Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Packet delay not respected in qscan.nse #1038

nnposter opened this issue Oct 16, 2017 · 1 comment

Packet delay not respected in qscan.nse #1038

nnposter opened this issue Oct 16, 2017 · 1 comment


Copy link

@nnposter nnposter commented Oct 16, 2017

There is a defect in how script qscan.nse implements script parameter qscan.delay. Specifically, it compares its value (which is in seconds) against an observed round-trip time (which is in microseconds).

The following patch remediates the issue. It also incidentally resolves #1037.

--- a/scripts/qscan.nse
+++ b/scripts/qscan.nse
@@ -484,12 +484,9 @@
       -- Unlike which loops around while waiting for
       -- the delay, I just sleep here (depending on rtt)
-      if rtt < (3 * delay) / 2 then
-        if rtt < (delay / 2) then
-          stdnse.sleep(((delay / 2) + math.random(0, delay) - rtt))
-        else
-          stdnse.sleep(math.random((3 * delay) / 2 - rtt))
-        end
+      local sleep = delay * (0.5 + math.random()) - rtt / 1000000
+      if sleep > 0 then
+        stdnse.sleep(sleep)

Please let me know if you have any questions or concerns. Otherwise I will commit the patch in a few weeks.

Copy link

@u0m3 u0m3 commented Oct 17, 2017

An elegant solution! I am a bit curious as to why the original implementation was so convoluted, though...

@nmap-bot nmap-bot closed this in 5fa53d0 Oct 24, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants