Now we can easily create a script that starts multiple connections simultaneously and keeps them open. Let's look at the
http-slowloris-check script, which detects the infamous Slowloris vulnerability (http://ha.ckers.org/slowloris/), known for causing denial-of-service conditions with very few network resources. In this case, the script only opens two connections, but we can expand the idea to keep open as many connections as possible. Refer to the
http-slowloris NSE exploit (https://svn.nmap.org/nmap/scripts/http-slowloris.nse) if you are looking for a similar implementation.
The main function of
http-slowloris-check starts two worker threads and waits for both of them to complete. The time difference is compared ...