RE: nmap still broke

["Rob Nicholls" <robert () everythingeverything co uk>]

Mike,

This sounds like a problem with Microsoft's Visual C++ 2008 runtime
components. Did you install vcredist_x86.exe separately? Did the installer
say it installed successfully, or did it display any errors? The file is
included with the ZIP, and step 5 of the installation notes at
http://nmap.org/book/inst-windows.html states:

Due to the way Nmap is compiled, it requires the Microsoft Visual C++ 2008
Redistributable Package of runtime components. Many systems already have
this installed from other packages, but you should run vcredist_x86.exe from
the zip file just in case you need it.

I believe all Nmap releases built using Visual C++ 2008 have included an
embedded manifest. If a manifest is present in the application but a
required Visual C++ library is not installed in the WinSxS folder, the
following run-time error messages are mentioned at
http://msdn.microsoft.com/en-us/library/ms235299.aspx:

 - The application failed to initialize properly (0xc0000135). 

 - This application has failed to start because the application
configuration is incorrect. Reinstalling application may fix this problem. 

 - The system cannot execute the specified program. 

Microsoft's advice when these messages are encountered is:

To resolve these errors, you must make sure that your application is built
correctly and Visual C++ libraries are correctly deployed on the target
system. To identify the root cause of these run-time errors, follow the
steps outlined in Troubleshooting C/C++ Isolated Applications and
Side-by-side Assemblies
(http://msdn.microsoft.com/en-us/library/ms235342.aspx).

Are you able to reproduce the problem on other Windows XP machines, or does
it only affect your computer? If the Visual C++ 2008 runtimes installed
okay, perhaps a third party application you have installed is somehow
interfering with Nmap's execution.


Rob


> -----Original Message-----
> From: mike [mailto:dmciscobgp () hotmail com]
> Sent: 07 September 2008 09:41
> To: nmap-dev () insecure org
> Subject: nmap still broke
>
>
> hello all
>
> i just ran the new nmap on a windows XP box with SP2. a simple unzip to
> a folder, i cd to it, i go to run the EXE and this is what i get as a
> nice lovely little pop up app window:
>
> this application has failed to start because the application
> configuration is incorrect. reinstalling the application may fix this
> problem
>
>
> that is ALL i get. i cannot set any debug flags because it will not
> initate the program space WHATSOEVER!
>
> what i find amazing about this, this error is the same one i got last
> time ever since the nmap package became associated with that
> "vcredist_x86.exe". all of my other nmap standalones i have tested work
> perfectly fine, so something sure broke in whatever new things you
> added. my windows does not like it at all!
>
> in the meantime, i happily use 4.62 and just copy over any new service
> probes/LUA code and scripts to the older nmaps and they run fine. would
> love to be with everyone else and run the latest and greatest but it
> seems i am running into a wall
>
> thanks
> Mike
> > From: nmap-dev-request () insecure org> Subject: nmap-dev Digest, Vol
> 42, Issue 17> To: nmap-dev () insecure org> Date: Sun, 7 Sep 2008 01:18:45
> -0700> > Send nmap-dev mailing list submissions to> nmap-
> dev () insecure org> > To subscribe or unsubscribe via the World Wide Web,
> visit> http://cgi.insecure.org/mailman/listinfo/nmap-dev> or, via
> email, send a message with subject or body 'help' to> nmap-dev-
> request () insecure org> > You can reach the person managing the list at>
> nmap-dev-owner () insecure org> > When replying, please edit your Subject
> line so it is more specific> than "Re: Contents of nmap-dev digest...">
> > > Today's Topics:> > 1. Re: a bug report maybe (David Fifield)> 2.
> [NSE][PATCH] dns.lua timeout based on nmap.timing_level() (jah)> 3. 24-
> Hour Beta: Nmap 4.69BETA1 (Fyodor)> 4. Re: Zenmap error: Char offset 64
> is off the end of the line> (David Fifield)> > > ----------------------
> ------------------------------------------------> > Message: 1> Date:
> Sat, 6 Sep 2008 22:07:18
>   -0600> From: David Fifield <david () bamsoftware com>> Subject: Re: a
> bug report maybe> To: nmap-dev () insecure org> Message-ID:
> <20080907040717.GA2458@gusto>> Content-Type: text/plain; charset=us-
> ascii> > On Sun, Sep 07, 2008 at 05:52:37AM +0300, maj-britt lukkarinen
> wrote:> > dunno if this is of use but...> > windows vista home basic> >
> zonealarm security suite 8.0.0.2> > spybot 1.6 whit newest includes> >>
> > and toni arts easy cleaner wich i suspect caused this.> >> > Original
> exception was:> > Traceback (most recent call last):> > File "zenmap",
> line 156, in <module>> > File "zenmapGUI\App.pyo", line 99, in run> >
> File "zenmapGUI\App.pyo", line 127, in __run_gui> > File
> "zenmapGUI\App.pyo", line 54, in __create_show_main_window> > File
> "zenmapGUI\MainWindow.pyo", line 45, in <module>> > File
> "zenmapGUI\SearchWindow.pyo", line 24, in <module>> > File
> "zenmapGUI\SearchGUI.pyo", line 52, in <module>> > File
> "zenmapGUI\ServiceCombo.pyo", line 25, in <module>> > File "zenmapCore\
>  ServiceList.pyo", line 24, in <module>> > File
> "zenmapCore\ServicesDump.pyo", line 24, in <module>> > File
> "zenmapCore\GetConfigFile.pyo", line 31, in get_config_file> > File
> "zenmapCore\Paths.pyo", line 226, in __getattr__> > File
> "zenmapCore\Paths.pyo", line 301, in return_if_exists> > Exception:
> File 'C:\Program > > Files\Nmap\zenmap\share\zenmap\misc\services.dmp'
> does not exist or > > could not be found!> > Thanks for your report.
> Yes the services.dmp file is required by Zenmap> 4.68, and it must have
> gotten deleted somehow. Zenmap no longer requires> that file since its
> search interface was overhauled, so it won't be> necessary in the next
> version.> > David Fifield> > > ------------------------------> >
> Message: 2> Date: Sun, 07 Sep 2008 05:40:04 +0100> From: jah
> <jah () zadkiel plus com>> Subject: [NSE][PATCH] dns.lua timeout based on
> nmap.timing_level()> To: nmap-dev <nmap-dev () insecure org>> Message-ID:
> <48C35B24.6080209 () zadkiel plus com>> Content-Type: text/plain; char
>  set="iso-8859-1"> > Hi,> > The attached changes the socket timeout
> used in dns.sendPackets which is> currently a very long 10 seconds to
> use values based on nmap timing> templates. The times used would be 10
> seconds for T0, 7s, 5s, 3s and 2s> for T4 and T5.> It also adds the
> ability to specify timeout in the options table passed> to
> dns.query().> > Regards,> > jah> > -------------- next part -----------
> ---> A non-text attachment was scrubbed...> Name: dns.lua.patch> Type:
> text/x-patch> Size: 1432 bytes> Desc: not available> URL:
> <http://cgi.insecure.org/mailman/private/nmap-
> dev/attachments/20080907/97d01e28/attachment.bin>> > ------------------
> ------------> > Message: 3> Date: Sun, 7 Sep 2008 01:15:08 -0700> From:
> Fyodor <fyodor () insecure org>> Subject: 24-Hour Beta: Nmap 4.69BETA1>
> To: nmap-dev () insecure org> Message-ID:
> <20080907081508.GD9783 () syn lnxnet net>> Content-Type: text/plain;
> charset=us-ascii> > Hi Folks! I've built the new release (after more
> than 2 months since> t
>  he last one), and this one is a whopper! Remember that we had those> 6
> SoC students during much of the period coding up a storm! And of>
> course people like David and Jah and Sven and others were too. I'd>
> like to thank David for staying up late with me to fix some> last-
> minute bugs and do the Mac builds.> > You may recall that I was amazed
> that the 4.68 CHANGELOG had 42> significant changes. Well, this one has
> 91! And some of them are> whoppers. For example:> > o The new Zenmap
> Scan Topology (Radialnet) system. See> http://nmap.org/book/zenmap-
> topology.html> > o Zenmap Scan Aggregation> > o All the changes allowed
> by port frequency data, including redefining> the default scan ports
> and -F features.> > o Tons of new NSE scripts and libraries, and
> improvements to the> existing ones.> > o Windows 2000 works again> > o
> Bunches of new OS detection fingerprints, including passing the 1500>
> fingerprint mark in nmap-os-db.> > o And lots more!> > So instead of
> just releasing this as
>  4.70, I want to give you guys on> nmap-dev a quick chance to run it
> through its paces and make sure> there are no showstopper problems. So
> I'm hoping that if some of you> have some free time on Sunday, you'll
> do that! Be sure to report any> issues found to nmap-dev. With a patch,
> if possible, but bug reports> are useful on their own too! Then I hope
> to build the stable release> early in the week (maybe on Monday).> > So
> please test Nmap 4.69BETA1 out! Here are the goods in the usual>
> formats:> > http://nmap.org/dist/nmap-4.69BETA1.tar.bz2>
> http://nmap.org/dist/nmap-4.69BETA1.tgz> http://nmap.org/dist/nmap-
> 4.69BETA1-setup.exe> http://nmap.org/dist/nmap-4.69BETA1-win32.zip>
> http://nmap.org/dist/nmap-4.69BETA1.dmg> http://nmap.org/dist/nmap-
> 4.69BETA1-1.i386.rpm> http://nmap.org/dist/nmap-4.69BETA1-1.x86_64.rpm>
> http://nmap.org/dist/zenmap-4.69BETA1-1.noarch.rpm>
> http://nmap.org/dist/nmap-4.69BETA1-1.src.rpm> > Please note that the
> feature freeze is still on until the stable> re
>  lease. I only want important 4.69BETA1 bug fixes checked in until>
> then.> > Here is the giant list of changes:> > o [Zenmap] Added a new
> Scan Topology system. The idea is that if we> are going to call Nmap
> the "Network Mapper", it should at least be> able to draw you a map of
> the network! And that is what this new> system does. It was achieved by
> integrating the RadialNet Nmap> visualization tool
> (http://www.dca.ufrn.br/~joaomedeiros/radialnet),> into Zenmap. Joao
> Medeiros has been developing RadialNet for more> than a year. For
> details, complete with some of the most beautiful> Zenmap screen shots
> ever, visit> http://nmap.org/book/zenmap-topology.html. The integration
> work was> done by SoC student Vladimir Mitrovic and his mentor David
> Fifield.> > o [Zenmap] Another exciting new Zenmap feature is Scan
> Aggregation.> This allows you to visualize and analyze the results of
> multiple> scans at once, as if they were from one Nmap execution. So
> you might> scan one network, analyze
>   the results a bit, then scan some of the> machines more intensely or
> add a completely new subnet to the> scan. The new results are
> seamlessly added to the old, as described> at
> http://nmap.org/book/zenmap-scanning.html#aggregation. [David,>
> Vladimir]> > o Expanded nmap-services to include information on how
> frequently each> port number is found open. The results were generated
> by scanning> tens of millions of IPs on the Internet this Summer, and
> augmented> with internal network data contributed by some large>
> organizations. [Fyodor]> > o Nmap now scans the most common 1,000 ports
> by default in either> protocol (UDP scan is still optional). This is a
> decrease from> 1,715 TCP ports and 1,488 UDP ports in Nmap 4.68. So
> Nmap is faster> by default and, since the port selection is better
> thanks to the> port frequency data, it often finds more open ports as>
> well. [Fyodor]> > o Nmap fast scan (-F) now scans the top 100 ports by
> default in either> protocol. This is a decrease from
>  1,276 (TCP) and 1,017 (UDP) in> Nmap 4.68. Port scanning time with -F
> is generally an order of> magnitude faster than before, making -F
> worthy of its "fast scan"> moniker. [Fyodor]> > o The --top-ports
> option lets you specify the number of ports you wish> to scan in each
> protocol, and will pick the most popular ports for> you based on the
> new frequency data. For both TCP and UDP, the top> 10 ports gets you
> roughly half of the open ports. The top 1,000> (out of 65,536 possible)
> finds roughly 93% of the open TCP ports and> more than 95% of the open
> UDP ports. [Fyodor, Doug Hoyte]> > o David integrated all of your OS
> detection fingerprint and correction> submissions from March 11 until
> mid-July. In the process we reached> the 1500-signature milestone for
> the 2nd generation OS detection> system. We can now detect the newest
> iPhones, Linux 2.6.25, OS X> Darwin 9.2.2, Windows Vista SP1, and even
> the Nintendo Wii. Nmap now> has 1,503 signatures, vs. 1,320 in 4.68.
> Integration is no
>  w faster> and more pleasant thanks to the new OSassist application
> developed> by Nmap SoC student Michael Pattrick. See>
> http://seclists.org/nmap-dev/2008/q3/0089.html and>
> http://seclists.org/nmap-dev/2008/q3/0139.html for more details.> > o
> Nmap now works with Windows 2000 again, after being broken by our> IPv6
> support improvements in version 4.65. A couple new dependencies> are
> required to run on Win2K, as described at> http://nmap.org/book/inst-
> windows.html#inst-win2k .> > o [Zenmap] Added a context-sensitive help
> system to the Profile> Editor. You can now mouse-over options to learn
> more about what> they are used for and their proper argument syntax.
> [Jurand Nogiec]> > o When Nmap finds a probe during ping scan which
> elicits a response,> it now saves that information for the port scan
> and later phases.> It can then "ping" the host with that probe as
> necessary to collect> timing information even if the host is not
> responding to the normal> port scan packets. Previously,
>  Nmap's port scan timing pings could> only use information gathered
> during that port scan itself. A> number of other "port scan ping"
> system improvements were made at> the same time to improve performance
> against firewalled hosts. For> full details, see
> http://seclists.org/nmap-dev/2008/q3/0647.html> [David, Michael,
> Fyodor]> > o --traceroute now uses the timing ping probe saved from
> host> discovery and port scanning instead of finding its own probe.
> The> timing ping probe is always the best probe Nmap knows about for>
> eliciting a response from a target. This will have the most effect> on
> traceroute after a ping scan, where traceroute would sometimes> pick an
> ineffective probe and traceroute would fail even though the> target was
> up. [David]> > o Added dns-safe-recursion-port and dns-safe-recursion-
> txid> (non-default NSE scripts) which use the 3rd party dns-oarc.net>
> lookup to test the source port and transaction ID randomness of>
> discovered DNS servers (assuming they allow r
>  ecursion at all).> These scripts, which test for the "Kaminsky" DNS
> bugs, were> contributed by Brandon Enright.> > o Added whois.nse, which
> queries the Regional Internet Registries> (RIRs) to determine who the
> target IP addresses are assigned> to. [Jah]> > o [Zenmap] Overhauled
> the default list of scan profiles based on> nmap-dev discussion. Users
> now have a much more diverse and useful> set of default profile
> options. And if they don't like any of those> canned scan commands,
> they can easily create their own in the> Profile Editor! [David]> > o
> Fyodor made a number of performance tweaks, such as:> o increase host
> group sizes in many cases, so Nmap will now commonly> scan 64 hosts at
> a time rather than 30> o align host groups with common network
> boundaries, such as /24 or> /25> o Increase maximum per-target port-
> scan ping frequency to one every> 1.25 seconds rather than every five.
> Port scan pings happen> against heavily firewalled hosts and the like
> when Nmap is not> receiv
>  ing enough responses to normal scan to properly calculate> timing
> variables and detect packet drops.> > o Added a new NSE binlib library,
> which offers bin.pack() and> bin.unpack() functions for dealing with
> storing values in and> extracting them from binary strings. For
> details, see> http://nmap.org/book/nse-library.html#nse-binlib .
> [Philip> Pickering]> > o Added a new NSE DNS library. See this thread:>
> http://seclists.org/nmap-dev/2008/q3/0310.html [Philip Pickering]> > o
> Added new NSE libraries for base64 encoding, SNMP, and POP3 mail>
> operations. They are described at> http://seclists.org/nmap-
> dev/2008/q3/0233.html . [Philip Pickering]> > o Added NSE scripts
> popcapa (retrieves POP3 server capabilities) and> brutePOP3 (brute
> force POP3 authentication cracker) which make use> of the new POP3
> library. [Philip Pickering]> > o Added the SNMPcommunitybrute NSE
> script, which is a brute force> community string cracker. Also modified
> SNMPsysdescr to use the new> SNMP library. [Ph
>  ilip Pickering]> > o Fixed the SMTPcommands script so that it can't
> return multiple> values (which was causing problems). Thanks to Jah for
> tracking down> the problem and sending a fix for SMTPcommands. Then
> Patrick fixed> NSE so it can handle misbehaving scripts like this
> without causing> mysterious side effects.> > o Added a new NSE Unpwdb
> (username/password database) library for> easily obtaining usernames or
> passwords from a list. The functions> usernames() and passwords()
> return a closure which returns a new> list entry with every call, or
> nil when the list is exhausted. You> can specify your own username
> and/or password lists via the script> arguments userdb and passdb,
> respectively. [Kris]> > o Nmap's Nsock-utilizing subsystems (DNS, NSE,
> version detection) have> been updated to support the -S and --ip-
> options flags. [Kris]> > o A new --max-rate option was added, which
> complements --min-rate. It> allows you to specify the maximum byte rate
> that Nmap is allowed to> sen
>  d packets. [David]> > o Added --ip-options support for the connect()
> scan (-sT). [Kris]> > o Nsock now supports binding to a local address
> and setting IPv4> options with nsi_set_localaddr() and
> nsi_set_ipoptions(),> respectively. [Kris]> > o Added IPProto Ping (-
> PO) support to Traceroute, and fixed support for> IPProto Scan (-sO)
> and the ICMP Pings (-PE, -PP, -PM) in Traceroute> as well. These could
> cause Nmap to hang during Traceroute. [Kris]> > o [Zenmap] Added a
> "Cancel" button for cancelling a scan in progress> without losing any
> Nmap output obtained so far. [Jurand Nogiec]> > o Improve the netbios-
> smb-os-discovery NSE script to improve target> port selection and to
> also decode the system's timestamp from an SMB> response. [Ron at
> SkullSecurity]> > o Nmap now avoids collapsing large numbers of ports
> in open|filtered> state (e.g. just printing that 500 ports are in that
> state rather> than listing them individually) if verbosity or debugging
> levels are> greater than two. S
>  ee this thread:> http://seclists.org/nmap-dev/2008/q3/0312.html .
> [Fyodor]> > o The NSE http library now supports chunked encoding. [Sven
> Klemm]> > o The NSE datafiles library now has generic file parsing
> routines, and> the parsing of the standard nmap data files (e.g. nmap-
> services,> nmap-protocols, etc.) now uses those generic routines. NSE
> scripts> and libraries may find them useful for dealing with their own
> data> files, such as password lists. [Jah]> > o Passed the big revision
> 10,000 milestone in the Nmap project SVN> server:
> http://seclists.org/nmap-dev/2008/q3/0682.html> > o Added some Windows
> and MinGW compatibility patches submitted by> Gisle Vanem.> > o
> Improved nse_init so that compilation/runtime errors in NSE scripts> no
> longer cause the script engine to abort. [Patrick]> > o Fix a cosmetic
> bug in --script-trace hex dump output which resulting> in bytes with
> the highest bit set being prefixed with ffffff. [Sven> Klemm]> > o
> Removed the nselib-bin directory. The
>   last remaining shared NSE> module, bit, has been made static by
> Patrick. Shared modules were> broken for static builds of Nmap, such as
> those in the RPMS. We also> had the compilation problems (particularly
> on OpenBSD) with shared> modules which lead us to make PCRE static a
> while back. [David]> > o Updated rpcinfo NSE script to use the new
> pack/unpack (binlib)> functions, use the new tab library, include
> better documentation, and> fix some bugs. [Sven Klemm]> > o Add useful
> details to the error message printed when an NSE script> fails to load
> (due to syntax error, etc.) [Patrick]> > o Fix a bug in the NSE http
> library which would cause some scripts to> give the error: SCRIPT
> ENGINE: C:\Program> Files\Nmap\nselib/http.lua:77: attempt to call
> field 'parse' (a nil> value) [Jah]> > o Fixed a Makefile problem (race
> condition) which could lead to build> failures when launching make in
> parallel mode (e.g. -j4). [Michal> Januszewski]> > o Added new addrow()
> function to NSE tab li
>  brary. It allows> developers to add a whole row at once rather than
> doing a separate> add() call for each column in a row. [Sven Klemm]> >
> o Completion time estimates provided in verbose mode or when you hit a>
> key during scanning are now more accurate thanks to algorithm>
> improvements by David.> > o Fixed a number of NSE scripts which used
> print_debug()> incorrectly. See> http://seclists.org/nmap-
> dev/2008/q3/0470.html. [Sven Klemm].> > o [Zenmap] The Ports/Hosts view
> now provides full version detection> values rather than just a simple
> summary. [Jurand Nogiec]> > o [Zenmap] When you edit the command-entry
> field, then change the> target selection, Nmap no longer blows away
> your edits in favor of> using your current profile. [Jurand Nogiec]> >
> o Nsock now returns data from UDP packets individually, preserving the>
> packet boundary, rather than concatenating the data from multiple>
> packets into a single buffer. This fixes a problem related to our>
> reverse-DNS system, which can
>  only handle one DNS packet at a time.> Thanks to Tim Adam of
> ManageSoft for debugging the problem and> sending the patch. Doug Hoyte
> helped with testing, and it was> applied by Fyodor.> > o [Zenmap] Fixed
> a crash which would occur when you try to compare two> files, either of
> which has more than one extraports element. [David]> > o [Zenmap] Make
> the higwidgets library a subpackage of zenmapGUI to> avoid file name
> conflicts with Umit. [David]> > o Added the undocumented (except here)
> --nogcc option which disables> global/group congestion control
> algorithms and so each member of a> scan group of machines is treated
> separately. This is just an> experimental option for now. [Fyodor]> > o
> [Zenmap] The Ports/Hosts display now has different colors for open> and
> closed ports. [Vladimir]> > o Fixed Zenmap so that it displays all Nmap
> errors. Previously, only> stdout was redirected into the window, and
> not stderr. Now they are> both redirected. [Vladimir]> > o NSE can now
> be used in c
>  ombination with ping scan (e.g. "-sP> --script") so that you can
> execute host scripts without needing to> perform a port scan. [Kris]> >
> o [NSE] Category names are now case insensitive. [Patrick]> > o [NSE]
> Each thread for a script now gets its own action closure (and>
> upvalues). See: http://seclists.org/nmap-dev/2008/q2/0549.html>
> [Patrick]> > o [NSE] The script_scan_result structure has been changed
> to a class,> ScriptResult, which now holds a Script's output in an
> std::string.> This removes the need to use malloc and free to manage
> this memory.> A similar change was made to the run_record structure.
> [Patrick]> > o [NSE] Fixed a socket exhaustion deadlock which could
> prevent a> script scan from ever finishing. Now, rather than limit the
> total> number of sockets which can be open, we limit the number of
> scripts> which can have sockets open at once. And once a script has
> one> socket opened, it is permitted to open as many more as it> needs.
> [Patrick]> > o A hashing library (
>  code from OpenSSL) was added to NSE. hashlib> contains md5 and sha1
> routines. [Philip Pickering]> > o Fixed host discovery probe matching
> when looking at the returned TCP> data in an ICMP error message. This
> could formerly lead to> incorrectly discarded responses and the
> debugging error message:> "Bogus trynum or sequence number in ICMP
> error message" [Kris]> > o Fixed a segmentation fault in Nsock which
> occurred when calling> nsock_write() with a data length of -1 (which
> means the data is a> NUL-terminated string and Nsock should take the
> length itself) and> the Nsock trace level was at least 2. [Kris]> > o
> The NSE Comm library now defaults to trying to read as many bytes as>
> are available rather than lines if neither the "bytes" nor "lines">
> options are given. Thanks to Brandon for reporting a problem which> he
> noticed in the dns-test-open-recursion script. [Kris]> > o Updated
> zoneTrans.nse to replace length bytes in returned domain> names to
> periods itself rather than rel
>  ying on NSE's old behavior of> replacing non-printable characters with
> periods. Thanks to Rob> Nicholls for reporting the problem. [Kris]> > o
> Some Zenmap crashes have been fixed: trying to "refresh" the output> of
> a scan loaded from a file, and trying to re-save a file loaded> from
> the command line in some circumstances. [David]> > o [Zenmap] The file
> selector now remembers what directory it was last> looking at. [David]>
> > o Added an extra layer of validity checking to received packets>
> (readip_pcap), just to be extra safe. See> http://seclists.org/nmap-
> dev/2008/q3/0644.html . [Kris]> > o Zenmap defaults to showing files
> matching both *.xml and *.usr in> the file selector. Previously it only
> showed those matching *.usr.> The new combined format will be XML and
> .usr will be deprecated.> See http://seclists.org/nmap-
> dev/2008/q3/0093.html .> > o Nmap avoids printing the sending rate in
> bytes per second during a> TCP connect scan. Because the number of
> bytes per probe is not>
>  known, it used to print current sending rates: 11248.85 packets / s,>
> 0.00 bytes / s. Now it will print simply print rates like "11248.85>
> packets / s". [David]> > o [Zenmap] Nmap's installation process now
> include .desktop files> which install menu items for launchi svn log
> for> full details. [David]> > o Nmap --reason output no longer falsely
> reports a localhost-response> during -PN scans. See>
> http://seclists.org/nmap-dev/2008/q3/0188.html. [Michael]> > o [Zenmap]
> The higwidgets Python package has moved so it is now a> subpackage of
> zenmapGUI. This avoids naming conflicts with Umit,> which uses a
> slightly different version of higwidgets. [David]> > o A bug that could
> cause some host discovery probes to be incorrectly> interpreted as
> drops was fixed. This occurred only when the IP> protocol ping (-PO)
> option was combined with other ping> types. [David]> > o A new
> scanflags attribute has been added to XML output, which lists> all user
> specified --scanflags for the scan. nma
>  p.dtd has been> modified to account for this. [Michael]> > o The
> loading of the nmap-services file has been made much> faster--roughly 9
> times faster in common cases. This is important> for the new (much
> larger) frequency augmented nmap-services> file. [David]> > o Added a
> script (ASN.nse) which uses Team Cymru's DNS interface to> determine
> the routing AS numbers of scanned IP addresses. They even> set up a
> special domain just for Nmap queries. The script is still> experimental
> and non-default. [Jah, Michael]> > o [Zenmap] Clicking "Cancel" in a
> file chooser in the diff interface> no longer causes a crash. [David]>
> > o The shtool build helper script has been updated to version 2.0.8.
> An> older version of shutil caused installation to fail when the
> locale> was set to et_EE. Thanks to Michal Januszewski for the bug>
> report. [David]> > o [Zenmap] Removed services.dmp and os_dmp.dmp and
> all the files that> referred to them. They are not needed with the new
> search> interface. Als
>  o removed an unused search progress bar. And some> broken fingerprint
> submission code. Yay for de-bloating! [David]> > o [Zenmap] Added "%F"
> to the Exec link in the new Zenmap desktop> file. We expect (hope) that
> this will allow dragging and dropping> XML files onto the icon.
