[Trilug-ontopic] nmap::scanner, perl and os matching

Alexey Toptygin alexeyt at freeshell.org
Wed Apr 4 16:14:57 EDT 2012


On Wed, 4 Apr 2012, Greg Brown wrote:

> I'm scratching my head on this one.  Is anyone using perl and nmap::scanner
> along with guess_os() (a supposed built-in function)?  Here is a code
> snippet:
>
>  my $scan = Nmap::Scanner->new();
>
>  $scan->tcp_syn_scan();
>  $scan->add_scan_port('1-1024');
>  # $scan->guess_os();
>  $scan->add_target($address);
>
>  my $results = $scan->scan();
>
>  my $hosts = $results->get_host_list();
>
>  # $os = $results->guess_os();
>
> If I uncomment just $scan->guess_os() the script breaks about 3/4 of the
> time with errors such as:
>
> <nmap-error>
>  <pid="29819"/>
>  <cmdline="'/usr/bin/nmap' -v -v -v -sS -p 1-1024 -O  -oX -
> 10.239.237.135"/>
>  <nmap-err>WARNING:  OS didn't match until try #2
> </nmap-msg>
> </nmap-error>
>
> On the times it does work the BEST I'm able to do is get some kind of
> binary returned instead of the OS matches.
>
> Any ideas?

What version of nmap do you have installed, and what is the OS on the 
machine you're testing against? If nmap can't tell what the OS is on the 
target it outputs a blob of data that you can submit to the nmap 
developers along with a description if the machine you got it from in 
order to add a new OS fingerprint, maybe that's the 'binary' that you're 
seeing?

 			Alxey


More information about the Trilug-ontopic mailing list