Zenmap 7.70 crashing on Windows 7

[Jasey DePriest <jrdepriest () gmail com>]

Good morning,

When I run Zenmap it crashes somewhere in the service discovery or script
portion. I can't be sure which since I lose the log when it crashes. It
doesn't crash against every system, but it does reliably crash against
certain systems. It may be related to firewall interference, but it wasn't
clear from the crash. Also, I can run the same command from nmap and it
runs to completion.
I was unable to get Zenmap to write to a zenmap.exe.log file soI ran it
from Cygwin bash and got this:
/cygdrive/c/Program Files (x86)/Nmap
$ ./zenmap -v -v -v
**
Gdk:ERROR:gdkdrawable-win32.c:2040:_gdk_win32_drawable_finish: assertion
failed: (impl->hdc_count == 0)

It doesn't seem very helpful.

This is the command I was using in Zenmap:
nmap -sS -sU -sV -p
T:-,U:58437,53,67,68,69,88,111,123,135,137,138,139,161,162,445,500,514,520,631,1433,1434,1812,1813,1900,4500,6481,49152-49161
-T4 -O -A -v --max-rtt-timeout 10m --max-scan-delay 45s --host-timeout 2h
-PE --reason --traceroute --script
acarsd-info,address-info,afp-ls,afp-serverinfo,afp-showmount,ajp-auth,ajp-headers,ajp-methods,ajp-request,allseeingeye-info,amqp-info,auth-owners,auth-spoof,backorifice-info,bacnet-info,banner,bitcoin-getaddr,bitcoin-info,bitcoinrpc-info,bittorrent-discovery,bjnp-discover,cassandra-info,cics-info,citrix-enum-apps-xml,citrix-enum-apps,citrix-enum-servers-xml,citrix-enum-servers,clock-skew,coap-resources,couchdb-databases,couchdb-stats,creds-summary,cups-info,cups-queue-info,daap-get-library,daytime,db2-das-info,dhcp-discover,dict-info,dns-brute,dns-cache-snoop,dns-client-subnet-scan,dns-ip6-arpa-scan,dns-nsec-enum,dns-nsec3-enum,dns-nsid,dns-recursion,dns-service-discovery,dns-srv-enum,dns-zone-transfer,drda-info,duplicates,enip-info,epmd-info,eppc-enum-processes,fcrdns,finger,firewalk,flume-master-info,fox-info,freelancer-info,ftp-anon,ftp-bounce,ftp-syst,ganglia-info,giop-info,gkrellm-info,gopher-ls,gpsd-info,hadoop-datanode-info,hadoop-jobtracker-info,hadoop-namenode-info,hadoop-secondary-namenode-info,hadoop-tasktracker-info,hbase-master-info,hbase-region-info,hddtemp-info,hnap-info,http-affiliate-id,http-apache-negotiation,http-apache-server-status,http-aspnet-debug,http-auth-finder,http-auth,http-backup-finder,http-cakephp-version,http-chrono,http-cisco-anyconnect,http-comments-displayer,http-cookie-flags,http-cors,http-date,http-default-accounts,http-devframework,http-drupal-enum-users,http-drupal-enum,http-enum,http-errors,http-favicon,http-feed,http-fetch,http-frontpage-login,http-generator,http-git,http-gitweb-projects-enum,http-grep,http-headers,http-internal-ip-disclosure,http-ls,http-malware-host,http-mcmp,http-methods,http-mobileversion-checker,http-ntlm-info,http-open-redirect,http-php-version,http-put,http-qnap-nas-info,http-referer-checker,http-robots.txt,http-security-headers,http-sitemap-generator,http-slowloris-check,http-svn-enum,http-svn-info,http-title,http-trace,http-traceroute,http-unsafe-output-escaping,http-useragent-tester,http-vhosts,http-vlcstreamer-ls,http-vmware-path-vuln,http-vuln-cve2010-0738,http-vuln-cve2011-3192,http-vuln-cve2014-2126,http-vuln-cve2014-2127,http-vuln-cve2014-2128,http-vuln-cve2014-2129,http-vuln-cve2015-1635,http-vuln-cve2017-1001000,http-waf-detect,http-waf-fingerprint,http-webdav-scan,http-wordpress-enum,icap-info,iec-identify,ike-version,imap-capabilities,imap-ntlm-info,ip-forwarding,ip-geolocation-map-kml,ip-https-discover,ipidseq,ipmi-cipher-zero,ipmi-version,ipv6-node-info,irc-botnet-channels,irc-info,iscsi-info,isns-info,jdwp-info,knx-gateway-info,ldap-novell-getpass,ldap-rootdse,ldap-search,lexmark-config,maxdb-info,mcafee-epo-agent,membase-http-info,memcached-info,metasploit-info,modbus-discover,mongodb-databases,mongodb-info,mqtt-subscribe,ms-sql-config,ms-sql-dac,ms-sql-dump-hashes,ms-sql-hasdbaccess,ms-sql-info,ms-sql-ntlm-info,ms-sql-query,ms-sql-tables,msrpc-enum,mysql-audit,mysql-databases,mysql-dump-hashes,mysql-info,mysql-query,mysql-variables,mysql-vuln-cve2012-2122,nat-pmp-info,nat-pmp-mapport,nbstat,ncp-enum-users,ncp-serverinfo,ndmp-fs-info,netbus-auth-bypass,netbus-info,nfs-ls,nfs-showmount,nfs-statfs,nntp-ntlm-info,nrpe-enum,ntp-info,ntp-monlist,omp2-enum-targets,omron-info,openlookup-info,openwebnet-discovery,oracle-tns-version,p2p-conficker,path-mtu,pcworx-info,pop3-capabilities,pop3-ntlm-info,qscan,quake1-info,quake3-info,quake3-master-getservers,rdp-enum-encryption,realvnc-auth-bypass,redis-info,resolveall,reverse-index,rfc868-time,riak-http-info,rmi-dumpregistry,rpcap-info,rpcinfo,rsync-list-modules,rtsp-methods,rusers,s7-info,servicetags,sip-call-spoof,sip-methods,smb-double-pulsar-backdoor,smb-enum-domains,smb-enum-groups,smb-enum-processes,smb-enum-sessions,smb-enum-shares,smb-ls,smb-mbenum,smb-os-discovery,smb-protocols,smb-psexec,smb-security-mode,smb-server-stats,smb-system-info,smb-vuln-ms17-010,smb2-capabilities,smb2-security-mode,smb2-time,smb2-vuln-uptime,smtp-commands,smtp-ntlm-info,smtp-strangeport,sniffer-detect,snmp-hh3c-logins,snmp-info,snmp-interfaces,snmp-netstat,snmp-processes,snmp-sysdescr,snmp-win32-services,snmp-win32-shares,snmp-win32-software,snmp-win32-users,socks-auth-info,ssh-hostkey,ssh2-enum-algos,sshv1,ssl-ccs-injection,ssl-cert-intaddr,ssl-cert,ssl-date,ssl-dh-params,ssl-enum-ciphers,ssl-heartbleed,ssl-known-key,ssl-poodle,sslv2-drown,sslv2,sstp-discover,stun-info,stuxnet-detect,targets-traceroute,telnet-encryption,telnet-ntlm-info,tftp-enum,tls-nextprotoneg,tls-ticketbleed,tn3270-screen,unittest,unusual-port,upnp-info,ventrilo-info,versant-info,vmware-version,vnc-info,vnc-title,voldemort-info,vuze-dht-info,wdb-version,weblogic-t3-info,wsdd-discover,x11-access,xdmcp-discover,xmlrpc-methods,xmpp-info
W.X.Y.Z

