ms-sql scripts and library:
- Improved version detection
- Improved server discovery
- Add support for named pipes
- Add support for integrated authentication
- Add support for connecting to instances by name or port
- Improved script and library stability
- Improved script and library documentation
[Patrik Karlsson, Chris Woodbury]
using SNMP and tftp. The script was created by Vikas Singhal.
* Add tftp library, used by the snmp-ios-config script, that acts as a server
and receives the config file from the device. [Patrik]
agent information, one to get the list of svgtags, and one to get
information about a particular svctag. Don't crash if the TCP connection
can't be made (which will be the case when the stlisten service isn't
running).
if the DB2 DAS service had discovery mode disabled. While the service
would be listening, the data would be in an unexpected format. This
caused the script to crash at line 412 when it tried to extract the
server profile from the DB2 response (db2response.info variable).
I will likely tweak the hard setting of the ports in the block that
follows after I perform more testing to verify that it behaves as
expected - Tom
------------------------------------------------------------------------
r22234 | david | 2011-02-11 14:33:33 -0800 (Fri, 11 Feb 2011) | 4 lines
Add an openssl guard around the require of tns in oracle-brute and
oracle-enum-users. The tns library makes a call to
openssl.rand_pseudo_bytes at its top level.
------------------------------------------------------------------------
r22232 | david | 2011-02-11 14:28:18 -0800 (Fri, 11 Feb 2011) | 4 lines
Put an openssl guard around the importing of ssh2 in
ssh2-enum-algos.nse. Otherwise it fail in --script-updatedb when
configured --without-openssl.
------------------------------------------------------------------------
r22230 | david | 2011-02-11 13:38:49 -0800 (Fri, 11 Feb 2011) | 3 lines
Allow whitespace at the end of the go_to_host pattern. On Windows,
there's a '\r' at the end of the string, so the pattern didn't match.
snmp-interfaces.host into the prerule and out of the action. Otherwise,
being default, this is the only script that runs during the prescan by
default.
This will no longer match against the generic "X-Powered-By: PHP" (rare?), but that never gave us a version number anyway, so you could consider that a bug too.
We don't currently check for variations such as "Zend Core/2.0.1 PHP/5.2.1", so that could be added in the future, but at least the http-headers script will reveal the X-Powered-By header anyway.
The wsdd library incorrectly assumed OpenSSL to always be available and the
ssh-hostkey used the undeclared SCRIPT_NAME in message when evaluating SSL
support. The bug was reported by Michael Pattrick on nmap-dev:
http://seclists.org/nmap-dev/2011/q1/312
[Patrik]
