Yaptest Update: v0.1.4
It’s now possible for the run_test API to filter based on the host_info table. This feature is used by yaptest-nmap-udp.pl to run a full UDP scan on any hosts that don’t rate limit the sending of ICMP Port Unreachable messages – e.g. Windows hosts. This makes for more thorough scanning without the futility of tryng to fully UDP scan all hosts.
The highlights of the change log are below:
* Nikto output filenames contain the protocol (http / https). * Made some error messages more meaningful. * Can no longer accidentially add a network instead of an IP via yaptest-hosts.pl (e.g. 192.168.0.0/24) * Bug Fix: Uppercase letters converted to lowercase in database name (backend doesn't allow ucase) * Bug Fix: Test areas can contain '-' now. * Bug Fix: Semaphore implemented to prevent multiple processes (name yaptest-bannergrab.pl) from creating port_keys at the same time. * yaptest-parse-nmap-xml.pl will now parse MAC addresses out (if present) and associate them with the IP in the backend db * yaptest-parse-nmap-xml.pl will now parse the top OS guess and store it as host_info in the backend db * Dropped uniqueness constraint on port_info table to prevent yaptest-parse-bannergrab.pl causing the the following error: DBD::Pg::st execute failed: ERROR: index row size 4100 exceeds btree maximum, 2713 * run_test API now supports filtering based on host_info * yaptest-nmap-udp.pl will now do a full UDP scan of any hosts that complete their quick UDP scan in less than 10 seconds (e.g. Windows boxes) * yaptest-credentials.pl now allows searching on username and password fields using the special words NOTNULL and NOTEMPTY - useful to list accounts you know the password for
Posted in Blog