# Nmap Changelog ($Id: CHANGELOG 6676 2008-01-12 22:39:34Z fyodor $); -*-text-*-4.53o Impoved Windows executable installer by making uninstall work better  on systems which changed the default install path.  The shortcut is  also now deleted properly on Vista. [Rob Nicholls]o Windows installer is now generated using NSIS 2.34 rather than  2.13. [Fyodor]o Added UPnP-info NSE script by Thomas Buchanan. It gathers  information from the UPnP service (UDP port 1900) which listens on  many network devices such as routers, printers, and networked media  players.o Fixed a --traceroute bug (assertion failure crash) which occured  when the first hop of the first host in a tracegroup (reference  trace) times out.  Thanks to Sebastián García for the bug report and  testing, and Eddie for the patch.o Fix a problem which prevented proper port number matching in  NSE scripts (port_or_service function) due to a variable  shadowing bug. [Sven Klemm]o Improved rpcinfo.nse to better sort and display available RPC  services. [Sven Klemm]4.52o Fixed Nmap Winpcap installer to use CurrentVersion registry key on  Windows rather than VersionNumber to more reliably detect Vista  machines.  This should prevent the XP version of Packet.dll from  being installed on Vista. [Rob Nicholls]o The Nmap Scripting Engine (NSE) now supports run-time interaction  and the Nmap --host-timeout option. [Doug]o Added nmap.fetchfile() function for scripts so they can easily find  Nmap's nmap-* data files (such as the OS/version detection DBs, port  number mapping, etc.) [Kris]o Updated rpcinfo.nse to use nmap.fetchfile() to read from nmap-rpc  instead of having a huge table of RPC numbers.  This reduced the  script's size by nearly 75%. [Kris]o Fixed multiple NSE scripts that weren't always properly closing their  sockets.  The error message was:  "bad argument #1 to 'close' (nsock expected, got no value)" [Kris]o Added a new version detection probe for the Trend Micro OfficeScan  product line. [Tom Sellers, Doug]4.51BETAo We now have a detailed Zenmap Guide at  http://insecure.org/nmap/zenmapguide/ . Thanks to David for writing  it.o Added rpcinfo.nse script, which contacts a listening RPC portmapper  and reports the listening services and port information (like  rpcinfo -p does).  The script was written by Sven Klemm.  Fyodor  then enhanced the RPC number list with all of the entries from  nmap-rpc.o Added a new NSE script (MySQLinfo) which prints MySQL server information  such as the protocol and version numbers, status, thread id, capabilities,  and password salt. [Kris]o Nmap's output options (-oA, -oX, etc.) now support strftime()-like  conversions in the filename.  %H, %M, %S, %m, %d, %y, and %Y are  all the same as in strftime().  %T is the same as %H%M%S, %R is the  same as %H%M, and %D is the same as %m%d%y.  A % followed by any  other character just yields that character (%% yields a %).  This  means that "-oX 'scan-%T-%D.xml'" uses an XML file in the form of  "scan-144840-121307.xml". [Kris]o Fixed Winpcap installer to install the right version of Packet.dll  on Windows Vista. [Fyodor]o Fixed our Winpcap installer so that it waits for a Winpcap uninstall  (if needed) to complete before trying to install the new Winpcap.  [Jah]o Fix a bunch of warning/error messages which contained an extra  newline. [Brandon Enright]o Fixed an error when attempting to scan localhost as an unprivileged  user on Windows (nmap --unprivileged localhost). The error was:   "Skipping SYN Stealth Scan against localhost (127.0.0.1) because    Windows does not support scanning your own machine (localhost) this    way."  Now connect scan is used instead of SYN scan. [David]o Fixed a bug that prevented the --resume option from working on  Windows. The error message was:  ..\utils.cc(996): CreateFileMapping(), file 'testresume', length 103,  mflags 000 00006: The parameter is incorrect.