Re: Cannot get nmap working on windows vista

[David Fifield <david () bamsoftware com>]

On Fri, Nov 23, 2007 at 03:36:05AM +0530, Yogesh Jagota wrote:
> I am getting these errors, can anybody please help. I tried to put in as
> much information as I could.
>
> Thanks & Regards,
> Yogesh.
>
> > nmap -v -A scanme.nmap.org
>
> Starting Nmap 4.20 ( http://insecure.org ) at 2007-11-23 03:32 India
> Standard Ti
> me
> WARNING: Unable to find appropriate interface for system route to
> 192.168.1.1
>
> nexthost: failed to determine route to 205.217.153.62
> QUITTING!
>
> > nmap --iflist
>
> Starting Nmap 4.20 ( http://insecure.org ) at 2007-11-23 03:32 India
> Standard Time
> ************************INTERFACES************************
> DEV  (SHORT) IP/MASK     TYPE     UP   MAC
> net0 (net0)  (null)/0    other    down
> net1 (net1)  (null)/0    other    down
> net2 (net2)  (null)/0    other    down
> eth0 (eth0)  (null)/0    ethernet up   56:84:20:52:41:53
> eth1 (eth1)  (null)/0    ethernet up   56:84:20:52:41:53
> eth2 (eth2)  (null)/0    ethernet up   56:84:20:52:41:53
> eth3 (eth3)  (null)/0    ethernet up   56:84:20:52:41:53
> eth4 (eth4)  10.0.0.2/8  ethernet up   00:18:F3:A2:68:03
> eth5 (eth5)  (null)/0    ethernet up   00:18:F3:A2:68:03
> eth6 (eth6)  (null)/0    ethernet down 00:18:F3:A2:77:C1
> eth7 (eth7)  (null)/0    ethernet down 00:18:F3:A2:77:C1
> eth8 (eth8)  (null)/0    ethernet down 00:02:72:42:89:75
> eth9 (eth9)  (null)/0    ethernet down 00:02:72:42:89:75
> ppp0 (ppp0)  (null)/0    other    up
> ppp1 (ppp1)  (null)/0    other    down
> lo0  (lo0)   127.0.0.1/8 loopback up
> net0 (net0)  (null)/0    other    down
> net1 (net1)  (null)/0    other    down
> net2 (net2)  (null)/0    other    down
> net0 (net0)  (null)/0    other    up
> net1 (net1)  (null)/0    other    up
> net2 (net2)  (null)/0    other    up
> net3 (net3)  (null)/0    other    down
> net4 (net4)  (null)/0    other    up
> net5 (net5)  (null)/0    other    down

I'm curious about these "net*" interfaces. This snippet from
libdnet-stripped/src/intf-win32.c

static char *
_ifcombo_name(int type)
{
        char *name = "net";     /* XXX */
        
        if (type == MIB_IF_TYPE_ETHERNET) {
                name = "eth";
        } else if (type == MIB_IF_TYPE_TOKENRING) {
                name = "tr";
        } else if (type == MIB_IF_TYPE_FDDI) {
                name = "fddi";
        } else if (type == MIB_IF_TYPE_PPP) {
                name = "ppp";
        } else if (type == MIB_IF_TYPE_LOOPBACK) {
                name = "lo";
        } else if (type == MIB_IF_TYPE_SLIP) {
                name = "sl";
        }
        return (name);
}

makes it look like "net" is a prefix for devices that are unhandled or
unknown by libdnet. This looks to be strongly related to Gianluca's
crash report: http://seclists.org/nmap-dev/2007/q4/0290.html.

It appears that the interface type is unknown. The type comes from the
dwType element of a MIB_IFROW data structure; documentation at
http://msdn2.microsoft.com/en-us/library/aa366836.aspx. That page
suggests many more values than are supported by _ifcombo_name.

If you look at http://www.koders.com/c/fidDA178B3F8A954F1D41F42AF0C8C88F059C947BD5.aspx,
you'll see that, for example, IF_TYPE_ETHERNET_CSMACD and MIB_IF_TYPE_ETHERNET
have the same value 6; likewise IF_TYPE_ISO88025_TOKENRING and
MIB_IF_TYPE_TOKENRING are both 9; and so on. These seem to be
standardized at http://www.iana.org/assignments/ianaiftype-mib. There
are more IF_TYPE definitions than there are MIB_IF_TYPE, so maybe
_ifcombo_name should be using the IF_TYPE ones.

I ask that a Vista user experiencing a problem like this use a debugger
(or a printf, or whatever) find out what value is in the "type" argument
to _ifcombo_name in the cases when it returns "net".

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org