while still mentioning that "ping scan" is a common term. Mention the
use of -PN and -sP together to run NSE host scripts without ping and
port scanning.
currently recommended way to disable both host discovery and port
scanning. The only other phase that can run in the absence of these two
is NSE, and then with host scripts only. -sP should not by thought of as
"ping scan" but as "don't port scan," because more than a ping scan can
happen when you use it. More reasonable and mnemonic options for
disabling these phases will be forthcoming.
check_globals script.
Commented-out two functions which are currently unused:
svcctl_Type_tostr() and svcctl_State_tostr()
and which call currently unavailable functions:
svcctl_Type_str() and svcctl_State_str()
(see http://seclists.org/nmap-dev/2009/q3/0194.html )
error
You can't use --max-parallelism with --scan-delay.
QUITTING!
to a warning
Warning: --min-parallelism and --max-parallelism are ignored with --scan-delay.
if there was only one extraports state, would create a Port object for
each scanned port that was not listed explictly. So for example, if a
scan of 100 ports had 5 open ports and an extraports of "filtered",
Ndiff would create 95 port records in the "filtered" state in addition
to the 5 "open". If there was more than one extraports state this was
not possible.
This turned out to be a slow operation, out of all proportion to its
utility. Here are times for a diff of random-1.xml and random-2.xml,
before and after:
real 0m11.912s
user 0m10.970s
sys 0m0.249s
real 0m0.773s
user 0m0.726s
sys 0m0.046s
In most cases extraports are not shown in the output, so this was wasted
effort. I know of only one place where it affected the output, when an
extraports in the A scan because a non-extraports in a different state
in the B scan. Then the previous state would be included in the <a>
port, where now it will just be listed without a state.
code to increase the scan delay if tries increased too much. But the
main loop did an unconditional continue before incrementing tries, so it
was always 0. I looked back at the history and saw that it was always
like this for RPC scan. tries was only incremented for the other scan
types handled by pos_scan, which now are done by ultra_scan. So I
removed the tries accounting and dependent code.
may not exist (and thus triggers an error from strict.lua). We instead
setup dummy portrule/action functions, print the debug error for why the script
will not run, and return.
Before, a variable was set to NULL if it was not AF_INET, and was later
dereferenced in handling target groups containing IPv4 addresses. This
never actually caused a problem because Nmap's -6 switch is global, so
if an AF_INET6 address was passed to hostInExclude, none of the target
groups could have contained IPv4 addresses and the NULL dereference
would not have occurred. It might have broken easily in the future
though. Now the IPv4 target groups make sure they are dealing with an
AF_INET address.
replaced so that all NSE modules will have strict declared global checking at
runtime. This should catch most developer errors early. Please see [1] for
further reference into the problem.
[1] http://seclists.org/nmap-dev/2009/q3/0070.html
is not in the registry. That function is called indirectly by
nmap.verbosity, which may be called before _R["NSE_SELECTED_BY_NAME"]
has been given a value. I was getting this error with any script scan:
NSE: failed to initialize the script engine:
attempt to call a nil value
stack traceback:
[C]: in function 'verbosity'
./nse_main.lua:136: in function 'print_verbose'
./nse_main.lua:680: in main chunk
[C]: ?
QUITTING!
server with a date in 2007 was producing the output
|_ http-date: Sun, 07 Jan 2007 08:17:36 GMT; -918d13h46m40s from local time.
Now it is
|_ http-date: Sun, 07 Jan 2007 09:01:44 GMT; -2y187d13h46m40s from local time.
parses an HTTP date in any of three possible formats.
http-date.nse gets the Date: header field value from and HTTP server,
then displays it with how much it differs from local time.
