Search This Blog

Showing posts with label Nmap. Show all posts

Nmap 5.61TEST4 released -51 New Scripts, web spidering, vuln library,and more!


Nmap 5.61TEST4 has a number of interesting features.
  • a spidering library and associated scripts for crawling websites.
  • 51 new NSE scripts, bringing the total to 297.
  • a substantial decrease in the size of the Mac OS X installer due to the removal of PPC support.
  • a new vulnerability management library which stores and reports found vulnerabilities.

More information can be found here.

Nmap 5.61 Changelog ~Added IPv6 OS detection system


# Nmap Changelog[2011-10-01]
  • [NSE] Made http-wordpress-enum.nse able to get names of users who have no posts. [Duarte Silva]
  • Increased hop distance estimates from OS detection by one. The distance now counts the number of hops including the final one to the target, not just the number of intermediate nodes. The IPv6 distance calculation already worked this way. [David]

Nmap 5.61TEST2:[2011-09-30]


o Added IPv6 OS detection system! The new system utilizes many tests
similar to IPv4, and also some IPv6-specific ones that we found to
be particularly effective. And it uses a machine learning approach
rather than the static classifier we use for IPv4. We hope to move
some of the IPv6 innovations back to our IPv4 system if they work
out well. The database is still very small, so please submit any
fingerprints that Nmap gives you to the specified URL (as long as
you are certain that you know what the target system is
running). Usage and results output are basically the same as with
IPv4, but we will soon document the internal mechanisms at
http://nmap.org/book/osdetect.html, just as we have for IPv4. For an
example, try "nmap -6 -O scanme.nmap.org". [David, Luis]

o [NSE] Added 3 scripts, bringing the total to 246! You can learn
more about them at http://nmap.org/nsedoc/. Here they are (authors
listed in brackets):

+ lltd-discovery uses the Microsoft LLTD protocol to discover hosts
on a local network. [Gorjan Petrovski]

+ ssl-google-cert-catalog queries Google's Certificate Catalog for
the SSL certificates retrieved from target hosts. [Vasiliy Kulikov]

+ quake3-info extracts information from a Quake3-like game
server. [Toni Ruottu]

o Improved AIX support for raw scans. This includes some patches
originally written by Peter O'Gorman and Florian Schmid. It also
involved various build fixes found necessary on AIX 6.1 and 7.1. See
http://nmap.org/book/inst-other-platforms.html. [David]

o Fixed Nmap so that it again compiles and runs on Solaris 10,
including IPv6 support. [David]

o [NSE] Moved our brute force authentication cracking scripts
(*-brute) from the "auth" category into a new "brute"
category. Nmap's brute force capabilities have grown tremendously!
You can see all 32 of them at
http://nmap.org/nsedoc/categories/brute.html. It isn't clear
whether dns-brute should be in the brute category, so for now it
isn't. [Fyodor]

o Made the interface gathering loop work on Linux when an interface
index is more than two digits in /proc/sys/if_inet6. Joe McEachern
tracked down the problem and provided the fix.

o [NSE] Fixed a bug in dns.lua: ensure that dns.query() always return two values
(status, response) and replaced the workaround in asn-query.nse by the proper
use. [Henri]

o [NSE] Made irc-info.nse handle the case where the MOTD is missing.
Patch by Sebastian Dragomir.

o Updated nmap-mac-prefixes to include the latest IEEE assignments
as of 2011-09-29.