(87)  [Fixed by David, reported by Rob Nicholls]o Zenmap's new web page (http://insecure.org/nmap/zenmap/) is now  shown in the Zenmap about dialogue.o On Windows, paths beginning with \ are now considered absolute when  used with the --script option. jah (jah(a)zadkiel.plus.com) suggested  this. [David]o Zenmap no longer double-spaces its output (by inadvertently  duplicating newlines) when viewing scan results that were saved to a  file. [Joao Medeiros]o Upgraded the shipped LibPCRE from version 7.2 to 7.4. [Kris]o Fixed Zenmap crash that occurred when selecting Help from the Compare  Results window. [Kris]o Updated robots.nse to prevent printing robots.txt comments. [Kris]o Many version detection match lines were improved to match even when  newlines appear in binary data returned by the service. [Fixed by  Doug, suggested by Lionel Cons]4.50o Bumped up the version number to the big 10th anniversary 4.50release!  See http://insecure.org/stf/Nmap-4.50-Release.html .4.49RC7o A Zenmap crash was fixed. Scanning once, then scanning another target  on the same scan tab caused an ImportError ("list index out of range")  in zenmapGUI/ScanNotebook.py. Joao Medeiros reported the  bug. [David]o Updated a couple of version detection signatures due to problem  reports by Lionel Cons. [Doug]4.49RC6o NSE scripts can now be specified by absolute path to the --script  option.  This was supposed to work before, but didn't. [David]o Insert a path separator in returned paths in init_scandir on  Windows.  Otherwise options such as "--scripts=scripts" (where  scripts is a directory) were failing with error messages about being  unable to access things like "C:\Nmap\scriptsanonFTP.nse" (should be  "C:\Nmap\scripts\anonFTP.nse"). [David]o Add some "local" declarations to xamppDefaultPass.nse to avoid  errors like: "SCRIPT ENGINE: [string "Global Access"]:1: Attempted  to change the global 'socket' ..." [David]o NSE "shortports" function now by default matches ports in the  "open|filtered" state as well as "open" ones. [Diman]o Nsock msevent_new and msevent_delete calls fixed to handle NULL I/O  descriptors.  This should fix a reported bus error crash. [Diman]o Prevent old bit.dll and pcre.dll files from being installed in  nselib directory by Windows executable installer.  Bit.dll is still  installed in nselib-bin where it belongs.  Thanks to Rob Nicholls for  reporting the problem. [Fyodor]4.49RC5o Don't install the orphaned and incomplete Zenmap HTML documentation.  Instead point to the Nmap documentation site, which is provides more  comprehensive and up-to-date Nmap docs.  We're rapidly improving the  online Zenmap docs as well.  Of course the Nmap and (new!) Zenmap  man pages are still installed on Unix. [Fyodor]o Fix mswin32/Makefile so that the new nselib-bin directory is  properly included in the Nmap win32 zipfile distribution.  Thanks  to Rob Nicholls for reporting the problem. [Fyodor]o Fix host reason reported when the target is found to be "down" due  to no response. Nmap now reports "no-response" rather than  "unknown-reason" [Kris]4.49RC4o David did a huge OS fingerprint integration marathon, going through  all of your submissions (more than 1600) since August 20.  The 2nd  generation database has grown more than 30% to 1,085 entries!  Many  of the existing fingerprints were improved as well.  Notable new or  greatly improved entries include the iPhone, iPod Touch, Mac OS X  Leopard FreeBSD 7.0, Linux 2.6.23, Nokia cell phones (E61, E65, E70,  E90, N95), and OpenBSD 4.2.  Of course there were all manner of new  printers, cable/DSL routers, switches, enterprise routers, IP  phones, cell phones and a heap of obscure equipment such as the  BeaconMedaes medical gas alarm.  Windows Vista fingerprints were  also improved significantly.  Please keep those OS fingerprint  submissions and corrections coming!o Doug integrated all of your version detection fingerprints and  corrections since October 4.  The DB now has an incredible 4,542  signatures for 449 service protocols.  The service protocols with  the most signatures are http (1,473), telnet (459), ftp (423), smtp  (327), pop3 (188), http-proxy (111), ssh (104), imap (103), irc (46)  and nntp (44).o Included the netbios-smb-os-discovery.nse script which uses NetBIOS  and SMB queries to guess OS version.  This script was written by  Judy Novak and contributed by Sourcefire.o Canonicalized the interface type numbers used internally by  libdnet. Also Libdnet now recognizes devices with type  INTF_TYPE_IEEE80211 as Ethernet devices.  This ought to make  wireless network scanning work on Windows Vista. For more background  see http://seclists.org/nmap-dev/2007/q4/0391.html. [David]o Documented the "--script all" option in the man page and NSE  article.  This option executes all scripts in the NSE database  regardless of category. [Fyodor]o NSE scripts can now be specified by name without the .nse  extension.  So instead of using "--script  bruteTelnet.nse,HTTPpasswd.nse,SQLInject.nse,robots.nse", you can  just pass "--script bruteTelnet,HTTPpasswd,SQLInject,robots". [Kris]o Removed some auto-generated files from the new nselib-bin directory  as they could cause compatibility problems. Also updated  mswin32/Makefile to reflect the new nselib-bin DLL location [David]o ripeQuery.nse was updated to avoid printing some useless  information. [Kris]o Compatibility with systems that have the pcre.h header file in its  own pcre directory should now be fixed for real. [Fyodor]o Enhanced the radmind service detection signature and added a  deprecated radmind port to nmap-services. [Matt Selsky]o Zenmap now gives better errors to stdout when it can't even pop up a  dialog box (such as when PyGTK can't be loaded). [David]o Fixed a Zenmap crash which occurred on Mac OS X and possibly other  platforms.  The error message aid: "object of type  'ScanHostDetailsPage' has no len()". [David]o Fixed a crash which occurred when an NSE script called  set_port_version() at times that version scanning was not  enabled. [Diman]o Fixed the NSIS installer so that it does not include some excess  files (mswin32/* and .svn).  Thanks to Alan Jones for reporting the  problem. [Fyodor]o Renamed some Zenmap Python packages to allow Zenmap and Umit to be  installed at the same time. [David]o Updated nmap-mac-prefixes with the latest IEEE data.  Also added  back Cooperative Linux virtual NIC which was inadvertently removed in  a previous release. [Fyodor]4.23RC3o Zenmap now has a man page!  It isn't very long yet, but covers the  basics.  Thanks to David for writing this.o A new NSE script, promiscuous.nse, scans devices on a local network  looking for sniffers (devices running in promiscuous mode).  This  script is from Marek Majkowski and is the first to use the NSE pcap  extension system (which he also wrote).  The script is only in the  discovery category for now so it does not run by default.  Specify  it by name for now.  We may make it default after the upcoming  stable release.o Nmap can now handle IP aliases on Windows.  A given device such as  eth0 might have several IP addresses.  Nmap will use the primary  address, so you need to use -S if you want to specify a different  one. [David]o An exception (rather than luaL_argerror) is now thrown when an SSL  connection is attempted but OpenSSL isn't available. [David]o There is now an nmap.have_ssl NSE function so you can avoid doing  NSE probes when SSL isn't available. [David]o Zenmap gives clearer error messages when an import error occurs or  Zenmap's dump files aren't found. [David]o Zenmap now looks for its data files relative to the directory of the  zenmap script to allow running from the build/svn directory. [David]o NSE C modules are now installed into an nselib-bin directory.  This  was needed to make the dns-test-open-recursion and zoneTrans NSE  scripts work properly, since they use the NSE bit library  (bit.so). [Diman, Fyodor]o Axillary autoconf scripts such as config.guess, config.sub,  depcomp, install-sh, and ltmain.sh were deleted from Nmap  subdirectories because configure is smart enough to use the ones from  the parent directory.  This decreases the Nmap source tarball and svn  checkout sizes. [David]o Nmap now compiles on systems which have the libPCRE include file in  pcre/pcre.h rather than just pcre.h.  Thanks to Lionel Cons for the  report. [Fyodor]