Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Nmap got a wrong result in windows 2003
From: rirong zhu <zyrdyx () gmail com>
Date: Fri, 23 Nov 2012 09:57:17 +0800

*The last line shows an unusual configuration. Your default route goes
through the localhost interface lo0, yet it has a gateway that is not
localhost. You might be able to solve this problem by changing your
network configuration.

You can also try the workaround of adding
        -e eth0
to your Nmap command.

Otherwise, we might haver to change some code in
sysroutes_dnet_find_interfaces. We already follow a chain of route
entries for routes without an assigned interface; perhaps we have to do
it to override an assigned interface (in this case lo0) too. The default
route,          lo0
has a gateway that matches this route entry on eth1:   eth1
which in turn matches exactly the address of eth0:
*> eth0 (eth0)    ethernet up 1500 78:2B:CB:14:95:81
*>   lo0
It seems to me that route_dst should choose eth0 in this case, but it is
a tricky and unusual one.

Are you able to change your networking configuration to solve this
problem? Is the "-e eth0" workaround sufficient?

One other thing: please send the output of
        route print
It is possible that Nmap is reading the routing table incorrectly.*

Thank you for you reply.here is the result of some command:

C:\Documents and Settings\Administrator>nmap -T4 -A -v -e eth0

Starting Nmap 6.01 ( http://nmap.org ) at 2012-11-23 09:52 中国标准时间
NSE: Loaded 93 scripts for scanning.
NSE: Script Pre-scanning.
nexthost: failed to determine route to

C:\Documents and Settings\Administrator>route print

IPv4 Route Table
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...78 2b cb 14 95 82 ...... Broadcom BCM5716C NetXtreme II GigE
D Client)
0x20004 ...78 2b cb 14 95 81 ...... Broadcom BCM5716C NetXtreme II GigE
D Client) #2
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
     10     10     10     10     10     10     10      1     10     10     10     10     10      1      1
Default Gateway:
Persistent Routes:
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]