The new version of Nmap 7.80 arrives and these are its most important changes

nmap-logo

After almost a year and a half since the last launch, the launch of the Nmap 7.80 network security scanner was introduced, designed to audit the network and identify active network services. The framework includes 11 new NSE scripts to provide automation of various actions with Nmap. Signature databases have been updated to define network applications and operating systems.

For those unfamiliar with Nmap, you should know that this is an open source utility that is used to perform port scanning. It was originally created for Linux although it is currently cross-platform. It is used to evaluate the security of computer systemsAs well as to discover services or servers on a computer network, for this Nmap sends defined packets to other computers and analyzes their responses.

This software has various functions for probing computer networks, including detection of equipment, services and operating systems. These functions are extensible through the use of scripts to provide advanced detection services, vulnerability detection and other applications. In addition, during a scan, it is able to adapt to network conditions including latency and network congestion.

Among its main characteristics the following can be highlighted:

  • Server discovery: Identify computers on a network, for example by listing those that respond to ping
  • Identify open ports on a target computer.
  • Determine what services it is running.
  • Determine what operating system and version the computer uses, (this technique is also known as fingerprinting).
  • Obtains some characteristics of the network hardware of the machine under test.

Main new features of Nmap 7.80

As mentioned at the beginning, a new version of Nmap was recently released, in which the main work has focused on improving and stabilizing the Npcap library, which is developed for the Windows platform as a replacement for WinPcap and using the modern Windows API to organize packet capture.

Also, many minor improvements have also been made to the Nmap Scripting Engine (NSE) and its associated libraries. Nsock and Ncat have added support for sockets with AF_VSOCK addressing, working on virtio and used for interaction between virtual machines and the hypervisor.

The adb service definition was implemented (Android Debug Bridge), which is enabled by default on many mobile devices.

Another change that stands out from Nmap 7.80 is the addition of new NSE commands:

  • broadcast-hid-discoveryd- Determines the presence on the local network of HID (Human Interface Device) devices by sending broadcast requests.
  • broadcast-jenkins-discover- Defines Jenkins servers on the local network by sending broadcast requests.
  • http-hp-ilo-info- Pulls information from HP servers with support for iLO remote control technology.
  • http-sap-netweaver-leak- Determines the availability of the SAP Netweaver portal with the Knowledge Management Unit enabled, allowing anonymous access.
  • https-redirect- Identifies the HTTP servers that redirect requests to HTTPS without changing the port number.
  • lu-enum- iterates over the logical blocks (LUs, logical drives) of the TN3270E servers.
  • rdp-ntlm-info- Extracts Windows domain information from RDP services.
  • smb-vuln-webexec- Checks the installation of the WebExService (Cisco WebEx Meetings) service and the presence of a vulnerability that could allow code execution.
  • smb-webexec-exploit- Exploits a vulnerability in WebExService to run code with SYSTEM privileges.
  • ubiquiti-discovery- Extracts information from the Ubiquiti Discovery service and helps determine the version number.
  • vulners- Sends requests to the Vulners database to check for vulnerabilities based on the service and version of the application defined when starting Nmap.

How to install Nmap 7.80 on Linux?

For those who are interested in being able to install Nmap along with its other tools on their system, They can do it by following the steps we share below.

Since the release of this new version of Nmap was recently, few distributions have already updated to this version. So they must wait a few days.

Though we can resort to compiling the source code of the application in our system. The code can be downloaded and compiled by executing the following:

wget https://nmap.org/dist/nmap-7.80.tar.bz2
bzip2 -cd nmap-7.80.tar.bz2 | tar xvf -
cd nmap-7.80
./configure
make
su root
make install

In the case of distributions with support for RPM packages, they can install the Nmap 7.80 package by opening a terminal and executing the following commands:

sudo rpm -vhU https://nmap.org/dist/nmap-7.80-1.x86_64.rpm
sudo rpm -vhU https://nmap.org/dist/zenmap-7.80-1.noarch.rpm
sudo rpm -vhU https://nmap.org/dist/ncat-7.80-1.x86_64.rpm
sudo rpm -vhU https://nmap.org/dist/nping-0.7.80-1.x86_64.rpm

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.