Nmap Development mailing list archives
Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts
From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 14 Jul 2012 20:57:50 +0200
On Sat, Jul 14, 2012 at 6:43 PM, Aleksandar Nikolic <nikolic.alek () gmail com>wrote:
Hi all, I've resolved this issue as far as the script is concerned in r29209. As far as I can tell, the problem was with threads that were stuck while waiting for free sockets and/or threads that were asleep. I've added the code in the main thread that waits for all others to finish. There is no way to explicitly kill the thread, is there ? Ass all this is a bit ugly, can i get the value of max-parallelism from the NSE somehow? That way , I could create just enough threads and get to warn the user that the attack won't work if it can't get enough threads.
I had the same problem with the brute library, wanting to get hold of the max-parallelism, but it wasn't possible at that time. I think this still holds true. Also as multiple scrips may be running at the same time consuming any amount of sockets at a given time, its difficult to make sure that you really can allocate the maximum set by the max-parallelism value. I think there was a discussion back then about adding the ability to request a given amount of sockets by a script, but as there wasn't any real need (apart from the brute library I mean) I'm not sure where we ended up with that. The problem I was having with the brute library was that one thread would consume a username and password pair in the engine and the lock, due to socket exhaustion when trying to connect the socket. This would result in username and password combinations used early in a supplied lists would not get guessed until at then end, when socket resources were freed up. I re-architected the library a bit to work around this, by adding the connect method to the driver, as once the socket is connected we pretty much have the resource. I don't think dnet "suffers" from this same restriction, but in this case, implementing TCP and HTTP on top of that and using pcap to read the responses is surely not worth it. Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Henri Doreau (Jul 13)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Patrik Karlsson (Jul 13)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Patrick Donnelly (Jul 13)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Henri Doreau (Jul 13)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Aleksandar Nikolic (Jul 13)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Aleksandar Nikolic (Jul 14)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Aleksandar Nikolic (Jul 14)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Aleksandar Nikolic (Jul 14)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Patrik Karlsson (Jul 14)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Patrick Donnelly (Jul 13)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Patrick Donnelly (Jul 14)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Aleksandar Nikolic (Jul 14)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Patrick Donnelly (Jul 14)
- Re: [nmap-svn] r29203 - nmap-exp/aca/nmap/scripts Patrik Karlsson (Jul 13)