of commands
./configure
make
make clean
make distclean
fails when makefile.dep is remade in the ncat directory:
In file included from ncat.h:12,
from ncat_main.c:4:
../nbase/nbase.h:128:26: error: nbase_config.h: No such file or directory
(Many similar messages follow.)
This happened because "make clean" deletes ncat/makefile.dep. Remaking
makefile.dep requires preprocessing C files that indirectly include
nbase_config.h, which was removed from nbase by distclean. Doing the
distclean in ncat before nbase sidesteps the issue.
listen mode works. The new default behavior is to accept only one
connection, and quit when the connection ends. This was necessary to
prevent data loss in some situations; some programs require Ncat to
send an EOF before they flush their internal buffers and finish
processing the last bit of data. See
http://seclists.org/nmap-dev/2009/q2/0528.html for more information.
Use the new -k or --keep-open option to get the old behavior, in
which Ncat will accept multiple simultaneous connection, combine all
their input, and accept more connections after a disconnection.
matching strategies. It is really great that we have so few match
lines that really need any performance attention. As long as a match
has an anchor (though ^ seems better than $ with PRCE) it should be
fast enough. We also want to avoid things like
"m|^whatever.*something.*" but we got rid of all of those in a
previous review.
The only "bad" match we have now is:
match ser2net m|\r\nser2net port \d+ device (/dev/[-\w_]+) ...snip...
I think this match should be commented out so that we can get a better
submission. With a big release coming up so soon though I don't want
to remove any useful features. I've left a comment about it's
performance and maybe myself, Doug, or somebody else will think about
the match more at a later date.
The imap-capabilities script is mostly feature-complete but I could
see adding some analysis code to warn users of non-SSL'd IMAP servers
that offer STARTTLS without NOLOGIN.
The imap "library" is really a joke. It does the minimum required to
support getting capabilities and nothing more. IMAP requires each
command to use a unique identifier like 000, 001, 002, etc. Right now
the identifier is hardcoded to a001. To make a real imap library that
supports logging in, and other IMAP features a state variable will
have to be maintained to change the command uid. It would be nice to
see the library get updated so that IMAP brute-forcing could be
supported.
Here is a mostly exhaustive list of the changes:
o Removes the SCRIPT_ENGINE_* status defines and replaces the
instances with regular boolean integer returns or changes the
procedure to return void. The latter case is better generally because
the caller ignores any status return (e.g. nmap.cc calling open_nse)
and/or the procedure raises a fatal error when unsuccessful.
o Moves the SCRIPT_ENGINE_LUA_DIR and the like to the nse_main.h header file.
o Removes the use of the SCRIPT_ENGINE_TRY (there was only one left)
and thus changes the call to l_dnet_open to a void function called
directly by luaopen_nsock (in nse_nsock.cc) instead of luaopen_nmap
(in nse_nmaplib.cc). I felt moving the function was also an
appropriate (but somewhat unrelated to the intent of the patch) change
as opening the dnet metatable is very related to opening up the
nsock library. This confines errors in opening the nsock library, including
opening the dnet metatable, to the call to luaopen_nsock.
o The FILES and DIRS defines are moved in to nse_fs.h where they are
more appropriate and localalized.
certain function that is not in OpenSSL before 0.9.7, but is required
for correct operation after 0.9.7. The technique is from Network
Security with OpenSSL, whose code is at http://www.opensslbook.com/code.html
(see ssl/common.c).
automatically converted to bare LF when input is from the console, but
not when it is from a pipe or a file. No newline translation is done
on output (it was being done before). This makes it possible to
transfer binary files with Ncat on Windows without any corruption.
a layer 4 protocol used mostly for telephony related applications.
This brings the following new features:
o SCTP INIT chunk port scan (-sY): open ports return an INIT-ACK
chunk, closed ones an ABORT chunk. This is the SCTP equivalent
of a TCP SYN stealth scan.
o SCTP COOKIE-ECHO chunk port scan (-sZ): open ports are silent,
closed ports return an ABORT chunk.
o SCTP INIT chunk ping probes (-PY): host discovery using SCTP
INIT chunk packets.
o SCTP-specific IP protocol scan (-sO -p sctp).
o SCTP-specific traceroute support (--traceroute).
o The ability to use the deprecated Adler32 algorithm as specified
in RFC 2960 instead of CRC32C from RFC 4960 (--adler32).
o 42 well-known SCTP ports were added to the nmap-services file.
Part of the work on SCTP support was kindly sponsored by
Compass Security AG, Switzerland. [Daniel Roethlisberger]
Some scripts would fail due to an error (whois.nse) causing other
scripts to become deadlocked on a mutex that would never unlock. This
patch fixes this problem. See [1] for more information.
[1] http://seclists.org/nmap-dev/2009/q2/0533.html
