Re: Nmap - 3.50 changes mstask.exe?

From: Max (
Date: 02/27/04

  • Next message: Dan Drinnon: "Re: Nmap - 3.50 changes mstask.exe?"
    Date: Fri, 27 Feb 2004 16:38:40 +0500

    Huh? :)

    Impossible for nmap to do this .. I guess someone could get the
    nmap source and somehow alter it so it exploited some vulnerability in
    Windows to do this, but that seems like a reaaaal long shot! :)

    Where did you download nmap from? What proof does he have that nmap
    did this? What was mstask.exe replaced by? How does your boss think
    nmap did this?

    Was it the evil, intrusive syn scan or the destructive OS fingerprinting that
    transferred mstask.exe from your computer to the machines in question? :):)
    Or did nmap confuse the Windows TCP/IP stack enough that the stack itself
    decided to copy another program over mstask.exe?!?! :) Ahah!

    This seems like a mis-diagnosis having heard nothing but the couple of
    sentences you wrote below :).

    I have used nmap since version 2.54 and I have never heard of it doing
    anything like what you describe .. it just isn't capable of that kind of

    If you think you have a trojaned nmap executable, make sure you download
    a version from .. if the two are different
    contact Fyodor (links on his site), but not unless you are absolutely
    convinced and have hard proof that you somehow downloaded a faked or
    modified version of nmap. Sounds to me like your boss has jumped to
    conclusions here.


    On 27 Feb 2004 16:31:50 GMT, wrote:
    > Not sure if this is the best list for this, but I am in a bit of a jam.
    > I just downloaded the new NMAP v. 3.50 and ran it on my internal network. My
    > IT manager is freaking out. He says my scan replaced mstask.exe on the machi
    > nes I scanned.
    > Anybody else seen this behavior?


  • Next message: Dan Drinnon: "Re: Nmap - 3.50 changes mstask.exe?"