possible ip-geolocation-maxmind bug

[Andrew Jason Farabee <afarabee () uci edu>]

I was running a discovery scan on an IP address I didn't recognize
that showed up in a packet capture while working on something else (it
turned out to be a google server). One of the scripts,
ip-geolocation-maxmind failed to execute.  I'm not sure if failing in
this way is considered acceptable behavior for scripts, but if not,
below is the -d output of the run.  At first I thought it was a
problem with the script-arg not being used, but it doesn't cause
problems with other targets.  I've tried this across several branches
with consistent results.


$ nmap --script ip-geolocation-maxmind 74.125.25.188 -d

Starting Nmap 6.47SVN ( http://nmap.org ) at 2015-07-14 06:58 PDT
Warning: File ./nmap-services exists, but Nmap is using
/usr/local/bin/../share/nmap/nmap-services for security and
consistency reasons.  set NMAPDIR=. to give priority to files in your
local directory (may affect the other data files too).
PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0)
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.2.
NSE: Arguments from CLI:
NSE: Loaded 1 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 06:58
Completed NSE at 06:58, 0.00s elapsed
Initiating Ping Scan at 06:58
Scanning 74.125.25.188 [2 ports]
Completed Ping Scan at 06:58, 0.04s elapsed (1 total hosts)
Overall sending rates: 44.58 packets / s.
mass_rdns: Using DNS server 192.168.1.1
Initiating Parallel DNS resolution of 1 host. at 06:58
mass_rdns: 0.01s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 06:58, 0.01s elapsed
DNS resolution of 1 IPs took 0.01s. Mode: Async [#: 1, OK: 1, NX: 0,
DR: 0, SF: 0, TR: 1, CN: 0]
Initiating Connect Scan at 06:58
Scanning pa-in-f188.1e100.net (74.125.25.188) [1000 ports]
Discovered open port 443/tcp on 74.125.25.188
Completed Connect Scan at 06:58, 4.90s elapsed (1000 total ports)
Overall sending rates: 406.81 packets / s.
NSE: Script scanning 74.125.25.188.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 06:58
NSE: Starting ip-geolocation-maxmind against 74.125.25.188.
NSE: ip-geolocation-maxmind against 74.125.25.188 threw an error!
...cal/bin/../share/nmap/scripts/ip-geolocation-maxmind.nse:406: bad
argument #1 to 'open' (string expected, got nil)
stack traceback:
[C]: in function 'open'
...cal/bin/../share/nmap/scripts/ip-geolocation-maxmind.nse:406: in
function 'new'
...cal/bin/../share/nmap/scripts/ip-geolocation-maxmind.nse:598: in
function <...cal/bin/../share/nmap/scripts/ip-geolocation-maxmind.nse:587>
(...tail calls...)

Completed NSE at 06:58, 0.00s elapsed
Nmap scan report for pa-in-f188.1e100.net (74.125.25.188)
Host is up, received syn-ack (0.032s latency).
Scanned at 2015-07-14 06:58:48 PDT for 5s
Not shown: 991 filtered ports
Reason: 991 no-responses
PORT     STATE  SERVICE        REASON
7/tcp    closed echo           conn-refused
9/tcp    closed discard        conn-refused
13/tcp   closed daytime        conn-refused
17/tcp   closed qotd           conn-refused
19/tcp   closed chargen        conn-refused
443/tcp  open   https          syn-ack
593/tcp  closed http-rpc-epmap conn-refused
1433/tcp closed ms-sql-s       conn-refused
4444/tcp closed krb524         conn-refused
Final times for host: srtt: 32142 rttvar: 22207  to: 120970

NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 06:58
Completed NSE at 06:58, 0.00s elapsed
Read from /usr/local/bin/../share/nmap: nmap-payloads nmap-services.
Nmap done: 1 IP address (1 host up) scanned in 5.32 seconds
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/