Comments (11)
GMedian
commented on July 22, 2024
4
Hello.
It turns out I have accidentally pushed an unstable working copy. Thank you for noticing!
Made a new release, should be OK now.
from nmap-vulners.
011235813213455
commented on July 22, 2024
2
Check the script with random port::
"-P0 -Pn --system-dns"
from nmap-vulners.
GMedian
commented on July 22, 2024
1
Hello,
It might happen if no cpe is found for the working software. Could you please make a scan of some well-known and vulnerable site?
For instance you might compare your results with the example.png in the repo.
from nmap-vulners.
naumek
commented on July 22, 2024
1
Works like a charm 👍
from nmap-vulners.
slayerlab
commented on July 22, 2024
1
Hi @gbiagomba,
Try using --version-intensity flag greater than 7.
Normally, NMap use version-intensity (default: 7, max value: 9) to recognize the target more accurately using all probes on the ports that are meant to be scanned. Namelly, if the recognition is well accurate the return of the scan will have more detailed CPE (with the version included) and that is what the Vulners' NSE script is awaiting.
Obs: By the fact that NMap uses more probes than expected to perform scan, then it is very likely that the scan will be a bit more time consuming than it used to.
from nmap-vulners.
naumek
commented on July 22, 2024
Hi,
I have similar problem. Tried to scan url provided in repo, here is an output:
nmap -sV --script vulners 185.204.100.17
Starting Nmap 7.60 ( https://nmap.org ) at 2018-02-01 12:28 EST
Stats: 0:05:14 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 99.99% done; ETC: 12:33 (0:00:00 remaining)
Stats: 0:05:16 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 99.99% done; ETC: 12:33 (0:00:00 remaining)
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
number
Nmap scan report for sazz15.resouring.com (185.204.100.17)
Host is up (1.2s latency).
Not shown: 984 closed ports
PORT STATE SERVICE VERSION
25/tcp open smtp Exim smtpd 4.84_2
53/tcp open domain ISC BIND DNS
80/tcp open http Apache httpd 2.2.15 ((CentOS))
|_http-server-header: Apache/2.2.15 (CentOS)
110/tcp open pop3 Dovecot pop3d
111/tcp open rpcbind 2-4 (RPC #100000)
| rpcinfo:
| program version port/proto service
| 100000 2,3,4 111/tcp rpcbind
| 100000 2,3,4 111/udp rpcbind
| 100024 1 50440/udp status
|_ 100024 1 55230/tcp status
119/tcp open nntp-proxy Avast! anti-virus NNTP proxy (cannot connect to 185.204.100.17)
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
143/tcp open imap-proxy Avast! anti-virus IMAP proxy (cannot connect to 185.204.100.17)
445/tcp filtered microsoft-ds
465/tcp open ssl/smtp Exim smtpd 4.84_2
563/tcp open tcpwrapped
587/tcp open smtp Exim smtpd 4.84_2
993/tcp open tcpwrapped
995/tcp open ssl/pop3 Dovecot pop3d
3306/tcp open mysql MySQL (unauthorized)
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 382.27 seconds
from nmap-vulners.
gbiagomba
commented on July 22, 2024
When I scanned it using the argument mincvss, it caused nmap to not find the host. Yes I checked to make sure the target was still live and it was
nmap -sV --script vulners --script-args mincvss=5.0 REDACTED
Starting Nmap 7.60 ( https://nmap.org ) at 2018-02-06 15:27 EST
Failed to resolve "REDACTED".
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 20.38 seconds
nmap -sV --script vulners REDACTED
from nmap-vulners.
gbiagomba
commented on July 22, 2024
I tried running it without the extension and this is what I got
nmap -sV --script vulners REDACTED
Starting Nmap 7.60 ( https://nmap.org ) at 2018-02-06 15:28 EST
Stats: 0:01:03 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 63.60% done; ETC: 15:30 (0:00:34 remaining)
Warning: 172.26.151.11 giving up on port because retransmission cap hit (10).
Stats: 0:15:25 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 99.99% done; ETC: 15:44 (0:00:00 remaining)
Stats: 0:18:21 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 99.99% done; ETC: 15:46 (0:00:00 remaining)
Nmap scan report for REDACTED (127.0.0.1)
Host is up (0.95s latency).
Other addresses for REDACTED (not scanned): 127.0.0.1
Not shown: 932 closed ports, 64 filtered ports
PORT STATE SERVICE VERSION
53/tcp open domain Microsoft DNS 6.1.7601
88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2018-02-06 20:53:44Z)
389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: REDACTED, Site: Windstream-ExchangeDR)
636/tcp open tcpwrapped
Service Info: Host: DR-DCPRD2; OS: Windows; CPE: cpe:/o:microsoft:windows
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1516.48 seconds
from nmap-vulners.
GMedian
commented on July 22, 2024
Hello.
Unfortunately, I can not think of a reason for such a behaviour.
Does the problem persist between different runs? I.e. subsequent runs with and without mincvss arg always produce such results, do not they?
Does it happen on other hosts, or is it just a specific one ?
from nmap-vulners.
gbiagomba
commented on July 22, 2024
Hello,
The problem does consist happen as respectively noted, regardless of host.
from nmap-vulners.
gbiagomba
commented on July 22, 2024
Hello @GMedian
It seems one of your updates to the extension fixed it, I am no longer having this issue.
Thank you everyone else (@naumek @011235813213455 @SLAYEROWNER ) for the help!
from nmap-vulners.
Related Issues (20)
- Vulners
- False positives: IIS 10.0 HOT 1
- Authentication failure HOT 1
- Having problems when running vulscan command
- Scripts error HOT 2
- It seems the argument mincvss not working anymore HOT 2
- openssh false positive vulnerabilties. HOT 2
- No CVE output kali 2021 HOT 5
- Script Engine Initialization Issues -- Debian
- Xc
- Encountered a false positive
- -
- Nmap Vulnerability
- Nmap
- Does this auto-update? HOT 1
- Windows nmap script
- nmap: vuln scanner [C]: in function 'error' HOT 2
- Minor issue - Typo
- API KEY from https://vulners.com/userinfo?tab=api-keys
- Vulners FREE API - Anomaly with user agent HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nmap-vulners.