Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSE Connection Problems on Windows?

From: David Fifield <david () bamsoftware com>
Date: Thu, 11 Oct 2012 10:08:41 -0700
On Thu, Oct 11, 2012 at 03:59:18PM +0100, Rob Nicholls wrote:

I've recently experienced some weird behaviour running NSE scripts
using a version of Nmap I've built myself from SVN on Windows. It
seems to affect scripts that access the same port (e.g. ntp, snmp),
where one or more of them seem to execute properly and then the
remaining ones seem to hang (presumably forever). When it happens,
Nmap will just say something like:

NSE: Active NSE Script Threads: 3 (3 waiting)

Increasing the debugging suggests that it's getting stuck in parts
of the script that are trying to establish a connection:

NSE: Waiting: 'snmp-interfaces' (thread: 037980D8)
        stack traceback:
                [C]: in function 'connect'
                C:\Program
Files\Nmap/scripts\snmp-interfaces.nse:424: in function <C:\Program
Files\Nmap/scripts\snmp-interfaces.nse:391>
                (...tail calls...)

I've tried leaving the scan for a long time and it doesn't appear to
do anything. If I kill the scan it sometimes ends with one or more
occurrences of:

Socket troubles: No error

If it's any help, I don't think I've seen this happen before
September. I can reproduce this hang with a default UDP scan like
the following:

nmap xxx.xxx.xxx.xxx -sUCV -n -Pn --reason --version-intensity 0 -p
100-200

UDP scans against a small range of ports, such as 160-170, seem to
complete okay, which suggests the scripts themselves aren't causing
the hang. Is it possible that this only affects UDP connections (I
don't think my TCP scans have been affected in this way)?


Maybe you can bisect this and find a revision where it broke? This is
fairly easy to do with git-svn (installable with Cygwin).

https://www.kernel.org/pub/software/scm/git/docs/git-bisect.html

$ git svn clone -r 27104..HEAD https://svn.nmap.org/nmap nmap-git
$ cd nmap-get
$ git bisect start master @{August} # Bad rev is somewhere between August and now.
$ make clean && make

Now run your scan and see if the error happens. If it does, then do

$ git bisect bad

Otherwise do

$ git bisect good

Then "make clean && make" again and run your scan again. It will quit
and tell you a bad commit. you can recover the SVN revision number from
"git log" or "git svn log". When you are all finished, or if you mess up
and want to start over, do

$ git bisect reset

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: