Re: nmap ends prematurely with a segfault

[jah <jah () zadkiel plus com>]

On 18/10/2007 22:35, David Fifield wrote:
> On Thu, Oct 18, 2007 at 03:37:17PM -0500, DePriest, Jason R. wrote:
>   
> > On 10/18/07, David Fifield  wrote:
> >     
> > > On Thu, Oct 18, 2007 at 03:15:21PM -0500, DePriest, Jason R. wrote:
> > >       
> > > > I run nmap like this:
> > > > sudo nmap -v -sSUV -O -pT:-,U:[1-65535] --traceroute --reason
> > > > --script=discovery,safe,backdoor,vulnerability,malware --script-trace
> > > > -d6 xxx.yyy.zzz.190,153,193,89
> > > >
> > > > and after some time, it eventually ends with a segfault.
> > > >
> > > > Seriously, it ends with a simple "Segmentation fault" and nothing else
> > > > to help explain from where the segfault came.
> > > >         
> > > I've been investigating a segfault that I found with --script=discovery.
> > > Do these two commands segfault for you too?
> > >
> > > nmap --script=ripeQuery.nse localhost
> > > nmap -6 whois.ripe.net
> > >       
> > Do you know of any tests I can for you that wouldn't require my nmap
> > system to have Internet access?
> >     
>
> Sorry, that's all I have for now.
>
> David Fifield
>   
I have a hunch that this may be down to nse's
IpOps.isPrivate(ip_address) which might not handle ipv6 addresses very
well.  I can't actually test this hunch, but I've tried to create a NSE
connection to "localhost" on windows and received the message:
IPv6 address passed to nsock_connect_* call, but nsock was not compiled
w/IPv6 support

ripeQuery (and my whois script) uses isPrivate in its hostrule.

jah

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org