Showing posts with label DoS. Show all posts
Showing posts with label DoS. Show all posts

Sunday, April 13, 2014

HULK - Web Server DoS Tool


HULK is a web server denial of service tool (DDoS Tool) written for research purposes. It is designed to generate volumes of unique and obfuscated traffic at a webserver, bypassing caching engines and therefore hitting the server's direct resource pool.

The Hulk Web server is a brainchild of Barry Shteiman. This DDoS attack tool distinguishes itself from many of the other tools out in the wild. According to its creator, the Hulk Web server was born of his conclusion that most available DDoS attack tools produced predictable repeated patterns that could easily be mitigated. The principle behind the Hulk Web server is that a unique pattern is generated at each and every request, with the intention of increasing the load on the servers as well as evading any intrusion detection and prevention systems.

Some Techniques

  • Obfuscation of Source Client – this is done by using a list of known User Agents, and for every request that is constructed, the User Agent is a random value out of the known list
  • Reference Forgery – the referer that points at the request is obfuscated and points into either the host itself or some major prelisted websites.
  • Stickiness – using some standard Http command to try and ask the server to maintain open connections by using Keep-Alive with variable time window
  • no-cache – this is a given, but by asking the HTTP server for no-cache , a server that is not behind a dedicated caching service will present a unique page.
  • Unique Transformation of URL – to eliminate caching and other optimization tools, I crafted custom parameter names and values and they are randomized and attached to each request, rendering it to be Unique, causing the server to process the response on each event.

Posted by at No comments:
Labels: , , , , , , ,

Friday, March 7, 2014

[GoldenEye v2.1] DoS Tool


GoldenEye is a HTTP/S Layer 7 Denial-of-Service Testing Tool. It uses KeepAlive (and Connection: keep-alive) paired with Cache-Control options to persist socket connection busting through caching (when possible) until it consumes all available sockets on the HTTP/S server.

Changelog v2.1

  • 2014-02-20 Added randomly created user agents (still RFC compliant).
  • 2014-02-19 Removed silly referers and user agents. Improved randomness of referers. Added external user-agent list support.
Usage
USAGE: ./goldeneye.py <url> [OPTIONS]

OPTIONS:
 Flag Description Default
 -u, --useragents File with user-agents to use (default: randomly generated)
 -w, --workers Number of concurrent workers (default: 50)
 -s, --sockets Number of concurrent sockets (default: 30)
 -m, --method HTTP Method to use 'get' or 'post' or 'random' (default: get)
 -d, --debug Enable Debug Mode [more verbose output] (default: False)
 -h, --help Shows this help

Posted by at No comments:
Labels: , , , , , , ,

Thursday, January 23, 2014

[GoldenEye v2.0] DoS Tool



GoldenEye is a HTTP/S Layer 7 Denial-of-Service Testing Tool. It uses KeepAlive (and Connection: keep-alive) paired with Cache-Control options to persist socket connection busting through caching (when possible) until it consumes all available sockets on the HTTP/S server.

Usage
USAGE: ./goldeneye.py <url> [OPTIONS]

 OPTIONS:
     Flag           Description                     Default
     -t, --threads      Number of concurrent threads                (default: 500)
     -m, --method       HTTP Method to use 'get' or 'post'  or 'random'         (default: get)
     -d, --debug        Enable Debug Mode [more verbose output]         (default: False)
     -h, --help     Shows this help

Changelog v2.0

  • 2013-03-26 Changed from threading to multiprocessing. Threading is bad because its subject to GIL.
  • 2012-12-09 Initial release
Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Comments (Atom)