Re: Nmap crashing

[Daniel Miller <bonsaiviking () gmail com>]

Dan,

This is promising, since only one script was started before crashing. That
*should* mean that that script is solely responsible for the crash. We can
verify by selecting it by name: nmap -Pn -d2 --script mrinfo -sn

I also copied the relevant portions of the script (up until the first debug
statement that does not appear) into a separate script, test_crash.nse,
which I attached to this message. If you can run this script with the same
options it should tell us exactly which function call is crashing: nmap -Pn
-d2 --script test_crash.nse -sn

It would also be helpful to have the output of nmap --iflist and any
information about your system that may be out-of-the-ordinary. I cannot
reproduce the bug on Windows 8.1 running on VirtualBox.

Dan

P.S. please remember to CC dev () nmap org so that other users and developers
can benefit from the discussion.

On Mon, Jan 4, 2016 at 8:54 AM, Dan Baxter <danthemanbaxter () gmail com>
wrote:

> ​It did crash.  Here's the output.
>
> ​
>
> Starting Nmap 7.00 ( https://nmap.org ) at 2016-01-04 09:52 Eastern
> Standard Time
> Winpcap present, dynamic linked to: WinPcap version 4.1.3 (packet.dll
> version 4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b
> (20091008)
> NPF service is already running.
> Fetchfile found C:\Program Files (x86)\Nmap/nmap.xsl
> The max # of sockets we are using is: 0
> --------------- Timing report ---------------
>   hostgroups: min 1, max 100000
>   rtt-timeouts: init 1000, min 100, max 10000
>   max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
>   parallelism: min 0, max 0
>   max-retries: 10, host-timeout: 0
>   min-rate: 0, max-rate: 0
> ---------------------------------------------
> NSE: Using Lua 5.2.

 <snip loading of 209 scripts by category>

>

> NSE: Script Pre-scanning.
> NSE: Starting runlevel 1 (of 1) scan.
> Initiating NSE at 09:53
> NSE: Starting mrinfo M:2B03CA0.
>
>
>
>
> Dan Baxter
> -------------------------------------------------
> Quis custodiet ipsos custodes?
>
> "A sword never kills anybody; it is a tool in the killers hands."-Lucius
> Annaeus Seneca, c.4BC-65AD
>
> On Mon, Jan 4, 2016 at 9:50 AM, Daniel Miller <bonsaiviking () gmail com>
> wrote:
>
> > Dan,
> >
> > Thanks for the bug report. This may be similar to a bug that has been
> > reported a couple times before ([1] and [2]). One user tracked this down to
> > something related to the -S feature, but I need to determine which script
> > is the trigger. If you can provide the full output of the following command
> > up until it crashes, that would be ideal:
> >
> > nmap -Pn -d2 --script-trace --script "discovery and safe" -sn
> >
> > If this does not actually crash for you, change the script invocation to
> > "safe" or replace -sn with scanme.nmap.org as necessary, but I think
> > this will be sufficient to reproduce.
> >
> > Dan
> >
> > [1] http://seclists.org/nmap-dev/2015/q3/341
> > [2] http://seclists.org/nmap-dev/2015/q4/159
> >
> > On Thu, Dec 31, 2015 at 9:13 AM, Dan Baxter <danthemanbaxter () gmail com>
> > wrote:
> >
> > > Hi,
> > >
> > > I'm running Nmap 7.00 on a Windows 8.1 x64 system.  Every time I run a
> > > scan with "Safe" scripts enabled, the Nmap will crash during the Script
> > > Pre-scanning stage.  I can run other script flags, such as Default, Vuln,
> > > Malware, but Safe or Discovery will cause it to die.
> > >
> > > C:\windows\system32>nmap -Pn -v --script "safe" scanme.nmap.org
> > >
> > > Starting Nmap 7.00 ( https://nmap.org ) at 2015-12-31 10:12 Eastern
> > > Standard Time
> > > NSE: Loaded 289 scripts for scanning.
> > > NSE: Script Pre-scanning.
> > > Initiating NSE at 10:12
> > > NSE: [broadcast-ataoe-discover] No interface supplied, use -e
> > > NSE: [url-snarf] no network interface was supplied, aborting ...
> > > NSE: [targets-xml] Need to supply a file name with the targets-xml.iX
> > > argument
> > > NSE: broadcast-sonicwall-discover no network interface was supplied,
> > > aborting ...
> > > NSE: [mtrace] A source IP must be provided through fromip argument.
> > >
> > > C:\windows\system32>
> > >
> > >
> > >
> > > Dan Baxter
> > > -------------------------------------------------
> > > Quis custodiet ipsos custodes?
> > >
> > > "A sword never kills anybody; it is a tool in the killers hands."-Lucius
> > > Annaeus Seneca, c.4BC-65AD
> > >
> > > _______________________________________________
> > > Sent through the dev mailing list
> > > https://nmap.org/mailman/listinfo/dev
> > > Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/