Nmap Development mailing list archives
nmap hang due to bind failed
From: "泰森" <24123782 () qq com>
Date: Thu, 15 Jan 2015 13:31:24 +0800
Hi, all: First, I'm not sure if somebody has reported this issue. When I use nmap 6.47 to scan my hosts, sometimes nmap never quit. Here is my command: nmap -Pn -O -sT -sV --version-intensity 4 10.18.209.151 -e eth1 -T 3 --max-retries 5 --min-rate 250 --min-parallelism 100 -n -oX /tmp/logs/nmap_test.log --open Here are some parts of nmap output: NSOCK ERROR [80.7190s] mksock_bind_addr(): Bind to 0.0.0.0:443 failed (IOD #15): Address already in use (98) Nmap scan report for 10.18.209.151 Host is up (0.00062s latency). Not shown: 525 closed ports, 448 filtered ports PORT STATE SERVICE VERSION 7/tcp open echo 9/tcp open discard? 13/tcp open daytime Sun Solaris daytime 19/tcp open chargen 21/tcp open ftp Solaris ftpd 22/tcp open ssh SunSSH 1.0 (protocol 2.0) 23/tcp open telnet Sun Solaris telnetd 37/tcp open time (32 bits) 79/tcp open finger Sun Solaris fingerd 111/tcp open rpcbind 2-4 (RPC #100000) 512/tcp open exec 513/tcp open login 514/tcp open tcpwrapped 515/tcp open printer Sun Solaris lpd 4045/tcp open nlockmgr 1-4 (RPC #100021) 5987/tcp open wbem-rmi? 6112/tcp open tcpwrapped 7100/tcp open font-service Sun Solaris fs.auto 32771/tcp open ttdbserverd 1 (RPC #100083) 32772/tcp open kcms_server 1 (RPC #100221) 32773/tcp open metad 1 (RPC #100229) 32774/tcp open metamhd 1 (RPC #100230) 32775/tcp open rpc.metamedd 1 (RPC #100242) 32776/tcp open rusersd 2-3 (RPC #100002) 32777/tcp open status 1 (RPC #100024) 32780/tcp open sometimes-rpc23? 32781/tcp open dmispd 1 (RPC #300598) MAC Address: 00:50:56:A2:00:34 (VMware) No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ). TCP/IP fingerprint: OS:SCAN(V=6.47%E=4%D=3/14%OT=7%CT=1%CU=34485%PV=Y%DS=1%DC=D%G=Y%M=005056%TM OS:=550446DB%P=i686-pc-linux-gnu)SEQ(SP=AB%GCD=2%ISR=B4%CI=I%II=I%TS=7)OPS( OS:O1=NNT11M5B4NW1NNS%O2=NNT11M5B4NW1NNS%O3=NNT11M5B4NW1%O4=NNT11M5B4NW1NNS OS:%O5=NNT11M5B4NW1NNS%O6=NNT11M5B4NNS)WIN(W1=8218%W2=8220%W3=80CA%W4=80F4% OS:W5=80F4%W6=FFF7)ECN(R=Y%DF=Y%T=3C%W=8052%O=M5B4NW1NNS%CC=Y%Q=)T1(R=Y%DF= OS:Y%T=3C%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z% OS:F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y OS:%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=N)U1(R=Y%DF=Y%T=FF%IPL=70%UN=0%RIP OS:L=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=Y%T=FF%CD=S) Network Distance: 1 hop Service Info: Host: bjtest; OS: Solaris; CPE: cpe:/o:sun:sunos OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 110.73 seconds Starting Nmap 6.47 ( http://nmap.org ) at 2015-03-14 22:34 CST NSOCK ERROR [71.9130s] mksock_bind_addr(): Bind to 0.0.0.0:443 failed (IOD #45): Address already in use (98) nmap will stay here and never quit. when I use strace to watch, it output following: epoll_wait(4, {}, 128, 50) = 0 gettimeofday({1426344410, 914303}, NULL) = 0 gettimeofday({1426344410, 914336}, NULL) = 0 gettimeofday({1426344410, 914408}, NULL) = 0 epoll_wait(4, {}, 128, 50) = 0 gettimeofday({1426344410, 965273}, NULL) = 0 gettimeofday({1426344410, 965295}, NULL) = 0 gettimeofday({1426344410, 965335}, NULL) = 0 epoll_wait(4, {}, 128, 50) = 0 gettimeofday({1426344411, 17302}, NULL) = 0 gettimeofday({1426344411, 17326}, NULL) = 0 gettimeofday({1426344411, 17362}, NULL) = 0 epoll_wait(4, {}, 128, 50) = 0 gettimeofday({1426344411, 68253}, NULL) = 0 gettimeofday({1426344411, 68276}, NULL) = 0 gettimeofday({1426344411, 68308}, NULL) = 0 epoll_wait(4, {}, 128, 50) = 0 gettimeofday({1426344411, 119264}, NULL) = 0 gettimeofday({1426344411, 119288}, NULL) = 0 gettimeofday({1426344411, 119359}, NULL) = 0 I also use gdb to attach nmap process: #0 0xb7736424 in __kernel_vsyscall () #1 0xb72d5098 in epoll_wait () from /lib/libc.so.6 #2 0x08106870 in epoll_loop (nsp=0x8bcc000, msec_timeout=50) at engine_epoll.c:302 #3 0x080ffde4 in nsock_engine_loop (msec_timeout=<optimized out>, nsp=<optimized out>) at nsock_internal.h:423 #4 nsock_loop (nsp=0x8bcc000, msec_timeout=50) at nsock_core.c:935 #5 0x080efb18 in l_loop (L=0x8bc7db0) at nse_nsock.cc:423 #6 0x081222c7 in luaD_precall (L=0x8bc7db0, func=0x8cfaed8, nresults=<optimized out>) at ldo.c:319 #7 0x0812bfb1 in luaV_execute (L=0x8bc7db0) at lvm.c:709 #8 0x08122598 in luaD_call (L=0x8bc7db0, func=0x8bf4368, nResults=0, allowyield=0) at ldo.c:402 #9 0x0811f85f in lua_callk (L=0x8bc7db0, nargs=2, nresults=0, ctx=0, k=0x80) at lapi.c:905 #10 0x080ebf88 in run_main (L=0x8bc7db0) at nse_main.cc:647 #11 0x081222c7 in luaD_precall (L=0x8bc7db0, func=0x8bf4358, nresults=<optimized out>) at ldo.c:319 #12 0x08122568 in luaD_call (L=0x8bc7db0, func=0x8bf4358, nResults=0, allowyield=0) at ldo.c:401 #13 0x0811f819 in f_call (L=0x8bc7db0, ud=0xbf847e58) at lapi.c:923 #14 0x08121745 in luaD_rawrunprotected (L=0x8bc7db0, f=0x811f7f0 <f_call>, ud=0xbf847e58) at ldo.c:131 #15 0x081217b6 in luaD_pcall (L=0x8bc7db0, func=0x811f7f0 <f_call>, u=0xbf847e58, old_top=16, ef=8) at ldo.c:603 #16 0x0811f74f in lua_pcallk (L=0x8bc7db0, nargs=1, nresults=0, errfunc=1, ctx=0, k=0x0) at lapi.c:949 #17 0x080ebcaf in script_scan (targets=..., scantype=SCRIPT_SCAN) at nse_main.cc:805 #18 0x080938d2 in nmap_main (argc=22, argv=0xbf848c64) at nmap.cc:1995 #19 0x08088ea9 in main (argc=22, argv=0xbf848c64) at main.cc:229 (gdb) quit A debugging session is active. Inferior 1 [process 888] will be detached. Quit anyway? (y or n) y Detaching from program: /bin/nmap, process 888 It seems that nmap want to bind port 443 and failed (because I have a apache running on port 443), is this lead to nmap hang? why nmap use port 443 for binding? Any suggestion is welcome, thanks! Ricky
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap hang due to bind failed 泰森 (Jan 14)
- Re: nmap hang due to bind failed Daniel Miller (Jan 14)
- Message not available
- Re: nmap hang due to bind failed Daniel Miller (Jan 15)
- Message not available
- Re: nmap hang due to bind failed Daniel Miller (Jan 15)
- 回复: nmap hang due to bind failed 泰森 (Jan 18)
- Message not available
- Re: nmap hang due to bind failed Daniel Miller (Jan 14)