What's new in this version: - [Windows] Updated the bundled Npcap from 0.91 to 0.93, fixing several issues with installation and compatibility with the Windows 10 Creators Update. - [NSE][GH#910] NSE scripts now have complete SSH support via libssh2, including password brute-forcing and running remote commands, thanks to the combined efforts of three Summer of Code students: [Devin Bjelland, Sergey Khegay, Evangelos Deirmentzoglou]
[NSE] Added 14 NSE scripts from 6 authors, bringing the total up to 579, and the summaries are below: - ftp-syst sends SYST and STAT commands to FTP servers to get system version and connection information. [Daniel Miller] - [GH#916] http-vuln-cve2017-8917 checks for an SQL injection vulnerability affecting Joomla! 3.7.x before 3.7.1. [Wong Wai Tuck] - iec-identify probes for the IEC 60870-5-104 SCADA protocol. [Aleksandr Timorin, Daniel Miller] - [GH#915] openwebnet-discovery retrieves device identifying information and number of connected devices running on openwebnet protocol. [Rewanth Cool] - puppet-naivesigning checks for a misconfiguration in the Puppet CA where naive signing is enabled, allowing for any CSR to be automatically signed. [Wong Wai Tuck] - [GH#943] smb-protocols discovers if a server supports dialects NT LM 0.12 (SMBv1), 2.02, 2.10, 3.00, 3.02 and 3.11. This replaces the old smbv2-enabled script. [Paulino Calderon] - [GH#943] smb2-capabilities lists the supported capabilities of SMB2/SMB3 servers. [Paulino Calderon] - [GH#943] smb2-time determines the current date and boot date of SMB2 servers. [Paulino Calderon] - [GH#943] smb2-security-mode determines the message signing configuration of SMB2/SMB3 servers. [Paulino Calderon] - [GH#943] smb2-vuln-uptime attempts to discover missing critical patches in Microsoft Windows systems based on the SMB2 server uptime. [Paulino Calderon] - ssh-auth-methods lists the authentication methods offered by an SSH server. [Devin Bjelland] - ssh-brute performs brute-forcing of SSH password credentials. [Devin Bjelland] - ssh-publickey-acceptance checks public or private keys to see if they could be used to log in to a target. A list of known-compromised key pairs is included and checked by default. [Devin Bjelland] - ssh-run uses user-provided credentials to run commands on targets via SSH. [Devin Bjelland] - [NSE] Removed smbv2-enabled, which was incompatible with the new SMBv2/3 improvements. It was fully replaced by the smb-protocols script. - [Ncat][GH#446] Added Datagram TLS (DTLS) support to Ncat in connect (client) mode with --udp --ssl. Also added Application Layer Protocol Negotiation (ALPN) support with the --ssl-alpn option. [Denis Andzakovic, Daniel Miller] - Updated the default ciphers list for Ncat and the secure ciphers list for Nsock to use "!aNULL:!eNULL" instead of "!ADH". With the addition of ECDH ciphersuites, anonymous ECDH suites were being allowed. [Daniel Miller] - [NSE][GH#930] Fix ndmp-version and ndmp-fs-info when scanning Veritas Backup Exec Agent 15 or 16. [Andrew Orr] - [NSE][GH#943] Added new SMB2/3 library and related scripts. [Paulino Calderon] - [NSE][GH#950] Added wildcard detection to dns-brute. Only hostnames that resolve to unique addresses will be listed. [Aaron Heesakkers] - [NSE] FTP scripts like ftp-anon and ftp-brute now correctly handle TLS-protected FTP services and use STARTTLS when necessary. [Daniel Miller] - [NSE][GH#936] Function url.escape no longer encodes so-called "unreserved" characters, including hyphen, period, underscore, and tilde, as per RFC 3986. [nnposter] - [NSE][GH#935] Function http.pipeline_go no longer assumes that persistent connections are supported on HTTP 1.0 target (unless the target explicitly declares otherwise), as per RFC 7230. [nnposter] - [NSE][GH#934] The HTTP response object has a new member, version, which contains the HTTP protocol version string returned by the server, e.g. "1.0". [nnposter] - [NSE][GH#938] Fix handling of the objectSID Active Directory attribute by ldap.lua. [Tom Sellers] - [NSE] Fix line endings in the list of Oracle SIDs used by oracle-sid-brute. Carriage Return characters were being sent in the connection packets, likely resulting in failure of the script. [Anant Shrivastava] - [NSE][GH#141] http-useragent-checker now checks for changes in HTTP status (usually 403 Forbidden) in addition to redirects to indicate forbidden User Agents. [Gyanendra Mishra]
Zenmap 7.60 相關參考資料
7.60-1ubuntu5 : zenmap : amd64 : Bionic (18.04) : Ubuntu
Zenmap is an Nmap frontend. It is meant to be useful for advanced users and to make Nmap easy to use by beginners. It was originally derived
https://launchpad.net
Download the Free Nmap Security Scanner for LinuxMac ...
Official Download site for the Free Nmap Security Scanner. Helps with network security, administration, and general hacking.
https://nmap.org
How to install Zenmap 7.60 on Ubuntu 18.04
Nmap 7.6 Download (Free) - zenmap.exe
2024年3月27日 — Nmap version 7.6 (zenmap.exe). Nmap (Network Mapper) is a free and open source (license) utility for network discovery and security ...
https://nmap.informer.com
Nmap Release archive
zenmap-7.60-1.noarch.rpm, 2017-08-01 14:26, 708K. [ ], nping-0.7.60-1.x86_64.rpm, 2017-08-01 14:26, 1.1M. [ ], nping-0.7.60-1.i686.rpm, 2017-08-01 14:26, 837K.
https://nmap.org
Nmap-7.60
2017年8月29日 — Nmap is a utility for network exploration and security auditing. It supports ping scanning, port scanning and TCP/IP fingerprinting. This ...
https://www.linuxfromscratch.o
Zenmap - Official cross-platform Nmap Security Scanner GUI
Zenmap is the official cross-platform GUI for the Nmap Security Scanner. It is free and runs on Linux, Windows, Mac OS X, etc.
https://nmap.org
Zenmap 7.60
2017年8月5日 — Zenmap 7.60 ; Change log: n/a ; Description: the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) ...
https://www.npackd.org
zenmap : Bionic (18.04) : Ubuntu
Zenmap is an Nmap frontend. It is meant to be useful for advanced users and to make Nmap easy to use by beginners. It was originally derived from Umit, ...
https://launchpad.net
如何为Windows操作系统下载和安装Nmap? 翻译
2020年10月7日 — org/dist/nmap-7.60-setup.exe · https://nmap.org/dist/nmap-7.60-setup ... 热门推荐 Windows下nmap命令及Zenmap工具的使用方法. #Nmap简介nmap是一个 ...
https://blog.csdn.net
|