Nmap Development mailing list archives
-6 -sP --traceroute
From: jah <jah () zadkiel plus com>
Date: Wed, 03 Jun 2009 14:31:42 +0100
Hi folks, If you do nmap -6 --traceroute <target> you get a warning to the effect that traceroute is disabled, because it doesn't work for connect scans - and the scan then proceeds. On the other hand, nmap -6 --traceroute <target> -sP isn't handled the same way and on windows the scan proceeds until, in traceroute, we try to index a std::set with NULL instead of a interface name in win32_warn_raw_sockets(). The attached output.cc.patch prevents this. On !windows, the null fails an assertion a little further on, in my_pcap_open_live() and the patch brings windows into line with this. The null pointer arises because a target->devicename is never filled whilst -6 scanning since any communication is done through the OS. If I'm not mistaken, --traceroute and -6 are currently incompatible and so I think disabling traceroute with a warning for "-6 -sP --traceroute" in the same manner as "-6 --traceroute" is a reasonable thing to do. The attached nmap.cc.patch wraps a check for -6 and --traceroute in a #if HAVE_IPV6 directive and will prevent the --traceroute code ever being reached. A side effect of not having a device/interface name available is that, in NSE, host.interface is not available (neither are src_mac_addr and mac_addr) and this affects any scripts designed for IPv6 that might use dnet or pcap as part of the raw sockets api. At the very least, it's necessary to pass the interface name to any script (using --script-args) so that the script has something to pass to pcap_open() and ethernet_open(). I haven't looked in depth at the code, but it seems that collecting route6 info somewhere during a scan (maybe only if scripting is going to be run) ought to be enough to improve NSE ethernet/pcap functionality for IPv6. Does anyone know any different? Or a better way? Regards, jah
--- nmap.cc.orig 2009-06-03 03:09:06.097625000 +0100 +++ nmap.cc 2009-06-03 03:19:30.722625000 +0100 @@ -1324,7 +1324,13 @@ } } - if(o.traceroute && (o.idlescan || o.connectscan)) { +#if HAVE_IPV6 + if(o.af() == AF_INET6 && o.traceroute) { + error("Warning: Traceroute does not support IPv6, disabling..."); + o.traceroute = 0; + } else +#endif + if(o.traceroute && (o.idlescan || o.connectscan)) { error("Warning: Traceroute does not support idle or connect scan, disabling..."); o.traceroute = 0; }
--- output.cc.orig 2009-06-03 03:40:07.425750000 +0100 +++ output.cc 2009-05-28 03:04:56.540000000 +0100 @@ -293,7 +293,7 @@ void win32_warn_raw_sockets(const char *devname) { static set<string> shown_names; - if (shown_names.find(devname) == shown_names.end()) { + if (devname != NULL && shown_names.find(devname) == shown_names.end()) { error("WARNING: Using raw sockets because %s is not an ethernet device. This probably won't work on Windows.\n", devname); shown_names.insert(devname); }
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- -6 -sP --traceroute jah (Jun 03)
- Re: -6 -sP --traceroute Fyodor (Jun 03)