diff --git a/scripts/broadcast-ping.nse b/scripts/broadcast-ping.nse
index bab481407..7b9462139 100644
--- a/scripts/broadcast-ping.nse
+++ b/scripts/broadcast-ping.nse
@@ -44,7 +44,7 @@ is 0. The payload is consisted of random bytes.
--
-- @args broadcast-ping.interface string specifying which interface to use for this script (default all interfaces)
-- @args broadcast-ping.num_probes number specifying how many ICMP probes should be sent (default 1)
--- @args broadcast-ping.timeout number specifying how long to wait for response in milliseconds (default 3000)
+-- @args broadcast-ping.timeout timespec specifying how long to wait for response (default 3s)
--
-- @output
-- | broadcast-ping:
@@ -141,8 +141,8 @@ local broadcast_if = function(if_table,icmp_responders)
local num_probes = tonumber(stdnse.get_script_args(SCRIPT_NAME .. ".num-probes")) or 1
- local timeout = stdnse.get_script_args(SCRIPT_NAME .. ".timeout")
- if not timeout then timeout = 3000 end
+ local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
+ timeout = (timeout or 3) * 1000
local ttl = nmap.get_ttl()
diff --git a/scripts/broadcast-ripng-discover.nse b/scripts/broadcast-ripng-discover.nse
index 9ffca56f3..d641b3569 100644
--- a/scripts/broadcast-ripng-discover.nse
+++ b/scripts/broadcast-ripng-discover.nse
@@ -22,8 +22,8 @@ LAN by sending a broadcast RIPng Request command and collecting any responses.
-- | fe80:471:0:0:0:0:0:0/64 1
-- |_ fe80:472:0:0:0:0:0:0/64 1
--
--- @args broadcast-ripng-discover.timeout sets the connection timeout in ms
--- (default: 5000ms)
+-- @args broadcast-ripng-discover.timeout sets the connection timeout
+-- (default: 5s)
author = "Patrik Karlsson"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
@@ -172,7 +172,8 @@ action = function()
local req = RIPng.Request:new( { RIPng.RTE:new("0::", 0, 0, 16) } )
local host, port = "FF02::9", { number = 521, protocol = "udp" }
local iface = nmap.get_interface()
- local timeout = stdnse.get_script_args(SCRIPT_NAME..".timeout") or 5000
+ local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..".timeout"))
+ timeout = (timeout or 5) * 1000
local sock = nmap.new_socket("udp")
sock:bind(nil, 521)
diff --git a/scripts/http-method-tamper.nse b/scripts/http-method-tamper.nse
index 686f2e2b4..9df15954c 100644
--- a/scripts/http-method-tamper.nse
+++ b/scripts/http-method-tamper.nse
@@ -48,7 +48,7 @@ References:
--
-- @args http-method-tamper.uri Base URI to crawl. Not aplicable if http-method-tamper.paths is set.
-- @args http-method-tamper.paths Array of paths to check. If not set, the script will crawl the web server.
--- @args http-method-tamper.timeout Web crawler timeout. Default: 10000ms
+-- @args http-method-tamper.timeout Web crawler timeout. Default: 10s
---
author = "Paulino Calderon "
@@ -100,7 +100,8 @@ action = function(host, port)
local vuln_uris = {}
local paths = stdnse.get_script_args(SCRIPT_NAME..".paths")
local uri = stdnse.get_script_args(SCRIPT_NAME..".uri") or "/"
- local timeout = stdnse.get_script_args(SCRIPT_NAME..".timeout") or 10000
+ local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..".timeout"))
+ timeout = (timeout or 10) * 1000
local vuln = {
title = 'Authentication bypass by HTTP verb tampering',
state = vulns.STATE.NOT_VULN,
diff --git a/scripts/http-phpself-xss.nse b/scripts/http-phpself-xss.nse
index 3dfac0349..81ff43dd7 100644
--- a/scripts/http-phpself-xss.nse
+++ b/scripts/http-phpself-xss.nse
@@ -38,7 +38,7 @@ The attack vector/probe used is: /'"/>
-- | https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
-- |_ http://php.net/manual/en/reserved.variables.server.php
-- @args http-phpself-xss.uri URI. Default: /
--- @args http-phpself-xss.timeout Spidering timeout. Default:10000
+-- @args http-phpself-xss.timeout Spidering timeout. (default 10s)
author = "Paulino Calderon"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"fuzzer", "intrusive", "vuln"}
@@ -100,7 +100,8 @@ end
---
action = function(host, port)
local uri = stdnse.get_script_args(SCRIPT_NAME..".uri") or "/"
- local timeout = stdnse.get_script_args(SCRIPT_NAME..'.timeout') or 10000
+ local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..'.timeout'))
+ timeout = (timeout or 10) * 1000
local crawler = httpspider.Crawler:new(host, port, uri, { scriptname = SCRIPT_NAME } )
crawler:set_timeout(timeout)
diff --git a/scripts/mmouse-brute.nse b/scripts/mmouse-brute.nse
index 4f048b77b..605b520e7 100644
--- a/scripts/mmouse-brute.nse
+++ b/scripts/mmouse-brute.nse
@@ -26,14 +26,15 @@ http://mobilemouse.com/
-- | Statistics
-- |_ Performed 1199 guesses in 23 seconds, average tps: 47
--
--- @args mmouse-brute.timeout socket timeout (milliseconds) for connecting to Mobile Mouse (default 5000)
+-- @args mmouse-brute.timeout socket timeout for connecting to Mobile Mouse (default 5s)
author = "Patrik Karlsson"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"intrusive", "brute"}
-local arg_timeout = stdnse.get_script_args(SCRIPT_NAME .. ".timeout") or 5000
+local arg_timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
+arg_timeout = (arg_timeout or 5) * 1000
portrule = shortport.port_or_service(51010, "mmouse", "tcp")
diff --git a/scripts/mysql-vuln-cve2012-2122.nse b/scripts/mysql-vuln-cve2012-2122.nse
index 2477af763..2ebfb9f6d 100644
--- a/scripts/mysql-vuln-cve2012-2122.nse
+++ b/scripts/mysql-vuln-cve2012-2122.nse
@@ -67,7 +67,7 @@ Interesting post about this vuln:
-- @args mysql-vuln-cve2012-2122.user MySQL username. Default: root.
-- @args mysql-vuln-cve2012-2122.pass MySQL password. Default: nmapFTW.
-- @args mysql-vuln-cve2012-2122.iterations Connection retries. Default: 1500.
--- @args mysql-vuln-cve2012-2122.socket_timeout Socket timeout (milliseconds). Default: 5000.
+-- @args mysql-vuln-cve2012-2122.socket_timeout Socket timeout. Default: 5s.
---
local mysql = require "mysql"
@@ -121,7 +121,8 @@ basically account password protection is as good as nonexistent.
local mysql_user = stdnse.get_script_args(SCRIPT_NAME..".user") or "root"
local mysql_pwd = stdnse.get_script_args(SCRIPT_NAME..".pass") or "nmapFTW"
local iterations = stdnse.get_script_args(SCRIPT_NAME..".iterations") or 1500
- local conn_timeout = stdnse.get_script_args(SCRIPT_NAME..".socket_timeout") or 5000
+ local conn_timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..".socket_timeout"))
+ conn_timeout = (conn_timeout or 5) * 1000
socket:set_timeout(conn_timeout)
diff --git a/scripts/nessus-xmlrpc-brute.nse b/scripts/nessus-xmlrpc-brute.nse
index 43cd9c666..3f0d9e5bb 100644
--- a/scripts/nessus-xmlrpc-brute.nse
+++ b/scripts/nessus-xmlrpc-brute.nse
@@ -20,7 +20,7 @@ Performs brute force password auditing against a Nessus vulnerability scanning d
-- |_ Performed 1933 guesses in 26 seconds, average tps: 73
--
-- @args nessus-xmlrpc-brute.threads sets the number of threads.
--- @args nessus-xmlrpc-brute.timeout socket timeout (milliseconds) for connecting to Nessus (default 5000)
+-- @args nessus-xmlrpc-brute.timeout socket timeout for connecting to Nessus (default 5s)
author = "Patrik Karlsson"
@@ -31,11 +31,11 @@ categories = {"intrusive", "brute"}
portrule = shortport.port_or_service(8834, "ssl/http", "tcp")
-local arg_timeout = stdnse.get_script_args(SCRIPT_NAME..'.timeout')
+local arg_timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..'.timeout'))
+arg_timeout = (arg_timeout or 5) * 1000
local arg_threads = stdnse.get_script_args("nessus-xmlrpc-brute.threads")
local function authenticate(host, port, username, password)
- local timeout = arg_timeout or 5000
local post_data = ("login=%s&password=%s"):format(username, password)
local headers = {
@@ -49,7 +49,7 @@ local function authenticate(host, port, username, password)
local data = table.concat(headers, "\r\n") .. "\r\n\r\n" .. post_data
local socket = nmap.new_socket()
- socket:set_timeout(timeout)
+ socket:set_timeout(arg_timeout)
local status, err = socket:connect(host, port)
if ( not(status) ) then