Previously the ping probe data structures were stored in NmapOps,
now they will be stored in the scan_lists struct. All other changes
auxiliary to this reorganization.
nmap -PA80 -PA443 target
Previously this would use 443 only, and leak a little bit of memory as the
pointer to the array containing 80 was lost. Now it gives an error
Only one -PB, -PA, or -PT option is allowed. Combine port ranges with commas.
QUITTING!
of scripts chosen from when using -sC (but it's still just another category
and so can be chosen with --script like any other).
On top of updating the docs with information about this new category, I've
also updated sections to emphasize that the "default" category, -sC and -A
are considered intrusive and should not be run against target networks
without permission.
The new list is very similar to the previous "safe,intrusive" list:
Added: finger, ircServerInfo, RealVNC_auth_bypass
Removed: HTTPpasswd
Here are the 21 scripts in this new category:
anonFTP
dns-test-open-recursion
finger
ftpbounce
HTTPAuth
HTTP_open_proxy
ircServerInfo
MSSQLm
MySQLinfo
nbstat
RealVNC_auth_bypass
robots
rpcinfo
showHTMLTitle
showOwner
SMTPcommands
SNMPsysdesr
SSHv1-support
SSLv2-support
UPnP-info
zoneTrans
"welcome" so it appears in the "Introduction" section of the installer (the
"Readme" page doesn't appear anymore). Previously the Introduction page was
just a useless extra page that said "You will be guided through the steps
necessary to install this software."
LUA_CFLAGS="-DLUA_USE_POSIX -DLUA_USE_DLOPEN"
out of a case statement so that it becomes the default for all systems but Mac
OS X. Previously it was in the '*' branch of the case statement, so it ran only
for systems that weren't otherwise handled. This may have caused the error
reported at http://seclists.org/nmap-dev/2008/q2/0464.html.
on the following versions (the last one is from SVN):
55554/tcp open metasploit Metasploit Framework msfd 3.0-beta-dev
55554/tcp open metasploit Metasploit Framework msfd 3.0
55554/tcp open metasploit Metasploit Framework msfd 3.1-release
55554/tcp open metasploit Metasploit Framework msfd 3.2-release
ports instead of just TCP ports. This made it very slow in the
common case where there are many UDP ports in the open|filtered
state. Thanks to Jason DePriest for reporting the problem and Jah
for tracking it down and fixing it.
o A bug was fixed that could cause Zenmap to crash when loading a
results file that had multibyte characters in it. The error looked
like
Gtk-ERROR **: file gtktextsegment.c: line 196 (_gtk_char_segment_new): assertion failed: (gtk_text_byte_begins_utf8_char (text))
The necessary libraries (lib and dll) and headers required for compilation and
linking are in mswin32/OpenSSL. A detailed upgrade guide is available in
mswin32/OpenSSL/upgrade-guide.txt.
Thanks to Thomas Buchanan for doing the initial work and writing up the initial
build guide.
My openssl-testing branch has been posted on nmap-dev for 12 days and has been
tested by (at least) Thomas, Jah and I, with no reports of failure.
http://seclists.org/nmap-dev/2008/q2/0249.html
better by AC_PROG_CXX and caused a failure when configured with ccache:
CXX="ccache /usr/bin/g++-4.0" ./configure
checking build system type... i386-apple-darwin9.2.2
checking host system type... i386-apple-darwin9.2.2
checking for gcc... ccache /usr/bin/gcc-4.0
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether ccache /usr/bin/gcc-4.0 accepts -g... yes
checking for ccache /usr/bin/gcc-4.0 option to accept ISO C89... none needed
checking for inline... inline
checking for gcc... (cached) ccache /usr/bin/gcc-4.0
checking whether we are using the GNU C compiler... (cached) yes
checking whether ccache /usr/bin/gcc-4.0 accepts -g... (cached) yes
checking for ccache /usr/bin/gcc-4.0 option to accept ISO C89...
(cached) none needed
checking whether we are using the GNU C++ compiler... yes
checking whether ccache /usr/bin/g++-4.0 accepts -g... yes
checking for ccache /usr/bin/g++-4.0... MISSING
configure: error: Could not locate a C++ compiler. If it exists, add it
to your PATH or give configure the CXX=path_to_compiler argument.
Otherwise, install a C++ compiler such as g++ or install a binary
package of Nmap (see http://nmap.org/download.html ))
On Windows, this ID has to be a numeric index. On Linux and some
other OS's, this ID can instead be an interface name. Some examples
of this syntax:
fe80::20f:b0ff:fec6:15af%2
fe80::20f:b0ff:fec6:15af%eth0
This was a lot simpler than the method I previously implemented and posted
to nmap-dev. Now I just extract the zone ID from the already available
getaddrinfo() data rather than parsing it out myself.
might negitivly effect how efficiently nmap stores cache values in a hash
table. Now ntohl is called to correctly reorder the values on little endian
platforms before the hash calculation is preformed.
