Nmap Development mailing list archives
NSE: odd output, testing, etc
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Wed, 17 Dec 2008 21:20:17 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Patrick, all, I've recently been helping Ron with extensive testing of his MS RPC/SMB scripts and have uncovered some strange output and other NSE oddities. I'll describe a few here but I think the best way to get at some of these is with back-and-forth email/IM discussion and testing to help locate and fix problems. Here are a few things I think are issues: * NSE is overly aggressive with parallelism. It isn't unusual for NSE to report more than 2000 active NSE scripts. When this happens Lua seems to thrash and NSE scanning slows to a crawl. I think this has the ability to trigger the "lock, (null), <int>, tcp, ERROR" errors describe below. * Certain script/Lua problems appear to corrupt the Lua state, causing the NSE scan to fail. With David's patch to keep the same Lua state so that the registry is maintained between host groups this appears to propagate corruption problems from one NSE scan to the next. Much more testing is needed to confirm/troubleshoot/fix this. * Under certain circumstances the NSE Runlevel computation appears to have a divide-by-zero bug causing it to out "SCRIPT ENGINE: Runlevel: inf" * There seems to be some sort of script deadlocking detection that can output "SCRIPT ENGINE: lock". It isn't clear what circumstances are required to cause this but I'm not convinced it is always a real deadlock. * It seems a script with a handle to a mutex won't release it if the script crashes (causing a deadlock). * Sometimes the script engine will print a series of "SCRIPT ENGINE: (null)" right before the engine completes. * Sometimes a script will exit and the only output is "SCRIPT ENGINE: tcp". * Sometimes a script will exit and the only output is "SCRIPT ENGINE: ERROR". * Sometimes a script will exit and the only output is "SCRIPT ENGINE: <int>" where <int> is typically a small number. One such example is "SCRIPT ENGINE: 4". Ron's SMB script seem to be a great starting place for finding these sorts of errors. I'd be willing to run special test scripts against tens of thousands of hosts or other things that might help track these down. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAklJbRgACgkQqaGPzAsl94KblQCfXsoy5EVpFnUCnOoM2qZrPTHL ZcsAn0FamynA5RzFx8VDR88dk9OM8XRG =syKJ -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE: odd output, testing, etc Brandon Enright (Dec 17)
- Re: NSE: odd output, testing, etc Ron (Dec 17)
- Re: NSE: odd output, testing, etc Kris Katterjohn (Dec 17)
- Re: NSE: odd output, testing, etc M M (Dec 17)
- Re: NSE: odd output, testing, etc Patrick Donnelly (Dec 21)
- Re: NSE: odd output, testing, etc David Fifield (Dec 28)
- Re: NSE: odd output, testing, etc Patrick Donnelly (Dec 28)
- Re: NSE: odd output, testing, etc Brandon Enright (Dec 28)
- Re: NSE: odd output, testing, etc David Fifield (Dec 28)
- Re: NSE: odd output, testing, etc Patrick Donnelly (Dec 29)
- Re: NSE: odd output, testing, etc David Fifield (Dec 29)
- Re: NSE: odd output, testing, etc David Fifield (Dec 28)
- Re: NSE: odd output, testing, etc Ron (Dec 17)