Nmap Development
Wednesday 30th July, 2008 16:19
Recently I've been trying to modify the script that Nmap uses to create it's own installer for WinPcap. The installer works fine for anyone using Windows XP and higher, but it doesn't work for Windows 2000 users as the WinPcap installation silently fails when trying to register the service using sc.exe (unless they've installed it from the Resource Kit). I've managed to get the installer to use Windows API calls (i.e really low level stuff) to register the service correctly, but I haven't been able to sort out the deletion of the service during uninstallation (is that a word?). Once that's sorted, it just leaves the "what should we do if WinPcap is already installed" problem, which is only really an issue during a silent installation if the official WinPcap installer was used before (the Nmap versions appears to silently uninstall itself, and I'm still not entirely sure why it does that). I've already started coding a version that will manually remove registry keys and files from the various WinPcap locations, but I should probably check which version is currently installed, and I'm a bit reluctant to write an installer that uninstalls the official version's files. The alternative might be to skip the installation if WinPcap is already present.
The other flaw that I'd like to fix is again related to Windows 2000 (and potentially any OS that doesn't have Windows Installer 3.0 or higher), as there isn't currently any user feedback when the Visual C++ 2008 runtimes fail to silently install by Nmap's installer. Hopefully it's just a case of checking the return code and displaying an error message if anything goes wrong (with a quick explanation of the pre-requisites). This happened because I made an assumption (that Windows 2000 users would already have SP4 and Windows Installer 3) when I was rushing a patch for the Nmap 4.68 release, to try and fix the "DLL hell" that was going on with Nmap 4.65. What i didn't anticipate (or test until after 4.68 was released) was that Microsoft's own instructions are wrong (you need to install a post SP4 hotfix; SP4 is not enough to install the VC++ 2008 runtimes).
The final flaw is a big flaw for Windows 2000 users, and I can't fix that (I tried having a look, but I wasn't able to fix it). It looks like an error message is displayed, probably related to a lack of IPv6 support in Windows 2000. I don't know if that will be fixed in the next version, as I'd imagine it could require a lot of effort and no one on the list is working on it (if they are, they're keeping very quiet).
If I get some spare time (unlikely) I'd like to get back to reading Nmap's documentation, which will be included in the new Nmap book that Fyodor is releasing next month. A small part of me is hoping that he'll list the names of everyone in the Changelog in some sort of "credits" section in the book, so I might get to see my name somewhere in the book :)
The other flaw that I'd like to fix is again related to Windows 2000 (and potentially any OS that doesn't have Windows Installer 3.0 or higher), as there isn't currently any user feedback when the Visual C++ 2008 runtimes fail to silently install by Nmap's installer. Hopefully it's just a case of checking the return code and displaying an error message if anything goes wrong (with a quick explanation of the pre-requisites). This happened because I made an assumption (that Windows 2000 users would already have SP4 and Windows Installer 3) when I was rushing a patch for the Nmap 4.68 release, to try and fix the "DLL hell" that was going on with Nmap 4.65. What i didn't anticipate (or test until after 4.68 was released) was that Microsoft's own instructions are wrong (you need to install a post SP4 hotfix; SP4 is not enough to install the VC++ 2008 runtimes).
The final flaw is a big flaw for Windows 2000 users, and I can't fix that (I tried having a look, but I wasn't able to fix it). It looks like an error message is displayed, probably related to a lack of IPv6 support in Windows 2000. I don't know if that will be fixed in the next version, as I'd imagine it could require a lot of effort and no one on the list is working on it (if they are, they're keeping very quiet).
If I get some spare time (unlikely) I'd like to get back to reading Nmap's documentation, which will be included in the new Nmap book that Fyodor is releasing next month. A small part of me is hoping that he'll list the names of everyone in the Changelog in some sort of "credits" section in the book, so I might get to see my name somewhere in the book :)