Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Packet delay not respected in qscan.nse #1038

Closed
nnposter opened this issue Oct 16, 2017 · 1 comment
Closed

Packet delay not respected in qscan.nse #1038

nnposter opened this issue Oct 16, 2017 · 1 comment

Comments

@nnposter
Copy link

There is a defect in how script qscan.nse implements script parameter qscan.delay. Specifically, it compares its value (which is in seconds) against an observed round-trip time (which is in microseconds).

The following patch remediates the issue. It also incidentally resolves #1037.

--- a/scripts/qscan.nse
+++ b/scripts/qscan.nse
@@ -484,12 +484,9 @@
 
       -- Unlike qscan.cc which loops around while waiting for
       -- the delay, I just sleep here (depending on rtt)
-      if rtt < (3 * delay) / 2 then
-        if rtt < (delay / 2) then
-          stdnse.sleep(((delay / 2) + math.random(0, delay) - rtt))
-        else
-          stdnse.sleep(math.random((3 * delay) / 2 - rtt))
-        end
+      local sleep = delay * (0.5 + math.random()) - rtt / 1000000
+      if sleep > 0 then
+        stdnse.sleep(sleep)
       end
     end
   end

Please let me know if you have any questions or concerns. Otherwise I will commit the patch in a few weeks.
@u0m3 u0m3 mentioned this issue Oct 17, 2017
Closed
@u0m3
Copy link

u0m3 commented Oct 17, 2017

An elegant solution! I am a bit curious as to why the original implementation was so convoluted, though...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@u0m3 @nnposter