PenTest/nmap - nmap - Ols Gitea: How about a cup of tea while we code?

mirror of https://github.com/nmap/nmap.git synced 2026-01-02 04:49:02 +00:00

Go to file

dmiller 5d726c7733 Handle ICMPv6 packets without a body

Two issues here: First, IP protocol scan can send packets with protocol
58 (ICMPv6) even over IPv4. This led to a bad interaction where the
packet was created (in build_protoscan_packet) without a data payload,
but setIP tried to set the packet's Identifier field (present in both
ICMPv6 and ICMP Echo Request packets), leading to a heap buffer
overflow. Instead, we now only try to set this identifier when the IP
version matches the ICMP version, indicating that we set the data
payload.

The other issue was a out-of-bounds read while packet tracing when an
ICMPv6 packet without a payload was sent or received, due to trying to
read the type and code. Now we check that the data length is sufficient
to contain an ICMPv6 header before attempting to read one.

Credit LLVM/Clang's AddressSanitizer with catching these bugs.

2016-07-28 05:11:35 +00:00

docs

Add little documentation for DNS resolution of truncated packets. Closes #468

2016-07-24 18:50:20 +00:00

libdnet-stripped

Fix a potential buffer overrun due to sscanf using the wrong field width

2016-07-27 20:11:27 +00:00

liblinear

Update platform toolset to remove XP compatibility

2016-06-04 02:46:11 +00:00

liblua

Merge branch 'nse-lua53'

2016-07-02 17:02:27 +00:00

libnetutil

Handle ICMPv6 packets without a body

2016-07-28 05:11:35 +00:00

libpcap

Remove some more generated files when doing a distclean. Fixes #218

2015-10-07 16:34:12 +00:00

libpcre

Update platform toolset to remove XP compatibility

2016-06-04 02:46:11 +00:00

macosx

Add dependencies requiered for nmap-update's static libraries

2016-07-20 16:09:10 +00:00

mswin32

Bump version from 7.25BETA1 release, regen docs, merge CHANGELOG

2016-07-19 19:57:56 +00:00

nbase

Avoid undefined behavior of shifting over the sign bit by declaring unsigned literal

2016-07-28 05:11:34 +00:00

ncat

Bump version from 7.25BETA1 release, regen docs, merge CHANGELOG

2016-07-19 19:57:56 +00:00

ndiff

Bump version from 7.25BETA1 release, regen docs, merge CHANGELOG

2016-07-19 19:57:56 +00:00

nmap-update

Add Mac libraries flags, if specified to the makefile

2016-07-20 16:13:00 +00:00

nping

Use FQDN_LEN instead of MAXHOSTNAMELEN for DNS name buffers

2016-07-26 14:06:22 +00:00

nselib

Add clock-skew script, datetime library

2016-07-21 17:05:25 +00:00

nsock

Updates the Nsock examples, closes #395

2016-06-07 15:58:09 +00:00

scripts

Remove an unnecessary debug statement from development

2016-07-28 05:11:33 +00:00

tests

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

todo

Mark a done task (#30 )

2016-02-11 05:52:36 +00:00

zenmap

New Zenmap auth_wrapper in Objective-C

2016-07-27 10:29:20 +00:00

.gitignore

Add .gitignore

2016-06-24 01:31:25 +00:00

.travis.yml

Fix flags for Travis CI build. --without-ssl was incorrect.

2016-07-06 22:24:51 +00:00

acinclude.m4

Properly quote an AC macro name

2014-11-28 21:31:40 +00:00

aclocal.m4

Revert libssh2 branch, for now.

2014-08-18 03:12:00 +00:00

BSDmakefile

Merged -r13793:HEAD from nmap-exp/dev/nmap branch now that we're opening up trunk development

2009-06-29 23:48:19 +00:00

CHANGELOG

Fix a segfault due to Nsock event leak in NSE.

2016-07-21 21:36:40 +00:00

charpool.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

charpool.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

checklibs.sh

checklibs.sh: newest didn't work when newest version was first in list

2013-12-24 19:23:33 +00:00

config.guess

Update config.guess and config.sub from the latest source

2015-02-14 20:19:59 +00:00

config.sub

Update config.guess and config.sub from the latest source

2015-02-14 20:19:59 +00:00

configure

Separate CFLAGS from CXXFLAGS. Was breaking with -std=c++11 on clang

2016-07-06 16:20:56 +00:00

configure.ac

Separate CFLAGS from CXXFLAGS. Was breaking with -std=c++11 on clang

2016-07-06 16:20:56 +00:00

CONTRIBUTING.md

Rewrite a clean documentation

2016-06-17 09:07:48 +00:00

COPYING

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

depcomp

Delete auxiliary scripts config.guess, config.sub, depcomp, install-sh,

2007-11-27 06:22:46 +00:00

FingerPrintResults.cc

Avoid printing submission fingerprint for IPv6 if all TCP ports are filtered.

2016-06-15 20:15:11 +00:00

FingerPrintResults.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

FPEngine.cc

Avoid sending NS probe on Npcap Loopback (BSOD on Win7). See #429

2016-07-11 14:14:53 +00:00

FPEngine.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

FPModel.cc

Process 31 IPv6 OS fingerprint submissions and corrections.

2016-06-16 16:11:43 +00:00

FPModel.h

Add ICMPV6_TYPE and ICMPV6_CODE features for IPv6 OS detection. http://seclists.org/nmap-dev/2015/q3/232 #224

2015-10-09 23:58:00 +00:00

HACKING

Update http urls for nmap.org to https

2015-11-05 20:41:05 +00:00

idle_scan.cc

Use FQDN_LEN instead of MAXHOSTNAMELEN for DNS name buffers

2016-07-26 14:06:22 +00:00

idle_scan.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

INSTALL

Fixes broken URL. Updates http://nmap.org/install to https://nmap.org/book/install.html

2015-05-11 01:44:13 +00:00

lpeg.c

Apply patch from Kali package reputed to address #237

2016-03-09 14:52:00 +00:00

ltmain.sh

Update ltmain.sh to version 2.2.6 for libdnet.

2009-08-07 17:42:12 +00:00

MACLookup.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

MACLookup.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

main.cc

Correct point numbering. Closes #282 by @anchitjain1234

2016-06-24 19:03:37 +00:00

Makefile.in

Separate CFLAGS from CXXFLAGS. Was breaking with -std=c++11 on clang

2016-07-06 16:20:56 +00:00

missing

Delete auxiliary scripts config.guess, config.sub, depcomp, install-sh,

2007-11-27 06:22:46 +00:00

nmap_amigaos.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nmap_config.h.in

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nmap_dns.cc

Use FQDN_LEN instead of MAXHOSTNAMELEN for DNS name buffers

2016-07-26 14:06:22 +00:00

nmap_dns.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nmap_error.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nmap_error.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nmap_ftp.cc

Use FQDN_LEN instead of MAXHOSTNAMELEN for DNS name buffers

2016-07-26 14:06:22 +00:00

nmap_ftp.h

Use FQDN_LEN instead of MAXHOSTNAMELEN for DNS name buffers

2016-07-26 14:06:22 +00:00

nmap_tty.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nmap_tty.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nmap_winconfig.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nmap-header-template.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nmap-mac-prefixes

Generate mac prefixes from the latest from IEEE. Order has changed.

2015-11-09 22:26:06 +00:00

nmap-os-db

Add a missing OS class

2016-06-24 01:31:26 +00:00

nmap-payloads

Add new version detection Probes for LDAP services, LDAPSearchReq

2016-04-05 12:02:40 +00:00

nmap-protocols

Update http urls for nmap.org to https

2015-11-05 20:41:05 +00:00

nmap-rpc

Regen nmap-mac-prefixes and nmap-rpc

2015-06-01 04:38:57 +00:00

nmap-service-probes

Process 61 service fingerprints

2016-07-28 01:26:31 +00:00

nmap-services

Add redis port to nmap-services as suggested by npcode on Github

2016-07-23 14:27:23 +00:00

nmap.cc

Use FQDN_LEN instead of MAXHOSTNAMELEN for DNS name buffers

2016-07-26 14:06:22 +00:00

nmap.h

Use FQDN_LEN instead of MAXHOSTNAMELEN for DNS name buffers

2016-07-26 14:06:22 +00:00

nmap.spec.in

Update http urls for nmap.org to https

2015-11-05 20:41:05 +00:00

NmapOps.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

NmapOps.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

NmapOutputTable.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

NmapOutputTable.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nse_debug.cc

Get rid of double newline at the EOF I accidentally introduced in the

2014-06-18 11:30:02 +00:00

nse_debug.h

Corrected many #includes for header files (where they are included).

2009-03-10 05:56:10 +00:00

nse_dnet.cc

Merge branch 'nse-lua53'

2016-07-02 17:02:27 +00:00

nse_dnet.h

Add newlines at the EOF in conformance to Daniel's coding standards

2014-06-18 10:18:58 +00:00

nse_fs.cc

Merge branch 'nse-lua53'

2016-07-02 17:02:27 +00:00

nse_fs.h

Add newlines at the EOF in conformance to Daniel's coding standards

2014-06-18 10:18:58 +00:00

nse_lpeg.cc

Merge branch 'nse-lua53'

2016-07-02 17:02:27 +00:00

nse_lpeg.h

Merged Lpeg branch

2014-06-26 20:12:54 +00:00

nse_main.cc

CONCURRENCY_LIMIT in NSE can be increased above 1000 with a higher --min-parallelism value

2016-07-22 05:18:32 +00:00

nse_main.h

Merge branch 'nse-lua53'

2016-07-02 17:02:27 +00:00

nse_main.lua

CONCURRENCY_LIMIT in NSE can be increased above 1000 with a higher --min-parallelism value

2016-07-22 05:18:32 +00:00

nse_nmaplib.cc

Merge branch 'nse-lua53'

2016-07-02 17:02:27 +00:00

nse_nmaplib.h

Remove references to obsolete stdnse.c library.

2012-08-08 19:21:44 +00:00

nse_nsock.cc

Fix a segfault due to Nsock event leak in NSE.

2016-07-21 21:36:40 +00:00

nse_nsock.h

Reduce more inclusions of .h files by forward-declaring classes

2015-07-02 04:14:51 +00:00

nse_openssl.cc

Merge branch 'nse-lua53'

2016-07-02 17:02:27 +00:00

nse_openssl.h

Add newlines at the EOF in conformance to Daniel's coding standards

2014-06-18 10:18:58 +00:00

nse_pcrelib.cc

Merge branch 'nse-lua53'

2016-07-02 17:02:27 +00:00

nse_pcrelib.h

Revert r5485. This changes the pcre Lua module back to statically linked

2007-10-23 00:45:00 +00:00

nse_ssl_cert.cc

Partially revert r36038: EC support only missing on RHEL

2016-07-27 20:35:00 +00:00

nse_ssl_cert.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

nse_utility.cc

Fix crashes when assigning timeouts as floats. New NSE utility function nseU_checkinteger

2016-07-17 04:56:29 +00:00

nse_utility.h

Fix crashes when assigning timeouts as floats. New NSE utility function nseU_checkinteger

2016-07-17 04:56:29 +00:00

osscan2.cc

Correct format string specifiers

2016-07-01 11:44:26 +00:00

osscan2.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

osscan.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

osscan.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

output.cc

Use FQDN_LEN instead of MAXHOSTNAMELEN for DNS name buffers

2016-07-26 14:06:22 +00:00

output.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

payload.cc

Adjust indents to avoid confusion. Fixes #396 . whitespace only.

2016-06-01 16:51:50 +00:00

payload.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

portlist.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

portlist.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

portreasons.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

portreasons.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

protocols.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

protocols.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

README-WIN32

Update http urls for nmap.org to https

2015-11-05 20:41:05 +00:00

scan_engine_connect.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

scan_engine_connect.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

scan_engine_raw.cc

Handle ICMPv6 packets without a body

2016-07-28 05:11:35 +00:00

scan_engine_raw.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

scan_engine.cc

Enable Nmap, Nping to use Npcap over Winpcap if available.

2016-06-14 14:16:46 +00:00

scan_engine.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

service_scan.cc

Avoid undefined behavior from calling front() on possibly empty std::list

2016-06-17 16:11:33 +00:00

service_scan.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

services.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

services.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

shtool

Upgrade shtool to version 2.0.8. This is supposed to fix NLS problems with

2008-08-19 17:49:47 +00:00

struct_ip.h

Add newlines at the EOF in conformance to Daniel's coding standards

2014-06-18 10:18:58 +00:00

Target.cc

Use FQDN_LEN instead of MAXHOSTNAMELEN for DNS name buffers

2016-07-26 14:06:22 +00:00

Target.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

TargetGroup.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

TargetGroup.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

targets.cc

Enable Nmap, Nping to use Npcap over Winpcap if available.

2016-06-14 14:16:46 +00:00

targets.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

tcpip.cc

Correct format string specifiers

2016-07-01 11:44:26 +00:00

tcpip.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

timing.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

timing.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

traceroute.cc

Enable Nmap, Nping to use Npcap over Winpcap if available.

2016-06-14 14:16:46 +00:00

traceroute.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

utils.cc

Put parenthesis in the right place. Closes #367

2016-04-18 05:11:56 +00:00

utils.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

xml.cc

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

xml.h

Bump date in copyright headers

2016-04-04 15:38:44 +00:00

zenmap.spec.in

Update http urls for nmap.org to https

2015-11-05 20:41:05 +00:00

docs/README

Here is some documentation for Nmap, but these files are much less
comprehensive than what you'll find at the actual Nmap documentation
site ( https://nmap.org ).

Languages

C 37.8%

Lua 28.1%

C++ 16.7%

Shell 5.8%

Python 4.2%

Other 7.2%