sent to nmap-dev before the Comm update to default to bytes=1, but added after
the change. I tested the scripts out and they still work fine of course.
involves traffic between the target and a third-party host. It's fairly
innocuous because there's no third-party traffic from the scanning computer, so
I left it in the default category.
don't stop the whole script if we don't receive further packets even though
they are expected but process what we got so far instead
remove rpc_ prefix from variable names
default NSE scripts) which use the 3rd party dns-oarc.net to test
the source port and transaction ID randomness of a discovered DNS
server (assuming it allows recursion at all). These scripts were
contributed by Brandon Enright.
periods itself rather than relying on NSE's old behavior of replacing non-
printable characters with periods. Thanks to Rob Nicholls for reporting the
problem. [Kris]
available rather than lines if neither the "bytes" nor "lines" options are
given. Thanks to Brandon for reporting a problem which he noticed in the
dns-test-open-recursion script. [Kris]
* Merge the "backdoor" category into "malware"
* Add "auth" for authentication credential determination
* Rename "vulnerability" to "vuln"
* Place 12 scripts into their correct categories
It now returns the line as its first argument always, otherwise nil, errmsg
I updated scripts that use make_buffer.
When Lua 5.2 comes out, we may be able to use a function I've added
called stdnse.lines (commented for now). It cannot be used yet because
we cannot yield inside generic for loop. The function is built for
generic for loops. It will work as such:
for line in stdnse.lines(socket) do
...
end
as banner-grabbing (get_banner()) and making a quick exchange of data
(exchange()). 16 scripts were updated to use this library. [Kris]
I have *not* been able to test all of these scripts; however, I have
reviewed them and they should all work properly. I would really like
some more testing, though :)
This commit includes scripting.xml documentation.
* Instead of printing all disallowed entries it now only prints the
first 20. In verbose and debug modes it prints more entries, the exact
number depends on the debug and vebose level
* Prints out the number of disallowed entries
* Prints a message if a robot.txt file exists but has not entries.
* More resilient parsing and duplicate removal code
* Extended the line length to 50 characters so less vertical space used
to transfer. I've only been able to examine the behavior through Wireshark
since I don't have a nameserver that transfers other domains (I always get
"Not Authoritative"). It seems to work fine, though
