Nmap Development mailing list archives

Re: Current NSE script errors

From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 23 Jan 2010 18:53:08 +0100


On 22 jan 2010, at 19.34, Brandon Enright wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm seeing occasional NSE script errors.  I haven't dug into any of
these yet but I figure a few of them will be obvious from just this
output.  I'll follow up with additional details when I can find
steps to reproduce them.

Seeing this a ton:

NSE: Script scanning a.b.11.213.
NSE: a thread for /home/bmenrigh/flexmap/nmap/svn/nmap//scripts/x11-access.nse failed to load:
nil
stack traceback:
       [C]: in function 'match'
       ...enrigh/flexmap/nmap/svn/nmap//scripts/x11-access.nse:25: in function '?'
       /home/bmenrigh/flexmap/nmap/svn/nmap//nse_main.lua:217: in function 
</home/bmenrigh/flexmap/nmap/svn/nmap//nse_main.lua:215>


Seeing this often:

NSE: afp-showmount against a.b.10.141:548 threw an error!
FPLogin error: 1710030847
stack traceback:
       [C]: in function 'try'
       ...igh/flexmap/nmap/svn/nmap//scripts/afp-showmount.nse:117: in function 
<...igh/flexmap/nmap/svn/nmap//scripts/afp-showmount.nse:98>
       (tail call): ?


Saw this once:

NSE: http-favicon against a.b.10.141:2002 threw an error!
...righ/flexmap/nmap/svn/nmap//scripts/http-favicon.nse:141: variable 'dirname' is not declared
stack traceback:
       [C]: in function 'error'
       ...me/bmenrigh/flexmap/nmap/svn/nmap//nselib/strict.lua:68: in function 
<...me/bmenrigh/flexmap/nmap/svn/nmap//nselib/strict.lua:59>
       ...righ/flexmap/nmap/svn/nmap//scripts/http-favicon.nse:141: in function 'parse_url_relative'
       ...righ/flexmap/nmap/svn/nmap//scripts/http-favicon.nse:85: in function 
<...righ/flexmap/nmap/svn/nmap//scripts/http-favicon.nse:48>
       (tail call): ?


Saw this once.  It may be related to the timeout:

NSE: socks-open-proxy against a.b.133.119:15636 threw an error!
TIMEOUT
stack traceback:
       [C]: in function 'try'
       ...ome/bmenrigh/flexmap/nmap/svn/nmap//nselib/proxy.lua:199: in function 
<...ome/bmenrigh/flexmap/nmap/svn/nmap//nselib/proxy.lua:187>
       (tail call): ?
       ...ome/bmenrigh/flexmap/nmap/svn/nmap//nselib/proxy.lua:88: in function 'test_get'
       .../flexmap/nmap/svn/nmap//scripts/socks-open-proxy.nse:88: in function 'default_test'
       .../flexmap/nmap/svn/nmap//scripts/socks-open-proxy.nse:154: in function 
<.../flexmap/nmap/svn/nmap//scripts/socks-open-proxy.nse:140>
       (tail call): ?


Saw this once.  Ron, I'll get you more detail on this shortly:

NSE: smb-os-discovery against a.b.17.24 threw an error!
/home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:253: bad argument #2 to 'format' (number expected, got nil)
stack traceback:
       [C]: in function 'format'
       /home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:253: in function 'get_status_name'
       /home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:1278: in function 
</home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:1142>
       (tail call): ?
       /home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:421: in function 'start_ex'
       /home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:2865: in function 'get_os'
       .../flexmap/nmap/svn/nmap//scripts/smb-os-discovery.nse:67: in function 
<.../flexmap/nmap/svn/nmap//scripts/smb-os-discovery.nse:65>
       (tail call): ?


The same host returned this too:

NSE: smb-enum-processes against a.b.17.24 threw an error!
...lexmap/nmap/svn/nmap//scripts/smb-enum-processes.nse:212: attempt to concatenate local 'result' (a nil value)
stack traceback:
       ...lexmap/nmap/svn/nmap//scripts/smb-enum-processes.nse:212: in function 
<...lexmap/nmap/svn/nmap//scripts/smb-enum-processes.nse:205>
       (tail call): ?


And it returned this too:

NSE: smb-check-vulns against a.b.17.24 threw an error!
/home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:253: bad argument #2 to 'format' (number expected, got nil)
stack traceback:
       [C]: in function 'format'
       /home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:253: in function 'get_status_name'
       /home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:1278: in function 
</home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:1142>
       (tail call): ?
       /home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:421: in function 
</home/bmenrigh/flexmap/nmap/svn/nmap//nselib/smb.lua:393>
       (tail call): ?
       ...h/flexmap/nmap/svn/nmap//scripts/smb-check-vulns.nse:223: in function 'check_conficker'
       ...h/flexmap/nmap/svn/nmap//scripts/smb-check-vulns.nse:449: in function 
<...h/flexmap/nmap/svn/nmap//scripts/smb-check-vulns.nse:425>
       (tail call): ?


More details to follow (hopefully later today).

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)

iEYEARECAAYFAktZ784ACgkQqaGPzAsl94KtZQCfSyGKHnOPznV01SowvQG+ooMY
h2wAn2ZqaLoyoyetFqAfJi2oHwDXMiI7
=KxJS
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



I've had a look at the error in afp-showmount and it occurs when the script fails to authenticate to the AFP server. 
This then triggers the catch that dumps the error message back from the script, which really was my intention. This 
brings me to my question.

Currently this is what I have in the afp-showmount script:

response = try( afp.fp_login( socket, "AFP3.1", "No User Authent") )

This means that if fp_login fails the catch method will be called and return the error back while aborting script 
execution. In this case the error was: FPLogin error: 1710030847, which could obviously have been a lot 
clearer/suitable like "Failed to authenticate as Guest".

The next sample piece of code will accomplish the same thing, but fail silently:

status, response = afp.fp_login( socket, "AFP3.1", "No User Authent")

if not status then
    socket:close()
    return
end

What's the preferred/better way of going about this?  

//Patrik
--
Patrik Karlsson
http://www.cqure.net




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Current NSE script errors Brandon Enright (Jan 22)
- Re: Current NSE script errors Ron (Jan 23)
- Re: Current NSE script errors Patrik Karlsson (Jan 23)
  - Re: Current NSE script errors Ron (Jan 23)
- Re: Current NSE script errors David Fifield (Feb 26)