-
July 21st, 2003, 01:58 AM
#1
Bug in Nmap for Windows
I rarely use Nmap for windows but I was forced to while educating a friend. In the process, I found a bug (or so I believe) so if anyone would like to test this before I submit it to Insecure.org, I'd appreciate it.
SOFTWARE
====================================
WinXP Pro SP1
Nmap for Windows v1.3.1
Winpcap v3.0
SETTINGS
====================================
SYN Stealth scan against any IP you like (other than your own)
Select Port Range and use 1-65535
Select Bounce Scan and enter the IP of the host you are currently using.
Hit "Scan" NOTE: This will cause the box to reboot.
EFFECT
====================================
While I don't think that the scan type or port range have anything to do with it, when you hit "scan" you get a blue screen along with a bunch of error messages that post for about a half second and the box immediately reboots. It also seems that bootup takes awhile longer than normal after you execute the scan.
Oh yeah, I do realize you are not supposed to put your IP in the Bounce field but then again, most of the bugs I find have nothing to do with how software is "supposed" to work/be used in the first place.
Anyway, any other confirmation would be appreciated.
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
July 21st, 2003, 02:29 AM
#2
SOFTWARE
====================================
WinXP Pro SP1 + all available updates
Nmap for Windows v1.3.1
Winpcap v3.0
SETTINGS
====================================
SYN Stealth scan against any IP you like (other than your own)
Select Port Range and use 1-65535
Select Bounce Scan and enter the IP of the host you are currently using.
EFFECT
====================================
Scan completed, no reboot.
Can not duplicate...
Hope that helps ya! Lets see what some others get.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
July 21st, 2003, 02:50 AM
#3
I had the same problem with my XP pro box horse. Same versions and everything, but once I hit scan my whole machine reboots. I'm glad I'm not the only one with this problem.
-
July 21st, 2003, 03:15 AM
#4
I had the same problem with my XP pro box horse. Same versions and everything, but once I hit scan my whole machine reboots. I'm glad I'm not the only one with this problem.
Did you attempt a regular scan or did you use the steps I provided above?
Thanks!
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
July 21st, 2003, 03:32 AM
#5
Ok... that was weird....
Now I am able to crash it... the only thing I did differently this time was to scan a box with a lower ip...
example
my first scan... I scanned from machine 192.168.x.151 and put that in the bounce scan as directed. My target was 192.168.x.153. I scanned from a XP Pro box to a RH9 box.
Scan was fine.
I got a bit curious and did it again...
my second scan... I scanned from machine 192.168.x.151 and put that in the bounce scan as directed. My target was 192.168.x.101. I scanned from a Xp Pro box to a Win98 box.
Instant lockup. Started to write to disk, but no reboot. I remember disabling the reboot on crash though... so thats prolly why it didn't reboot.
I have tried it several times... sometimes it crashes... sometimes it doesn't...
http://www.activewin.com/winxp/tips/basic/20.shtml
the link above has instructions to make the machine stay at the BSOD and not reboot so you can read it.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
July 21st, 2003, 04:08 AM
#6
I used the steps that you provided above.
It crashes everytime on me.
-
July 21st, 2003, 02:42 PM
#7
OK, looks like I have enough to send on to Insecure. Thanks for trying it out fellas. I dumped the error message out and I added it to my bug report. I'll let ya know what they say.
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|