Nmap Development mailing list archives
[NSE patch] HTTPAuth script performance tuning
From: Sven Klemm <sven () c3d2 de>
Date: Mon, 14 Jan 2008 00:13:12 +0100
Hi, I attached a patch that makes HTTPAuth.nse tell the server to immediately close the connection so the script won't run into the timeout. This results in a nice speed improvement for the script. The first nmap run is with my modified version and the second is with the original script.
nmap -p 80 google.com --script HTTPAuth
Starting Nmap 4.53 ( http://insecure.org ) at 2008-01-14 00:10 CET Warning: Hostname google.com resolves to 3 IPs. Using 64.233.187.99. Interesting ports on jc-in-f99.google.com (64.233.187.99): PORT STATE SERVICE 80/tcp open http Nmap done: 1 IP address (1 host up) scanned in 1.947 seconds
nmap -p 80 google.com --script HTTPAuth_orig
Starting Nmap 4.53 ( http://insecure.org ) at 2008-01-14 00:10 CET Warning: Hostname google.com resolves to 3 IPs. Using 64.233.187.99. Interesting ports on jc-in-f99.google.com (64.233.187.99): PORT STATE SERVICE 80/tcp open http Nmap done: 1 IP address (1 host up) scanned in 12.155 seconds Cheers, Sven -- Sven Klemm http://cthulhu.c3d2.de/~sven/
Index: HTTPAuth.nse =================================================================== --- HTTPAuth.nse (revision 6693) +++ HTTPAuth.nse (working copy) @@ -71,6 +71,7 @@ query = query .. "Accept: */*\r\n" query = query .. "Accept-Language: en\r\n" query = query .. "User-Agent: Nmap NSE\r\n" + query = query .. "Connection: close\r\n" query = query .. "Host: " .. host.ip .. ":" .. port.number .. "\r\n\r\n" local headers = get_http_headers(host.ip, port.number, query) @@ -100,6 +101,7 @@ query = query .. "Accept: */*\r\n" query = query .. "Accept-Language: en\r\n" query = query .. "User-Agent: Nmap NSE\r\n" + query = query .. "Connection: close\r\n" query = query .. "Host: " .. host.ip .. ":" .. port.number .. "\r\n\r\n" auth = "" @@ -115,6 +117,7 @@ query = query .. "Accept: */*\r\n" query = query .. "Accept-Language: en\r\n" query = query .. "User-Agent: Nmap NSE\r\n" + query = query .. "Connection: close\r\n" query = query .. "Host: " .. host.ip .. ":" .. port.number .. "\r\n\r\n" auth = ""
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE patch] HTTPAuth script performance tuning Sven Klemm (Jan 13)