Nmap Development mailing list archives
Re: Conficker scanning with nmap
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Tue, 31 Mar 2009 22:49:54 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 31 Mar 2009 13:53:41 -0500 "Sean Wiese" <Sean.Wiese () nisc coop> wrote:
Brandon, Thanks for your post and your attention to this. I have been scanning various subnets, all working fine, but one subnet in particular returns this result: "evp_enc.c(282): OpenSSL internal error, assertion failed: inl > 0 aborted" ideas on what is triggering this?
Sean, Several people have reported that issue to me. I haven't (and I don't think any other dev) has had time to really look into the issue. One person generously provided a backtrace for me. Can you provide more details about the system you're on? What version of OpenSSL are you running? What distro are you on? Did you build Nmap from the tarball or install it via RPM? Here's the last part of the output from NMAP: NSE: SMB: Sending SMB_COM_SESSION_SETUP_ANDX NSE: SMB: Couldn't find a username to use, not logging in NSE: SMB: Couldn't find domain to use, using blank NSE: SMB: Using default logon type: ntlm NSE: SMB: Using default logon type: ntlm NSE: SMB: Sending SMB_COM_SESSION_SETUP_ANDX NSE: SMB: Couldn't find a username to use, not logging in NSE: SMB: Couldn't find domain to use, using blank NSE: SMB: Using default logon type: ntlm NSE: SMB: Using default logon type: ntlm NSE: SMB: Using password/hash passed as a parameter (username = 'guest') NSE: SMB: Lanman hash: aad3b435b51404eeaad3b435b51404ee NSE: SMB: NTLM hash: 31d6cfe0d16ae931b73c59d7e0c089c0 NSE: SMB: Creating NTLMv1 response evp_enc.c(282): OpenSSL internal error, assertion failed: inl > 0 And here's the gdb backtrace output Core was generated by `/usr/local/bin/nmap -sC --script=smb-check-vulns - --script-args=safe=1 -p445 -d2'. Program terminated with signal 6, Aborted. [New process 10375] #0 0xb800d416 in __kernel_vsyscall () Missing separate debuginfos, use: debuginfo-install e2fsprogs.i386 gcc.i386 glibc.i686 keyutils.i386 krb5.i386 libselinux.i386 openssl.i686 zlib.i386 (gdb) bt #0 0xb800d416 in __kernel_vsyscall () #1 0x0082a660 in raise () from /lib/libc.so.6 #2 0x0082c028 in abort () from /lib/libc.so.6 #3 0x03192c5a in OpenSSLDie () from /lib/libcrypto.so.7 #4 0x031f7cb0 in EVP_EncryptUpdate () from /lib/libcrypto.so.7 #5 0x080c1544 in ?? () #6 0x080efbe3 in ?? () #7 0x09709db0 in ?? () #8 0x0965e8f0 in ?? () #9 0xbff08008 in ?? () #10 0x080f7f49 in ?? () #11 0x096772f0 in ?? () #12 0x00000408 in ?? () #13 0xbff08008 in ?? () #14 0x080f7be5 in ?? () #15 0x096772f0 in ?? () #16 0x0963fae8 in ?? () #17 0x0965e8f0 in ?? () #18 0x09382868 in ?? () #19 0x0963fae8 in ?? () #20 0x09709db0 in ?? () #21 0x096774d8 in ?? () #22 0x00000001 in ?? () #23 0x09643614 in ?? () #24 0x09382868 in ?? () #25 0xbff080a8 in ?? () #26 0x080f9010 in ?? () #27 0x09709db0 in ?? () #28 0x09382868 in ?? () #29 0x00000001 in ?? () #30 0x09382868 in ?? () #31 0x092d3eb8 in ?? () #32 0x097c5848 in ?? () #33 0x092cd810 in ?? () #34 0x00966140 in ?? () from /lib/libc.so.6 #35 0x092ac7b0 in ?? () #36 0x09644d40 in ?? () #37 0x000a0209 in ?? () #38 0x093827fc in ?? () #39 0x0963fa28 in ?? () #40 0x09643614 in ?? () #41 0x09382868 in ?? () #42 0x0976acf8 in ?? () #43 0x093827f0 in ?? () #44 0x092cd810 in ?? () #45 0x00000102 in ?? () #46 0x00000000 in ?? () I think what this is telling us is that the OpenSSL routines Ron uses to do the NTLM crypto work are failing on us. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (GNU/Linux) iEYEARECAAYFAknSnhgACgkQqaGPzAsl94KfdwCbBoY5gkzyhS/LT5n3J0HljckZ oXQAoLJMR5MQnYrSXuF74CbeUar2zspG =VPuY -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Conficker scanning with nmap Sean Wiese (Mar 31)
- Re: Conficker scanning with nmap Brandon Enright (Mar 31)