CERBERUS/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-06-28 04:03:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
nmap/scripts
History
sophron 9561155701 Patch by nnposter that improves performance of http-default-accounts 
http://seclists.org/nmap-dev/2013/q3/346

For any given fingerprint from http-default-accounts-fingerprints
script http-default-accounts currently tests corresponding default
credentials if at least one  of the probe URLs succeeded, namely
returned with status other than 404.

Some web servers, such as Linksys devices, respond with HTTP/401 even
for non-existent URLs. This causes the script to assume that these URLs
do exist and to test the credentials, while ideally they should be
tested only on those servers where they make sense.

The purpose of the attached patches is to reduce unnecessary credential
guessing by implementing a new optional fingerprint element, function
target_check(), which takes some already collected target information,
including a probe URL response, and returns true or false, indicating
whether the credential guessing should be attempted or not.

All of the current fingerprints have been retrofitted with simple
target validations as follows:

* If the fingerprint uses native HTTP authentication, validate that the
target's realm matches the server type.

* If the fingerprint uses form-based authentication, validate that the
probe URL returned with HTTP/200 (as opposed to perhaps HTTP/401).

When testing against the above-mentioned Linksys the difference was
notable: 14 login attempts before the patch versus 1 attempt after the
patch.

This functionality provides opportunity for further improvement by
being able to match page content to differentiate between real HTTP/200
and a custom error page. (As of now the script completely skips targets
that return HTTP/200 for non-existent pages.)
2013-08-18 01:42:48 +00:00
..
acarsd-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
address-info.nse Prevent script from crashing when running against ::1. 2013-06-29 18:36:24 +00:00
afp-brute.nse Fixed a bug in afp-brute and the afp library related to missing SSL. 2012-08-05 14:25:53 +00:00
afp-ls.nse
afp-path-vuln.nse
afp-serverinfo.nse
afp-showmount.nse
ajp-auth.nse
ajp-brute.nse
ajp-headers.nse fix a typo 2012-11-16 08:52:13 +00:00
ajp-methods.nse
ajp-request.nse fix another instance of same typo 2012-11-16 08:53:05 +00:00
amqp-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
asn-query.nse
auth-owners.nse
auth-spoof.nse
backorifice-brute.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
backorifice-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
banner.nse Update banner.nse to use script-args 2013-04-12 17:29:17 +00:00
bitcoin-getaddr.nse
bitcoin-info.nse os.date format string cleanup 2013-05-16 14:59:48 +00:00
bitcoinrpc-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
bittorrent-discovery.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
bjnp-discover.nse Fix some more typos and spelling errors 2012-11-16 09:13:53 +00:00
broadcast-ataoe-discover.nse
broadcast-avahi-dos.nse
broadcast-bjnp-discover.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
broadcast-db2-discover.nse
broadcast-dhcp-discover.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
broadcast-dhcp6-discover.nse fixed a bug in a loop where the script would wait for a condition that was 2012-08-29 05:37:56 +00:00
broadcast-dns-service-discovery.nse
broadcast-dropbox-listener.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
broadcast-eigrp-discovery.nse Document some undocumented script-args 2013-03-05 22:31:39 +00:00
broadcast-igmp-discovery.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
broadcast-listener.nse add LLMNR support and cleaned up some result output 2013-03-16 03:18:28 +00:00
broadcast-ms-sql-discover.nse
broadcast-netbios-master-browser.nse
broadcast-networker-discover.nse
broadcast-novell-locate.nse
broadcast-pc-anywhere.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
broadcast-pc-duo.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
broadcast-pim-discovery.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
broadcast-ping.nse Update scripts with millisecond timeouts to timespec 2013-03-06 15:14:20 +00:00
broadcast-pppoe-discover.nse
broadcast-rip-discover.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
broadcast-ripng-discover.nse Update scripts with millisecond timeouts to timespec 2013-03-06 15:14:20 +00:00
broadcast-sybase-asa-discover.nse
broadcast-tellstick-discover.nse
broadcast-upnp-info.nse
broadcast-versant-locate.nse
broadcast-wake-on-lan.nse
broadcast-wpad-discover.nse
broadcast-wsdd-discover.nse fixed a bug in a loop where the script would wait for a condition that was 2012-08-29 05:37:56 +00:00
broadcast-xdmcp-discover.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
cassandra-brute.nse nse_check_globals cleanup 2012-10-07 12:54:31 +00:00
cassandra-info.nse nse_check_globals cleanup 2012-10-07 12:54:31 +00:00
cccam-version.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
citrix-brute-xml.nse Changed "auth" to "brute" category for imap-brute.nse and citrix-brute-xml.nse for consistency. 2012-09-21 11:46:23 +00:00
citrix-enum-apps-xml.nse
citrix-enum-apps.nse
citrix-enum-servers-xml.nse
citrix-enum-servers.nse
couchdb-databases.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
couchdb-stats.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
creds-summary.nse
cups-info.nse
cups-queue-info.nse
cvs-brute-repository.nse reverted bad commits 2012-10-06 19:38:15 +00:00
cvs-brute.nse reverted bad commits 2012-10-06 19:38:15 +00:00
daap-get-library.nse
daytime.nse
db2-das-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
db2-discover.nse
dhcp-discover.nse
dict-info.nse
distcc-cve2004-2687.nse
dns-blacklist.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
dns-brute.nse Allow dns-brute.hostlist to be a relative path 2013-04-26 12:14:40 +00:00
dns-cache-snoop.nse o [NSE] Update dns-cache-snoop script to use a new list of top 50 2013-08-09 04:02:41 +00:00
dns-check-zone.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
dns-client-subnet-scan.nse
dns-fuzz.nse
dns-ip6-arpa-scan.nse Allow "/" netmask syntax in dns-ip6-arpa-scan.nse. 2013-06-13 03:53:40 +00:00
dns-nsec-enum.nse Make dns-nsec-enum and dns-nsec3-enum reference each other. 2012-12-29 15:25:41 +00:00
dns-nsec3-enum.nse Make dns-nsec-enum and dns-nsec3-enum reference each other. 2012-12-29 15:25:41 +00:00
dns-nsid.nse
dns-random-srcport.nse
dns-random-txid.nse
dns-recursion.nse
dns-service-discovery.nse
dns-srv-enum.nse fixed a bug in a loop where the script would wait for a condition that was 2012-08-29 05:37:56 +00:00
dns-update.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
dns-zeustracker.nse
dns-zone-transfer.nse nse_check_globals cleanup 2012-07-24 10:08:43 +00:00
domcon-brute.nse
domcon-cmd.nse
domino-enum-users.nse o [NSE] Oops, there was a vulnerability in one of our 437 NSE scripts. 2013-07-29 06:19:24 +00:00
dpap-brute.nse
drda-brute.nse
drda-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
duplicates.nse
eap-info.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
epmd-info.nse
eppc-enum-processes.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
finger.nse
firewalk.nse Pass the dst argument to existing calls to nmap.ip_send. 2012-09-15 17:56:21 +00:00
firewall-bypass.nse Return nil, not false, from firewall-bypass.nse 2013-03-28 21:07:08 +00:00
flume-master-info.nse Don't set_port_version just from a 200 response. 2013-03-05 21:20:45 +00:00