I took out the destination IP. I can run the same command from the
command-line with nmap and it completes without error.

My OS is Windows 7 Enterprise Edition with SP1, build 7601.

If I don't have ZENMAP_DEBUGGING enabled, the log in the event log has this
information:
Log Name:      Application
Source:        Application Error
Date:          9/14/2018 10:50:19 AM
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      XEND-P-SECOPS02
Description:
Faulting application name: zenmap.exe, version: 7.70.0.0, time stamp:
0x49180193
Faulting module name: libglib-2.0-0.dll, version: 2.28.8.0, time stamp:
0x4e253544
Exception code: 0x40000015
Fault offset: 0x0004c2d8
Faulting process id: 0x32ef4
Faulting application start time: 0x01d44c390a93b7ed
Faulting application path: C:\Program Files (x86)\Nmap\zenmap.exe
Faulting module path: C:\Program Files (x86)\Nmap\py2exe\libglib-2.0-0.dll
Report Id: 7f94d3ae-b82d-11e8-86b3-005056911b92
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event";>
  <System>
    <Provider Name="Application Error" />
    <EventID Qualifiers="0">1000</EventID>
    <Level>2</Level>
    <Task>100</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2018-09-14T14:50:19.000000000Z" />
    <EventRecordID>244429</EventRecordID>
    <Channel>Application</Channel>
    <Computer>XEND-P-SECOPS02</Computer>
    <Security />
  </System>
  <EventData>
    <Data>zenmap.exe</Data>
    <Data>7.70.0.0</Data>
    <Data>49180193</Data>
    <Data>libglib-2.0-0.dll</Data>
    <Data>2.28.8.0</Data>
    <Data>4e253544</Data>
    <Data>40000015</Data>
    <Data>0004c2d8</Data>
    <Data>32ef4</Data>
    <Data>01d44c390a93b7ed</Data>
    <Data>C:\Program Files (x86)\Nmap\zenmap.exe</Data>
    <Data>C:\Program Files (x86)\Nmap\py2exe\libglib-2.0-0.dll</Data>
    <Data>7f94d3ae-b82d-11e8-86b3-005056911b92</Data>
  </EventData>
</Event>

I've had this problem for a long time but hadn't had a reason to generate a
bug report until now. I'm using the pretty output for official reporting
now and just opening -oX files in Zenmap doesn't produce the same color
coded output.

Thanks!
Jasey DePriest

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/