Nmap Development mailing list archives

Nmap 7.40 broadcast-dhcp-discover issue

From: Steven Shiau <steven () nchc org tw>
Date: Sun, 29 Jan 2017 19:01:15 +0800

Dear Nmap developers,

I am using Nmap to detect DHCP service. However, there is an issue so it
detects no DHCP service, but actually the service exists on my LAN. The
testing environment is on Debian Sid with nmap version 7.40.
# dpkg -l nmap
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                   Version          Architecture     Description
+++-======================-================-================-=================================================
ii  nmap                   7.40-1           amd64            The Network
Mapper

I have a macvlan virtual network device device "macvlan0" :

~# ip -d link show macvlan0
5: macvlan0@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 02:f7:d9:5e:6d:34 brd ff:ff:ff:ff:ff:ff promiscuity 0

    macvlan mode bridge addrgenmode eui64 numtxqueues 1 numrxqueues 1
gso_max_size 65536 gso_max_segs 65535

Then run nmap and it gives the results:
~# nmap -d --script broadcast-dhcp-discover -e macvlan0
===================================
Starting Nmap 7.40 ( https://nmap.org ) at 2017-01-29 17:34 CST
PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0)
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
NSE: Arguments from CLI:
NSE: Loaded 1 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 17:34
NSE: Starting broadcast-dhcp-discover.
NSE: broadcast-dhcp-discover threw an error!
/usr/bin/../share/nmap/nselib/stdnse.lua:87: bad argument #2 to 'format'
(number expected, got nil)
stack traceback:
        [C]: in function 'string.format'
        /usr/bin/../share/nmap/nselib/stdnse.lua:87: in function
'stdnse.debug'
        (...tail calls...)
        /usr/bin/../share/nmap/nselib/dhcp.lua:525: in function
'dhcp.dhcp_parse'
        /usr/bin/../share/nmap/scripts/broadcast-dhcp-discover.nse:132:
in function </usr/bin/../share/nmap/scripts/broadcast-dhcp-discover.nse:113>

NSE: Finished broadcast-dhcp-discover.
Completed NSE at 17:34, 1.03s elapsed
NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 17:34
Completed NSE at 17:34, 0.00s elapsed
Read from /usr/bin/../share/nmap: nmap-services.
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 1.34 seconds
           Raw packets sent: 0 (0B) | Rcvd: 0 (0B)
===================================

This issue also exists on Nmap 7.31, but not on Nmap 7.12.
Please let me know if you need more info.
Thanks.

Steven

-- 
Steven Shiau <steven _at_ stevenshiau org>
Public Key Server PGP Key ID: 4096R/47CF935C
Fingerprint: 0240 1FEB 695D 7112 62F0  8796 11C1 12DA 47CF 935C

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Nmap 7.40 broadcast-dhcp-discover issue Steven Shiau (Jan 29)
- <Possible follow-ups>
- Nmap 7.40 broadcast-dhcp-discover issue Steven Shiau (Jan 30)
  - Re: Nmap 7.40 broadcast-dhcp-discover issue Steven Shiau (Feb 09)
- Re: Nmap 7.40 broadcast-dhcp-discover issue Varunram Ganesh (Jan 30)
- Re: Nmap 7.40 broadcast-dhcp-discover issue Varunram Ganesh (Jan 31)