sdaaish
commented
5 years ago I have tested again and have found what triggers this in my config. The following 2 lines are the culprit:
rotate = 60
rotate-dir = /var/lib/masscanIf I comment out these the same config works. I have the same directory for the filename as the rotate directory and this is probably an error in the config. But even if I change the rotate-directory to /var/tmp I get the same result. If there is an error in the config masscan should complain about it. And having rotate time set to 60 secs is just to trigger the error faster. Get the same result with 3600 secs. Inserting the config for reference.
Config
# Scan network for inventory of devices
rate = 1000
# Source port and interface
adapter-port = 60000-60003
adapter = eth0
adapter-ip = 172.22.130.66
router-mac = 00:10:db:ff:20:00
ttl = 255
# Output as binary to be able to search afterwards in the file
output-format = binary
output-status = all
output-filename = /var/lib/masscan/labb.data
open-only = true
rotate = 60
rotate-dir = /var/lib/masscan
append-output = true
# Target
ports = 7,9,13,17,19,21,22,23,25,80-90,111,135-139,179,389,427,443-445,465,475,515,631,636,686,830,843,902,993,995,1063,1433,1434,1556,1720,1801,2103,2105,2107,2291,3007,3269,3333,3389,3500,3702,4006,4053,4081,4242,4606,4744,5040,5053,5054,5060,5357,5358,5666,5742,5800,5900,5901,5916,5985,6000,6432,6510,6511,6512,6513,7009,7011,7400,7680,7723,7779,7800,7801,7900,7905,8000,8018,8080,8081,8100,8443,8530,8731,8751,8777,49787
range = 172.22.130.0/23
exclude = 172.22.130.1
excludefile = conf/exclude.conf
# Wait after exit
wait = 20
# Banners and capture
banners = true
capture = html
capture = certError
Error message for this config.
$ sudo masscan --conf conf/labb.conf
conf/exclude.conf: excluding 2 ranges from file
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2018-12-14 09:20:36 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 511 hosts [105 ports/host]
======================================================================
Segmentation fault: please post this backtrace to:
https://github.com/robertdavidgraham/masscan/issues
======================================================================
7: [/lib/x86_64-linux-gnu/libc.so.6(clone+0x3f) [0x7f0117df888f]]
?? ??:0
6: [/lib/x86_64-linux-gnu/libpthread.so.0(+0x76db) [0x7f01180cf6db]]
?? ??:0
5: [masscan() [0x4154c0]]
receive_thread på /home/rupert/repos/masscan/src/main.c:966
4: [masscan() [0x4183b4]]
output_report_status på /home/rupert/repos/masscan/src/output.c:779
3: [masscan() [0x418849]]
output_do_rotate på /home/rupert/repos/masscan/src/output.c:533
2: [/lib/x86_64-linux-gnu/libc.so.6(+0x3ef20) [0x7f0117d15f20]]
?? ??:0
1: [masscan() [0x41916c]]
handle_segfault på /home/rupert/repos/masscan/src/pixie-backtrace.c:34
Got this from masscan 1.0.6 on a host on Hyper-V. Dont have cut&paste from the UI so I attach an image.
OS:
Linux masscan 4.15.0-38-generic #41-Ubuntu SMP Wed Oct 10 10:59:38 UTC 2018 x86_64 x86_64 x86_64 GNU/LinuxCompiled from source, this pull:af8eb0e (HEAD -> master, origin/master, origin/HEAD) intrins [Robert David Graham]It ran for almost an hour before it crashed, probably. Data from kern.log (GMT+1):
Also got some of this, don't know if it's relevant.
hv_balloon: Balloon request will be partially fulfilled. Balloon floor reached.I have a partial result anyway, will probably retry this.