Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

vnsprintf returned -1 in log_vwrite -- bizarre.

From: Axel Pettinger <api () worldonline de>
Date: Sun, 08 Oct 2006 00:36:34 +0200
Hi,

I used Nmap 4.20ALPHA8 to scan a few computers and noticed that Nmap
had problems with three of these computers when writing the log file 
- examples see below. The error line was:

vnsprintf returned -1 in log_vwrite -- bizarre. Quitting.

What was wrong here?

Regards,
Axel Pettinger


---
Example 1
---------
Logfile contains:

# Nmap 4.20ALPHA8 scan initiated Thu Oct 05 16:59:29 2006 as: <nmap-path>\nmap.exe -O2 -sSU -F -T4 -d -v -v -oN 
<log-name> <target1> 
Interesting ports on <target1>:
Not shown: 1648 closed ports


Command Line Output:

<nmap-path>\nmap.exe -O2 -sSU -F -T4 -d -v -v -o
N <log-name> <target1>
Winpcap present, dynamic linked to: WinPcap version 3.1 (packet.dll version 3, 1
, 0, 27), based on libpcap version 0.9[.x]

Starting Nmap 4.20ALPHA8 ( http://insecure.org/nmap ) at 2006-10-05 16:59 W. Eur
ope Daylight Time
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 500, min 100, max 1250
  msx-scan-delay: TCP 10, UDP 1000
  parallelism: min 0, max 0
  max-retries: 6, host-timeout: 0
---------------------------------------------
Initiating ARP Ping Scan at 16:59
Scanning <target1> [1 port]
Packet capture filter (device eth0): arp and ether dst host 00:0E:7F:69:78:F9
Completed ARP Ping Scan at 16:59, 0.34s elapsed (1 total hosts)
mass_rdns: Using DNS server <DNS1>
mass_rdns: Using DNS server <DNS2>
Initiating Parallel DNS resolution of 1 host. at 16:59
mass_rdns: 0.02s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 16:59, 0.00s elapsed
DNS resolution of 1 IPs took 0.02s. Mode: Async [#: 2, OK: 0, NX: 1, DR: 0, SF:
0, TR: 1, CN: 0]
Initiating SYN Stealth Scan at 16:59
Scanning <target1> [1249 ports]
Packet capture filter (device eth0): dst host <host> and (icmp or (tcp and
(src host <target1>)))
Discovered open port 80/tcp on <target1>
Discovered open port 23/tcp on <target1>
Discovered open port 1008/tcp on <target1>
Discovered open port 513/tcp on <target1>
Increased max_successful_tryno for <target1> to 1 (packet drop)
Discovered open port 111/tcp on <target1>
Completed SYN Stealth Scan at 16:59, 3.31s elapsed (1249 total ports)
Initiating UDP Scan at 16:59
Scanning <target1> [1017 ports]
Packet capture filter (device eth0): dst host <host> and (icmp or (udp and
(src host <target1>)))
Increased max_successful_tryno for <target1> to 1 (packet drop)
Increased max_successful_tryno for <target1> to 2 (packet drop)
Increased max_successful_tryno for <target1> to 3 (packet drop)
UDP Scan Timing: About 46.84% done; ETC: 17:00 (0:00:34 remaining)
UDP Scan Timing: About 50.93% done; ETC: 17:01 (0:00:57 remaining)
UDP Scan Timing: About 55.10% done; ETC: 17:02 (0:01:13 remaining)
Increased max_successful_tryno for <target1> to 4 (packet drop)
UDP Scan Timing: About 55.28% done; ETC: 17:03 (0:01:37 remaining)
UDP Scan Timing: About 58.05% done; ETC: 17:03 (0:01:48 remaining)
UDP Scan Timing: About 60.82% done; ETC: 17:04 (0:01:56 remaining)
Increased max_successful_tryno for <target1> to 5 (packet drop)
Increasing send delay for <target1> from 0 to 50 due to max_successful_tryno in
crease to 5
UDP Scan Timing: About 60.23% done; ETC: 17:05 (0:02:19 remaining)
UDP Scan Timing: About 62.75% done; ETC: 17:05 (0:02:22 remaining)
Increasing send delay for <target1> from 50 to 100 due to 11 out of 11 dropped
probes since last increase.
UDP Scan Timing: About 65.36% done; ETC: 17:06 (0:02:23 remaining)
UDP Scan Timing: About 67.99% done; ETC: 17:06 (0:02:21 remaining)
Increasing send delay for <target1> from 100 to 200 due to 11 out of 11 dropped
 probes since last increase.
Increased max_successful_tryno for <target1> to 6 (packet drop)
Increasing send delay for <target1> from 200 to 400 due to max_successful_tryno
 increase to 6
Warning: Giving up on port early because retransmission cap hit.
Increasing send delay for <target1> from 400 to 800 due to 11 out of 11 dropped
 probes since last increase.
Increasing send delay for <target1> from 800 to 1000 due to 11 out of 11 droppe
d probes since last increase.
Completed UDP Scan at 17:44, 2702.37s elapsed (1017 total ports)
Packet capture filter (device eth0): dst host <host> and (icmp or (tcp and
(src host <target1>)))
Initiating OS detection against <target1>
OS detection timingRatio() == (1160063076.230 - 1160063075.683) * 1000 / 500 ==
1.094
Retrying OS detection against <target1>
OS detection timingRatio() == (1160063078.449 - 1160063077.902) * 1000 / 500 ==
1.094
Retrying OS detection against <target1>
OS detection timingRatio() == (1160063080.668 - 1160063080.121) * 1000 / 500 ==
1.094
Host <target1> appears to be up ... good.
Interesting ports on <target1>:
Not shown: 1648 closed ports
vnsprintf returned -1 in log_vwrite -- bizarre. Quitting.
###############################################################################

---
Example 2
---------
Logfile contains:

# Nmap 4.20ALPHA8 scan initiated Thu Oct 05 20:11:49 2006 as: <nmap-path>\nmap.exe -O2 -sSU -p1-65535 -T4 -d -v -v -oN 
<log-name> <target2> 
Interesting ports on <target2>:
Not shown: 130458 closed ports

Command Line Output:

(...)
UDP Scan Timing: About 99.93% done; ETC: 13:41 (0:00:46 remaining)
Completed UDP Scan at 14:14, 64940.83s elapsed (65535 total ports)
Packet capture filter (device eth0): dst host <host> and (icmp or (tcp and
(src host <target2>)))
Initiating OS detection against <target2>
OS detection timingRatio() == (1160136877.205 - 1160136876.657) * 1000 / 500 ==
1.096
Retrying OS detection against <target2>
OS detection timingRatio() == (1160136879.711 - 1160136879.163) * 1000 / 500 ==
1.096
Retrying OS detection against <target2>
Unable to associate os scan response with sent packet for <target2>.
Received ack: 6FD96365; sequence sent: 3F41121A. Packet:
TCP packet: <target2>:22 -> <host>:55886 (total: 60 bytes)
Flags: SYN ACK
ipid: 0 ttl: 64 Seq: 156279841  Ack: 1876517733
Unable to associate os scan response with sent packet for <target2>.
Received ack: 6FD96366; sequence sent: 3F41121A. Packet:
TCP packet: <target2>:22 -> <host>:55887 (total: 60 bytes)
Flags: SYN ACK
ipid: 0 ttl: 64 Seq: 162107402  Ack: 1876517734
Unable to associate os scan response with sent packet for <target2>.
Received ack: 6FD96364; sequence sent: 3F41121A. Packet:
TCP packet: <target2>:22 -> <host>:55885 (total: 60 bytes)
Flags: SYN ACK
ipid: 0 ttl: 64 Seq: 156099826  Ack: 1876517732
Unable to associate os scan response with sent packet for <target2>.
Received ack: 6FD96369; sequence sent: 3F41121A. Packet:
TCP packet: <target2>:22 -> <host>:55890 (total: 56 bytes)
Flags: SYN ACK
ipid: 0 ttl: 64 Seq: 164169254  Ack: 1876517737
Unable to associate os scan response with sent packet for <target2>.
Received ack: 6FD96367; sequence sent: 3F41121A. Packet:
TCP packet: <target2>:22 -> <host>:55888 (total: 60 bytes)
Flags: SYN ACK
ipid: 0 ttl: 64 Seq: 164844687  Ack: 1876517735
Unable to associate os scan response with sent packet for <target2>.
Received ack: 6FD96368; sequence sent: 3F41121A. Packet:
TCP packet: <target2>:22 -> <host>:55889 (total: 60 bytes)
Flags: SYN ACK
ipid: 0 ttl: 64 Seq: 162881015  Ack: 1876517736
OS detection timingRatio() == (1160136882.327 - 1160136881.779) * 1000 / 500 ==
1.096
Host <target2> appears to be up ... good.
Interesting ports on <target2>:
Not shown: 130458 closed ports
vnsprintf returned -1 in log_vwrite -- bizarre. Quitting.
###############################################################################

---
Example 3
---------
Logfile contains:

# Nmap 4.20ALPHA8 scan initiated Thu Oct 05 20:12:39 2006 as: <nmap-path>\nmap.exe -O2 -sSU -p1-65535 -T4 -d -v -v -oN 
<log-name> <target3> 
Insufficient responses for TCP sequencing (3), OS detection may be less accurate
Interesting ports on <target-hostname3> (<target3>):
Not shown: 130779 closed ports

Command Line Output:

(...)
UDP Scan Timing: About 99.96% done; ETC: 17:24 (0:00:30 remaining)
Discovered open port 69/udp on <target3>
Completed UDP Scan at 17:54, 78045.13s elapsed (65535 total ports)
Packet capture filter (device eth0): dst host <host> and (icmp or (tcp and
(src host <target3>)))
Initiating OS detection against <target-hostname> (<target3>)
OS detection timingRatio() == (1160150088.349 - 1160150087.802) * 1000 / 500 ==
1.094
Retrying OS detection against <target-hostname> (<target3>)
Unable to associate os scan response with sent packet for <target3>.
Received ack: 11901D1B; sequence sent: 297E6575. Packet:
TCP packet: <target3>:23 -> <host>:63326 (total: 60 bytes)
Flags: SYN ACK
ipid: 0 ttl: 64 Seq: 3187377482 Ack: 294657307
Unable to associate os scan response with sent packet for <target3>.
Received ack: 11901D19; sequence sent: 297E6575. Packet:
TCP packet: <target3>:23 -> <host>:63324 (total: 60 bytes)
Flags: SYN ACK
ipid: 0 ttl: 64 Seq: 3177798742 Ack: 294657305
Unable to associate os scan response with sent packet for <target3>.
Received ack: 11901D17; sequence sent: 297E6575. Packet:
TCP packet: <target3>:23 -> <host>:63322 (total: 60 bytes)
Flags: SYN ACK
ipid: 0 ttl: 64 Seq: 3184698054 Ack: 294657303
Insufficient responses for TCP sequencing (3), OS detection may be less accurate

OS detection timingRatio() == (1160150091.615 - 1160150091.068) * 1000 / 500 ==
1.094
WARNING:  OS didn't match until the try #2
Host <target-hostname> (<target3>) appears to be up ... good.
Interesting ports on <target-hostname> (<target3>):
Not shown: 130779 closed ports
vnsprintf returned -1 in log_vwrite -- bizarre. Quitting.
###############################################################################

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: