of "*.*.*.*" from working. Support for the CIDR /0 is now also
available. [Kris]
A sendto() or connect() to IPv4 addresses with a first octet of 0
(excluding 0.0.0.0 on some OS's) returns EINVAL. These addresses
are reserved for "self-identification" and should never go over the
wire (and at least on Linux a connect() to 0.0.0.0 gets redirected
to 127.0.0.1). I'm talking with Fyodor on whether or not to skip
*all* of these addresses.
o Our WinPcap installer now starts the NPF driver running as a
service immediately upon installation and after restarts. You can
disable this with new checkboxes. This behavior is important for
Vista and Windows Server 2008 machines when User Account
Control (UAC) is enabled. [Rob Nicholls]
o Nmap and Nmap-Winpcap silent installation now works. Nmap can
be silently installed with the /S option to the installer.
If you install Nmap from the zip file, you can install just
Winpcap silently with the /S option to that
installer. [Rob Nicholls]
o Our WinPcap installer is now included with the Nmap Win32 zip
file. [Fyodor]
o Numerous miscellaneous improvements were made to our Win32
installer, such as using the "Modern" NSIS UI for WinPcap,
improving the option description labels, and showing a finish
page in all cases. [Rob Nicholls]
Now does most of it's work through Lua:
From Nmap-dev: "Many of the changes consist of changing how Nmap interfaces
with Lua that were sometimes awkward or inflexible. Most of the functions
have been made to be callable directly by Lua which offers many technical
advantages: stack management is alleviated, errors are handled cleanly and
are more descriptive, and there is increased reusability."
Additionally:
-- Moved all lua_State * symbols from "l" to "L". This is to maintain
consistency with other Lua libraries (convention) and to make our macros portable.
-- Moved file system manipulation over to nse_fs.cc (from nse_init.cc)
Previously the ping probe data structures were stored in NmapOps,
now they will be stored in the scan_lists struct. All other changes
auxiliary to this reorganization.
nmap -PA80 -PA443 target
Previously this would use 443 only, and leak a little bit of memory as the
pointer to the array containing 80 was lost. Now it gives an error
Only one -PB, -PA, or -PT option is allowed. Combine port ranges with commas.
QUITTING!
of scripts chosen from when using -sC (but it's still just another category
and so can be chosen with --script like any other).
On top of updating the docs with information about this new category, I've
also updated sections to emphasize that the "default" category, -sC and -A
are considered intrusive and should not be run against target networks
without permission.
The new list is very similar to the previous "safe,intrusive" list:
Added: finger, ircServerInfo, RealVNC_auth_bypass
Removed: HTTPpasswd
Here are the 21 scripts in this new category:
anonFTP
dns-test-open-recursion
finger
ftpbounce
HTTPAuth
HTTP_open_proxy
ircServerInfo
MSSQLm
MySQLinfo
nbstat
RealVNC_auth_bypass
robots
rpcinfo
showHTMLTitle
showOwner
SMTPcommands
SNMPsysdesr
SSHv1-support
SSLv2-support
UPnP-info
zoneTrans
"welcome" so it appears in the "Introduction" section of the installer (the
"Readme" page doesn't appear anymore). Previously the Introduction page was
just a useless extra page that said "You will be guided through the steps
necessary to install this software."
LUA_CFLAGS="-DLUA_USE_POSIX -DLUA_USE_DLOPEN"
out of a case statement so that it becomes the default for all systems but Mac
OS X. Previously it was in the '*' branch of the case statement, so it ran only
for systems that weren't otherwise handled. This may have caused the error
reported at http://seclists.org/nmap-dev/2008/q2/0464.html.
on the following versions (the last one is from SVN):
55554/tcp open metasploit Metasploit Framework msfd 3.0-beta-dev
55554/tcp open metasploit Metasploit Framework msfd 3.0
55554/tcp open metasploit Metasploit Framework msfd 3.1-release
55554/tcp open metasploit Metasploit Framework msfd 3.2-release
