Nmap Development mailing list archives
Re: Nmap got a wrong result in windows 2003
From: David Fifield <david () bamsoftware com>
Date: Thu, 22 Nov 2012 09:39:43 -0800
On Thu, Nov 22, 2012 at 04:02:17PM +0800, rirong zhu wrote:
Are you sure that the IP address is not an address used by localhost? What is the output of these commands? nmap --route-dst 61.146.152.25 nmap --iflistC:\Documents and Settings\Administrator> nmap --route-dst 61.146.152.25 61.146.152.25 lo0 lo0 srcaddr 115.236.23.45 nexthop 115.236.23.33 C:\Documents and Settings\Administrator> nmap --iflist Starting Nmap 6.01 ( http://nmap.org ) at 2012-11-22 15:56 中国标准时间 ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MTU MAC eth0 (eth0) 192.168.1.45/24 ethernet up 1500 78:2B:CB:14:95:81 eth1 (eth1) 115.236.23.45/29 ethernet up 1500 78:2B:CB:14:95:82 eth1 (eth1) 124.160.125.118/29 ethernet up 1500 78:2B:CB:14:95:82 lo0 (lo0) 127.0.0.1/0 loopback up 1520 **************************ROUTES************************** DST/MASK DEV GATEWAY 255.255.255.255/32 eth1 115.236.23.45 124.255.255.255/32 eth1 115.236.23.45 115.236.23.45/32 lo0 127.0.0.1 115.255.255.255/32 eth1 115.236.23.45 255.255.255.255/32 eth0 192.168.1.45 124.160.125.118/32 lo0 127.0.0.1 192.168.1.45/32 lo0 127.0.0.1 192.168.1.255/32 eth0 192.168.1.45 124.160.125.112/29 eth1 124.160.125.118 115.236.23.32/28 eth1 115.236.23.45 192.168.1.0/24 eth0 192.168.1.45 127.0.0.0/8 lo0 127.0.0.1 224.0.0.0/4 eth1 115.236.23.45 224.0.0.0/4 eth0 192.168.1.45 0.0.0.0/0 lo0 115.236.23.33
The last line shows an unusual configuration. Your default route goes through the localhost interface lo0, yet it has a gateway that is not localhost. You might be able to solve this problem by changing your network configuration. You can also try the workaround of adding -e eth0 to your Nmap command. Otherwise, we might haver to change some code in sysroutes_dnet_find_interfaces. We already follow a chain of route entries for routes without an assigned interface; perhaps we have to do it to override an assigned interface (in this case lo0) too. The default route,
0.0.0.0/0 lo0 115.236.23.33
has a gateway that matches this route entry on eth1:
115.236.23.32/28 eth1 115.236.23.45
which in turn matches exactly the address of eth0:
eth0 (eth0) 192.168.1.45/24 ethernet up 1500 78:2B:CB:14:95:81 115.236.23.45/32 lo0 127.0.0.1
It seems to me that route_dst should choose eth0 in this case, but it is a tricky and unusual one. Are you able to change your networking configuration to solve this problem? Is the "-e eth0" workaround sufficient? One other thing: please send the output of route print It is possible that Nmap is reading the routing table incorrectly. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nmap got a wrong result in windows 2003 rirong zhu (Nov 20)
- Re: Nmap got a wrong result in windows 2003 David Fifield (Nov 20)
- Re: Nmap got a wrong result in windows 2003 rirong zhu (Nov 21)
- Re: Nmap got a wrong result in windows 2003 David Fifield (Nov 21)
- Re: Nmap got a wrong result in windows 2003 rirong zhu (Nov 22)
- Re: Nmap got a wrong result in windows 2003 David Fifield (Nov 22)
- Re: Nmap got a wrong result in windows 2003 rirong zhu (Nov 23)
- Re: Nmap got a wrong result in windows 2003 Jarett (Nov 28)
- Re: Nmap got a wrong result in windows 2003 David Fifield (Nov 28)
- Re: Nmap got a wrong result in windows 2003 Jarett (Nov 30)
- RE: Nmap got a wrong result in windows 2003 Rob Nicholls (Nov 30)
- Re: Nmap got a wrong result in windows 2003 rirong zhu (Nov 21)
- Re: Nmap got a wrong result in windows 2003 David Fifield (Nov 20)