Nmap Development mailing list archives
ssh-hostkey assertion
From: Kent Fritz <kfritz () wolfman devio us>
Date: Mon, 25 Aug 2014 12:17:05 -0400
Running ssh-hostkey script against OpenBSD current leads to assertion. This is not new with 6.47, it happens in 6.46 and 6.40 as well. Output attached below. Let me know if there's any other information I can gather. Thanks, Kent. # nmap -version Nmap version 6.47 ( http://nmap.org ) Platform: x86_64-slackware-linux-gnu Compiled with: liblua-5.2.3 openssl-1.0.1i libpcre-8.33 nmap-libpcap-1.2.1 nmap-libdnet-1.12 ipv6 Compiled without: Available nsock engines: epoll poll select # nmap -n -sS -p22 -sV -d --script ssh-hostkey atom1 Starting Nmap 6.47 ( http://nmap.org ) at 2014-08-25 09:09 PDT --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 min-rate: 0, max-rate: 0 --------------------------------------------- NSE: Using Lua 5.2. NSE: Script Arguments seen from CLI: NSE: Loaded 30 scripts for scanning. NSE: Script Pre-scanning. NSE: Starting runlevel 1 (of 1) scan. Initiating ARP Ping Scan at 09:09 Scanning atom1 (10.57.3.61) [1 port] Packet capture filter (device br0): arp and arp[18:4] = 0x2AB57CE8 and arp[22:2] = 0xF18F Completed ARP Ping Scan at 09:09, 0.00s elapsed (1 total hosts) Overall sending rates: 218.67 packets / s, 9184.34 bytes / s. Initiating SYN Stealth Scan at 09:09 Scanning atom1 (10.57.3.61) [1 port] Packet capture filter (device br0): dst host 10.57.6.6 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 10.57.3.61))) Discovered open port 22/tcp on 10.57.3.61 Completed SYN Stealth Scan at 09:09, 0.01s elapsed (1 total ports) Overall sending rates: 119.79 packets / s, 5270.72 bytes / s. Initiating Service scan at 09:09 Scanning 1 service on atom1 (10.57.3.61) Completed Service scan at 09:09, 0.03s elapsed (1 service on 1 host) NSE: Script scanning 10.57.3.61. NSE: Starting runlevel 1 (of 1) scan. NSE: Starting ssh-hostkey against atom1 (10.57.3.61:22). Initiating NSE at 09:09 NSE: ssh-hostkey against atom1 (10.57.3.61:22) threw an error! /usr/bin/../share/nmap/nselib/ssh2.lua:86: assertion failed! stack traceback: [C]: in function 'assert' /usr/bin/../share/nmap/nselib/ssh2.lua:86: in function 'payload' /usr/bin/../share/nmap/nselib/ssh2.lua:199: in function 'fetch_host_key' /usr/bin/../share/nmap/scripts/ssh-hostkey.nse:277: in function </usr/bin/../share/nmap/scripts/ssh-hostkey.nse:267> (...tail calls...) Completed NSE at 09:09, 0.06s elapsed Nmap scan report for atom1 (10.57.3.61) Host is up, received arp-response (0.00014s latency). Scanned at 2014-08-25 09:09:12 PDT for 1s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 6.7 (protocol 2.0) MAC Address: D0:27:88:69:B4:4E (Hon Hai Precision Ind.Co.Ltd) Final times for host: srtt: 145 rttvar: 3765 to: 100000 NSE: Script Post-scanning. NSE: Starting runlevel 1 (of 1) scan. Read from /usr/bin/../share/nmap: nmap-mac-prefixes nmap-payloads nmap-service-probes nmap-services. Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 0.25 seconds Raw packets sent: 2 (72B) | Rcvd: 2 (72B) _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- ssh-hostkey assertion Kent Fritz (Aug 25)
- Re: ssh-hostkey assertion Daniel Miller (Aug 25)
- Re: ssh-hostkey assertion Kent Fritz (Aug 25)
- Re: ssh-hostkey assertion Daniel Miller (Aug 26)
- Re: ssh-hostkey assertion Kent Fritz (Aug 25)
- Re: ssh-hostkey assertion Daniel Miller (Aug 25)