Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

ssh-hostkey assertion

From: Kent Fritz <kfritz () wolfman devio us>
Date: Mon, 25 Aug 2014 12:17:05 -0400
Running ssh-hostkey script against OpenBSD current leads to assertion.
This is not new with 6.47, it happens in 6.46 and 6.40 as well.  Output
attached below.  Let me know if there's any other information I can 
gather.

Thanks,

Kent.

# nmap -version

Nmap version 6.47 ( http://nmap.org )
Platform: x86_64-slackware-linux-gnu
Compiled with: liblua-5.2.3 openssl-1.0.1i libpcre-8.33 nmap-libpcap-1.2.1 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select

# nmap -n -sS -p22 -sV -d --script ssh-hostkey atom1 

Starting Nmap 6.47 ( http://nmap.org ) at 2014-08-25 09:09 PDT
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.2.
NSE: Script Arguments seen from CLI: 
NSE: Loaded 30 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Initiating ARP Ping Scan at 09:09
Scanning atom1 (10.57.3.61) [1 port]
Packet capture filter (device br0): arp and arp[18:4] = 0x2AB57CE8 and arp[22:2] = 0xF18F
Completed ARP Ping Scan at 09:09, 0.00s elapsed (1 total hosts)
Overall sending rates: 218.67 packets / s, 9184.34 bytes / s.
Initiating SYN Stealth Scan at 09:09
Scanning atom1 (10.57.3.61) [1 port]
Packet capture filter (device br0): dst host 10.57.6.6 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 
10.57.3.61)))
Discovered open port 22/tcp on 10.57.3.61
Completed SYN Stealth Scan at 09:09, 0.01s elapsed (1 total ports)
Overall sending rates: 119.79 packets / s, 5270.72 bytes / s.
Initiating Service scan at 09:09
Scanning 1 service on atom1 (10.57.3.61)
Completed Service scan at 09:09, 0.03s elapsed (1 service on 1 host)
NSE: Script scanning 10.57.3.61.
NSE: Starting runlevel 1 (of 1) scan.
NSE: Starting ssh-hostkey against atom1 (10.57.3.61:22).
Initiating NSE at 09:09
NSE: ssh-hostkey against atom1 (10.57.3.61:22) threw an error!
/usr/bin/../share/nmap/nselib/ssh2.lua:86: assertion failed!
stack traceback:
        [C]: in function 'assert'
        /usr/bin/../share/nmap/nselib/ssh2.lua:86: in function 'payload'
        /usr/bin/../share/nmap/nselib/ssh2.lua:199: in function 'fetch_host_key'
        /usr/bin/../share/nmap/scripts/ssh-hostkey.nse:277: in function 
</usr/bin/../share/nmap/scripts/ssh-hostkey.nse:267>
        (...tail calls...)

Completed NSE at 09:09, 0.06s elapsed
Nmap scan report for atom1 (10.57.3.61)
Host is up, received arp-response (0.00014s latency).
Scanned at 2014-08-25 09:09:12 PDT for 1s
PORT   STATE SERVICE REASON  VERSION
22/tcp open  ssh     syn-ack OpenSSH 6.7 (protocol 2.0)
MAC Address: D0:27:88:69:B4:4E (Hon Hai Precision Ind.Co.Ltd)
Final times for host: srtt: 145 rttvar: 3765  to: 100000

NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Read from /usr/bin/../share/nmap: nmap-mac-prefixes nmap-payloads nmap-service-probes nmap-services.
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.25 seconds
           Raw packets sent: 2 (72B) | Rcvd: 2 (72B)
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: