Skip to content
This repository was archived by the owner on Feb 26, 2021. It is now read-only.
This repository was archived by the owner on Feb 26, 2021. It is now read-only.

NMAP crash if a NMAP CLI warning appears #35

Open
Open
NMAP crash if a NMAP CLI warning appears#35
Assignees
J12934
Labels
bugSomething isn't working
@rfelber

Description

@rfelber
rfelber
opened on Apr 30, 2020

Describe the bug
As a security tester i would like to configure nmap scans with an intensive version detection of all found ports. In some cases NMAP shows some warnings regarding the version detection. If a warning appears the SCB NMAP scanner will crash instead of ignoring them.

To Reproduce
Steps to reproduce the behavior:

  1. Start an nmap securityTest with version detection (within the SCB API)
[
  {
    "context": "Feature Team 1",
    "metaData": {
      "additionalProp1": "string",
      "additionalProp2": "string",
      "additionalProp3": "string"
    },
    "name": "nmap",
    "target": {
      "attributes": {
        "NMAP_PARAMETER": "--top-ports 250 -sV --version-intensity 2"
      },
      "location": "192.168.0.1/24",
      "name": "SecureCodeBox Demo NMAP Scan"
    }
  }
]
  1. If a warning appears like the follwing the scanner crash like:
SCANNING location: "192.168.0.1/24", parameters: "--top-ports 250 -sV --version-intensity 2"
WARNING: Service 192.168.0.157:80 had already soft-matched rtsp, but now soft-matched sip; ignoring second value
Failed to perform Job "ae1fb39a-897a-11ea-bb19-0a580a80028f" Error: Failed to execute nmap portscan.
at ScannerScaffolding.worker [as _worker] (/src/src/nmap.js:138:23)
at runMicrotasks (<anonymous>)
at processTicksAndRejections (internal/process/task_queues.js:94:5)
Job Failure submitted succesfully.
  1. If you do the same with nmap nativ you get:
nmap 192.168.0.1/24 --top-ports 250 -sV --version-intensity 2
Starting Nmap 7.80 ( https://nmap.org ) at 2020-04-30 21:10 CEST
WARNING: Service 192.168.0.92:80 had already soft-matched rtsp, but now soft-matched sip; ignoring second value
WARNING: Service 192.168.0.152:80 had already soft-matched rtsp, but now soft-matched sip; ignoring second value
WARNING: Service 192.168.0.157:80 had already soft-matched rtsp, but now soft-matched sip; ignoring second value

(all results...)

Expected behavior
The NMAP scanner must not crash if a warning appears. Instead it should just ignore them and work on...

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions