Commit graph

9 commits

Author SHA1 Message Date
wiz
b1e1e2c132 *: convert to egg.mk 2022-01-10 23:46:48 +00:00
nia
ab845b2028 net: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts...):

net/radsecproxy/distinfo

The following distfiles could not be fetched (fetched conditionally?):

./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
2021-10-26 11:05:20 +00:00
nia
5c85662953 net: Remove SHA1 hashes for distfiles 2021-10-07 14:41:10 +00:00
adam
8a71637f39 nmap: updated to 7.92
Nmap 7.92 [2021-08-08]

o [Windows] Upgraded Npcap to version 1.50, the fastest and most stable release
  yet. Among the many exciting changes listed at https://npcap.org/changelog is
  support for Windows on ARM, which means Nmap can now run on lightweight
  Windows tablets like the Surface Pro X.

o  Updated Nmap's NPSL license to rewrite a poorly-worded
  clause which many folks interpreted as a "field of endeavor
  restriction" related to "proprietary software companies".  We are
  retroactively offering Nmap versions 7.90 and 7.91 under this new
  Version 0.93 of the NPSL so that users and distributors may choose
  either version of the license.

o [Windows] Updated our Windows builds to Visual Studio 2019, Windows 10 SDK,
  and the UCRT, removing support for Windows Vista and earlier. Npcap is
  required for packet injection and capture, not WinPcap.

o New Nmap option --unique will prevent Nmap from scanning the same IP address
  twice, which can happen when different names resolve to the same address. [Daniel Miller]

o [NSE] Added 3 NSE scripts, from 4 authors, bringing the total up to 604!
  They are all listed at https://nmap.org/nsedoc/, and the summaries are
  below:

  +  nbns-interfaces queries NetBIOS name service (NBNS) to gather IP
    addresses of the target's network interfaces [Andrey Zhukov]

  +  openflow-info gathers preferred and supported protocol versions
    from OpenFlow devices [Jay Smith, Mak Kolybabi]

  + port-states prints a list of ports that were found in each state, including
    states that were summarized as "Not shown: X closed ports" [Daniel Miller]

o Several changes to UDP payloads to improve accuracy:

  +  Fix an issue with -sU where payload data went out-of-scope before
    it was used, causing corrupted payloads to be sent. [Mariusz Ziulek]

  + Nmap's retransmission limits were preventing some UDP payloads from being
    tried with -sU and -PU. Now, Nmap sends each payload for a particular port
    at the same time without delay. [Daniel Miller]

  + New UDP payloads:
    -  TS3INIT1 for UDP 3389 [colcrunch]
    -  DTLS for UDP 3391 (RD Gateway) [Arnim Rupp]


o [NSE] TLS 1.3 now supported by most scripts for which it is
  relevant, such as ssl-enum-ciphers. Some functions like ssl tunnel
  connections and certificate parsing will require OpenSSL 1.1.1 or later to
  fully support TLS 1.3. [Daniel Miller]

o Changes to Nmap's XML output:

  + If a host times out, the XML <host> element will have the attribute
    timedout="true" and the host's timing info (srtt etc.) will still be printed.

  + The "extrareasons" element now includes a list of port numbers for each
    "ignored" state. The "All X ports" and "Not shown:" lines in normal output
    have been changed slightly to provide more detail. [Daniel Miller]

o  Fix an issue in addrset matching that was causing all targets to be
  excluded if the --excludefile listed a CIDR range that contains an earlier,
  smaller CIDR range. [Daniel Miller]

o Setting --host-timeout=0 will disable the host timeout, which is set by -T5
  to 15 minutes. Earlier versions of Nmap require the user to specify a very
  long timeout instead.

o [NSE] Prevent the ssl-* NSE scripts from probing ports that were
  excluded from version scan, usually 9100-9107, since JetDirect will print
  anything sent to these ports. [Daniel Miller]

o  Nmap no longer produces cryptic message "Failed to convert
  source address to presentation format" when unable to find useable route
  to the target. [nnposter]

o [Ncat] Use safety-checked versions of FD_* macros to abort early if
  number of connections exceeds FD_SETSIZE. [Pavel Zhukov]

o [Ncat] Connections proxied via SOCKS4/SOCKS5 were intermittently dropping
  server data sent right after the connection got established, such as port
  banners. [Sami Pönkänen]

o [Ncat] Fixed a bug in proxy connect mode which would close the
  connection as soon as it was opened in Nmap 7.90 and 7.91.

o [NSE] Fixed NSE so it will not consolidate all port script output
  for targets which share an IP (e.g. HTTP vhosts) under one target. [Daniel Miller]

o [Zenmap] Fixed an issue where a failure to execute Nmap would result
  in a Zenmap crash with "TypeError: coercing to Unicode" exception.

o Nmap no longer considers an ICMP Host Unreachable as confirmation that a
  target is down, in accordance with RFC 1122 which says these errors may be
  transient. Instead, the probe will be destroyed and other probes used to
  determine aliveness. [Daniel Miller]

o [Ncat] Ncat no longer crashes when used with Unix domain sockets.

o [Ncat] Ncat is now again generating certificates
  with the duration of one year. Due to a bug, recent versions of Ncat were
  using only one minute. [Tobias Girstmair]

o [NSE] URL/percent-encoding is now using uppercase hex digits
  to align with RFC 3986, section 2.1, and to improve compatibility with some
  real-world web servers. [nnposter]

o [NSE] Script hostmap-crtsh got improved in several ways. The most
  visible are that certificate SANs are properly split apart and that
  identities that are syntactically incorrect to be hostnames are now ignored.
  [Michel Le Bihan, nnposter]

o [NSE] Loading of a Nikto database failed if the file was referenced
  relative to the Nmap directory [nnposter]

o [NSE] SMB2 dialect handling has been redesigned. Visible
  changes include:
  * Notable improvement in speed of script smb-protocols and others
  * Some SMB scripts are no longer using a hardcoded dialect, improving
    target interoperability
  * Dialect names are aligned with Microsoft, such as 3.0.2, instead of 3.02
  [nnposter]

o [NSE] Script smb2-vuln-uptime no longer reports false positives when
  the target does not provide its boot time. [nnposter]

o [NSE] Client packets composed by the DHCP library will now contain
  option 51 (IP address lease time) only when requested. [nnposter]

o [NSE] XML decoding in library citrixxml no longer crashes when
  encountering a character reference with codepoint greater than 255. (These
  references are now left unmodified.) [nnposter]

o [NSE] Script mysql-audit now defaults to the bundled mysql-cis.audit for
  the audit rule base. [nnposter]

o [NSE] It is now possible to control whether the SNMP library uses
  v1 (default) or v2c by setting script argument snmp.version. [nnposter]
2021-08-26 08:24:48 +00:00
adam
8523ed438d nmap ndiff zenmap: updated to 7.91
Nmap 7.91 [2020-10-09]

o [Zenmap] Fix a crash in the profile editor due to a missing import.

o [Nsock][Windows] Demote the IOCP Nsock engine because of some known
  issues that will take longer to resolve. The previous default "poll" engine
  will be used instead.

o [Nsock][Windows] Fix a crash in service scan due to a previously-unknown
  error being returned from the IOCP Nsock engine. [Daniel Miller]

o [NSE] Fix several places where Lua's os.time was being used
  to represent dates prior to January 1, 1970, which fails on Windows. Notably,
  NSE refused to run in UTC+X timezones with the error "time result cannot be
  represented in this installation" [Clément Notin, nnposter, Daniel Miller]

o [NSE] MySQL library was not properly parsing server responses,
  resulting in script crashes. [nnposter]

o Silence the irrelevant warning, "Your ports include 'T:' but you
  haven't specified any TCP scan type" when running nmap -sUV

Nmap 7.90 [2020-10-02]

o [Windows] Upgraded Npcap, our Windows packet capturing (and sending)
  library to the milestone 1.00 release! It's the culmination of 7 years of
  development with 170 public pre-releases. This includes dozens of
  performance improvements, bug fixes, and feature enhancements described
  at https://npcap.org/changelog.

o Integrated over 800 service/version detection fingerprints submitted since
  August 2017. The signature count went up 1.8% to 11,878, including 17 new
  softmatches.  We now detect 1237 protocols from airmedia-audio, banner-ivu,
  and control-m to insteon-plm, pi-hole-stats, and ums-webviewer.  A
  significant number of submissions remain to be integrated in the next
  release.

o Integrated over 330 of the most-frequently-submitted IPv4 OS fingerprints
  since August 2017. Added 26 fingerprints, bringing the new total to 5,678.
  Additions include iOS 12 & 13, macOS Catalina & Mojave, Linux 5.4, FreeBSD
  13, and more.

o Integrated all 67 of your IPv6 OS fingerprint submissions from August 2017 to
  September 2020. Added new groups for FreeBSD 12, Linux 5.4, and Windows 10,
  and consolidated several weak groups to improve classification accuracy.

o [NSE] Added 3 NSE scripts, from 2 authors, bringing the total up to 601!
  They are all listed at https://nmap.org/nsedoc/, and the summaries are
  below:

  + dicom-brute attempts to brute force the called Application Entity Title
    of DICOM servers. [Paulino Calderon]

  + dicom-ping discovers DICOM servers and determines if any Application
    Entity Title is allowed to connect. [Paulino Calderon]

  + uptime-agent-info collects system information from an Idera Uptime
    Infrastructure Monitor agent. [Daniel Miller]

o Addressed over 250 code quality issues identified by LGTM.com,
  improving our code quality score from "C" to "A+"

o Released Npcap OEM Edition. For more than 20 years, the Nmap Project has
  been funded by selling licenses for companies to distribute Nmap with
  their products, along with commercial support. Hundreds of commercial
  products now use Nmap for network discovery tasks like port scanning,
  host discovery, OS detection, service/version detection, and of course
  the Nmap Scripting Engine (NSE). Until now they have just used standard
  Nmap, but this new OEM Edition is customized for use within other Windows
  software. Nmap OEM contains the OEM version of our Npcap driver, which
  allows for silent installation. It also removes the Zenmap GUI, which
  cuts the installer size by more than half. And it reports itself as Nmap
  OEM so customers know it's a properly licensed Nmap. See
  https://nmap.org/oem for more details. We will be reaching out to all
  existing licensees with Nmap OEM access credentials, but any licensees
  who wants it quicker should see https://nmap.org/oem.

o Upgraded the Nmap license form a sort of hacked-up version of GPLv2 to a
  cleaner and better organized version (still based on GPLv2) now called the
  Nmap Public Source License to avoid confusion. See https://nmap.org/npsl/
  for more details and annotated license text. This NPSL project was started
  in 2006 (community discussion here:
  https://seclists.org/nmap-dev/2006/q4/126) and then it lost momentum for 7
  years until it was restarted in 2013
  (https://seclists.org/nmap-dev/2013/q1/399) and then we got distracted by
  development again. We still have some ideas for improving the NPSL, but
  it's already much better than the current license, so we're applying NPSL
  Version 0.92 to the code now and can make improvements later if
  needed. This does not change the license of previous Nmap releases.

o Removed nmap-update. This program was intended to provide a way to update
  data files and NSE scripts, but the infrastructure was never fielded. It
  depended on Subversion version control and would have required maintaining
  separate versions of NSE scripts for compatibility.

o Removed the silent-install command-line option (/S) from the Windows
  installer. It causes several problems and there were no objections when we
  proposed removing it in 2016 (https://seclists.org/nmap-dev/2016/q4/168).
  It will remain in Nmap OEM since its main use was for customers who
  redistribute Nmap with other software. If anyone else has a strong need
  for an Nmap silent installer, please contact sales@nmap.com and we'll see
  what we can do.

o 23 new UDP payloads and dozens more default ports for existing
  payloads developed for Rapid7's InsightVM scan engine. These speed up and
  ensure detection of open UDP services. [Paul Miseiko, Rapid7]

o Added a UDP payload for STUN (Session Traversal Utilities for NAT).
  [David Fifield]

o [NSE] Fixed an off-by-one bug in the stun.lua library that prevented
  parsing a server response. [David Fifield]

o Restrict Nmap's search path for scripts and data files.
  NMAPDATADIR, defined on Unix and Linux as ${prefix}/share/nmap, will not be
  searched on Windows, where it was previously defined as C:\Nmap .
  Additionally, the --script option will not interpret names as directory names
  unless they are followed by a '/'. [Daniel Miller]

o Fix an assertion failure when unsolicited ARP response is received:
    nmap: Target.cc:503: void Target::stopTimeOutClock(const timeval*): Assertion `htn.toclock_running == true' failed.

o [NSE] New outlib library consolidates functions related to NSE output,
  both string formatting conventions and structured output. [Daniel Miller]

o [NSE] New dicom library implements the DICOM protocol used for
  storing and transfering medical images. [Paulino Calderon]

o Fix a regression in ARP host discovery left over from the move from
  massping to ultra_scan in Nmap 4.22SOC8 (2007) that sometimes resulted in
  missing ARP responses from targets near the end of a scan. Accuracy and speed
  are both improved. [Daniel Miller]

o Restrict Nmap's search path for scripts and data files.
  NMAPDATADIR, defined on Unix and Linux as ${prefix}/share/nmap, will not be
  searched on Windows, where it was previously defined as C:\Nmap .
  Additionally, the --script option will not interpret names as directory names
  unless they are followed by a '/'. [Daniel Miller]

o Fix the "iocp" Nsock engine for Windows to be able to correctly
  handle PCAP read events. This engine is now the default for Windows, which
  should greatly improve performance over the previous default, the "poll"
  engine. [Daniel Miller]

o Reduced CPU usage of OS scan by 50% by avoiding string copy
  operations and removing undocumented fingerprint syntax unused in nmap-os-db
  ('&' and '+' in expressions). [Daniel Miller]

o Allow multiple UDP payloads to be specified for a port in
  nmap-payloads. If the first payload does not get a response, the remaining
  payloads are tried round-robin. [Paul Miseiko, Rapid7]

o New option --discovery-ignore-rst tells Nmap to ignore TCP RST
  responses when determining if a target is up. Useful when firewalls are
  spoofing RST packets. [Tom Sellers, Rapid7]

o [Ncat] It is now possible to override
  the value of TLS SNI via --ssl-servername [Hank Leininger, nnposter]

o Fixed parsing of TCP options which would hang (infinite loop) if an
  option had an explicit length of 0. Affects Nmap 7.80 only.
  [Daniel Miller, Imed Mnif]

o [NSE] Script ssh2-enum-algos would fail if the server initiated
  the key exchange before completing the protocol version exchange
  [Scott Ellis, nnposter]

o [NSE] Fetching of SSH2 keys might fail because of key exchange
  confusion [nnposter]

o [NSE] Performance of script afp-ls has been dramatically improved
  [nnposter]

o [NSE] Parsing of AFP FPGetFileDirParms and
  FPEnumerateExt2FPEnumerateExt2 responses was not working correctly [nnposter]

o [NSE] Eliminated false positives in script http-shellshock caused by
  simple reflection of HTTP request data [Anders Kaseorg]

o [NSE] SNMP scripts are now enabled on non-standard ports where SNMP
  has been detected [usd-markus, nnposter]

o [NSE] MQTT library was using incorrect position when parsing
  received responses [tatulea]

o [NSE] IPMI library was using incorrect position when parsing
  received responses [Star Salzman]

o [NSE] Scripts ipmi-brute and deluge-rpc-brute were not capturing
  successfully brute-forced credentials [Star Salzman]

o Allow resuming IPv6 scans with --resume. The address parsing was assuming IPv4
  addresses, leading to "Unable to parse ip" error. In a related fix, MAC addresses
  will not be parsed as IP addresses when resuming from XML. [Daniel Miller]

o Fix reverse-DNS handling of PTR records that are not lowercase.
  Nmap was failing to identify reverse-DNS names when the DNS server delivered
  them like ".IN-ADDR.ARPA". [Lucas Nussbaum, Richard Schütz, Daniel Miller]

o [NSE] IKE library was not properly populating the protocol
  number in aggressive mode requests. [luc-x41]

o Added service fingerprinting for MySQL 8.x, Microsoft SQL
  Server 2019, MariaDB, and Crate.io CrateDB. Updated PostreSQL coverage and
  added specific detection of recent versions running in Docker. [Tom Sellers]

o New XML output "hosthint" tag emitted during host discovery when a target is
  found to be up. This gives earlier notification than waiting for the
  hostgroup to finish all scan phases. [Paul Miseiko]

o New UDP payloads for GPRS Tunneling Protocol (GTP) on ports 2123,
  2152, and 3386. [Guillaume Teissier]

o [NSE] SSH scripts now run on several ports likely to be SSH based on
  empirical data from Shodan.io, as well as the netconf-ssh service.
  [Lim Shi Min Jonathan, Daniel Miller]

o [Zenmap] Stop creating a debugging output file 'tmp.txt' on the
  desktop in macOS. [Roland Linder]

o [Nping] Address build failure under libc++ due to "using namespace std;" in
  several headers, resulting in conflicting definitions of bind(). Reported by
  StormBytePP and Rosen Penev. [Daniel Miller]

o [Ncat] Fix a fatal error when connecting to a Linux VM socket with
  verbose output enabled. [Stefano Garzarella]

o [Ncat] Proxy credentials can be alternatively passed onto Ncat by
  setting environment variable NCAT_PROXY_AUTH, which reduces the risk of the
  credentials getting captured in process logs. [nnposter]

o [NSE] Fixed a crash on Windows when processing a GZIP-encoded HTTP
  body. [Daniel Miller]

o Upgrade libpcap to 1.9.1, which addresses several CVE vulnerabilities.

o Upgrade libssh2 to 1.9.0, fixing compilation with OpenSSL 1.1.0 API.

o Processing of IP address CIDR blocks was not working
  correctly on ppc64, ppc64le, and s390x architectures. [rfrohl, nnposter]

o [Windows] Add support for the new loopback behavior in Npcap 0.9983 and
  later. This enables Nmap to scan localhost on Windows without needing the
  Npcap Loopback Adapter to be installed, which was a source of problems for
  some users.  [Daniel Miller]

o [NSE] MS SQL library has improved version resolution, from service pack level
  to individual cumulative updates [nnposter]

o [NSE] With increased verbosity, script http-default-accounts now
  reports matched target fingerprints even if no default credentials were found
  [nnposter]

o [NSE] IPP request object conversion to string was not working
  correctly [nnposter]

o [NSE] IPP response parser was not correctly processing
  end-of-attributes-tag [nnposter]

o [NSE] Script cups-info was failing due to erroneous double-decoding
  of the IPP printer status [nnposter]

o [NSE] Oracle TNS parser was incorrectly unmarshalling DALC byte
  arrays [nnposter]

o [NSE] The password hashing function for Oracle 10g was not working correctly
  for non-alphanumeric characters [nnposter]

o [NSE] Virtual host probing list, vhosts-full.lst, was missing numerous
  entries present in vhosts-default.lst [nnposter]

o [NSE] Script http-grep was not correctly calculating Luhn
  checksum [Colleen Li, nnposter]

o [NSE] Scripts dhcp-discover and broadcast-dhcp-discover now support
  new argument "mac" to force a specific client MAC address [nnposter]

o [NSE] Code improvements in RPC Dump, benefitting NFS-related scripts
  [nnposter]

o [NSE] RPC code was using incorrect port range, which was causing some calls,
  such as NFS mountd, to fail intermittently [nnposter]

o [NSE] XML output from script ssl-cert now includes RSA key modulus
  and exponent [nnposter]

o [NSE] Nmap no longer crashes when SMB scripts, such as smb-ls, call
  smb.find_files [nnposter]

o [NSE] The MongoDB library was causing errors when assembling protocol
  payloads. [nnposter]

o [NSE] The RTSP library was not correctly generating request
  strings. [nnposter]

o [NSE] VNC handshakes were failing with insert position out of bounds
  error. [nnposter]

o [NSE] Function marshall_dom_sid2 in library msrpctypes was not
  correctly populating ID Authority. [nnposter]

o [NSE] Unmarshalling functions in library msrpctypes were attempting
  arithmetic on a nil argument. [Ivan Ivanov, nnposter]

o [NSE] Functions lsa_lookupnames2 and lsa_lookupsids2 in library
  msrpc were incorrectly referencing function strjoin when called with debug
  level 2 or higher. [Ivan Ivanov]

o [NSE] Added HTTP default account fingerprints for Tomcat
  Host Manager and Dell iDRAC9. [Clément Notin]

o [NSE] A MS-SMB spec non-compliance in Samba was causing
  protocol negotiation to fail with data string too short error.
  [Clément Notin, nnposter]

o [NSE] A bug in SMB library was causing scripts to
  fail with bad format argument error. [Ivan Ivanov]

o [NSE] The HTTP library no longer crashes when code requests digest
  authentication but the server does not provide the necessary authentication
  header. [nnposter]

o [NSE] Fixed a bug in http-wordpress-users.nse that could cause
  extraneous output to be captured as part of a username. [Duarte Silva]
2021-04-16 06:55:33 +00:00
adam
01ab0d3a78 nmap: updated to 7.80
7.80:
Here is the full list of significant changes:

o [Windows] The Npcap Windows packet capturing library (https://npcap.org/)
  is faster and more stable than ever. Nmap 7.80 updates the bundled Npcap
  from version 0.99-r2 to 0.9982, including all of these changes from the
  last 15 Npcap releases: https://nmap.org/npcap/changelog

o [NSE] Added 11 NSE scripts, from 8 authors, bringing the total up to 598!
  They are all listed at https://nmap.org/nsedoc/, and the summaries are
  below:

  +  broadcast-hid-discoveryd discovers HID devices on a LAN by
    sending a discoveryd network broadcast probe.

  +  broadcast-jenkins-discover discovers Jenkins servers on a LAN
    by sending a discovery broadcast probe.

  +  http-hp-ilo-info extracts information from HP
    Integrated Lights-Out (iLO) servers.

  +  http-sap-netweaver-leak detects SAP Netweaver Portal with the
    Knowledge Management Unit enabled with anonymous access.

  + https-redirect detects HTTP servers that redirect to the same port, but
    with HTTPS. Some nginx servers do this, which made ssl-* scripts not run
    properly.

  +  lu-enum enumerates Logical Units (LU) of TN3270E servers.


  +  rdp-ntlm-info extracts Windows domain information from RDP
    services.

  + smb-vuln-webexec checks whether the WebExService is installed and allows
    code execution.

  + smb-webexec-exploit exploits the WebExService to run arbitrary commands
    with SYSTEM privileges.

  +  ubiquiti-discovery extracts information from the Ubiquiti
    Discovery service and assists version detection.

  +  vulners queries the Vulners CVE database API using CPE
    information from Nmap's service and application version detection.


o Use pcap_create instead of pcap_live_open in
  Nmap, and set immediate mode on the pcap descriptor. This solves packet
  loss problems on Linux and may improve performance on other platforms.


o [NSE] Collected utility functions for string processing into a new
  library, stringaux.lua.

o [NSE] New rand.lua library uses the best sources of random available on
  the system to generate random strings.

o [NSE] New library, oops.lua, makes reporting errors easy, with plenty of
  debugging detail when needed, and no clutter when not.

o [NSE] Collected utility functions for manipulating and searching tables
  into a new library, tableaux.lua.

o [NSE] New knx.lua library holds common functions and definitions for
  communicating with KNX/Konnex devices.

o [NSE] The HTTP library now provides transparent support for gzip-
  encoded response body. (See https://github.com/nmap/nmap/pull/1571 for an
  overview.)

o [Nsock][Ncat] Add AF_VSOCK (Linux VM sockets) functionality to
  Nsock and Ncat. VM sockets are used for communication between virtual
  machines and the hypervisor.

o [Security][Windows] Address CVE-2019-1552 in OpenSSL by building with the
  prefix "C:\Program Files (x86)\Nmap\OpenSSL". This should prevent
  unauthorized users from modifying OpenSSL defaults by writing
  configuration to this directory.

o [Security] Reduced LibPCRE resource limits so that
  version detection can't use as much of the stack. Previously Nmap could
  crash when run on low-memory systems against target services which are
  intentionally or accidentally difficult to match. Someone assigned
  CVE-2018-15173 for this issue.

o Deprecate and disable the -PR (ARP ping) host discovery
  option. ARP ping is already used whenever possible, and the -PR option
  would not force it to be used in any other case.

o [NSE] bin.lua is officially deprecated. Lua 5.3, added 2 years ago in Nmap
  7.25BETA2, has native support for binary data packing via string.pack and
  string.unpack. All existing scripts and libraries have been updated.


o [NSE] Completely removed the bit.lua NSE library. All of its functions are
  replaced by native Lua bitwise operations, except for `arshift`
  (arithmetic shift) which has been moved to the bits.lua library. [Daniel
  Miller]

o [NSE] The HTTP library is now enforcing a size limit on the
  received response body. The default limit can be adjusted with a script
  argument, which applies to all scripts, and can be overridden case-by-case
  with an HTTP request option. (See https://github.com/nmap/nmap/pull/1571
  for details.)

