Rilasciata la release 5.20 di Nmap, il famosissimo strumento di scanner e mapper di rete.


La nuova release contiene 150 miglioramenti, è stata portata la massima attenzione sul consumo di memoria e massimizzando le prestazioni.

Per ottenere il massimo nelle prestazioni sono stai migliorati, parallelizzando e ottimizzando, 31 script NSE( Nmap Scripting Engine). La nuova release ingloba adesso complessivo 80 NSE.

Sono state portate a 10000 le firme di riconoscimento dei sistemi operativi.
Riporto di seguito il changelog della release5.20 :

# Nmap Changelog ($Id: CHANGELOG 16529 2010-01-21 04:51:16Z fyodor $); -*-text-*-

o [NSE] Added the new dns-service-discovery script which uses DNS-SD
to identify services. DNS-SD is one part of automatic configuration
technologies known by names such as Bonjour, Rendezvous, and
Zeroconf. This one script can provide as much information as a full
port scan in some cases. [Patrik Karlsson]

o [NSE] Added a new library, afp.lua, and a script that uses it,
afp-showmount. The library is for the Apple Filing Protocol and the
script shows shares and their permissions. [Patrik Karlsson]

o Fixed a bug with the decoding of NMAP OID component values greater
than 127. [Patrik Karlsson, David]

o Added an Apple Filing Protocol service probe that detects Netatalk
servers. (Apple’s AFP servers are coincidentally triggered by the
SSLSessionReq probe.) [Patrik Karlsson]

Nmap 5.20 [2010-01-20]

o Dramatically improved the version detection database, integrating
2,596 submissions that users contributed since February 3, 2009!
More than a thousand signatures were added, bringing the total to
8,501. Many existing signatures were improved as well. Please keep
those submissions and corrections coming! Nmap prints a submission
URL and fingerprint when it receives responses it can’t yet
interpret.

o [NSE] Added a new script, oracle-sid-brute, which queries the Oracle
TNS-listener for default instance/sid names. The SID enumeration
list was prepared by Red Database security. See
http://nmap.org/nsedoc/scripts/oracle-sid-brute.html. [Patrik
Karlsson]

o [Ncat] The –ssl, –output, and –hex-dump options now work with
–exec and –sh-exec. Among other things, this allows you to make a
program’s I/O available over the network wrapped in SSL encryption
for security. It is implemented by forking a separate process to
handle network communications and relay the data to the
sub-process. [Venkat, David]

o Nmap now tries start the WinPcap NPF service on Windows if it is not
already running. This is rare, since our WinPcap installer starts
NPF running at system boot time by default. Because starting NPF
requires administrator privileges, a UAC dialog for net.exe may
appear on Windows Vista and Windows 7 before NPF is loaded. Once
NPF is loaded, it generally stays loaded until you reboot or run
“net stop npf”. [David, Michael Pattrick]

o The Nmap Windows installer and our WinPcap installer now have an
option /NPFSTARTUP=NO, which inhibits the installer from setting the
WinPcap NPF service to start at system startup and at install-time.
This option only affects silent mode (/S) because existing GUI
checkboxes allow you to configure this behavior during interactive
installation. [David]

o [NSE] Replaced our runlevel system for managing the order of script
execution with a much more powerful dependency system. This allows
scripts to specify which other scripts they depend on (e.g. a brute
force authentication script might depend on username enumeration
scripts) and NSE manages the order. Dependencies only enforce
ordering, they cannot pull in scripts which the user didn’t
specify. See

http://nmap.org/book/nse-script-format.html#nse-format-dependencies

[Patrick]

o [Ncat] For compatibility with Hobbit’s original Netcat, The -p
option now works to set the listening port number in listen mode.
So “ncat -l 123″ can now be expressed as “ncat -l -p 123″
too. [David]

o A new script argument, http.useragent, lets you modify
the User-Agent header sent by NSE from its default of “Mozilla/5.0
(compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)”.
Set it to the empty string to disable the User-Agent
entirely. [David, Tom Sellers, Jah]

o [Zenmap] The locale setting had been taken from the Windows locale,
which inadvertently made setting the locale with the LANG
environment variable stop working. Now the LANG variable is examined
first, and if that is not present, the system-wide setting is
used. This change allows users to keep Zenmap in its original
English (or any of Zenmap’s other languages) even if their system is
set to use a different locale. [David]

o [NSE] The http-favicon script is now better at finding “link
rel=icon” tags in pages, and uses that icon in preference to
/favicon.ico if found. If the favicon.uri script arg is given, only
that is tried. Meanwhile, a giant (10 million web servers) favicon
scan by Brandon allowed us to add about 40 more of the most popular
icons to the DB. [David, Brandon]

o [NSE] smb-psexec now works against Windows XP (as well as
already-supported Win2K and Windows 2003). The solution involved
changing the seemingly irrelevant PID field in the SMB packet. See
http://seclists.org/nmap-dev/2010/q1/13. [Ron]

o [NSE] Fixed a bug which kept the nselib/data/psexec subdirectory out
of the Windows packages. We needed to add the /s and /e options to
xcopy in our Visual C++ project file. [David]

o [NSE] Overhauled our http library to centralize HTTP parsing and
make it more robust. The biggest user-visible change is that
http.request goes back to returning a parsed result table rather than raw
HTTP data. Also the http.pipeline function no longer accepts the
no-longer-used “raw” option. [David]

o Fixed a bug in traceroute that could lead to a crash:
terminate called after throwing an instance of ’std::out_of_range’
what(): bitset::test
It happened when the preliminary distance guess for a target was
greater than 30, the size of an internal data structure. David and
Brandon tracked down the problem.

o Fixed compilation of libdnet-stripped on platforms that don’t have
socklen_t. [Michael Pattrick]

o Added a service probe and match lines for the Logitech/SlimDevices
SqueezeCenter music server. [Patrik Karlsson]

o Fixed the RTSPRequest version probe, which was accidentally modified
to say “RTSP/2.0″ rather than “RTSP/1.0″ in 5.10BETA2. [Matt Selsky]

o [NSE] Our http library no longer allows cached responses from a GET
request to be returned for a HEAD request. This could cause problems
with at least the http-enum script. [David]

o Fixed a bug in the WinPcap installer: If the “Start the WinPcap
service ‘NPF’ at startup” box was unchecked and the “Start the
WinPcap service ‘NPF’ now” box was checked, the second checkbox
would be ignored (the service would not be started now). [Rob
Nicholls]

Happy Nmap

Link

[via insecure.org]


Ti è piaciuto questo articolo? Condividilo :
  • Print this article!
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • oknotizie
  • Turn this article into a PDF!
  • Segnalo