PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-20 22:49:01 +00:00
Code Issues Projects Releases Wiki Activity
5,656 Commits 2 Branches 0 Tags
fd59f6f8d2d2e84388e166b51a93fb605e704a72
Commit Graph

76 Commits

Author SHA1 Message Date
paulino
deded46038 Adds apache axis2 login signature. 2011-07-15 23:43:10 +00:00
paulino
6a8a10794f Adds more paths for Coldfusion and Apache Axis2 2011-07-15 23:33:03 +00:00
paulino
b291f28e62 Added new entries for awstats totals under 'general' 2011-07-11 07:48:16 +00:00
paulino
248b53abfa Adds entries under 'attack' for: 
-OrangeHRM: http://www.exploit-db.com/exploits/17212/
-Tikiwiki: http://www.exploit-db.com/exploits/1244/
 2011-07-09 20:44:22 +00:00
paulino
0528868eb9 Includes new fingerprints for Joomla submitted by Hani, moves drupal signatures to the cms section and adds new ones for Cisco, Airaya and Cirronet routers 2011-07-09 20:29:11 +00:00
paulino
84a4bb2506 Added signature of a Cisco router 2011-07-08 18:44:23 +00:00
paulino
4348f6fa07 Adds fingerprints for Drupal and Arris 2307 2011-07-04 21:34:08 +00:00
paulino
e9e4b6d27d Adds new fingerprint and new login template. 2011-07-04 20:56:06 +00:00
paulino
4f21388faa Adds http-default-accounts fingerprint database 2011-07-01 21:43:53 +00:00
paulino
5fcfb8abc6 * Adds Wikipedia path to the wiki signatures. 2011-07-01 20:47:06 +00:00
paulino
47a338c85a * Adds note about a desired feature: cache system for http pipelines 
* Adds note about the new signatures added to http-enum
 2011-07-01 20:45:28 +00:00
paulino
d69d7aa820 No more duplicates in this database. 2011-07-01 19:27:53 +00:00
paulino
fb07b4082a Moves lotus domino fingerprints under the same one 2011-07-01 19:07:34 +00:00
paulino
ee66dfe6a5 Fixes duplicates and a couple of signatures that got copied incorrectly. These new fingerprints come from going through exploit-db.com's archives since July 1 2011 to July 1 2009. 2011-07-01 19:02:34 +00:00
paulino
e420332846 Adds 120 new entries under the categories: general, attacks, cms, security, management and database. 2011-07-01 10:18:10 +00:00
paulino
29ff392125 Added new entries under 'general' and 'cms' . Extracted from exploit-db archives so the new software added is known to be vulnerable. 2011-06-27 03:40:22 +00:00
paulino
c8bb5ac526 Added more fingerprints under 'general' 2011-06-26 21:43:25 +00:00
paulino
0c3728edd2 Added more fingerprints under 'cms' and 'general' 2011-06-25 23:24:14 +00:00
paulino
baba2fe7c5 Adds fingerprint data for the following routers: 
-Huawei HG530
-Thomson 585v8
-2WIRE 1701HG
 2011-06-22 03:39:17 +00:00
paulino
90153308cb Adds around 350 new entries that look for: 
-admin directories
-jboss
-tomcat
-tikiwiki
-majordomo2
-microsoft sql
-wordpress
 2011-06-18 04:09:04 +00:00
patrik
0a3bf95897 o [NSE] Added a MySQL audit script and a rulebase that supports auditing a 
subset of the MySQL CIS 1.0.2 Benchmark. [Patrik]
 2011-06-17 06:12:01 +00:00
ron
c9a964d8a3 Added some updated http-fingerprints checks from Ange Gutek 2011-06-16 22:38:54 +00:00
paulino
7e2e4bc591 Added information to fingerprint versions of CakePHP applications. 2011-05-20 09:26:31 +00:00
henri
7e2a85cab9 Added the http-wp-plugins script by Ange Gutek. 2011-04-29 07:43:41 +00:00
david
7a2b7781f7 Add an http-enum fingerprint for /crossdomain.xml, which is used to 
grant permission to Adobe Flash players to make connections.
 2011-04-17 18:32:37 +00:00
david
6142158b43 Updates to ssl-known-key by Mak Kolybabi, 
http://seclists.org/nmap-dev/2011/q1/934. Change the database format.
Change the output.
 2011-03-22 19:44:45 +00:00
david
0e970b4bc6 ssl-known-key.nse: Use shortport.ssl. Rename ssl-fingerprints.txt to 
ssl-fingerprints; no extension appears to be the prevailing convention
in nselib/data. Allow comments and blank lines in ssl-fingerprints. Add
Little Black Box copyright and attribution to ssl-fingerprints. Boost
