Happy holidays from the Nmap Project!  In case your Christmas break plans
involve a lot of port scanning, we’re delighted to announce our holiday
Nmap 7.40 release!  This version stuffs your stockings with dozens of new
features, including:

  *** 12 new NSE scripts
  *** Hundreds of updated OS and version detection detection signatures
  *** Faster brute force authentication cracking and other NSE library
  *** A much-improved version of our Npcap Windows packet capturing

There are many more improvements which are all describe below.  Nmap 7.40
source code and binary packages for Linux, Windows, and Mac are
available for free download from the usual spot:


If you find any bugs in this release, please let us know on the Nmap Dev
list or bug tracker as described


Here are the changes since Nmap 7.31 from October:

* [Windows] Updated the bundled Npcap from 0.10r9 to 0.78r5, with an
improved installer experience, driver signing updates to work with Windows
10 build 1607, and bugfixes for WiFi connectivity problems. [Yang Luo,
Daniel Miller]

* Integrated all of your IPv4 OS fingerprint submissions from April to
September (568 of them). Added 149 fingerprints, bringing the new total to
5,336. Additions include Linux 4.6, macOS 10.12 Sierra, NetBSD 7.0, and
more. Highlights: http://seclists.org/nmap-dev/2016/q4/110 [Daniel Miller]

* Integrated all of your service/version detection fingerprints submitted
from April to September (779 of them). The signature count went up 3.1% to
11,095. We now detect 1161 protocols, from airserv-ng, domaintime, and mep
to nutcracker, rhpp, and usher. Highlights:
http://seclists.org/nmap-dev/2016/q4/115 [Daniel Miller]

* Fix reverse DNS on Windows which was failing with the message “mass_dns:
warning: Unable to determine any DNS servers.” This was because the
interface GUID comparison needed to be case-insensitive. [Robert Croteau]

* [NSE] Added 12 NSE scripts from 4 authors, bringing the total up to 552!
They are all listed at https://nmap.org/nsedoc/, and the summaries are

*** cics-enum enumerates CICS transaction IDs, mapping to screens in
TN3270 services. [Soldier of Fortran]
*** cics-user-enum brute-forces usernames for CICS users on TN3270
services. [Soldier of Fortran]
*** fingerprint-strings will print the ASCII strings it finds in the
service fingerprints that Nmap shows for unidentified services. [Daniel
*** [GH#606] ip-geolocation-map-bing renders IP geolocation data as an
image via Bing Maps API. [Mak Kolybabi]
*** [GH#606] ip-geolocation-map-google renders IP geolocation data as an
image via Google Maps API. [Mak Kolybabi]
*** [GH#606] ip-geolocation-map-kml records IP geolocation data in a KML
file for import into other mapping software [Mak Kolybabi]
*** nje-pass-brute brute-forces the password to a NJE node, given a valid
RHOST and OHOST. Helpfully, nje-node-brute can now brute force both of
those values. [Soldier of Fortran]
*** [GH#557] ssl-cert-intaddr will search for private IP addresses in TLS
certificate fields and extensions. [Steve Benson]
*** tn3270-screen shows the login screen from mainframe TN3270 Telnet
services, including any hidden fields. The script is accompanied by the new
tn3270 library. [Soldier of Fortran]
*** tso-enum enumerates usernames for TN3270 Telnet services. [Soldier of
*** tso-brute brute-forces passwords for TN3270 Telnet services. [Soldier
of Fortran]
*** vtam-enum brute-forces VTAM application IDs for TN3270 services.
[Soldier of Fortran]