Nmap problem

[Bacardi]

Hello everyone,

I'm having a slight problem with Nmap.

Whenever I use this command:

Code:

nmap -sT -A -P0 IPHERE

It returns with this:

Code:

Starting Nmap 5.51SVN ( http://nmap.org ) at 2011-09-14 16:54 EDT
Traceroute does not support idle or connect scan
QUITTING!

The reason why I'm asking for help is because I'm reading the e-book "Metasploit: The Penetration Tester’s Guide", and this problem is keeping me from continuing.

In the e-book it returns with this:

Code:

Starting Nmap 5.20 ( http://nmap.org ) at 2011-03-15 19:35 EDT
Warning: Traceroute does not support idle or connect scan, disabling...

Any solutions?

Thanks!

[shadowzero]

I don't get those warnings or errors on 5.59BETA1. Try passing the "-vv" and "-d" flags and see if it gives you more information.

[at0mic]

im having the exact same problem but with

Code:

nmap -sT -A --script=smb-check-vulns -PO xxx.xxx.x.xxx

on page 64 of the book...

I ran the command straight from the shell instead of metasploit and it worked last night but when i tried it again tonight it worked but this time did not show the vulns...

its really annoying how it doesnt work from msfconsole though...

If I fix it ill drop you another reply and let you know...

[dave4freedom]

You have to start msfconsole from msf3-dir,
cd /opt/framework/msf3/
then start msfconsole

[bsmartt]

As shadowzero hinted at, the reason your results differ from the book's is nmap version. It seems they changed the behavior when doing a traceroute scan. If you want to follow exactly as it is shown in the book, use the same version of nmap they use.

[DeadWolf]

You have to start msfconsole from msf3-dir,
cd /opt/framework/msf3/
then start msfconsole

Why do you think starting msfconsole from the same directory (as the script) matters?

[crisl]

Why do you think starting msfconsole from the same directory (as the script) matters?

because it loads a different nmap Version:

Code:

root@root:~# cd /opt/framework/msf3/
root@root:/opt/framework/msf3# msfconsole 
...SNIP...

msf >  nmap -sT -A --script=smb-check-vulns -P0 192.168.1.136[*] exec:  nmap -sT -A --script=smb-check-vulns -P0 192.168.1.136


Starting Nmap 5.51SVN ( http://nmap.org ) at 2012-01-29 06:43 EST
Traceroute does not support idle or connect scan
QUITTING!
msf >

now try starting msfconsole from /opt/framework/msf3/

Code:

root@root:/opt/framework/msf3# ./msfconsole 
....SNIP....

msf > nmap -sT -A --script=smb-check-vulns -P0 192.168.1.136[*] exec: nmap -sT -A --script=smb-check-vulns -P0 192.168.1.136


Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2012-01-29 06:45 EST
Nmap scan report for 192.168.1.136
Host is up (0.00060s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE     VERSION

as you can see, the first call uses Nmap 5.51SVN which doesn't work, the second one uses 5.59BETA1 which works! hope this helps.

[burkecabaniss]

My nmap problem is "unrecognized option" on an --exclude parameter.

My command is `nmap -A --send-ip -PN --exclude 192.9.200.37 192.9.200.2-255`

My intent is to identify LAN IP's excluding the nmap host machine

I find no help Googling 'nmap --exclude examples' and similar

I cannot find my error by reading the nmap manual explanation of --exclude

My environment is fc16