Nmap Development mailing list archives
Re: Informal Nmap 3.94ALPHA1 Release
From: BAKEMAN <bakeman () physics unr edu>
Date: Mon, 5 Dec 2005 18:52:33 -0800 (PST)
I have observed the same thing on 3.94ALPHA1. I believe that this is the same problem which effected 3.93 and was reported. http://seclists.org/lists/nmap-dev/2005/Jul-Sep/0194.html On Mon, 5 Dec 2005, Ron wrote:
Idle Scan is having an issue when the program ends. It happens whether it finds an invalid zombie, or if it finishes normally. ================= iago@slayer:~/downloads/nmap-3.94ALPHA1$ sudo nmap -sI 192.168.1.4:22 192.168.1.3 Password: WARNING: Many people use -P0 w/Idlescan to prevent pings from their true IP. On the other hand, timing info Nmap gains from pings can allow for faster, more reliable scans. Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2005-12-05 19:46 CST Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too). Idlescan zombie 192.168.1.4 (192.168.1.4) port 22 cannot be used because IPID sequencability class is: All zeros. Try another proxy. QUITTING! caught SIGSEGV signal, cleaning up Aborted ================= With gdb: ================= (gdb) run -sI 192.168.1.4:22 192.168.1.3 Starting program: /home/iago/downloads/nmap-3.94ALPHA1/nmap -sI 192.168.1.4:22 192.168.1.3 WARNING: Many people use -P0 w/Idlescan to prevent pings from their true IP. On the other hand, timing info Nmap gains from pings can allow for faster, more reliable scans. Starting Nmap 3.94ALPHA1 ( http://www.insecure.org/nmap/ ) at 2005-12-05 19:47 CST Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too). Idlescan zombie 192.168.1.4 (192.168.1.4) port 22 cannot be used because IPID sequencability class is: All zeros. Try another proxy. QUITTING! Program received signal SIGSEGV, Segmentation fault. 0x08073032 in ~PortList (this=0x80bff00) at stl_tree.h:651 651 _M_leftmost() const { return (_Link_type&) _M_header->_M_left; } (gdb) backtrace #0 0x08073032 in ~PortList (this=0x80bff00) at stl_tree.h:651 #1 0x080768ec in ~Target (this=0x80bfea0) at Target.cc:145 #2 0x0805da70 in __tcf_0 () at idle_scan.cc:949 #3 0xb7cc99d2 in exit () from /lib/tls/libc.so.6 #4 0x0805a353 in fatal ( fmt=0x809e440 "Idlescan zombie %s (%s) port %hu cannot be used because IPID sequencability class is: %s. Try another proxy.") at nmap_error.cc:119 #5 0x0805bfae in initialize_idleproxy (proxy=0x80bfea0, proxyName=0x80c8088 "192.168.1.4:22", first_target=0x80ea468) at Target.h:147 #6 0x0805d99e in idle_scan (target=0x80ea330, portarray=0x80f5ec8, numports=1668, proxyName=0x80c8088 "192.168.1.4:22") at idle_scan.cc:974 #7 0x0804e3a7 in nmap_main (argc=4, argv=0xbffff6f4) at nmap.cc:1206 #8 0x0804b264 in main (argc=4, argv=0xbffff6f4, envp=0xbffff708) at main.cc:244 ================= For the record, finishing normally: ================= (gdb) run -sI 10.100.254.193:135 192.168.1.3 Starting program: /home/iago/downloads/nmap-3.94ALPHA1/nmap -sI 10.100.254.193:135 192.168.1.3 WARNING: Many people use -P0 w/Idlescan to prevent pings from their true IP. On the other hand, timing info Nmap gains from pings can allow for faster, more reliable scans. Starting Nmap 3.94ALPHA1 ( http://www.insecure.org/nmap/ ) at 2005-12-05 19:56 CST Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too). Idlescan using zombie 10.100.254.193 (10.100.254.193:135); Class: Incremental All 1668 scanned ports on darkside (192.168.1.3) are: closed|filtered MAC Address: 00:05:5D:F3:DF:09 (D-Link Systems) Nmap finished: 1 IP address (1 host up) scanned in 10.759 seconds Program received signal SIGSEGV, Segmentation fault. 0x08073032 in ~PortList (this=0x80bff00) at stl_tree.h:651 651 _M_leftmost() const { return (_Link_type&) _M_header->_M_left; } (gdb) backtrace #0 0x08073032 in ~PortList (this=0x80bff00) at stl_tree.h:651 #1 0x080768ec in ~Target (this=0x80bfea0) at Target.cc:145 #2 0x0805da70 in __tcf_0 () at idle_scan.cc:949 #3 0xb7cc99d2 in exit () from /lib/tls/libc.so.6 #4 0xb7cb3fd5 in __libc_start_main () from /lib/tls/libc.so.6 #5 0x0804afd1 in _start () at ../sysdeps/i386/elf/start.S:119 ================= I'm not sure if it's the same problem as I posted about a few months ago, but that post can be found here: http://seclists.org/lists/nmap-dev/2005/Jul-Sep/0197.html Hope that helps... Ron Fyodor wrote:Nmap Developers, I am happy to announce a new test release of Nmap, with dozens of changes. You can find the goods at: http://download.insecure.org/nmap/dist/nmap-3.94ALPHA1.tar.bz2 http://download.insecure.org/nmap/dist/nmap-3.94ALPHA1.tgz http://download.insecure.org/nmap/dist/nmap-3.94ALPHA1-1.src.rpm http://download.insecure.org/nmap/dist/nmap-3.94ALPHA1-1.x86_64.rpm Please let me know if you find any problems. GPG sigs are in the sigs directory, as usual. I haven't had time to fix the reported Idle scan issues yet, nor the strange Windows reports we have seen lately. Here are the changes since 3.93: o Wrote a new man page from scratch. It is much more comprehensive (more than twice as long) and (IMHO) better organized than the previous one. Read it online at http://www.insecure.org/nmap/man/ or docs/nmap.1 from the Nmap distribution. Let me know if you have any ideas for improving it. I am also looking for translations. If you are interested in translating to a language not already found at http://www.insecure.org/nmap/nmap_documentation.html , please mail Fyodor for the DocBook XML source to translate. o Removed foreign translations of the old man page from the distribution. Included the following contributed translations (nroff format) of the new man page: Brazilian Portuguese by Lucien Raven (lucienraven(a)yahoo.com.br) o Wrote a new "help screen", which you get when running Nmap without arguments. It is also reproduced in the man page and at http://www.insecure.org/nmap/data/nmap.usage.txt . I gave up trying to fit it within a 25-line, 80-column terminal window. It is now 78 lines and summarizes all but the most obscure Nmap options. o Version detection softmatches (when Nmap determines the service protocol such as smtp but isn't able to determine the app name such as Postfix) can now parse out the normal match line fields such as hostname, device type, and extra info. For example, we may not know what vendor created an sshd, but we can still parse out the protocol number. This was a patch from Doug Hoyte (doug(a)hcsw.org). o Fixed a problem which caused UDP version scanning to fail to print the matched service. Thanks to Martin Macok (martin.macok(a)underground.cz) for reporting the problem and Doug Hoyte (doug(a)hcsw.org) for fixing it. o Made the version detection "ports" directive (in nmap-service-probes) more comprehensive. This should speed up scans a bit. The patch was done by Doug Hoyte (doug(a)hcsw.org). o Added the --webxml option, which does the same thing as --stylesheet http://www.insecure.org/nmap/data/nmap.xsl , without requiring you to remember the exact URL or type that whole thing. o Fixed a crash occured when the --exclude option was used with netmasks on certain platforms. Thanks to Adam (nmapuser(a)globalmegahost.com) for reporting the problem and to Greg Darke (starstuff(a)optusnet.com.au) for sending a patch (I modified the patch a bit to make it more efficient). o Fixed a problem with the -S and -e options (spoof/set source address, and set interface by name, respectively). The problem report and a partial patch were sent by Richard Birkett (richard(a)musicbox.net). o Fixed a possible aliasing problem in tcpip.cc by applying a patch sent in by Gwenole Beauchesne (gbeauchesne(a)mandriva.com). This problem shouldn't have had any effect on users since we already include the -fno-strict-aliasing option whenever gcc 4 is detected, but it brings us closer to being able to remove that option. o Fixed a bug that caused Nmap to crash if an nmap-service-probes file was used which didn't contain the Exclude directive. o Fixed a bunch of typos and misspellings throughout the Nmap source code (mostly in comments). This was a 625-line patch by Saint Xavier (skyxav(a)skynet.be). o Nmap now accepts target list files in Windows end-of-line format (\r\n) as well as standard UNIX format (\n) on all platforms. Passing a Windows style file to Nmap on UNIX didn't work before unless you ran dos2unix first. o Removed Identd scan support from NmapFE since Nmap no longer supports it. Thanks to Jonathan Dieter (jdieter99(a)gmx.net) for the patch. o Integrated all of the September version detection fingerprint submissions. This was done by Version Detection Czar Doug Hoyte (doug(a)hcsw.org) and resulted in 86 new match lines. Please keep those submissions coming! o Fixed a divide-by-zero crash when you specify rather bogus command-line arguments (a TCP scan with zero tcp ports). Thanks to Bart Dopheide (dopheide(a)fmf.nl) for identifying the problem and sending a patch. o Fixed a minor syntax error in tcpip.h that was causing problems with GCC 4.1. Thanks to Dirk Mueller (dmuell(a)gmx.net) for reporting the problem and sending a fix. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Informal Nmap 3.94ALPHA1 Release Fyodor (Nov 27)
- Re: Informal Nmap 3.94ALPHA1 Release Ron (Dec 05)
- Re: Informal Nmap 3.94ALPHA1 Release BAKEMAN (Dec 05)
- Re: Informal Nmap 3.94ALPHA1 Release Fyodor (Dec 06)
- Re: Informal Nmap 3.94ALPHA1 Release BAKEMAN (Dec 05)
- Re: Informal Nmap 3.94ALPHA1 Release Ron (Dec 05)