diff --git a/CHANGELOG b/CHANGELOG index 9aafd6659f..1de0f11bbc 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,20 +1,41 @@ # Nmap Changelog ($Id$) -UNRELEASED +o Fixed a problem with the -S and option on Windows reporting "Failed + to resolve/decode supposed IPv4 source address". The -D (decoy) + option was probably broken on that platform too. Thanks to kx + (kxmail(a)gmail.com) for reporting the problem and tracking down a + potential solution. -o Wrote a new man page from scratch. It is much more comprehensive - (more than twice as long) and (IMHO) better organized than the - previous one. Read it online at http://www.insecure.org/nmap/man/ - or docs/nmap.1 from the Nmap distribution. Let me know if you have - any ideas for improving it. I am also looking for translations. If - you are interested in translating to a language not already found at - http://www.insecure.org/nmap/nmap_documentation.html , please mail - Fyodor for the DocBook XML source to translate. +o Applied some trivial fixes so that Nmap compiles with Visual C++ + 2005 Express, which is free from Microsoft at + http://msdn.microsoft.com/vstudio/express/visualc/ . Thanks to kx + (kxmail(a)gmail.com) and Sina Bahram (sbahram(a)nc.rr.com) o Removed foreign translations of the old man page from the distribution. Included the following contributed translations (nroff format) of the new man page: Brazilian Portuguese by Lucien Raven (lucienraven(a)yahoo.com.br) + Portuguese (Portugal) by José Domingos (jd_pt(a)yahoo.com) and + Andreia Gaita (shana.ufie(a)gmail.com). + +o Modified libdnet-stripped/src/eth-bsd.c to allow for up to 128 bpf + devices rather than 32. This prevents errors like "Failed to open + ethernet interface (fxp0)" when there are more than 32 interface + aliases. Thanks to Krok (krok(a)void.ru) for reporting the problem + and even sending a patch. + +o Added --thc option (undocumented) + +o A fix to libpcre/pcre.h that should help compilation on Visual + Studio Express. Thanks to kx (kxmail(a)gmail.com) for reporting the problem. + +3.94ALPHA1 + +o Wrote a new man page from scratch. It is much more comprehensive + (more than twice as long) and (IMHO) better organized than the + previous one. Read it online at http://www.insecure.org/nmap/man/ + or docs/nmap.1 from the Nmap distribution. Let me know if you have + any ideas for improving it. o Wrote a new "help screen", which you get when running Nmap without arguments. It is also reproduced in the man page and at @@ -22,11 +43,22 @@ o Wrote a new "help screen", which you get when running Nmap without to fit it within a 25-line, 80-column terminal window. It is now 78 lines and summarizes all but the most obscure Nmap options. +o Version detection softmatches (when Nmap determines the service + protocol such as smtp but isn't able to determine the app name such as + Postfix) can now parse out the normal match line fields such as + hostname, device type, and extra info. For example, we may not know + what vendor created an sshd, but we can still parse out the protocol + number. This was a patch from Doug Hoyte (doug(a)hcsw.org). + o Fixed a problem which caused UDP version scanning to fail to print the matched service. Thanks to Martin Macok (martin.macok(a)underground.cz) for reporting the problem and Doug Hoyte (doug(a)hcsw.org) for fixing it. +o Made the version detection "ports" directive (in + nmap-service-probes) more comprehensive. This should speed up scans a + bit. The patch was done by Doug Hoyte (doug(a)hcsw.org). + o Added the --webxml option, which does the same thing as --stylesheet http://www.insecure.org/nmap/data/nmap.xsl , without requiring you to remember the exact URL or type that whole thing. @@ -37,18 +69,11 @@ o Fixed a crash occured when the --exclude option was used with Greg Darke (starstuff(a)optusnet.com.au) for sending a patch (I modified the patch a bit to make it more efficient). -o Fixed (I hope) a problem with the -S and -e options (spoof/set +o Fixed a problem with the -S and -e options (spoof/set source address, and set interface by name, respectively). The problem report and a partial patch were sent by Richard Birkett (richard(a)musicbox.net). -o Version detection softmatches (when Nmap determines the service - protocol such as smtp but isn't able to determine the app name such as - Postfix) can now parse out the normal match line fields such as - hostname, device type, and extra info. For example, we may not know - what vendor created an sshd, but we can still parse out the protocol - number. This was a patch from Doug Hoyte (doug(a)hcsw.org). - o Fixed a possible aliasing problem in tcpip.cc by applying a patch sent in by Gwenole Beauchesne (gbeauchesne(a)mandriva.com). This problem shouldn't have had any effect on users since we already include the @@ -71,10 +96,6 @@ o Removed Identd scan support from NmapFE since Nmap no longer supports it. Thanks to Jonathan Dieter (jdieter99(a)gmx.net) for the patch. -o Made the version detection "ports" directive (in - nmap-service-probes) more comprehensive. This should speed up scans a - bit. The patch was done by Doug Hoyte (doug(a)hcsw.org). - o Integrated all of the September version detection fingerprint submissions. This was done by Version Detection Czar Doug Hoyte (doug(a)hcsw.org) and resulted in 86 new match lines. Please keep diff --git a/docs/nmap.1 b/docs/nmap.1 index aee0d5e899..5ec85a03f1 100644 --- a/docs/nmap.1 +++ b/docs/nmap.1 @@ -2,7 +2,7 @@ .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). .\" Instead of manually editing it, you probably should edit the DocBook XML .\" source for it and then use the DocBook XSL Stylesheets to regenerate it. -.TH "NMAP" "1" "11/27/2005" "" "Nmap Reference Guide" +.TH "NMAP" "1" "11/29/2005" "" "Nmap Reference Guide" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) @@ -128,7 +128,7 @@ OS DETECTION: \-\-osscan_limit: Limit OS detection to promising targets \-\-osscan_guess: Guess OS more aggressively TIMING AND PERFORMANCE: - \-T[0\-6]: Set timing template (higher is faster) + \-T[0\-5]: Set timing template (higher is faster) \-\-min_hostgroup/max_hostgroup : Parallel host scan group sizes \-\-min_parallelism/max_parallelism : Probe parallelization \-\-min_rtt_timeout/max_rtt_timeout/initial_rtt_timeout : Specifies @@ -155,6 +155,7 @@ OUTPUT: \-\-append_output: Append to rather than clobber specified output files \-\-resume : Resume an aborted scan \-\-stylesheet : XSL stylesheet to transform XML output to HTML + \-\-webxml: Reference stylesheet from Insecure.Org for more portable XML \-\-no_stylesheet: Prevent associating of XSL stylesheet w/XML output MISC: \-6: Enable IPv6 scanning diff --git a/docs/nmap.usage.txt b/docs/nmap.usage.txt index df56b4da8a..4f58efd5c6 100644 --- a/docs/nmap.usage.txt +++ b/docs/nmap.usage.txt @@ -1,4 +1,4 @@ -Nmap 3.94 ( http://www.insecure.org/nmap/ ) +Nmap 3.94ALPHA2 ( http://www.insecure.org/nmap/ ) Usage: nmap [Scan Type(s)] [Options] {target specification} TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. diff --git a/libdnet-stripped/NMAP_MODIFICATIONS b/libdnet-stripped/NMAP_MODIFICATIONS index 0cd8870519..c69e10e865 100644 --- a/libdnet-stripped/NMAP_MODIFICATIONS +++ b/libdnet-stripped/NMAP_MODIFICATIONS @@ -41,6 +41,20 @@ o Added intf_get_pcap_devname() function for Win32. This tries to down side is that it won't work with interfaces that don't have an IPv4 address configured. +o Increase the number of available bpf devices from 32 to 128. Patch: +--- eth-bsd.c (revision 2774) ++++ eth-bsd.c (working copy) +@@ -45,7 +45,7 @@ + int i; + + if ((e = calloc(1, sizeof(*e))) != NULL) { +- for (i = 0; i < 32; i++) { ++ for (i = 0; i < 128; i++) { + snprintf(file, sizeof(file), "/dev/bpf%d", i); + e->fd = open(file, O_WRONLY); + if (e->fd != -1 || errno != EBUSY) + + o Made some code changes to intf.c (the patch below). This does the following: o Preserve the alias qualifier from interface name in more cases @@ -150,3 +164,6 @@ diff -Nruw old/src/intf.c nmap-3.83.new/src/intf.c if (_intf_get_noalias(intf, entry) < 0) return (-1); if (_intf_get_aliases(intf, entry) < 0) + + + diff --git a/libdnet-stripped/src/eth-bsd.c b/libdnet-stripped/src/eth-bsd.c index f57882c1dd..d453852080 100644 --- a/libdnet-stripped/src/eth-bsd.c +++ b/libdnet-stripped/src/eth-bsd.c @@ -45,7 +45,7 @@ eth_open(const char *device) int i; if ((e = calloc(1, sizeof(*e))) != NULL) { - for (i = 0; i < 32; i++) { + for (i = 0; i < 128; i++) { snprintf(file, sizeof(file), "/dev/bpf%d", i); e->fd = open(file, O_WRONLY); if (e->fd != -1 || errno != EBUSY) diff --git a/libpcre/NMAP_MODIFICATIONS b/libpcre/NMAP_MODIFICATIONS index 81783620a9..2d2269e583 100644 --- a/libpcre/NMAP_MODIFICATIONS +++ b/libpcre/NMAP_MODIFICATIONS @@ -42,3 +42,28 @@ o Removed COPYING file as there is already a LICENSE file with exactly o Removed pcre_ucp_findchar.c and ucptable.c o Added this NMAP_MODIFICATIONS file + +o Remove some junk that deals with dynamic linking of pcre: +--- pcre.h (revision 2947) ++++ pcre.h (working copy) +@@ -47,19 +47,8 @@ + #define PCRE_DATE 15-Aug-2005 + + /* Win32 uses DLL by default; it needs special stuff for exported functions. */ ++/* Removed some defines here as I always compile staticly */ + +-#ifdef _WIN32 +-# ifdef PCRE_DEFINITION +-# ifdef DLL_EXPORT +-# define PCRE_DATA_SCOPE __declspec(dllexport) +-# endif +-# else +-# ifndef PCRE_STATIC +-# define PCRE_DATA_SCOPE extern __declspec(dllimport) +-# endif +-# endif +-#endif +- + /* For other operating systems, we use the standard "extern". */ + + #ifndef PCRE_DATA_SCOPE diff --git a/libpcre/pcre.h b/libpcre/pcre.h index b2596a83d0..2f79a8ee9f 100644 --- a/libpcre/pcre.h +++ b/libpcre/pcre.h @@ -47,18 +47,7 @@ make changes to pcre.in. */ #define PCRE_DATE 15-Aug-2005 /* Win32 uses DLL by default; it needs special stuff for exported functions. */ - -#ifdef _WIN32 -# ifdef PCRE_DEFINITION -# ifdef DLL_EXPORT -# define PCRE_DATA_SCOPE __declspec(dllexport) -# endif -# else -# ifndef PCRE_STATIC -# define PCRE_DATA_SCOPE extern __declspec(dllimport) -# endif -# endif -#endif +/* Removed some defines here as I always compile staticly */ /* For other operating systems, we use the standard "extern". */ diff --git a/libpcre/pcre_winconfig.h b/libpcre/pcre_winconfig.h index 7917bb7054..c4e14a43f8 100644 --- a/libpcre/pcre_winconfig.h +++ b/libpcre/pcre_winconfig.h @@ -1,5 +1,4 @@ #define EXPORT - #define HAVE_STRERROR 1 #define HAVE_MEMMOVE 1 diff --git a/mswin32/winfix.cc b/mswin32/winfix.cc index c4ebcd041c..7ce1b9d2b5 100644 --- a/mswin32/winfix.cc +++ b/mswin32/winfix.cc @@ -132,6 +132,23 @@ int pcap_avail = 0; static void win_cleanup(void); static char pcaplist[4096]; +/* The code that has no preconditions to being called, so it can be + executed before even Nmap options parsing (so o.debugging and the + like don't need to be used. Its main function is to do + WSAStartup() as some of the option parsing code does DNS + resolution */ +void win_pre_init() { + WORD werd; + WSADATA data; + + werd = MAKEWORD( 2, 2 ); + if( (WSAStartup(werd, &data)) !