Nmap Development mailing list archives
Re: Brute library bug in enumeration mode
From: Eli Shemer <eli.shemer () greensql com>
Date: Tue, 16 Aug 2016 22:27:35 +0300
Hey Phil, I addressed this problem a couple of weeks ago, but I got no response from the mailing list. You can try to apply my patch at the bottom of the mail. Have a good day. ---------- Forwarded message ---------- From: Eli Shemer <eli.shemer () greensql com> Date: Fri, Jul 29, 2016 at 10:18 PM Subject: brute script - bad argument error To: dev () nmap org, patrik () cqure net On the current svn branch, I ran: nmap -d -sV --script http-brute.nse -p 80 localhost and I got this error: NSE: http-brute against localhost (127.0.0.1:80 <http://127.0.0.1/>) threw an error! /usr/local/nmap/bin/../share/nmap/nselib/brute.lua:721: bad argument #3 to 'format' (number has no integer representation) stack traceback: [C]: in function 'string.format' /usr/local/nmap/bin/../share/nmap/nselib/brute.lua:721: in method 'start' /usr/local/nmap/share/nmap/scripts/http-brute.nse:163: in function </usr/local/nmap/share/nmap/scripts/http-brute.nse:132> (...tail calls...) This patch fixed it for me [root@localhost nmap]# diff nselib/brute.lua /usr/local/nmap/bin/../share/ nmap/nselib/brute.lua 721c721 < result.Statistics = ("Performed %d guesses in %d seconds, average tps: %d"):format( self.counter, time_diff, tps ) ---
result.Statistics = ("Performed %d guesses in %d seconds, average
tps: %f"):format( self.counter, time_diff, tps ) and I got the following output in the second run. |_ Statistics: Performed 50009 guesses in 32 seconds, average tps: 1614.547619 | On Tue, Aug 16, 2016 at 7:12 PM, Phil <mainframed767 () gmail com> wrote:
Just updated to most recent version on a blank vm to test this. Basically, when using a script that uses: engine.options.passonly = true the script dies with: /usr/local/bin/../share/nmap/nselib/brute.lua:721: bad argument #3 to 'format' (number has no integer representation) stack traceback: [C]: in function 'string.format' /usr/local/bin/../share/nmap/nselib/brute.lua:721: in method 'start' tso-enum.nse:204: in function <tso-enum.nse:193> (...tail calls...) Line 721 from brute.lua is: result.Statistics = ("Performed %d guesses in %d seconds, average tps: %d"):format( self.counter, time_diff, tps ) The source for the script I’m using is here: https://github.com/ zedsec390/NMAP/blob/master/tso-enum.nse Version info: Nmap version 7.25SVN ( https://nmap.org ) Platform: x86_64-unknown-linux-gnu Compiled with: liblua-5.3.3 libpcre-8.38 nmap-libpcap-1.7.3 nmap-libdnet-1.12 ipv6 Compiled without: openssl Available nsock engines: epoll poll select _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
-- Eli Shemer | Software Engineer | GreenSQL |Office: +972-3-687-0033 | Mobile:+ 972-54-617-5724| eli.shemer () greensql com www.greensql.com
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Brute library bug in enumeration mode Phil (Aug 16)
- Re: Brute library bug in enumeration mode Eli Shemer (Aug 16)
- Re: Brute library bug in enumeration mode Phil (Aug 16)
- Re: Brute library bug in enumeration mode Daniel Miller (Aug 17)
- Re: Brute library bug in enumeration mode Phil (Aug 16)
- Re: Brute library bug in enumeration mode Eli Shemer (Aug 16)