Service probe and payload for QUIC

CHANGELOG

@@ -1,5 +1,8 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o Added service probe and UDP payload for Quick UDP Internet Connection (QUIC),
+  a secure transport developed by Google and used with HTTP/2. [Daniel Miller]
+
 o [NSE] Enabled resolveall to run against any target provided as a hostname, so
   the resolveall.hosts script-arg is no longer required. [Daniel Miller]
 
@@ -197,9 +200,6 @@ o [NSE][GH#531] Fix two issues in sslcert.lua that prevented correct operations
   against LDAP services when version detection or STARTTLS were used.
   [Tom Sellers]
 
-o [Zenmap] Long-overdue Spanish language translation has been added! Muy bien!
-  [Vincent Dumont, Marta Garcia De La Paz, Paulino Calderon, Patricio Castagnaro]
-
 o [GH#426] Remove a workaround for lack of selectable pcap file descriptors on
   Windows, which required including pcap-int.h and locking us to a single
   version of libpcap. The new method, using WaitForSingleObject should work

nmap-payloads

@@ -37,6 +37,9 @@
 udp 7 "\x0D\x0A\x0D\x0A"
 # DNSStatusRequest
 udp 53 "\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+# QUIC packet with unsupported version Q999
+# Also found on 443, but need to check whether DTLS or QUIC is more prevalent
+udp 80 "\r12345678Q999\x00"
 # RPCCheck
 udp 111
   "\x72\xFE\x1D\x13\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\x86\xA0"

nmap-service-probes

@@ -15139,3 +15139,11 @@ Probe TCP iperf3 q|0000000000000000000000000000000000000\0\0\0\0|
 ports 5201
 rarity 9
 match iperf3 m|^\t$|
+
+##############################NEXT PROBE##############################
+# QUIC initialization with random CID, advertising version Q999, which should elicit a version negotiation packet from the server
+Probe UDP QUIC q|\r\x89\xc1\x9c\x1c*\xff\xfc\xf1Q999\x00|
+ports 80,443
+rarity 6
+
+softmatch quic m|^\r\x89\xc1\x9c\x1c\*\xff\xfc\xf1((?:Q[0-8]\d\d)+)$| i/QUIC versions$SUBST(1,"Q",", Q")/