Nmap Development

Re: nmap 6.0/Zenmap hang on OS X 10.7.4

Wed, 23 May 2012 19:12:04 GMT

Posted by David Newman on May 23

FYI the previous hangs were when scanning subnets, not individual hosts.
Today I was able to reproduce the hang after a scan of one host. Again,
the hang occurred on step 2 above, when clicking on the Topology tab.
The OS X Console app had the same file-format error message.

dn

Re: http-methods & http-trace NSE Script Enhancement Ideas

Wed, 23 May 2012 18:03:34 GMT

Posted by Patrik Karlsson on May 23

The http library does support http redirects for get and head requests.
While redirection may seem trivial to implement at first there are a
actually a few things to consider.
Therefore, why not make trace a function in the http library wrapping the
generic_request method and adding redirect support in the same way as has
already been done for get, head, post and put requests?

Cheers,
Patrik

Re: nse_main.lua:312: attempt to index field '?' (a nil value)

Wed, 23 May 2012 17:55:55 GMT

Posted by Patrik Karlsson on May 23

On Tue, May 22, 2012 at 1:42 PM, Bernd Kohler <kohler () umic rwth-aachen de>wrote:

I believe I have fixed the bug causing this problem and committed it as
r28666.
The update script is accessible from the following link:
https://svn.nmap.org/nmap/scripts/http-unsafe-output-escaping.nse

Let me know if it solves your problem.

Thanks,
Patrik

RE: http-methods & http-trace NSE Script Enhancement Ideas

Wed, 23 May 2012 17:33:49 GMT

Posted by King Thorin on May 23

I just had a quick look at http-cors. It does not appear to follow redirects or check status codes at all, only setting
and getting header values. I'm not sure if those header values would or wouldn't be present in a redirect.

I still need someone (or a bunch of people) to confirm if I'm correct in my experiences with allow and public being
lacking on redirect responses. Also I still need to know how to provide updates for the...

New VA Modules: NSE: 2, MSF: 1, Nessus: 12

Wed, 23 May 2012 17:00:28 GMT

Posted by New VA Module Alert Service on May 23

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== Nmap Scripting Engine scripts (2) ==

r28652 icap-info http://nmap.org/nsedoc/scripts/icap-info.html
https://svn.nmap.org/nmap/scripts/icap-info.nse
Tries a list of known ICAP service names and prints information about
the ones it detects. The Internet Content Adaptation Protocol (ICAP) is
used to extend transparent proxy...

Re: http-methods & http-trace NSE Script Enhancement Ideas

Wed, 23 May 2012 15:41:11 GMT

Posted by Toni Ruottu on May 23

Does this affect http-cors too?

Re: http-methods & http-trace NSE Script Enhancement Ideas

Wed, 23 May 2012 13:03:41 GMT

Posted by Paulino Calderon on May 23

I think adding a configuration value for redirects will work better in
some cases. I would say most of the libraries follow 2-3 redirects but
no more than that. In your experience, what would be a good default?

http-methods & http-trace NSE Script Enhancement Ideas

Wed, 23 May 2012 12:17:08 GMT

Posted by King Thorin on May 23

I was just looking through some online docs and some nmap results. I've
never seen a server that includes public or allow header(s) on a
redirect response [maybe my experience is limited?]. It seems to me that the http-methods NSE should follow
redirects (HTTP 301, 302, 303) in order to perform the necessary OPTIONS
request on a page/resource that's providing a HTTP 200.

Perhaps similar to the http-trace script:...

Re: bug report: "Microsoft Visual C++ 2010 Redistributable failed to install"

Tue, 22 May 2012 23:47:27 GMT

Posted by jah on May 22

Thanks for reporting this. It's quite likely that the MS Redistributable installed correctly.
The problem is with how the Nmap installer performs its check to see if the redistributable is installed - it does this
to determine whether the redist needs to be installed and in such cases it then also checks that the redist was indeed
installed.

The check is to test for the presence of a particular named string value under the registry key:...

Re: Nmap 6 fails to initialize on Windows xp sp3

Tue, 22 May 2012 23:00:50 GMT

Posted by David Fifield on May 22

Can you post your complete Nmap output? We do use IPv6 source addresses
when sending ND probes; it may be a bug that your source address is
being calculated as ::.

What is the output of this command?

nmap --route-dst ff02::1:ff19:37fe

What is the output of

nmap --iflist

Do the packets appear when you use the --packet-trace option? If not,
then they are being sent by the operating system, not by Nmap itself.

David Fifield

Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others

Tue, 22 May 2012 21:36:15 GMT

Posted by David Fifield on May 22

I'm wondering if we should use Lua string escapes instead of literal
UTF-8 bytes, to protect against someone using an editor in the future
that changes the encoding. So in place of
'Modelo de módem:',
use
'Modelo de m\195\179dem:'.

David Fifield

Re: Small Bug in SVN revision 28643: Missing newline in gnmap output (diff included)

Tue, 22 May 2012 20:48:18 GMT

Posted by jah on May 22

Hi Matthew,

I think you're correct; here's another example where the timed-out host is the last host listed and the final summary
line erroneously appears on the same line:

# Nmap 6.01 scan initiated Tue May 22 21:15:03 2012 as: nmap -sS -p80 -d -n -oG timeout-nmap.txt --host-timeout 100ms
192.168.1.5 212.159.6.9
# Ports scanned: TCP(1;80) UDP(0;) SCTP(0;) PROTOCOLS(0;)
Host: 192.168.1.5 () Status: Up
Host: 192.168.1.5 ()...

Re: Nmap 6 Zenmap problem

Tue, 22 May 2012 20:16:09 GMT

Posted by David Fifield on May 22

I'm sorry, our binaries don't support PowerPC Macs anymore. It was a
problem in the documentation that claimed they did.

You can try one of the third-party packagers once they have it packaged,

http://nmap.org/book/inst-macosx.html#inst-macosx-third-party

or install GTK+ and PyGTK packages and then run from source code.

http://nmap.org/book/inst-macosx.html#inst-macosx-source

David Fifield

Re: Italian translation

Tue, 22 May 2012 20:06:30 GMT

Posted by David Fifield on May 22

Please go ahead and begin your translation. Here are instructions for
making a new translation:

http://nmap.org/book/zenmap-lang.html#zenmap-lang-new

Please make sure you start with the newest zenmap.pot from
https://svn.nmap.org/nmap/zenmap/share/zenmap/locale/zenmap.pot.
There is a Makefile in the zenmap/share/zenmap/locale directory that can
make some steps easier, for example "make update-mo".

David Fifield

Re: scanning a /8

Tue, 22 May 2012 20:03:15 GMT

Posted by Michael Right on May 22

Hi Brandon,

Thanks for the detailed reply!