Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Strange beahviour/bug with nmap rpc-grind script

From: Luca Filippi <luca.filippi () polito it>
Date: Tue, 28 May 2013 10:23:57 +0200
Hello,

I am having problems with an UDP scan with nmap from SVN which I
compiled two days ago.
This is my command line:
nmap -sU -sV -iL reti.txt -oA
reti-udp_selected_ports_da_ip_10.55.81.105_NAC_guest_PN_sV --reason -v
-v -PN --min-rate=250 --max-rtt-timeout=50ms --max-retries=2 -n
--min-hostgroup=2048 --min-parallelism=4000  --script-args
'rpc-grind.threads=200' -p161,111,135,137,138,139,1434,500,53,69,445

First of all, the scan takes ages to complete.
RPC-grind is automatically select because of the -sV flag.
The file with targets contains networks for about 25.000 IPs.
The first 6144 hosts correctly end in about 5 minutes (all ports are
closed and generate a reset packet) but at the next 2048 host block some
ports are open/filtered and I get about 10.000 services to identify.
During this phase nmap automatically runs rpc-grind but then rpc-grind
keeps testing the same hosts/ports over and over until all memory gets
used and then nmap dies.
It also seems to ignore my .threads parameter because even by changing
it to huge values (4000 or so) it doesn't go any faster.

I am attaching a kind of log file.
It contains the last tests nmap did at debug level=1 before crashing for
out of memory error:
Realloc Failed! Probably out of space.
QUITTING!

Disk space is not an issue. There is plenty and I am running it on a
debian 7.0 machine, 32 bit with 2GB of RAM.

I hope you can shred some lights on this or recommend some more tests I
can make or maybe it's a real bug.
I also tried the parameter --scripts "default and not rpc-grind" but the
plugin keeps being executed and ignores my command-line setting.
Is there a way to disable all scripts altogether from being executed?

Thanks a lot,

Luca 
-- 


Ing. Luca Filippi
Area IT - Unita' di sicurezza IT        Phone:  +39-011-0906693
Politecnico di Torino                   Fax:    +39-011-0906625 
C.so Duca degli Abruzzi, 24             E-mail: ICTSec.AreaIT () polito it
10129 Torino - Italia                   E-mail: Luca.Filippi () polito it

Attachment: nmap_log.txt
Description: 

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: