PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-24 16:39:03 +00:00
Code Issues Projects Releases Wiki Activity
9,164 Commits 2 Branches 0 Tags
fa65ff04d0853a181ec99bcb0282989f10833d7b
Commit Graph

2049 Commits

Author SHA1 Message Date
devin
e441e2a81d Applied Fabian Affolter's patch to make generator entry more generic 2014-07-30 22:16:32 +00:00
jay
42510e649d Update scripts/script.db 2014-07-30 07:16:52 +00:00
jay
d93a78f502 Make version scripts (with non shortport portrules) obey nmap.version_intensity() >= 7 2014-07-30 07:12:50 +00:00
jay
61d13e12d2 Make version intensity scripts use shortport.version_port_or_service() instead of shortport.port_or_service() 2014-07-30 07:10:35 +00:00
paulino
95f897fffb Updates category to 'intrusive'. 2014-07-30 03:49:26 +00:00
paulino
1cc4d246b9 Adds mikrotik-routeros-brute.nse. This script performs brute force password auditing against the Mikrotik RouterOS API. 2014-07-30 03:48:03 +00:00
dmiller
51a633ac3c NSE: Add TLS_RSA_WITH_3DES_EDE_CBC_SHA to default ciphers 
As noted (http://seclists.org/nmap-dev/2014/q3/121), some versions of
Windows require a KB before supporting AES, so add a 3DES option.
 2014-07-23 01:52:41 +00:00
dmiller
453f655f89 Add mandatory cipher suite to appropriate scripts 
The TLS standard (TLS 1.2, but also probably the others) states:

> In the absence of an application profile standard specifying
> otherwise, a TLS-compliant application MUST implement the cipher
> suite TLS_RSA_WITH_AES_128_CBC_SHA

This was causing some problems with some implementations (See
http://seclists.org/nmap-dev/2014/q3/119)
 2014-07-22 22:20:34 +00:00
batrick
4d131d2217 Fix a pattern mixup. 
\ --> /

found by klaudiu@freenode.

I added some short test asserts to confirm the pattern works.
 2014-07-07 17:36:17 +00:00
dmiller
9ac14c97df Fix some globals and name mismatches in telnet-brute 2014-07-07 17:15:13 +00:00
devin
7dbf13ab3e Modified http-affiliate-id to follow amzn.to tinyurls. 2014-06-30 19:00:14 +00:00
devin
d68396d823 Merged Lpeg branch 2014-06-26 20:12:54 +00:00
claudiu
39def56cde Fix false positives with SSL/TLS implementations that are not OpenSSL 2014-06-20 10:20:24 +00:00
dmiller
ec9074f718 Correct "it's" to "its" where necessary 
it's = it is
its = belonging to it
 2014-06-19 04:58:46 +00:00
dmiller
e69325c0f8 Add s7-info script, for more SCADA/ICS enumeration 2014-06-18 02:53:29 +00:00
dmiller
8f6cd9ccc5 Restore STARTTLS support in ssl-ccs-injection 2014-06-12 12:28:08 +00:00
claudiu
2eaf0f83cc New script detecting CCS Injection vulnerability in OpenSSL 2014-06-11 13:43:28 +00:00
patrik
0b0109d4af commit 7dae4affc23f9fd70e916bc461e45eafe4bcf99a 
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Thu May 29 21:33:18 2014 -0400

    fix to detect non ASA devices and unsupported versions
 2014-05-30 01:46:59 +00:00
devin
5e6c9d5f78 NSE enhanced output patch 2014-05-29 03:22:59 +00:00
dmiller
415e2671ab New NSE script for SCADA/ICS, bacnet-info 2014-05-28 13:54:05 +00:00
devin
53ca0c01dd Added checks to prevent scripts from indexing a nill value when 
scanning localhost.
 2014-05-28 02:29:31 +00:00
patrik
c950dcb154 Squashed commit of the following: 
commit a78b6142449b71ccd1cd7061b5363f6882b2e00b
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:19:22 2014 -0400

    fix indentation

commit 5e61eba30f98343fb172687bd377acae6cb9e242
Merge: d446fa7 9696dd5
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:15:50 2014 -0400

    Merge branch 'master' into anyconnect

commit d446fa76181d97287604b48719dd3f714987b775
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:15:09 2014 -0400

    Update CHANGELOG

commit 1590b8a8598bfd06c767c31312dc56c8e306c556
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:13:27 2014 -0400

    update script.db

commit 93eb927e21d3e3702da36668628b70c42f14f0db
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sun May 25 21:09:51 2014 -0400

    update anyconnect library to better capture version
    add missing libraries http-cisco-anyconnect.nse
    add new scripts to detect vulnerabilities cve2014-2126 through 2129

commit 92fecad07d340e60abbe502a4541d6e4f71af224
Author: Patrik Karlsson <patrik@cqure.net>
Date:   Sat May 24 09:09:14 2014 -0400

    initial commit
 2014-05-26 01:28:38 +00:00
dmiller
ed22166b3f Add enip-info NSE script for EtherNet/IP 
A contribution from the folks at Digital Bond
(http://www.digitalbond.com/), part of their Redpoint Project
(https://github.com/digitalbond/Redpoint/).
 2014-05-22 18:25:09 +00:00
dmiller
ba5f207d94 Fix NSEdoc generation problems due to block ordering 
Reported here: http://seclists.org/nmap-dev/2014/q2/258

Complicated parsing issue, but short version is this: The NSEdoc for
scripts must not be followed by a local declaration, or it will not be
accepted. Easiest way is to be sure the block with @usage, @output,
@args, @xmloutput, etc. comes right before the author line.
 2014-05-21 19:06:50 +00:00
dmiller
974b4430e2 Pass dates directly to format_timestamp, avoid timestamp overflow 
Should fix: http://seclists.org/nmap-dev/2014/q2/184
 2014-05-21 15:04:13 +00:00
sophron
2f30c8f9db [NSE] Corrected file name for framework fingerprints. 2014-05-11 11:35:54 +00:00
robert
3beb66bfaa Updated script.db to include new and renamed scripts. 2014-05-04 15:49:21 +00:00
robert
02e00968f6 Added Paul Amar's NSE script that exploits a vulnerability in Netgear WNR1000v3 allowing credentials to be obtained. Note, it doesn't currently add the credentials to the creds database. 2014-05-04 15:43:30 +00:00
robert
926f3f7375 Tweaked the disclosure date in http-vuln-cve2012-1823 for consistency with other scripts that make use of the vulnerability library. 2014-05-04 15:13:57 +00:00
robert
32930ef6e6 Renamed the Zimbra LFI script to use the assigned CVE (and updated example output/usage). 2014-05-04 15:11:23 +00:00
robert
17ef614c49 Added Paul Amar's Webmin File Disclosure NSE script (CVE-2006-3392). 2014-05-04 15:00:06 +00:00
sophron
a64a785d79 [NSE] http-passwd should also send the payloads without appending NULL bytes. There are cases, (for example in PHP => 5.3.4) that include functions do not accept paths with NULL in them, hence all of the script's payloads would fail even if the app was vulnerable. 2014-05-02 12:49:40 +00:00
tomsellers
4e572fadb2 Change http-default-accounts.nse from safe to intrusive as it attempts to login to the target. 2014-04-27 12:33:10 +00:00
jah
c4fc2529a8 Update the way queries to ARIN are formed: from "+ <IP>" to "n + <IP>". 
Update CHANGELOG with recent improvements to whois-ip.nse.
 2014-04-21 14:20:36 +00:00
jah
338dca4cff Add a pattern for a "no match found" type of response from LACNIC. 2014-04-21 14:03:57 +00:00
jah
c47fff6fc2 Fix a problem which happens when a referred-to response cannot be understood, causing an unhandled error. 2014-04-21 13:59:46 +00:00
jah
0623907188 Fix some indentation which went awry in r32677 and r32704 and some which has always been less than ideal. 2014-04-21 13:22:12 +00:00
fyodor
2fb139161f Update categories of dns-update from discovery and safe to vuln and intrusive 2014-04-19 07:50:38 +00:00
patrik
91e1d21cc1 add nil checks to address bug discovered by Mike 
http://seclists.org/nmap-dev/2014/q2/120
 2014-04-17 01:00:01 +00:00
dmiller
a343ea24cd Extend ssl-heartbleed to use every TLS cipher, prevent false negatives 2014-04-14 19:42:59 +00:00
patrik
3dbe66e9be Change heartbeat request size from 0x0fe9 to 0x4000 2014-04-12 21:31:08 +00:00
dmiller
7170837c8b Add @usage nsedoc to UDP scripts (default is missing -sU in this case) 2014-04-11 16:42:26 +00:00
dmiller
b3b0bf2389 Handle multiple messages in a single record (ssl-heartbleed) 2014-04-10 20:53:14 +00:00
dmiller
353291aeba Remove hardcoded TLSv1.1 from heartbeat message build 2014-04-10 20:53:12 +00:00
dmiller
3fd18f7752 Use tls.lua functions to build messages in ssl-heartbleed 2014-04-10 15:14:14 +00:00
dmiller
e8d81eb8b4 Alert on missing tls library, better diagnostics for not-vulnerable sites 2014-04-10 15:14:10 +00:00
dmiller
80ea0d5f10 Don't try ssl-heartbleed on protocol mismatch 2014-04-09 21:54:27 +00:00
dmiller
233b1fca71 STARTTLS support for ssl-enum-ciphers 2014-04-09 18:02:01 +00:00
dmiller
c69afa24aa Enable ssl-heartbleed to connect to STARTTLS services 2014-04-09 17:34:39 +00:00
dmiller
d1a86b7f57 Remove unnecessary pcall and unsupported SSL 3.0 from ssl-heartbleed 2014-04-09 16:49:18 +00:00