ftp-anon.nse
ftp-bounce.nse
ftp-brute.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
ftp-libopie.nse
ftp-proftpd-backdoor.nse
ftp-vsftpd-backdoor.nse
ftp-vuln-cve2010-4221.nse
ganglia-info.nse
giop-info.nse
gkrellm-info.nse
gopher-ls.nse
gpsd-info.nse os.date format string cleanup 2013-05-16 14:59:48 +00:00
hadoop-datanode-info.nse Don't set_port_version just from a 200 response. 2013-03-05 21:20:45 +00:00
hadoop-jobtracker-info.nse Don't set_port_version just from a 200 response. 2013-03-05 21:20:45 +00:00
hadoop-namenode-info.nse Don't set_port_version just from a 200 response. 2013-03-05 21:20:45 +00:00
hadoop-secondary-namenode-info.nse Don't set_port_version just from a 200 response. 2013-03-05 21:20:45 +00:00
hadoop-tasktracker-info.nse Don't set_port_version just from a 200 response. 2013-03-05 21:20:45 +00:00
hbase-master-info.nse Don't set_port_version just from a 200 response. 2013-03-05 21:20:45 +00:00
hbase-region-info.nse Don't set_port_version just from a 200 response. 2013-03-05 21:20:45 +00:00
hddtemp-info.nse
hostmap-bfk.nse o [NSE] Oops, there was a vulnerability in one of our 437 NSE scripts. 2013-07-29 06:19:24 +00:00
hostmap-ip2hosts.nse Minor updates to the descriptions of some new scripts 2013-08-17 00:38:27 +00:00
hostmap-robtex.nse -Adds xml structured output support and the corresponding @xmloutput tag. 2013-04-30 01:24:10 +00:00
http-adobe-coldfusion-apsa1301.nse Minor updates to the descriptions of some new scripts 2013-08-17 00:38:27 +00:00
http-affiliate-id.nse Fixed a bunch of errors related to inproper responses from webservers. 2012-08-31 15:17:14 +00:00
http-apache-negotiation.nse
http-auth-finder.nse Added some checks for http response's body being nil. 2012-07-23 22:47:11 +00:00
http-auth.nse Add structured output to http-auth.nse. 2012-09-13 03:01:18 +00:00
http-awstatstotals-exec.nse
http-axis2-dir-traversal.nse
http-backup-finder.nse Fixes bug when reading the initial base uri. These scripts were incorrectly setting "/" as the starting point. 2012-11-25 18:38:59 +00:00
http-barracuda-dir-traversal.nse
http-brute.nse Add digest auth support to http-brute (and to http library). Also fix whitespace in sasl.lua. 2012-08-05 22:23:54 +00:00
http-cakephp-version.nse Modified multiple scripts that operated against HTTP based services so as to remove false positives that were generated when the target service answers with a 200 response to all requests. 2012-07-08 12:41:37 +00:00
http-chrono.nse
http-coldfusion-subzero.nse Minor updates to the descriptions of some new scripts 2013-08-17 00:38:27 +00:00
http-comments-displayer.nse Minor updates to the descriptions of some new scripts 2013-08-17 00:38:27 +00:00
http-config-backup.nse o [NSE] Oops, there was a vulnerability in one of our 437 NSE scripts. 2013-07-29 06:19:24 +00:00
http-cors.nse
http-date.nse Use stdnse.format_timestamp in scripts that output structured dates. 2012-09-08 16:09:15 +00:00
http-default-accounts.nse Patch by nnposter that improves performance of http-default-accounts 2013-08-18 01:42:48 +00:00
http-dombased-xss.nse [NSE] Added http-dombased-xss.nse. 2013-08-10 19:30:56 +00:00
http-domino-enum-passwords.nse o [NSE] Oops, there was a vulnerability in one of our 437 NSE scripts. 2013-07-29 06:19:24 +00:00
http-drupal-enum-users.nse
http-drupal-modules.nse Updated http-drupal-modules documentation. 2012-08-25 17:31:53 +00:00
http-email-harvest.nse Added some checks for http response's body being nil. 2012-07-23 22:47:11 +00:00
http-enum.nse Modify http-enum and http-fingerprints file so they work with http pipeline better. 2012-07-23 21:55:13 +00:00
http-exif-spider.nse nse_check_globals cleanup 2012-08-02 05:25:15 +00:00
http-favicon.nse Reindent http-favicon. 2013-03-02 01:09:59 +00:00
