NSE Scripts not Executing – Digitalmunition

Home Forums NSE Scripts not Executing

This topic contains 1 reply, has 2 voices, and was last updated by  iCkerous 1 month ago.

  • Author
  • #260422


    Hello everyone,

    I’m working through the PWK Offensive Security Course, and haven’t found any help in their student forums, so I hope you guys can help me out.

    I’m trying to execute some NSE scripts on my own personal Windows box from both my daily Kubuntu machine and my dedicated Kali persistent live-boot. Neither of them are running the NSE scripts I provide. I pass the -d option to get a little more info, and it looks like the nmap script engine itself is running, but it executes for 0 seconds, and does nothing, just displays the results of default nmap execution as if the script hadn’t been run at all.


    Here’s an output using the NSE for smb-os-discovery:


    nmap -v []( –script=smb-os-discovery -d

    Starting Nmap 7.80 ( [https://nmap.org](https://nmap.org) ) at 2020-06-06 15:56 MDT

    PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0)

    ————— Timing report —————

    hostgroups: min 1, max 100000

    rtt-timeouts: init 1000, min 100, max 10000

    max-scan-delay: TCP 1000, UDP 1000, SCTP 1000

    parallelism: min 0, max 0

    max-retries: 10, host-timeout: 0

    min-rate: 0, max-rate: 0


    NSE: Using Lua 5.3.

    NSE: Arguments from CLI:

    NSE: Loaded 1 scripts for scanning.

    NSE: Script Pre-scanning.

    NSE: Starting runlevel 1 (of 1) scan.

    Initiating NSE at 15:56

    Completed NSE at 15:56, 0.00s elapsed

    Initiating Ping Scan at 15:56

    Scanning []( [2 ports]

    Completed Ping Scan at 15:56, 0.07s elapsed (1 total hosts)

    Overall sending rates: 27.44 packets / s.

    mass_rdns: Using DNS server [](

    Initiating Parallel DNS resolution of 1 host. at 15:56

    mass_rdns: 13.01s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 3]

    Completed Parallel DNS resolution of 1 host. at 15:56, 13.00s elapsed

    DNS resolution of 1 IPs took 13.01s. Mode: Async [#: 1, OK: 0, NX: 0, DR: 1, SF: 0, TR: 3, CN: 0]

    Initiating Connect Scan at 15:56

    Scanning []( [1000 ports]

    Discovered open port 22/tcp on [](

    Increased max_successful_tryno for []( to 1 (packet drop)

    Completed Connect Scan at 15:56, 2.58s elapsed (1000 total ports)

    Overall sending rates: 399.15 packets / s.

    NSE: Script scanning [](

    NSE: Starting runlevel 1 (of 1) scan.

    Initiating NSE at 15:56

    Completed NSE at 15:56, 0.00s elapsed

    Nmap scan report for [](

    Host is up, received conn-refused (0.0051s latency).

    Scanned at 2020-06-06 15:56:42 MDT for 15s

    Not shown: 999 closed ports

    Reason: 999 conn-refused


    22/tcp open ssh syn-ack

    Final times for host: srtt: 5130 rttvar: 702 to: 100000


    NSE: Script Post-scanning.

    NSE: Starting runlevel 1 (of 1) scan.

    Initiating NSE at 15:56

    Completed NSE at 15:56, 0.00s elapsed

    Read from /usr/bin/../share/nmap: nmap-payloads nmap-services.

    Nmap done: 1 IP address (1 host up) scanned in 15.86 seconds


    And this behavior is persistent across all NSE scripts and both the Kali machine and Kubuntu machine, and the target IP is from my own personal Windows box.

    Anybody have any advice? Anything would be greatly appreciated. Thanks in advance!

  • #260423


    On the one you posted, SMB ports are not open. It can’t run a SMB enumeration script if SMB isn’t running

You must be logged in to reply to this topic.