From 8d2881152247a1675b7a054ce86370becb7b14e8 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Wed, 6 Mar 2013 15:14:20 +0000
Subject: [PATCH] Update scripts with millisecond timeouts to timespec

Similar changes to r30653, but may break compatibility with people using
integer millisecond values, which are now treated as number of seconds.
To get same behavior, use ms after number, e.g. 5000 becomes 5000ms or
5s
---
 scripts/broadcast-ping.nse           | 6 +++---
 scripts/broadcast-ripng-discover.nse | 7 ++++---
 scripts/http-method-tamper.nse       | 5 +++--
 scripts/http-phpself-xss.nse         | 5 +++--
 scripts/mmouse-brute.nse             | 5 +++--
 scripts/mysql-vuln-cve2012-2122.nse  | 5 +++--
 scripts/nessus-xmlrpc-brute.nse      | 8 ++++----
 7 files changed, 23 insertions(+), 18 deletions(-)

diff --git a/scripts/broadcast-ping.nse b/scripts/broadcast-ping.nse
index bab481407..7b9462139 100644
--- a/scripts/broadcast-ping.nse
+++ b/scripts/broadcast-ping.nse
@@ -44,7 +44,7 @@ is 0. The payload is consisted of random bytes.
 --
 -- @args broadcast-ping.interface string specifying which interface to use for this script (default all interfaces)
 -- @args broadcast-ping.num_probes number specifying how many ICMP probes should be sent (default 1)
--- @args broadcast-ping.timeout number specifying how long to wait for response in milliseconds (default 3000)
+-- @args broadcast-ping.timeout timespec specifying how long to wait for response (default 3s)
 --
 -- @output
 -- | broadcast-ping: 
@@ -141,8 +141,8 @@ local broadcast_if = function(if_table,icmp_responders)
 	
 	local num_probes = tonumber(stdnse.get_script_args(SCRIPT_NAME .. ".num-probes")) or 1
 	
-	local timeout = stdnse.get_script_args(SCRIPT_NAME .. ".timeout")
-	if not timeout then	timeout = 3000	end
+	local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
+	timeout =	(timeout or 3) * 1000
 	
 	local ttl = nmap.get_ttl()
 	
diff --git a/scripts/broadcast-ripng-discover.nse b/scripts/broadcast-ripng-discover.nse
index 9ffca56f3..d641b3569 100644
--- a/scripts/broadcast-ripng-discover.nse
+++ b/scripts/broadcast-ripng-discover.nse
@@ -22,8 +22,8 @@ LAN by sending a broadcast RIPng Request command and collecting any responses.
 -- |     fe80:471:0:0:0:0:0:0/64     1       
 -- |_    fe80:472:0:0:0:0:0:0/64     1       
 --
--- @args broadcast-ripng-discover.timeout sets the connection timeout in ms
---       (default: 5000ms)
+-- @args broadcast-ripng-discover.timeout sets the connection timeout
+--       (default: 5s)
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
@@ -172,7 +172,8 @@ action = function()
 	local req = RIPng.Request:new( { RIPng.RTE:new("0::", 0, 0, 16) } )	
 	local host, port = "FF02::9", { number = 521, protocol = "udp" }
 	local iface = nmap.get_interface()
-	local timeout = stdnse.get_script_args(SCRIPT_NAME..".timeout") or 5000
+	local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..".timeout"))
+	timeout = (timeout or 5) * 1000
 
 	local sock = nmap.new_socket("udp")
 	sock:bind(nil, 521)
diff --git a/scripts/http-method-tamper.nse b/scripts/http-method-tamper.nse
index 686f2e2b4..9df15954c 100644
--- a/scripts/http-method-tamper.nse
+++ b/scripts/http-method-tamper.nse
@@ -48,7 +48,7 @@ References:
 --
 -- @args http-method-tamper.uri Base URI to crawl. Not aplicable if <code>http-method-tamper.paths</code> is set.
 -- @args http-method-tamper.paths Array of paths to check. If not set, the script will crawl the web server.
--- @args http-method-tamper.timeout Web crawler timeout. Default: 10000ms
+-- @args http-method-tamper.timeout Web crawler timeout. Default: 10s
 ---
 
 author = "Paulino Calderon <calderon()websec.mx>"
@@ -100,7 +100,8 @@ action = function(host, port)
   local vuln_uris = {}
   local paths = stdnse.get_script_args(SCRIPT_NAME..".paths")
   local uri = stdnse.get_script_args(SCRIPT_NAME..".uri") or "/"
-  local timeout = stdnse.get_script_args(SCRIPT_NAME..".timeout") or 10000
+  local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..".timeout"))
+  timeout = (timeout or 10) * 1000
   local vuln = {
        title = 'Authentication bypass by HTTP verb tampering',
        state = vulns.STATE.NOT_VULN,
diff --git a/scripts/http-phpself-xss.nse b/scripts/http-phpself-xss.nse
index 3dfac0349..81ff43dd7 100644
--- a/scripts/http-phpself-xss.nse
+++ b/scripts/http-phpself-xss.nse
@@ -38,7 +38,7 @@ The attack vector/probe used is: <code>/'"/><script>alert(1)</script></code>
 -- |       https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
 -- |_      http://php.net/manual/en/reserved.variables.server.php
 -- @args http-phpself-xss.uri URI. Default: /
--- @args http-phpself-xss.timeout Spidering timeout. Default:10000
+-- @args http-phpself-xss.timeout Spidering timeout. (default 10s)
 author = "Paulino Calderon"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 categories = {"fuzzer", "intrusive", "vuln"}
@@ -100,7 +100,8 @@ end
 ---
 action = function(host, port)
   local uri = stdnse.get_script_args(SCRIPT_NAME..".uri") or "/"
-  local timeout = stdnse.get_script_args(SCRIPT_NAME..'.timeout') or 10000
+  local timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..'.timeout'))
+  timeout = (timeout or 10) * 1000
   local crawler = httpspider.Crawler:new(host, port, uri, { scriptname = SCRIPT_NAME } )
   crawler:set_timeout(timeout)
 
diff --git a/scripts/mmouse-brute.nse b/scripts/mmouse-brute.nse
index 4f048b77b..605b520e7 100644
--- a/scripts/mmouse-brute.nse
+++ b/scripts/mmouse-brute.nse
@@ -26,14 +26,15 @@ http://mobilemouse.com/
 -- |   Statistics
 -- |_    Performed 1199 guesses in 23 seconds, average tps: 47
 --
--- @args mmouse-brute.timeout socket timeout (milliseconds) for connecting to Mobile Mouse (default 5000)
+-- @args mmouse-brute.timeout socket timeout for connecting to Mobile Mouse (default 5s)
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 categories = {"intrusive", "brute"}
 
 
-local arg_timeout = stdnse.get_script_args(SCRIPT_NAME .. ".timeout") or 5000
+local arg_timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME .. ".timeout"))
+arg_timeout = (arg_timeout or 5) * 1000
 
 portrule = shortport.port_or_service(51010, "mmouse", "tcp")
 
diff --git a/scripts/mysql-vuln-cve2012-2122.nse b/scripts/mysql-vuln-cve2012-2122.nse
index 2477af763..2ebfb9f6d 100644
--- a/scripts/mysql-vuln-cve2012-2122.nse
+++ b/scripts/mysql-vuln-cve2012-2122.nse
@@ -67,7 +67,7 @@ Interesting post about this vuln:
 -- @args mysql-vuln-cve2012-2122.user MySQL username. Default: root.
 -- @args mysql-vuln-cve2012-2122.pass MySQL password. Default: nmapFTW.
 -- @args mysql-vuln-cve2012-2122.iterations Connection retries. Default: 1500.
--- @args mysql-vuln-cve2012-2122.socket_timeout Socket timeout (milliseconds). Default: 5000.
+-- @args mysql-vuln-cve2012-2122.socket_timeout Socket timeout. Default: 5s.
 ---
 
 local mysql = require "mysql"
@@ -121,7 +121,8 @@ basically account password protection is as good as nonexistent.
   local mysql_user = stdnse.get_script_args(SCRIPT_NAME..".user") or "root"
   local mysql_pwd = stdnse.get_script_args(SCRIPT_NAME..".pass") or "nmapFTW"
   local iterations = stdnse.get_script_args(SCRIPT_NAME..".iterations") or 1500
-  local conn_timeout = stdnse.get_script_args(SCRIPT_NAME..".socket_timeout") or 5000	
+  local conn_timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..".socket_timeout"))
+  conn_timeout = (conn_timeout or 5) * 1000
 
   socket:set_timeout(conn_timeout)
 
diff --git a/scripts/nessus-xmlrpc-brute.nse b/scripts/nessus-xmlrpc-brute.nse
index 43cd9c666..3f0d9e5bb 100644
--- a/scripts/nessus-xmlrpc-brute.nse
+++ b/scripts/nessus-xmlrpc-brute.nse
@@ -20,7 +20,7 @@ Performs brute force password auditing against a Nessus vulnerability scanning d
 -- |_    Performed 1933 guesses in 26 seconds, average tps: 73
 --
 -- @args nessus-xmlrpc-brute.threads sets the number of threads.
--- @args nessus-xmlrpc-brute.timeout socket timeout (milliseconds) for connecting to Nessus (default 5000)
+-- @args nessus-xmlrpc-brute.timeout socket timeout for connecting to Nessus (default 5s)
 
 author = "Patrik Karlsson"
 
@@ -31,11 +31,11 @@ categories = {"intrusive", "brute"}
 
 portrule = shortport.port_or_service(8834, "ssl/http", "tcp")
 
-local arg_timeout = stdnse.get_script_args(SCRIPT_NAME..'.timeout')
+local arg_timeout = stdnse.parse_timespec(stdnse.get_script_args(SCRIPT_NAME..'.timeout'))
+arg_timeout = (arg_timeout or 5) * 1000
 local arg_threads = stdnse.get_script_args("nessus-xmlrpc-brute.threads")
 
 local function authenticate(host, port, username, password)
-	local timeout = arg_timeout or 5000
 	local post_data = ("login=%s&password=%s"):format(username, password)
 
 	local headers = {
@@ -49,7 +49,7 @@ local function authenticate(host, port, username, password)
 
 	local data = table.concat(headers, "\r\n") .. "\r\n\r\n" .. post_data
 	local socket = nmap.new_socket()
-	socket:set_timeout(timeout)
+	socket:set_timeout(arg_timeout)
 	
 	local status, err = socket:connect(host, port)
 	if ( not(status) ) then