No valid ipv4 or ipv6 targets were found when running as root in Ubuntu on certain hosts

[fededamian]

Naabu version: 2.3.0

Current Behavior:

When running naabu as root against certain hosts, it returns the [FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found error, although this works fine when running as a regular user and the domain successfully resolves using host or dig. The example of a host in which the scan fails is www.medallia.com, I noticed that other hosts such as www.cisco.com or www.google.com do not trigger this issue.

• Server: AWS EC2 Instance
• OS: Ubuntu 24.04 LTS
• Installation Commands: sudo apt-get install libpcap-dev; go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest

Running as Root

root@ip:~# naabu -host www.medallia.com

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

		projectdiscovery.io

[INF] Current naabu version 2.3.0 (latest)
[INF] Running host discovery scan
[INF] Running SYN scan with CAP_NET_RAW privileges
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found

Running as User

ubuntu@ip:~/go/bin$ naabu -host www.medallia.com

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

		projectdiscovery.io

[INF] Current naabu version 2.3.0 (latest)
[INF] Running CONNECT scan with non root privileges
www.medallia.com:80
www.medallia.com:443
[INF] Found 2 ports on host www.medallia.com (18.189.251.173)

Expected Behavior:

The expected behavior is a completed portscan when using naabu as the root user.

Steps To Reproduce:

1. Using an Ubuntu 24.04 LTS Box, elevate to root privileges using sudo -i.
2. Runnaabu -host www.medallia.com
3. See error [FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found

[fededamian]

In the same track, I also noticed an erratic behaviour when scanning as root and using the IP address instead of the domain. In some cases, I get the same error and in some others, the scanner decides to scan a different IP address, which is the DNS server configured in my box, as shown below:

root@:~# naabu -host 18.189.251.173

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

		projectdiscovery.io

[INF] Current naabu version 2.3.0 (latest)
[INF] Running host discovery scan
[INF] Running SYN scan with CAP_NET_RAW privileges
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found
root@:~# naabu -host 18.189.251.173

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

		projectdiscovery.io

[INF] Current naabu version 2.3.0 (latest)
[INF] Running host discovery scan
[INF] Running SYN scan with CAP_NET_RAW privileges
172.31.0.2:53
[INF] Found 1 ports on host 172.31.0.2 (172.31.0.2)

It seems there's something wonky going on when using the SYN scan as root.

[Mzack9999]

@fededamian I tried a few times but unable to reproduce. Could you try by skipping the host discovery part (-Pn)?

[fededamian]

@Mzack9999, skipping the host discovery solves the problem, which is what I've done as a workaround. Let me know if there is some debugging output or additional logs or data I could share that may help. It's a pretty standard deployment (EC2, Ubuntu, naabu), I am surprised the behavior is not triggered in other devices.

[methodsecuritysj]

I'm hitting what seems to be a potentially related issue:

• EC2 instance, running naabu as root or non-root
• I can ping both the fqdn and ip address for my target host
• naabu works fine when using the ip address of the host
• it fails when using the fqdn of the host
• Skipping host discovery doesn't help

ubuntu@ip-10-0-0-1:~$ ping ip-192-168-0-6.ec2.internal
PING ip-192-168-0-6.ec2.internal (192.168.0.6) 56(84) bytes of data.
64 bytes from ip-192-168-0-6.ec2.internal (192.168.0.6): icmp_seq=1 ttl=63 time=1.27 ms
64 bytes from ip-192-168-0-6.ec2.internal (192.168.0.6): icmp_seq=2 ttl=63 time=1.43 ms
^C
--- ip-192-168-0-6.ec2.internal ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 1.268/1.348/1.429/0.080 ms
ubuntu@ip-10-0-0-1:~$ nslookup ip-192-168-0-6.ec2.internal
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   ip-192-168-0-6.ec2.internal
Address: 192.168.0.6
ubuntu@ip-10-0-0-1:~$ ~/go/bin/naabu -host 192.168.0.6

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

                projectdiscovery.io

[INF] Current naabu version 2.3.1 (latest)
[INF] Running CONNECT scan with non root privileges
192.168.0.6:22
192.168.0.6:80
[INF] Found 2 ports on host 192.168.0.6 (192.168.0.6)
ubuntu@ip-10-0-0-1:~$ ~/go/bin/naabu -host ip-192-168-0-6.ec2.internal

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

                projectdiscovery.io

[INF] Current naabu version 2.3.1 (latest)
[INF] Running CONNECT scan with non root privileges
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found
ubuntu@ip-10-0-0-1:~$ ~/go/bin/naabu -host ip-192-168-0-6.ec2.internal -Pn

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

                projectdiscovery.io

[INF] Current naabu version 2.3.1 (latest)
[INF] Running CONNECT scan with non root privileges
[FTL] Could not run enumeration: no valid ipv4 or ipv6 targets were found

[blockisec]

same for me except I am not running on EC2 but on Qubes (Arch Template). Workaround for me is to add the DNS server from /etc/resolv.conf using -r flag, otherwise naabu does only scan on IPs