Nmap Development mailing list archives

Re: Nmap 6.01 not working on Windows 7

From: Djalal Harouni <tixxdz () opendz org>
Date: Mon, 9 Jul 2012 14:37:42 +0100

Hi Rob,

On Tue, Jul 03, 2012 at 03:13:35PM +0100, Rob Nicholls wrote:

-----Original Message-----
From: nmap-dev-bounces () insecure org [mailto:nmap-dev-
bounces () insecure org] On Behalf Of Jake Moe
Sent: 03 July 2012 06:37
To: nmap-dev () insecure org
Subject: Nmap 6.01 not working on Windows 7

If I uninstall v6.01 and reinstall v5.51, it works again.  Reverse the

process and

it doesn't work without --unprivilged and even then, as I said, it works

much

slower.


It wouldn't hurt to send the output from --iflist (inline is fine), but I
wouldn't be surprised if this is caused by some of the interface/route
issues that are affecting a number of other people. It appeared to work fine
up until 5.51 (I think 5.51SVN-dnet-pcap2 in March 2011 was fine too), but I
think the introduction of IPv6 support with 5.52 has broken something. For
some reason my Nmap 6 thinks that all routes should use eth2, even for hosts
on the local subnet for eth1. Djalal was looking into fixing this on Linux,
but his patch seems to break the routes completely on Windows (to be fair, I
wasn't expecting this to work as he did say it wouldn't). You might be able
to get Nmap 6 to work correctly by forcing it to use the correct interface
(e.g. "-e eth1"), assuming this is a routing issue and not some other issue
- if forcing the interface works, do let us know! Using --unprivileged will
force Nmap to use the OS to send it (instead of using WinPcap), and Windows
will know the correct interface and route to use, which is probably why it
works.

That problem is also described here [1]. PATCH 15/23 should fix it,
however with that patch in your situation you will only see routes that are
handled by eth1, you need the other patches to fix these bugs.

But yes these patches will only work on Linux since I've only updated the
libdnet-stripped/src/route-linux.c file to support this solution. To make it
work on BSD, hpux and Windows you need to update the appropriate files.


Perhaps this will work on Windows (sorry I'm not sure...):
If Windows returns interface names in route entries then try to use the
same logic to retrieve and copy the interface name as in the patched:
libdnet-stripped/src/route-linux.c [1]


Otherwise it seems that Windows will return interface IPs instead of
names in route entries ?

So:
1) Add 'struct addr intf_addr' to the end of 'struct route_entry' file:
   libdnet-stripped/include/dnet/route.h

2) In file: libdnet-stripped/src/route-win32.c:route_loop() try to
retrieve the IP of the interface and save it into the previous: 'intf_addr'

The address must be converted and saved in the network format, use
addr_ston() ?

BTW from a quick look the function
libdnet-stripped/src/route-win32.c:route_loop_getipforwardtable() seems
bugy ? it can't handle IPv6, see 'entry.route_gw.addr_ip' and
'entry.route_dst.addr_ip' only IPv4. Ok if this is confirmed then this
needs another mail.


3) Add a new static function to libnetutil/netutil.cc file, call it
collect_dnet_devname(). This function will be called by
collect_dnet_routes() to get the device name.

static int collect_dnet_devname(struct sys_route *route,
                                const struct route_entry *entry)
{
  struct interface_info *ifaces;
  int numifaces = 0;
  struct sockaddr_storage tmp_addr, intf_addr;
  int j;
  int ret = -1;

  /* In case we have the interface name from libdnet */
  if (*entry->intf_name) {
    Strncpy(route->devname, entry->intf_name, sizeof(route->devname));
  } else if (addr_ntos(&entry->intf_addr, (struct sockaddr *) &tmp_addr) != -1) {
    j = canonicalize_address(&tmp_addr, &intf_addr);
    assert(j == 0);

    if (!sockaddr_equal_zero(&intf_addr)) {
      /* Ok we have the interface address */
      ifaces = getinterfaces(&numifaces, NULL, 0);
      
      if (ifaces != NULL && numifaces != 0) {
        for (j = 0; j < numifaces; j++) {
          if (sockaddr_equal(&ifaces[j].addr, &intf_addr)) {
            Strncpy(route->devname, ifaces[j].devfullname, sizeof(route->devname));
            break;
          }
        }
      }
    }
  }

  if (*route->devname)
    ret = 0;

  return ret;
}

(totally intested ...)


Update libnetutil/netutil.cc:collect_dnet_routes() to call this function.

4) Hope that the patched sysroutes_dnet_find_interfaces() will work.

I need to put more time on it, however I'm busy, sorry.


Perhaps someone will send a patch for Windows.

[1] http://seclists.org/nmap-dev/2012/q3/4

-- 
tixxdz
http://opendz.org
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Nmap 6.01 not working on Windows 7 Jake Moe (Jul 02)
- Re: Nmap 6.01 not working on Windows 7 Jugurtha Hadjar (Jul 03)
- RE: Nmap 6.01 not working on Windows 7 Rob Nicholls (Jul 03)
  - Re: Nmap 6.01 not working on Windows 7 Jake Moe (Jul 03)
    - Re: Nmap 6.01 not working on Windows 7 David Fifield (Sep 29)
  - Re: Nmap 6.01 not working on Windows 7 Djalal Harouni (Jul 09)
    - Re: Nmap 6.01 not working on Windows 7 Daniel Miller (Jul 30)
    - Re: Nmap 6.01 not working on Windows 7 David Fifield (Sep 10)