You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Adding a single IPv4 address to any one of the interfaces is an effective workaround:
$ ip a add 169.254.11.22/16 dev ens38
$ nmap --iflist
Starting Nmap 7.92SVN ( https://nmap.org ) at 2021-12-18 19:11 MST
************************INTERFACES************************
DEV (SHORT) IP/MASK TYPE UP MTU MAC
ens38 (ens38) 169.254.11.22/16 ethernet up 1500 00:0C:29:D5:7E:57
ens38 (ens38) fe80::4eec:c4e9:392b:bb7d/64 ethernet up 1500 00:0C:29:D5:7E:57
ens33 (ens33) (none)/0 ethernet up 1500 00:0C:29:D5:7E:4D
lo (lo) (none)/0 loopback up 65536
lo (lo) ::1/128 loopback up 65536
**************************ROUTES**************************
DST/MASK DEV METRIC GATEWAY
169.254.0.0/16 ens38 0
::1/128 lo 0
fe80::4eec:c4e9:392b:bb7d/128 ens38 0
::1/128 lo 256
fe80::/64 ens38 101
fe80::/64 ens38 256
ff00::/8 ens38 256
$ nmap -6 ::1
Starting Nmap 7.92SVN ( https://nmap.org ) at 2021-12-18 19:11 MST
Nmap scan report for ip6-localhost (::1)
Host is up (0.0000040s latency).
Not shown: 999 closed tcp ports (reset)
PORT STATE SERVICE
631/tcp open ipp
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
$
The issue can be traced to a SIOCGIFCONFioctl call in libdnet:
if (ioctl(intf->fd, SIOCGIFCONF, &intf->ifc) <0) {
Specifically, the call succeeds but returns a zero-length array of ifreq structures, which is not altogether surprising. Quoting from the manpage for netdevice:
Return a list of interface (transport layer) addresses. This currently means only addresses of the AF_INET (IPv4) family for compatibility.
The zero-length array is rejected later in the code:
Interfaces cannot be enumerated on a Linux system (Ubuntu 18.04 tested) if it completely lacks IPv4 addresses (including the loopback):
As expected, a privileged scan will fail:
Adding a single IPv4 address to any one of the interfaces is an effective workaround:
The issue can be traced to a
SIOCGIFCONF
ioctl
call inlibdnet
:nmap/libdnet-stripped/src/intf.c
Line 917 in 88c7e9d
Specifically, the call succeeds but returns a zero-length array of
ifreq
structures, which is not altogether surprising. Quoting from the manpage fornetdevice
:The zero-length array is rejected later in the code:
nmap/libdnet-stripped/src/intf.c
Lines 696 to 699 in 88c7e9d
I have not investigated what the best course of remediation could be.
The text was updated successfully, but these errors were encountered: