Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Brute library bug in enumeration mode

From: Eli Shemer <eli.shemer () greensql com>
Date: Tue, 16 Aug 2016 22:27:35 +0300
Hey Phil,

I addressed this problem a couple of weeks ago, but I got no response from
the mailing list.
You can try to apply my patch at the bottom of the mail.

Have a good day.

---------- Forwarded message ----------
From: Eli Shemer <eli.shemer () greensql com>
Date: Fri, Jul 29, 2016 at 10:18 PM
Subject: brute script - bad argument error
To: dev () nmap org, patrik () cqure net


On the current svn branch, I ran:
nmap -d  -sV --script http-brute.nse -p 80 localhost

and I got this error:
NSE: http-brute against localhost (127.0.0.1:80 <http://127.0.0.1/>) threw
an error!
/usr/local/nmap/bin/../share/nmap/nselib/brute.lua:721: bad argument #3 to
'format' (number has no integer representation)
stack traceback:
        [C]: in function 'string.format'
        /usr/local/nmap/bin/../share/nmap/nselib/brute.lua:721: in method
'start'
        /usr/local/nmap/share/nmap/scripts/http-brute.nse:163: in function
</usr/local/nmap/share/nmap/scripts/http-brute.nse:132>
        (...tail calls...)


This patch fixed it for me
[root@localhost nmap]# diff nselib/brute.lua  /usr/local/nmap/bin/../share/
nmap/nselib/brute.lua
721c721
<     result.Statistics = ("Performed %d guesses in %d seconds, average
tps: %d"):format( self.counter, time_diff, tps )
---

    result.Statistics = ("Performed %d guesses in %d seconds, average

tps: %f"):format( self.counter, time_diff, tps )



and I got the following output in the second run.

|_  Statistics: Performed 50009 guesses in 32 seconds, average tps:
1614.547619
|


On Tue, Aug 16, 2016 at 7:12 PM, Phil <mainframed767 () gmail com> wrote:


Just updated to most recent version on a blank vm to test this. Basically,
when using a script that uses:
engine.options.passonly = true
the script dies with:

/usr/local/bin/../share/nmap/nselib/brute.lua:721: bad argument #3 to
'format' (number has no integer representation)
stack traceback:
[C]: in function 'string.format'
/usr/local/bin/../share/nmap/nselib/brute.lua:721: in method 'start'
tso-enum.nse:204: in function <tso-enum.nse:193>
(...tail calls...)

Line 721 from brute.lua is:
result.Statistics = ("Performed %d guesses in %d seconds, average tps:
%d"):format( self.counter, time_diff, tps )

The source for the script I’m using is here: https://github.com/
zedsec390/NMAP/blob/master/tso-enum.nse

Version info:

Nmap version 7.25SVN ( https://nmap.org )
Platform: x86_64-unknown-linux-gnu
Compiled with: liblua-5.3.3 libpcre-8.38 nmap-libpcap-1.7.3
nmap-libdnet-1.12 ipv6
Compiled without: openssl
Available nsock engines: epoll poll select



_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/





-- 
Eli Shemer | Software Engineer | GreenSQL |Office: +972-3-687-0033 | Mobile:+
972-54-617-5724| eli.shemer () greensql com www.greensql.com

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: