PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-26 01:19:03 +00:00
Code Issues Projects Releases Wiki Activity
11,778 Commits 2 Branches 0 Tags
ebf083cb0bfc239a000aea7764cdca42f016affe
Commit Graph

11778 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dmiller
ebf083cb0b Fix a crash in http scripts when following redirects 2018-11-27 04:43:16 +00:00
dmiller
f8004b792c Replace a config-time check with a ifndef that also works on Windows. 2018-11-21 06:23:08 +00:00
dmiller
33f16dd075 Don't fatal() on iflist if npcap isn't found 2018-11-21 03:43:10 +00:00
dmiller
bff7dcad4e Avoid crashing when PATH contains non-ascii/utf-8. Decode if possible 2018-11-15 16:23:32 +00:00
dmiller
adfc39f4f3 Fix crash when using dir: operator 2018-11-15 05:03:46 +00:00
dmiller
38b843558e Change for-loop initial declarations not allowed in C89 2018-11-13 17:32:32 +00:00
dmiller
8490cad95d Copy zlib DLL during staging. Avoid building nmap-update 2018-11-08 15:30:15 +00:00
dmiller
8605dea33a Fall back to TCP connect ping on Windows without pcap 
While Windows raw sockets can send and receive ICMP packets, Nmap relies on
libpcap packet capture to spot responses, so if pcap isn't available
(--unprivileged or Npcap not installed), we need to fall back to TCP connect for
host discovery, just like we do for unprivileged users on other operating
systems. Previous behavior was a fatal error suggesting unhelpfully to use
--unprivileged.
 2018-11-08 15:28:13 +00:00
dmiller
66eee935a9 Avoid compiler warning about signedness mismatch on VS2013. 2018-11-08 14:52:32 +00:00
dmiller
89a1714580 Fix Windows build for zlib update: use DLL instead of static 2018-11-08 14:51:33 +00:00
dmiller
5c83c3d2a5 Fixes for Windows build from Lua header rearrangements 2018-11-08 04:55:29 +00:00
dmiller
8b2f8dbad2 Restore unconfigured zconf.h, needed on Windows. 2018-11-08 04:35:52 +00:00
dmiller
1345eb247b Use iterative solution instead of tail recursion to avoid stack problems when optimization is off 2018-11-08 04:25:12 +00:00
dmiller
4620cc3df0 Reorder some probes to better match RDP and TLS 2018-11-06 15:07:04 +00:00
dmiller
7da763d271 Use standard way of including nbase.h 2018-11-06 15:07:03 +00:00
dmiller
7ea0a8c9ac Make functions static where possible 2018-11-06 15:07:02 +00:00
dmiller
110d9b7adf Fix wrong library typo 2018-11-06 15:07:01 +00:00
dmiller
70be64d592 Move TerminalServerCookie probe below more-likely TerminalServer probe. Probes are sent in file order, not rarity order 2018-11-05 18:12:12 +00:00
dmiller
959f722021 Process 274 service fingerprint submissions 2018-11-05 18:08:58 +00:00
dmiller
5a34fd3d8d Add script.db entries for new scripts 2018-11-05 18:07:42 +00:00
dmiller
824f9dcb2f Rearrange declarations to put all addrset functions in nbase.h, hide struct addrset internals. 2018-11-01 04:35:00 +00:00
dmiller
27807aadb4 Straighten out some headers and the (struct) addrset type 2018-11-01 04:34:59 +00:00
dmiller
c223ec5c36 Remove unused IPv6 support for legacy addrset_elem bit-matching 2018-11-01 04:34:58 +00:00
dmiller
0f916ec3bc Fix an error in common-prefix calculation 2018-10-31 23:44:52 +00:00
dmiller
625884e7dc Support netmasks in addrset trie. Use trie for resolved addresses and CIDR masks. 2018-10-31 20:32:16 +00:00
dmiller
324965d1d2 Use a radix tree (trie) to match exclude addresses 
Current exclusions list from --excludefile takes linear time to match
against. Using a trie structure, we can do matching in O(log n) time,
with a hard maximum of 32 comparisons for IPv4 and 128 comparisons for
IPv6. Each node of the trie represents an address prefix that all
subsequent nodes share; matching stops when one is matched exactly or
when the candidate address does not match any prefix of the addresses in
the trie.

For now, only numeric addresses without netmask are supported. We plan
to extend this to addresses with netmasks, including resolved names.
Storing IPv4 ranges and wildcards in this structure would be
prohibitively complex, so the existing linear match method will be used
for those. It is unlikely that any users are using large exclusion lists
of these types of specifications, so performance impact is small.

Potential future features could use the trie structure to implement
custom routing or scope-limiting.

This was a todo list item based on this report:
https://seclists.org/nmap-dev/2012/q4/420
 2018-10-31 14:01:34 +00:00
dmiller
86d1f7e66e Don't quit on ERROR_IO_INCOMPLETE. Closes #1372 2018-10-26 20:50:58 +00:00
dmiller
1c2829cbd0 Fix a bug: if service is vulnerable, this is a table, not a string. 2018-10-25 16:30:48 +00:00
dmiller
e3d08f7e94 Avoid shutting down SSL descriptor twice. Fixes #1365 2018-10-25 04:53:59 +00:00
dmiller
8cb2b0ea2a Add or fix See Also links between scripts 2018-10-24 19:36:04 +00:00
dmiller
8fef7f7df5 Compatibility hack for older Nmap versions 2018-10-24 16:35:33 +00:00
ron
1419b86e13 Added a pair of modules for finding and exploiting 'WebExec', a vulnerability in Cisco's WebEx 2018-10-24 16:14:43 +00:00
dmiller
d03b10ea36 Deprecate/disable -PR option as it was not really being checked. 
Fixes #1361
 2018-10-24 03:55:42 +00:00
dmiller
9a6f9c5abe Replace redundant checks with a call to o.RawScan() 2018-10-24 03:55:41 +00:00
fyodor
aa867cf1b7 Apply patch from Brandon Enright to handle underscores in part of the libssh banner. According to David Fifield's research, libssh switched to underscores in 2017, version 0.7.4 2018-10-23 20:09:52 +00:00
dmiller
14705cd417 ultrascan: bail early if there are no probes in the current scan 
This shouldn't ever happen, but it currently does for host discovery
scans using -PR where the target is not directly connected. See #1361
 2018-10-22 20:12:45 +00:00
ron
467b06008e Add permissions to openscmanagerw() in msrpc.lua, allowing the caller to specify the permissions they need. 2018-10-22 17:29:49 +00:00
dmiller
ac2052f62b Print in verbose mode if unpwdb.timelimit exceeded. 2018-10-22 01:45:58 +00:00
dmiller
68ed57c3d9 Remove an untracked file from zlib that we shouldn't have included 2018-10-19 20:31:25 +00:00
dmiller
e6d63e65a3 Correct a false comment 2018-10-19 20:31:24 +00:00
paulino
63bdb220bf Removes extra word from old description 2018-10-19 05:04:23 +00:00
paulino
de2b08e27a Adds http-sap-netweaver-leak to detect SAP instances with the Knowledge Management unit enabled with anonymous access. Closes #1243. 2018-10-19 05:00:46 +00:00
dmiller
4df58cca22 Upgrade included zlib to 1.2.11 2018-10-18 04:49:21 +00:00
dmiller
cf58b6160e Add version checks for libssh2 and zlib to checklibs.sh 2018-10-18 03:49:35 +00:00
dmiller
d8c1d935f1 Move Npcap headers and lib stuff to nmap-mswin32-aux 2018-10-18 03:28:39 +00:00
dmiller
a7638f57c8 Add missing libs to make check 2018-10-18 01:10:57 +00:00
dmiller
0500811f5a Move string utility functions to stringaux.lua 2018-10-18 01:08:19 +00:00
dmiller
39cfbdf4e2 Use an iterator instead of building an intermediate table for format_output 2018-10-18 01:08:11 +00:00
dmiller
93edeefa3c Fix false positive in http-phpmyadmin-dir-traversal. Closes #1359 2018-10-17 20:21:05 +00:00
dmiller
02b00238a2 Add a new vulns state, UNKNOWN, for cases where vulnerability cannot be ruled out. 2018-10-17 20:21:04 +00:00