http-fileupload-exploiter.nse [NSE] Added http-fileupload-exploiter that exploits insecure file upload forms in web applications using various techniques. 2013-06-18 00:42:59 +00:00
http-form-brute.nse Document some undocumented script-args 2013-03-05 22:31:39 +00:00
http-form-fuzzer.nse Avoid using http cache for http-form-fuzzer 2012-07-07 22:06:56 +00:00
http-frontpage-login.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
http-generator.nse Fixed a bunch of errors related to inproper responses from webservers. 2012-08-31 15:17:14 +00:00
http-git.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
http-gitweb-projects-enum.nse
http-google-malware.nse further improoved http-google-malware.nse malware detection by adding response 2012-07-24 10:33:39 +00:00
http-grep.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
http-headers.nse Whitespace in http-headers. 2013-01-25 17:43:29 +00:00
http-huawei-hg5xx-vuln.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
http-icloud-findmyiphone.nse Some more minor script description updates 2012-11-16 00:51:50 +00:00
http-icloud-sendmsg.nse Fix some more typos and spelling errors 2012-11-16 09:13:53 +00:00
http-iis-webdav-vuln.nse Fix usage of nmap.fetchfile in several scripts 2013-04-26 12:14:44 +00:00
http-joomla-brute.nse
http-litespeed-sourcecode-download.nse
http-majordomo2-dir-traversal.nse
http-malware-host.nse Modified multiple scripts that operated against HTTP based services so as to remove false positives that were generated when the target service answers with a 200 response to all requests. 2012-07-08 12:41:37 +00:00
http-method-tamper.nse Update scripts with millisecond timeouts to timespec 2013-03-06 15:14:20 +00:00
http-methods.nse
http-mobileversion-checker.nse [NSE] Added http-mobileversion-checker.nse. 2013-08-10 19:32:05 +00:00
http-open-proxy.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
http-open-redirect.nse Fixes bug when reading the initial base uri. These scripts were incorrectly setting "/" as the starting point. 2012-11-25 18:38:59 +00:00
http-passwd.nse
http-php-version.nse Updated the hash information in http-php-version to include PHP/5.3.17, PHP/5.3.18, PHP/5.4.7 and PHP/5.4.8. 2012-10-22 20:26:43 +00:00
http-phpmyadmin-dir-traversal.nse Minor updates to the descriptions of some new scripts 2013-08-17 00:38:27 +00:00
http-phpself-xss.nse Update scripts with millisecond timeouts to timespec 2013-03-06 15:14:20 +00:00
http-proxy-brute.nse
http-put.nse
http-qnap-nas-info.nse
http-referer-checker.nse [NSE] Added http-referer-checker that informs about cross-domain include of scripts. 2013-07-18 14:55:16 +00:00
http-rfi-spider.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
http-robots.txt.nse
http-robtex-reverse-ip.nse
http-robtex-shared-ns.nse Change Arturo name in Robtex scripts to match how it is in the other scripts he has authored 2013-04-12 17:29:23 +00:00
http-sitemap-generator.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
http-slowloris-check.nse Undo previous commits as http-slowloris-check.nse doesn't do a DOS attack like http-slowloris.nse. 2012-12-16 01:58:59 +00:00
http-slowloris.nse Fix some more typos and spelling errors 2012-11-16 09:13:53 +00:00
http-sql-injection.nse Fix usage of nmap.fetchfile in several scripts 2013-04-26 12:14:44 +00:00
http-stored-xss.nse Minor updates to the descriptions of some new scripts 2013-08-17 00:38:27 +00:00
http-title.nse Fixed a bunch of errors related to inproper responses from webservers. 2012-08-31 15:17:14 +00:00
http-tplink-dir-traversal.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
http-trace.nse Fixed a bunch of errors related to inproper responses from webservers. 2012-08-31 15:17:14 +00:00
http-traceroute.nse
http-unsafe-output-escaping.nse Fixed issue with url always being set to root, it now lets the httpspider library get it from the script arguments 2012-08-09 06:20:16 +00:00
http-useragent-tester.nse [NSE] Removed facebook's domain name as an example. 2013-08-10 19:47:56 +00:00
http-userdir-enum.nse Rearrange some variables for proper NSEDoc generation. 2013-01-14 23:00:37 +00:00
http-vhosts.nse Allowed absolute paths to 'hostnames' argument. 2013-07-18 13:51:11 +00:00
http-virustotal.nse Fix some more typos and spelling errors 2012-11-16 09:13:53 +00:00
http-vlcstreamer-ls.nse
http-vmware-path-vuln.nse
http-vuln-cve2009-3960.nse
http-vuln-cve2010-0738.nse Renames http-method-tamper to http-vuln-cve2010-0738 and adds the new version of http-method-tamper. 2012-09-07 23:42:39 +00:00
http-vuln-cve2010-2861.nse
http-vuln-cve2011-3192.nse Fixed a false positive in http-vuln-cve2011-3192.nse, which detected Apache 2012-07-12 17:00:41 +00:00
http-vuln-cve2011-3368.nse
http-vuln-cve2012-1823.nse
http-vuln-cve2013-0156.nse Adds http-vuln-cve2013-0156.nse: Detects Ruby on Rails servers vulnerable to object injection, remote 2013-04-25 03:15:33 +00:00
http-waf-detect.nse
http-waf-fingerprint.nse
http-wordpress-brute.nse
http-wordpress-enum.nse
http-wordpress-plugins.nse
http-xssed.nse [NSE] Added http-xssed that searches the xssed.com database for any previously reported vulnerabilities and outputs the result. 2013-07-18 13:31:27 +00:00
iax2-brute.nse
iax2-version.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
icap-info.nse
ike-version.nse Minor updates to the descriptions of some new scripts 2013-08-17 00:38:27 +00:00
imap-brute.nse Changed "auth" to "brute" category for imap-brute.nse and citrix-brute-xml.nse for consistency. 2012-09-21 11:46:23 +00:00
imap-capabilities.nse
informix-brute.nse
informix-query.nse Document some undocumented script-args 2013-03-05 22:31:39 +00:00
informix-tables.nse
ip-forwarding.nse Restore original docs for ip-forwarding.target. 2013-01-24 18:11:06 +00:00
ip-geolocation-geobytes.nse Update ip-geolocation-geobytes for structured output 2012-08-31 11:46:44 +00:00
ip-geolocation-geoplugin.nse Update ip-geolocation-geoplugin.nse for a new data format. 2013-02-24 02:50:03 +00:00
ip-geolocation-ipinfodb.nse
ip-geolocation-maxmind.nse Use fetchfile to look for GeoLiteCity.dat. 2013-08-01 02:01:09 +00:00
ipidseq.nse Pass the dst argument to existing calls to nmap.ip_send. 2012-09-15 17:56:21 +00:00
ipv6-node-info.nse Pass the dst argument to existing calls to nmap.ip_send. 2012-09-15 17:56:21 +00:00
ipv6-ra-flood.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
irc-botnet-channels.nse Fix various NSEDoc problems. 2013-01-24 18:04:42 +00:00
irc-brute.nse
irc-info.nse Structured XML output for irc-info 2013-05-06 21:40:00 +00:00
irc-sasl-brute.nse Added an unrequired library and fixed a typo. 2012-07-09 13:32:32 +00:00
irc-unrealircd-backdoor.nse
iscsi-brute.nse
iscsi-info.nse
isns-info.nse
jdwp-exec.nse Update categories for jdwp-exec and jdwp-inject 2013-01-25 21:23:02 +00:00
jdwp-info.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
jdwp-inject.nse Fix usage of nmap.fetchfile in several scripts 2013-04-26 12:14:44 +00:00
jdwp-version.nse Fix spelling in some comments. 2013-01-15 22:31:11 +00:00
krb5-enum-users.nse fixed a bug in a loop where the script would wait for a condition that was 2012-08-29 05:37:56 +00:00
ldap-brute.nse
ldap-novell-getpass.nse
ldap-rootdse.nse
ldap-search.nse
lexmark-config.nse replaced try/catch with silent failure 2012-08-31 14:59:25 +00:00
llmnr-resolve.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
lltd-discovery.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
maxdb-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
mcafee-epo-agent.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
membase-brute.nse
membase-http-info.nse Modified multiple scripts that operated against HTTP based services so as to remove false positives that were generated when the target service answers with a 200 response to all requests. 2012-07-08 12:41:37 +00:00
memcached-info.nse os.date format string cleanup 2013-05-16 14:59:48 +00:00
metasploit-info.nse Some more minor script description updates 2012-11-16 00:51:50 +00:00
metasploit-msgrpc-brute.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
metasploit-xmlrpc-brute.nse
mmouse-brute.nse Update scripts with millisecond timeouts to timespec 2013-03-06 15:14:20 +00:00
mmouse-exec.nse
modbus-discover.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
mongodb-brute.nse
mongodb-databases.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
mongodb-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
mrinfo.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
ms-sql-brute.nse
ms-sql-config.nse
ms-sql-dac.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
ms-sql-dump-hashes.nse o [NSE] Oops, there was a vulnerability in one of our 437 NSE scripts. 2013-07-29 06:19:24 +00:00
ms-sql-empty-password.nse
ms-sql-hasdbaccess.nse
ms-sql-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
ms-sql-query.nse Document some undocumented script-args 2013-03-05 22:31:39 +00:00
ms-sql-tables.nse
ms-sql-xp-cmdshell.nse
msrpc-enum.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
mtrace.nse Fix nsedoc issues (missing ---, mostly) 2013-04-12 17:29:16 +00:00
murmur-version.nse Run murmur-version only once for TCP and UDP. 2013-07-01 09:07:01 +00:00
mysql-audit.nse
mysql-brute.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
mysql-databases.nse
mysql-dump-hashes.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
mysql-empty-password.nse
mysql-enum.nse Minor updates to the descriptions of some new scripts 2013-08-17 00:38:27 +00:00
mysql-info.nse
mysql-query.nse Document some undocumented script-args 2013-03-05 22:31:39 +00:00
mysql-users.nse
mysql-variables.nse
mysql-vuln-cve2012-2122.nse Update scripts with millisecond timeouts to timespec 2013-03-06 15:14:20 +00:00
nat-pmp-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
nat-pmp-mapport.nse
nbstat.nse reverted bad commits 2012-10-06 19:38:15 +00:00
ncp-enum-users.nse
ncp-serverinfo.nse
ndmp-fs-info.nse
ndmp-version.nse Use version_port_or_service over port_or_service. 2012-12-30 00:39:30 +00:00
nessus-brute.nse
nessus-xmlrpc-brute.nse Update scripts with millisecond timeouts to timespec 2013-03-06 15:14:20 +00:00
netbus-auth-bypass.nse
netbus-brute.nse
netbus-info.nse
netbus-version.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
nexpose-brute.nse
nfs-ls.nse In hostrule: return false if mountport is nil (prevents from crashing when accessed as a table, a couple lines below). 2012-09-10 14:45:21 +00:00
nfs-showmount.nse nse_check_globals cleanup 2012-08-18 07:10:27 +00:00
nfs-statfs.nse In hostrule: return false if mountport is nil (prevent from crashing when accessed as a table, a couple line below). 2012-09-10 14:11:38 +00:00
nping-brute.nse
nrpe-enum.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
ntp-info.nse os.date format string cleanup 2013-05-16 14:59:48 +00:00
ntp-monlist.nse
omp2-brute.nse
omp2-enum-targets.nse
openlookup-info.nse os.date format string cleanup 2013-05-16 14:59:48 +00:00
openvas-otp-brute.nse
oracle-brute-stealth.nse Fix some more typos and spelling errors 2012-11-16 09:13:53 +00:00
oracle-brute.nse Brute and unpwdb lib improvements that allow more flexible iterator specifications. Merge from my dev branch. 2012-07-10 16:35:48 +00:00
oracle-enum-users.nse fixed bug "ORA-03146: Invalid buffer length for TTC field" 2012-10-07 09:10:59 +00:00
oracle-sid-brute.nse
ovs-agent-version.nse Use version_port_or_service over port_or_service. 2012-12-30 00:39:30 +00:00
p2p-conficker.nse
path-mtu.nse reverted bad commits 2012-10-06 19:38:15 +00:00
pcanywhere-brute.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
pgsql-brute.nse
pjl-ready-message.nse
pop3-brute.nse
pop3-capabilities.nse
pptp-version.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
qconn-exec.nse Add qconn-exec script by Brendan Coles. 2013-08-09 03:23:40 +00:00
qscan.nse Pass the dst argument to existing calls to nmap.ip_send. 2012-09-15 17:56:21 +00:00
quake3-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
quake3-master-getservers.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
rdp-enum-encryption.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
rdp-vuln-ms12-020.nse
realvnc-auth-bypass.nse
redis-brute.nse Redis (at least v2.9.9) returns -NOAUTH to unauthenticated commands. 2013-05-06 21:00:45 +00:00
redis-info.nse Fixes (tested against redis v2.9.9) 2013-05-06 21:11:44 +00:00
resolveall.nse
reverse-index.nse Fix exception thrown in reverse-index when it is run again a host with no open ports. 2012-07-04 17:58:21 +00:00
rexec-brute.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
riak-http-info.nse Modified multiple scripts that operated against HTTP based services so as to remove false positives that were generated when the target service answers with a 200 response to all requests. 2012-07-08 12:41:37 +00:00
rlogin-brute.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
rmi-dumpregistry.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
rmi-vuln-classloader.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
rpc-grind.nse Actually show the error message from ReceivePacket failure. 2013-06-19 23:53:37 +00:00
rpcap-brute.nse
rpcap-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
rpcinfo.nse XML output for rpcinfo.nse 2013-05-04 23:12:36 +00:00
rsync-brute.nse
rsync-list-modules.nse
rtsp-methods.nse
rtsp-url-brute.nse fixed a bug in a loop where the script would wait for a condition that was 2012-08-29 05:37:56 +00:00
samba-vuln-cve-2012-1182.nse
script.db Updated script.db. 2013-08-10 20:07:29 +00:00
servicetags.nse set_port_version in servicetags.nse. 2012-07-30 18:58:25 +00:00
sip-brute.nse
sip-call-spoof.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
sip-enum-users.nse Fix usage of nmap.fetchfile in several scripts 2013-04-26 12:14:44 +00:00
sip-methods.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
skypev2-version.nse Fix the test for an unmatched service in skypev2-version.nse. 2013-08-05 23:52:57 +00:00
smb-brute.nse Removed extraneous newline from a couple of print_debug strings. 2012-07-23 22:25:51 +00:00
smb-check-vulns.nse Update the status code name in smb-check-vulns. 2012-10-18 04:28:11 +00:00
smb-enum-domains.nse
smb-enum-groups.nse
smb-enum-processes.nse
smb-enum-sessions.nse
smb-enum-shares.nse
smb-enum-users.nse
smb-flood.nse
smb-ls.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
smb-mbenum.nse
smb-os-discovery.nse Add CPE to smb-os-discovery output. 2012-11-29 05:36:50 +00:00
smb-print-text.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
smb-psexec.nse Fix usage of nmap.fetchfile in several scripts 2013-04-26 12:14:44 +00:00
smb-security-mode.nse
smb-server-stats.nse
smb-system-info.nse
smb-vuln-ms10-054.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
smb-vuln-ms10-061.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
smbv2-enabled.nse
smtp-brute.nse
smtp-commands.nse
smtp-enum-users.nse
smtp-open-relay.nse
smtp-strangeport.nse
smtp-vuln-cve2010-4344.nse
smtp-vuln-cve2011-1720.nse
smtp-vuln-cve2011-1764.nse
sniffer-detect.nse
snmp-brute.nse Handle empty snmpcommunity correctly 2012-08-01 17:50:00 +00:00
snmp-hh3c-logins.nse nse_check_globals cleanup 2012-11-12 03:49:35 +00:00
