Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Idle scan problems on OS X

From: Herman Torjussen <herman.torjussen () gmail com>
Date: Fri, 21 Nov 2014 11:54:26 +0100
I have a problem doing idle scans, when using a custom zombie probe port when the zombie host specification is a bit 
long.

It seems smaller zombie specifcations works, like zombie.org:

    sudo nmap -Pn -v --top-ports 10 -sI zombie.org:21 target
    
    Starting Nmap 6.47 ( http://nmap.org ) at 2014-11-21 11:24 CET
    Initiating Parallel DNS resolution of 1 host. at 11:24
    Completed Parallel DNS resolution of 1 host. at 11:24, 0.01s elapsed
    Initiating idle scan against target (....) at 11:24
    Idle scan using zombie zombie.org (....); Class: Incremental
    ...

but longer ones like 100-43-221-189.static-ip.foo.zombie.org don't:

    sudo nmap -Pn -v --top-ports 10 -sI 100-43-221-189.static-ip.foo.zombie.org:21 target

    Starting Nmap 6.47 ( http://nmap.org ) at 2014-11-21 11:24 CET
    Initiating Parallel DNS resolution of 1 host. at 11:24
    Completed Parallel DNS resolution of 1 host. at 11:24, 0.00s elapsed
    Initiating idle scan against target (....) at 11:24
    Illegal character(s) in hostname -- replacing with '*'
    Illegal character(s) in hostname -- replacing with '*'
    Illegal character(s) in hostname -- replacing with '*'
    Illegal character(s) in hostname -- replacing with '*'
    Could not resolve idle scan zombie host "100-43-221-189.static-ip.foo.zombie.org@?*": nodename nor servname 
provided, or not known
    QUITTING!

This bug has been fixed for Linux [1], but maybe not for OS X? 
I'm using OS X 10.10.

Herman

[1] http://seclists.org/nmap-dev/2014/q4/85

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: