RE: nmap v6.00: Strange connect error from 192.168.1.1 (10048): Only one usage of each socket address (protocol/network address/port) is normally permitted. Assertion failed: 0, file src\nsock_core.c, line 364

[Jeff Kayser <jeff.kayser () jibeconsulting com>]

Hi, David.

OK.  The plaintext is below.  The individual images (in *.JPG format) are attached.

Jeff Kayser
Jibe Consulting | Oracle Principal Consultant
2501 SW 1st Ave. Suite 300. Portland, OR 97201
O: 503-517-3266 | C: 503.901.5021
jeff.kayser () jibeconsulting com



Comment:

Thank you for putting out such a fabulous tool, and making it free.  I am not a network security expert, but I play 
around a little, and so I wanted to try out nmap v6.00.  After trying it for a while, I encountered an error.  You 
probably already know about this error, but just in case, I am submitted a problem report.
Once again, thank you for your great work on behalf of network security.
Jeff Kayser

Issue:

Strange connect error from 192.168.1.1 (10048): Only one usage of each socket address (protocol/network address/port) 
is normally permitted. Assertion failed: 0, file src\nsock_core.c, line 364 

Version of nmap installed: 6.00
nmap-6.00-setup.exe
 

Version of WinPcap installed: 4.1.2

This was previously installed via a Wireshark install.  When I ran the nmap v6.00 installer, it left the current 
version of WinPcap installed, saying that I would need to uninstall WinPcap to get a newer version from the nmap 
install.

Computer onto which I installed nmap v6.00:
Windows 7 Professional SP1 64-bit.

 
Nmap command run:

nmap -sS -sU -T4 -A -v -PE -PP -PS21,22,23,25,80,113,31339 -PA80,113,443,10042 -PO --script all 192.168.1.1-254 
Screenshot of Zenmap with error at the bottom:

 
 
Nmap output with error at the bottom:

Starting Nmap 6.00 ( http://nmap.org ) at 2012-05-28 10:20 Pacific Daylight Time
NSE: Loaded 348 scripts for scanning. 
NSE: Script Pre-scanning. 
NSE: url-snarf no network interface was supplied, aborting ... 
Initiating NSE at 10:20
Completed NSE at 10:21, 52.91s elapsed
Pre-scan script results: 
|_eap-info: please specify an interface with -e
| targets-asn:  
|_  targets-asn.asn is a mandatory parameter
| broadcast-dhcp-discover:  
|   IP Offered: 192.168.1.44 
|   DHCP Message Type: DHCPOFFER 
|   Server Identifier: 192.168.1.1 
|   IP Address Lease Time: 1 day, 0:00:00 
|   Subnet Mask: 255.255.255.0 
|   Router: 192.168.1.1
|_  Domain Name Server: 192.168.1.1
| broadcast-ping:  
|   IP: 192.168.1.2  MAC: 00:1b:63:02:e1:a4 _  Use 
|--script-args=newtargets to add the results as targets
| broadcast-netbios-master-browser:  
|_ip  server  domain
| lltd-discovery:  
|   IP: 192.168.31.136    MAC: 00:0c:29:7f:13:c1 
|_  Use the newtargets script-arg to add the results as targets
| broadcast-dns-service-discovery:  
|   192.168.1.49 
|     3689/tcp home-sharing 
|       txtvers=1 
|       hQ=150 
|       dmv=131080 
|       iTSh Version=196616 
|       MID=0xA08DC7E7383F4236 
|       PrVs=65538 
|       Database ID=A08DC7E7383F4239 
|       OSsi=0x5F43917 
|       Version=196619 
|       Machine Name=Jeff Kayser\xE2\x80\x99s Desktop Library 
|       hG=00000000-3db3-337c-b901-a6833d054f45 
|       Machine ID=96210F40947B 
|       hC=06668b13-fe99-44a4-96d8-f444ce5eb4c6 
|       Address=192.168.1.49 
|   192.168.1.235 
|     80/tcp http 
|       Address=192.168.1.235 
|     515/tcp printer 
|       txtvers=1 
|       qtotal=1 
|       pdl=application/vnd.hp-PCL 
|       rp=duerqxesz5090 
|       ty=Brother MFC-8860DN 
|       product=(Brother MFC-8860DN) 
|       adminurl=http://MFC-8860DN.local./ 
|       priority=75 
|       usb_MFG=Brother 
|       usb_MDL=MFC-8860DN 
|       Color=F 
|       Copies=T 
|       Duplex=F 
|       PaperCustom=T 
|       Binary=T 
|       Transparent=T 
|       TBCP=F 
|       Address=192.168.1.235 
|     631/tcp ipp 
|       txtvers=1 
|       qtotal=1 
|       pdl=application/vnd.hp-PCL 
|       rp=duerqxesz5090 
|       ty=Brother MFC-8860DN 
|       product=(Brother MFC-8860DN) 
|       adminurl=http://MFC-8860DN.local./ 
|       priority=50 
|       usb_MFG=Brother 
|       usb_MDL=MFC-8860DN 
|       Color=F 
|       Copies=T 
|       Duplex=F 
|       PaperCustom=T 
|       Binary=T 
|       Transparent=T 
|       TBCP=F 
|_      Address=192.168.1.235 
| broadcast-wpad-discover:  
|_  ERROR: Could not find WPAD using DNS/DHCP
| broadcast-listener:  
|   udp 
|       Netbios 
|         ip              query 
|_        192.168.31.136  \x01\x02__MSBROWSE__\x02\x01 
| broadcast-avahi-dos:  
|   Discovered hosts: 
|     192.168.1.49 
|     192.168.1.235 
|   After NULL UDP avahi packet DoS (CVE-2011-1002). 
|_  Hosts are all up (not vulnerable). 
Initiating ARP Ping Scan at 10:21
Scanning 5 hosts [1 port/host]
Completed ARP Ping Scan at 10:21, 1.09s elapsed (5 total hosts) Initiating Parallel DNS resolution of 5 hosts. at 10:21 
Completed Parallel DNS resolution of 5 hosts. at 10:21, 0.04s elapsed Nmap scan report for 192.168.1.2 [host down] Nmap 
scan report for 192.168.1.3 [host down] Nmap scan report for 192.168.1.4 [host down] Nmap scan report for 192.168.1.5 
[host down] Initiating Parallel DNS resolution of 1 host. at 10:21 Completed Parallel DNS resolution of 1 host. at 
10:21, 0.04s elapsed Initiating SYN Stealth Scan at 10:21 Scanning 192.168.1.1 [1000 ports] Discovered open port 23/tcp 
on 192.168.1.1 Discovered open port 80/tcp on 192.168.1.1 Discovered open port 3333/tcp on 192.168.1.1 Discovered open 
port 5555/tcp on 192.168.1.1 Completed SYN Stealth Scan at 10:21, 1.03s elapsed (1000 total ports) Initiating UDP Scan 
at 10:21 Scanning 192.168.1.1 [1000 ports] Increasing send delay for 192.168.1.1 from 0 to 50 due to 
max_successful_tryno increase to 5 Increasing send delay for 192.168.1.1 from 50 to 100 due to 11 out of 12 dropped 
probes since last increase. 
Increasing send delay for 192.168.1.1 from 100 to 200 due to 11 out of 11 dropped probes since last increase. 
UDP Scan Timing: About 8.86% done; ETC: 10:26 (0:05:19 remaining) Increasing send delay for 192.168.1.1 from 200 to 400 
due to 11 out of 11 dropped probes since last increase. 
Increasing send delay for 192.168.1.1 from 400 to 800 due to 11 out of 11 dropped probes since last increase. 
UDP Scan Timing: About 12.69% done; ETC: 10:29 (0:07:00 remaining) UDP Scan Timing: About 15.66% done; ETC: 10:30 
(0:08:10 remaining) UDP Scan Timing: About 20.31% done; ETC: 10:32 (0:08:42 remaining) UDP Scan Timing: About 40.20% 
done; ETC: 10:34 (0:08:08 remaining) UDP Scan Timing: About 46.96% done; ETC: 10:35 (0:07:25 remaining) UDP Scan 
Timing: About 53.00% done; ETC: 10:35 (0:06:43 remaining) Discovered open port 53/udp on 192.168.1.1 UDP Scan Timing: 
About 58.40% done; ETC: 10:35 (0:06:00 remaining) UDP Scan Timing: About 64.07% done; ETC: 10:35 (0:05:15 remaining) 
UDP Scan Timing: About 69.60% done; ETC: 10:35 (0:04:29 remaining) UDP Scan Timing: About 75.03% done; ETC: 10:36 
(0:03:43 remaining) UDP Scan Timing: About 80.30% done; ETC: 10:36 (0:02:56 remaining) UDP Scan Timing: About 85.53% 
done; ETC: 10:36 (0:02:10 remaining) UDP Scan Timing: About 90.74% done; ETC: 10:36 (0:01:24 remaining) UDP Scan 
Timing: About 95.96% done; ETC: 10:36 (0:00:37 remaining) Completed UDP Scan at 10:36, 949.77s elapsed (1000 total 
ports) Initiating Service scan at 10:36 Scanning 47 services on 192.168.1.1 Service scan Timing: About 10.64% done; 
ETC: 10:42 (0:04:46 remaining) Service scan Timing: About 31.91% done; ETC: 10:40 (0:02:42 remaining) Completed Service 
scan at 10:39, 140.14s elapsed (47 services on 1 host) Initiating OS detection (try #1) against 192.168.1.1
NSE: Script scanning 192.168.1.1. 
Initiating NSE at 10:39
Discovered open port 67/udp on 192.168.1.1 Discovered open port 1900/udp on 192.168.1.1 Strange connect error from 
192.168.1.1 (10048): Only one usage of each socket address (protocol/network address/port) is normally permitted. 
Assertion failed: 0, file src\nsock_core.c, line 364 

Target on which nmap encountered the error:

Netgear Wireless-N Router model WNR2000

Slow comprehensive scan of target that nmap had the issue with:

nmap -sS -sU -T4 -A -v -PE -PP -PS21,22,23,25,80,113,31339 -PA80,113,443,10042 -PO --script all 192.168.1.1

Starting Nmap 6.00 ( http://nmap.org ) at 2012-05-28 11:00 Pacific Daylight Time
NSE: Loaded 348 scripts for scanning. 
NSE: Script Pre-scanning. 
NSE: url-snarf no network interface was supplied, aborting ... 
Initiating NSE at 11:00
Completed NSE at 11:01, 54.80s elapsed
Pre-scan script results: 
|_eap-info: please specify an interface with -e
| targets-asn:  
|_  targets-asn.asn is a mandatory parameter
| broadcast-dhcp-discover:  
|   IP Offered: 192.168.1.44 
|   DHCP Message Type: DHCPOFFER 
|   Server Identifier: 192.168.1.1 
|   IP Address Lease Time: 1 day, 0:00:00 
|   Subnet Mask: 255.255.255.0 
|   Router: 192.168.1.1
|_  Domain Name Server: 192.168.1.1
| broadcast-wpad-discover:  
|_  ERROR: Could not find WPAD using DNS/DHCP
| broadcast-ping:  
|   IP: 192.168.1.2  MAC: 00:1b:63:02:e1:a4 _  Use 
|--script-args=newtargets to add the results as targets
| broadcast-netbios-master-browser:  
| ip            server        domain 
|_192.168.1.26  WINXPLEUPOLD  HOME
| lltd-discovery:  
|   IP: 192.168.1.49      MAC: 00:19:d1:28:24:84 
|   IP: 192.168.1.26      MAC: 00:0c:29:86:b4:62 
|   IP: 192.168.31.136    MAC: 00:0c:29:7f:13:c1 
|_  Use the newtargets script-arg to add the results as targets
| broadcast-dns-service-discovery:  
|   192.168.1.49 
|     3689/tcp home-sharing 
|       txtvers=1 
|       hQ=150 
|       dmv=131080 
|       iTSh Version=196616 
|       MID=0xA08DC7E7383F4236 
|       PrVs=65538 
|       Database ID=A08DC7E7383F4239 
|       OSsi=0x4A81E 
|       Version=196619 
|       Machine Name=Jeff Kayser\xE2\x80\x99s Desktop Library 
|       hG=00000000-3db3-337c-b901-a6833d054f45 
|       Machine ID=96210F40947B 
|       hC=06668b13-fe99-44a4-96d8-f444ce5eb4c6 
|       Address=192.168.1.49 
|   192.168.1.235 
|     80/tcp http 
|       Address=192.168.1.235 
|     515/tcp printer 
|       txtvers=1 
|       qtotal=1 
|       pdl=application/vnd.hp-PCL 
|       rp=duerqxesz5090 
|       ty=Brother MFC-8860DN 
|       product=(Brother MFC-8860DN) 
|       adminurl=http://MFC-8860DN.local./ 
|       priority=75 
|       usb_MFG=Brother 
|       usb_MDL=MFC-8860DN 
|       Color=F 
|       Copies=T 
|       Duplex=F 
|       PaperCustom=T 
|       Binary=T 
|       Transparent=T 
|       TBCP=F 
|       Address=192.168.1.235 
|     631/tcp ipp 
|       txtvers=1 
|       qtotal=1 
|       pdl=application/vnd.hp-PCL 
|       rp=duerqxesz5090 
|       ty=Brother MFC-8860DN 
|       product=(Brother MFC-8860DN) 
|       adminurl=http://MFC-8860DN.local./ 
|       priority=50 
|       usb_MFG=Brother 
|       usb_MDL=MFC-8860DN 
|       Color=F 
|       Copies=T 
|       Duplex=F 
|       PaperCustom=T 
|       Binary=T 
|       Transparent=T 
|       TBCP=F 
|       Address=192.168.1.235 
|     9100/tcp pdl-datastream 
|       txtvers=1 
|       qtotal=1 
|       pdl=application/vnd.hp-PCL 
|       ty=Brother MFC-8860DN 
|       product=(Brother MFC-8860DN) 
|       adminurl=http://MFC-8860DN.local./ 
|       priority=25 
|       usb_MFG=Brother 
|       usb_MDL=MFC-8860DN 
|       Color=F 
|       Copies=T 
|       Duplex=F 
|       PaperCustom=T 
|       Binary=T 
|       Transparent=F 
|       TBCP=T 
|_      Address=192.168.1.235 
| broadcast-avahi-dos:  
|   Discovered hosts: 
|     192.168.1.49 
|     192.168.1.235 
|   After NULL UDP avahi packet DoS (CVE-2011-1002). 
|_  Hosts are all up (not vulnerable). 
Initiating ARP Ping Scan at 11:01
Scanning 192.168.1.1 [1 port]
Completed ARP Ping Scan at 11:01, 1.07s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 11:01 
Completed Parallel DNS resolution of 1 host. at 11:01, 0.04s elapsed Initiating SYN Stealth Scan at 11:01 Scanning 
192.168.1.1 [1000 ports] Discovered open port 23/tcp on 192.168.1.1 Discovered open port 80/tcp on 192.168.1.1 
Discovered open port 3333/tcp on 192.168.1.1 Discovered open port 5555/tcp on 192.168.1.1 Completed SYN Stealth Scan at 
11:01, 0.89s elapsed (1000 total ports) Initiating UDP Scan at 11:01 Scanning 192.168.1.1 [1000 ports] Increasing send 
delay for 192.168.1.1 from 0 to 50 due to max_successful_tryno increase to 5 Increasing send delay for 192.168.1.1 from 
50 to 100 due to 11 out of 12 dropped probes since last increase. 
Increasing send delay for 192.168.1.1 from 100 to 200 due to 11 out of 11 dropped probes since last increase. 
UDP Scan Timing: About 8.79% done; ETC: 11:07 (0:05:22 remaining) Increasing send delay for 192.168.1.1 from 200 to 400 
due to 11 out of 11 dropped probes since last increase. 
Increasing send delay for 192.168.1.1 from 400 to 800 due to 11 out of 11 dropped probes since last increase. 
UDP Scan Timing: About 12.56% done; ETC: 11:09 (0:07:05 remaining) UDP Scan Timing: About 15.81% done; ETC: 11:10 
(0:08:04 remaining) UDP Scan Timing: About 19.06% done; ETC: 11:11 (0:08:34 remaining) UDP Scan Timing: About 41.99% 
done; ETC: 11:15 (0:08:02 remaining) Discovered open port 53/udp on 192.168.1.1 UDP Scan Timing: About 48.00% done; 
ETC: 11:15 (0:07:20 remaining) UDP Scan Timing: About 53.83% done; ETC: 11:15 (0:06:37 remaining) UDP Scan Timing: 
About 59.66% done; ETC: 11:15 (0:05:52 remaining) UDP Scan Timing: About 65.19% done; ETC: 11:15 (0:05:07 remaining) 
UDP Scan Timing: About 70.71% done; ETC: 11:16 (0:04:20 remaining) UDP Scan Timing: About 75.93% done; ETC: 11:16 
(0:03:35 remaining) UDP Scan Timing: About 81.09% done; ETC: 11:16 (0:02:50 remaining) UDP Scan Timing: About 86.36% 
done; ETC: 11:16 (0:02:03 remaining) UDP Scan Timing: About 91.49% done; ETC: 11:16 (0:01:17 remaining) UDP Scan 
Timing: About 96.70% done; ETC: 11:16 (0:00:30 remaining) Completed UDP Scan at 11:17, 949.21s elapsed (1000 total 
ports) Initiating Service scan at 11:17 Scanning 48 services on 192.168.1.1 Service scan Timing: About 10.42% done; 
ETC: 11:24 (0:06:53 remaining) Service scan Timing: About 64.58% done; ETC: 11:19 (0:00:45 remaining) Completed Service 
scan at 11:19, 140.16s elapsed (48 services on 1 host) Initiating OS detection (try #1) against 192.168.1.1
NSE: Script scanning 192.168.1.1. 
Initiating NSE at 11:19
Strange connect error from 192.168.1.1 (10048): Only one usage of each socket address (protocol/network address/port) 
is normally permitted. Assertion failed: 0, file src\nsock_core.c, line 364 


-----Original Message-----
From: David Fifield [mailto:david () bamsoftware com]
Sent: Tuesday, May 29, 2012 12:41 PM
To: Jeff Kayser
Cc: nmap-dev () insecure org
Subject: Re: nmap v6.00: Strange connect error from 192.168.1.1 (10048): Only one usage of each socket address 
(protocol/network address/port) is normally permitted. Assertion failed: 0, file src\nsock_core.c, line 364

On Tue, May 29, 2012 at 04:41:19PM +0000, Jeff Kayser wrote:
> Hi, Ron.
>
> Thank you for your response.
>
> Sorry about the format of the bug report.  I didn't know.   Thanks for
> telling me.
>
> As far as the bug is concerned, as long as the issue gets logged, and 
> someone can eventually work it, that's all that matters.

Could you re-send the report in plain text (and maybe attached images if your original documents had them)?

David Fifield


Disclaimer: This electronic message may contain information that is Confidential or legally privileged. It is intended 
only for the use of the individual(s) and entity named in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete the material from your computer. Do not deliver, distribute or 
copy this message and do not disclose its contents or take any action in reliance on the information it contains.

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/