Yaptest Update: v0.1.4

Version 0.1.4 of Yaptest is now available.  This release adds a couple of new features and fixes some bugs and usability problems (a big thanks to deanx for reporting these).

It’s now possible for the run_test API to filter based on the host_info table.  This feature is used by yaptest-nmap-udp.pl to run a full UDP scan on any hosts that don’t rate limit the sending of ICMP Port Unreachable messages – e.g. Windows hosts.  This makes for more thorough scanning without the futility of tryng to fully UDP scan all hosts.

The highlights of the change log are below:

* Nikto output filenames contain the protocol (http / https).
* Made some error messages more meaningful.
* Can no longer accidentially add a network instead of an
  IP via yaptest-hosts.pl (e.g. 192.168.0.0/24)
* Bug Fix: Uppercase letters converted to lowercase in
           database name (backend doesn't allow ucase)
* Bug Fix: Test areas can contain '-' now.
* Bug Fix: Semaphore implemented to prevent multiple processes
           (name yaptest-bannergrab.pl) from creating port_keys
           at the same time.
* yaptest-parse-nmap-xml.pl will now parse MAC addresses out
  (if present) and associate them with the IP in the backend db
* yaptest-parse-nmap-xml.pl will now parse the top OS guess
  and store it as host_info in the backend db
* Dropped uniqueness constraint on port_info table to prevent
  yaptest-parse-bannergrab.pl causing the the following error:
   DBD::Pg::st execute failed: ERROR:  index row size 4100
   exceeds btree maximum, 2713
* run_test API now supports filtering based on host_info
* yaptest-nmap-udp.pl will now do a full UDP scan of any
  hosts that complete their quick UDP scan in less than
  10 seconds (e.g. Windows boxes)
* yaptest-credentials.pl now allows searching on username
  and password fields using the special words NOTNULL and
  NOTEMPTY - useful to list accounts you know the password
  for

Tags:

Posted in Blog