nmap is suddenly taking forever

Just like the title says, nmap is taking forever since yesterday. I have no idea why.

Yesterday i tried a machine (not on hackthebox) and i noticed the problem. I tried today with a hackthebox machine but the same problem persists. I also tried nmap with a previous machine that i’ve completed (which i remember did not take long) and still same thing.

What can i do to solve that problem?
Thank you.

Its difficult to answer because it could one of a million things.

If it is every box, it is something at your end. You might not be connecting to the network properly, you might have modified some files so the traffic is failing, you might have inadvertently turned on a firewall or disabled some function of network.

You need to do some troubleshooting at the network layer to see if it is anything there. (traceroute/tracert work well here)

You might also want to try some nmap troubleshooting - use -vvvvvvv as an option to get a verbose output which can help find issues.

Run tcpdump or Wireshark to capture the nmap requests and see if anything unusual is happening with the responses.

Try to nmap scan a machine on your network - or even localhost - to see if that has a different outcome.

Etc.

I’m trying Mirai box now:

1-Traceroute seemed to work fine, 12 ms average and 2 hops, but when i spammed it 3 times in a row, it gave some asterisks. (EDIT: I just tried that again now and it gave 5 hops with asterisks, some packets are being lost somewhere maybe?)

2-I’ve tried wireshark and saved the capture; is it possible to upload it here directly to show it to you? Or should i upload it somewhere else and give the link?

3-nmap locally finishes in less than a second.

I think I should’ve mentioned in the main post (apologies) but I’ll mention now: Im on VMware workstation
I changed my network adapter to NAT about 2 weeks ago (when it initially was bridged), because i downloaded a machine locally to hack it but yesterday i brought it back to bridged (even though it did not work immediately but i saw a fix online), but the problem did not get solved.

Thank you for your help ! :smiley:

@AlsTps said:

I’m trying Mirai box now:

1-Traceroute seemed to work fine, 12 ms average and 2 hops, but when i spammed it 3 times in a row, it gave some asterisks. (EDIT: I just tried that again now and it gave 5 hops with asterisks, some packets are being lost somewhere maybe?)

The asterisks themselves aren’t a major problem as long as it reaches the destination.

It does hint that you might have connectivity issues though.

Have a look at each hop to see if it makes sense. There shouldn’t be that many, and as long as it is hitting the server, then traffic is flowing.

2-I’ve tried wireshark and saved the capture; is it possible to upload it here directly to show it to you? Or should i upload it somewhere else and give the link?

Well, possibly but I don’t know what is normal on your network, so its going to be a challenge to troubleshoot at a distance.

Have a look in it. See if you can find the nmap packets (maybe filter on UA string) and then see if there are any responses. If its a network problem your router might be dropping things.

3-nmap locally finishes in less than a second.

Ok, so nmap is working :smile:

I think I should’ve mentioned in the main post (apologies) but I’ll mention now: Im on VMware workstation
I changed my network adapter to NAT about 2 weeks ago (when it initially was bridged), because i downloaded a machine locally to hack it but yesterday i brought it back to bridged (even though it did not work immediately but i saw a fix online), but the problem did not get solved.

Ok - can you access internet sites OK? If so then its probably not this but you might want to double check the VPN is working as expected.

You can try using the flags -T5 and see if that helps or tinker with --min-rate=5000 and see if that helps. Sometimes changing min rate will give bogus results so adjust it down until it hits the point you can use.