Previously, calling nmap.set_port_version would delete a service
fingerprint if it existed. Now, setting probestate to anything but
"hardmatched" will preserve the fingerprint, if it exists. This allows
scripts (like http-server-header) to use "softmatched" to set version
info but still encourage users to submit fingerprints.
proposal. This only affects Nmap's root directory. We might also need to
modify the code which autogenerates Nmap's source code files such as IPv6
fingerprinting code.
There are various functions in the internal nmap.socket and nmap.dnet
libraries that are there for technical reasons:
http://seclists.org/nmap-dev/2012/q1/318
The sleep function is exposed through the stdnse namespace because it
fits that library better.
Some code comments said that names such as nmap.new_socket were
deprecated in favor of e.g. nmap.socket.new, but the old names were
never formally deprecated, so I removed those comments.
Previously they were a flat list intermixing human-readable names and
CPE strings. Now they reflect the structure that we use to represent
them. In brief:
host.os = {
{
name = "Microsoft Windows XP",
classes = {
{
vendor = "Microsoft",
osfamily = "Windows",
osgen = "XP",
type = "general purpose",
cpe = {
"cpe:/o:microsoft:windows_xp"
}
},
... more classes ...
},
},
... more OS matches ...
}
CPEs are available at host.os (for the ones from OS fingerprinting) and
port.version.cpe (for the version detection ones).
This patch also fix a memory leak that David noticed in
PortList::setServiceProbeResults().
svn merge --ignore-ancestry svn://svn.insecure.org/nmap@26621 svn://svn.insecure.org/nmap-exp/luis/nmap-os6
This is the IPv6 OS detection branch. "nmap -6 -O" works now, though at
this point it only prints fingerprints and not OS guesses, because we
need to collect more submissions.
unspecified and causes a segmentation fault on Android Bionic libc.
Vlatko fixed the bug in his Android binaries and it was first reported
by @alexismm2.
This is a maintenance fix for the NSE Nsock library binding. The patch focuses
on code correctness and simplicity. The patch also brings some initial updates
with an eye towards the upcoming Lua 5.2 release. See [1] for a post concerning
this branch.
[1] http://seclists.org/nmap-dev/2010/q3/710
o [NSE] Added the nmap.resolve() function which takes a host name and
optionally an address family (such as "inet") and returns a table
containing all of its matching addresses. If no address family is
specified, then all of the addresses are returned for the name. [Kris]
o [NSE] Added the nmap.address_family() function which returns the address
family Nmap is using as a string (e.g., "inet6" is returned if Nmap is
called with the -6 option). [Kris]
* Adding path-mtu.nse for Path MTU Discovery
* Nmap now stores the MTU for interfaces (from SIOCGIFMTU or libdnet)
* Scripts can access the MTU for host.interface via host.interface_mtu
* Nmap prints the MTU for interfaces in --iflist
This table contains Nmap's timing data (srtt, the smoothed round
trip time; rttvar, the rtt variance; and timeout), all represented
as floating-point seconds. The ipidseq and qscan scripts were
updated to utilize the host's timeout value instead of the very
conservative guess of 3 seconds for read timeouts. [Kris]
point seconds since the epoch, and add clock_ms() and clock_us() to stdnse
for convenience (millisecond and microsecond).
qscan.nse now provides microsecond resolution.
