Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Ncrack Bug report
From: ithilgore - <ithilgore.ryu.l () gmail com>
Date: Sun, 6 Feb 2011 22:44:00 +0200

On Sun, Feb 6, 2011 at 6:57 PM, Cornelius Krasel
<cornelius.krasel () web de> wrote:
Hi,

I am trying to retrieve the admin password from our own Cisco WRT54GL using the latest ncrack binary for Windows.

%---snip---

$Windows XP> ncrack -vvvv --user admin http://192.168.1.1

Starting Ncrack 0.3ALPHA ( http://ncrack.org/ ) at 2011-02-06 17:09 Westeuropäische Normalzeit

Rate: 31.74; Found: 0; About 77.07% done; ETC: 17:10 (00:00:24 remaining)

Strange connect error from 192.168.1.1 (10048): No such file or directory

Assertion failed: 0, file .\src\nsock_core.c, line 404

This application has requested the Runtime to terminate it in an unusual way.

Please contact the application's support team for more information.

%---snip---

Repeating the command, ncrack always fails at around the same space covered (77.79%, 76.65%), which makes me think 
that ncrack has discovered the right password but fails on the reply of the router. If I mess around with the timing 
by using "ncrack -T2", the program fails immediately with the same error message. With "ncrack -T1" or "ncrack -T0" 
the program just stops without producing any result, apparently not having scanned any space. "-T3" seems to be 
identical with no options; "-T4" and "-T5" fail at around 72%. Any help would be greatly appreciated because I don't 
want to reset the router :-).
Cornelius.




Hello,
it would be helpful if we could take a look at a tcpdump/wireshark
dump file near the moment that the termination happens. The error you
get is something that is printed by Nsock, the socket library that
Ncrack uses.

Inspecting the relevant source code points out to the fact that this
is an error that occurs whenever a connection status return code can't
be handled by Nsock. Perhaps David could shed some light if he has
encountered this kind of situation before.

Regards,
ithilgore
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]