Nmap Development mailing list archives

Chunked Encoding (bug?) in http.lua

From: Patrick Donnelly <batrick () batbytes com>
Date: Sat, 12 Sep 2009 23:35:49 -0400

Hi list,

I ran into this problem while trying to get the root webpage of
www.youtube.com (demo script attached):

batrick@batbytes:~/nmap/svn/nmap$ ./nmap --datadir . -v -d -n -PN -p
80 www.youtube.com --script chunked-test.nse

Starting Nmap 5.05BETA1 ( http://nmap.org ) at 2009-09-12 21:30 MDT
--------------- Timing report ---------------
 hostgroups: min 1, max 100000
 rtt-timeouts: init 1000, min 100, max 10000
 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
 parallelism: min 0, max 0
 max-retries: 10, host-timeout: 0
 min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Loaded 1 scripts for scanning.
Warning: Hostname www.youtube.com resolves to 6 IPs. Using 209.85.225.101.
Initiating Connect Scan at 21:30
Scanning 209.85.225.101 [1 port]
Discovered open port 80/tcp on 209.85.225.101
Completed Connect Scan at 21:30, 0.03s elapsed (1 total ports)
Overall sending rates: 33.95 packets / s.
NSE: Script scanning 209.85.225.101.
NSE: Starting runlevel 1 scan
Initiating NSE at 21:30
NSE: NSE Script Threads (1) running:
NSE: Starting chunked-test against 209.85.225.101:80.
NSE: Final http cache size (108988 bytes) of max size of 1000000
table: 0xba8ce0
NSE: Total number of pipelined requests: 1
NSE: chunked-test against 209.85.225.101:80 threw an error!
./nselib/http.lua:148: Chunked encoding didn't find hex at position
4087; got "".
stack traceback:
       [C]: in function 'error'
       ./nselib/http.lua:148: in function '(for generator)'
       ./nselib/http.lua:1003: in function 'parseResult'
       ./nselib/http.lua:312: in function 'getPipelineMax'
       ./nselib/http.lua:790: in function 'pipeline'
       ./chunked-test.nse:13: in function <./chunked-test.nse:10>
       (tail call): ?

Completed NSE at 21:30, 0.51s elapsed
NSE: Script Scanning completed.
Host 209.85.225.101 is up, received user-set (0.029s latency).
Scanned at 2009-09-12 21:30:25 MDT for 1s
Interesting ports on 209.85.225.101:
PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
Final times for host: srtt: 29250 rttvar: 29250  to: 146250

Read from .: nmap-services.
Nmap done: 1 IP address (1 host up) scanned in 0.60 seconds


This results in a chunked encoding error. Is this error correct or is
our chunk reader buggy?

-- 
-Patrick Donnelly

"Let all men know thee, but no man know thee thoroughly: Men freely
ford that see the shallows."

- Benjamin Franklin

Attachment: chunked-test.nse
Description:


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Chunked Encoding (bug?) in http.lua Patrick Donnelly (Sep 12)
- Re: Chunked Encoding (bug?) in http.lua Ron (Sep 12)
  - Re: Chunked Encoding (bug?) in http.lua Joao Correa (Sep 12)