PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-10 07:11:37 +00:00
Code Issues Projects Releases Wiki Activity

approaching 4.04

Browse Source
This commit is contained in:
fyodor
2006-05-27 08:57:03 +00:00
parent 42a7e0486c
commit 0a392843a3
6 changed files with 37 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
CHANGELOG
View File

@@ -73,6 +73,22 @@ o Changed all instances of inet_aton() into calls to inet_pton()
instead. This allowed us to remove inet_aton.c from nbase. Thanks to instead. This allowed us to remove inet_aton.c from nbase. Thanks to
KX (kxmail(a)gmail.com) for the patch. KX (kxmail(a)gmail.com) for the patch.
o When debugging (-d) is specified, Nmap now prints a report on the
timing variables in use. Thanks to Doug Hoyte for the patch. The
report loos like this:
---------- Timing report ----------
hostgroups: min 1, max 100000
rtt-timeouts: init 250, min 50, max 300
scan-delay: TCP 5, UDP 1000
parallelism: min 0, max 0
max-retries: 2, host-timeout 900000
-----------------------------------
o Modified the WinPcap installer file to explicitly uninstall an
existing WinPcap (if you select that you wish to replace it) rather
than just overwriting the old version. Thanks to Doug Hoyte for
making this change.
Nmap 4.03 Nmap 4.03
o Updated the LibPCRE build system to add the -fno-thread-jumps option o Updated the LibPCRE build system to add the -fno-thread-jumps option

2
TargetGroup.cc
View File

@@ -209,7 +209,7 @@ int TargetGroup::parse_expr(const char * const target_expr, int af) {
if (count > 1) if (count > 1)
error("Warning: Hostname %s resolves to %d IPs. Using %s.", target_net, count, inet_ntoa(*((struct in_addr *)target->h_addr_list[0]))); error("Warning: Hostname %s resolves to %d IPs. Using %s.", target_net, count, inet_ntoa(*((struct in_addr *)target->h_addr_list[0])));
} else { } else {
fprintf(stderr, "Failed to resolve given hostname/IP: %s. Note that you can't use '/mask' AND '[1-4,7,100-]' style IP ranges\n", target_net); fprintf(stderr, "Failed to resolve given hostname/IP: %s. Note that you can't use '/mask' AND '1-4,7,100-' style IP ranges\n", target_net);
free(hostexp); free(hostexp);
return 1; return 1;
} }

6
docs/nmap.1
View File

@@ -2,7 +2,7 @@
.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
.\" Instead of manually editing it, you probably should edit the DocBook XML .\" Instead of manually editing it, you probably should edit the DocBook XML
.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. .\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
.TH "NMAP" "1" "05/15/2006" "" "Nmap Reference Guide" .TH "NMAP" "1" "05/27/2006" "" "Nmap Reference Guide"
.\" disable hyphenation .\" disable hyphenation
.nh .nh
.\" disable justification (adjust text to left margin only) .\" disable justification (adjust text to left margin only)
@@ -875,9 +875,9 @@ These templates allow the user to specify how aggressive they wish to be, while
\fB\-T4\fR \fB\-T4\fR
prohibits the dynamic scan delay from exceeding 10ms for TCP ports and prohibits the dynamic scan delay from exceeding 10ms for TCP ports and
\fB\-T5\fR \fB\-T5\fR
caps that value at 5 milliseconds. Templates can be used in combination with fine grained controls, as long as the template is specified first. Otherwise the standard values for the template may override the values you specify. I recommend using caps that value at 5 milliseconds. Templates can be used in combination with fine grained controls, and the fine\-grained controls will you specify will take precedence over the timing template default for that parameter. I recommend using
\fB\-T4\fR \fB\-T4\fR
when scanning reasonably modern and reliable networks. Keep that option (at the beginning of the command line) even when you add fine grained controls so that you benefit from those extra minor optimizations that it enables. when scanning reasonably modern and reliable networks. Keep that option even when you add fine grained controls so that you benefit from those extra minor optimizations that it enables.
.sp .sp
If you are on a decent broadband or ethernet connection, I would recommend always using If you are on a decent broadband or ethernet connection, I would recommend always using
\fB\-T4\fR. Some people love \fB\-T4\fR. Some people love

2
docs/nmap.dtd
View File

@@ -78,7 +78,7 @@
start %attr_numeric; #IMPLIED start %attr_numeric; #IMPLIED
startstr CDATA #IMPLIED startstr CDATA #IMPLIED
version CDATA #REQUIRED version CDATA #REQUIRED
xmloutputversion (1.01) #REQUIRED xmloutputversion (1.02) #REQUIRED
> >
<!-- this element is written in output.c:doscaninfo() --> <!-- this element is written in output.c:doscaninfo() -->

8
mswin32/winpcap/winpcap-nmap.nsi
View File

@@ -44,6 +44,7 @@ Function .onInit
do_silent: do_silent:
SetSilent silent SetSilent silent
IfFileExists "$SYSDIR\wpcap.dll" finish
return return
no_silent: no_silent:
@@ -77,6 +78,13 @@ Function .onInit
quit quit
finish: finish:
ReadRegStr $0 "HKLM" "Software\WinPcap" ""
IfFileExists "$0\Uninstall.exe" run_uninstaller
return
run_uninstaller:
ExecWait '"$0\Uninstall.exe"'
FunctionEnd FunctionEnd

8
nmap-service-probes
View File

@@ -1491,6 +1491,7 @@ match sourceoffice m|^250\r\nProtocol-Version:(\d[.\d]+)\r\nMessage-ID:\d+\r\nDa
match ssh m|^\0\0\0\$\0\0\0\0\x01\0\0\0\x1bNo host key is configured!\n\r!\"v| p/Foundry Networks switch sshd/ i/broken: No host key configured/ match ssh m|^\0\0\0\$\0\0\0\0\x01\0\0\0\x1bNo host key is configured!\n\r!\"v| p/Foundry Networks switch sshd/ i/broken: No host key configured/
match ssh m|^SSH-(\d[\d.]+)-SSF-(\d[-.\w]+)\n| p/SSF French SSH/ v/$2/ i/protocol $1/ match ssh m|^SSH-(\d[\d.]+)-SSF-(\d[-.\w]+)\n| p/SSF French SSH/ v/$2/ i/protocol $1/
match ssh m|^SSH-(\d[\d.]+)-lshd_(\d[-.\w]+) lsh - a free ssh\r\n\0\0| p/lshd secure shell/ v/$2/ i/protocol $1/ match ssh m|^SSH-(\d[\d.]+)-lshd_(\d[-.\w]+) lsh - a free ssh\r\n\0\0| p/lshd secure shell/ v/$2/ i/protocol $1/
match ssh m/^SSH-([.\d]+)-OpenSSH[_-](\S+ Debian-7ubuntu3)/i o/Linux/ p/OpenSSH/ v/$2/ i/protocol $1/
match ssh m/^SSH-([.\d]+)-OpenSSH[_-]([\S ]+)/i p/OpenSSH/ v/$2/ i/protocol $1/ match ssh m/^SSH-([.\d]+)-OpenSSH[_-]([\S ]+)/i p/OpenSSH/ v/$2/ i/protocol $1/
match ssh m/^SSH-([.\d]+)-Sun_SSH_(\S+)/ p/SunSSH/ v/$2/ i/protocol $1/ match ssh m/^SSH-([.\d]+)-Sun_SSH_(\S+)/ p/SunSSH/ v/$2/ i/protocol $1/
match ssh m/^SSH-([.\d]+)-meow roototkt by rebel/ p/meow SSH ROOTKIT/ i/protocol $1/ match ssh m/^SSH-([.\d]+)-meow roototkt by rebel/ p/meow SSH ROOTKIT/ i/protocol $1/
@@ -4589,6 +4590,13 @@ match gadu m|^UDAG$| p/Kadu polish IM client/
match skype m|^.{14}$|s p/Skype VoIP data channel/ match skype m|^.{14}$|s p/Skype VoIP data channel/
##############################NEXT PROBE##############################
Probe TCP FourOhFourRequest q|GET /nice%20ports%2C/Tri%6Eity.txt%2ebak HTTP/1.0\r\n\r\n|
rarity 6
ports 80-85,88,8000-8010,8080-8085,8880-8888
fallback GetRequest
##############################NEXT PROBE############################## ##############################NEXT PROBE##############################
# ftp://ftp.rfc-editor.org/in-notes/rfc1179.txt # ftp://ftp.rfc-editor.org/in-notes/rfc1179.txt
Probe TCP LPDString q|\x01default\n| Probe TCP LPDString q|\x01default\n|