Nmap Development mailing list archives
Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack
From: Ange Gutek <ange.gutek () gmail com>
Date: Fri, 3 Jun 2011 18:48:19 +0200
Thank you for those valuable advices. With a (huge) late, here is a fixed version Le 24/05/2011 00:03, Patrick Donnelly a écrit :
o Don't change the random seed. I just made a commit in 23266 making this unnecessary for scripts. NSE does it on your behalf.
Done
o You can use a mutex so that you can run against multiple hosts but only one slowloris script is ever running (so you don't overload the host system). Something like nmap.mutex("slowloris") with a lock and unlock at the beginning and end of the action function would suffice.
Done
o The formatting makes the script really hard to follow. Can you try
fixing it?
Did my best, I hope it's more readable now
o You can move the doHalfhttp and doMonitor functions outside of the action function. There are no upvalues (external local variables [1]) that these functions need access to inside the action function.
Done
o I don't think you need to use the registry in this script. Why not use local variables at the start of the script like: local threads = 0 -- previously:
nmap.registry[host.ip]['slowloris_threads']
local sockets = 0 -- previously:
nmap.registry[host.ip]['slowloris_sockets']
local queries = 0 -- previously:
nmap.registry[host.ip]['slowloris_queries']
local serverup = true -- previously: nmap.registry[host.ip]['httpmonitor_serverup']
Done Regards, A.G.
Attachment:
http-slowloris.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack Ange Gutek (Jun 03)
- Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack Henri Doreau (Jun 10)
- Message not available
- Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack Henri Doreau (Jun 10)
- Message not available
- Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack Patrick Donnelly (Jun 11)
- Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack Gutek (Jun 12)
- Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack Patrik Karlsson (Jun 12)
- Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack Henri Doreau (Jun 17)
- Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack Henri Doreau (Jun 10)
- <Possible follow-ups>
- Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack Ron (Jun 17)