Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Nmap got a wrong result in windows 2003
From: rirong zhu <zyrdyx () gmail com>
Date: Fri, 23 Nov 2012 09:57:17 +0800

*The last line shows an unusual configuration. Your default route goes
through the localhost interface lo0, yet it has a gateway that is not
localhost. You might be able to solve this problem by changing your
network configuration.

You can also try the workaround of adding
        -e eth0
to your Nmap command.

Otherwise, we might haver to change some code in
sysroutes_dnet_find_interfaces. We already follow a chain of route
entries for routes without an assigned interface; perhaps we have to do
it to override an assigned interface (in this case lo0) too. The default
route,
0.0.0.0/0          lo0  115.236.23.33
has a gateway that matches this route entry on eth1:
115.236.23.32/28   eth1 115.236.23.45
which in turn matches exactly the address of eth0:
*
*> eth0 (eth0)  192.168.1.45/24    ethernet up 1500 78:2B:CB:14:95:81
*
*> 115.236.23.45/32   lo0  127.0.0.1
It seems to me that route_dst should choose eth0 in this case, but it is
a tricky and unusual one.

Are you able to change your networking configuration to solve this
problem? Is the "-e eth0" workaround sufficient?

One other thing: please send the output of
        route print
It is possible that Nmap is reading the routing table incorrectly.*

Thank you for you reply.here is the result of some command:

C:\Documents and Settings\Administrator>nmap -T4 -A -v -e eth0 61.146.152.25

Starting Nmap 6.01 ( http://nmap.org ) at 2012-11-23 09:52 中国标准时间
NSE: Loaded 93 scripts for scanning.
NSE: Script Pre-scanning.
nexthost: failed to determine route to 61.146.152.25
QUITTING!

C:\Documents and Settings\Administrator>route print

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...78 2b cb 14 95 82 ...... Broadcom BCM5716C NetXtreme II GigE
(NDIS V
D Client)
0x20004 ...78 2b cb 14 95 81 ...... Broadcom BCM5716C NetXtreme II GigE
(NDIS V
D Client) #2
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    115.236.23.33    115.236.23.45     10
    115.236.23.32  255.255.255.240    115.236.23.45    115.236.23.45     10
    115.236.23.45  255.255.255.255        127.0.0.1        127.0.0.1     10
  115.255.255.255  255.255.255.255    115.236.23.45    115.236.23.45     10
  124.160.125.112  255.255.255.248  124.160.125.118    115.236.23.45     10
  124.160.125.118  255.255.255.255        127.0.0.1        127.0.0.1     10
  124.255.255.255  255.255.255.255    115.236.23.45    115.236.23.45     10
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
      192.168.1.0    255.255.255.0     192.168.1.45     192.168.1.45     10
     192.168.1.45  255.255.255.255        127.0.0.1        127.0.0.1     10
    192.168.1.255  255.255.255.255     192.168.1.45     192.168.1.45     10
        224.0.0.0        240.0.0.0    115.236.23.45    115.236.23.45     10
        224.0.0.0        240.0.0.0     192.168.1.45     192.168.1.45     10
  255.255.255.255  255.255.255.255    115.236.23.45    115.236.23.45      1
  255.255.255.255  255.255.255.255     192.168.1.45     192.168.1.45      1
Default Gateway:     115.236.23.33
===========================================================================
Persistent Routes:
  None
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault