PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-05 22:19:03 +00:00
Code Issues Projects Releases Wiki Activity

Update CHANGELOG for Nmap 7.92 release

Browse Source
This commit is contained in:
fyodor
2021-08-08 00:26:46 +00:00
parent 1e8f81c638
commit 5ccd15c3ce
1 changed files with 129 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

219
CHANGELOG
View File

@@ -1,113 +1,152 @@
#Nmap Changelog ($Id$); -*-text-*-
Nmap 7.92 [2021-08-07]
o [Windows] Upgraded Npcap (our Windows raw packet capturing and
transmission driver) from version 1.00 to the latest version 1.50. You can
read about the dozens of performance improvements, bug fixes and feature
enhancements at https://npcap.org/changelog.
o [Windows] Thanks to the Npcap 1.50 upgrade, Nmap now works on the Windows
ARM architecture so you can run it on lightweight and power-efficient
tablets like the Microsoft Surface Pro X and Samsung Galaxy Book Go. More
ARM devices are on the way along with the upcoming Windows 11 release. See
the Npcap on ARM announcement at
https://seclists.org/nmap-announce/2021/2.
o [Windows] Updated our Windows builds to Visual Studio 2019, Windows 10
SDK, and the UCRT. This prevents Nmap from working on Windows Vista and
earlier, but they can still use older versions of Nmap on their ancient
operating system.
o New Nmap option --unique will prevent Nmap from scanning the same IP
address twice, which can happen when different names resolve to the same
address. [Daniel Miller]
o [NSE][GH#1691] TLS 1.3 now supported by most scripts for which it is
relevant, such as ssl-enum-ciphers. Some functions like ssl tunnel
connections and certificate parsing will require OpenSSL 1.1.1 or later to
fully support TLS 1.3. [Daniel Miller]
o Setting --host-timeout=0 will disable the host timeout, which is set by -T5
to 15 minutes. Earlier versions of Nmap require the user to specify a very
long timeout instead.
o [NSE] Added 3 NSE scripts, from 4 authors, bringing the total up to 604!
They are all listed at https://nmap.org/nsedoc/, and the summaries are
below:
+ [GH#2201] nbns-interfaces queries NetBIOS name service (NBNS) to gather
IP addresses of the target's network interfaces [Andrey Zhukov]
o If a host times out, the XML <host> element will have the attribute
timedout="true" and the host's timing info (srtt etc.) will still be printed.
+ [GH#711] openflow-info gathers preferred and supported protocol versions
from OpenFlow devices [Jay Smith, Mak Kolybabi]
o [GH#2269] Fix an issue with -sU where payload data went out-of-scope before
it was used, causing corrupted payloads to be sent. [Mariusz Ziulek]
+ port-states prints a list of ports that were found in each state,
including states that were summarized as "Not shown: X closed ports"
[Daniel Miller]
o [GH#2257] Fix an issue in addrset matching that was causing all targets to be
excluded if the --excludefile listed a CIDR range that contains an earlier,
smaller CIDR range. [Daniel Miller]
o Several changes to UDP payloads to improve accuracy:
+ [GH#2269] Fix an issue with -sU where payload data went out-of-scope
before it was used, causing corrupted payloads to be sent. [Mariusz
Ziulek]
o [NSE][GH#2237] Prevent the ssl-* NSE scripts from probing ports that were
excluded from version scan, usually 9100-9107, since JetDirect will print
anything sent to these ports. [Daniel Miller]
+ Nmap's retransmission limits were preventing some UDP payloads from
being tried with -sU and -PU. Now, Nmap sends each payload for a
particular port at the same time without delay. [Daniel Miller]
o Nmap's retransmission limits were preventing some UDP payloads from being
tried with -sU and -PU. Now, Nmap sends each payload for a particular port
at the same time without delay. [Daniel Miller]
+ New UDP payloads:
- [GH#1279] TS3INIT1 for UDP 3389 [colcrunch]
- [GH#1895] DTLS for UDP 3391 (RD Gateway) [Arnim Rupp]
o [GH#2206] Nmap no longer produces cryptic message "Failed to convert
source address to presentation format" when unable to find useable route
to the target. [nnposter]
o [Ncat][GH#2202] Use safety-checked versions of FD_* macros to abort early if
number of connections exceeds FD_SETSIZE. [Pavel Zhukov]
o [Ncat] Connections proxied via SOCKS4/SOCKS5 were intermittently dropping
server data sent right after the connection got established, such as port
banners. [Sami Pönkänen]
o Nmap will now output a list of port numbers for each "ignored" state in the
"extrareasons" element in XML output. The "All X ports" and "Not shown:" lines
in normal output have been changed slightly to provide more detail. [Daniel Miller]
o New script port-states will print a list of ports that were found in each
state, including states that were summarized as "Not shown: X closed ports"
[Daniel Miller]
o New Nmap option --unique will prevent Nmap from scanning the same IP address
twice, which can happen when different names resolve to the same address. [Daniel Miller]
o [NSE][GH#2175] Fixed NSE so it will not consolidate all port script output
for targets which share an IP (e.g. HTTP vhosts) under one target. [Daniel Miller]
o [Zenmap][GH#2157] Fixed an issue where a failure to execute Nmap would result
in a Zenmap crash with "TypeError: coercing to Unicode" exception.
o Nmap no longer considers an ICMP Host Unreachable as confirmation that a
target is down, in accordance with RFC 1122 which says these errors may be
transient. Instead, the probe will be destroyed and other probes used to
determine aliveness. [Daniel Miller]
o [NSE][GH#711] New script openflow-info gathers preferred and supported
protocol versions from OpenFlow devices [Jay Smith, Mak Kolybabi]
o [NSE][GH#2201] New script nbns-interfaces queries NetBIOS name service (NBNS)
to gather IP addresses of the target's network interfaces [Andrey Zhukov]
o New UDP payloads:
+ [GH#1279] TS3INIT1 for UDP 3389 [colcrunch]
+ [GH#1895] DTLS for UDP 3391 (RD Gateway) [Arnim Rupp]
o [Ncat][GH#2154] Ncat no longer crashes when used with Unix domain sockets.
o [Ncat][GH#2167][GH#2168] Ncat is now again generating certificates
with the duration of one year. Due to a bug, recent versions of Ncat were
using only one minute. [Tobias Girstmair]
o [NSE][GH#2281] URL/percent-encoding is now using uppercase hex digits
to align with RFC 3986, section 2.1, and to improve compatibility with some
real-world web servers. [nnposter]
o [NSE][GH#2174] Script hostmap-crtsh got improved in several ways. The most
visible are that certificate SANs are properly split apart and that
identities that are syntactically incorrect to be hostnames are now ignored.
[Michel Le Bihan, nnposter]
o [GH#2199] Updated Nmap's NPSL license to rewrite a poorly-worded
clause which many folks interpreted as a "field of endeavor
restriction" related to "proprietary software companies". We are
retroactively offering Nmap versions 7.90 and 7.91 under this new
Version 0.93 of the NPSL so that users and distributors may choose
either version of the license.
o [NSE] Loading of a Nikto database failed if the file was referenced
relative to the Nmap directory [nnposter]
o [NSE][GH#2208][GH#2203] SMB2 dialect handling has been redesigned. Visible
changes include:
o [NSE][GH#2208][GH#2203] SMB2 dialect handling has been
redesigned. Visible changes include:
* Notable improvement in speed of script smb-protocols and others
* Some SMB scripts are no longer using a hardcoded dialect, improving
target interoperability
* Dialect names are aligned with Microsoft, such as 3.0.2, instead of 3.02
[nnposter]
o [NSE] Script smb2-vuln-uptime no longer reports false positives when
the target does not provide its boot time. [nnposter]
o Removed support for the ancient WinPcap library since we already include
our own Npcap library (https://npcap.org) supporting the same API. WinPcap
was abandoned years ago and it's official download page says that "WE
RECOMMEND USING Npcap INSTEAD" for security, stability, compatibility, and
support reasons.
o [NSE][GH#2197] Client packets composed by the DHCP library will now contain
option 51 (IP address lease time) only when requested. [nnposter]
o [GH#2257] Fix an issue in addrset matching that was causing all targets to
be excluded if the --excludefile listed a CIDR range that contains an
earlier, smaller CIDR range. [Daniel Miller]
o Setting --host-timeout=0 will disable the host timeout, which is set by
-T5 to 15 minutes. Earlier versions of Nmap require the user to specify a
very long timeout instead.
o Improvemenhts to Nmap's XML output:
+ If a host times out, the XML <host> element will have the attribute
timedout="true" and the host's timing info (srtt etc.) will still be
printed.
+ The "extrareasons" element now includes a list of port numbers for each
"ignored" state. The "All X ports" and "Not shown:" lines in normal
output have been changed slightly to provide more detail. [Daniel
Miller]
o [NSE][GH#2237] Prevent the ssl-* NSE scripts from probing ports that were
excluded from version scan, usually 9100-9107, since JetDirect will print
anything sent to these ports. [Daniel Miller]
o [GH#2206] Nmap no longer produces cryptic message "Failed to convert
source address to presentation format" when unable to find useable route
to the target. [nnposter]
o [Ncat][GH#2202] Use safety-checked versions of FD_* macros to abort early
if number of connections exceeds FD_SETSIZE. [Pavel Zhukov]
o [Ncat] Connections proxied via SOCKS4/SOCKS5 were intermittently dropping
server data sent right after the connection got established, such as port
banners. [Sami Pönkänen]
o [Ncat][GH#2149] Fixed a bug in proxy connect mode which would close the
connection as soon as it was opened in Nmap 7.90 and 7.91.
o [NSE][GH#2175] Fixed NSE so it will not consolidate all port script output
for targets which share an IP (e.g. HTTP vhosts) under one target. [Daniel
Miller]
o [Zenmap][GH#2157] Fixed an issue where a failure to execute Nmap would
result in a Zenmap crash with "TypeError: coercing to Unicode" exception.
o Nmap no longer considers an ICMP Host Unreachable as confirmation that a
target is down, in accordance with RFC 1122 which says these errors may be
transient. Instead, the probe will be destroyed and other probes used to
determine aliveness. [Daniel Miller]
o [Ncat][GH#2154] Ncat no longer crashes when used with Unix domain sockets.
o [Ncat][GH#2167][GH#2168] Ncat is now again generating certificates with
the duration of one year. Due to a bug, recent versions of Ncat were using
only one minute. [Tobias Girstmair]
o [NSE][GH#2281] URL/percent-encoding is now using uppercase hex digits to
align with RFC 3986, section 2.1, and to improve compatibility with some
real-world web servers. [nnposter]
o [NSE][GH#2174] Script hostmap-crtsh got improved in several ways. The most
visible are that certificate SANs are properly split apart and that
identities that are syntactically incorrect to be hostnames are now
ignored. [Michel Le Bihan, nnposter]
o [NSE] Loading of a Nikto database failed if the file was referenced
relative to the Nmap directory [nnposter]
o [GH#2199] Updated Nmap's NPSL license to rewrite a poorly-worded clause
abiyt "proprietary software companies". The new license version 0.93 is
still available from https://nmap.org/npsl/. As described on that page, we
are also still offering Nmap 7.90, 7.91, and 7.92 under the previous Nmap
7.80 license. Finally, we still offer the Nmap OEM program for companies
who want a non-copyleft license allowing them to redistribute Nmap with
their products at https://nmap.org/oem/.
o [NSE] Script smb2-vuln-uptime no longer reports false positives when the
target does not provide its boot time. [nnposter]
o [NSE][GH#2197] Client packets composed by the DHCP library will now
contain option 51 (IP address lease time) only when requested. [nnposter]
o [NSE][GH#2192] XML decoding in library citrixxml no longer crashes when
encountering a character reference with codepoint greater than 255. (These