From 82ea8a80d3438e515e80a0a25abd34d0eef5e9e4 Mon Sep 17 00:00:00 2001 From: dmiller Date: Thu, 29 Sep 2016 14:56:47 +0000 Subject: [PATCH] Fixed -iR scanning too many targets Fixed a discrepancy between the number of targets selected with -iR and the number of hosts scanned. Because "up" hosts did not count towards the number of hosts in a hostgroup, Nmap would run an extra Ping scan phase on that number of new targets before scanning. Those extra targets in the last hostgroup would result in output like "Nmap done: 1056 IP addresses" when the user specified -iR 1000. https://security.stackexchange.com/questions/138150/scans-more-ips-than-asked --- CHANGELOG | 4 ++++ nmap.cc | 10 ++++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 0417a81db..07ddc54bb 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,9 @@ # Nmap Changelog ($Id$); -*-text-*- +o Fixed a discrepancy between the number of targets selected with -iR and the + number of hosts scanned, resulting in output like "Nmap done: 1033 IP + addresses" when the user specified -iR 1000. [Daniel Miller] + o New service probe and match line for DTLS (Datagram TLS, or TLS over UDP). o Improved some output filtering to remove or escape carriage returns ('\r') diff --git a/nmap.cc b/nmap.cc index 580bba544..2ca0f295a 100644 --- a/nmap.cc +++ b/nmap.cc @@ -2031,7 +2031,10 @@ int nmap_main(int argc, char *argv[]) { } delete currenths; o.numhosts_scanned++; - continue; + if (!o.max_ips_to_scan || o.max_ips_to_scan > o.numhosts_scanned + Targets.size()) + continue; + else + break; } if (o.spoofsource) { @@ -2051,7 +2054,10 @@ int nmap_main(int argc, char *argv[]) { } delete currenths; o.numhosts_scanned++; - continue; + if (!o.max_ips_to_scan || o.max_ips_to_scan > o.numhosts_scanned + Targets.size()) + continue; + else + break; } if (o.RawScan()) {