o It no longer uses the global environment to store the modules table
o It now uses loadfile() to load the configuration files, which follows best practices better
o The module() line at the top of the configuration files is no longer required, but if it exists all that happens is a warning is printed
o Worked around what appears to be a bug in one person's Nmap install where absolute paths didn't resolve properly -- I couldn't replicate, but he confirmed it was fixed
o Add two new Script scan phases:
Script Pre-scanning phase: before any Nmap scan operation, activated by the new "prerule".
Script Post-scanning phase: after all Nmap scan operations, activated by the new "postrule".
o New environment variables:
SCRIPT_PATH
SCRIPT_NAME
SCRIPT_TYPE: the type of the rule that activated the script.
OVSAgentServer. This looks like standard Python SimpleXMLRPCServer with
BaseHTTP except that it can be distinguished by the HTML title. Also add
a related fingerprint for SimpleXMLRPCServer when it is used in its
DocXMLRPCServer mode, which distinguishes it from plain BaseHTTP.
This table contains Nmap's timing data (srtt, the smoothed round
trip time; rttvar, the rtt variance; and timeout), all represented
as floating-point seconds. The ipidseq and qscan scripts were
updated to utilize the host's timeout value instead of the very
conservative guess of 3 seconds for read timeouts. [Kris]
Instead of sending multiple fragments, Nmap would just send the
original whole packet instead. In some circumstances, Nmap would
fail to send on interfaces with low MTUs (such as SLIP lines) with
no way to bump down packet sizes for transport. [Kris]
It looks like this has been broken in trunk since merging libnetutil,
and since r18037 in the dedup branch.
present under the Scripting tab of profile editor. Besides selecting
script,argument values can also be given. Description and categories
of script is also shown.
[kirubakaran]
o [NSE] The http library's request functions now accept an additional
"auth" table within the option table, which if provided causes Basic
authentication credentials to be sent. [David]
