-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Test and fix http-slowloris for running against multiple services at once. #63
Comments
Hi, [1]https://github.com/h4ck3rk3y/nmap/blob/master/test_scripts/http-slowloris.nse Gyani |
@h4ck3rk3y I would instead make those variables into indices in a table local to the action function. Then pass that table as an argument to the thread function via I do notice now, though, that the original author included a workaround for this problem by using a mutex to ensure only one instance of the script runs at any given time. We should probably look into how to best handle scanning multiple services, since doing so with the |
Some of the functions that are run through
Some sort of port specification ? The user can specify which port to run the script forever on. Others open ports will be skipped. |
Tables are passed by reference; all threads would have the same table. This means that any of the threads which updates a value would have to use a mutex or something to avoid concurrency issues, but for reads there would be no problems. |
Ah, that should work then. My implementation really reduced the readability of code and made it look messy. |
The http-slowloris script has lots of script-level variables that will probably conflict with each other when scanning multiple services. Example: the
Bestopt
variable keeps track of whether to use SSL or not. Running against a plaintext and an HTTPS service at the same time would probably result in conflicts. Need to test and fix, or just rewrite the script to be cleaner.The text was updated successfully, but these errors were encountered: