code to increase the scan delay if tries increased too much. But the
main loop did an unconditional continue before incrementing tries, so it
was always 0. I looked back at the history and saw that it was always
like this for RPC scan. tries was only incremented for the other scan
types handled by pos_scan, which now are done by ultra_scan. So I
removed the tries accounting and dependent code.
may not exist (and thus triggers an error from strict.lua). We instead
setup dummy portrule/action functions, print the debug error for why the script
will not run, and return.
Before, a variable was set to NULL if it was not AF_INET, and was later
dereferenced in handling target groups containing IPv4 addresses. This
never actually caused a problem because Nmap's -6 switch is global, so
if an AF_INET6 address was passed to hostInExclude, none of the target
groups could have contained IPv4 addresses and the NULL dereference
would not have occurred. It might have broken easily in the future
though. Now the IPv4 target groups make sure they are dealing with an
AF_INET address.
replaced so that all NSE modules will have strict declared global checking at
runtime. This should catch most developer errors early. Please see [1] for
further reference into the problem.
[1] http://seclists.org/nmap-dev/2009/q3/0070.html
is not in the registry. That function is called indirectly by
nmap.verbosity, which may be called before _R["NSE_SELECTED_BY_NAME"]
has been given a value. I was getting this error with any script scan:
NSE: failed to initialize the script engine:
attempt to call a nil value
stack traceback:
[C]: in function 'verbosity'
./nse_main.lua:136: in function 'print_verbose'
./nse_main.lua:680: in main chunk
[C]: ?
QUITTING!
server with a date in 2007 was producing the output
|_ http-date: Sun, 07 Jan 2007 08:17:36 GMT; -918d13h46m40s from local time.
Now it is
|_ http-date: Sun, 07 Jan 2007 09:01:44 GMT; -2y187d13h46m40s from local time.
parses an HTTP date in any of three possible formats.
http-date.nse gets the Date: header field value from and HTTP server,
then displays it with how much it differs from local time.
o A bug in Nsock was fixed: On systems where a nonblocking connect
could succeed immediately, connections that were requested to be
tunnelled through SSL would actually be plain text. This could be
verified with an Ncat client and server running on localhost. This
was observed to happen with localhost connections on FreeBSD 7.2.
Non-localhost connections were likely not affected. The bug was
reported by Daniel Roethlisberger. [David]
have their verbosity level automatically increased by one. Many
will print negative results ("no infection found") at a higher
verbosity level. The idea is that if you ask for a script
specifically, you are more interested in such results.
was that if a host had multiple addresses of the same type, they should
be sorted numerically, not alphabetically. So 20.0.0.1 should come
before 100.0.0.1. But the way Nmap works, I don't think a host can have
more than one address of the same type, and it's not worth the code it
would take to make them sort properly if it did.
