No valid ipv4 or ipv6 targets were found when running as root in Ubuntu on certain hosts

[fededamian]

Naabu version: 2.3.0

Current Behavior:

When running naabu as root against certain hosts, it returns the [FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found error, although this works fine when running as a regular user and the domain successfully resolves using host or dig. The example of a host in which the scan fails is www.medallia.com, I noticed that other hosts such as www.cisco.com or www.google.com do not trigger this issue.

• Server: AWS EC2 Instance
• OS: Ubuntu 24.04 LTS
• Installation Commands: sudo apt-get install libpcap-dev; go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest

Running as Root

root@ip:~# naabu -host www.medallia.com

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

		projectdiscovery.io

[INF] Current naabu version 2.3.0 (latest)
[INF] Running host discovery scan
[INF] Running SYN scan with CAP_NET_RAW privileges
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found

Running as User

ubuntu@ip:~/go/bin$ naabu -host www.medallia.com

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

		projectdiscovery.io

[INF] Current naabu version 2.3.0 (latest)
[INF] Running CONNECT scan with non root privileges
www.medallia.com:80
www.medallia.com:443
[INF] Found 2 ports on host www.medallia.com (18.189.251.173)

Expected Behavior:

The expected behavior is a completed portscan when using naabu as the root user.

Steps To Reproduce:

1. Using an Ubuntu 24.04 LTS Box, elevate to root privileges using sudo -i.
2. Runnaabu -host www.medallia.com
3. See error [FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found

[fededamian]

In the same track, I also noticed an erratic behaviour when scanning as root and using the IP address instead of the domain. In some cases, I get the same error and in some others, the scanner decides to scan a different IP address, which is the DNS server configured in my box, as shown below:

root@:~# naabu -host 18.189.251.173

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

		projectdiscovery.io

[INF] Current naabu version 2.3.0 (latest)
[INF] Running host discovery scan
[INF] Running SYN scan with CAP_NET_RAW privileges
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found
root@:~# naabu -host 18.189.251.173

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

		projectdiscovery.io

[INF] Current naabu version 2.3.0 (latest)
[INF] Running host discovery scan
[INF] Running SYN scan with CAP_NET_RAW privileges
172.31.0.2:53
[INF] Found 1 ports on host 172.31.0.2 (172.31.0.2)

It seems there's something wonky going on when using the SYN scan as root.

[Mzack9999]

@fededamian I tried a few times but unable to reproduce. Could you try by skipping the host discovery part (-Pn)?

[fededamian]

@Mzack9999, skipping the host discovery solves the problem, which is what I've done as a workaround. Let me know if there is some debugging output or additional logs or data I could share that may help. It's a pretty standard deployment (EC2, Ubuntu, naabu), I am surprised the behavior is not triggered in other devices.

[methodsecuritysj]

I'm hitting what seems to be a potentially related issue:

• EC2 instance, running naabu as root or non-root
• I can ping both the fqdn and ip address for my target host
• naabu works fine when using the ip address of the host
• it fails when using the fqdn of the host
• Skipping host discovery doesn't help

ubuntu@ip-10-0-0-1:~$ ping ip-192-168-0-6.ec2.internal
PING ip-192-168-0-6.ec2.internal (192.168.0.6) 56(84) bytes of data.
64 bytes from ip-192-168-0-6.ec2.internal (192.168.0.6): icmp_seq=1 ttl=63 time=1.27 ms
64 bytes from ip-192-168-0-6.ec2.internal (192.168.0.6): icmp_seq=2 ttl=63 time=1.43 ms
^C
--- ip-192-168-0-6.ec2.internal ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 1.268/1.348/1.429/0.080 ms
ubuntu@ip-10-0-0-1:~$ nslookup ip-192-168-0-6.ec2.internal
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   ip-192-168-0-6.ec2.internal
Address: 192.168.0.6
ubuntu@ip-10-0-0-1:~$ ~/go/bin/naabu -host 192.168.0.6

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

                projectdiscovery.io

[INF] Current naabu version 2.3.1 (latest)
[INF] Running CONNECT scan with non root privileges
192.168.0.6:22
192.168.0.6:80
[INF] Found 2 ports on host 192.168.0.6 (192.168.0.6)
ubuntu@ip-10-0-0-1:~$ ~/go/bin/naabu -host ip-192-168-0-6.ec2.internal

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

                projectdiscovery.io

[INF] Current naabu version 2.3.1 (latest)
[INF] Running CONNECT scan with non root privileges
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found
ubuntu@ip-10-0-0-1:~$ ~/go/bin/naabu -host ip-192-168-0-6.ec2.internal -Pn

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

                projectdiscovery.io

[INF] Current naabu version 2.3.1 (latest)
[INF] Running CONNECT scan with non root privileges
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found

[blockisec]

same for me except I am not running on EC2 but on Qubes (Arch Template). Workaround for me is to add the DNS server from /etc/resolv.conf using -r flag, otherwise naabu does only scan on IPs

[olofmagn]

Installation: go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
OS-system: Ubuntu 22.04.4 LTS

Running naabu as root or non-root on a variety of hosts:

./naabu -host google.com ./naabu -host yahoo.com ../naabu -host github.com.

