Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Idle scan problems on OS X

From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 21 Nov 2014 08:14:49 -0600
Herman,

Thanks again for the bug report. The bug fix you mention should apply to
all builds, including OS X, but it has not been released yet. The latest
version of Nmap, 6.47, still contains the bug.

Since you say shorter specifications work, you could perhaps work around
the bug by setting a short alias in your /etc/hosts file, like:

192.0.2.1  z

Then you can do: nmap -sI z:21

Dan

On Fri, Nov 21, 2014 at 4:54 AM, Herman Torjussen <
herman.torjussen () gmail com> wrote:


I have a problem doing idle scans, when using a custom zombie probe port
when the zombie host specification is a bit long.

It seems smaller zombie specifcations works, like zombie.org:

    sudo nmap -Pn -v --top-ports 10 -sI zombie.org:21 target

    Starting Nmap 6.47 ( http://nmap.org ) at 2014-11-21 11:24 CET
    Initiating Parallel DNS resolution of 1 host. at 11:24
    Completed Parallel DNS resolution of 1 host. at 11:24, 0.01s elapsed
    Initiating idle scan against target (....) at 11:24
    Idle scan using zombie zombie.org (....); Class: Incremental
    ...

but longer ones like 100-43-221-189.static-ip.foo.zombie.org don't:

    sudo nmap -Pn -v --top-ports 10 -sI
100-43-221-189.static-ip.foo.zombie.org:21 target

    Starting Nmap 6.47 ( http://nmap.org ) at 2014-11-21 11:24 CET
    Initiating Parallel DNS resolution of 1 host. at 11:24
    Completed Parallel DNS resolution of 1 host. at 11:24, 0.00s elapsed
    Initiating idle scan against target (....) at 11:24
    Illegal character(s) in hostname -- replacing with '*'
    Illegal character(s) in hostname -- replacing with '*'
    Illegal character(s) in hostname -- replacing with '*'
    Illegal character(s) in hostname -- replacing with '*'
    Could not resolve idle scan zombie host
"100-43-221-189.static-ip.foo.zombie.org@?*": nodename nor servname
provided, or not known
    QUITTING!

This bug has been fixed for Linux [1], but maybe not for OS X?
I'm using OS X 10.10.

Herman

[1] http://seclists.org/nmap-dev/2014/q4/85

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: