Nmap 7.60
o Updated the bundled Npcap from 0.91 to 0.93, fixing several issues with installation and compatibility with the Windows 10 Creators Update. o NSE scripts now have complete SSH support via libssh2, including password brute-forcing and running remote commands, thanks to the combined efforts of three Summer of Code students. o Added 14 NSE scripts from 6 authors, bringing the total up to 579! They are all listed at https://nmap.org/nsedoc/, and the summaries are below: + ftp-syst sends SYST and STAT commands to FTP servers to get system version and connection information. + http-vuln-cve2017-8917 checks for an SQL injection vulnerability affecting Joomla! 3.7.x before 3.7.1. + iec-identify probes for the IEC 60870-5-104 SCADA protocol. + openwebnet-discovery retrieves device identifying information and number of connected devices running on openwebnet protocol. + puppet-naivesigning checks for a misconfiguration in the Puppet CA where naive signing is enabled, allowing for any CSR to be automatically signed. + smb-protocols discovers if a server supports dialects NT LM 0.12 (SMBv1), 2.02, 2.10, 3.00, 3.02 and 3.11. This replaces the old smbv2-enabled script. + smb2-capabilities lists the supported capabilities of SMB2/SMB3 servers. + smb2-time determines the current date and boot date of SMB2 servers. + smb2-security-mode determines the message signing configuration of SMB2/SMB3 servers. + smb2-vuln-uptime attempts to discover missing critical patches in Microsoft Windows systems based on the SMB2 server uptime. + ssh-auth-methods lists the authentication methods offered by an SSH server. + ssh-brute performs brute-forcing of SSH password credentials. + ssh-publickey-acceptance checks public or private keys to see if they could be used to log in to a target. A list of known-compromised key pairs is included and checked by default. + ssh-run uses user-provided credentials to run commands on targets via SSH. o Removed smbv2-enabled, which was incompatible with the new SMBv2/3 improvements. It was fully replaced by the smb-protocols script. o Added Datagram TLS (DTLS) support to Ncat in connect (client) mode with --udp --ssl. Also added Application Layer Protocol Negotiation (ALPN) support with the --ssl-alpn option. o Updated the default ciphers list for Ncat and the secure ciphers list for Nsock to use "!aNULL:!eNULL" instead of "!ADH". With the addition of ECDH ciphersuites, anonymous ECDH suites were being allowed. o Fix ndmp-version and ndmp-fs-info when scanning Veritas Backup Exec Agent 15 or 16. o Added wildcard detection to dns-brute. Only hostnames that resolve to unique addresses will be listed. o FTP scripts like ftp-anon and ftp-brute now correctly handle TLS-protected FTP services and use STARTTLS when necessary. o Function url.escape no longer encodes so-called "unreserved" characters, including hyphen, period, underscore, and tilde, as per RFC 3986. o Function http.pipeline_go no longer assumes that persistent connections are supported on HTTP 1.0 target (unless the target explicitly declares otherwise), as per RFC 7230. o The HTTP response object has a new member, version, which contains the HTTP protocol version string returned by the server, e.g. "1.0". o Fix handling of the objectSID Active Directory attribute by ldap.lua. o Fix line endings in the list of Oracle SIDs used by oracle-sid-brute. Carriage Return characters were being sent in the connection packets, likely resulting in failure of the script. o http-useragent-checker now checks for changes in HTTP status (usually 403 Forbidden) in addition to redirects to indicate forbidden User Agents.
This commit is contained in:
adam
parent
058971e82d
commit
75d36712bf
3 changed files with 28 additions and 10 deletions
|
|
@ -1,6 +1,6 @@
|
|||
# $NetBSD: Makefile,v 1.135 2017/06/14 09:26:29 adam Exp $
|
||||
# $NetBSD: Makefile,v 1.136 2017/08/03 13:52:00 adam Exp $
|
||||
|
||||
DISTNAME= nmap-7.50
|
||||
DISTNAME= nmap-7.60
|
||||
CATEGORIES= net security
|
||||
MASTER_SITES= http://nmap.org/dist/
|
||||
EXTRACT_SUFX= .tar.bz2
|
||||
|
|
@ -26,7 +26,7 @@ CONFIGURE_ARGS+= --without-subversion
|
|||
|
||||
BUILD_DEFS+= IPV6_READY
|
||||
|
||||
TEST_TARGET+= check
|
||||
TEST_TARGET= check
|
||||
|
||||
.include "options.mk"
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
@comment $NetBSD: PLIST,v 1.26 2017/06/14 09:26:29 adam Exp $
|
||||
@comment $NetBSD: PLIST,v 1.27 2017/08/03 13:52:00 adam Exp $
|
||||
bin/ncat
|
||||
${PLIST.ndiff}bin/ndiff
|
||||
bin/nmap
|
||||
|
|
@ -298,6 +298,7 @@ ${PLIST.lua}share/nmap/nselib/data/oracle-sids
|
|||
${PLIST.lua}share/nmap/nselib/data/packetdecoders.lua
|
||||
${PLIST.lua}share/nmap/nselib/data/passwords.lst
|
||||
${PLIST.lua}share/nmap/nselib/data/pixel.gif
|
||||
${PLIST.lua}share/nmap/nselib/data/publickeydb
|
||||
${PLIST.lua}share/nmap/nselib/data/psexec/README
|
||||
${PLIST.lua}share/nmap/nselib/data/psexec/backdoor.lua
|
||||
${PLIST.lua}share/nmap/nselib/data/psexec/default.lua
|
||||
|
|
@ -342,12 +343,15 @@ ${PLIST.lua}share/nmap/nselib/informix.lua
|
|||
${PLIST.lua}share/nmap/nselib/ipOps.lua
|
||||
${PLIST.lua}share/nmap/nselib/ipmi.lua
|
||||
${PLIST.lua}share/nmap/nselib/ipp.lua
|
||||
${PLIST.lua}share/nmap/nselib/irc.lua
|
||||
${PLIST.lua}share/nmap/nselib/iscsi.lua
|
||||
${PLIST.lua}share/nmap/nselib/isns.lua
|
||||
${PLIST.lua}share/nmap/nselib/jdwp.lua
|
||||
${PLIST.lua}share/nmap/nselib/json.lua
|
||||
${PLIST.lua}share/nmap/nselib/ldap.lua
|
||||
${PLIST.lua}share/nmap/nselib/lfs.luadoc
|
||||
${PLIST.lua}share/nmap/nselib/libssh2-utility.lua
|
||||
${PLIST.lua}share/nmap/nselib/libssh2.luadoc
|
||||
${PLIST.lua}share/nmap/nselib/listop.lua
|
||||
${PLIST.lua}share/nmap/nselib/lpeg-utility.lua
|
||||
${PLIST.lua}share/nmap/nselib/lpeg.luadoc
|
||||
|
|
@ -392,6 +396,7 @@ ${PLIST.lua}share/nmap/nselib/shortport.lua
|
|||
${PLIST.lua}share/nmap/nselib/sip.lua
|
||||
${PLIST.lua}share/nmap/nselib/slaxml.lua
|
||||
${PLIST.lua}share/nmap/nselib/smb.lua
|
||||
${PLIST.lua}share/nmap/nselib/smb2.lua
|
||||
${PLIST.lua}share/nmap/nselib/smbauth.lua
|
||||
${PLIST.lua}share/nmap/nselib/smtp.lua
|
||||
${PLIST.lua}share/nmap/nselib/snmp.lua
|
||||
|
|
@ -552,6 +557,7 @@ ${PLIST.lua}share/nmap/scripts/ftp-bounce.nse
|
|||
${PLIST.lua}share/nmap/scripts/ftp-brute.nse
|
||||
${PLIST.lua}share/nmap/scripts/ftp-libopie.nse
|
||||
${PLIST.lua}share/nmap/scripts/ftp-proftpd-backdoor.nse
|
||||
${PLIST.lua}share/nmap/scripts/ftp-syst.nse
|
||||
${PLIST.lua}share/nmap/scripts/ftp-vsftpd-backdoor.nse
|
||||
${PLIST.lua}share/nmap/scripts/ftp-vuln-cve2010-4221.nse
|
||||
${PLIST.lua}share/nmap/scripts/ganglia-info.nse
|
||||
|
|
@ -690,6 +696,7 @@ ${PLIST.lua}share/nmap/scripts/http-vuln-cve2015-1635.nse
|
|||
${PLIST.lua}share/nmap/scripts/http-vuln-cve2017-1001000.nse
|
||||
${PLIST.lua}share/nmap/scripts/http-vuln-cve2017-5638.nse
|
||||
${PLIST.lua}share/nmap/scripts/http-vuln-cve2017-5689.nse
|
||||
${PLIST.lua}share/nmap/scripts/http-vuln-cve2017-8917.nse
|
||||
${PLIST.lua}share/nmap/scripts/http-vuln-misfortune-cookie.nse
|
||||
${PLIST.lua}share/nmap/scripts/http-vuln-wnr1000-creds.nse
|
||||
${PLIST.lua}share/nmap/scripts/http-waf-detect.nse
|
||||
|
|
@ -702,6 +709,7 @@ ${PLIST.lua}share/nmap/scripts/http-xssed.nse
|
|||
${PLIST.lua}share/nmap/scripts/iax2-brute.nse
|
||||
${PLIST.lua}share/nmap/scripts/iax2-version.nse
|
||||
${PLIST.lua}share/nmap/scripts/icap-info.nse
|
||||
${PLIST.lua}share/nmap/scripts/iec-identify.nse
|
||||
${PLIST.lua}share/nmap/scripts/ike-version.nse
|
||||
${PLIST.lua}share/nmap/scripts/imap-brute.nse
|
||||
${PLIST.lua}share/nmap/scripts/imap-capabilities.nse
|
||||
|
|
@ -818,6 +826,7 @@ ${PLIST.lua}share/nmap/scripts/omp2-enum-targets.nse
|
|||
${PLIST.lua}share/nmap/scripts/omron-info.nse
|
||||
${PLIST.lua}share/nmap/scripts/openlookup-info.nse
|
||||
${PLIST.lua}share/nmap/scripts/openvas-otp-brute.nse
|
||||
${PLIST.lua}share/nmap/scripts/openwebnet-discovery.nse
|
||||
${PLIST.lua}share/nmap/scripts/oracle-brute-stealth.nse
|
||||
${PLIST.lua}share/nmap/scripts/oracle-brute.nse
|
||||
${PLIST.lua}share/nmap/scripts/oracle-enum-users.nse
|
||||
|
|
@ -834,6 +843,7 @@ ${PLIST.lua}share/nmap/scripts/pop3-brute.nse
|
|||
${PLIST.lua}share/nmap/scripts/pop3-capabilities.nse
|
||||
${PLIST.lua}share/nmap/scripts/pop3-ntlm-info.nse
|
||||
${PLIST.lua}share/nmap/scripts/pptp-version.nse
|
||||
${PLIST.lua}share/nmap/scripts/puppet-naivesigning.nse
|
||||
${PLIST.lua}share/nmap/scripts/qconn-exec.nse
|
||||
${PLIST.lua}share/nmap/scripts/qscan.nse
|
||||
${PLIST.lua}share/nmap/scripts/quake1-info.nse
|
||||
|
|
@ -884,6 +894,7 @@ ${PLIST.lua}share/nmap/scripts/smb-ls.nse
|
|||
${PLIST.lua}share/nmap/scripts/smb-mbenum.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb-os-discovery.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb-print-text.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb-protocols.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb-psexec.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb-security-mode.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb-server-stats.nse
|
||||
|
|
@ -898,7 +909,10 @@ ${PLIST.lua}share/nmap/scripts/smb-vuln-ms10-054.nse
|
|||
${PLIST.lua}share/nmap/scripts/smb-vuln-ms10-061.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb-vuln-ms17-010.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb-vuln-regsvc-dos.nse
|
||||
${PLIST.lua}share/nmap/scripts/smbv2-enabled.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb2-capabilities.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb2-security-mode.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb2-time.nse
|
||||
${PLIST.lua}share/nmap/scripts/smb2-vuln-uptime.nse
|
||||
${PLIST.lua}share/nmap/scripts/smtp-brute.nse
|
||||
${PLIST.lua}share/nmap/scripts/smtp-commands.nse
|
||||
${PLIST.lua}share/nmap/scripts/smtp-enum-users.nse
|
||||
|
|
@ -924,6 +938,10 @@ ${PLIST.lua}share/nmap/scripts/snmp-win32-users.nse
|
|||
${PLIST.lua}share/nmap/scripts/socks-auth-info.nse
|
||||
${PLIST.lua}share/nmap/scripts/socks-brute.nse
|
||||
${PLIST.lua}share/nmap/scripts/socks-open-proxy.nse
|
||||
${PLIST.lua}share/nmap/scripts/ssh-auth-methods.nse
|
||||
${PLIST.lua}share/nmap/scripts/ssh-brute.nse
|
||||
${PLIST.lua}share/nmap/scripts/ssh-publickey-acceptance.nse
|
||||
${PLIST.lua}share/nmap/scripts/ssh-run.nse
|
||||
${PLIST.lua}share/nmap/scripts/ssh-hostkey.nse
|
||||
${PLIST.lua}share/nmap/scripts/ssh2-enum-algos.nse
|
||||
${PLIST.lua}share/nmap/scripts/sshv1.nse
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
$NetBSD: distinfo,v 1.74 2017/06/14 09:26:29 adam Exp $
|
||||
$NetBSD: distinfo,v 1.75 2017/08/03 13:52:00 adam Exp $
|
||||
|
||||
SHA1 (nmap-7.50.tar.bz2) = 08a2f57bf8923f9f9fa80f3ec005020011a1d69a
|
||||
RMD160 (nmap-7.50.tar.bz2) = 46010d6ab65efe0e86973e43f58afc05f33db49f
|
||||
SHA512 (nmap-7.50.tar.bz2) = b74c5711f03bae363164cdb7e62923ab938c81c7bbcd080eaa2d1acc89f09eb0a7e0f5deb9628b81057c7a35ecd487a2d09dfe3b58b0db6c84cf0b39f526e5f2
|
||||
Size (nmap-7.50.tar.bz2) = 9309616 bytes
|
||||
SHA1 (nmap-7.60.tar.bz2) = 5d36a55ce772ec24f7f50ab52780f932ee20529f
|
||||
RMD160 (nmap-7.60.tar.bz2) = 24d27f10cbfcb4ae895f1010b401246a510fab0c
|
||||
SHA512 (nmap-7.60.tar.bz2) = 74ba8f6de026ade9ee6bb2252bee18a57210f8207977df7f1c04556629dcdc1e6127f33febc8a52ef88a1dac876116d590564dee4f1c23798c3ac37529991aa4
|
||||
Size (nmap-7.60.tar.bz2) = 10394925 bytes
|
||||
SHA1 (patch-configure) = 5fc39f084eadd6ea0560cd8e6f52074113566600
|
||||
SHA1 (patch-libdnet-stripped_src_arp-bsd.c) = c56c4e70eca2fa04dd8aab38ed2c3f4cac83f5e3
|
||||
SHA1 (patch-libnetutil_netutil.cc) = 7bd1059d6cbcf4f6d129730d6c6f6bc3ab54c0a0
|
||||
|
|
|
|||
Loading…
Reference in a new issue