This GDB was configured as "i686-pc-linux-gnu". For bug reporting instructions, please see: <http://bugs.gentoo.org/>... Reading symbols from /var/tmp/portage/net-analyzer/nbaudit-1.0-r2/work/nat10/nat...done. warning: Can't read pathname for load map: Input/output error. Reading symbols from /lib/libc.so.6...Reading symbols from /usr/lib/debug/lib/libc-2.11.2.so.debug...done. (no debugging symbols found)...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /lib/ld-linux.so.2...Reading symbols from /usr/lib/debug/lib/ld-2.11.2.so.debug...done. (no debugging symbols found)...done. Loaded symbols for /lib/ld-linux.so.2 Reading symbols from /lib/libnss_files.so.2...Reading symbols from /usr/lib/debug/lib/libnss_files-2.11.2.so.debug...done. (no debugging symbols found)...done. Loaded symbols for /lib/libnss_files.so.2 Reading symbols from /lib/libnss_dns.so.2...Reading symbols from /usr/lib/debug/lib/libnss_dns-2.11.2.so.debug...done. (no debugging symbols found)...done. Loaded symbols for /lib/libnss_dns.so.2 Reading symbols from /lib/libresolv.so.2...Reading symbols from /usr/lib/debug/lib/libresolv-2.11.2.so.debug...done. (no debugging symbols found)...done. Loaded symbols for /lib/libresolv.so.2 Core was generated by `./nat elmer'. Program terminated with signal 11, Segmentation fault. #0 0x080546c8 in read_with_timeout (fd=-1, buf=0x89cca58 "", mincnt=4, maxcnt=4, time_out=15000, exact=0) at util.c:2234 2234 FD_SET(fd,&fds); (gdb) thread apply all bt full Thread 1 (Thread 1094): #0 0x080546c8 in read_with_timeout (fd=-1, buf=0x89cca58 "", mincnt=4, maxcnt=4, time_out=15000, exact=0) at util.c:2234 fds = {__fds_bits = {0 <repeats 32 times>}} selrtn = 66 readret = 144559712 nread = 0 timeout = {tv_sec = 15, tv_usec = 0} tval1 = {tv_sec = 134514900, tv_usec = -10} tval2 = {tv_sec = -1218809588, tv_usec = -1218822588} tvaldiff = {tv_sec = -1217493676, tv_usec = 0} #1 0x080550a7 in read_smb_length (fd=-1, inbuf=0x89cca58 "", timeout=15000) at util.c:2600 buffer = 0x89cca58 "" buf = "5 \005\b" len = 0 msg_type = -1080781496 ok = 0 #2 0x080551c9 in receive_smb (fd=-1, buffer=0x89cca58 "", timeout=15000) at util.c:2646 len = 0 ok = 0 #3 0x0804eb44 in send_tcon (inbuf=0x89cca58 "", outbuf=0x89dce60 "") at client.c:2671 pass = 0x8061800 "READ" dev = "A:\000\000D\245p\267\060\226\224\277\207]q\267\000\000\000\000 -a\267.~\000\000\364\177n\267\200\223n\267\220\242p\267\250\225\224\277\215-a\267\000\000\000\000\264qr\267.~\000\000@\256\005\bȕ\224\277R\210\005\bhҞ\b\000\000\000\000\377\377\377\377AM\235|.~\000\000j\352\344\003H\231\224\277\003\000\000\000\254]Z\267|\227Z\267\340GZ\267\000\067\006\b.\345\177LHg\005\000\000\000\000\000\000\000\000\000\n\000\000\214\211\000\000\000\340\250r\267\000\000\000\000\000\000\000\000\001\000\000\000\235\003\000\000p\245p\267\220\242p\267=\213\004\b\254\356Z\267$\204\004\b\001\000\000\000ğr\267\230\252r\267AM\235|\004\227\224\277\260^q\267\364\226\224\277$\204\004\b薔\277<\252r\267\001\000\000\000p\245p\267\001\000\000\000\000\000\000\000\001\000\000\000\340\250r\267", '\000' <repeats 12 times>"\264, qr\267\000\000\000\000\000\000\000\000\364\226\224\277薔\277\000\000\000\000\000\000\000\000\060\227\224\277\340\250r\267=\213\004\b\252E\205\000\000\000\000\000\000\000\000\000\254"... p = 0x89dce9f "A:" x = 144559775 passlen = 5 pword = "READ\000\000RD\000ATOR\000\002\000@\256\005\bH\225\224\277\001\000\000\000\020\225\224\277\221Jg\267\004k\005\b\003\000\000\000,\225\224\277\020", '\000' <repeats 19 times>, "\002\000\000\213\n\000\000\214\000\000\000\000\000\000\000\000#Vq\267\305G[\267\035\214\004\bx\231\224\277\205\000\005\b|\227Z\267\002\000\006\b\260\274q\267Ԉ\004\bȫr\267ğr\267" #4 0x08050b69 in step (inbuf=0x89cca58 "", outbuf=0x89dce60 "") at client.c:3840 test_dir = "\\-NASTY-.$$$", '\000' <repeats 115 times> fattr = 22 p = 0x89ed488 "ADMIN$" x = 0 rval = 1 phase = 5 done = 2130706559 #5 0x08050fba in nas_step (xip=2348810250) at client.c:3963 is_vuln = 0 #6 0x08049cf5 in module_16000 (ipaddr=2348810250) at nat.c:231 i = 127 pp = 0x805ae40 "U\211\345WVS\350O" buf = 0xbf949aa8 "蚔\277D\232\004\b\n" ptr = 0xb7681a68 strsize = 144491671 #7 0x08049a44 in main (argc=1, argv=0xbf949b78) at nat.c:102 vr = 0x805ae59 ipaddr = 3076323813 opt = -1 progname = 0x89cb008 "./nat" hosts = 0x89cc480 Thu Sep 2 20:03:29 CEST 2010 Portage 2.2_rc72 (default/linux/x86/10.0/desktop, gcc-4.4.3, glibc-2.11.2-r0, 2.6.34-gentoo-r1-JeR i686) ================================================================= System Settings ================================================================= System uname: Linux-2.6.34-gentoo-r1-JeR-i686-AMD_Athlon-tm-_XP_2500+-with-gentoo-1.12.13 Timestamp of tree: Thu, 02 Sep 2010 15:15:01 +0000 distcc 3.1 i686-pc-linux-gnu [disabled] ccache version 2.4 [disabled] app-shells/bash: 4.0_p37 dev-java/java-config: 2.1.11 dev-lang/python: 2.6.5-r3 dev-util/ccache: 2.4-r7 dev-util/cmake: 2.8.1-r2 sys-apps/baselayout: 1.12.13 sys-apps/sandbox: 2.3-r1 sys-devel/autoconf: 2.13, 2.65 sys-devel/automake: 1.4_p6-r1, 1.7.9-r2, 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.18-r3, 2.20.1-r1 sys-devel/gcc: 4.3.4, 4.4.3-r2 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.10 sys-devel/make: 3.81-r2 virtual/os-headers: 2.6.30-r1 (sys-kernel/linux-headers) ACCEPT_KEYWORDS="x86" ACCEPT_LICENSE="*" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -pipe -Wall -ggdb -march=athlon-xp" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/lib/distcc/bin /usr/share/X11/app-defaults/XTerm /usr/share/X11/app-defaults/XTerm-color /usr/share/X11/xkb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/portage /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O2 -pipe -Wall -ggdb -march=athlon-xp" DISTDIR="/newaches/gentoo/distfiles" FEATURES="assume-digests buildpkg distlocks fixlafiles fixpackages metadata-transfer news notitles parallel-fetch protect-owned sandbox sfperms splitdebug strict test-fail-continue unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv" GENTOO_MIRRORS="http://ftp.snt.utwente.nl/pub/os/linux/gentoo http://gentoo.tiscali.nl/ " LANG="en_GB" LC_ALL="en_GB.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed" LINGUAS="en en_GB nl" MAKEOPTS="-j2" PKGDIR="/keeps/gentoo/packages/astrid" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/keeps/gentoo/portage" PORTDIR_OVERLAY="/keeps/gentoo/local" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X a52 aac aalib acpi alsa asf audiofile bash-completion berkdb bl boost branding bzip2 cairo cdda cddb cdio cdparanoia cdr chroot cli cpath cracklib crypt cscope css cups curl custom-cflags custom-cxxflags cxx dbus dga dillo divx dri dts dv dvd dvdr dvdread edl elf emboss encode exif fame fbcon ffmpeg fftw flac flash fontconfig fontforge foomaticdb fortran freetype gdbm geoip ggi gif gimpprint glib glut gmedia gnokii gnutls gpm grp gs gstreamer gtk gtk2 hog iconv id3tag idn imlib inkjar ipv6 jingle jpeg ladspa lcms libcaca libsamplerate live lm_sensors logrotate lua lzo mad matroska midi mikmod mjpeg mmx mng modplug modules mozilla mozsvg mozxmlterm mp3 mp4 mpeg mplayer mudflap multislot musepack mvl ncurses nethack network network-cron nforce2 nl nls nptl nptlonly nsplugin nss nvidia offensive ogg opengl openmp openssl optimisememory pam pango pcre pda pdf perl physfs plotutils png ppds pppd python qpak qt3support quicktime readline realmedia reflection rtc rtsp ruby samba savedconfig server session sftplogging shout skins smux snmp speex spell spl sse ssl stream svg sysfs syslog tcpd test tetex tga theora threads tiff truetype unicode upnp usb userlocales utils v4l v4l2 vcd vidix vim visualizer vlm vorbis wad web webdav-neon win32codecs winbind wmp x264 x86 xanim xcb xcomposite xml xml2 xorg xosd xterm-color xulrunner xv xvid xvmc zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev wacom" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_GB nl" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="nvidia via" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Changing status as it may not be solvable. I see quite a few *nix distros have dropped it already. Replacement candidates, anyone? nbtscan was suggested, but it doesn't have the brute force attack option that nbaudit does.
Bruteforce can be done with, for example, smb-brute script for nmap(see http://nmap.org/nsedoc/scripts/smb-brute.html)
Masked for removal
dropped
