Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

smb-brute and other smb scripts crash with error 'bad argument #2 to 'format'' in 'string.format' #1713

vanjo9800 opened this issue Aug 27, 2019 · 4 comments


Copy link

I installed the new version of Nmap 7.80 and have noticed the following problem when I run any of the smb scripts, I get:

nmap -oX brute-test -Pn -p 445 --script smb-brute -v --script-args=brute.firstonly=true -d


NSE: Starting smb-brute against
NSE: [smb-brute] SMB: Added account '' to account list
NSE: [smb-brute] SMB: Added account 'guest' to account list
NSE: [smb-brute] SMB: Login as \guest failed (NT_STATUS_LOGON_FAILURE)
NSE: [smb-brute] Remote operating system: Windows 7 Professional 7601 Service Pack 1
NSE: [smb-brute] Couldn't detect lockout policy: NT_STATUS_ACCESS_DENIED
NSE: [smb-brute] WARNING: couldn't determine lockout policy: Couldn't retrieve lockout policy: NT_STATUS_ACCESS_DENIED
NSE: [smb-brute] Trying to get user list from server
NSE: [smb-brute] MSRPC: Failed to enumerate users through LSA: NT_STATUS_ACCESS_DENIED
NSE: [smb-brute] MSRPC: Failed to enumerate users through SAMR: NT_STATUS_ACCESS_DENIED
NSE: [smb-brute] Couldn't enumerate users (normal for Windows XP and higher), using unpwdb initially
NSE: [smb-brute] Opening password list
NSE: [smb-brute] Starting the initial SMB session
NSE: smb-brute against threw an error!
/usr/bin/../share/nmap/nselib/smb.lua:202: bad argument #2 to 'format' (number expected, got boolean)
stack traceback:
        [C]: in function 'string.format'
        /usr/bin/../share/nmap/nselib/smb.lua:202: in function 'smb.get_status_name'
        /usr/bin/../share/nmap/nselib/smb.lua:1285: in upvalue 'start_session_basic'
        /usr/bin/../share/nmap/nselib/smb.lua:1567: in function 'smb.start_session'
        /usr/bin/../share/nmap/scripts/smb-brute.nse:315: in upvalue 'check_login'
        /usr/bin/../share/nmap/scripts/smb-brute.nse:604: in upvalue 'initialize'
        /usr/bin/../share/nmap/scripts/smb-brute.nse:970: in upvalue 'go'
        /usr/bin/../share/nmap/scripts/smb-brute.nse:1079: in function </usr/bin/../share/nmap/scripts/smb-brute.nse:1067>
        (...tail calls...)

As far as I have looked into the code the error comes from wrong parsing of one of the arguments. Can this be cause by older Lua version, or it is a problem with the new version of Nmap.
(It works with Nmap 7.70 on the same machine)

Copy link

Resolved in #1714

Copy link

cnotin commented Aug 28, 2019

Same issue than with open PR #1480

Copy link

Further issues resolved in #1720

@nnposter nnposter self-assigned this Sep 6, 2019
Copy link

nnposter commented Sep 6, 2019

A fix for this issue has been committed as r37730.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

No branches or pull requests

3 participants