PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-14 10:29:03 +00:00
Code Issues Projects Releases Wiki Activity
9,404 Commits 2 Branches 0 Tags
f9474cd0fdc2fc5294f2f0ef3cf065af2836f2f7
Commit Graph

9404 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dmiller
f9474cd0fd Fix a typo (minimum vs maximum) 2014-10-29 05:31:07 +00:00
fyodor
39e3463061 Note a done task 2014-10-27 18:12:58 +00:00
dmiller
27948e1588 Fix file permissions and missing require in http-avaya-ipoffice-users 2014-10-27 13:04:47 +00:00
dmiller
a1d984a66b Fix a couple off-by-one errors in parsing multiple TLS records 
Reported by Kent Fritz: http://seclists.org/nmap-dev/2014/q4/104
 2014-10-26 16:22:21 +00:00
dmiller
c4ad3ff4d6 Fix some error handling in ssl scripts 2014-10-25 18:58:18 +00:00
tomsellers
e11e03fa50 Add the signature algorithm that was used to sign the target port's x509 (TLS) certificate to the output of ssl-cert.nse 
http://seclists.org/nmap-dev/2014/q4/44
 2014-10-25 18:56:38 +00:00
tomsellers
ea749d785b Fixed a bug in the sslcert.lua library that was triggered against certain services when version detection was used. 
http://seclists.org/nmap-dev/2014/q4/110
 2014-10-25 18:38:17 +00:00
dmiller
9cb2800c97 Revert r33755 (broken fix) 2014-10-25 12:18:15 +00:00
dmiller
553e827110 sslcert: if -sV detects ssl, then no STARTTLS is needed 2014-10-25 12:09:55 +00:00
dmiller
a047985f19 Make SCSV check in ssl-poodle backwards-compatible 2014-10-23 16:01:03 +00:00
dmiller
a03556f7c4 Update .po files 2014-10-23 15:16:52 +00:00
dmiller
7f2853788e Regen de.mo 2014-10-23 15:16:49 +00:00
dmiller
edc715fd9f Update de.po (http://seclists.org/nmap-dev/2014/q4/47) 2014-10-23 15:16:47 +00:00
dmiller
eeb5f41932 Compatibility check for ssl-poodle 2014-10-23 15:16:45 +00:00
dmiller
29ce5da5a1 Fix man pages, corrupted from auto-generation 
The docbook-to-nroff XSL pages turn indexterms into nroff comments, but
have a bug: If the closing indexterm element is not followed by
whitespace and cdata, then the following element or cdata is stuck on
the same line as the comment. Fixed this temporarily by introducing
whitespace between </indexterm> and following cdata or by moving the
indexterm elements after any other element (<command>, <term>, etc.)
that they reference.
 2014-10-22 19:24:28 +00:00
dmiller
e9354a4793 Add TLS_FALLBACK_SCSV checking to ssl-poodle 2014-10-22 17:01:19 +00:00
dmiller
db098b4e8d Fix a bug (false-negative) in ssl-poodle 2014-10-22 17:01:17 +00:00
dmiller
814bf97a8f Correctly null-terminate some strings in idle_scan 
Reported by Gisle Vanem: http://seclists.org/nmap-dev/2014/q4/82
 2014-10-22 12:56:32 +00:00
dmiller
fefcca1623 Add ssl-poodle 2014-10-21 14:08:34 +00:00
dmiller
dc7d16ca4c Note a done task 2014-10-21 05:50:37 +00:00
dmiller
3b6ea5a9e5 Fix Ncat crash on concurrent ssl connections 
Reported on debian bugtracker here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724580

We can't remove an fdinfo from client_fdlist and still expect to access
the fdinfo via a pointer we got from get_fdinfo(&client_fdlist) since
rm_fd() modifies the data at the address pointed to. So instead of
removing it from the list and then adding it right back, we just don't
remove it in the first place.
 2014-10-21 05:50:36 +00:00
fyodor
dacc9b8549 Early planning for the next big release 2014-10-20 19:40:10 +00:00
paulino
4ea5456251 Patch to vulns.Report:make_output() now uses stdnse.output_table() to return output. 
Over 40 scripts using the library 'vulns' now support XML structured output.
 2014-10-19 20:53:04 +00:00
paulino
92dc4564db Fixes script output 2014-10-19 20:29:10 +00:00
paulino
c372f9823b Adds http-avaya-ipoffice-users.nse to enumerate user information such as extension display name, full name and extension number in Avaya IP Office systems. 2014-10-19 00:58:31 +00:00
dmiller
d05e9c628e Integrate some more service fingerprints 2014-10-18 19:08:52 +00:00
paulino
6acfb753c3 Updates script database after the removal of 'db2-discover.nse' 2014-10-18 04:44:26 +00:00
paulino
97c56e3e57 Adds fingerprints for ASUS RT-N10U and motorola RF switch 2014-10-18 04:09:05 +00:00
dmiller
bfa0b57394 Integrate more services (xmpp/jabber, domain, vnc, elasticsearch) 2014-10-17 19:07:24 +00:00
dmiller
55f66d6a4f Integrate more service fingerprints (afp, imap, dlna) 2014-10-17 03:33:19 +00:00
dmiller
917842059b Check TLS body protocol for compatibility in ssl-enum-ciphers 
Haven't seen this, and it shouldn't happen, but it's possible for a
server to send the same protocol version in the record, but a different
one in the body. This wouldn't be valid, so we should reject it.
 2014-10-16 04:07:07 +00:00
dmiller
9e199c0213 Add Docker probe and matchlines 
Probe and output from Claudio Criscione: http://seclists.org/nmap-dev/2014/q4/69
 2014-10-16 03:54:51 +00:00
dmiller
d07e7b88b2 Integrate a few more service fingerprints (pop3, minecraft) 2014-10-15 22:38:31 +00:00
dmiller
cdd61aa874 Fix a bug in ssl-enum-ciphers 
If the last chunk of ciphers was rejected, then all results were
discarded.
 2014-10-15 21:52:36 +00:00
dmiller
ead3649ac5 Remove db2-discover.nse 
Service probe does the same work. See
http://seclists.org/nmap-dev/2014/q3/415
 2014-10-15 18:52:08 +00:00
dmiller
8005bfe83f Improvements and fixes to http-rfi-spider 
patch from nnposter: http://seclists.org/nmap-dev/2014/q3/443
 2014-10-15 18:38:16 +00:00
dmiller
5952b9745b Move url-encoding to url.build_query 
patch from nnposter: http://seclists.org/nmap-dev/2014/q3/427
 2014-10-15 18:12:58 +00:00
dmiller
a318db04b3 Normalize ms-sql-s fingerprints and add a few 2014-10-14 19:34:58 +00:00
dmiller
cdadc8641d Integrate upnp and postgres service submissions 
Reordered postgres matches to put language matches below version matches, and
wildcarded language that would be gettext-translated. Should detect versions
better, but only detect language when the version match fails.
 2014-10-14 05:28:52 +00:00
dmiller
f60bf5fbc6 Correct CRLF in ftp-brute 2014-10-14 02:30:02 +00:00
dmiller
639a58a880 Integrate rtsp and unknown service fingerprints 2014-10-13 19:13:10 +00:00
dmiller
ed5fdfacb1 Integrate sip, smtp service submissions, do a little cleanup. 2014-10-10 19:55:02 +00:00
dmiller
90b461792b Integrate remaining *http* service fingerprints 2014-10-09 13:37:49 +00:00
dmiller
2ad3aafa71 Integrate 584 service submissions (http) 2014-10-08 14:33:45 +00:00
sophron
4651a8f4ae [NSE] Updated http-robtex-* scripts to match current robtex API. 2014-10-08 01:39:30 +00:00
dmiller
b4988f1f5b Improvements to http-server-header 
If service scan failed to find a match, the probe responses are cached.
Now http-server-header will look through those responses before sending
a probe of its own. This should result in better detection with fewer
probes sent.

Also changed the Server header string match to case-insensitive.
 2014-10-01 19:54:34 +00:00
dmiller
58f1b845d6 Let lpeg-utility.escaped_quote only remove escaped escapes and quotes 2014-10-01 17:56:19 +00:00
dmiller
092c19a702 Integrate 84 service fingerprint submissions (ftp, ftp-proxy) 2014-09-30 14:05:33 +00:00
dmiller
a93781df6f run sv-tidy and correct some errors 2014-09-29 12:09:49 +00:00
dmiller
6bb3a7ae34 Integrate 363 service fingerprint submissions (ssh & telnet) 2014-09-29 01:37:09 +00:00