https-redirect bug causing scans to take much longer

Discussion:

Daniel Cater

2018-11-27 17:42:25 UTC

Hello,

On a recent build from Github-master, I noticed a lot of slow scans which
were waiting for various default SSL scripts such as ssl-cert etc. to
timeout.

After some debugging, I think the root cause is the https-redirect script
misidentifying plain HTTP services as ssl/http which then causes a load of
extra scripts to be run.

More details here: https://github.com/nmap/nmap/issues/1400

I'm not sure if the error is in the script or in comm.tryssl function.

Hopefully the information I put there can help with the fix.

Thanks.

nnposter

2018-11-27 21:35:19 UTC

Permalink

Post by Daniel Cater
On a recent build from Github-master, I noticed a lot of slow scans
which were waiting for various default SSL scripts such as ssl-cert etc.
to timeout.
After some debugging, I think the root cause is the https-redirect
script misidentifying plain HTTP services as ssl/http which then causes
a load of extra scripts to be run.
More details here: https://github.com/nmap/nmap/issues/1400
I'm not sure if the error is in the script or in comm.tryssl function.
Hopefully the information I put there can help with the fix.

Hopefully fixed in r37530

Cheers,
nnposter

Daniel Cater

2018-11-28 02:45:57 UTC

Permalink

Yes, the problem seems to be fixed now, thanks for the quick response!

Post by nnposter

Hopefully fixed in r37530
Cheers,
nnposter
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Continue reading on narkive:

Search results for 'https-redirect bug causing scans to take much longer' (Questions and Answers)

733

replies

How do you protect yourself against computer viruses?

started 2010-02-07 19:54:16 UTC

computers & internet

replies

Is this a computer virus?

started 2011-02-28 10:07:32 UTC

security

101