Nmap Development mailing list archives
Re: [Exp PATCH] Start OSScan more quickly
From: "Eddie Bell" <ejlbell () gmail com>
Date: Thu, 14 Jun 2007 20:42:38 +0100
Hey Kris,
Cool idea. I haven't look at the code very deeply but I think
clearHost() causes problems for the code that runs after it
$ sudo gdb ./nmap
(gdb) r -sS -p1-30 -O --osscan-quick -iR 200 -v
<snip>
Program received signal SIGSEGV, Segmentation fault.
HostScanStats::destroyOutstandingProbe at scan_engine.cc:1501
1501 if (!probe->timedout) {
(gdb) info stack
#0 HostScanStats::destroyOutstandingProbe (this=0xf859a0,
probeI=<value optimized out>) at scan_engine.cc:1501
#1 0x000000000043474f in HostScanStats::clearHost (this=0xf859a0) at
scan_engine.cc:1483
#2 0x000000000043966d in processData (USI=0xf857a0) at scan_engine.cc:3389
Also the check in scan_engine.cc only checks for osscan_quick. This
might cause a problem if the user has only specified that and not an
osscan (-O)
cheers
- eddie
On 12/06/07, Kris Katterjohn <katterjohn () gmail com> wrote:
Hey everyone! I have attached an experimental (read: it works for me, but there's probably a better way) patch (off soc07) for people when they really just want to use Nmap's OS Detection. So, basically, --osscan-quick is an option added to end the port scanning of a host when an open and closed TCP port and/or a closed UDP port is determined, as this is what the OS Detection uses. The idea being that if we don't know what ports are open/closed on the host, we can't limit the ports scanned using -p. But if we just want to determine the OS, we don't really want to scan all the ports of the host because that can take a while for information we don't want. The clearHost() stuff in scan_engine.cc is the thing that can probably be done better. Is there a better way to end prematurely? Does doing this cause any problems? I didn't encounter any, but very thorough tests were not done. Please let me know what you think. Thanks, Kris Katterjohn _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [Exp PATCH] Start OSScan more quickly Kris Katterjohn (Jun 12)
- Re: [Exp PATCH] Start OSScan more quickly Eddie Bell (Jun 14)
- Re: [Exp PATCH] Start OSScan more quickly Kris Katterjohn (Jun 14)
- Re: [Exp PATCH] Start OSScan more quickly Eddie Bell (Jun 14)