Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: nmap quits from scanning some IPs

nmap quits from scanning some IPs

From: Ganga Bhavani <GBhavani_at_everdreamcorp.com>
Date: Fri, 22 Oct 2004 17:00:49 -0700

I'm running nmap 3.75 on windows xp sp2 and windows nt 4.

 In both the hosts, nmap quits executing with an error that can be traced to similar root cause. In both cases it doesnt find routing interface when it was trying to query local subnet or it's own interface. In such case even if there are other hosts to scan it quits that whole scanning process.

Problem 1:
 In case of windows xp sp2, nmap finds the routing interface of ip address 192.168.1.0 as 0.0.0.0 instead of 192.168.1.84 from the routing table. I am not sure if it is a problem in the implementation of wsaioctl( ) or the nmap.
Can some one please let me know in what conditions this 0.0.0.0 shows up as routing interface address.

  The ip address of the local host that was scanning: 192.168.1.84. Executing nmap -O 192.168.1.0/24 just quits. Here is the message what I get.
----------------------------------------------------------------------------------------------------------------------
nmap -O -debug -debug -debug -debug 192.168.191.0/24
***WinIP*** winpcap is present
***WinIP*** rawsock is available

Starting nmap 3.75 ( http://www.insecure.org/nmap ) at 2004-10-22 14:24 Pacific
Daylight Time
Fetchfile found C:\nmap/nmap-services

The max # of sockets we are using is: 0
routethrough: 192.168.191.0 routes through 0.0.0.0, but inaddr2devname failed
Unable to determine what interface to route packets through to 192.168.191.0
QUITTING!
------------------------------------------------------------------------------------------------------------------------

C:\Documents and Settings\Administrator>route print 192.168.*
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 d0 b7 1f 14 fd ...... Intel(R) PRO/100+ Management Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
      192.168.191.0 255.255.255.0 192.168.191.84 192.168.191.84 20
     192.168.191.84 255.255.255.255 127.0.0.1 127.0.0.1 20
Default Gateway: 192.168.191.1
===========================================================================
Persistent Routes:
  None

Problem 2:
Similarly incase of windows nt4. If scanning is done on say 192.168.191.0/24 and if the IP address of the local host(192.168.191.195) is as part of the scanned host , nmap just quits from scanning. This may happen because of pcap not work for the local host. Shouldn't nmap proceed with other nodes and not quit if there are such errors ?

Starting nmap 3.75 ( http://www.insecure.org/nmap ) at 2004-10-22 13:38 Pacific
Daylight Time
Fetchfile found C:\nmap/nmap-services

The max # of sockets we are using is: 0
The first host is 192, and the last one is 192
The first host is 168, and the last one is 168
The first host is 191, and the last one is 191
The first host is 95, and the last one is 95
doing 0.0.0.0 = 192.168.191.95
get_best_route: using NT4-compatible method
Unable to determine what interface to route packets through to 192.168.191.95
QUITTING!

Thanks,
Ganga
Received on Oct 23 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos