Hard loop while Conficker scanning

[shorejsi2 () mmm com]

 I have been having problems with Nmap going into a hard loop when 
scanning certain IP ranges for Conficker infections. After some 
investigation, I believe I have found the cause (and a resolution.) 

There is code in the smb.lua script that looks like the following:

...
        -- Some broken implementations of SMB don't send these variables
        if(smb['time'] == nil) then
                time = 0
        end
        if(smb['timezone'] == nil) then
                timezone = 0
        end
        if(smb['key_length'] == nil) then
                key_length = 0
        end
...

 This was apparently added to handle non-conformant SMB implementations. I 
changed this code to look like this:

...
        -- Some broken implementations of SMB don't send these variables
        if(smb['time'] == nil) then
                smb['time'] = 0
        end
        if(smb['timezone'] == nil) then
                smb['timezone'] = 0
        end
        if(smb['key_length'] == nil) then
                smb['key_length'] = 0
        end
...

 I think this is what the author originally intended. I can now scan 
networks with 'troublesome' SMB implementation without Nmap going into a 
loop. 

 Was this the right fix? 

 Whom do I tell about this?


                        -=[ Steve ]=-

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org