Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: http-slowloris-check.nse script error

From: Chris Clements <christopher.a.clements () gmail com>
Date: Fri, 31 Aug 2012 09:48:59 -0500
I'm fairly certain I can, but are you asking if I can reproduce after the patch, or before?

Chris

On Aug 30, 2012, at 7:17 PM, Daniel Miller wrote:


Christopher,

This appears to happen because comm.tryssl() on line 123 cannot
connect to the target port, and so returns "none" for Bestopt. This
patch should avoid the error by ending the script at that point, but
there may be a larger issue. Can you reproduce this reliably?

--- a/scripts/http-slowloris-check.nse
+++ b/scripts/http-slowloris-check.nse
@@ -121,6 +121,10 @@ so, it starves the http server's resources
causing Denial Of Service.

       local _
       _, _, Bestopt = comm.tryssl(host, port, "GET / \r\n\r\n", {})
-- first determine if we need ssl
+       if Bestopt == "none" then
+               stdnse.print_debug("%s: Could not connect to port", SCRIPT_NAME)
+               return nil
+       end
       HalfHTTP = "POST /" .. tostring(math.random(100000, 900000))
.. " HTTP/1.1\r\n" ..
                         "Host: " .. host.ip .. "\r\n" ..
                         "User-Agent: " .. http.USER_AGENT .. "\r\n; " ..


Please let us know if there is any way to reliably reproduce the issue.

Dan

On Wed, Aug 29, 2012 at 3:15 PM, Christopher Clements
<christopher.a.clements () gmail com> wrote:

Received this error during a scan today with svn version 29697 (sanitized)

NSE: 'http-slowloris-check' worker (thread: 0x38b37b0) against
xx.xx.xx.xx:443 threw an error!
...local/bin/../share/nmap/scripts/http-slowloris-check.nse:75: bad
argument #3 to 'connect' (invalid option 'none')
stack traceback:
[C]: in function 'connect'
...local/bin/../share/nmap/scripts/http-slowloris-check.nse:75: in function
'main'
/usr/local/bin/../share/nmap/nse_main.lua:826: in function
</usr/local/bin/../share/nmap/nse_main.lua:826>
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: