Nmap Development mailing list archives
Re: NMAP 7.31 & Npcap 0.10 R9 Error
From: 食肉大灰兔V5 <hsluoyz () gmail com>
Date: Fri, 4 Nov 2016 09:37:46 +0800
Hi Philip,
You seem to have the same code signing error. You have several ways to
solve it:
1) check npcap.sys's certificate tree (right-click -> Properties -> Digital
Signatures -> Details -> View Certificate -> Certification Path. It
probably shows:
DigiCert
DigiCert (SHA1 or SHA2 High Assurance EV) Code Signing CA
Insecure.Com LLC
You may see the root cert "DigiCert" is currently not trusted (or may not).
You need to manually add DigiCert root cert to your computer by following
these steps:
1. That root cert is named as "DigiCert High Assurance EV Root CA" with a
serial number: 02:AC:5C:26:6A:0B:40:9B:8F:0B:79:F2:AE:46:25:77. You can
find it in DigiCert's website:
https://www.digicert.com/digicert-root-certificates.htm.
2. You click the "Download" to get a file named
"DigiCertHighAssuranceEVRootCA.crt".
3. Open it, click "Install Certificate..." -> "Local Machine" ->
"Automatically select..." -> Next -> Finish.
4. Reboot and install Npcap again.
2) Update to Win8.1/Win2012 R2. I think those systems won't have this issue.
3) Disable your driver signature enforcement on your Win 2012 (if it's
possible) based on this docs: https://learn.sparkfun.
com/tutorials/disabling-driver-signature-on-windows-8/
disabling-signed-driver-enforcement-on-windows-8.
4) We are currently working on getting an EV certificate to sign the driver
with it, it may solve your issue.
And the other thing, to generate Packet.log, you must:
1) install the latest Npcap 0.10 r14 debug version here:
https://github.com/nmap/npcap/releases/download/v0.10-
r14/npcap-0.10-r14-debug.exe
2) try to run Nmap again to reproduce that error
Only debug version Npcap's Packet.dll logs the debug traces to that file,
so you won't get it from a non-debug Npcap. And you can't get the log
either without running a program (e.g. Nmap) which loads Packet.dll.
Cheers,
Yang
On Fri, Nov 4, 2016 at 2:02 AM, Philip Kroetsch <pkroetsch () minnkota com>
wrote:
Hello, I got the install to work now on my test with the device connected to the internet. Now I connected my production device to the internet and I am getting the same error. Here are the log files of the debug. I didn’t see a packet.log file…I saw an install.log though. *From:* dev [mailto:dev-bounces () nmap org] *On Behalf Of *?????V5 *Sent:* Thursday, November 03, 2016 8:54 AM *To:* Nmap-dev <dev () nmap org> *Subject:* Re: NMAP 7.31 & Npcap 0.10 R9 Error Hi Philip, Please install the latest Npcap 0.10 r14 debug version here: https://github.com/nmap/npcap/releases/download/v0.10- r14/npcap-0.10-r14-debug.exe and try to run Nmap again to reproduce that error. Then send the generated C:\Program Files\Npcap\Packet.log file to me. Thanks! Cheers, Yang On Wed, Nov 2, 2016 at 2:25 AM, Philip Kroetsch <pkroetsch () minnkota com> wrote: Ok. The successfully installed npcap. Now when I run nmap I am getting an error. “dnet: Failed to pen device eht0” QUITTING! Thanks *From:* dev [mailto:dev-bounces () nmap org] *On Behalf Of *?????V5 *Sent:* Tuesday, November 01, 2016 11:31 AM *To:* Nmap-dev <dev () nmap org> *Subject:* Re: NMAP 7.31 & Npcap 0.10 R9 Error Hi Philip, The file said: Error 0x800b010a: A certificate chain could not be built to a trusted root authority. From MSDN here: https://support.microsoft.com/en-hk/kb/2746268 (although it's for Win7 and not Win8), it said this happens when your computer is not connected to Internet, so Windows can't download the root trust cert remotely when verifying the signature? Have your machine connected to Internet? If not, you can follow this document (https://technet.microsoft. com/en-hk/library/dn265983.aspx) to configure your trust root manually. A more direct (but a little unsafe way) to do this is to disable your driver signature enforcement on your Win 2012 (if it's possible) based on this docs: https://learn.sparkfun.com/tutorials/disabling- driver-signature-on-windows-8/disabling-signed-driver- enforcement-on-windows-8. But I don't know if you want to do this. Cheers, Yang On Wed, Nov 2, 2016 at 12:03 AM, Philip Kroetsch <pkroetsch () minnkota com> wrote: I got the same error when installing r13. *From:* dev [mailto:dev-bounces () nmap org] *On Behalf Of *?????V5 *Sent:* Tuesday, November 01, 2016 10:50 AM *To:* Nmap-dev <dev () nmap org> *Subject:* Re: NMAP 7.31 & Npcap 0.10 R9 Error Hi Philip, It seems to be a signature issue. The SetupCopyOEMInf() call fails with 0xe0000247. There's a similar issue in MSDN: http://answers. microsoft.com/en-us/windows/forum/windows_8-winapps/error- 0xe0000247-problem-in-setupcopyoemlnfw-file/dfa77f92-f852-418b-bbca- 9a0417320f81?page=1. This issue only happens on Win8/Win2012. And you're using Win2012. You can send me your C:\Windows\INF\setupapi.dev.log to double-check it. That file should indicates that the signature checking fails with Npcap's driver. I tried to fix it in a Npcap 0.10 r13 test build here: https://github.com/nmap/npcap/releases/download/v0.10-r12/ npcap-0.10-r13-test.exe Please test it to see whether it solves your issue. Cheers, Yang On Tue, Nov 1, 2016 at 9:48 PM, Philip Kroetsch <pkroetsch () minnkota com> wrote: Thanks Phil *From:* dev [mailto:dev-bounces () nmap org] *On Behalf Of *?????V5 *Sent:* Tuesday, November 01, 2016 4:29 AM *To:* Nmap-dev <dev () nmap org> *Subject:* Re: NMAP 7.31 & Npcap 0.10 R9 Error Hi Philip, Please provide the entire NPFInstall.log and DiagReport to me. I can't tell what's actually wrong with the current info you provided. If you feel it unfit to make them public, you can send me the files privately to my mail. Thanks! Cheers, Yang On Mon, Oct 31, 2016 at 10:00 PM, Philip Kroetsch <pkroetsch () minnkota com> wrote: Hello, I am getting an error when installing NMAP 7.31. The first error is on installation for npcap this is the error I receive “Failed to create npcap service for Win7, Win8, and Win10. Please try installing Npcap again, or use the official Npcap installer from https://github.com/nmap/releases” I then tried installing npcap-0.10-r12 and received the same error. This has happened on 3 separate windows server 2012 instances and 2 windows 8.1 instances. Then now when I go to run nmap this is the error I receive. “Warning: Could not import all necessary Npcap functions. You may need to upgrade to version 0.07 or higher” I looked in the NPFInstall.log file and I looks like there was a few errors. “HrInstallNetComponent” “Error 0xe0000247: Couldn’t install the network component” “Error 0xe0000247: InstallSpecifiedComponent” Any help is appreciated. Thank you! ------------------------------ This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com ------------------------------ _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/ ------------------------------ This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com ------------------------------ ------------------------------ This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com ------------------------------ ------------------------------ This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com ------------------------------ ------------------------------ This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com ------------------------------
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: NMAP 7.31 & Npcap 0.10 R9 Error, (continued)
- Re: NMAP 7.31 & Npcap 0.10 R9 Error 食肉大灰兔V5 (Nov 01)
- RE: NMAP 7.31 & Npcap 0.10 R9 Error Philip Kroetsch (Nov 01)
- Re: NMAP 7.31 & Npcap 0.10 R9 Error 食肉大灰兔V5 (Nov 01)
- Message not available
- Re: NMAP 7.31 & Npcap 0.10 R9 Error 食肉大灰兔V5 (Nov 01)
- RE: NMAP 7.31 & Npcap 0.10 R9 Error Philip Kroetsch (Nov 01)
- Re: NMAP 7.31 & Npcap 0.10 R9 Error postal dude (Nov 01)
- RE: NMAP 7.31 & Npcap 0.10 R9 Error Philip Kroetsch (Nov 03)
- Re: NMAP 7.31 & Npcap 0.10 R9 Error 食肉大灰兔V5 (Nov 03)
- RE: NMAP 7.31 & Npcap 0.10 R9 Error Philip Kroetsch (Nov 01)
- Re: NMAP 7.31 & Npcap 0.10 R9 Error 食肉大灰兔V5 (Nov 03)
- RE: NMAP 7.31 & Npcap 0.10 R9 Error Philip Kroetsch (Nov 03)
- Re: NMAP 7.31 & Npcap 0.10 R9 Error 食肉大灰兔V5 (Nov 03)
- RE: NMAP 7.31 & Npcap 0.10 R9 Error Philip Kroetsch (Nov 07)
- Re: NMAP 7.31 & Npcap 0.10 R9 Error 食肉大灰兔V5 (Nov 07)
- Re: NMAP 7.31 & Npcap 0.10 R9 Error 食肉大灰兔V5 (Nov 01)