Script http-chrono

Script types: portrule
Categories: discovery, intrusive
Download: https://svn.nmap.org/nmap/scripts/http-chrono.nse

Script Summary

Measures the time a website takes to deliver a web page and returns the maximum, minimum and average time it took to fetch a page.

Web pages that take longer time to load could be abused by attackers in DoS or DDoS attacks due to the fact that they are likely to consume more resources on the target server. This script could help identifying these web pages.

Script Arguments

http-chrono.tries

the number of times to fetch a page based on which max, min and average calculations are performed.

http-chrono.withindomain

only spider URLs within the same domain. This widens the scope from withinhost and can not be used in combination. (default: false)

http-chrono.withinhost

only spider URLs within the same host. (default: true)

http-chrono.maxdepth

the maximum amount of directories beneath the initial url to spider. A negative value disables the limit. (default: 3)

http-chrono.maxpagecount

the maximum amount of pages to visit. A negative value disables the limit (default: 1)

http-chrono.url

the url to start spidering. This is a URL relative to the scanned host eg. /default.html (default: /)

slaxml.debug

See the documentation for the slaxml library.

httpspider.doscraping, httpspider.maxdepth, httpspider.maxpagecount, httpspider.noblacklist, httpspider.url, httpspider.useheadfornonwebfiles, httpspider.withindomain, httpspider.withinhost

See the documentation for the httpspider library.

http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap --script http-chrono <ip>

Script Output

PORT   STATE SERVICE
80/tcp open  http
|_http-chrono: Request times for /; avg: 2.98ms; min: 2.63ms; max: 3.62ms

PORT   STATE SERVICE
80/tcp open  http
| http-chrono:
| page                         avg      min      max
| /admin/                      1.91ms   1.65ms   2.05ms
| /manager/status              2.14ms   2.03ms   2.24ms
| /manager/html                2.26ms   2.09ms   2.53ms
| /examples/servlets/          2.43ms   1.97ms   3.62ms
| /examples/jsp/snp/snoop.jsp  2.75ms   2.59ms   3.13ms
| /                            2.78ms   2.54ms   3.36ms
| /docs/                       3.14ms   2.61ms   3.53ms
| /RELEASE-NOTES.txt           3.70ms   2.97ms   5.58ms
| /examples/jsp/               4.93ms   3.39ms   8.30ms
|_/docs/changelog.html         10.76ms  10.14ms  11.46ms

Requires

• http
• httpspider
• math
• shortport
• stdnse
• string
• tab
• table
• url

---

Author:

• Ange Gutek

License: Same as Nmap--See https://nmap.org/book/man-legal.html