o [NSE] CR characters are no longer treated as illegal in script
  XML output.

o Allow resuming nmap scan with lengthy command line [Clément
  Notin]

o [NSE] Add TLS support to rdp-enum-encryption. Enables determining
  protocol version against servers that require TLS and lays ground work for
  some NLA/CredSSP information collection.

o [NSE] Address two protocol parsing issues in rdp-enum-encryption
  and the RDP nse library which broke scanning of Windows XP. Clarify
  protocol types

o [NSE] Script http-fileupload-exploiter failed to locate its
  resource file unless executed from a specific working
  directory.

o [NSE] Avoid clobbering the "severity" and "ignore_404" values of
  fingerprints in http-enum. None of the standard fingerprints uses these
  fields.

o [NSE] Fix a crash caused by a double-free of libssh2 session data
  when running SSH NSE scripts against non-SSH services.

o [NSE] Updates the execution rule of the mongodb scripts to be
  able to run on alternate ports.

o [Ncat] Allow Ncat to connect to servers on port 0, provided that
  the socket implementation allows this.

o Update the included libpcap to 1.9.0.

o [NSE] Fix a logic error that resulted in scripts not honoring the
  smbdomain script-arg when the target provided a domain in the NTLM
  challenge.

o [Nsock] Avoid a crash (Protocol not supported) caused by trying
  to reconnect with SSLv2 when an error occurs during DTLS connect. [Daniel
  Miller]

o [NSE] Removed OSVDB references from scripts and replaced them
  with BID references where possible.

o [NSE] Updates TN3270.lua and adds argument to disable TN3270E


o RMI parser could crash when encountering invalid input [Clément
  Notin]

o Avoid reporting negative latencies due to matching an ARP or ND
  response to a probe sent after it was recieved.

o [Ncat] To avoid confusion and to support non-default proxy ports,
  option --proxy now requires a literal IPv6 address to be specified using
  square-bracket notation, such as --proxy

o [Ncat] New ncat option provides control over
  whether proxy destinations are resolved by the remote proxy server or
  locally, by Ncat itself. See option --proxy-dns.

o [NSE] Updated script ftp-syst to prevent potential endless
  looping.

o New service probes and match lines for v1 and v2 of the Ubiquiti
  Discovery protocol. Devices often leave the related service open and it
  exposes significant amounts of information as well as the risk of being
  used as part of a DDoS. New nmap-payload entry for v1 of the
  protocol.

o [NSE] Removed hostmap-ip2hosts.nse as the API has been broken for a while
  and the service was completely shutdown on Feb 17th, 2019. [Paulino
  Calderon]

o [NSE] Adds TN3270E support and additional improvements to
  tn3270.lua and updates tn3270-screen.nse to display the new
  setting.

o [NSE] Updates product codes and adds a check for response length
  in enip-info.nse. The script now uses string.unpack.

o [Ncat] Temporary RSA keys are now 2048-bit to resolve a
  compatibility issue with OpenSSL library configured with security level 2,
  as seen on current Debian or Kali.

o [NSE] Fix a crash (double-free) when using SSH scripts against
  non-SSH services.

o [Zenmap] Fix a crash when Nmap executable cannot be found and the system
  PATH contains non-UTF-8 bytes, such as on Windows.

o [Zenmap] Fix a crash in results search when using the dir: operator:
    AttributeError: 'SearchDB' object has no attribute 'match_dir' [Daniel
    Miller]

o [Ncat] Fixed an issue with Ncat -e on Windows that caused early
  termination of connections.

o [NSE] Fix a false-positive in http-phpmyadmin-dir-traversal when
  the server responds with 200 status to a POST request to any
  URI.

o [NSE] New vulnerability state in vulns.lua, UNKNOWN, is used to indicate
  that testing could not rule out vulnerability.

o When searching for Lua header files, actually use them where
  they are found instead of forcing /usr/include. [Fabrice Fontaine, Daniel
  Miller]

o [NSE] Script traceroute-geolocation no longer crashes when
  www.GeoPlugin.net returns null coordinates

o Limit verbose -v and debugging -d levels to a maximum of 10. Nmap does not
  use higher levels internally.

o [NSE] tls.lua when creating a client_hello message will now only use a
  SSLv3 record layer if the protocol version is SSLv3. Some TLS
  implementations will not handshake with a client offering less than
  TLSv1.0. Scripts will have to manually fall back to SSLv3 to talk to
  SSLv3-only servers.

o [NSE] Fix a few false-positive conditions in
  ssl-ccs-injection. TLS implementations that responded with fatal alerts
  other than "unexpected message" had been falsely marked as
  vulnerable.

o Emergency fix to Nmap's birthday announcement so Nmap wishes itself a
  "Happy 21st Birthday" rather than "Happy 21th" in verbose mode (-v) on
  September 1, 2018.

o Start host timeout clocks when the first probe is sent to a
  host, not when the hostgroup is started. Sometimes a host doesn't get
  probes until late in the hostgroup, increasing the chance it will time
  out.

o [NSE] Support for edns-client-subnet (ECS) in dns.lua has been improved
by:
  -
  - Properly trimming ECS address, as mandated by RFC 7871
  - Fixing a bug that prevented using the same ECS option table more than
    once

o [Ncat] Fixed communication with commands launched with -e or -c
  on Windows, especially when --ssl is used.

o [NSE] Script http-default-accounts can now select more than one
  fingerprint category. It now also possible to select fingerprints by name
  to support very specific scanning.

o [NSE] Script http-default-accounts was not able to run against more than
  one target host/port.

o [NSE] New script-arg `http.host` allows users to force a
  particular value for the Host header in all HTTP requests.

o [NSE] Use smtp.domain script arg or target's domain name instead
  of "example.com" in EHLO command used for STARTTLS.

o [NSE] Fix brute.lua's BruteSocket wrapper, which was crashing
  Nmap with an assertion failure due to socket mixup [Daniel Miller]: nmap:
  nse_nsock.cc:672: int receive_buf(lua_State*, int, lua_KContext):
  Assertion `lua_gettop(L) == 7' failed.

o [NSE] Handle an error condition in smb-vuln-ms17-010 caused by
  IPS closing the connection.

o [Ncat] Fixed literal IPv6 URL format for connecting through HTTP
  proxies.

o [NSE] Updates vendors from ODVA list for enip-info.
[NothinRandom]

o [NSE] Add two common error strings that improve MySQL detection
  by the script http-sql-injection.

o [NSE] Fix bug in http-vuln-cve2006-3392 that prevented the script
  to generate the vulnerability report correctly.

o [NSE] Fix bug related to screen rendering in NSE library
  tn3270. This patch also improves the brute force script
  tso-brute.

o [NSE] Fix SIP, SASL, and HTTP Digest authentication when the
  algorithm contains lowercase characters.

o Nmap could be fooled into ignoring TCP response packets if they
  used an unknown TCP Option, which would misalign the validation, causing
  it to fail.

o [NSE]The HTTP response parser now tolerates status lines without a reason
  phrase, which improves compatibility with some HTTP servers.

o [NSE]] Parser for HTTP Set-Cookie header
  is now more compliant with RFC 6265:
  - empty attributes are tolerated
  - double quotes in cookie and/or attribute values are treated literally
  - attributes with empty values and value-less attributes are parsed
equally
  - attributes named "name" or "value" are ignored

o [NSE] Fix parsing http-grep.match script-arg. [Hans van den
  Bogert]

o [Zenmap] Avoid a crash when recent_scans.txt cannot be written
  to.

o Fixed --resume when the path to Nmap contains spaces.

o New service probe and match lines for adb, the Android Debug Bridge, which
  allows remote code execution and is left enabled by default on many
  devices.
2019-08-28 13:55:44 +00:00
maya
f34a8c24a3 PKGREVISION bump for anything using python without a PYPKGPREFIX.
This is a semi-manual PKGREVISION bump.
2019-04-25 07:32:34 +00:00
jperkin
5393242c73 *: Move SUBST_STAGE from post-patch to pre-configure
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
2018-07-04 13:40:07 +00:00
adam
95b3509c2f nmap: ndiff and zenmap are now separate packages (incl. build fixes for zenmap) 2018-04-14 13:04:33 +00:00