Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: nmap ends prematurely with a segfault
From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Fri, 23 Nov 2007 13:50:23 -0600

I just ran the same scan with RC2 and it completed without errors.

The program listening is part of IBM Director.  The executable is
wmicimserver.exe.

-Jason

On Nov 23, 2007 10:28 AM, Diman Todorov <diman.todorov () univie ac at> wrote:


On Oct 18, 2007, at 10:15 PM, DePriest, Jason R. wrote:

I run nmap like this:
sudo nmap -v -sSUV -O -pT:-,U:[1-65535] --traceroute --reason
--script=discovery,safe,backdoor,vulnerability,malware --script-trace
-d6 xxx.yyy.zzz.190,153,193,89

and after some time, it eventually ends with a segfault.

Seriously, it ends with a simple "Segmentation fault" and nothing else
to help explain from where the segfault came.

The last bit looks like this:
NSOCK (1524.9210s) Callback: READ SUCCESS for EID 770
[xxx.yyy.zzz.153:5988] (69 bytes): HTTP/1.1 401
Unauthorized..WWW-Authenticate: Basic realm="ANLYX2"....
SCRIPT ENGINE: TCP xxx.yyy.zzz.50:34039 < xxx.yyy.zzz.153:5988 |
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Basic realm="ANLYX2"


NSOCK (1524.9210s) msevent_delete (IOD #28) (EID #770)
NSOCK (1524.9210s) wait_for_events
NSOCK (1524.9210s) PCAP read_on_nonselect
NSOCK (1524.9210s) PCAP END read_on_nonselect
SCRIPT ENGINE: TCP xxx.yyy.zzz.50:34039 > xxx.yyy.zzz.153:5988 | CLOSE
Segmentation fault

I am attaching a file with all the output starting from when SCRIPT
ENGINE first showed up.  I hope anyway.  I could only scroll back 5000
lines.  If you need more, I can run it again (it is reproducible) and
tee the output or something.

Hi,

if you can still reproduce this problem with the most recent svn nmap
version I'd like to ask you a few things:

1) does this happen if you only scan the .153 host? Can you give some
more information about that host? Like, is there some service running
on 5988? And if there is, what service is it?

2) would you mind sending that attachment of yours packed with some
more common archiving tool?

cheers,
Diman



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org




-- 
NOTICE:  This email is being sent in clear-text across the public
Internet.  Therefore, any attempts to include unenforceable legalese
restrictions are ridiculous and pointless.  If you can read this,
consider yourself authorized (whether I like it or not).

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]