Re: NSE Windows Raw Socket Fatal Error for Non-Admin (or UAC is Enabled)

[David Fifield <david () bamsoftware com>]

On Mon, Oct 29, 2012 at 09:02:06PM +0000, Rob Nicholls wrote:
> I'm having trouble with Nmap on Windows. It seems that Nmap has
> previously been fairly quietly failing with an error when I run the
> following command with a "low privileged" account (an Admin user
> with UAC enabled):
>
> nmap xxx.xxxxxx.xxx -p 80 --script ipidseq -n -Pn -vv --reason -sCV -d2
>
> For example, I get the following error with r29915:
>
> Initiating NSE at 11:51
> NSE: 'ipidseq' (thread: 02FF52D8) against xxx.xxx.xxx.xxx threw an
> error!
> C:\Program Files\Nmap/scripts\ipidseq.nse:213: failed to open raw
> socket: An attempt was made to access a socket in a way forbidden by
> its
> access permissions.
> (errno 10013)
> stack traceback:
>          [C]: in function 'ip_open'
>          C:\Program Files\Nmap/scripts\ipidseq.nse:213: in function
> <C:\Program Files\Nmap/scripts\ipidseq.nse:204>
>          (...tail calls...)
>
> Completed NSE at 11:51, 0.00s elapsed
>
> This appears to be a lua error generated when udata->sock == -1. But
> I've noticed that r30017 onwards seems to have a fatal error message:
>
> Initiating NSE at 09:46
> socket troubles in nmap_raw_socket: An attempt was made to access a
> socket in a way forbidden by its access permissions.
>   (10013)
>
> This kills the scan completely. Is it possible that revisions
> 29931-29936 are responsible for the fatal change in behaviour, when
> nmap_raw_socket was introduced? I noticed that r29931 added:

Thanks Rob. Please try r30160.

David
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/