Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Nsock EOF

From: devin bjelland <devinbjelland () gmail com>
Date: Tue, 12 Aug 2014 10:16:02 -0500
Hi everyone,

I'm working on a binding the libssh2 library (the code is located at
/nmap-exp/devin/libssh2-integration). I have a bug in how my code interacts
with nsock and I was hoping someone more familiar with nsock could shed
some light on it. Some of the time, during the ssh handshake, a call to
nsock.receive results in an EOF. The call to receive is in the function
filter() on line 104 of nse_libssh2.cc. The error then gets caught by
finish_read().

You can trigger the error with
./nmap -vv -dd  -Pn -p 22 --script=ssh-brute scanme.nmap.org

Here is some selected output from the above command near where the error
happen:

NSOCK INFO [4.1460s] nsi_new2(): nsi_new (IOD #41)
NSOCK INFO [4.1460s] nsock_connect_tcp(): TCP connection requested to
74.207.244.221:22 (IOD #41) EID 1528
NSOCK INFO [4.2290s] nsock_trace_handler_callback(): Callback: CONNECT
SUCCESS for EID 1456 [74.207.244.221:22]
NSOCK INFO [4.2320s] nsock_trace_handler_callback(): Callback: CONNECT
SUCCESS for EID 1464 [74.207.244.221:22]
NSOCK INFO [4.2330s] nsock_trace_handler_callback(): Callback: CONNECT
SUCCESS for EID 1472 [74.207.244.221:22]
NSOCK INFO [4.2330s] nsock_trace_handler_callback(): Callback: CONNECT
SUCCESS for EID 1480 [74.207.244.221:22]
NSOCK INFO [4.2340s] nsock_trace_handler_callback(): Callback: CONNECT
SUCCESS for EID 1488 [74.207.244.221:22]
NSOCK INFO [4.2350s] nsock_trace_handler_callback(): Callback: CONNECT
SUCCESS for EID 1496 [74.207.244.221:22]
NSOCK INFO [4.2360s] nsock_trace_handler_callback(): Callback: CONNECT
SUCCESS for EID 1512 [74.207.244.221:22]
NSOCK INFO [4.2370s] nsock_trace_handler_callback(): Callback: CONNECT
SUCCESS for EID 1504 [74.207.244.221:22]
NSOCK INFO [4.2370s] nsock_trace_handler_callback(): Callback: CONNECT
SUCCESS for EID 1520 [74.207.244.221:22]
NSOCK INFO [4.2380s] nsock_trace_handler_callback(): Callback: CONNECT
SUCCESS for EID 1528 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_trace_handler_callback(): Callback: WRITE
SUCCESS for EID 1539 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_trace_handler_callback(): Callback: WRITE
SUCCESS for EID 1547 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_trace_handler_callback(): Callback: WRITE
SUCCESS for EID 1555 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_trace_handler_callback(): Callback: WRITE
SUCCESS for EID 1563 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_trace_handler_callback(): Callback: WRITE
SUCCESS for EID 1571 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_trace_handler_callback(): Callback: WRITE
SUCCESS for EID 1579 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_trace_handler_callback(): Callback: WRITE
SUCCESS for EID 1587 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_trace_handler_callback(): Callback: WRITE
SUCCESS for EID 1595 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_trace_handler_callback(): Callback: WRITE
SUCCESS for EID 1603 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_trace_handler_callback(): Callback: WRITE
SUCCESS for EID 1611 [74.207.244.221:22]
NSOCK INFO [4.2390s] nsock_read(): Read request from IOD #32 [
74.207.244.221:22] (timeout: 30000ms) EID 1618
NSOCK INFO [4.2390s] nsock_read(): Read request from IOD #33 [
74.207.244.221:22] (timeout: 30000ms) EID 1626
NSOCK INFO [4.2390s] nsock_read(): Read request from IOD #34 [
74.207.244.221:22] (timeout: 30000ms) EID 1634
NSOCK INFO [4.2390s] nsock_read(): Read request from IOD #35 [
74.207.244.221:22] (timeout: 30000ms) EID 1642
NSOCK INFO [4.2390s] nsock_read(): Read request from IOD #36 [
74.207.244.221:22] (timeout: 30000ms) EID 1650
NSOCK INFO [4.2390s] nsock_read(): Read request from IOD #37 [
74.207.244.221:22] (timeout: 30000ms) EID 1658
NSOCK INFO [4.2390s] nsock_read(): Read request from IOD #38 [
74.207.244.221:22] (timeout: 30000ms) EID 1666
NSOCK INFO [4.2390s] nsock_read(): Read request from IOD #39 [
74.207.244.221:22] (timeout: 30000ms) EID 1674
NSOCK INFO [4.2390s] nsock_read(): Read request from IOD #40 [
74.207.244.221:22] (timeout: 30000ms) EID 1682
NSOCK INFO [4.2400s] nsock_read(): Read request from IOD #41 [
74.207.244.221:22] (timeout: 30000ms) EID 1690
NSOCK INFO [4.3430s] nsock_trace_handler_callback(): Callback: READ EOF for
EID 1618 [74.207.244.221:22]
NSOCK INFO [4.3840s] nsock_trace_handler_callback(): Callback: READ EOF for
EID 1626 [74.207.244.221:22]
NSE: [ssh-brute 74.207.244.221:22 W:13ef500] libssh2 error: EOF
NSE: Finished 'ssh-brute' W:13ea5f0 against scanme.nmap.org (
74.207.244.221:22).
NSE: [ssh-brute 74.207.244.221:22 W:13ef500] libssh2 error: EOF
NSE: Finished 'ssh-brute' W:140bc60 against scanme.nmap.org (
74.207.244.221:22).
NSOCK INFO [4.3900s] nsi_delete(): nsi_delete (IOD #13)
NSOCK INFO [4.3900s] nsi_delete(): nsi_delete (IOD #33)
NSOCK INFO [4.3900s] nsi_delete(): nsi_delete (IOD #23)
NSOCK INFO [4.3900s] nsi_delete(): nsi_delete (IOD #3)
NSOCK INFO [4.3900s] nsi_delete(): nsi_delete (IOD #12)
NSOCK INFO [4.3900s] nsi_delete(): nsi_delete (IOD #32)
NSOCK INFO [4.3900s] nsi_delete(): nsi_delete (IOD #22)
NSOCK INFO [4.3900s] nsi_delete(): nsi_delete (IOD #2)
NSOCK INFO [4.3910s] nsock_trace_handler_callback(): Callback: READ EOF for
EID 1634 [74.207.244.221:22]
NSOCK INFO [4.3940s] nsock_trace_handler_callback(): Callback: READ EOF for
EID 1642 [74.207.244.221:22]
NSOCK INFO [4.3950s] nsock_trace_handler_callback(): Callback: READ EOF for
EID 1650 [74.207.244.221:22]
NSOCK INFO [4.3960s] nsock_trace_handler_callback(): Callback: READ EOF for
EID 1658 [74.207.244.221:22]
NSOCK INFO [4.3960s] nsock_trace_handler_callback(): Callback: READ EOF for
EID 1674 [74.207.244.221:22]
NSOCK INFO [4.3980s] nsock_trace_handler_callback(): Callback: READ EOF for
EID 1666 [74.207.244.221:22]
NSOCK INFO [4.4110s] nsock_trace_handler_callback(): Callback: READ EOF for
EID 1682 [74.207.244.221:22]
NSOCK INFO [4.4230s] nsock_trace_handler_callback(): Callback: READ EOF for
EID 1690 [74.207.244.221:22]
NSE: [ssh-brute 74.207.244.221:22 W:13ef500] libssh2 error: EOF
NSE: Finished 'ssh-brute' W:13ead90 against scanme.nmap.org (
74.207.244.221:22).

Any ideas would be appreciated.

Cheers,
Devin
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: