Nmap Development mailing list archives
Re: Brute library bug in enumeration mode
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 17 Aug 2016 16:09:41 -0500
Phil, Eli, Thanks for the reports. I applied something like your patch in r36127. We're still working through some of the pain from upgrading to Lua 5.3, which uses separate integer and float types internally, so please continue to report any crashes like this you may see. Dan On Tue, Aug 16, 2016 at 11:25 PM, Phil <mainframed767 () gmail com> wrote:
Thats unfortunate it was never fixed. Dev admins, is there a specific reason this wasn’t patched? Should patches be submitted through github now? Just curious on the current process. Thanks for the update Eli. On Aug 16, 2016, at 12:27 PM, Eli Shemer <eli.shemer () greensql com> wrote: Hey Phil, I addressed this problem a couple of weeks ago, but I got no response from the mailing list. You can try to apply my patch at the bottom of the mail. Have a good day. ---------- Forwarded message ---------- From: Eli Shemer <eli.shemer () greensql com> Date: Fri, Jul 29, 2016 at 10:18 PM Subject: brute script - bad argument error To: dev () nmap org, patrik () cqure net On the current svn branch, I ran: nmap -d -sV --script http-brute.nse -p 80 localhost and I got this error: NSE: http-brute against localhost (127.0.0.1:80 <http://127.0.0.1/>) threw an error! /usr/local/nmap/bin/../share/nmap/nselib/brute.lua:721: bad argument #3 to 'format' (number has no integer representation) stack traceback: [C]: in function 'string.format' /usr/local/nmap/bin/../share/nmap/nselib/brute.lua:721: in method 'start' /usr/local/nmap/share/nmap/scripts/http-brute.nse:163: in function </usr/local/nmap/share/nmap/scripts/http-brute.nse:132> (...tail calls...) This patch fixed it for me [root@localhost nmap]# diff nselib/brute.lua /usr/local/nmap/bin/../share/nmap/nselib/brute.lua 721c721 < result.Statistics = ("Performed %d guesses in %d seconds, average tps: %d"):format( self.counter, time_diff, tps ) ---result.Statistics = ("Performed %d guesses in %d seconds, averagetps: %f"):format( self.counter, time_diff, tps ) and I got the following output in the second run. |_ Statistics: Performed 50009 guesses in 32 seconds, average tps: 1614.547619 | On Tue, Aug 16, 2016 at 7:12 PM, Phil <mainframed767 () gmail com> wrote:Just updated to most recent version on a blank vm to test this. Basically, when using a script that uses: engine.options.passonly = true the script dies with: /usr/local/bin/../share/nmap/nselib/brute.lua:721: bad argument #3 to 'format' (number has no integer representation) stack traceback: [C]: in function 'string.format' /usr/local/bin/../share/nmap/nselib/brute.lua:721: in method 'start' tso-enum.nse:204: in function <tso-enum.nse:193> (...tail calls...) Line 721 from brute.lua is: result.Statistics = ("Performed %d guesses in %d seconds, average tps: %d"):format( self.counter, time_diff, tps ) The source for the script I’m using is here: https://github.com/zedse c390/NMAP/blob/master/tso-enum.nse Version info: Nmap version 7.25SVN ( https://nmap.org ) Platform: x86_64-unknown-linux-gnu Compiled with: liblua-5.3.3 libpcre-8.38 nmap-libpcap-1.7.3 nmap-libdnet-1.12 ipv6 Compiled without: openssl Available nsock engines: epoll poll select _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/-- Eli Shemer | Software Engineer | GreenSQL |Office: +972-3-687-0033 | Mobile:+ 972-54-617-5724| eli.shemer () greensql com www.greensql.com _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Brute library bug in enumeration mode Phil (Aug 16)
- Re: Brute library bug in enumeration mode Eli Shemer (Aug 16)
- Re: Brute library bug in enumeration mode Phil (Aug 16)
- Re: Brute library bug in enumeration mode Daniel Miller (Aug 17)
- Re: Brute library bug in enumeration mode Phil (Aug 16)
- Re: Brute library bug in enumeration mode Eli Shemer (Aug 16)