diff options
| author | adam <adam@pkgsrc.org> | 2017-08-03 13:52:00 +0000 |
|---|---|---|
| committer | adam <adam@pkgsrc.org> | 2017-08-03 13:52:00 +0000 |
| commit | 003be4579d897f4b6495be3554a18be606f5b833 (patch) | |
| tree | cbce8c597cb5cff497b09ed5f5ec17fd3e0ef389 /net | |
| parent | d3ff947b29f0abb720b1b0556e114658ff6909eb (diff) | |
| download | pkgsrc-003be4579d897f4b6495be3554a18be606f5b833.tar.gz | |
Nmap 7.60
o Updated the bundled Npcap from 0.91 to 0.93, fixing several issues
with installation and compatibility with the Windows 10 Creators Update.
o NSE scripts now have complete SSH support via libssh2,
including password brute-forcing and running remote commands, thanks to the
combined efforts of three Summer of Code students.
o Added 14 NSE scripts from 6 authors, bringing the total up to 579!
They are all listed at https://nmap.org/nsedoc/, and the summaries are below:
+ ftp-syst sends SYST and STAT commands to FTP servers to get system version
and connection information.
+ http-vuln-cve2017-8917 checks for an SQL injection vulnerability affecting
Joomla! 3.7.x before 3.7.1.
+ iec-identify probes for the IEC 60870-5-104 SCADA protocol.
+ openwebnet-discovery retrieves device identifying information and
number of connected devices running on openwebnet protocol.
+ puppet-naivesigning checks for a misconfiguration in the Puppet CA where
naive signing is enabled, allowing for any CSR to be automatically signed.
+ smb-protocols discovers if a server supports dialects NT LM 0.12
(SMBv1), 2.02, 2.10, 3.00, 3.02 and 3.11. This replaces the old
smbv2-enabled script.
+ smb2-capabilities lists the supported capabilities of SMB2/SMB3
servers.
+ smb2-time determines the current date and boot date of SMB2
servers.
+ smb2-security-mode determines the message signing configuration of
SMB2/SMB3 servers.
+ smb2-vuln-uptime attempts to discover missing critical patches in
Microsoft Windows systems based on the SMB2 server uptime.
+ ssh-auth-methods lists the authentication methods offered by an SSH server.
+ ssh-brute performs brute-forcing of SSH password credentials.
+ ssh-publickey-acceptance checks public or private keys to see if they could
be used to log in to a target. A list of known-compromised key pairs is
included and checked by default.
+ ssh-run uses user-provided credentials to run commands on targets via SSH.
o Removed smbv2-enabled, which was incompatible with the new SMBv2/3
improvements. It was fully replaced by the smb-protocols script.
o Added Datagram TLS (DTLS) support to Ncat in connect (client)
mode with --udp --ssl. Also added Application Layer Protocol Negotiation
(ALPN) support with the --ssl-alpn option.
o Updated the default ciphers list for Ncat and the secure ciphers list for
Nsock to use "!aNULL:!eNULL" instead of "!ADH". With the addition of ECDH
ciphersuites, anonymous ECDH suites were being allowed.
o Fix ndmp-version and ndmp-fs-info when scanning Veritas Backup
Exec Agent 15 or 16.
o Added wildcard detection to dns-brute. Only hostnames that
resolve to unique addresses will be listed.
o FTP scripts like ftp-anon and ftp-brute now correctly handle
TLS-protected FTP services and use STARTTLS when necessary.
o Function url.escape no longer encodes so-called "unreserved"
characters, including hyphen, period, underscore, and tilde, as per RFC 3986.
o Function http.pipeline_go no longer assumes that persistent
connections are supported on HTTP 1.0 target (unless the target explicitly
declares otherwise), as per RFC 7230.
o The HTTP response object has a new member, version, which
contains the HTTP protocol version string returned by the server, e.g. "1.0".
o Fix handling of the objectSID Active Directory attribute
by ldap.lua.
o Fix line endings in the list of Oracle SIDs used by oracle-sid-brute.
Carriage Return characters were being sent in the connection packets, likely
resulting in failure of the script.
o http-useragent-checker now checks for changes in HTTP status
(usually 403 Forbidden) in addition to redirects to indicate forbidden User
Agents.
Diffstat (limited to 'net')
| -rw-r--r-- | net/nmap/Makefile | 6 | ||||
| -rw-r--r-- | net/nmap/PLIST | 22 | ||||
| -rw-r--r-- | net/nmap/distinfo | 10 |
3 files changed, 28 insertions, 10 deletions
diff --git a/net/nmap/Makefile b/net/nmap/Makefile index 8e552859154..5466aee0d31 100644 --- a/net/nmap/Makefile +++ b/net/nmap/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.135 2017/06/14 09:26:29 adam Exp $ +# $NetBSD: Makefile,v 1.136 2017/08/03 13:52:00 adam Exp $ -DISTNAME= nmap-7.50 +DISTNAME= nmap-7.60 CATEGORIES= net security MASTER_SITES= http://nmap.org/dist/ EXTRACT_SUFX= .tar.bz2 @@ -26,7 +26,7 @@ CONFIGURE_ARGS+= --without-subversion BUILD_DEFS+= IPV6_READY -TEST_TARGET+= check +TEST_TARGET= check .include "options.mk" diff --git a/net/nmap/PLIST b/net/nmap/PLIST index f6e6ee1e859..e7a154da688 100644 --- a/net/nmap/PLIST +++ b/net/nmap/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.26 2017/06/14 09:26:29 adam Exp $ +@comment $NetBSD: PLIST,v 1.27 2017/08/03 13:52:00 adam Exp $ bin/ncat ${PLIST.ndiff}bin/ndiff bin/nmap @@ -298,6 +298,7 @@ ${PLIST.lua}share/nmap/nselib/data/oracle-sids ${PLIST.lua}share/nmap/nselib/data/packetdecoders.lua ${PLIST.lua}share/nmap/nselib/data/passwords.lst ${PLIST.lua}share/nmap/nselib/data/pixel.gif +${PLIST.lua}share/nmap/nselib/data/publickeydb ${PLIST.lua}share/nmap/nselib/data/psexec/README ${PLIST.lua}share/nmap/nselib/data/psexec/backdoor.lua ${PLIST.lua}share/nmap/nselib/data/psexec/default.lua @@ -342,12 +343,15 @@ ${PLIST.lua}share/nmap/nselib/informix.lua ${PLIST.lua}share/nmap/nselib/ipOps.lua ${PLIST.lua}share/nmap/nselib/ipmi.lua ${PLIST.lua}share/nmap/nselib/ipp.lua +${PLIST.lua}share/nmap/nselib/irc.lua ${PLIST.lua}share/nmap/nselib/iscsi.lua ${PLIST.lua}share/nmap/nselib/isns.lua ${PLIST.lua}share/nmap/nselib/jdwp.lua ${PLIST.lua}share/nmap/nselib/json.lua ${PLIST.lua}share/nmap/nselib/ldap.lua ${PLIST.lua}share/nmap/nselib/lfs.luadoc +${PLIST.lua}share/nmap/nselib/libssh2-utility.lua +${PLIST.lua}share/nmap/nselib/libssh2.luadoc ${PLIST.lua}share/nmap/nselib/listop.lua ${PLIST.lua}share/nmap/nselib/lpeg-utility.lua ${PLIST.lua}share/nmap/nselib/lpeg.luadoc @@ -392,6 +396,7 @@ ${PLIST.lua}share/nmap/nselib/shortport.lua ${PLIST.lua}share/nmap/nselib/sip.lua ${PLIST.lua}share/nmap/nselib/slaxml.lua ${PLIST.lua}share/nmap/nselib/smb.lua +${PLIST.lua}share/nmap/nselib/smb2.lua ${PLIST.lua}share/nmap/nselib/smbauth.lua ${PLIST.lua}share/nmap/nselib/smtp.lua ${PLIST.lua}share/nmap/nselib/snmp.lua @@ -552,6 +557,7 @@ ${PLIST.lua}share/nmap/scripts/ftp-bounce.nse ${PLIST.lua}share/nmap/scripts/ftp-brute.nse ${PLIST.lua}share/nmap/scripts/ftp-libopie.nse ${PLIST.lua}share/nmap/scripts/ftp-proftpd-backdoor.nse +${PLIST.lua}share/nmap/scripts/ftp-syst.nse ${PLIST.lua}share/nmap/scripts/ftp-vsftpd-backdoor.nse ${PLIST.lua}share/nmap/scripts/ftp-vuln-cve2010-4221.nse ${PLIST.lua}share/nmap/scripts/ganglia-info.nse @@ -690,6 +696,7 @@ ${PLIST.lua}share/nmap/scripts/http-vuln-cve2015-1635.nse ${PLIST.lua}share/nmap/scripts/http-vuln-cve2017-1001000.nse ${PLIST.lua}share/nmap/scripts/http-vuln-cve2017-5638.nse ${PLIST.lua}share/nmap/scripts/http-vuln-cve2017-5689.nse +${PLIST.lua}share/nmap/scripts/http-vuln-cve2017-8917.nse ${PLIST.lua}share/nmap/scripts/http-vuln-misfortune-cookie.nse ${PLIST.lua}share/nmap/scripts/http-vuln-wnr1000-creds.nse ${PLIST.lua}share/nmap/scripts/http-waf-detect.nse @@ -702,6 +709,7 @@ ${PLIST.lua}share/nmap/scripts/http-xssed.nse ${PLIST.lua}share/nmap/scripts/iax2-brute.nse ${PLIST.lua}share/nmap/scripts/iax2-version.nse ${PLIST.lua}share/nmap/scripts/icap-info.nse +${PLIST.lua}share/nmap/scripts/iec-identify.nse ${PLIST.lua}share/nmap/scripts/ike-version.nse ${PLIST.lua}share/nmap/scripts/imap-brute.nse ${PLIST.lua}share/nmap/scripts/imap-capabilities.nse @@ -818,6 +826,7 @@ ${PLIST.lua}share/nmap/scripts/omp2-enum-targets.nse ${PLIST.lua}share/nmap/scripts/omron-info.nse ${PLIST.lua}share/nmap/scripts/openlookup-info.nse ${PLIST.lua}share/nmap/scripts/openvas-otp-brute.nse +${PLIST.lua}share/nmap/scripts/openwebnet-discovery.nse ${PLIST.lua}share/nmap/scripts/oracle-brute-stealth.nse ${PLIST.lua}share/nmap/scripts/oracle-brute.nse ${PLIST.lua}share/nmap/scripts/oracle-enum-users.nse @@ -834,6 +843,7 @@ ${PLIST.lua}share/nmap/scripts/pop3-brute.nse ${PLIST.lua}share/nmap/scripts/pop3-capabilities.nse ${PLIST.lua}share/nmap/scripts/pop3-ntlm-info.nse ${PLIST.lua}share/nmap/scripts/pptp-version.nse +${PLIST.lua}share/nmap/scripts/puppet-naivesigning.nse ${PLIST.lua}share/nmap/scripts/qconn-exec.nse ${PLIST.lua}share/nmap/scripts/qscan.nse ${PLIST.lua}share/nmap/scripts/quake1-info.nse @@ -884,6 +894,7 @@ ${PLIST.lua}share/nmap/scripts/smb-ls.nse ${PLIST.lua}share/nmap/scripts/smb-mbenum.nse ${PLIST.lua}share/nmap/scripts/smb-os-discovery.nse ${PLIST.lua}share/nmap/scripts/smb-print-text.nse +${PLIST.lua}share/nmap/scripts/smb-protocols.nse ${PLIST.lua}share/nmap/scripts/smb-psexec.nse ${PLIST.lua}share/nmap/scripts/smb-security-mode.nse ${PLIST.lua}share/nmap/scripts/smb-server-stats.nse @@ -898,7 +909,10 @@ ${PLIST.lua}share/nmap/scripts/smb-vuln-ms10-054.nse ${PLIST.lua}share/nmap/scripts/smb-vuln-ms10-061.nse ${PLIST.lua}share/nmap/scripts/smb-vuln-ms17-010.nse ${PLIST.lua}share/nmap/scripts/smb-vuln-regsvc-dos.nse -${PLIST.lua}share/nmap/scripts/smbv2-enabled.nse +${PLIST.lua}share/nmap/scripts/smb2-capabilities.nse +${PLIST.lua}share/nmap/scripts/smb2-security-mode.nse +${PLIST.lua}share/nmap/scripts/smb2-time.nse +${PLIST.lua}share/nmap/scripts/smb2-vuln-uptime.nse ${PLIST.lua}share/nmap/scripts/smtp-brute.nse ${PLIST.lua}share/nmap/scripts/smtp-commands.nse ${PLIST.lua}share/nmap/scripts/smtp-enum-users.nse @@ -924,6 +938,10 @@ ${PLIST.lua}share/nmap/scripts/snmp-win32-users.nse ${PLIST.lua}share/nmap/scripts/socks-auth-info.nse ${PLIST.lua}share/nmap/scripts/socks-brute.nse ${PLIST.lua}share/nmap/scripts/socks-open-proxy.nse +${PLIST.lua}share/nmap/scripts/ssh-auth-methods.nse +${PLIST.lua}share/nmap/scripts/ssh-brute.nse +${PLIST.lua}share/nmap/scripts/ssh-publickey-acceptance.nse +${PLIST.lua}share/nmap/scripts/ssh-run.nse ${PLIST.lua}share/nmap/scripts/ssh-hostkey.nse ${PLIST.lua}share/nmap/scripts/ssh2-enum-algos.nse ${PLIST.lua}share/nmap/scripts/sshv1.nse diff --git a/net/nmap/distinfo b/net/nmap/distinfo index 3c8ed4f9bdd..967b2833a49 100644 --- a/net/nmap/distinfo +++ b/net/nmap/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.74 2017/06/14 09:26:29 adam Exp $ +$NetBSD: distinfo,v 1.75 2017/08/03 13:52:00 adam Exp $ -SHA1 (nmap-7.50.tar.bz2) = 08a2f57bf8923f9f9fa80f3ec005020011a1d69a -RMD160 (nmap-7.50.tar.bz2) = 46010d6ab65efe0e86973e43f58afc05f33db49f -SHA512 (nmap-7.50.tar.bz2) = b74c5711f03bae363164cdb7e62923ab938c81c7bbcd080eaa2d1acc89f09eb0a7e0f5deb9628b81057c7a35ecd487a2d09dfe3b58b0db6c84cf0b39f526e5f2 -Size (nmap-7.50.tar.bz2) = 9309616 bytes +SHA1 (nmap-7.60.tar.bz2) = 5d36a55ce772ec24f7f50ab52780f932ee20529f +RMD160 (nmap-7.60.tar.bz2) = 24d27f10cbfcb4ae895f1010b401246a510fab0c +SHA512 (nmap-7.60.tar.bz2) = 74ba8f6de026ade9ee6bb2252bee18a57210f8207977df7f1c04556629dcdc1e6127f33febc8a52ef88a1dac876116d590564dee4f1c23798c3ac37529991aa4 +Size (nmap-7.60.tar.bz2) = 10394925 bytes SHA1 (patch-configure) = 5fc39f084eadd6ea0560cd8e6f52074113566600 SHA1 (patch-libdnet-stripped_src_arp-bsd.c) = c56c4e70eca2fa04dd8aab38ed2c3f4cac83f5e3 SHA1 (patch-libnetutil_netutil.cc) = 7bd1059d6cbcf4f6d129730d6c6f6bc3ab54c0a0 |