Nmap Development mailing list archives
Re: dev Digest, Vol 168, Issue 10
From: "Mike ." <dmciscobgp () hotmail com>
Date: Wed, 20 Mar 2019 17:13:42 +0000
hello everyone!
ok so am gonna type all this out and give you every ounce of info i can because at this point i have hit the wall!
info--windows 7. 2 NIC cards. standard ethernet and the wifi (Intel(R) Wireless WiFi Link 4965AG) nmap version is the
latest
so here is the CURRENT --iflist
DEV (SHORT) IP/MASK TYPE UP MTU MAC
eth0 (eth0) 169.254.244.28/16 ethernet down 1500 00:1D:E0:68:84:3B
lo0 (lo0) ::1/128 loopback up -1
lo0 (lo0) 127.0.0.1/8 loopback up -1
DEV WINDEVICE
eth0 <none>
lo0 <none>
lo0 <none>
**************************ROUTES**************************
DST/MASK DEV METRIC GATEWAY
255.255.255.255/32 eth0 261
255.255.255.255/32 lo0 306
127.0.0.1/32 lo0 306
127.255.255.255/32 lo0 306
127.0.0.0/8 lo0 306
224.0.0.0/4 eth0 261
224.0.0.0/4 lo0 306
::1/128 lo0 306
ff00::/8 lo0 306
now first thing before i get to the problem (among many). EVERY SINGLE TIME i have tried to install NPCAP adapter it
was either no success or some problem along the way. it was suggested i set it for service on boot. when i did that i
got a non running service along with the error (cannot find proper file path). funny, i looked in system32 and found
the driver no problem. still complained. so i pointed it to the npcap.sys in NPCAP folder and walla! BUT..it will NOT
let me change the boot start to auto!
so with all this, here comes the mystery. i curently have NO INTERNET. none. at the house or anywhere. i "borrow" or
use free WIFI when available. so while i am at home with NO CONNECTION i try and fire off connect packets and keep
hoping for an open AP with a DCHP. sometimes i find one, most not. but when i do AT HOME, it works no prob. can use
nmap and browse net. btw, this is ALL with NPCAP adapter loopback DISABLED. when i enable it, i get in my systray a
constant "identyfying network/no connection". when that is disabled, no issues. so anyway, i noticed i was at the
library w/ open wifi and when i attempted to run nmap i got "cannot open eth0"!!! can someone please tell me WHY??? i
am baffled! i havent tested it at other places yet. maybe i should. but i thought i knew networking and now maybe i
realize i dont! what other info do you guys need????? lastly, can someone quickly look at that net card i posted and
tell me if that is AIRPCAP compatible? really wanna play with those drivers! thank you
PS > print route
Interface List
13...00 1d e0 68 84 3b ......Intel(R) Wireless WiFi Link 4965AG
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
**last thing i wanted to add was i am looking at network config topology and this is the setup--ETHERNET CARD IS
DISABLED (supposed to be, no internet, remember) NPCAP SAYS THIS "UNIDENTIFIED NETWORK", then the WIFI CARD "not
connected"
does one HAVE have to have an actual ip like a 192 and not the autoconfig stadard 169 blah to capture 127
traffic???????? one wouldnt think so
and one MORE LAST question, lol...if i uninstall NPCAP will this break all my windumps/ngreps/etc that use winpcap/npf?
________________________________
From: dev <dev-bounces () nmap org> on behalf of dev-request () nmap org <dev-request () nmap org>
Sent: Wednesday, March 20, 2019 12:08 AM
To: dev () nmap org
Subject: dev Digest, Vol 168, Issue 10
Send dev mailing list submissions to
dev () nmap org
To subscribe or unsubscribe via the World Wide Web, visit
https://nmap.org/mailman/listinfo/dev
or, via email, send a message with subject or body 'help' to
dev-request () nmap org
You can reach the person managing the list at
dev-owner () nmap org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dev digest..."
Today's Topics:
1. Re: dev Digest, Vol 168, Issue 9 (Mike .)
2. Re: please respond to this? (Michael Wood)
----------------------------------------------------------------------
Message: 1
Date: Tue, 19 Mar 2019 19:39:47 +0000
From: "Mike ." <dmciscobgp () hotmail com>
To: "dev () nmap org" <dev () nmap org>
Subject: Re: dev Digest, Vol 168, Issue 9
Message-ID:
<MN2PR13MB29435D0A3B6E90AD61C69EABC6400 () MN2PR13MB2943 namprd13 prod outlook com>
Content-Type: text/plain; charset="iso-8859-1"
Claudio/group
so the info you wanted. win7 sp2? wifi card is standard intel that came with the lenovo thinkpad. nothing fancy at all.
i am at a conveinence store asp, and i see the same result as you can see for yourself :
Fetchfile found C:\Program Files\Nmap/nmap-payloads
Initiating Ping Scan at 14:38
dnet: Failed to open device eth0
QUITTING!
and here, why does it 1, not recognize wifi adpapter at all! and 2, why does it keep saying i want to use eth!
DEV (SHORT) IP/MASK TYPE UP MTU MAC
eth0 (eth0) 192.168.170.214/24 ethernet up 1500 00:1D:E0:68:84:3B
lo0 (lo0) ::1/128 loopback up -1
lo0 (lo0) 127.0.0.1/8 loopback up -1
DEV WINDEVICE
eth0 <none>
lo0 <none>
lo0 <none>
**************************ROUTES**************************
DST/MASK DEV METRIC GATEWAY
192.168.170.255/32 eth0 281
192.168.170.214/32 eth0 281
255.255.255.255/32 eth0 281
127.255.255.255/32 lo0 306
127.0.0.1/32 lo0 306
255.255.255.255/32 lo0 306
192.168.170.0/24 eth0 281
127.0.0.0/8 lo0 306
224.0.0.0/4 eth0 281
224.0.0.0/4 lo0 306
0.0.0.0/0 eth0 25 192.168.170.254
::1/128 lo0 306
ff00::/8 lo0 306
last thing. all the public wifi connections i make are all through DHCP . does that matter?
Mike
________________________________
From: dev <dev-bounces () nmap org> on behalf of dev-request () nmap org <dev-request () nmap org>
Sent: Tuesday, March 19, 2019 7:00 PM
To: dev () nmap org
Subject: dev Digest, Vol 168, Issue 9
Send dev mailing list submissions to
dev () nmap org
To subscribe or unsubscribe via the World Wide Web, visit
https://nmap.org/mailman/listinfo/dev
or, via email, send a message with subject or body 'help' to
dev-request () nmap org
You can reach the person managing the list at
dev-owner () nmap org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dev digest..."
Today's Topics:
1. Re: please respond to this? (Claudio M)
2. nsock wrong peer info (=?gb18030?B?s8LIys+h?=)
----------------------------------------------------------------------
Message: 1
Date: Mon, 18 Mar 2019 23:31:52 +0100
From: Claudio M <flyingstar16 () gmail com>
To: "Mike ." <dmciscobgp () hotmail com>, Nmap dev <dev () nmap org>
Subject: Re: please respond to this?
Message-ID:
<CAMw1ynQkX=d7t2eq11qREVGk+R757pGaep5DqnUexPKqGmcXrA () mail gmail com>
Content-Type: text/plain; charset="utf-8"
re-adding dev () nmap org
Hey,
so, this is weird indeed, but you didn't give us enough information to
really troubleshoot this.
What OS are you running, and what version? What's the make and model of the
WiFi card you're using? Is it USB or integrated (like on a laptop)?
And, just to confirm, are you using the same computer both at home and in
the library?
BTW the library cannot "see" nmap before it starts (at least on your
computer) so what could be happening is that your OS does not recognize
your wifi card when you're in the library. But as to why, I don't know.
BTW, I tried looking for the other two messages you sent in the list
archives (https://seclists.org/nmap-dev/) to see if you already gave the
info, but I can't find them. If you already sent the info above just point
me at those please :)
On Sat, Mar 16, 2019 at 7:36 PM Mike . <dmciscobgp () hotmail com> wrote:
ty for responding. so it gets even weirder. this is all happening at a public library that offers free wifi. i know what ethernt is, i used it for 10 years. so someone explain this if you can because i am BAFFLED! i have no connection at my home for the time being so i come here to the library. i am using a WIRELESS CARD/CONNECTION. at home i have NO CONNECTION because the wifi in the apt complex is locked down BUT i can still OPEN NMAP! and it uses "eth0" when i do!? but at the library it will not open eth0????? that is all it ever sees. that and the loopbacks. turning NPCAP on or off doesnt help mattes. now i know this library locks down their router quite well but how in the world could they see nmap before it is even fired up????? thought i knew networking but this has be stumped! the packet traffic at the lib shows me calling and finding a DHCP and then getting the proper config and going foward with a connection like any DHCP would. but nmap does not work?????????????? ty ------------------------------ *From:* Claudio M <flyingstar16 () gmail com> *Sent:* Saturday, March 16, 2019 11:46 AM *To:* Mike . *Cc:* nmap-group *Subject:* Re: please respond to this? eth0 is, normally, the identifier of an ethernet card (the one with the cable); wireless interfaces start with "w". To see all the interfaces available on your system use either "ifconfig" or "ip link show", then use that in nmap. FYI newer Linux versions are using a different way of identifying cards, so your card could be called something like wlp2s0. Read https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/ for more info. On Fri, Mar 15, 2019 at 9:51 PM Mike . <dmciscobgp () hotmail com> wrote: this is my 3rd message that will prob be ignored again. anyway, does nmap just not work on wireless cards? went down to my local lib, plugged in and got this after firing it up Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-15 15:49 Central Daylight Tim e Initiating Ping Scan at 15:49 dnet: Failed to open device eth0 QUITTING! odd thing though. i am not using ETH0! that is my ethernet that is DISABLED! so does it just not support my standard Intel WIRELESS card? wlan? wont even see it listed with --iflist. what gives _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://nmap.org/mailman/private/dev/attachments/20190318/153d612d/attachment.html> ------------------------------ Message: 2 Date: Tue, 19 Mar 2019 10:50:52 +0800 From: "=?gb18030?B?s8LIys+h?=" <saiyn.chen () qq com> To: "=?gb18030?B?ZGV2?=" <dev () nmap org> Subject: nsock wrong peer info Message-ID: <tencent_4AA0E8AB10E91C487EBCF264C150A768A50A () qq com> Content-Type: text/plain; charset="gb18030" Hi there, when you use nsock_sendto() to query a multicast service like upnp or mdns, after you call nsock_liod_get_communication_info() in the receive callback to get the peer info, the peer info always fails to update to the real peer info but still the info set in nsock_sendto(). The root cause is very simple and I post below: /* Windows will ignore src_addr and addrlen arguments to recvfrom on TCP * sockets, so peerlen is still sizeof(peer) and peer is junk. Instead, * only set this if it's not already set. */ if (peerlen > 0 && iod->peerlen == 0) { assert(peerlen <= sizeof(iod->peer)); memcpy(&iod->peer, &peer, peerlen); iod->peerlen = peerlen; } so, can we fix this or just let it there? BR, SAIYN -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://nmap.org/mailman/private/dev/attachments/20190319/506d966f/attachment.html> ------------------------------ Subject: Digest Footer _______________________________________________ dev mailing list dev () nmap org https://nmap.org/mailman/listinfo/dev ------------------------------ End of dev Digest, Vol 168, Issue 9 *********************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://nmap.org/mailman/private/dev/attachments/20190319/5f76f91c/attachment.html> ------------------------------ Message: 2 Date: Tue, 19 Mar 2019 20:08:14 -0400 From: Michael Wood <itnetsec () gmail com> To: "Mike ." <dmciscobgp () hotmail com> Cc: nmap-group <dev () nmap org> Subject: Re: please respond to this? Message-ID: <CAKKN48xFVoH=nAbf4mESV-moJg8Yoj=hN+b73DsDY5f0LNc=1w () mail gmail com> Content-Type: text/plain; charset="utf-8" Never seen that happen before. I can assure you it works with wireless cards. Does ifconfig show your interface? On Fri, Mar 15, 2019, 4:51 PM Mike . <dmciscobgp () hotmail com> wrote:
this is my 3rd message that will prob be ignored again. anyway, does nmap just not work on wireless cards? went down to my local lib, plugged in and got this after firing it up Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-15 15:49 Central Daylight Tim e Initiating Ping Scan at 15:49 dnet: Failed to open device eth0 QUITTING! odd thing though. i am not using ETH0! that is my ethernet that is DISABLED! so does it just not support my standard Intel WIRELESS card? wlan? wont even see it listed with --iflist. what gives _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://nmap.org/mailman/private/dev/attachments/20190319/9d705634/attachment.html> ------------------------------ Subject: Digest Footer _______________________________________________ dev mailing list dev () nmap org https://nmap.org/mailman/listinfo/dev ------------------------------ End of dev Digest, Vol 168, Issue 10 ************************************
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: dev Digest, Vol 168, Issue 10 Mike . (Mar 20)
- <Possible follow-ups>
- Re: dev Digest, Vol 168, Issue 10 Mike . (Mar 20)