snmp-interfaces.nse reverted bad commits 2012-10-06 19:38:15 +00:00
snmp-ios-config.nse o [NSE] Oops, there was a vulnerability in one of our 437 NSE scripts. 2013-07-29 06:19:24 +00:00
snmp-netstat.nse added newtarget support to snmp-netstat script, allowing it to identify and 2012-07-26 13:49:03 +00:00
snmp-processes.nse
snmp-sysdescr.nse
snmp-win32-services.nse
snmp-win32-shares.nse
snmp-win32-software.nse
snmp-win32-users.nse
socks-auth-info.nse
socks-brute.nse
socks-open-proxy.nse XML output for socks-open-proxy 2013-05-04 21:26:49 +00:00
ssh-hostkey.nse Do base64-encoding of the SSH key before returning, not after. 2013-08-11 05:36:45 +00:00
ssh2-enum-algos.nse
sshv1.nse
ssl-cert.nse Retab ssl-cert.nse. 2013-06-18 03:58:47 +00:00
ssl-date.nse Minor description updates (and sometimes just text reformatting) for some of the 85 new scripts(!) since Nmap 6.01 2012-11-15 23:05:31 +00:00
ssl-enum-ciphers.nse Correct output for ssl-enum-ciphers against non-ssl 2012-09-14 21:06:46 +00:00
ssl-google-cert-catalog.nse
ssl-known-key.nse ssl-known-key: return if sslcert fails 2012-08-30 23:29:06 +00:00
sslv2.nse Structured output for sslv2, s/cypher/cipher/ 2013-05-07 02:01:27 +00:00
stun-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
stun-version.nse Use version_port_or_service over port_or_service. 2012-12-30 00:39:30 +00:00
stuxnet-detect.nse o [NSE] Oops, there was a vulnerability in one of our 437 NSE scripts. 2013-07-29 06:19:24 +00:00
svn-brute.nse SSL overhaul fixing OpenSSL related problems when SSL has not been compiled in 2012-08-05 12:05:07 +00:00
targets-asn.nse
targets-ipv6-multicast-echo.nse fixed a bug in a loop where the script would wait for a condition that was 2012-08-29 05:37:56 +00:00
targets-ipv6-multicast-invalid-dst.nse fixed a bug in a loop where the script would wait for a condition that was 2012-08-29 05:37:56 +00:00
targets-ipv6-multicast-mld.nse Document some undocumented script-args 2013-03-05 22:31:39 +00:00
targets-ipv6-multicast-slaac.nse fixed a bug in a loop where the script would wait for a condition that was 2012-08-29 05:37:56 +00:00
targets-sniffer.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
targets-traceroute.nse
teamspeak2-version.nse Minor updates to the descriptions of some new scripts 2013-08-17 00:38:27 +00:00
telnet-brute.nse New revision of telnet-brute by nnposter. 2013-08-15 07:11:08 +00:00
telnet-encryption.nse
tftp-enum.nse Prevent tftp-enum from incorrectly setting the port as closed when an error occurred (e.g. timeout when port is filtered). 2012-09-12 09:27:51 +00:00
tls-nextprotoneg.nse nse_check_globals cleanup 2012-07-24 10:08:43 +00:00
traceroute-geolocation.nse Remove country and region from traceroute-geolocation structured output. 2012-08-15 08:42:16 +00:00
unusual-port.nse Move caching code to datafiles lib 2012-07-27 20:07:38 +00:00
upnp-info.nse
url-snarf.nse Update timeout script-args to use standard timespec 2013-03-05 21:34:25 +00:00
ventrilo-info.nse Minor updates to the descriptions of some new scripts 2013-08-17 00:38:27 +00:00
versant-info.nse Remove "hardmatched" argument from calls to nmap.set_port_version. 2012-07-30 18:58:32 +00:00
vmauthd-brute.nse
vnc-brute.nse
vnc-info.nse
voldemort-info.nse
vuze-dht-info.nse
wdb-version.nse @xmloutput NSEdoc sections for wdb-version and xmpp-info 2013-05-06 21:40:02 +00:00
whois-domain.nse Added documentation and comments. 2013-07-25 15:42:16 +00:00
whois-ip.nse [NSE] Added whois-domain.nse and renamed whois.nse to whois-ip.nse 2013-07-25 00:57:28 +00:00
wsdd-discover.nse Fix various NSEDoc problems. 2013-01-24 18:04:42 +00:00
x11-access.nse
xdmcp-discover.nse
xmpp-brute.nse
xmpp-info.nse @xmloutput NSEdoc sections for wdb-version and xmpp-info 2013-05-06 21:40:02 +00:00