PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 12:41:29 +00:00
Code Issues Projects Releases Wiki Activity
12,224 Commits 2 Branches 0 Tags
fd16f90242d57961fb686eb407e90c40e47e9323
Commit Graph

29 Commits

Author SHA1 Message Date
dmiller
110d9b7adf Fix wrong library typo 2018-11-06 15:07:01 +00:00
dmiller
0500811f5a Move string utility functions to stringaux.lua 2018-10-18 01:08:19 +00:00
dmiller
dcc0e3ed7e New tableaux library containing table auxiliary functions. 2018-10-17 15:34:30 +00:00
dmiller
26ef852a28 Move stdnse.generate_random_string to new rand.lua 2018-09-08 17:07:06 +00:00
dmiller
ad6f790773 Add cross references for several scripts 2017-01-14 04:16:27 +00:00
dmiller
eccbed389d Tentative use of @see nsedoc for linking scripts 2017-01-12 16:55:58 +00:00
paulino
26bec9be41 Fixes incorrect argument name in documentation 2016-07-30 21:58:56 +00:00
fyodor
37095358e0 Fix the @usage to correct form 2016-05-30 06:39:31 +00:00
dmiller
f4619edece Update http urls for nmap.org to https 2015-11-05 20:41:05 +00:00
gyani
6c10bd10e9 The script now outputs a table of elements(methods) when used 
with -oX and shows the output in oneline on the commandline.
 2015-08-17 14:31:03 +00:00
gyani
97e4e55f31 Would crash when an http service returned no response status. Fixed 
that.
 2015-08-01 21:08:22 +00:00
gyani
39f75dddeb The script has the http-methods update as discussed in the Script 
Ideas page. Basically this tests all the options not listed under
the public or allow headers of the OPTIONS response.
 2015-06-20 08:13:09 +00:00
batrick
aeb5908481 more stdnse.print_debug -> stdnse.debug 
Manual corrections.
 2014-08-02 02:54:47 +00:00
batrick
536075d3af stdnse.print_debug -> stdnse.debug 
$ sed -i 's/stdnse.print_debug("[-a-z0-9]*:\s*\([^"]*\)"/stdnse.debug1("\1"/' *.nse
$ sed -i 's/stdnse.print_debug(\([0-9]*\),\s*"[-a-z0-9]*:\s*\([^"]*\)"/stdnse.debug\1("\2"/' *.nse

Except:
  o eap-info.nse
  o oracle-brute.nse

Modified:
  o couchdb-databases.nse
  o couchdb-stats.nse
  o http-open-redirect.nse
 2014-08-01 23:04:55 +00:00
dmiller
1b71f75aad Spelling fixes for Lua files 
Mostly in documentation/comments, but a couple code bugs were caught,
including a call to stdnse.pirnt_debug and a mis-declared variable.
 2014-02-19 04:15:46 +00:00
dmiller
298be5bfaa Re-indent some scripts. Whitespace-only commit 
https://secwiki.org/w/Nmap/Code_Standards
 2014-01-31 17:36:09 +00:00
dmiller
726b259b20 Consolidate "contains" functions into stdnse.contains 
These implementations were all functionally identical. The replacement
has an extra feature of returning the index where the value was found,
currently unused.
 2014-01-16 22:57:33 +00:00
batrick
000f6dc4d9 Lua 5.2 upgrade [1] for NSE. 
[1] http://seclists.org/nmap-dev/2012/q2/34
 2012-05-27 08:53:32 +00:00
paulino
26dc09ad43 Gets arguments with stdnse.get_script_args instead of reading them from nmap.registry 2011-07-27 03:28:13 +00:00
david
a9b75892f5 Use shortport.http where appropriate. 2010-08-09 22:30:50 +00:00
fyodor
46a819b034 changed a URL to use %28 and %29 rather than ( and ) to fix an nsedoc parsing issue noted by Jason DePriest 2010-06-10 05:36:39 +00:00
david
1906c0febd Don't print out a blank line in http-methods.nse when there's nothing to 
report.
 2010-03-02 22:44:10 +00:00
david
a90ba28583 Have http-methods.nse highlight "interesting" methods as "potentially 
risky" methods. Provide a link to the NSEDoc and to the OWASP page on
methods for more information.
 2010-03-02 22:34:11 +00:00
david
ce18e4bb54 Make http-methods.nse merge the contents of the Allow and Public 
headers, as suggested by Patrik Karlsson.
 2010-03-02 20:27:08 +00:00
david
e603eadd96 Remove TRACE from the http-methods.nse "uninteresting" set on a 
recommendation from Daniel Roethlisberger. TRACE is interesting because
it can be used to get cookies or authentication data in a cross-site
scripting attack. See http://www.owasp.org/index.php/Cross_Site_Tracing.
 2010-02-22 21:42:47 +00:00
david
29efe81bf1 Add http-methods.nse to the default category. Make it silent if the only 
methods it discovers are in (GET, HEAD, POST, OPTIONS, TRACE). In
verbose mode, or if any other method is discovered, it prints all
methods (and optionally retests them). See
http://seclists.org/nmap-dev/2010/q1/401.
 2010-02-19 05:42:36 +00:00
david
650e639f1f Rewrite http-methods.nse to use the http.generic_request function 
instead of doing its own socket handling. Also make the output more
concise.
 2010-02-19 04:55:38 +00:00
david
ffd7a6dba5 Do some cleanup and shortening of http-methods.nse. 2010-02-19 02:34:45 +00:00
david
6643fd3422 o [NSE] Added the script http-methods from Bernd Stroessenreuther. 
This script sends an HTTP OPTIONS request to get the methods
  supported by the server, and optionally tests each method to see if
  they are restricted by IP address or something similar.
 2010-02-01 19:13:55 +00:00