> [David]> > o [Zenmap] The -o[XGASN] options can now be specified, just
> as you can> at the console. [Vladimir]> > o [Zenmap] You can now shrink
> the scan window below its default> size thanks to NmapOutputViewer code
> enhancements. [David]> > o [Zenmap] Removed optional use of the Psyco
> Python optimizer since> Zenmap is not the kind of CPU-bound application
> which benefits from> Psyco.> > o [Zenmap] You can now select more than
> one host in the "Ports /> Hosts" view by control-clicking them in the
> column at left.> > o [Zenmap] The profile editor now offers the --
> traceroute option.> > o Zenmap now uses Unicode objects pervasively
> when dealing with Nmap> text output, though the only internationalized
> text Nmap
>   currently> outputs is the user's time zone. [David]> > o Unprintable
> characters in NSE script output (which really shouldn't> happen anyway)
> are now printed like \xHH, where HH is the> hexadecimal representation
> of the character. See> http://seclists.org/nmap-dev/2008/q3/0180.html .
> [Patrick]> > o Nmap sometimes sent packets with incorrect IP
> checksums,> particularly when sending the UDP probes in OS detection.
> This has> been fixed. Thanks to Gisle Vanem for reporting and
> investigating the> bug. [David]> > o Fixed the --without-liblua
> configure option so that it works> again. [David]> > o In the interest
> of forward compatibility, the xmloutputversion> attribute in Nmap XML
> output is no longer constrained to be a> certain string ("1.02"). The
> xmloutputversion should be taken as> merely advisory by authors of
> parsers.> > o Zenmap no longer leaves any temporary files lying around.
> [David]> > o Nmap only prints an uptime guess in verbose mode now,
> because in> some situations it
>   can be very inaccurate. See the discussion at>
> http://seclists.org/nmap-dev/2008/q3/0392.html. [David]> > > Enjoy!>
> Fyodor> > > ------------------------------> > Message: 4> Date: Sun, 7
> Sep 2008 02:18:33 -0600> From: David Fifield <david () bamsoftware com>>
> Subject: Re: Zenmap error: Char offset 64 is off the end of the line>
> To: nmap-dev () insecure org> Message-ID: <20080907081832.GA4846@gusto>>
> Content-Type: text/plain; charset=us-ascii> > On Sat, Sep 06, 2008 at
> 01:30:19PM -0700, Fyodor wrote:> > I'm happy to report that David's
> setup.py fix allowed me to create a> > working Nmap Windows installer.
> I tested Zenmap, and it worked> > against scanme.nmap.org. But then I
> tried against a machine on my> > locan network and it crashed :(. Here
> is the command:> > > > nmap -T Aggressive -A flog.yuma.net> > > >
> Zenmap reported:> > > > --> > "Gtk-ERROR **: Char offset 64 is off the
> end of the line> > aborting...> > [OK]> > --> > We figured this bug out
> eventually. It had to do with Ze
>  nmap breaking> lines differently than PyGTK was in the syntax
> highlighting module.> > The bug was uncovered because some script
> output has \r\r sequences in> it. (PyGTK was breaking lines between
> each \r, and Zenmap wasn't.) We> fixed the bug but the question arises:
> Where are the \r\r sequences> coming from?> > It happens only on
> Windows. It may have to do with \r\n vs. \n line> endings. As far as I
> can tell it's only in script output. One case we> saw was using tab.lua
> for output.> > David Fifield> > > ------------------------------> >
> _______________________________________________> nmap-dev mailing list>
> nmap-dev () insecure org> http://cgi.insecure.org/mailman/listinfo/nmap-
> dev> > > End of nmap-dev Digest, Vol 42, Issue 17>
> ****************************************
> _________________________________________________________________
> Get more out of the Web. Learn 10 hidden secrets of Windows Live.
> http://windowslive.com/connect/post/jamiethomson.spaces.live.com-Blog-
> cns!550F681DAD532637!5295.entry?ocid=TXT_TAGLM_WL_domore_092008
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org