Nmap 6.00

Title:

Nmap 6.00

File Size:

25.1 MB

Requirements:

Windows 2000 / XP / Vista / Windows7 / XP64 / Vista64 / Windows7 64 / Windows8 / Windows8 64

Language:

en-us

License:

Open Source

Date Added:

21 May 2012

Publisher:

Gordon Lyon

Homepage:

http://nmap.org

MD5 Checksum:

B98A5287C43D438CFD721ED6AE6B2870

- [NSE] Added the script http-traceroute, which exploits the Max-Forwards HTTP header to detect reverse proxies.
- Added the script distcc-CVE-2004-2687 that checks and exploits a remote command execution vulnerability in distcc.
- Added two new scripts mysql-query and mysql-dump-hashes, which add support for performing custom MySQL queries and dump MySQL password hashes.
- Improved the mysql library to handle multiple columns with the same name, added a formatResultset function to format a query response to a table suitable for script output.
- The message "nexthost: failed to determine route to ..." is now a warning rather than a fatal error. Addresses that are skipped in this way are recorded in the XML output as elements.
- [NSE] Added the script http-drupal-modules, which enumerates the installed Drupal modules using drupal-modules.lst.
- [NSE] Added http-vuln-cve2012-1823.nse, which checks for PHP CGI installations with a remote code execution vulnerability.
- [NSE] Added the script dict-info, which retrieves information from a DICT server, by issuing the SHOW SERVER command.
- [NSE] Added the script gkrellm-info, which displays information retrieved from the GKRellm monitoring service.
- [NSE] Added the script ajp-request, which adds support for creating custom Apache JServer Protocol requests.
- [NSE] Added the script ajp-brute, which enables password brute force auditing against the Apache JServ Protocol service.
- [NSE] Added the script broadcast-tellstick-discover, which discovers Telldus Technologies TellStickNet devices on the LAN.
- [NSE] Added the Apache JServer Protocol (AJP) library and the scripts ajp-methods, ajp-headers and ajp-auth.
- In XML output, elements are now child elements of the they belong to. Old output was thus:
......
New output is:
......
The option --deprecated-xml-osclass restores the old output, in case you use an Nmap XML parser that doesn't understand the new structure. The xmloutputversion has been increased to 1.04.
- Added a new element to XML output that indicates when a target specification was ignored, perhaps because of a syntax error or DNS failure. It looks like this:
- Nmap's development pace has increased because Google (again) sponsored 5 full-time college and graduate student programmer interns this summer as part of their Summer of Code program!
- [NSE] Added the script mmouse-exec that connects to a Mobile Mouse server, starts an application, and sends a sequence of keystrokes to it.
- [NSE] Added the script mmouse-brute that performs brute force password auditing against the Mobile Mouse service.
- [NSE] Added the script cups-queue-info that lists the contents of a remote CUPS printer queue.
- [NSE] Added the script ip-forwarding that detects devices that have IP forwarding enabled (acting as routers).
- [NSE] Added the script samba-vuln-cve-2012-1182 which detects the SAMBA CVE 2012-1182 vulnerability.
- [NSE] Added the script dns-check-zone that checks DNS configuration against best practices including RFC 1912.
- [NSE] Added the http-gitweb-projects-enum that queries a gitweb for a list of Git projects, their authors and descriptions.
- [NSE] targets-sniffer now is capable of sniffing IPv6 addresses.
- [NSE] Added the script traceroute-geolocation that queries geographic locations of each traceroute hop and allows to export the results to KLM, allowing the hops to be plotted on a map.
- [NSE] Added the ipp library and the script cups-info that lists available printers by querying the cups network daemon.
- [NSE] Added the mobilme library and the scripts http-icloud-findmyiphone and http-icloud-sendmsg, that finds the location of iOS devices and provides functionality to send them messages.
- [NSE] Added gps library and the gpsd-info script that collects GPS data from the gpsd daemon.
- [NSE] Ported the pop3-brute script to use the brute library.
- Fixed a compilation problem on Solaris 9 caused by a missing definition of IPV6_V6ONLY.
- Upgraded included libpcap to version 1.2.1.
- [NSE] Added hostmap-robtex.nse by Arturo Busleiman, which finds other domain names sharing the IP address of the target.
- [NSE] Renamed hostmap.nse to hostmap-bfk.nse.
- [NSE] Added http-robtex-shared-ns by Arturo Busleiman, finding domain names that share the same name server as the target.
- [NSE] Added the script http-vlcstreamer-ls which queries the VLC Streamer helper service for a list of files in a given directory.
- [NSE] Added the script targets-ipv6-mld that sends a malformed ICMP6 MLD Query to discover IPv6 enabled hosts on the LAN.
- [NSE] Added script http-virustotal that allows checking files, or hashes of previously scanned files, against the major antivirus engines.
- Setting --min-parallelism by itself no longer forces the maximum parallelism to the same value.
- [NSE] Added an error message indicating script failure, when Nmap is being run in non verbose/debug mode.
- Service-scan information is now included in XML and grepable output even if -sV wasn't used. This information can be set by scripts in the absence of -sV.
- [NSE] Added the script dns-ip6-arpa-scan which uses a very efficient technique to scan the ip6.arpa zone for PTR records.
- Changed XML output to show the "service" element whenever a tunnel is discovered for a port, even if the service behind it was unknown.
- [Zenmap] Fixed a crash that would happen in the profile editor when the script.db file doesn't exist.
- [Zenmap] It is now possible to compare scans having the same name or command line.
- [NSE] Added rdp-vuln-ms12-020.nse by Aleksandar Nikolic. This tests for two Remote Desktop vulnerabilities, including one allowing remote code execution, that were fixed in the MS12-020 advisory.
- Fixed an error that could occur with ICMPv6 probes and -d4 debugging: "Unexpected probespec2ascii type encountered"
- Fixed the routing table loop on OS X so that on-link routes appear. Previously, they were ignored so that things like ARP scan didn't work.
- [NSE] Added new script http-chrono, which measures min, max and average response times of web servers.
- Applied a workaround to make pcap captures work better on Solaris 10. This involves peeking at the pcap buffer to ensure that captures are not being lost. A symptom of behavior before this fix was that, when doing ARP host discovery against two targets, only one would be reported up.
- Added ciphers from RFC 5932 and Fortezza-based ciphers to ssl-enum-ciphers.nse.
- [NSE] Added new script http-drupal-users-enum, which enumerates all available Drupal user accounts by exploiting a vulnerability in the Views module.
- [NSE] Added new script broadcast-ataoe-discover, which discovers ATA over Ethernet capable devices through LAN ethernet broadcasts.
- Fixed a bug that could cause Nsock timers to fire too early. This could happen for the timed probes in IPv6 OS detection, causing an incorrect measurement of the TCP_ISR feature.
- [NSE] Added a stun library and the scripts stun-version and stun-info, which extract version information and the external NAT:ed address.
- [NSE] Added the script duplicates which attempts to determine duplicate hosts by analyzing information collected by other scripts.
- Changed the way timeout calculations are made in the IPv6 OS engine. In rare cases a certain interleaving of probes and responses would result in an assertion failure.