Nmap Announce mailing list archives

Previous By Date Next
Previous By Thread Next

Nmap 7.25BETA2 Birthday Release

From: Fyodor <fyodor () nmap org>
Date: Thu, 1 Sep 2016 16:14:00 -0700
Hi folks!  I'm happy to report that today is Nmap's 19th birthday and
instead of cake, we're celebrating open source style with a new release!
Nmap 7.25BETA1 includes dozens of performance improvements, bug fixes, and
new features.  The full list is below, and includes a major LUA upgrade for
NSE scripts, a new overlapped I/O engine for better Windows performance, a
much-improved version of our new Npcap packet capturing driver, new NSE
scripts, integration of more than 500 of your fingerprint submissions, and
more!

Nmap 7.25BETA2 source code and binary packages for Linux, Windows, and Mac
are available for free download from the usual spot:

https://nmap.org/download.html

If you find any bugs in this release, please let us know on the Nmap Dev
list or bug tracker as described at https://nmap.org/book/man-bugs.html.

Here are the changes since the 7.25BETA1 release in July:

• [NSE] Upgraded NSE to Lua 5.3, adding bitwise operators, integer data
type, a utf8 library, and native binary packing and unpacking functions.
Removed bit library, added bits.lua, replaced base32, base64, and bin
libraries. [Patrick Donnelly]

• Integrated all of your service/version detection fingerprints submitted
from January to April (578 of them). The signature count went up 2.2% to
10760. We now detect 1122 protocols, from elasticsearch, fhem, and
goldengate to ptcp, resin-watchdog, and siemens-logo. [Daniel Miller]

• Upgraded Npcap, our new Windows packet capturing driver/library, from
version 0.07-r17 to 0.09. This includes many improvements you can read
about at https://github.com/nmap/ncap/releases.

• [Nsock][GH#148] Added the new IOCP Nsock engine which uses the Windows
Overlapped I/O API to improve performance of version scan and NSE against
many targets on Windows. [Tudor Emil Coman]

• [GH#376] Windows binaries are now code-signed with our "Insecure.Com LLC"
SHA256 certificate. This should give our users extra peace-of-mind and
avoid triggering Microsoft's ever-increasing security warnings.

• Various performance improvements for large-scale high-rate scanning,
including increased ping host groups, faster probe matching, and ensuring
data types can handle an Internet's-worth of targets. [Tudor Emil Coman]

• [NSE] Added the oracle-tns-version NSE script which decodes the version
number from Oracle Database Server's TNS listener.
https://nmap.org/nsedoc/scripts/oracle-tns-version.html [Daniel Miller]

• [NSE] Added the clock-skew NSE script which analyzes and reports clock
skew between Nmap and services that report timestamps, grouping hosts with
similar skews. https://nmap.org/nsedoc/scripts/clock-skew.html [Daniel
Miller]

• [Zenmap] Long-overdue Spanish language translation has been added! Muy
bien! [Vincent Dumont, Marta Garcia De La Paz, Paulino Calderon, Patricio
Castagnaro]

• [Zenmap][GH#449] Fix a crash when closing Zenmap due to a read-only
zenmap.conf. User will be warned that config cannot be saved and that they
should fix the file permissions. [Daniel Miller]

• [NSE] Fix a crash when parsing TLS certificates that OpenSSL doesn't
support, like DH certificates or corrupted certs. When this happens,
ssl-enum-ciphers will label the ciphersuite strength as "unknown." Reported
by Bertrand Bonnefoy-Claudet. [Daniel Miller]

• [NSE][GH#531] Fix two issues in sslcert.lua that prevented correct
operations against LDAP services when version detection or STARTTLS were
used. [Tom Sellers]

• [GH#426] Remove a workaround for lack of selectable pcap file descriptors
on Windows, which required including pcap-int.h and locking us to a single
version of libpcap. The new method, using WaitForSingleObject should work
with all versions of both WinPcap and Npcap. [Daniel Miller]

• [NSE][GH#234] Added a --script-timeout option for limiting run time for
every individual NSE script. [Abhishek Singh]

• [Ncat][GH#444] Added a -z option to Ncat. Just like the -z option in
traditional netcat, it can be used to quicky check the status of a port.
Port ranges are not supported since we recommend a certain other tool for
port scanning. [Abhishek Singh]

• Fix checking of Npcap/WinPcap presence on Windows so that "nmap -A" and
"nmap" with no options result in the same behaviors as on Linux (and no
crashes) [Daniel Miller]

• [NSE] ssl-enum-ciphers will now warn about 64-bit block ciphers in CBC
mode, which are vulnerable to the SWEET32 attack.

• [NSE][GH#117] tftp-enum now only brute-forces IP-address-based Cisco
filenames when the wordlist contains "{cisco}". Previously, custom
wordlists would still end up sending these extra 256 requests. [Sriram
Raghunathan]

• [GH#472] Avoid an unnecessary assert failure in timing.cc when printing
estimated completion time. Instead, we'll output a diagnostic error message:
    Timing error: localtime(n) is NULL
  where "n" is some number that is causing problems. [Jean-Guilhem Nousse]

• [NSE][GH#519] Removed the obsolete script ip-geolocation-geobytes.
[Paulino Calderon]

• [NSE] Completed a refresh and validation of almost all fingerprints for
script http-default-accounts. Also improved the script speed. [nnposter]

• [GH#98] Added support for decoys in IPv6. Earlier we supported decoys
only in IPv4. [Abhishek Singh]

• [GH#484] Allow Nmap to compile on some older Red Hat distros that disable
EC crypto support in OpenSSL. [Jeroen Roovers, Vincent Dumont]

• [GH#439] Nmap now supports OpenSSL 1.1.0-pre5 and previous versions.
[Vincent Dumont]

• [Ncat] Fix a crash ("add_fdinfo() failed.") when --exec was used with
--ssl and --max-conns, due to improper accounting of file descriptors.
[Daniel Miller]

• FTP Bounce scan: improved some edge cases like anonymous login without
password, 500 errors used to indicate port closed, and timeouts for LIST
command. Also fixed a 1-byte array overrun (read) when checking for
privileged ports. [Daniel Miller]

• [GH#140] Allow target DNS names up to 254 bytes. We previously imposed an
incorrect limit of 64 bytes in several parts of Nmap. [Vincent Dumont]

• [NSE] The hard limit on number of concurrently running scripts can now
increase above 1000 to match a high user-set --min-parallelism value.
[Tudor Emil Coman]

• [NSE] Solved a memory corruption issue that would happen if a socket
connect operation produced an error immediately, such as Network
Unreachable. The event handler was throwing a Lua error, preventing Nsock
from cleaning up properly, leaking events. [Abhishek Singh, Daniel Miller]

• [NSE] Added the datetime library for performing date and time
calculations, and as a helper to the clock-skew script.

• [GH#103][GH#364] Made Nmap's parallel reverse DNS resolver more robust,
fully handling truncated replies. If a response is too long, we now fall
back to using the system resolver to answer it. [Abhishek Singh]

• [Zenmap][GH#279] Added a legend for the Topography window. [Suraj Hande]

Enjoy the new birthday release! https://nmap.org/download.html

Cheers,
Fyodor
_______________________________________________
Sent through the announce mailing list
https://nmap.org/mailman/listinfo/announce
Archived at http://seclists.org/nmap-hackers/
Previous By Date Next
Previous By Thread Next

Current thread: