From affa202a7576b2787dcf31931c49d7981ac4bdeb Mon Sep 17 00:00:00 2001 From: fyodor Date: Tue, 15 May 2012 21:16:49 +0000 Subject: [PATCH] Add a todo entry about fixing NSE pipelining --- todo/nmap.txt | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/todo/nmap.txt b/todo/nmap.txt index 121db51a8..88d37f603 100644 --- a/todo/nmap.txt +++ b/todo/nmap.txt @@ -123,6 +123,27 @@ o NSE WORK (potential work for the NSE GSoC folks -- note that this is o Review NSE-based port scanning and RST idle scan. http://seclists.org/nmap-dev/2011/q2/307. [Henri and Hani?] +o Investigate why http pipelining so often doesn't work in NSE + scripts, and often NSE ends up reverting to one request at a time. + Scripts may not be using it correctly, and also we wish it were more + transparent and there wasn't this big API divide between pipeline + and non-pipeline. We just want it send requests as fast as it can, + and get a callback when there's a response. Maybe the http library + buffers them, or pipelines them, or blocks the http.get call until + there's more room. It just seems to always degenerate to 1 request + at a time. For example: + sudo nmap --script=http-enum bamsoftware.com -p80 -d2 + quickly (within a few seconds) gives: + NSE: http-enum: Searching for entries under path '' (change with 'http-enum.basepath' argument) + NSE: Total number of pipelined requests: 2081 + NSE: Number of requests allowed by pipeline: 100 + NSE: Received only 41 of 100 expected responses. + Decreasing max pipelined requests to 41. + NSE: Received only 1 of 41 expected responses. + Decreasing max pipelined requests to 1. + 100 may a wildly high number of requests to attempt to pipeline. + And then something else probably goes wrong after it decides 41 is okay. + o Revive the Nmap Public Source License project (need to find an open source attorney to review it). http://nmap.org/npsl/ o Also take close look at Mozilla's license modernization project: