Skip to content
This repository was archived by the owner on Feb 26, 2021. It is now read-only.
This repository was archived by the owner on Feb 26, 2021. It is now read-only.

NMAP crash if a NMAP CLI warning appears #35

Open
Open
NMAP crash if a NMAP CLI warning appears#35
Assignees
J12934
Labels
bugSomething isn't working
@rfelber

Description

@rfelber
rfelber
opened on Apr 30, 2020

Describe the bug
As a security tester i would like to configure nmap scans with an intensive version detection of all found ports. In some cases NMAP shows some warnings regarding the version detection. If a warning appears the SCB NMAP scanner will crash instead of ignoring them.

To Reproduce
Steps to reproduce the behavior:

  1. Start an nmap securityTest with version detection (within the SCB API)
[
  {
    "context": "Feature Team 1",
    "metaData": {
      "additionalProp1": "string",
      "additionalProp2": "string",
      "additionalProp3": "string"
    },
    "name": "nmap",
    "target": {
      "attributes": {
        "NMAP_PARAMETER": "--top-ports 250 -sV --version-intensity 2"
      },
      "location": "192.168.0.1/24",
      "name": "SecureCodeBox Demo NMAP Scan"
    }
  }
]
  1. If a warning appears like the follwing the scanner crash like:
SCANNING location: "192.168.0.1/24", parameters: "--top-ports 250 -sV --version-intensity 2"
WARNING: Service 192.168.0.157:80 had already soft-matched rtsp, but now soft-matched sip; ignoring second value
Failed to perform Job "ae1fb39a-897a-11ea-bb19-0a580a80028f" Error: Failed to execute nmap portscan.
at ScannerScaffolding.worker [as _worker] (/src/src/nmap.js:138:23)
at runMicrotasks (<anonymous>)
at processTicksAndRejections (internal/process/task_queues.js:94:5)
Job Failure submitted succesfully.
  1. If you do the same with nmap nativ you get:
nmap 192.168.0.1/24 --top-ports 250 -sV --version-intensity 2
Starting Nmap 7.80 ( https://nmap.org ) at 2020-04-30 21:10 CEST
WARNING: Service 192.168.0.92:80 had already soft-matched rtsp, but now soft-matched sip; ignoring second value
WARNING: Service 192.168.0.152:80 had already soft-matched rtsp, but now soft-matched sip; ignoring second value
WARNING: Service 192.168.0.157:80 had already soft-matched rtsp, but now soft-matched sip; ignoring second value

(all results...)

Expected behavior
The NMAP scanner must not crash if a warning appears. Instead it should just ignore them and work on...

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions