- Avoid crash due to potentially unrecognized format
- Fix parsing of node flags, which may contain non-alphabetic characters
Example: "failed?"
- Fix parsing of field ip:port@cport
- Add support for IPv6 nodes
- Remove parsing of unused node ID field
- Avoid crash due to unhandled connection line termination
(fixes#2296, closes#2342)
- Gracefully handle absence of the "addr" attribute
- Avoid false negative matching if the "addr" attribute was the last listed
- Avoid false positive matching on the "laddr" attribute
MS SQL NSE scripts run on database instances, which can be TCP or named
pipes. With this change, all TCP instances on scanned ports will have
script output attached under the port as a portrule script. Named pipe
instances and TCP instances on unscanned ports will be displayed in the
hostrule script output at the end of the host's output. Utility function
mssql.Helper.InitScript makes it easy to write scripts that just work on
a per-instance basis, without bothering where to put the output.
Discovery will be done once per host, regardless of how many scripts are
run, and can be guaranteed to be done before the script's action takes
place.
A script might check WasDiscoveryPerformed and get a negative response,
then call Discover, during which time another script already called
Discover. Instead, check the condition *after* acquiring the mutex.
Try to receive enough bytes for the next unpack. If any socket operation
fails, or if it doesn't receive enough for the unpack, a Lua error is
thrown. The pcall in the action function will catch that and interpret
it as not-vuln.
Fixes#2355
SMB field ServerStartTime ['start_time'] of zero should be interpreted
as "no time provided", not as the start of the epoch.
The field is zeroed out in SMB dialect 3.1.1.
* Avoids accepting identities not representing hostnames as new targets
* Identity representing a wildcard certificate is reduced to its static portion
* Replaces custom crt.sh response parsing with JSON parser
* Adds more error-checking code
* Splits SANs into individual names (closes#2174)
