Nmap Development mailing list archives
Re: http-slowloris-check doesn't work on nmap 7.12
From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 23 Mar 2017 17:45:43 -0500
I see two things here: first, the SSL detection is breaking for some reason. Previously we did not detect this condition and just kept going, defaulting to TCP. So I'm not sure what the error is that's causing that, but I did just make a change to send a real HTTP request instead of "GET / \r\n\r\n" and to properly close the socket afterwards. This probably won't change things. The other thing I see is that the service is running IIS, which is *not* vulnerable to the Slowloris attack. It *does* have a problem with slow POST attacks, but Slowloris is about slow HTTP headers, which IIS will not permit. So I am inclined to believe that the Nmap 6.40 result is a false positive. Dan On Thu, Mar 23, 2017 at 4:36 PM, Omar Arturo Orozco <oorozcoo () gmail com> wrote:
Hi Tom. I have checked it with nmap 7.40 and I got the same result. Regards. On Thu, Mar 23, 2017 at 2:59 PM, Tom Sellers <nmap () fadedcode net> wrote:On 3/23/2017 10:47 AM, Omar Arturo Orozco wrote:Hello. I was running some tests to check the slowloris vulnerablity. With nmap 6.40 the script works very well, with nmap 7.12 doesn't work. I'm attaching the debug log. Regards -- ISEC Omar Arturo Orozco LPIC2 - CEH - ECSA - LPT - CHFIHello Omar, That error appears to be related to SSL. There have been quite a few SSL improvements since 7.12 was released. Would it be possible for you to check with Nmap 7.40? Thank you, Tom-- ISEC Omar Arturo Orozco LPIC2 - CEH - ECSA - LPT - CHFI _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- http-slowloris-check doesn't work on nmap 7.12 Omar Arturo Orozco (Mar 23)
- Re: http-slowloris-check doesn't work on nmap 7.12 Tom Sellers (Mar 23)
- Re: http-slowloris-check doesn't work on nmap 7.12 Omar Arturo Orozco (Mar 23)
- Re: http-slowloris-check doesn't work on nmap 7.12 Daniel Miller (Mar 23)
- Re: http-slowloris-check doesn't work on nmap 7.12 Omar Arturo Orozco (Mar 23)
- Re: http-slowloris-check doesn't work on nmap 7.12 Tom Sellers (Mar 23)