some print_debug thresholds.
 2011-03-22 19:44:42 +00:00
david
47557a108b o [NSE] Added ssl-known-key.nse, which checks SSL certificates against a 
list of certificates with known keys that have been extracted from
  firmware files. [Mak Kolybabi]
 2011-03-22 19:44:40 +00:00
robert
e7e40bb43a Added some extra Microsoft fingerprints for FrontPage and Remote Desktop Web. 2011-03-09 09:34:02 +00:00
fyodor
0074b626cc o Integrated cracked passwords from the Gawker.com compromise 
(http://seclists.org/nmap-dev/2010/q4/674) into
  Nmap's top-5000 password database. A team of Nmap developers, lead
  by Brandon Enright has cracked 635,546 out of 748,081 password
  hashes so far (85%). Gawker users' top passwords are are "123456",
  "password", "12345678", "lifehack", "qwerty", "abc123", "12345",
  "monkey", "111111", "consumer", and "letmein".
 2011-01-12 08:38:39 +00:00
ron
4e5f8799e1 Added a bunch of CMS checks for http-enum.nse submitted to me by Robert Rowley 2011-01-09 18:51:03 +00:00
ron
684c7e0229 Added credit for the new fingerprints 2010-11-18 23:36:41 +00:00
ron
d40bdc8139 Added fingerprints for WRT54g, Prinenergy Dashboard, and Adobe Acrobat Connect Pro 2010-11-18 23:35:27 +00:00
ron
38f1689e82 Added a leading '/' to paths where it was missing before. 2010-11-17 23:57:17 +00:00
ron
bfd642c6fb Removed a line that causes a lot of false positives 2010-11-06 07:34:32 +00:00
ron
d73016e41f Added a bunch of fingerprints from @jhaddix 2010-11-05 16:16:54 +00:00
ron
2957b4d733 Added http-fingerprint matches for Nessus's HTTP server 2010-11-02 15:42:28 +00:00
ron
13bb98b8b8 Bring in changes from my experimental brange, nmap-http 2010-10-27 03:08:08 +00:00
ron
38ef99bde4 Add back the old fingerprint files. 2010-10-18 21:28:20 +00:00
ron
5460e9c0bf Add back the old fingerprint files. 2010-10-18 21:27:31 +00:00
ron
2608bae6ca Rollback the changes to the HTTP library I accidentally commited in the last revision 2010-10-18 21:23:24 +00:00
ron
b8e712ceeb Added a couple shares to the list of common ones (requested on IRC by kraigus) 2010-10-18 21:16:48 +00:00
ron
934cf2edf0 Significant changes, both bugfixes and best practice changes, to smb-psexec.nse. Primarily: 
o It no longer uses the global environment to store the modules table
o It now uses loadfile() to load the configuration files, which follows best practices better
o The module() line at the top of the configuration files is no longer required, but if it exists all that happens is a warning is printed
o Worked around what appears to be a bug in one person's Nmap install where absolute paths didn't resolve properly -- I couldn't replicate, but he confirmed it was fixed
 2010-08-07 19:36:47 +00:00
david
e1607c5509 Add a favicon hash for "Sourcefire http admin" from Jason DePriest. 2010-07-24 23:24:52 +00:00
fyodor
ec24af9020 Add the standard Nmap copyright header 2010-05-03 22:31:40 +00:00
fyodor
543ad818ff remove an extra blank line 2010-04-23 08:05:06 +00:00
fyodor
84c97b9dd6 Improve the list by mixing in some data sent by Solar Designer. 2010-04-21 21:57:33 +00:00
david
a0b011fa84 Increase the size of passwords.lst from 201 to 5000 entries. 2010-03-25 02:57:56 +00:00
david
91b2aa680b Regenerate passwords.lst from the combination of these databases: 
faithwriters, hotmail, myspace, phpbb, and rockyou. I kept the output at
200 lines for now until we have more comprehensive limits on the unpwdb
module.

The only password that didn't come straight out of the databases was the
empty password. I added it manually at the top. The previous version of
passwords.lst had it too.
 2010-03-17 00:25:30 +00:00
david
be9e0265f6 Remove the nmap_service.exe helper for smb-psexec.nse. Add a message to 
the script indicating where to download it if it is not available. Make
the script check whether the file is the normal binary from 5.20 or
before, or the XOR-encoded binary from 5.21.
 2010-02-12 20:17:06 +00:00