to remember
...
if the previous read ended with \r. If the next read starts with \n, we
shouldn't insert an extra \r before it.
2010-04-05 23:02:11 +00:00
jah
58eca6dfb7
setup_connect, called by exchange, now connects to targets by IP address rather than targetname (which could sometimes be a different host or address family).
2010-04-05 19:39:57 +00:00
kris
c7d97ae2c4
fix function names in error messages
2010-04-05 00:12:58 +00:00
fyodor
2f59126185
Just moving an item
2010-04-04 19:42:03 +00:00
david
3b34c84de7
Add dns-fuzz script from Michael Pattrick.
2010-04-04 13:41:32 +00:00
jah
aec0b2c88c
Add nsedoc @return tag for get_url.
2010-04-04 13:00:02 +00:00
patrik
1d26975ede
o [NSE] Added a library for Microsoft SQL Server and 7 new scripts. The new
...
scripts are:
- ms-sql-brute.nse uses the unpwdb library to guess credentials for MSSQL
- ms-sql-config retrieves various configuration details from the server
- ms-sql-empty-password checks if the sa account has an empty password
- ms-sql-hasdbaccess lists database access per user
- ms-sql-query add support for running custom queries against the database
- ms-sql-tables lists databases, tables, columns and datatypes with optional
keyword filtering
- ms-sql-xp-cmdshell adds support for OS command execution to privileged
users
[Patrik]
2010-04-04 10:11:54 +00:00
fyodor
231bc9f02e
Added a task idea posted by David
2010-04-02 23:20:19 +00:00
fyodor
6ea8e7195b
Add task idea from nmap-dev
2010-04-02 21:38:08 +00:00
patrik
f137a07847
o [NSE] Fixed bug in rpc.lua library that incorrectly required file handles
...
to be 32 octects when calling the ReadDir function. The bug was reported by
Djalal Harouni. [Patrik]
2010-04-02 17:58:32 +00:00
david
baeb2e8f98
Add @output sections to realvnc-auth-bypass.nse and sql-injection.nse
...
from Gutek. Also documents the @args of sql-injection.nse.
2010-04-02 15:31:24 +00:00
fyodor
619311bca7
Update to reflect the latest MAC prefix assignments from IEEE
2010-04-01 23:00:27 +00:00
fyodor
42fc2b542f
Add a task idea
2010-04-01 20:39:30 +00:00
ron
dd471d09d5
Fixed a bug in http.lua where http.post() wouldn't work if the arguments were passed in as a string instead of a table (the documentation says it should work in both places)
2010-04-01 04:41:48 +00:00
david
d2f232396e
Make smtp-commands.nse run for the services {"smtp", "smtps",
...
"submission"}, like the other smtp scripts.
2010-04-01 04:10:40 +00:00
david
6ba24a5a36
o Removed --interactive mode, a miniature shell whose primary purpose
...
was to hide command line arguments from the process list. It had
been broken (would segfault during the second scan) since before May
2009 until February 2010 and was rarely used. The fact that it was
broken was reported by Juan Carlos Castro y Castro.
See http://seclists.org/nmap-dev/2009/q2/464 and
http://seclists.org/nmap-dev/2010/q1/688 for report and discussion.
2010-04-01 03:33:14 +00:00
david
5f5b0fd0b0
Add @output to finger.nse and telnet-brute.nse thanks to Gutek.
2010-03-31 23:25:39 +00:00
david
9795ea0399
Add @output for ftp-bounce.nse, thanks to Gutek.
2010-03-31 23:03:17 +00:00
jah
f97dc21865
Fix file-level nsedoc block.
2010-03-31 22:08:16 +00:00
david
bbcfc79538
Add @output sections to these scripts:
...
dns-recursion.nse
snmp-brute.nse
daytime.nse
x11-access.nse
smb-enum-domains.nse
dns-random-txid.nse
p2p-conficker.nse
jdwp-version.nse
dns-random-srcport.nse
sshv1.nse
ms-sql-info.nse
Some of these just needed fixed NSEDoc syntax.
