Bug in Nmap for Windows
Results 1 to 7 of 7

Thread: Bug in Nmap for Windows

  1. #1
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884

    Bug in Nmap for Windows

    I rarely use Nmap for windows but I was forced to while educating a friend. In the process, I found a bug (or so I believe) so if anyone would like to test this before I submit it to Insecure.org, I'd appreciate it.

    SOFTWARE
    ====================================
    WinXP Pro SP1
    Nmap for Windows v1.3.1
    Winpcap v3.0

    SETTINGS
    ====================================
    SYN Stealth scan against any IP you like (other than your own)
    Select Port Range and use 1-65535
    Select Bounce Scan and enter the IP of the host you are currently using.
    Hit "Scan" NOTE: This will cause the box to reboot.

    EFFECT
    ====================================
    While I don't think that the scan type or port range have anything to do with it, when you hit "scan" you get a blue screen along with a bunch of error messages that post for about a half second and the box immediately reboots. It also seems that bootup takes awhile longer than normal after you execute the scan.

    Oh yeah, I do realize you are not supposed to put your IP in the Bounce field but then again, most of the bugs I find have nothing to do with how software is "supposed" to work/be used in the first place.

    Anyway, any other confirmation would be appreciated.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    SOFTWARE
    ====================================
    WinXP Pro SP1 + all available updates
    Nmap for Windows v1.3.1
    Winpcap v3.0

    SETTINGS
    ====================================
    SYN Stealth scan against any IP you like (other than your own)
    Select Port Range and use 1-65535
    Select Bounce Scan and enter the IP of the host you are currently using.

    EFFECT
    ====================================
    Scan completed, no reboot.

    Can not duplicate...

    Hope that helps ya! Lets see what some others get.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    I had the same problem with my XP pro box horse. Same versions and everything, but once I hit scan my whole machine reboots. I'm glad I'm not the only one with this problem.
    =

  4. #4
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    I had the same problem with my XP pro box horse. Same versions and everything, but once I hit scan my whole machine reboots. I'm glad I'm not the only one with this problem.
    Did you attempt a regular scan or did you use the steps I provided above?

    Thanks!
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  5. #5
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Ok... that was weird....

    Now I am able to crash it... the only thing I did differently this time was to scan a box with a lower ip...

    example

    my first scan... I scanned from machine 192.168.x.151 and put that in the bounce scan as directed. My target was 192.168.x.153. I scanned from a XP Pro box to a RH9 box.

    Scan was fine.

    I got a bit curious and did it again...

    my second scan... I scanned from machine 192.168.x.151 and put that in the bounce scan as directed. My target was 192.168.x.101. I scanned from a Xp Pro box to a Win98 box.

    Instant lockup. Started to write to disk, but no reboot. I remember disabling the reboot on crash though... so thats prolly why it didn't reboot.

    I have tried it several times... sometimes it crashes... sometimes it doesn't...

    http://www.activewin.com/winxp/tips/basic/20.shtml

    the link above has instructions to make the machine stay at the BSOD and not reboot so you can read it.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  6. #6
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    I used the steps that you provided above.

    It crashes everytime on me.
    =

  7. #7
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    OK, looks like I have enough to send on to Insecure. Thanks for trying it out fellas. I dumped the error message out and I added it to my bug report. I'll let ya know what they say.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •