Nmap Development mailing list archives

Re: dhcp script!

From: Walt Scrivens <walts () gate net>
Date: Wed, 23 Sep 2009 08:45:57 -0400

David, thanks for helping!

Here's the console output:
======================================

sh-3.2# ./nmap --send-ip -PN -d4 -sU -p67 192.168.1.1 2>&1 >udp-67-1.nmap

Warning: Unable to open interface vmnet8 -- skipping it.
Warning: Unable to open interface vmnet1 -- skipping it.

sh-3.2# echo $?
130
sh-3.2#
=======================================

...and the output file:

+++++++++++++++++++++++++++++++++++++++

Starting Nmap 5.05BETA1 ( http://nmap.org ) at 2009-09-23 08:36 EDT
Fetchfile found ./nmap-services
The max # of sockets we are using is: 0
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
doing 0.0.0.0 = 192.168.1.1
mass_rdns: Using DNS server 192.168.1.1

NSOCK (0.0350s) UDP connection requested to 192.168.1.1:53 (IOD #1)EID 8NSOCK (0.0350s) Read request from IOD #1 [192.168.1.1:53] (timeout:-1ms) EID 18

Initiating Parallel DNS resolution of 1 host. at 08:36
mass_rdns: TRANSMITTING for <192.168.1.1> (server <192.168.1.1>)

NSOCK (0.0350s) Write request for 42 bytes to IOD #1 EID 27[192.168.1.1:53]: .............1.1.168.192.in-addr.arpa.....

NSOCK (0.0350s) nsock_loop() started (timeout=500ms). 3 events pending
NSOCK (0.0350s) Callback: CONNECT SUCCESS for EID 8 [192.168.1.1:53]
NSOCK (0.0350s) Callback: WRITE SUCCESS for EID 27 [192.168.1.1:53]

NSOCK (0.0490s) Callback: READ SUCCESS for EID 18 [192.168.1.1:53] (62bytes): .............1.1.168.192.in-addr.arpa..................0ur1an.NSOCK (0.0490s) Read request from IOD #1 [192.168.1.1:53] (timeout:-1ms) EID 34

CAPACITY <192.168.1.1> = 12
mass_rdns: OK MATCHED <192.168.1.1> to <0ur1an>
mass_rdns: 0.01s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 08:36, 0.01s elapsed

DNS resolution of 1 IPs took 0.01s. Mode: Async [#: 1, OK: 1, NX: 0,DR: 0, SF: 0, TR: 1, CN: 0]

Initiating UDP Scan at 08:36

++++++++++++++++++++++++++++++++++++++++

I killed it with ^C at 08:41

Walt

On Sep 22, 2009, at 9:28 PM, David Fifield wrote:

On Sat, Sep 12, 2009 at 01:36:53PM -0400, Walt Scrivens wrote:

After reading your comments, I downloaded the latest (5.05BETA1)versionand tried some of the same scans I had been using earlier. Here isthe

result:
*************************
sh-3.2# nmap --send-ip -PN -d -sU -p67 --script=dhcp-inform --script-
args=dhcptype=DHCPINFORM 192.168.1.1

Starting Nmap 5.05BETA1 ( http://nmap.org ) at 2009-09-12 13:30 EDT
--------------- Timing report ---------------
 hostgroups: min 1, max 100000
 rtt-timeouts: init 1000, min 100, max 10000
 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
 parallelism: min 0, max 0
 max-retries: 10, host-timeout: 0
 min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Loaded 1 scripts for scanning.
Warning: Unable to open interface vmnet8 -- skipping it.
Warning: Unable to open interface vmnet1 -- skipping it.
mass_rdns: Using DNS server 208.67.222.222
mass_rdns: Using DNS server 208.67.220.220
Initiating Parallel DNS resolution of 1 host. at 13:30
mass_rdns: 0.10s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 13:30, 0.07s elapsed

DNS resolution of 1 IPs took 0.10s. Mode: Async [#: 2, OK: 0, NX:1, DR:

0, SF: 0, TR: 1, CN: 0]
Initiating UDP Scan at 13:30
Scanning 192.168.1.1 [1 port]

Packet capture filter (device en1): dst host 192.168.1.144 and(icmp or

((tcp or udp or sctp) and (src host 192.168.1.1)))

sh-3.2#
************************

It dies completely after printing the "Packet capture filter..."line.That looks suspiciously like a Wireshark display filter, but it isnot

one that I have been using.

I'm stumped.


Please send me the output of the scan with -d4. Like this:

nmap --send-ip -PN -d4 -sU -p67 192.168.1.1 2>&1 > udp-67-1.nmap

Also, what is the output of this command, when run immediately after
Nmap dies?

echo $?

David Fifield



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: dhcp script!, (continued)
- - - Re: dhcp script! David Fifield (Sep 08)
    - Re: dhcp script! Walt Scrivens (Sep 09)
    - Re: dhcp script! David Fifield (Sep 09)
    - Re: dhcp script! Brandon Enright (Sep 09)
    - Re: dhcp script! Walt Scrivens (Sep 09)
    - Re: dhcp script! Walt Scrivens (Sep 09)
    - Re: dhcp script! Brandon Enright (Sep 09)
    - Re: dhcp script! David Fifield (Sep 09)
    - Re: dhcp script! Walt Scrivens (Sep 12)
    - Re: dhcp script! David Fifield (Sep 22)
    - Re: dhcp script! Walt Scrivens (Sep 23)
- Re: dhcp script (version 2) Ron (Sep 08)
  - Re: dhcp script (version 2) Fyodor (Sep 09)
    - Re: dhcp script (version 2) Ron (Sep 09)
    - Re: dhcp script (version 2) Fyodor (Sep 10)
- Re: dhcp script (version 3) Ron (Sep 09)
- DHCP payload probe? David Fifield (Sep 09)
  - Re: DHCP payload probe? Ron (Sep 10)
    - Re: DHCP payload probe? David Fifield (Sep 10)