automatically converted to bare LF when input is from the console, but
not when it is from a pipe or a file. No newline translation is done
on output (it was being done before). This makes it possible to
transfer binary files with Ncat on Windows without any corruption.
a layer 4 protocol used mostly for telephony related applications.
This brings the following new features:
o SCTP INIT chunk port scan (-sY): open ports return an INIT-ACK
chunk, closed ones an ABORT chunk. This is the SCTP equivalent
of a TCP SYN stealth scan.
o SCTP COOKIE-ECHO chunk port scan (-sZ): open ports are silent,
closed ports return an ABORT chunk.
o SCTP INIT chunk ping probes (-PY): host discovery using SCTP
INIT chunk packets.
o SCTP-specific IP protocol scan (-sO -p sctp).
o SCTP-specific traceroute support (--traceroute).
o The ability to use the deprecated Adler32 algorithm as specified
in RFC 2960 instead of CRC32C from RFC 4960 (--adler32).
o 42 well-known SCTP ports were added to the nmap-services file.
Part of the work on SCTP support was kindly sponsored by
Compass Security AG, Switzerland. [Daniel Roethlisberger]
Some scripts would fail due to an error (whois.nse) causing other
scripts to become deadlocked on a mutex that would never unlock. This
patch fixes this problem. See [1] for more information.
[1] http://seclists.org/nmap-dev/2009/q2/0533.html
Previously, the --script-args switch would only accept values
with alphanumeric characters or underscores. A full treatise
of the history of changes to this switch and problems can be
found here [2].
Here are the new rules for --script-args definitively:
--script-args <string>
<string> may contain a sequence of key=value pairs and array entries
separated by commas. All whitespace except where noted below is
ignored.
A key, value, or array value may be a sequence of characters except
'{', '}', ',', '=', and all space characters. You may overcome this
restriction by using quotes (single or double) to allow all characters
within the quotation marks. You may also use the quote delimiter
inside the sequence so long as it is escaped by a backslash.
A value for a key/value pair or an array value are allowed to be
a nested table delimited by '{' and '}'.
[1] http://seclists.org/nmap-dev/2009/q2/0204.html
[2] http://seclists.org/nmap-dev/2009/q2/0211.html
with the struct (bin) library available:
function hextobin(str) return bin.pack("H", str) end
function bintohex(str) return bin.unpack("H", str) end
Also removed a commented copy that was in the sniffer-detect.nse script.
right type of probe (0 with 8, 14 with 13, 18 with 17). With the new
default ping, I was scanning a network where an echo reply would
mistakenly be interpreted as a response to a timestamp request, even
though that host didn't respond to timestamp requests. That host would
become the global ping host, and all its probes would be dropped,
slowing the scan way down. A ping scan of a /24 took over 1,000 seconds
when it should have taken about 10.
exhaustive testing of 90 different probes, this one emerged as the
best four-probe combination, finding 14% more Internet hosts than
the previous default, -PE -PA80. The default for nonroot users is
-PS80,443, replacing the previous default of -PS80. In addition,
ping probes are now sent in order of effectiveness (-PE first) so
that less likely probes may not have to be sent.
search dialog, not an ad-hoc (year, month, day) tuple. This fixes an
error introduced when I made the change to use strftime for date
formatting:
File "zenmapGUI\SearchGUI.pyo", line 583, in operator_changed
File "zenmapGUI\SearchGUI.pyo", line 566, in new_subcriterion
File "zenmapGUI\SearchGUI.pyo", line 751, in __init__
File "zenmapGUI\SearchGUI.pyo", line 816, in set_date
TypeError: argument must be sequence of length 9, not 3
