checking authentication schemes and parameters. Florian Roth found a
server offering "BASIC" instead of "Basic", and the HTTP RFC
requires case-insensitive comparisons in most places. [David]
ignorance that the first index of lua arrays is 1 (and not 0). Because
of that, I was setting a too high ttl value when retrieving it from
traceroute results. The second one was a syntax error on a
nmap.log_write() call."
Hashes are now arranged in order, to make it easier to find manually.
For a list of all the PHP 5 hashes I generated see: http://seclists.org/nmap-dev/2010/q4/518
as for IPv4. This makes the output more uniform and gives NSE access to
host.targetname for IPv6 hosts.
This is what IPv4 output looks like:
$ nmap -sL www.kame.net
Nmap scan report for www.kame.net (203.178.141.194)
rDNS record for 203.178.141.194: orange.kame.net
Nmap done: 1 IP address (0 hosts up) scanned in 0.16 seconds
$ nmap -sL www.debian.org
Nmap scan report for www.debian.org (128.31.0.51)
Other addresses for www.debian.org (not scanned): 206.12.19.7
rDNS record for 128.31.0.51: senfl.debian.org
Nmap done: 1 IP address (0 hosts up) scanned in 0.17 seconds
Here is the output before this change. Notice that the target name is
missing and there is no separate "rDNS" line.
$ nmap -6 -sL www.kame.net
Nmap scan report for 2001:200:dff:fff1:216:3eff:feb1:44d7
Nmap done: 1 IP address (0 hosts up) scanned in 0.04 seconds
$ nmap -6 -sL www.debian.org
Nmap scan report for bellini.debian.org (2607:f8f0:610:4000:211:25ff:fec4:5b28)
Nmap done: 1 IP address (0 hosts up) scanned in 0.11 seconds
Here is the output after this change:
$ ./nmap -6 -sL www.kame.net
Nmap scan report for www.kame.net (2001:200:dff:fff1:216:3eff:feb1:44d7)
Nmap done: 1 IP address (0 hosts up) scanned in 1.04 seconds
$ ./nmap -6 -sL www.debian.org
Nmap scan report for www.debian.org (2607:f8f0:610:4000:211:25ff:fec4:5b28)
rDNS record for 2607:f8f0:610:4000:211:25ff:fec4:5b28: bellini.debian.org
Nmap done: 1 IP address (0 hosts up) scanned in 0.07 seconds
add new functionality for discovering servers using the MSSQL Browser service
add new functionality to decode version data received from the browser service
[Patrik]
Added new functions to create the Nmap uninstaller and install the VC++ 2008 and 2010 redistributables in the appropriate sections. Previously we only created the uninstaller if the Nmap Core Files were selected, and we didn't install the VC++ files if Nping, Ncat and Ndiff were installed on their own.
instituted to keep memory under control when there are many open
ports. Nathan reported 3 GB of memory use (with an out-of-memory NSE
crash) for one host with tens of thousands of open ports. This limit
can be controlled with the variable CONCURRENCY_LIMIT in
nse_main.lua. [David]
Added support for the pre-scan script data. The output is formatted using HTML 'pre' tags
in order to maintain formatting.
- the top menu entry is conditional and only appears if pre-scan data is present
- the pre-scan script block is currently at the beginning of the page right after
the scan summary
Changed host script and port script output to use 'pre' tags so that lengthy output, such
as that from ssl-cert.nse and snmp-win32-services will be readable.
Added title section for hostscript output
Added table headers for hostscript output
Added MAC vendor text to address section
Fixed a bug in the port script output that caused it to only span 5 columns instead of 6.
Changed color of script output cells in port table as well as hostscript and prescan result
tables slightly to make visual parsing easier.
Changed nmap_xsl_version variable from 9b to 9c
Changed wording related to OS fingerprint being present even though the OS was positively identified.
This occurs when Nmap is run with higher levels of verbosity.
Change the OS guess accuracy percentage to use bold font.
quoting of whitespace using double quotes and backslashes. This
allows recovering the original command line array even when
arguments contain whitespace. [David]
