Re: nmap crash

[Henri Doreau <henri.doreau () gmail com>]

2015-02-20 17:45 GMT+01:00 Daniel Miller <bonsaiviking () gmail com>:
> Mike,
>
> I just reproduced the problem: it was caused by pressing Ctrl+C while a
> script is sleeping. I reproduced it with a super-simple prerule script which
> just sleeps for 10 seconds. Now we just need to come up with a proper fix.
>
> I do want to caution you that 'http*' includes a few scripts that you
> probably don't want to run for just information gathering:
>
> dos (denial of service) category: http-slowloris. This is probably the
> script that crashed, since it calls sleep a lot. This will run for 30
> minutes by default, and will conflict with other scripts since it tries to
> prevent the target from responding to anyone (even NSE!).
>
> brute category: http-brute, http-form-brute, http-iis-short-name-brute,
> http-joomla-brute, http-proxy-brute, and http-wordpress-brute. If there are
> any authorization forms or 401 codes, some these scripts will try to
> brute-force logins. http-iis-short-name-brute will try to brute-force names
> of files on the target, too.
>
> external category: http-google-malware, http-icloud-findmyiphone,
> http-icloud-sendmsg, http-open-proxy, http-proxy-brute,
> http-robtex-reverse-ip, http-robtex-shared-ns, http-virustotal, and
> http-xssed. These will all request information about your target from
> external sources, or attempt to contact external servers through your
> target.
>
> Dan
Hi,

This was on windows, right? Dan, could you reproduce on Linux as well?
If so can you share the details because simply interrupting a sleeping
script does not crash here. Also, canceling NSE timers seems to work
properly (sleeping script + short --host-timeout value).

Henri
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/