Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Packet delay not respected in qscan.nse #1038

Closed
nnposter opened this Issue Oct 16, 2017 · 1 comment

Comments

Projects
None yet
2 participants

There is a defect in how script qscan.nse implements script parameter qscan.delay. Specifically, it compares its value (which is in seconds) against an observed round-trip time (which is in microseconds).

The following patch remediates the issue. It also incidentally resolves #1037.

--- a/scripts/qscan.nse
+++ b/scripts/qscan.nse
@@ -484,12 +484,9 @@
 
       -- Unlike qscan.cc which loops around while waiting for
       -- the delay, I just sleep here (depending on rtt)
-      if rtt < (3 * delay) / 2 then
-        if rtt < (delay / 2) then
-          stdnse.sleep(((delay / 2) + math.random(0, delay) - rtt))
-        else
-          stdnse.sleep(math.random((3 * delay) / 2 - rtt))
-        end
+      local sleep = delay * (0.5 + math.random()) - rtt / 1000000
+      if sleep > 0 then
+        stdnse.sleep(sleep)
       end
     end
   end

Please let me know if you have any questions or concerns. Otherwise I will commit the patch in a few weeks.

u0m3 commented Oct 17, 2017

An elegant solution! I am a bit curious as to why the original implementation was so convoluted, though...

@nmap-bot nmap-bot closed this in 5fa53d0 Oct 24, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment