Nmap Development mailing list archives
access violation with xml output with nmap-4.20 on windows xpsp2
From: sophit4 () gmail com
Date: Thu, 25 Jan 2007 18:51:14 -0500
Maybe this is slower than grepable output, too.
------------------------------------------------------------------------------
Command and Output
------------------------------------------------------------------------------
nmap -A -O 192.168.91.239 -oX 239.xml
Starting Nmap 4.20 ( http://insecure.org ) at 2007-01-25 18:30 Eastern Standard Time Stats: 0:06:49 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 99.99% done; ETC: 18:36 (0:00:00 remaining) Interesting ports on 192.168.91.239: Not shown: 1695 closed ports PORT STATE SERVICE VERSION 427/tcp filtered svrloc 5900/tcp open vnc Apple remote desktop vnc Device type: general purpose Running: Apple Mac OS X 10.3.X|10.4.X OS details: Applie Mac OS X 10.3.9 - 10.4.7 Uptime: -25079.923 days (since Wed Sep 25 17:45:52 2075) ------------------------------------------------------------------------------ Disassembly ------------------------------------------------------------------------------ 00448770 call 004533C0 00448775 add ecx,30h 00448778 cmp ecx,39h 0044877B mov dword ptr [ebp-68h],ebx 0044877E mov edi,eax 00448780 mov ebx,edx 00448782 jle 00448787 00448784 add ecx,dword ptr [ebp-4Ch] 00448787 mov byte ptr [esi],cl 00448789 dec esi 0044878A jmp 00448758 0044878C lea eax,[ebp+1EBh] 00448792 sub eax,esi 00448794 inc esi 00448795 test word ptr [ebp-18h],200h 0044879B mov dword ptr [ebp-28h],eax 0044879E mov dword ptr [ebp-24h],esi 004487A1 je 004487EF 004487A3 test eax,eax 004487A5 je 004487AE 004487A7 mov ecx,esi 004487A9 cmp byte ptr [ecx],30h 004487AC je 004487EF 004487AE dec dword ptr [ebp-24h] 004487B1 mov ecx,dword ptr [ebp-24h] 004487B4 mov byte ptr [ecx],30h 004487B7 inc eax 004487B8 jmp 004487EC 004487BA dec ecx 004487BB cmp word ptr [eax],si 004487BE je 004487C6 004487C0 inc eax 004487C1 inc eax 004487C2 cmp ecx,esi 004487C4 jne 004487BA 004487C6 sub eax,dword ptr [ebp-24h] 004487C9 sar eax,1 004487CB jmp 004487EC 004487CD cmp edi,esi 004487CF jne 004487D9 004487D1 mov eax,dword ptr ds:[004741B0h] 004487D6 mov dword ptr [ebp-24h],eax 004487D9 mov eax,dword ptr [ebp-24h] 004487DC jmp 004487E5 004487DE dec ecx 004487DF cmp byte ptr [eax],0 <======================== ------------------------------------------------------------------------------ Autos ------------------------------------------------------------------------------ EAX FFFFFFFF EBP 0012B98C ECX 7FFFFFFE On 1/15/07, sophit4 () gmail com <sophit4 () gmail com> wrote:
This was from the installer package. Scan executed approximately as: nmap -P0 -sX -A -PA -PU -F -O -v -T5 -oX baz.xml -excludefile excludes.txt 192.168.91.4-254 On my screen here, I see (after bar.foo) a capital O with a hat on it, a 3/4 sign, a control-R, closed by the quotes. XML parsers aren't liking this. The hostname, e.g. "bar.fooxxx.com" is incomplete. I've seen this several times. <taskend task="Service scan" time="1168655332" /> <<taskbegin task="RPCGrind Scan against bar.fooÔ¾^R" time="1168655369" /> <taskend task="RPCGrind Scan against bar.fooÔ¾^R" time="1168655369" /> <host><status state="up" /> <address addr="192.168.91.73" addrtype="ipv4" />
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- access violation with xml output with nmap-4.20 on windows xpsp2 sophit4 (Jan 26)