=0 ) + fatal("failed to start winsock.\n"); +} + +/* Requires that win_pre_init() has already been called, also that + options processing has been done so that o.debugging is + available */ void win_init() { // variables @@ -141,12 +158,7 @@ void win_init() PMIB_IPADDRTABLE pIp = 0; int i; int numipsleft; - WORD werd; - WSADATA data; - werd = MAKEWORD( 2, 2 ); - if( (WSAStartup(werd, &data)) !=0 ) - fatal("failed to start winsock.\n"); ver.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX); if(!GetVersionEx((LPOSVERSIONINFO)&ver)) diff --git a/mswin32/winfix.h b/mswin32/winfix.h index 4f6578be71..f69969f386 100644 --- a/mswin32/winfix.h +++ b/mswin32/winfix.h @@ -19,6 +19,16 @@ #include /* (exported) functions */ +/* The code that has no preconditions to being called, so it can be + executed before even Nmap options parsing (so o.debugging and the + like don't need to be used. Its main function is to do + WSAStartup() as some of the option parsing code does DNS + resolution */ +EXTERNC void win_pre_init(); + +/* Requires that win_pre_init() has already been called, also that + options processing has been done so that o.debugging is + available */ EXTERNC void win_init(); EXTERNC void win_barf(const char *msg); #endif diff --git a/nmap.spec.in b/nmap.spec.in index b9aafda0c8..dcce39d9de 100644 --- a/nmap.spec.in +++ b/nmap.spec.in @@ -86,12 +86,8 @@ gzip $RPM_BUILD_ROOT%{prefix}/share/man/man1/* || : %files %defattr(-,root,root) %doc COPYING -%doc docs/README docs/nmap-fingerprinting-article.txt -%doc docs/nmap.deprecated.txt docs/nmap.usage.txt docs/nmap_doc.html -%doc docs/nmap_manpage.html docs/nmap_manpage-es.html -%doc docs/nmap_manpage-fr.html docs/nmap_manpage-lt.html -%doc docs/nmap_manpage-it.html -%doc docs/nmap_manpage-ru.html +%doc docs/README +%doc docs/nmap.usage.txt %{prefix}/bin/nmap %{prefix}/share/nmap %{prefix}/share/man/man1/nmap.1.gz diff --git a/nmap_winconfig.h b/nmap_winconfig.h index b59455889d..3eb953f392 100644 --- a/nmap_winconfig.h +++ b/nmap_winconfig.h @@ -104,7 +104,7 @@ #ifndef NMAP_WINCONFIG_H #define NMAP_WINCONFIG_H -#define NMAP_VERSION "3.93" +#define NMAP_VERSION "3.94ALPHA2" #define NMAP_NAME "Nmap" #define NMAP_URL "http://www.insecure.org/nmap" #define NMAP_PLATFORM "i686-pc-windows-windows" diff --git a/output.cc b/output.cc index 673b3cd77e..2f17a8acc9 100644 --- a/output.cc +++ b/output.cc @@ -1392,7 +1392,8 @@ void printfinaloutput(int numhosts_scanned, int numhosts_up, if (numhosts_scanned == 0) fprintf(stderr, "WARNING: No targets were specified, so 0 hosts scanned.\n"); - if (numhosts_scanned == 1 && numhosts_up == 0 && !o.listscan) + if (numhosts_scanned == 1 && numhosts_up == 0 && !o.listscan && + o.pingtype != PINGTYPE_NONE) log_write(LOG_STDOUT, "Note: Host seems down. If it is really up, but blocking our ping probes, try -P0\n"); /* log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"\n"); */ log_write(LOG_STDOUT|LOG_SKID, "Nmap finished: %d %s (%d %s up) scanned in %.3f seconds\n", numhosts_scanned, (numhosts_scanned == 1)? "IP address" : "IP addresses", numhosts_up, (numhosts_up == 1)? "host" : "hosts", o.TimeSinceStartMS(&tv) / 1000.0);