is not in the registry. That function is called indirectly by
nmap.verbosity, which may be called before _R["NSE_SELECTED_BY_NAME"]
has been given a value. I was getting this error with any script scan:
NSE: failed to initialize the script engine:
attempt to call a nil value
stack traceback:
[C]: in function 'verbosity'
./nse_main.lua:136: in function 'print_verbose'
./nse_main.lua:680: in main chunk
[C]: ?
QUITTING!
server with a date in 2007 was producing the output
|_ http-date: Sun, 07 Jan 2007 08:17:36 GMT; -918d13h46m40s from local time.
Now it is
|_ http-date: Sun, 07 Jan 2007 09:01:44 GMT; -2y187d13h46m40s from local time.
parses an HTTP date in any of three possible formats.
http-date.nse gets the Date: header field value from and HTTP server,
then displays it with how much it differs from local time.
o A bug in Nsock was fixed: On systems where a nonblocking connect
could succeed immediately, connections that were requested to be
tunnelled through SSL would actually be plain text. This could be
verified with an Ncat client and server running on localhost. This
was observed to happen with localhost connections on FreeBSD 7.2.
Non-localhost connections were likely not affected. The bug was
reported by Daniel Roethlisberger. [David]
have their verbosity level automatically increased by one. Many
will print negative results ("no infection found") at a higher
verbosity level. The idea is that if you ask for a script
specifically, you are more interested in such results.
was that if a host had multiple addresses of the same type, they should
be sorted numerically, not alphabetically. So 20.0.0.1 should come
before 100.0.0.1. But the way Nmap works, I don't think a host can have
more than one address of the same type, and it's not worth the code it
would take to make them sort properly if it did.
so that read errors for both can be handled in the same place. SSL_read
errors were not being handled at all, which would cause the Ncat broker
to use 100% CPU after a client disconnected. The problem was reported by
Kris at http://seclists.org/nmap-dev/2009/q2/0840.html.
default when a socket error occurs. This used to require -v, but
printing no message at all could make a failed connection look like
success in a case like
ncat remote < short-file
http.lua. Previously the code was not careful about checking its input,
and would loop forever if it got something non-hex where it expected a
hex chunk-size. See http://seclists.org/nmap-dev/2009/q3/0013.html.
This code raises an error whenever decoding fails for whatever reason.
It also handles chunk extensions. The reference is section 3.6.1 of
RFC 2616.
in getinterfaces. This was the cause of an overlapping memcpy reported
at http://seclists.org/nmap-dev/2009/q2/0713.html.
In the code, sin is a pointer that holds the address of the IP address
configured for an interface. It is copied into a tmpifr.ifr_addr before
each ioctl, perhaps because that is required on some platforms even
though on Linux only ifr_name is needed by the ioctl. When the ioctl
returns, it overwrites whatever was in ifr_addr because that member is
in a union, so sin is kept in order to restore the address again before
the next ioctl.
In the code that handles SIOCGIFNETMASK, sin was mistakenly used as a
temporary pointer and redirected to &tmpifr.ifr_addr. This caused all
future memcpys before ioctl to copy tmpifr.ifr_addr to itself, rather
than copying in the IP address of the interface.
The throwaway sin assignment was not even used; the code that used it
was modified in r2751. So now we just keep sin pointing where it should
the whole time.
another thing otherwise in a big if/else. Now getinterfaces just does
caching and getinterfaces_dnet or getinterfaces_siocgifconf does the
actual interface lookup.
