Using o.magic_port, which is usually used for our source address, or
otherwise is somewhat randomly generated, doesn't make sense here.
Instead, use the same destination ports that we use for host discovery:
80 for TCP and SCTP, and 40125 for UDP.
http://seclists.org/nmap-dev/2012/q3/663
If we get a reply that doesn't pass the simple comparison using the
current value of USI->seqmask, then ignore it. Previously we emitted the
message "Bad Sequence number from host %s.\n" and allowed the reply to
match any probe. This only matters when using -g because otherwise we
encode that information in the source port. I think we have addressed
what was mentioned in the TODO comment in r15986. Allowing promiscuous
matching, as was done before, causes the same spurious closed port issue
that was addressed in r29686.
Per-probe tryno and pingseq are encoded as offset from a the base source
port number. Previously this was fixed for all calls of ultra_scan,
which means that unrelated probes in different calls would use the same
source port number if they had the same tryno and pingseq. This could
cause erroneous results if a reply to a probe from a previous call was
delated and was received in the current call and interpreted as a legit
response.
This has no effect when o.magic_port_set is true (i.e., when -g or
--source-port is used).
http://seclists.org/nmap-dev/2012/q1/62http://seclists.org/nmap-dev/2012/q3/589
NSE: Script Engine Scan Aborted.
An error was thrown by the engine: attempt to get length of a number
value
stack traceback:
[C]: in function 'port_set_output'
/home/rt/builds/nmap/nse_main.lua:314: in function 'set_output'
/home/rt/builds/nmap/nse_main.lua:947: in function 'run'
/home/rt/builds/nmap/nse_main.lua:1330: in function
</home/rt/builds/nmap/nse_main.lua:1237>
[C]: in ?
This now allows return of anything stringifiable as second return value
without crashing (though this may not be what the script author intends,
better to not crash)
is a regular file.
Under linux, that provides epoll(7), this allows proper behavior when
redirecting a regular file to stdin (e.g.: 'ncat localhost < file.txt').
Bug was reported by Michal Hlavinka. See
http://seclists.org/nmap-dev/2012/q3/490 for more details.
