PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 21:21:31 +00:00
Code Issues Projects Releases Wiki Activity

Bump version from 7.25BETA1 release, regen docs, merge CHANGELOG

Browse Source
This commit is contained in:
dmiller
2016-07-19 19:57:56 +00:00
parent 5040fb3874
commit 60dc6353b9
15 changed files with 122 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

142
CHANGELOG
View File

@@ -8,26 +8,57 @@ o [GH#103][GH#364] Made Nmap's parallel reverse DNS resolver more robust, fully
handling truncated replies. If a response is too long, we now fall back to
using the system resolver to answer it. [Abhishek Singh]
o [NSE][GH#365] Added sslv2-drown for detecting vulnerability to the DROWN
attack, including CVE-2016-0703 and CVE-2016-0704 that enable fast attacks on
OpenSSL. [Bertrand Bonnefoy-Claudet]
o [NSE] Added http-mcmp for detecting mod_cluster Management Protocol (MCMP)
and dumping its configuration. [Frank Spierings]
o [Nping] Nping is now fully compatible with Npcap. [Daniel Miller]
o [GH#279][Zenmap] Added a legend for the Topography window. [Suraj Hande]
o [NSE] Added clamav-exec to detect ClamAV servers vulnerable to unauthorized
clamav command execution. [Paulino Calderon]
Nmap 7.25BETA1 [2016-07-15]
o [NSE] Added http-aspnet-debug to detect ASP.NET applications with
debugging enabled. Script submitted by Josh Amishav-Zlatin. [Paulino Calderon]
o Nmap now ships with and uses Npcap, our new packet sniffing library
for Windows. It's based on WinPcap (unmaintained for years), but
uses modern Windows APIs for better performance. It also includes
security improvements and many bug fixes. See http://npcap.org. And
it enables Nmap to perform SYN scans and OS detection against
localhost, which we haven't been able to do on Windows since
Microsoft removed the raw sockets API in 2003. [Yang Luo, Daniel
Miller, Fyodor]
o Nmap can now make full use of Npcap, the Nmap Project's packet sniffing
library for Windows. Most notably, this enables SYN scan and OS detection
against localhost. [Yang Luo]
o [NSE] Added 6 NSE scripts, from 5 authors, bringing the total up to 533!
They are all listed at https://nmap.org/nsedoc/, and the summaries are below
(authors are listed in brackets):
+ clamav-exec detects ClamAV servers vulnerable to unauthorized clamav
command execution. [Paulino Calderon]
+ http-aspnet-debug detects ASP.NET applications with debugging enabled.
[Josh Amishav-Zlatin]
+ http-internal-ip-disclosure determines if the web server leaks its internal
IP address when sending an HTTP/1.0 request without a Host header. [Josh
Amishav-Zlatin]
+ [GH#304] http-mcmp detects mod_cluster Management Protocol (MCMP) and dumps
its configuration. [Frank Spierings]
+ [GH#365] sslv2-drown detects vulnerability to the DROWN attack, including
CVE-2016-0703 and CVE-2016-0704 that enable fast attacks on OpenSSL.
[Bertrand Bonnefoy-Claudet]
+ vnc-title logs in to VNC servers and grabs the desktop title, geometry, and
color depth. [Daniel Miller]
o Integrated all of your IPv4 OS fingerprint submissions from January
to April (539 of them). Added 98 fingerprints, bringing the new total
to 5187. Additions include Linux 4.4, Android 6.0, Windows Server
2016, and more. [Daniel Miller]
o Integrated all 31 of your IPv6 OS fingerprint submissions from January to
June. The classifier added 2 groups and expanded several others. Several
Apple OS X groups were consolidated, reducing the total number of groups to
93. [Daniel Miller]
o Update oldest supported Windows version to Vista (Windows 6.0). This enables
the use of the poll Nsock engine, which has significant performance and
accuracy advantages. Windows XP users can still use Nmap 7.12, available from
https://nmap.org/dist/?C=M&O=D [Daniel Miller]
o [NSE] Fix a crash that happened when trying to print the percent done of 0
NSE script threads:
@@ -36,11 +67,54 @@ o [NSE] Fix a crash that happened when trying to print the percent done of 0
pressed a key or specified a short --stats-every interval. Reported by
Richard Petrie. [Daniel Miller]
o [NSE] ssl-enum-ciphers will give a failing score to any server with an RSA
certificate whose public key uses an exponent of 1. [Daniel Miller]
o [GH#283][Nsock] Avoid "unknown protocol:0" debug messages and an "Unknown
address family 0" crash on Windows and other platforms that do not set the
src_addr argument to recvfrom for TCP sockets. [Daniel Miller]
o Update oldest supported Windows version to Vista (Windows 6.0). This enables
the use of the poll Nsock engine. [Daniel Miller]
o Retrieve the correct network prefix length for an adapter on Windows. If more
than one address was configured on an adapter, the same prefix length would
be used for both. This incorrect behavior is still used on Windows XP and
earlier. Reported by Niels Bohr. [Daniel Miller]
o Changed libdnet-stripped to avoid bailing completely when an interface is
encountered with an unsupported hardware address type. Caused "INTERFACES:
NONE FOUND!" bugs in Nmap whenever Linux kernel added new hardware address
types. [Daniel Miller]
o Improved service detection of Docker and fixed a bug in the output of
docker-version script. [Tom Sellers]
o Fix detection of Microsoft Terminal Services (RDP). Our improved TLS service
probes were matching on port 3389 before our specific Terminal Services
probe, causing the port to be labeled as "ssl/unknown". Reported by Josh
Amishav-Zlatin.
o [NSE] Update to enable smb-os-discovery to augment version detection
for certain SMB related services using data that the script discovers.
[Tom Sellers]
o Improved version detection and descriptions for Microsoft and Samba
SMB services. Also addresses certain issues with OS identification.
[Tom Sellers]
o [NSE] ssl-enum-ciphers will give a failing score to any server with an RSA
certificate whose public key uses an exponent of 1. It will also cap the
score of an RC4-ciphersuite handshake at C and output a warning referencing
RFC 7465. [Daniel Miller]
o [NSE] Refactored some SSLv2 functionality into a new library, sslv2.lua .
[Daniel Miller]
o [GH#399] Zenmap's authorization wrapper now uses an AppleScript method for
privilege escalation on OS X, avoiding the deprecated
AuthorizationExecuteWithPrivileges method previously used. [Vincent Dumont]
o [GH#454] The OS X binary package is distributed in a .dmg disk image that now
features an instructive background image. [Vincent Dumont]
o [GH#420] Our OS X build system now uses gtk-mac-bundler and jhbuild to
provide all dependencies. We no longer use Macports for this purpose.
[Vincent Dumont]
o [GH#345][Zenmap] On Windows, save Zenmap's stderr output to a writeable
location (%LOCALAPPDATA%\zenmap.exe.log or %TEMP%\zenmap.exe.log) instead of
@@ -50,27 +124,10 @@ o [GH#345][Zenmap] On Windows, save Zenmap's stderr output to a writeable
o [GH#379][NSE] Fix http-iis-short-name-brute to report non vulnerable hosts.
Reported by alias1. [Paulino Calderon]
o [GH#283][Nsock] Avoid "unknown protocol:0" debug messages and an "Unknown
address family 0" crash on Windows and other platforms that do not set the
src_addr argument to recvfrom for TCP sockets. [Daniel Miller]
o [NSE][GH#371] Fix mysql-audit by adding needed library requires to the
mysql-cis.audit file. The script would fail with "Failed to load rulebase"
message. [Paolo Perego]
o Retrieve the correct network prefix length for an adapter on Windows. If more
than one address was configured on an adapter, the same prefix length would
be used for both. This incorrect behavior is still used on Windows XP and
earlier. Reported by Niels Bohr. [Daniel Miller]
o [NSE] ssl-enum-ciphers will cap the score of an RC4-ciphersuite handshake at
C and output a warning referencing RFC 7465.
o Changed libdnet-stripped to avoid bailing completely when an interface is
encountered with an unsupported hardware address type. Caused "INTERFACES:
NONE FOUND!" bugs in Nmap whenever Linux kernel added new hardware address
types. [Daniel Miller]
o [NSE][GH#362] Added support for LDAP over udp to ldap-rootdse.nse.
Also added version detection and information extraction to match the
new LDAP LDAPSearchReq and LDAPSearchReqUDP probes. [Tom Sellers]
@@ -81,21 +138,10 @@ o [GH#354] Added new version detection Probes for LDAP services, LDAPSearchReq
-printing and information extraction. Also added nmap-payload entry for
detecting LDAP on udp. [Tom Sellers]
o [NSE] Added vnc-title for logging in to VNC servers and grabbing the desktop
title, geometry, and color depth. [Daniel Miller]
o [NSE] More VNC updates: Support for VeNCrypt and Tight auth types, output of
authentication sub-types in vnc-info, and all zero-authentication types are
recognized and reported. [Daniel Miller]
o [NSE] Update to enable smb-os-discovery to augment version detection
for certain SMB related services using data that the script discovers.
[Tom Sellers]
o Improved version detection and descriptions for Microsoft and Samba
SMB services. Also addresses certain issues with OS identification.
[Tom Sellers]
Nmap 7.12 [2016-03-29]
o [Zenmap] Avoid file corruption in zenmap.conf, reported as files containing

4
docs/nmap-update.1
View File

@@ -2,12 +2,12 @@
.\" Title: nmap-update
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 06/22/2016
.\" Date: 07/19/2016
.\" Manual: nmap-update Reference Guide
.\" Source: nmap-update
.\" Language: English
.\"
.TH "NMAP\-UPDATE" "1" "06/22/2016" "nmap\-update" "nmap\-update Reference Guide"
.TH "NMAP\-UPDATE" "1" "07/19/2016" "nmap\-update" "nmap\-update Reference Guide"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------

6
docs/nmap.1
View File

@@ -2,12 +2,12 @@
.\" Title: nmap
.\" Author: [see the "Author" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 06/22/2016
.\" Date: 07/19/2016
.\" Manual: Nmap Reference Guide
.\" Source: Nmap
.\" Language: English
.\"
.TH "NMAP" "1" "06/22/2016" "Nmap" "Nmap Reference Guide"
.TH "NMAP" "1" "07/19/2016" "Nmap" "Nmap Reference Guide"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -130,7 +130,7 @@ This options summary is printed when Nmap is run with no arguments, and the late
.RS 4
.\}
.nf
Nmap 7\&.12SVN ( https://nmap\&.org )
Nmap 7\&.25SVN ( https://nmap\&.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc\&.

2
docs/nmap.usage.txt
View File

@@ -1,4 +1,4 @@
Nmap 7.12SVN ( https://nmap.org )
Nmap 7.25SVN ( https://nmap.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.

4
docs/zenmap.1
View File

@@ -2,12 +2,12 @@
.\" Title: zenmap
.\" Author: [see the "Authors" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 06/22/2016
.\" Date: 07/19/2016
.\" Manual: Zenmap Reference Guide
.\" Source: Zenmap
.\" Language: English
.\"
.TH "ZENMAP" "1" "06/22/2016" "Zenmap" "Zenmap Reference Guide"
.TH "ZENMAP" "1" "07/19/2016" "Zenmap" "Zenmap Reference Guide"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------

4
mswin32/nmap.rc
View File

@@ -13,7 +13,7 @@
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 7,0,12,1
FILEVERSION 7,0,25,100
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x21L
@@ -30,7 +30,7 @@ BEGIN
BEGIN
VALUE "CompanyName", "Insecure.Org\0"
VALUE "FileDescription", "Nmap\0"
VALUE "FileVersion", "7.12SVN\0"
VALUE "FileVersion", "7.25SVN\0"
VALUE "InternalName", "Nmap\0"
VALUE "LegalCopyright", "Copyright (c) Insecure.Com LLC (fyodor@insecure.org)\0"
VALUE "LegalTrademarks", "NMAP\0"

7
ncat/docs/ncat.1
View File

@@ -2,12 +2,12 @@
.\" Title: Ncat
.\" Author: [see the "Authors" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 06/22/2016
.\" Date: 07/19/2016
.\" Manual: Ncat Reference Guide
.\" Source: Ncat
.\" Language: English
.\"
.TH "NCAT" "1" "06/22/2016" "Ncat" "Ncat Reference Guide"
.TH "NCAT" "1" "07/19/2016" "Ncat" "Ncat Reference Guide"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -43,7 +43,7 @@ Among Ncat\*(Aqs vast number of features there is the ability to chain Ncats tog
.RS 4
.\}
.nf
Ncat 7\&.12SVN ( https://nmap\&.org/ncat )
Ncat 7\&.25SVN ( https://nmap\&.org/ncat )
Usage: ncat [options] [hostname] [port]
Options taking a time assume seconds\&. Append \*(Aqms\*(Aq for milliseconds,
@@ -73,6 +73,7 @@ Options taking a time assume seconds\&. Append \*(Aqms\*(Aq for milliseconds,
\-\-sctp Use SCTP instead of default TCP
\-v, \-\-verbose Set verbosity level (can be used several times)
\-w, \-\-wait <time> Connect timeout
\-z Zero\-I/O mode, report connection status only
\-\-append\-output Append rather than clobber specified output files
\-\-send\-only Only send data, ignoring received; quit on EOF
\-\-recv\-only Only receive data, never send anything

3
ncat/docs/ncat.usage.txt
View File

@@ -1,4 +1,4 @@
Ncat 7.12SVN ( https://nmap.org/ncat )
Ncat 7.25SVN ( https://nmap.org/ncat )
Usage: ncat [options] [hostname] [port]
Options taking a time assume seconds. Append 'ms' for milliseconds,
@@ -28,6 +28,7 @@ Options taking a time assume seconds. Append 'ms' for milliseconds,
--sctp Use SCTP instead of default TCP
-v, --verbose Set verbosity level (can be used several times)
-w, --wait <time> Connect timeout
-z Zero-I/O mode, report connection status only
--append-output Append rather than clobber specified output files
--send-only Only send data, ignoring received; quit on EOF
--recv-only Only receive data, never send anything

2
ncat/ncat.h
View File

@@ -145,7 +145,7 @@
/* Ncat information for output, etc. */
#define NCAT_NAME "Ncat"
#define NCAT_URL "https://nmap.org/ncat"
#define NCAT_VERSION "7.12SVN"
#define NCAT_VERSION "7.25SVN"
#ifndef __GNUC__
#ifndef __attribute__

4
ndiff/docs/ndiff.1
View File

@@ -2,12 +2,12 @@
.\" Title: ndiff
.\" Author: [see the "Authors" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 06/22/2016
.\" Date: 07/19/2016
.\" Manual: User Commands
.\" Source: Ndiff
.\" Language: English
.\"
.TH "NDIFF" "1" "06/22/2016" "Ndiff" "User Commands"
.TH "NDIFF" "1" "07/19/2016" "Ndiff" "User Commands"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------

6
nmap.h
View File

@@ -193,13 +193,13 @@
#ifndef NMAP_VERSION
/* Edit this definition only within the quotes, because it is read from this
file by the makefiles. */
#define NMAP_VERSION "7.12SVN"
#define NMAP_NUM_VERSION "7.0.12.1"
#define NMAP_VERSION "7.25SVN"
#define NMAP_NUM_VERSION "7.0.25.100"
#endif
/* The version number of updates retrieved by the nmap-update
program. It can be different (but should always be the same or
earlier) than NMAP_VERSION. */
#define NMAP_UPDATE_CHANNEL "6.49"
#define NMAP_UPDATE_CHANNEL "7.20"
#define NMAP_XMLOUTPUTVERSION "1.04"

4
nping/docs/nping.1
View File

@@ -2,12 +2,12 @@
.\" Title: nping
.\" Author: [see the "Authors" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 06/22/2016
.\" Date: 07/19/2016
.\" Manual: Nping Reference Guide
.\" Source: Nping
.\" Language: English
.\"
.TH "NPING" "1" "06/22/2016" "Nping" "Nping Reference Guide"
.TH "NPING" "1" "07/19/2016" "Nping" "Nping Reference Guide"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------

2
nping/nping.h
View File

@@ -339,7 +339,7 @@
/* General tunable defines **************************************************/
#define NPING_NAME "Nping"
#define NPING_URL "https://nmap.org/nping"
#define NPING_VERSION "0.7.12SVN"
#define NPING_VERSION "0.7.25SVN"
#define DEFAULT_VERBOSITY VB_0

2
zenmap/share/zenmap/config/zenmap_version
View File

@@ -1 +1 @@
7.12SVN
7.25SVN

2
zenmap/zenmapCore/Version.py
View File

@@ -1 +1 @@
VERSION = "7.12SVN"
VERSION = "7.25SVN"