Lua 5.3 adds several awesome features of particular interest to nmap including
bitwise operators and integers, a utf8 library, and standard binary pack/unpack
functions.
In addition to adding Lua 5.3, this branch changes:
o Complete removal of the NSE bit library (in C), It has been replaced with
a new Lua library wrapping Lua 5.3's bit-wise operators.
o Complete removal of the NSE bin library (in C). It has been replaced with a
new Lua library wrapping Lua 5.3's string.pack|unpack functions.
o The bin.pack "B" format specifier (which has never worked correctly) is
unimplemented. All scripts/libraries which use it have been updated. Most
usage of this option was to allow string based bit-wise operations which are no
longer necessary now that Lua 5.3 provides integers and bit-wise operators.
o The base32/base64 libraries have been reimplemented using Lua 5.3's new
bitwise operators. (This library was the main user of the bin.pack "B" format
specifier.)
o A new "bits" library has been added for common bit hacks. Currently only has
a reverse function.
Thanks to David Fifield, Daniel Miller, Jacek Wielemborek, and Paulino
Calderon for testing this branch.
This reflects a deprecation in the official CPE dictionary, which seems
to have happened on 2012-03-08.
<cpe-item deprecation_date="2012-03-08T20:00:15.120Z" deprecated_by="cpe:/o:linux:linux_kernel:2.6.0" deprecated="true" name="cpe:/o:linux:kernel:2.6.0">
<title xml:lang="en-US">Linux Kernel 2.6.0</title>
<meta:item-metadata modification-date="2012-03-08T20:00:15.120Z" status="DRAFT" deprecated-by-nvd-id="35565" nvd-id="91585" />
</cpe-item>
Scripts may now return a key–value table, or such a table in addition to
a string. The table will be automatically formatted for normal output
and will appear as a hierarchy of elements in XML output.
Some history and discussion of this development can be found at
https://secwiki.org/w/Nmap/Structured_Script_Output.
This is a merge of r29484:29569 from /nmap-exp/david/xml-output.
This is the default and can be omitted. Seeing as the value of this
argument was "hardmatched" in 100% of cases, we're better off pretending
the parameter doesn't exist.
Changed links to Lua reference manual to point to appropriate sections
for 5.2. Books (Reference Manual and Programming in Lua, 2nd ed.) have
not been updated to 5.2 yet, so those were left alone.
Documented the change in API for linking C libs (luaL_newlib and
luaL_Reg vs luaL_register and luaL_reg).
Previously they were a flat list intermixing human-readable names and
CPE strings. Now they reflect the structure that we use to represent
them. In brief:
host.os = {
{
name = "Microsoft Windows XP",
classes = {
{
vendor = "Microsoft",
osfamily = "Windows",
osgen = "XP",
type = "general purpose",
cpe = {
"cpe:/o:microsoft:windows_xp"
}
},
... more classes ...
},
},
... more OS matches ...
}
CPEs are available at host.os (for the ones from OS fingerprinting) and
port.version.cpe (for the version detection ones).
This patch also fix a memory leak that David noticed in
PortList::setServiceProbeResults().
the name of a file containing all of your desired NSE script
arguments. The arguments may be separated with commas or newlines
and may be overridden by arguments specified on the command-line
with --script-args. [Daniel Miller]
* Adding path-mtu.nse for Path MTU Discovery
* Nmap now stores the MTU for interfaces (from SIOCGIFMTU or libdnet)
* Scripts can access the MTU for host.interface via host.interface_mtu
* Nmap prints the MTU for interfaces in --iflist
This table contains Nmap's timing data (srtt, the smoothed round
trip time; rttvar, the rtt variance; and timeout), all represented
as floating-point seconds. The ipidseq and qscan scripts were
updated to utilize the host's timeout value instead of the very
conservative guess of 3 seconds for read timeouts. [Kris]
