Script.new. Because of the new strict.lua library being added, scripts
would look for the absent filename global at load-time and fail due to an
error (ssh-hostkey.nse).
for an interface, and skip the interface. The warning looks like
Warning: Unable to get hardware address for interface %s -- skipping it.
This happens when a FireWire interface (fw*) has an address configured on Mac
OS X. Previously Nmap would die in getinterfaces so it wasn't even possible to
scan over the other interfaces.
o Fixed a log_write call and a pfatal call to use a syntax which is
safer from format strings bugs. This allows Nmap to build with the
gcc -Wformat -Werror=format-security options. [Guillaume Rousse]
while still mentioning that "ping scan" is a common term. Mention the
use of -PN and -sP together to run NSE host scripts without ping and
port scanning.
currently recommended way to disable both host discovery and port
scanning. The only other phase that can run in the absence of these two
is NSE, and then with host scripts only. -sP should not by thought of as
"ping scan" but as "don't port scan," because more than a ping scan can
happen when you use it. More reasonable and mnemonic options for
disabling these phases will be forthcoming.
check_globals script.
Commented-out two functions which are currently unused:
svcctl_Type_tostr() and svcctl_State_tostr()
and which call currently unavailable functions:
svcctl_Type_str() and svcctl_State_str()
(see http://seclists.org/nmap-dev/2009/q3/0194.html )
error
You can't use --max-parallelism with --scan-delay.
QUITTING!
to a warning
Warning: --min-parallelism and --max-parallelism are ignored with --scan-delay.
if there was only one extraports state, would create a Port object for
each scanned port that was not listed explictly. So for example, if a
scan of 100 ports had 5 open ports and an extraports of "filtered",
Ndiff would create 95 port records in the "filtered" state in addition
to the 5 "open". If there was more than one extraports state this was
not possible.
This turned out to be a slow operation, out of all proportion to its
utility. Here are times for a diff of random-1.xml and random-2.xml,
before and after:
real 0m11.912s
user 0m10.970s
sys 0m0.249s
real 0m0.773s
user 0m0.726s
sys 0m0.046s
In most cases extraports are not shown in the output, so this was wasted
effort. I know of only one place where it affected the output, when an
extraports in the A scan because a non-extraports in a different state
in the B scan. Then the previous state would be included in the <a>
port, where now it will just be listed without a state.
code to increase the scan delay if tries increased too much. But the
main loop did an unconditional continue before incrementing tries, so it
was always 0. I looked back at the history and saw that it was always
like this for RPC scan. tries was only incremented for the other scan
types handled by pos_scan, which now are done by ultra_scan. So I
removed the tries accounting and dependent code.
may not exist (and thus triggers an error from strict.lua). We instead
setup dummy portrule/action functions, print the debug error for why the script
will not run, and return.
Before, a variable was set to NULL if it was not AF_INET, and was later
dereferenced in handling target groups containing IPv4 addresses. This
never actually caused a problem because Nmap's -6 switch is global, so
if an AF_INET6 address was passed to hostInExclude, none of the target
groups could have contained IPv4 addresses and the NULL dereference
would not have occurred. It might have broken easily in the future
though. Now the IPv4 target groups make sure they are dealing with an
AF_INET address.
replaced so that all NSE modules will have strict declared global checking at
runtime. This should catch most developer errors early. Please see [1] for
further reference into the problem.
[1] http://seclists.org/nmap-dev/2009/q3/0070.html
