nmap_wrapper.nes is not an executable, it is a shared library (.so) renamed to a .nes extention. nm would have shown you this.
It is a wrapper around the nmap executable. I recommend you look at the code because you are definitely "playing" with things the wrong way.
As you probably guessed from above, I haven't looked at the code much,
but is there any risk to nessus in general as a result of
nmap_wrapper.nes segfaulting? Anyone think of a way that a user could
feed it garbage data to purposefully cause it to crash? Is this
something that is potentially exploitable in other words?
Homework answer: If you are refering to a buffer overflow, hum, I run the nmap_wrapper.nes as myself (a non privileged user), I then feed garbage to nmap_wrapper.nes (which of course is running as myself) to exploit what? To exploit myself? I already have permissions as myself. Cracking 101 = Exploit to gain permissions you do not already have. What if I am root feeding garbage to an executable, to exploit myself once again? If I am root trying to exploit a process running as myself what do I gain? More root? Nessus is a tool. You need to understand things outside the Nessus program to understand Nessus itself. Erik Nathan R. Valentine wrote:
I was playing with nmap_wrapper.nes the other day and noticed that if
you run it from the command line without any options or input it
segfaults. At least on my machine it does.
Is nmap_wrapper.nes one of the plugins that should never be run from the
command line because it reads from a special pipe or something?
Homework question:
As you probably guessed from above, I haven't looked at the code much,
but is there any risk to nessus in general as a result of
nmap_wrapper.nes segfaulting? Anyone think of a way that a user could
feed it garbage data to purposefully cause it to crash? Is this
something that is potentially exploitable in other words?
- [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
