Nmap 4.21ALPHA1 -- Nmap Scripting Engine integrated

[Fyodor <fyodor () insecure org>]

Hi Everyone,

You might have thought there would be a break in Nmap development due
to the big 4.20 release on Friday and the upcoming holidays.  No way!
I'm happy to announce Nmap 4.21ALPHA1.  This includes the Nmap
Scripting Engine that Diman and I have been working on for more than
six months now.  I'm quite excited about the capabilities this
enables.  There aren't many scripts yet (22 at the moment), but we're
working on that.  And contributions are welcome (that is how we got
many of the scripts we do have so far).

Don't forget to read the NSE docs, which are available at
http://insecure.org/nmap/nse/

Here is an example of usage (including the demo scripts for more output):

flog~#nmap -sV --script demo,safe,intrusive -T4 scanme.nmap.org

Starting Nmap 4.21ALPHA1 ( http://insecure.org ) at 2006-12-10 18:14 PST
Interesting ports on scanme.nmap.org (205.217.153.62):
Not shown: 1692 filtered ports
PORT    STATE  SERVICE VERSION
22/tcp  open   ssh     OpenSSH 4.3 (protocol 2.0)
|_ Stealth SSH version: SSH-2.0-OpenSSH_4.3
53/tcp  open   domain
70/tcp  closed gopher
80/tcp  open   http    Apache httpd 2.2.2 ((Fedora))
|_ HTML title: Authentication required!
113/tcp closed auth

Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .
Nmap finished: 1 IP address (1 host up) scanned in 100.030 seconds

While it seems to generally be working well, don't consider the
current behavior a "done deal" where we're only looking to fix bugs.
We're hoping to get your input on things like what categories we
should use, what sort of standard NSE library functions are needed,
what API changes would make script writing easier or more powerful,
etc.

You can find the goods at:

http://download.insecure.org/nmap/dist/nmap-4.21ALPHA1.tar.bz2
http://download.insecure.org/nmap/dist/nmap-4.21ALPHA1-setup.exe
http://download.insecure.org/nmap/dist/nmap-4.21ALPHA1-win32.zip
http://download.insecure.org/nmap/dist/nmap-4.21ALPHA1-1.src.rpm
http://download.insecure.org/nmap/dist/nmap-4.21ALPHA1-1.i386.rpm
http://download.insecure.org/nmap/dist/nmap-frontend-4.21ALPHA1-1.i386.rpm
http://download.insecure.org/nmap/dist/nmap-4.21ALPHA1-1.x86_64.rpm
http://download.insecure.org/nmap/dist/nmap-frontend-4.21ALPHA1-1.x86_64.rpm
http://download.insecure.org/nmap/dist/nmap-4.21ALPHA1.tgz

One impressive aspect is that this whole new subsystem, including the
LUA interpreter and 22 scripts adds less than 150K to the bzipped
tarball size:

-rw-r--r-- 1 fyodor fyodor 2156077 Dec  7 19:37 nmap-4.20.tar.bz2
-rw-r--r-- 1 fyodor fyodor 2303455 Dec 10 17:51 nmap-4.21ALPHA1.tar.bz2

In other news, the 4.20 release went quite well!  No major problems
have been found, and the OS detection submissions are flooding in.  So
I'll probably do another OS fingerprint submission integration
marathon in the next week.

Please report any problems you find to nmap-dev.  I've tested this on
Windows and Linux, but not extensively.  It is called "ALPHA1" for a
reason :).

Cheers,
-F


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org