Nmap Development mailing list archives
Running Nmap several times within the same process (no HTML)
From: Andy Woods <andywoodseyr () gmail com>
Date: Wed, 23 Sep 2009 09:45:06 +0000
(sorry for the last message, it was sent as HTML by a mistake) Hey, I'm playing around with a project where I want to run Nmap several times within the same process. Currently I'm doing some tests to see if it is possible, or really just a bad idea. To make some kind of proof-of-concept I renamed the entry-function main(..) in main.cc to main_entry(..), and created a new main(..) function with the following code; int main(int argc, char *argv[]) { printf("Starting first scan...\n printf("----------------------\n"); main_entry(argc, argv); printf("\n"); printf("Starting second scan...\n"); printf("-------------------------\n"); main_entry(argc, argv); return 0; } The idea is to run two scans in the same process, which I think requires Nmap to clean up global memory allocations in the first run to turn out well. 1. TEST (standard arguments) ================================================================= In this test I passed standard arguments to Nmap, but as you can see of the results the second scan fails (probably because some global variables, or heap allocated pointers are not deleted) C:\Src\NmapTest\nmap-5.00\mswin32\Debug>nmap.exe -n 192.168.119.1 Starting first scan... ---------------------- Starting Nmap 5.00 ( http://nmap.org ) at 2009-09-23 07:57 Central Europe Standard Time Interesting ports on 192.168.119.1: Not shown: 995 closed ports PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 445/tcp open microsoft-ds 912/tcp open unknown 12345/tcp open netbus MAC Address: 00:50:aa:bb:cc:dd (VMWare) Nmap done: 1 IP address (1 host up) scanned in 5.16 seconds Starting second scan.. ---------------------- Starting Nmap 5.00 ( http://nmap.org ) at 2009-09-23 07:58 Central Europe Standard Time PortList::initializePortMap: portmap for protocol 6 already initialized QUITTING! OUTPUT (with --release-memory): ================================================================= I also tried to use the --release-memory argument (which calls nmap_free_memory() in nmap.cc), but this resulted in an exception claiming "Access Violation". I fixed the first exception, but as soon I applied this fix I got a new exception. My guess is that nmap_free_memory() is probably just releasing _some_ memory. C:\Src\NmapTest\nmap-5.00\mswin32\Debug>nmap.exe --release-memory -n 192.168.119.1 Starting first scan... --------------------------------- Starting Nmap 5.00 ( http://nmap.org ) at 2009-09-23 08:01 Central Europe Standard Time Interesting ports on 192.168.119.1: Not shown: 995 closed ports PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 445/tcp open microsoft-ds 912/tcp open unknown 12345/tcp open netbus MAC Address: 00:50:aa:bb:cc:dd (VMWare) Nmap done: 1 IP address (1 host up) scanned in 4.92 seconds Starting second scan.. --------------------------------- Starting Nmap 5.00 ( http://nmap.org ) at 2009-09-23 08:01 Central Europe Standard Time (Exception, debugger pops up, Access Violation) Is the whole concept just a really bad idea, or is not nmap_free_memory() doing enough, which could be considered as a bug? I also tried to call nmap_main(..) from main(..), but no difference. - AW _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Running Nmap several times within the same process (no HTML) Andy Woods (Sep 23)