2010-03-31 21:45:21 +00:00
david
5fa554266b
Fix NSEDoc.
2010-03-31 20:28:14 +00:00
fyodor
4d034b36d2
Some changes from chat w/David
2010-03-31 02:37:17 +00:00
david
7009f54778
Fix a silly error I made in afp.lua. Use (pos + 1) % 2 instead of
...
pos % 2 + 1.
2010-03-30 19:54:13 +00:00
david
3ef4f3f017
o [NSE] Added the afp-serverinfo script that gets a hostname, IP
...
addresses, and other configuration information from an AFP server.
The script, and a patch to the afp library, were originally
contributed by Andrew Orr and were subsequently enhanced by Patrik
and David.
I added an @output section to the script and made it hex-encode a binary
string for the sever signature (previous versions of the afp patch did
the hex-encoding in the library, but I thought it was better to do it in
the script.)
2010-03-30 19:26:23 +00:00
david
6bf9b360a6
Add fp_get_server_info to afp.lua. This is from a patch originally by
...
Andrew Orr, reworked by Patrik Karlsson and David Fifield.
Among other things, this function gets the servers hostname, IPv4 and
IPv6 addresses, and potentially hardware type.
2010-03-30 19:19:26 +00:00
david
54301f2480
Add Guppy links to the TODO item on Zenmap memory use.
2010-03-30 17:41:51 +00:00
fyodor
a77fbaef11
Add another potential task
2010-03-30 09:40:43 +00:00
david
7b17469411
Merge from /nmap-exp/david/zenmap-print. This adds simple output
...
printing to Zenmap.
2010-03-29 22:15:47 +00:00
david
5d57401341
Try adding the 0. version number prefix to the nping RPM package.
2010-03-29 20:45:10 +00:00
david
f30a1dcf2c
Merge r16806 from /nmap-exp/david/nmap-nping. This adds an nping
...
subpackage to nmap.spec.in. I missed this one revision when merging
before.
2010-03-29 20:27:39 +00:00
fyodor
2e77f8f0d5
Add one more link to CHANGELOG
2010-03-29 19:49:12 +00:00
fyodor
8e673f1c69
Update version number
2010-03-29 19:47:34 +00:00
fyodor
9f85b248d4
Spell check. I think CHANGELOG is good enough for release. But don't hesitate to fix if you find problems, I haven't done as much review of it as I would like
2010-03-29 19:46:24 +00:00
fyodor
697aff2284
almost done w/CHANGELOG
2010-03-29 19:38:54 +00:00
david
65331759cc
Remove afp-path-exploit.nse (which doesn't exist) from script.db. It was
...
an earlier version of afp-path-vuln.nse.
2010-03-29 17:53:32 +00:00
fyodor
085f8adc36
Update AFP entries a bit
2010-03-29 17:45:20 +00:00
patrik
b1e64b3161
o [NSE] Updated the AFP library to support several new AFP functions and added
...
authentication support. Updated the afp-showmount script and added two new
scripts:
- afp-brute attempts to guess passwords against the AFP service
- afp-path-vuln detects the AFP directory traversal vulnerability
CVE-2010-0533
[Patrik]
2010-03-29 17:41:00 +00:00
fyodor
7a953e2153
minor add to changelog
2010-03-29 17:32:59 +00:00
david
2c89854adc
Fix a little CHANGELOG typo.
2010-03-29 17:19:19 +00:00
fyodor
8c3d84f7d8
A bit more on the CHANGELOG...still working on it
2010-03-29 17:14:44 +00:00
luis
e01a1e978d
Nping problem task moved to the DONE list
2010-03-29 08:22:52 +00:00
fyodor
fdb6cd8058
Made more improvements to the CHANGELOG. I hope to finish it in the morning and do a release later in the day
2010-03-29 08:01:27 +00:00
fyodor
140cfdd105
A couple more task ideas
2010-03-29 07:16:25 +00:00
