Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Response to David/Service Probes

From: David Fifield <david () bamsoftware com>
Date: Sun, 25 Oct 2009 22:40:22 -0600
On Sat, Oct 24, 2009 at 04:10:21AM +0000, mike wrote:

now that i see how you explained that to me, i understand my error. so
basically nmap only offers a few probes we have to use for
solicitation of the response, right? the match lines are simply
service responses that are sent back when sending an empy payload,
correct?


Well, the match lines are for responses to any of the probes, not just
the NULL probe (empty payload). But yes, that's right.


did anyone come up with anything reguarding the error i send to the
forum previously involving the script scan attempt and getting back
this:

NSOCK (6.5000s) nsock_loop() started (timeout=50ms). 1 events pending
NSOCK (6.5630s) nsock_loop() started (timeout=50ms). 1 events pending
NSOCK (6.6250s) nsock_loop() started (timeout=50ms). 1 events pending
NSOCK (6.6880s) nsock_loop() started (timeout=50ms). 1 events pending
NSOCK (6.7500s) nsock_loop() started (timeout=50ms). 1 events pending
NSOCK (6.8130s) Callback: READ TIMEOUT for EID 34 [127.0.0.1:1723]
NSOCK (6.8130s) nsock_loop() started (timeout=50ms). 0 events pending
NSE: TCP 127.0.0.1:3934 > 127.0.0.1:1723 | CLOSE
NSE: 'pptp-version' (thread: 010A67E0) threw an error!
TIMEOUT
stack traceback:
        [C]: in function 'try'
        ./pptp-version.nse:43: in function <./pptp-version.nse:17>
        (tail call): ?
Completed NSE at 03:59, 5.28s elapsed
 
nmap args were as follows nmap -sT -v -n -P0 --max-retries 1 -ttl 64 -script=pptp-version.nse -p 1723 -reason (target)

i understand the timeout and service not listening/responding...but
why the error report? shouldn't "TIMED OUT" be enough?


That's just a normal error message and is nothing to worry about. The
stack trace may be surprising but it's useful for script developers and
users. That script should probably be modified to catch timeouts like
that and exit silently.


also quickly, and maybe a bit nitpicky as well, i saw the probe
""SMBProgNeg"---should this be changed to SMBProtNeg for Negotiate
Protocol?


That's a good question. Does anyone know the origin of that name?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: