SetDllDirectory function is available, as it is on Windows XP SP1 and later,
use it to remove the current directory from the DLL search path. If the
function is not available, call SetCurrentDirectory to the directory containing
the executable.
I believe that such an attack is not currently possible against Nmap, because
it doesn't register any file type associations. This protects us in case such
associations are added in the future.
scan on Windows with --unprivileged. Previously Nmap assumed that the only way
o.isr00t could be false on Windows was if pcap functions were not available, so
the user would get the false message "requires that WinPcap version 3.1 or
higher...". NmapOps now has a state variable have_pcap so the meaning of isr00t
isn't overloaded.
and having close() #defined to my_close() in nbase_winunix.h, I'm just defining close()
to closesocket() in nbase_winunix.h and removing my_close() from winfix.cc. I'm also
defining EWOULDBLOCK to WSAEWOULDBLOCK in nbase_winunix.h.
Nmap builds fine with these changes, and since it's just defining close() to something
that already exists, it shouldn't negatively affect other branches.
These are things I noticed while trying to cleanly "re-port" Ncat to VC++2008.
localhost as an unprivileged user (nmap --unprivileged localhost). The
error looked like
Skipping SYN Stealth Scan against localhost (127.0.0.1) because Windows does not support scanning your own machine (localhost) this way.
Now connect scan is used instead of SYN scan.
