Nmap Development mailing list archives

Re: nmap 5.21, OS X 10.6.2 - doesn't work as root

From: David Fifield <david () bamsoftware com>
Date: Tue, 13 Apr 2010 11:37:46 -0600

On Tue, Apr 06, 2010 at 04:17:43PM -0400, Walt Scrivens wrote:

On my 10.6.3, nmap 5.21 works OK but 5.30 BETA bombs:

Walt

sh-3.2# nmap -n -vvv -PN 192.168.1.149

Starting Nmap 5.21 ( http://nmap.org ) at 2010-04-06 16:12 EDT
Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and 
consistency reasons.  set NMAPDIR=. to give priority to files in your local directory (may affect the other data 
files too).
Warning: Unable to open interface vmnet1 -- skipping it.
Warning: Unable to open interface vmnet8 -- skipping it.
Initiating ARP Ping Scan at 16:12
Scanning 192.168.1.149 [1 port]
Completed ARP Ping Scan at 16:12, 0.10s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 16:12
Scanning 192.168.1.149 [1000 ports]
Discovered open port 554/tcp on 192.168.1.149
Discovered open port 445/tcp on 192.168.1.149
Discovered open port 135/tcp on 192.168.1.149
Discovered open port 139/tcp on 192.168.1.149
Discovered open port 2869/tcp on 192.168.1.149
Discovered open port 10243/tcp on 192.168.1.149
Discovered open port 5357/tcp on 192.168.1.149
Completed SYN Stealth Scan at 16:12, 16.88s elapsed (1000 total ports)
Nmap scan report for 192.168.1.149
Host is up (0.017s latency).
Scanned at 2010-04-06 16:12:03 EDT for 17s
Not shown: 993 filtered ports
PORT      STATE SERVICE
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
554/tcp   open  rtsp
2869/tcp  open  unknown
5357/tcp  open  unknown
10243/tcp open  unknown
MAC Address: 00:12:17:66:6A:C2 (Cisco-Linksys)

Read data files from: /usr/local/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 17.27 seconds
           Raw packets sent: 2997 (131.866KB) | Rcvd: 18 (790B)
sh-3.2# ./nmap -n -vvv -PN 192.168.1.149

Starting Nmap 5.30BETA1 ( http://nmap.org ) at 2010-04-06 16:13 EDT
Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and 
consistency reasons.  set NMAPDIR=. to give priority to files in your local directory (may affect the other data 
files too).
Warning: Unable to open interface vmnet1 -- skipping it.
Warning: Unable to open interface vmnet8 -- skipping it.
Initiating SYN Stealth Scan at 16:13
Scanning 192.168.1.149 [1000 ports]


Is the 5.21 from a binary package and the 5.30 built from source? (Or
was the 5.21 perhaps built under 10.6.2 before you upgraded?) This might
be a problem with building in 64-bit mode that went away in 10.6.2 but
might be back in 10.6.3. Patrik reported that rebuilding with -m32
solved the problem, as described in this post:

http://seclists.org/nmap-dev/2009/q4/365

Does it work for you with -m32? Does the binary package from the .dmg
work?

Note that there are two different problems happening in this thread.
What Walt and Patrik have seen (and I can reproduce) is a hang (which is
ocurring inside pcap_next). What Daniel reported in
http://seclists.org/nmap-dev/2010/q1/1199 is a failure of ARP scan, not
a hang. I believe these are separate.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: nmap 5.21, OS X 10.6.2 - doesn't work as root Patrik Karlsson (Apr 06)
- Re: nmap 5.21, OS X 10.6.2 - doesn't work as root Walt Scrivens (Apr 06)
  - Re: nmap 5.21, OS X 10.6.2 - doesn't work as root David Fifield (Apr 13)
    - Re: nmap 5.21, OS X 10.6.2 - doesn't work as root Walt Scrivens (Apr 13)
    - Re: nmap 5.21, OS X 10.6.2 - doesn't work as root David Fifield (Apr 19)
    - Re: nmap 5.21, OS X 10.6.2 - doesn't work as root David Fifield (Apr 20)
    - libpcap 1.1.1 upgrade David Fifield (Apr 20)
    - Re: libpcap 1.1.1 upgrade Patrik Karlsson (Apr 22)
    - Re: nmap 5.21, OS X 10.6.2 - doesn't work as root David Fifield (Apr 20)