characters in the target entry (those whose UTF-8 encoding contains
a byte that counts as whitespace in the Windows locale):
File "zenmapGUI\ScanNotebook.pyo", line 184, in _target_entry_changed
File "zenmapCore\NmapOptions.pyo", line 719, in render_string
UnicodeDecodeError: 'utf8' codec can't decode byte 0xc3 in position 1:
unexpected end of data
One such character is a with grave accent, U+00E0, which in UTF-8 is
C0 A0, where the A0 is interpreted as a no-break space when the
string is interpreted byte by byte. [David]
sockaddr instead of sockaddr_storage so it got only a fraction of the
address and the inet_ntop function would look outside of the structure
into adjacent memory. A scan of localhost would look like this:
NSE: TCP ::a00:0:600:0:1234 > ::a00:4d2:0:0:25 | CONNECT
Here, for example, that 4d2 is the port number 1234 from the other
structure. Now it prints correctly:
NSE: TCP ::1:1234 > ::1:25 | CONNECT
when an attempt is made to use a file descriptor whose number is not
less than FD_SETSIZE. This applies only on non-Windows platforms
where FD_SETSIZE is a limit on the value of file descriptors as well
as a limit on the number of descriptors in the set. The error will
look like
nsock_core.c:186: Attempt to FD_SET fd 1024, which is not less
than FD_SETSIZE (1024). Try using a lower parallelism.
Thanks to Brandon Enright for discovering the problem and much help
debugging it, and to Jay Fink for submitting an initial patch. [David]
o [Ncat] Fixed proxy connections in connect mode on Windows. Because
the dup function does not work on Windows, an assertion failure
would be raised reading
(fh >= 0 && (unsigned)fd < (unsigned)_nhandle)
[David]
o [Ncat] Fixed the combination of --max-conns and --exec on Windows.
The count of connected clients was not decreased when the program
spawned by --exec finished. With --max-conns 5, for example, no more
connections would be allowed after the fifth, even if some of the
earlier ones had ended. Jon Greaves reported the problem and Venkat
contributed a patch.
o [Ncat] The code that manages the count of connected clients has been
made robust with respect to signals. The code was contributed by
Solar Designer.
to reconnect a socket with SSL because the initial communication on the socket
is done without SSL. See this thread [1] for more details.
[1] http://seclists.org/nmap-dev/2009/q4/3
discussion on nmap-dev about how best to handle these. I also updated the docs and
am about to regenerate script.db. See this thread for more info:
http://seclists.org/nmap-dev/2009/q3/1008.html
o The files read by the -iL (input from file) and --excludefile
options now support comments that start with # and go to the end of
the line. This was implemented by Tom Sellers.
using the Windows shell. The only reason for using the shell was to inhibit the
ceration of a terminal window, and this does the same thing. This solves
problems related to running through a shell: cancelling a scan wouldn't kill
the nmap process, and running from directories with names containing shell
metacharacters wouldn't work.
just handle it in the normal program flow. A problem with having two
pieces of code doing the same thing was that they varied a bit; if you
ran -sP --traceroute you wouldn't get the "Final times for host" output
because that was left out of one of the output loops. Another problem
was that the special-case logic assumed that traceroute was the only
thing that could happen after a port scan, which is not true because
script scanning can happen too. Running -sP --traceroute --script=all
would not run any scripts. Now it run asn-query and whois as expected.
resolution. The initialization
struct sockaddr_in sin = { AF_INET };
didn't set sin.sin_family correctly, leading to a later assertion
failure:
Failed to convert target address to presentation format!?! Error: Address family not supported by protocol family
by the installer. Also notes that we recommend starting the WinPcap service at system startup for Windows 7 as well as vista. The patch is from Rob Nicholls.
