diff --git a/docs/TODO b/docs/TODO index 8d11b968c..005adb739 100644 --- a/docs/TODO +++ b/docs/TODO @@ -16,7 +16,33 @@ o [NSE] Patrick's script dependency patch: o Investigate issue with our Pcap and Wireshark x64, as described in this thread: http://seclists.org/nmap-dev/2009/q4/557 [Rob] -o Release 4.10BETA2 +o Make new stable release + +o Look at new DB2 script by Tom + Sellers. http://seclists.org/nmap-dev/2009/q4/659 + +o Look at new Kerberos script from Patrik Karlsson. http://seclists.org/nmap-dev/2009/q4/715 + +o On our NSEDoc pages (e.g. http://nmap.org/nsedoc/), perhaps the link + text for scripts should not include the ".nse". Basides saving + horizontal space, this may improve the sorting so that the likes of + "citrix-enum-apps" comes before "citrix-enum-apps-xml". Also, we can + probably get away with reducing the width of the NSEDoc left-column, + especially if ".nse" is removed. + +o [Ncat] Add SSL support for --exec so you can use SSL to talk to your + remote shell, etc. See this thread: + http://seclists.org/nmap-dev/2009/q4/255, particularly the + implementation sketch at http://seclists.org/nmap-dev/2009/q4/268 [Venkat,David] + +o [NSE] HTTP header parsing is not very robust, and is duplicated in a + lot of places. For example, it's legal to have header fields like +Content-type:\r\n +___text/html\r\n +(with spaces in place of _, but http.lua won't parse such a header +correctly. In other words you can extend them to any number of lines +as long as each line after the first begins with whitespace. [Joao] + o Make the nmap.header.tmpl wording a little more generic so it more clearly applies to Ncat, Zenmap, Nping, etc. Then use @@ -40,13 +66,6 @@ o Move Zenmap man page from nmap/docs/ to nmap/zenmap/docs to match o Consider standardizing names for nping and ncrack man pages as well. [Fyodor] -o On our NSEDoc pages (e.g. http://nmap.org/nsedoc/), perhaps the link - text for scripts should not include the ".nse". Basides saving - horizontal space, this may improve the sorting so that the likes of - "citrix-enum-apps" comes before "citrix-enum-apps-xml". Also, we can - probably get away with reducing the width of the NSEDoc left-column, - especially if ".nse" is removed. - o Update "History and Future of Nmap" (http://nmap.org/book/history-future.html) to include all the news since September 2008. [Fyodor] @@ -56,11 +75,6 @@ o We should document an official way to compile/test refguide.xml so involve moving legal-notices.xml into /nmap/docs, among other things. -o [Ncat] Add SSL support for --exec so you can use SSL to talk to your - remote shell, etc. See this thread: - http://seclists.org/nmap-dev/2009/q4/255, particularly the - implementation sketch at http://seclists.org/nmap-dev/2009/q4/268 [Venkat,David] - o Add Nmap web board. o Create Nmap wiki @@ -122,14 +136,6 @@ o Dependency licensing issues (OpenSSL, Python, GTK+, etc.) o X.org libraries (Mac version links to them) o libdnet -o [NSE] HTTP header parsing is not very robust, and is duplicated in a - lot of places. For example, it's legal to have header fields like -Content-type:\r\n -___text/html\r\n -(with spaces in place of _, but http.lua won't parse such a header -correctly. In other words you can extend them to any number of lines -as long as each line after the first begins with whitespace. [Joao] - o Scanning through proxies o Nmap should be able to scan through proxy servers, particularly now that we have an NSE script for detectiong open proxies and now that @@ -585,6 +591,8 @@ o random tip database DONE: +o Release 5.10BETA2 + o Add --evil to set the RFC3514 evil bit. ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt o We're not going to add this right now.