Nmap Development mailing list archives
Re: [NSE] False timestamp in ssl-date
From: nnposter () users sourceforge net
Date: Thu, 7 Aug 2014 23:00:25 +0000
nnposter wrote:
Personally I would have preferred to keep the original quick-success clause and call the first sample good enough if it does not differ substantially from the scanner clock. Its main advantage is that it eliminates the forced sleep (and two additional connections/handshakes) in most cases. (It would be easy to add it back. If the concern is a false-positive match then we could be less tolerant than the original +/- 15 minutes.)
The quick-success clause can be implemented with the additional patch below (applied on top of the first patch). Cheers, nnposter --- scripts/ssl-date.nse.orig 2014-08-07 15:53:20.340222800 -0600 +++ scripts/ssl-date.nse 2014-08-07 16:30:45.992819400 -0600 @@ -162,20 +162,24 @@ action = function(host, port) - local reftm = get_time_sample(host, port) - if not reftm then + local tm = get_time_sample(host, port) + if not tm then return stdnse.format_output(false, "Unable to obtain data from the target") end - local status, tm = test_time_sample(host, port, reftm) - if status and status == result.STAGNANT then - stdnse.sleep(1.1) + if math.abs(tm.delta) > 5*60 then + local reftm = tm + local status status, tm = test_time_sample(host, port, reftm) - end - if not status then - return stdnse.format_output(false, "Unable to obtain data from the target") - end - if status ~= result.ACCEPTED then - return stdnse.format_output(false, "TLS randomness does not represent time") + if status and status == result.STAGNANT then + stdnse.sleep(1.1) + status, tm = test_time_sample(host, port, reftm) + end + if not status then + return stdnse.format_output(false, "Unable to obtain data from the target") + end + if status ~= result.ACCEPTED then + return stdnse.format_output(false, "TLS randomness does not represent time") + end end local output = { _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] False timestamp in ssl-date nnposter (Aug 01)
- Re: [NSE] False timestamp in ssl-date Daniel Miller (Aug 01)
- Re: [NSE] False timestamp in ssl-date David Fifield (Aug 01)
- Re: [NSE] False timestamp in ssl-date nnposter (Aug 07)
- Re: [NSE] False timestamp in ssl-date nnposter (Aug 07)
- Re: [NSE] False timestamp in ssl-date Fyodor (Aug 16)
- Re: [NSE] False timestamp in ssl-date nnposter (Aug 18)
- Re: [NSE] False timestamp in ssl-date Daniel Miller (Aug 20)
- Re: [NSE] False timestamp in ssl-date nnposter (Aug 22)
- Re: [NSE] False timestamp in ssl-date nnposter (Aug 07)