[INF] Current naabu version 2.3.1 (latest)
[INF] Running host discovery scan
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found

Naabu works fine when using the IP address of the host, but it still fails when using the FQDN of the host.

Potentially workaround that works for my setup:
./naabu -r yourlocalDNS -host hackerone.com

[INF] Current naabu version 2.3.1 (latest)
[INF] Running CONNECT scan with non root privileges
hackerone.com:80
hackerone.com:443
hackerone.com:8443
hackerone.com:8080
[INF] Found 4 ports on host hackerone.com (104.18.36.214)

yourlocalDNS (nameserver) can be found in /etc/resolv.conf using cat /etc/resolv.conf.

[jtabox]

I'm also having the same issue. Trying to run naabu as root, in a Ubuntu 24.04 AWS EC2 instance to which I'm connected via SSH, shows the same error, regardless of if I specify the target using IP or domain name.

The target is otherwise able to be found:

ubuntu@ip-172-31-44-55:~$ nslookup TARGET.DOMAIN.NAME
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   TARGET.DOMAIN.NAME
Address: TARGET.IP.ADDRESS

But running naabu leads to error:

ubuntu@ip-172-31-44-55:~$ sudo naabu -host TARGET.IP.ADDRESS -top-ports 100

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

                projectdiscovery.io

[INF] Current naabu version 2.3.1 (latest)
[INF] Running host discovery scan
[INF] Running SYN scan with CAP_NET_RAW privileges
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found

Some extra info:

ubuntu@ip-172-31-44-55:~$ sudo naabu -hc
Version: 2.3.1
Operative System: linux
Architecture: amd64
Go Version: go1.21.9
Compiler: gc
Privileged/NET_RAW: Ok
Config file "/root/.config/naabu/config.yaml" Read => Ok
Config file "/root/.config/naabu/config.yaml" Write => Ok
TCP IPv4 connectivity to scanme.sh:80 => Ok
TCP IPv6 connectivity to scanme.sh:80 => Ko (dial tcp6 [2400:6180:0:d0::91:1001]:80: connect: network is unreachable)
UDP IPv4 connectivity to scanme.sh:80 => Ok
UDP IPv6 connectivity to scanme.sh:80 => Ko (dial udp6 [2400:6180:0:d0::91:1001]:80: connect: network is unreachable)

The file /root/.config/naabu/config.yaml was generated automatically and I haven't changed anything in it, so all the options in it are commented out.
I didn't build naabu myself, just downloaded the binary (from https://github.com/projectdiscovery/naabu/releases/download/v2.3.1/naabu_2.3.1_linux_amd64.zip), unzipped it inside /usr/local/bin and ran it.

[ThePigeonKing]

I hope my problem somehow relates to this issue

Current Naabu Version: 2.3.2

OS: Debian GNU/Linux 12 (bookworm)

Kernel: 6.1.0-23-amd64

Installation: go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest

I run scanning for IP subnet ranges, but sometimes when naabu can't find any active IPs in this subnet (I hope so) it can throw an error [FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found if I run script from root

Running from root example:

➜  ~ naabu -host 10.3.144.0/25

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

                projectdiscovery.io

[INF] Current naabu version 2.3.2 (latest)
[INF] Running host discovery scan
[INF] Running SYN scan with CAP_NET_RAW privileges
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found

Running from unprivileged user:

➜  ~ naabu -host 10.3.144.1/25

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

                projectdiscovery.io

[INF] Current naabu version 2.3.2 (latest)
[INF] Running CONNECT scan with non root privileges

For example I tried to run nmap for the same subnet to check is any host available in it:

➜  ~ nmap 10.3.144.1/25 -T5
Starting Nmap 7.93 ( https://nmap.org ) at 2024-11-20 09:34 ...
Nmap done: 128 IP addresses (0 hosts up) scanned in 25.90 seconds

Problem: Can the program issue a similar error only when no active IP addresses have been found in this subnet, or is the error random?