Download Nmap 7.25 Beta 2

Nmap is a program for exploring and monitoring a network. It is designed to scan a large network without delays and also runs smoothly on a single host. The program uses raw ip packets to retrieve active hosts and information about available services. It comes bundled with NSE that lets you scripts can use for detecting security leaks, similar to Nessus or OpenVAS for idea; Zenmap generating a visual topology of the detected network environment; and Ncat with which you can intercept, analyze, adjust, etc. network traffic. More information about the possibilities can be found at this page. In celebration of its nineteenth anniversary, the developers have released the second beta version of Nmap 7.25 with the following announcement on the mailing list:

Nmap 7.25BETA2 Birthday Release

Hi folks! I’m happy to report that today is Nmap’s 19th birthday and instead of cake, we’re celebrating open source style with a new release! Nmap 7.25BETA1 includes dozens of performance improvements, bug fixes, and new features. The full list is below, and includes a major LUA upgrade for NSE scripts, a new overlapped I/O engine for better Windows performance, a much-improved version of our new Npcap packet capturing driver, new NSE scripts, integration of more than 500 of your fingerprint submissions, and more!

Nmap 7.25BETA2 source code and binary packages for Linux, Windows, and Mac are available for free download from the usual spot. If you find any bugs in this release, please let us know on the Nmap Dev list or bug tracker.

Here are the changes since the 7.25BETA1 release in July:

• [NSE] Upgraded NSE to Lua 5.3, adding bitwise operators, integer data type, a utf8 library, and native binary packing and unpacking functions. Removed bit library, added bits.lua, replaced base32, base64, and bin libraries.
• Integrated all of your service/version detection fingerprints submitted from January to April (578 of them). The signature count went up 2.2% to 10760. We now detect 1122 protocols, from elasticsearch, fhem, and goldengate to ptcp, resin-watchdog, and siemens-logo.
• Upgraded Npcap, our new Windows packet capturing driver/library, from version 0.07-r17 to 0.09.
• [Nsock] Added the new IOCP Nsock engine which uses the Windows Overlapped I/O API to improve performance of version scan and NSE against many targets on Windows.
• Windows binaries are now code-signed with our “Insecure.Com LLC” SHA256 certificate. This should give our users extra peace-of-mind and avoid triggering Microsoft’s ever-increasing security warnings.
• Various performance improvements for large-scale high-rate scanning, including increased ping host groups, faster probe matching, and ensuring data types can handle an Internet’s-worth of targets.
• [NSE] Added the oracle-tns-version NSE script which decodes the version number from Oracle Database Server’s TNS listener.
• [NSE] Added the clock-skew NSE script which analyzes and reports clock skew between Nmap and services that report timestamps, grouping hosts with similar skews.
• [Zenmap] Long-overdue Spanish language translation has been added! muybien!
• [Zenmap] Fix a crash when closing Zenmap due to a read-only zenmap.conf. User will be warned that config cannot be saved and that they should fix the file permissions.
• [NSE] Fix a crash when parsing TLS certificates that OpenSSL doesn’t support, like DH certificates or corrupted certs. When this happens, ssl-enum-ciphers will label the ciphersuite strength as “unknown.” Reported by Bertrand Bonnefoy-Claudet.
• [NSE] Fix two issues in sslcert.lua that prevented correct operations against LDAP services when version detection or STARTTLS were used.
• Remove a workaround for lack of selectable pcap file descriptors on Windows, which required including pcap-int.h and locking us to a single version of libpcap. The new method, using WaitForSingleObject should work with all versions of both WinPcap and Npcap.
• [NSE] Added a –script-timeout option for limiting run time for every individual NSE script.
• [Ncat] Added a -z option to Ncat. Just like the -z option in traditional netcat, it can be used to quicky check the status of a port. Port ranges are not supported since we recommend a certain other tool for port scanning.
• Fix checking of Npcap/WinPcap presence on Windows so that “nmap -A” and “nmap” with no options result in the same behaviors as on Linux (and no crashes)
• [NSE] ssl-enum-ciphers will now warn about 64-bit block ciphers in CBC mode, which are vulnerable to the SWEET32 attack.
• [NSE] tftp-enum now only brute-forces IP-address-based Cisco filenames when the wordlist contains “{cisco}”. Previously, custom wordlists would still end up sending these extra 256 requests.
• Avoid an unnecessary assert failure in timing.cc when printing estimated completion time. Instead, we’ll output a diagnostic error message: Timing error: localtime(n) is NULL where “n” is some number that is causing problems.
• [NSE] Removed the obsolete script ip-geolocation-geobytes.
• [NSE] Completed a refresh and validation of almost all fingerprints for script http-default-accounts. Also improved the script speed.
• Added support for decoys in IPv6. Earlier we supported decoys only in IPv4.
• Allow Nmap to compile on some older Red Hat distros that disable EC crypto support in OpenSSL.
• Nmap now supports OpenSSL 1.1.0-pre5 and previous versions.
• [Ncat] Fix a crash (“add_fdinfo() failed.”) when –exec was used with –ssl and –max-conns, due to improper accounting of file descriptors.
• FTP Bounce scan: improved some edge cases like anonymous login without password, 500 errors used to indicate port closed, and timeouts for LIST command. Also fixed a 1-byte array overrun (read) when checking for privileged ports.
• Allow target DNS names up to 254 bytes. We previously imposed an incorrect limit of 64 bytes in several parts of Nmap.
• [NSE] The hard limit on number of concurrently running scripts can now increase above 1000 to match a high user-set –min-parallelism value.
• [NSE] Solved a memory corruption issue that would happen if a socket connect operation produced an error immediately, such as Network Unreachable. The event handler was throwing a Lua error, preventing Nsock from cleaning up properly, leaking events.
• [NSE] Added the datetime library for performing date and time calculations, and as a helper to the clock-skew script.
• Made Nmap’s parallel reverse DNS resolver more robust, fully handling truncated replies. If a response is too long, we now fall back to using the system resolver to answer it.
• [Zenmap] Added a legend for the Topography window.

Enjoy the new birthday release!

cheers,
Fyodor