Nmap Development mailing list archives
Re: Malicious web server can make nmap consume all RAM memory.
From: David Fifield <david () bamsoftware com>
Date: Wed, 8 Apr 2015 08:08:17 -0700
On Wed, Apr 08, 2015 at 01:06:16PM +0200, el draco wrote:
* Second experiment nmap -sS -A -n -v -d -p 8800 localhost Now nmap is using -A, and the nse scripts get stuck in the honeypot. Maybe the nse engine is vulnerable. The vulnerable http requests were: GET /flumemaster.jsp (flume-master-info) GET /rs-status GET / GET /jobtracker.jsp GET /master.jsp OPTIONS / GET /tasktracker.jsp GET /browseDirectory.jsp GET /status.jsp GET /dfshealth.jsp GET /robots.txt These requests are done by some nse scripts, they were connected for 2:09 minutes and downloaded 105MB each. Which actually killed the machine running nmap because it filled its 4GB ram in 2 minutes. I had to manually stop nmap in order to recover the machine.
Thanks for your message. Please see this recent thread on the same topic: http://seclists.org/nmap-dev/2015/q2/6 David Fifield _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Malicious web server can make nmap consume all RAM memory. el draco (Apr 08)
- Re: Malicious web server can make nmap consume all RAM memory. David Fifield (Apr 08)
- Re: Malicious web server can make nmap consume all RAM memory. el draco (Apr 08)
- Re: Malicious web server can make nmap consume all RAM memory. Nick Marsh (Apr 09)
- Re: Malicious web server can make nmap consume all RAM memory. el draco (Apr 13)
- Re: Malicious web server can make nmap consume all RAM memory. David Fifield (Apr 08)