Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPv6 OS Detection: Call for fingerprinters!

From: Fyodor <fyodor () insecure org>
Date: Wed, 6 Jul 2011 16:30:56 -0700
On Fri, Jul 01, 2011 at 11:55:52PM +0200, Luis MartinGarcia. wrote:

Hi!

As you may know, David and I are working on a new OS detection
engine for IPv6 hosts. At the moment we are in a research phase
and we need your help to collect a few preliminary fingerprints
that we can analyze and use to refine our algorithms.


This is very exciting after all your hard work!  However, I am getting
an error message (stack trace) which looks like the one Patrik posted.
Here are the details of what I'm running:

o OS: Fedora 14 Linux, x86_64 (Kernel: 2.6.35.13-91.fc14.x86_64)
o Python package: python-2.7-8.fc14.1.x86_64
o Scapy package: scapy-2.0.0.10-4.fc14.noarch

I get the error in --interactive and command-line mode.  Here is the full output:

[root@play nping-dev]# ./ipv6fp.py 2002:43a9:54c8:0:21a:6bff:fece:b9ea --ot 22 --test 1 --force --debug
=================================================================
==            NMAP IPv6 OS DETECTION RESEARCH TOOL             ==
=================================================================
 You are running ipv6fp, an internal research tool for the Nmap  
 Security Scanner. This program will send about 150 IPv6 network 
 probes to a target system and collect any responses received.   
 The results will let us build a new IPv6 stack fingerprinting   
 engine in Nmap.                                                 
                                                                 
 We'd like to thank you in advance for running this tool. After  
 the execution has finished, a file with the following name      
 will be sted in the working directory:                          
                                                                 
                       nmap6fp14181325.6fp                       
                                                                 
 Please send it to the following address: david+luis () nmap org
                                                                 
=================================================================
Traceback (most recent call last):
  File "./ipv6fp.py", line 4095, in <module>
    main()
  File "./ipv6fp.py", line 4058, in main
    set_up_ipv6_tests(target_host6_g)
  File "./ipv6fp.py", line 2329, in set_up_ipv6_tests
    finals=fragment6(final_packet, fragSize=1480)
  File "/usr/lib/python2.7/site-packages/scapy/layers/inet6.py", line 945, in fragment6
    s = str(pkt) # for instantiation to get upper layer checksum right
  File "/usr/lib/python2.7/site-packages/scapy/packet.py", line 247, in __str__
    return self.build()
  File "/usr/lib/python2.7/site-packages/scapy/packet.py", line 294, in build
    pay = self.build_payload()
  File "/usr/lib/python2.7/site-packages/scapy/packet.py", line 286, in build_payload
    return self.payload.build(internal=1)
  File "/usr/lib/python2.7/site-packages/scapy/packet.py", line 294, in build
    pay = self.build_payload()
  File "/usr/lib/python2.7/site-packages/scapy/packet.py", line 286, in build_payload
    return self.payload.build(internal=1)
  File "/usr/lib/python2.7/site-packages/scapy/packet.py", line 295, in build
    p = self.post_build(pkt,pay)
  File "/usr/lib/python2.7/site-packages/scapy/layers/inet6.py", line 1139, in post_build
    chksum = in6_chksum(58, self.underlayer, p)
  File "/usr/lib/python2.7/site-packages/scapy/layers/inet6.py", line 599, in in6_chksum
    ph6s = str(ph6)
  File "/usr/lib/python2.7/site-packages/scapy/packet.py", line 247, in __str__
    return self.build()
  File "/usr/lib/python2.7/site-packages/scapy/packet.py", line 291, in build
    pkt = self.do_build()
  File "/usr/lib/python2.7/site-packages/scapy/packet.py", line 278, in do_build
    p = f.addfield(self, p, self.getfieldval(f.name))
  File "/usr/lib/python2.7/site-packages/scapy/fields.py", line 66, in addfield
    return s+struct.pack(self.fmt, self.i2m(pkt,val))
struct.error: 'H' format requires 0 <= number <= 65535

(it does not create an output file)

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: