search

vulnersCom / nmap-vulners

NSE script based on Vulners.com API
GNU General Public License v3.0
3.2k stars 547 forks source link

Nmap 7.70 Cannot run the script... #13

Closed Mod233 closed 1 year ago

Mod233 commented 6 years ago

when I use:

➜  Scanner-Tool nmap -v
Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-05-31 10:18 CST
Read data files from: /usr/local/bin/../share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.02 seconds

➜  Scanner-Tool sudo nmap -sV --script vulners 95.163.200.165         
Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-05-31 10:19 CST
NSE: failed to initialize the script engine:
/usr/local/bin/../share/nmap/nse_main.lua:823: 'vulners' did not match a category, filename, or directory
stack traceback:
    [C]: in function 'error'
    /usr/local/bin/../share/nmap/nse_main.lua:823: in local 'get_chosen_scripts'
    /usr/local/bin/../share/nmap/nse_main.lua:1315: in main chunk
    [C]: in ?

QUITTING!

...

GMedian commented 6 years ago

Hi!

Can you make sure you have actually located the script in the required directory? Like you might be using another installation of nmap, perhaps.

safir2306 commented 6 years ago

Hi There :-) I would love to be able to use the vulners script but so far i am having the same issues as the previous comment above with the same output error. I have placed the script in the correct directory and using latest nmap 7.70 version.

Have you been able to replicate this error using nmap version 7.70?

Cheers

safir2306 commented 6 years ago

Found a workaround for it. Seems like i need to cd directly to the nmap/scripts/ directory and launch vulners directly from the directory for the script to work.

Hope this helps

Cheers

Mod233 commented 6 years ago

@safir2306 thx for your great help. I fixed the problem. It's all my fault that i did not cd in the right directory.

drwetter commented 6 years ago

Did you guys run --script-updatedb ? For me (Linux) it just worked then

safir2306 commented 6 years ago

Hey mate,

No worries glad i could help out.

Cheers

2018-07-11 17:34 GMT+08:00 Dirk Wetter notifications@github.com:

Did you guys run --script-updatedb ? For me (Linux) it just worked then

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/vulnersCom/nmap-vulners/issues/13#issuecomment-404107249, or mute the thread https://github.com/notifications/unsubscribe-auth/Ag6AYhn7lF1IfM8zvY0LFWkZHj-ukXyAks5uFcadgaJpZM4UUT_y .

hktalent commented 5 years ago

@safir2306 @drwetter @Mod233 @GMedian 

nmap --script-updatedb
Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-18 16:28 CST
NSE: Updating rule database.
NSE: Failed to load /usr/bin/../share/nmap/scripts//ajp-methods.nse:
/usr/bin/../share/nmap/scripts//ajp-methods.nse:4: module 'stringaux' not found:
    NSE failed to find nselib/stringaux.lua in search paths.
    no field package.preload['stringaux']
    no file '/usr/local/share/lua/5.3/stringaux.lua'
    no file '/usr/local/share/lua/5.3/stringaux/init.lua'
    no file '/usr/local/lib/lua/5.3/stringaux.lua'
    no file '/usr/local/lib/lua/5.3/stringaux/init.lua'
    no file '/usr/share/lua/5.3/stringaux.lua'
    no file '/usr/share/lua/5.3/stringaux/init.lua'
    no file './stringaux.lua'
    no file './stringaux/init.lua'
    no file '/usr/local/lib/lua/5.3/stringaux.so'
    no file '/usr/lib/x86_64-linux-gnu/lua/5.3/stringaux.so'
    no file '/usr/lib/lua/5.3/stringaux.so'
    no file '/usr/local/lib/lua/5.3/loadall.so'
    no file './stringaux.so'
stack traceback:
    [C]: in function 'require'
    /usr/bin/../share/nmap/scripts//ajp-methods.nse:4: in function </usr/bin/../share/nmap/scripts//ajp-methods.nse:1>
NSE: failed to initialize the script engine:
/usr/bin/../share/nmap/nse_main.lua:619: could not load script
stack traceback:
    [C]: in function 'error'
    /usr/bin/../share/nmap/nse_main.lua:619: in field 'new'
    /usr/bin/../share/nmap/nse_main.lua:1296: in main chunk
    [C]: in ?

QUITTING!
Kristoff-Slayer commented 5 years ago

I am sorry but what is the fix here? I am getting the same issue as the original posters. I have ls'd my way into the /usr/share/nmap/scripts directory and found all the scripts but it does not work when I try to load it.

xx-zhang commented 5 years ago

I have tryed what all of you said such as upgrade db but no use.

my env:

what such that i have runed. 截图

40withabeam commented 5 years ago

Following : https://null-byte.wonderhowto.com/how-to/easily-detect-cves-with-nmap-scripts-0181925/ is probably what you did there tutorial is awful in my opinion you will run into the error "/usr/local/bin/../share/nmap/nse_main.lua:823: 'vulners' did not match a category, filename, or directory stack traceback: [C]: in function 'error' /usr/local/bin/../share/nmap/nse_main.lua:823: in local 'get_chosen_scripts' /usr/local/bin/../share/nmap/nse_main.lua:1315: in main chunk [C]: in ?

QUITTING!" the way I fixed this was by using the command: cd /usr/share/nmap/scripts nmap -sV --script=vulscan/vulscan.nse nmap -sV --script=vulscan/vulscan.nse -sV -p22 50...* (or what ever command you desire)

If it still isn't make sure you installed it correctly: cd /usr/share/nmap/scripts git clone https://github.com/scipag/vulscan scipag_vulscan ln -s pwd/scipag_vulscan /usr/share/nmap/scripts/vulscan

Have a good day m8 cheers

thaRealMrMeeseks commented 4 years ago

Following : https://null-byte.wonderhowto.com/how-to/easily-detect-cves-with-nmap-scripts-0181925/ is probably what you did there tutorial is awful in my opinion you will run into the error "/usr/local/bin/../share/nmap/nse_main.lua:823: 'vulners' did not match a category, filename, or directory stack traceback: [C]: in function 'error' /usr/local/bin/../share/nmap/nse_main.lua:823: in local 'get_chosen_scripts' /usr/local/bin/../share/nmap/nse_main.lua:1315: in main chunk [C]: in ?

QUITTING!" the way I fixed this was by using the command: cd /usr/share/nmap/scripts nmap -sV --script=vulscan/vulscan.nse nmap -sV --script=vulscan/vulscan.nse -sV -p22 50...* (or what ever command you desire)

If it still isn't make sure you installed it correctly: cd /usr/share/nmap/scripts git clone https://github.com/scipag/vulscan scipag_vulscan ln -s pwd/scipag_vulscan /usr/share/nmap/scripts/vulscan

Have a good day m8 cheers

Following : https://null-byte.wonderhowto.com/how-to/easily-detect-cves-with-nmap-scripts-0181925/ is probably what you did there tutorial is awful in my opinion you will run into the error "/usr/local/bin/../share/nmap/nse_main.lua:823: 'vulners' did not match a category, filename, or directory stack traceback: [C]: in function 'error' /usr/local/bin/../share/nmap/nse_main.lua:823: in local 'get_chosen_scripts' /usr/local/bin/../share/nmap/nse_main.lua:1315: in main chunk [C]: in ?

QUITTING!" the way I fixed this was by using the command: cd /usr/share/nmap/scripts nmap -sV --script=vulscan/vulscan.nse nmap -sV --script=vulscan/vulscan.nse -sV -p22 50...* (or what ever command you desire)

If it still isn't make sure you installed it correctly: cd /usr/share/nmap/scripts git clone https://github.com/scipag/vulscan scipag_vulscan ln -s pwd/scipag_vulscan /usr/share/nmap/scripts/vulscan

Have a good day m8 cheers

I did these and still doesnt work

Aholicknight commented 4 years ago

having the same problem on windows. I tried to update it and this error shows up: C:\Program Files (x86)\Nmap/nse_main.lua:823: 'updatedb' did not match a category, filename, or directory

tpa10 commented 4 years ago

I followed the above mentioned tutorial and had exactly the same problem. To get this to work "as expected" (i.e. no dependency on what directory i was in, etc, etc). I did the following;

  1. (as root) removed the "vulns" symlink in /usr/share/nmap/scripts
  2. (as root) cd to where my git clone resided and did a "cp -r scipag_vulscan /usr/share/nmap/scripts/vulscan. (eliminate any potential file ownership conflicts, since the tutorial didn't mention being root when doing the git-clone or re-setting ownership afterwords, but EVERYTHING in the scripts directory has root ownership, at least on Fedora based systems using yum/rpm to install nmap).
  3. cd /usr/share/nmap/scripts
  4. cp vulscan/vulscan.nse . (We now have a copy of the actual script inside the "official" scripts directory that nmap searches, which was the core error most people were seeing: w/o that script in the proper directory or some override on the command line, you get the "script doesn't meet some criteria" snotgram.
  5. (still as root), ran "nmap --script-updatedb"

I am now able to run this script W/O root privileges, regardless of what directory I'm in. ex: ]$ whoami

]$ nmap -sV --script=vulscan.nse

Starting Nmap 6.47 ( http://nmap.org ) at 2020-05-22 10:44 PDT Nmap scan report for (target.ip.address) Host is up (0.00051s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | vulscan: VulDB - https://vuldb.com: ...etc, etc, etc...

Hope this is helpful/useful.

vanilla-unicorn commented 4 years ago

Found a workaround for it. Seems like i need to cd directly to the nmap/scripts/ directory and launch vulners directly from the directory for the script to work.

Hope this helps

Cheers

This worked like magic, thanks for noting this.

pawlub422 commented 4 years ago

Have you tried to add that directory to the path?

On 8/19/2020 10:54 PM, Joel Santiago wrote:

Found a workaround for it. Seems like i need to cd directly to the
nmap/scripts/ directory and laHunch vulners directly from the
directory for the script to work.

Hope this helps

Cheers

This worked like magic, thanks for noting this.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/vulnersCom/nmap-vulners/issues/13#issuecomment-676890844, or unsubscribe https://github.com/notifications/unsubscribe-auth/AMIZGPQQHSG35WSHBVCWNFDSBSF7DANCNFSM4FCRH7ZA.

--

Respectfully,

Paul Bugeja

802-373-0586

Native Fish Coalition, Vice-Chair Vermont Chapter

https://nativefishcoalition.org/

https://nativefishcoalition.org/

rainishjj commented 4 years ago

I met the same issue.You should go to this directory /usr/share/nmap/script or /usr/local/share/nmap/script to check if there exists vulners.nse file. If no, copy it to this path. then it works

Hakim1195 commented 3 years ago

If you still have the same error after this:

cd /usr/share/nmap/scripts git clone https://github.com/scipag/vulscan scipag_vulscan ln -s pwd/scipag_vulscan /usr/share/nmap/scripts/vulscan

you have to copy the script vulscan.nse (you'll find it in scipag_vulscan) in /usr/share/nmap/scripts

cp vulscan.nse /usr/share/nmap/scripts

SirKnightV commented 3 years ago

If you still have the same error after this:

cd /usr/share/nmap/scripts git clone https://github.com/scipag/vulscan scipag_vulscan ln -s pwd/scipag_vulscan /usr/share/nmap/scripts/vulscan

you have to copy the script vulscan.nse (you'll find it in scipag_vulscan) in /usr/share/nmap/scripts

cp vulscan.nse /usr/share/nmap/scripts

this working 100 % , thank you sir.

jayakrishnanvkm commented 3 years ago

when I use:

➜  Scanner-Tool nmap -v
Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-05-31 10:18 CST
Read data files from: /usr/local/bin/../share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.02 seconds

➜  Scanner-Tool sudo nmap -sV --script vulners 95.163.200.165         
Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-05-31 10:19 CST
NSE: failed to initialize the script engine:
/usr/local/bin/../share/nmap/nse_main.lua:823: 'vulners' did not match a category, filename, or directory
stack traceback:
  [C]: in function 'error'
  /usr/local/bin/../share/nmap/nse_main.lua:823: in local 'get_chosen_scripts'
  /usr/local/bin/../share/nmap/nse_main.lua:1315: in main chunk
  [C]: in ?

QUITTING!

...

try nmap -sV --script vuln

sarah-albassam commented 3 years ago

when I use:

➜  Scanner-Tool nmap -v
Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-05-31 10:18 CST
Read data files from: /usr/local/bin/../share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.02 seconds

➜  Scanner-Tool sudo nmap -sV --script vulners 95.163.200.165         
Starting Nmap 7.70SVN ( https://nmap.org ) at 2018-05-31 10:19 CST
NSE: failed to initialize the script engine:
/usr/local/bin/../share/nmap/nse_main.lua:823: 'vulners' did not match a category, filename, or directory
stack traceback:
    [C]: in function 'error'
    /usr/local/bin/../share/nmap/nse_main.lua:823: in local 'get_chosen_scripts'
    /usr/local/bin/../share/nmap/nse_main.lua:1315: in main chunk
    [C]: in ?

QUITTING!

...

try nmap -sV --script vuln

thank you! this worked for me

julian1000 commented 1 year ago

I have tried all solutions above and nothing works, i have run the script in different formats as well. here are a few of the formats i have tried. I am running as root user. Also i am in the /usr/share/nmap/scripts dir. i also have vulscan.nse and even vulners.nse in this dir. Using the kali OS. Ihave

nmap -p 445 --script smb-enum-shares 192.168.100.57 nmap -p 445 --script smb-enum-shares.nse 192.168.100.57 nmap -p 445 --script smb-enum-shares.nse 192.168.100.57 nmap -p 445 --script smb-enum-shares.nse 192.168.100.57

below is a screenshot of scripts dir with vulscan showing. right side of the image showing smb-enum-shares.nse, maybe there's something wrong in there i am not seeing. Screenshot_2022-12-21_21_14_42

julian1000 commented 1 year ago

appended local with l in nano, that was one issue i found but

GMedian commented 1 year ago

Hello.

Please stop discussing scripts that do not relate to the repository. The only script in view is vulners.nse and NOT vulscan or any other. Using any other script will not bring you results from vulners.

The problem we have here can ONLY lies on your side as the error from the original post as well as subsequent ones show that nmap is unable to locate the vulners.nse script. This can be for several reasons I mentioned before:

Unfortunatelly, I can't say what exactly is the reason you get the mentioned error, but what is clear - it is not a problem with the code itself, otherwise the error would have been about the code rather than script placement.

Note that if you just don't receive an output from vulners.nse (i.e. you don't get the error at the start, but neither do you receive info on the found vulnerabilities) it may mean you are scanning a site with no known vulnerabilities.

GMedian commented 1 year ago

I will now close the issue since it has veered off the original question too much.

Chuy367 commented 1 year ago

nmap -sV --script=vulscan/vulscan.nse "host-ip"