From: “Mike .” <dmciscobgp () hotmail com>
Date: Mon, 23 May 2022 21:59:45 +0000
was testing with my router today i noticed this. sent out a dhcp OFFER i am assuming that is what the script is
sending out, and i notice i get back OPEN/FILTERED. if i am receiving a reply back, why is nmap not seeing this,
marking that as such, and calling it OPEN? it is receiving a valid packet response. am i missing something? here is the
output>
from the nmap side of the NSE debug on
NSE: Script scanning 192.168.0.1.
Initiating NSE at 16:47
NSOCK INFO [1.9240s] nsock_iod_new2(): nsock_iod_new (IOD #1)
NSOCK INFO [1.9240s] nsock_setup_udp(): UDP unconnected socket (IOD #1)
NSOCK INFO [1.9240s] mksock_bind_addr(): Binding to 0.0.0.0:68 (IOD #1)
NSOCK INFO [2.4190s] nsock_sendto(): Sendto request for 316 bytes to IOD #1 EID
11 [192.168.0.1:67]
NSE: UDP 0.0.0.0:68 > 192.168.0.1:67 | 00000000: 01 01 06 00 00 00 50 4c 00 00 0
0 00 c0 a8 00 db PL
00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 1c 25 74 %t
00000020: ab e1 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00000090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
000000a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
000000b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
000000c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
000000d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
000000e0: 00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63 c Sc
000000f0: 35 01 08 37 40 fc 01 02 03 04 05 06 07 08 09 0a 5 7@
00000100: 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a
00000110: 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 2a !"#$%&'()*
00000120: 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37 38 39 3a +,-./0123456789:
00000130: 3b 3c 3d 43 42 33 04 00 00 00 01 ff ;<=CB3
NSOCK INFO [2.4260s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for
EID 11 [192.168.0.1:67]
NSE: UDP 0.0.0.0:68 > 192.168.0.1:67 | SEND
NSOCK INFO [2.4280s] nsock_read(): Read request from IOD #1 [192.168.0.1:67] (ti
meout: 5000ms) EID 18
NSOCK INFO [7.4280s] nsock_trace_handler_callback(): Callback: READ TIMEOUT for
EID 18 [192.168.0.1:67]
NSE: UDP 0.0.0.0:68 > 192.168.0.1:67 | CLOSE
NSOCK INFO [7.4280s] nsock_iod_delete(): nsock_iod_delete (IOD #1)
Completed NSE at 16:47, 5.01s elapsed
Nmap scan report for 192.168.0.1
Host is up (0.0020s latency).
PORT STATE SERVICE
67/udp open|filtered dhcps
MAC Address: 2C:95:69:05:4F:86 (Unknown)
and this is what i am seeing back during windump>
328) 192.168.0.1.67 > 192.168.0.219.68: BOOTP/DHCP, Reply, length 300, xid 0xa6
1a, Flags [ none ]
Client-IP 192.168.0.219
Server-IP 192.168.0.1
Client-Ethernet-Address 00:1c:25:74:ab:e1 [|bootp]
that is a valid OFFER/REPLY? any guesses why its still shown as FILTERED at all as not a hard OPEN like it should?
thanks-----Mike
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at https://seclists.org/nmap-dev/
Current thread:
- dhcp script not being seen as open? Mike . (Jun 20)
