Previously, the --script-args switch would only accept values
with alphanumeric characters or underscores. A full treatise
of the history of changes to this switch and problems can be
found here [2].
Here are the new rules for --script-args definitively:
--script-args <string>
<string> may contain a sequence of key=value pairs and array entries
separated by commas. All whitespace except where noted below is
ignored.
A key, value, or array value may be a sequence of characters except
'{', '}', ',', '=', and all space characters. You may overcome this
restriction by using quotes (single or double) to allow all characters
within the quotation marks. You may also use the quote delimiter
inside the sequence so long as it is escaped by a backslash.
A value for a key/value pair or an array value are allowed to be
a nested table delimited by '{' and '}'.
[1] http://seclists.org/nmap-dev/2009/q2/0204.html
[2] http://seclists.org/nmap-dev/2009/q2/0211.html
with the struct (bin) library available:
function hextobin(str) return bin.pack("H", str) end
function bintohex(str) return bin.unpack("H", str) end
Also removed a commented copy that was in the sniffer-detect.nse script.
right type of probe (0 with 8, 14 with 13, 18 with 17). With the new
default ping, I was scanning a network where an echo reply would
mistakenly be interpreted as a response to a timestamp request, even
though that host didn't respond to timestamp requests. That host would
become the global ping host, and all its probes would be dropped,
slowing the scan way down. A ping scan of a /24 took over 1,000 seconds
when it should have taken about 10.
exhaustive testing of 90 different probes, this one emerged as the
best four-probe combination, finding 14% more Internet hosts than
the previous default, -PE -PA80. The default for nonroot users is
-PS80,443, replacing the previous default of -PS80. In addition,
ping probes are now sent in order of effectiveness (-PE first) so
that less likely probes may not have to be sent.
search dialog, not an ad-hoc (year, month, day) tuple. This fixes an
error introduced when I made the change to use strftime for date
formatting:
File "zenmapGUI\SearchGUI.pyo", line 583, in operator_changed
File "zenmapGUI\SearchGUI.pyo", line 566, in new_subcriterion
File "zenmapGUI\SearchGUI.pyo", line 751, in __init__
File "zenmapGUI\SearchGUI.pyo", line 816, in set_date
TypeError: argument must be sequence of length 9, not 3
1) Checks if the root folder is protected and aborts if it is (we can't scan folders if the root folder is protected)
2) Checks if WebDAV is enabled on the server and aborts if it isn't. The check works on IIS 5, 5.1, and 6.0 (hasn't been tested on others)
3) Added support for finding the vulnerability on IIS 5.1 (Windows XP) -- 5.0 doesn't appear to be vulnerable in our tests
"lua5.1" subdirectories of /usr/include and the like. Apparently
Debian puts them there. We still check the likes of
/usr/include/lua.h and /usr/include/lua/lua.h as well. [Jan
Christoph Nordholz]
"lua5.1" subdirectories of /usr/include and the like. Apparently
Debian puts them there. We still check the likes of
/usr/include/lua.h and /usr/include/lua/lua.h as well. [Jan
Christoph Nordholz]
