O'Reilly logo

Mastering the Nmap Scripting Engine by Paulino Calderón Pale

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Consuming TCP connections with NSE

Now we can easily create a script that starts multiple connections simultaneously and keeps them open. Let's look at the http-slowloris-check script, which detects the infamous Slowloris vulnerability (http://ha.ckers.org/slowloris/), known for causing denial-of-service conditions with very few network resources. In this case, the script only opens two connections, but we can expand the idea to keep open as many connections as possible. Refer to the http-slowloris NSE exploit (https://svn.nmap.org/nmap/scripts/http-slowloris.nse) if you are looking for a similar implementation.

The main function of http-slowloris-check starts two worker threads and waits for both of them to complete. The time difference is compared ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required