Hi,
I have been looking over the Internet for a tool to make a DoS attack on an apache web server (v 1.3.37 or v 2.0.54). I found lots of things but nothing serious . Do you have a lead for me ? (sorry for my bad english)
dos + apache
- Nerdz
- The Architect
- Posts: 1127
- Joined: 15 Jun 2005, 16:00
- 18
- Location: #db_error in: select usr.location from sucko_member where usr.id=63;
- Contact:
You can also try to google these version and try to find info on forum... try to use other search engine than google... use your imagination!
Also, try to find other version related problem... like
version 1.3 of something is ok but an exploit has been discovered in 1.4 and it affects <= 1.4. So googling the 1.3 version won't give it to you... but searching around will.
Also, try to find other version related problem... like
version 1.3 of something is ok but an exploit has been discovered in 1.4 and it affects <= 1.4. So googling the 1.3 version won't give it to you... but searching around will.
Give a man a fish, you feed him for one day.
Learn a man to fish, you feed him for life.
Learn a man to fish, you feed him for life.
open ports mean more targets
remember to consider all the open ports for DoS. Even if a server is patched, you still count on the admin making poor choices of setting access control or using third party apps.
I personally disprove of DoS, it'll light up the logs real quick.
DNR
I personally disprove of DoS, it'll light up the logs real quick.
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
That's all good advice. So, I'll look for a better solution because last night I found a "barbaric" perl script (httpd_flood.pl) on packetstorm which does the DoS by creating a large number of tcp connections.
In the mean time, I would like to complete my bench by rerouting the http trafic to my computer in order to display my website to the victim browser. So, I made a little arpspoof but what next .... ?
In the mean time, I would like to complete my bench by rerouting the http trafic to my computer in order to display my website to the victim browser. So, I made a little arpspoof but what next .... ?
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
such floods are pretty pointless because it's no problem to limit the max. connections of a single IP, also with a simple netstat -t your attack is identified...together with blocking the IP via firewall it takes about 5 seconds to get rid of such an attack.
to re-route traffic you would have to run a man-in-the-middle attack, but to do this you would first have to hijack a DNS server in the path
the versions 1.3.37 and 2.0.54 might not be the newest ones, but this doesn't mean the newer versions have been released because there were serious flaws, usually they only include minor bugfixes. apache is simply too well maintained, so you picked one one the heaviest opponents.....
to re-route traffic you would have to run a man-in-the-middle attack, but to do this you would first have to hijack a DNS server in the path
the versions 1.3.37 and 2.0.54 might not be the newest ones, but this doesn't mean the newer versions have been released because there were serious flaws, usually they only include minor bugfixes. apache is simply too well maintained, so you picked one one the heaviest opponents.....
Well, I know this is not easy. After all, Apache represent 60%, if I'm right, of the web server in the world. For the moment, I will use that flood for testing purpose. But like I said earlier, I'm looking for a better solution and I'm pretty confident that I will find something. So, I will keep googling
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
well, ok, here's something that I recommend, it's an official tool that is part of any (at least afaik) Linux distro...so you don't have to deal with poorly coded and malware infected "hacker tools" crap you find on the net:
http://httpd.apache.org/docs/2.0/programs/ab.html
work for remote tests too.
of course this is no "click button to hack" crap, it's a professional tool and so you have to get a little into it first...but this also forces you to learn...
http://httpd.apache.org/docs/2.0/programs/ab.html
work for remote tests too.
of course this is no "click button to hack" crap, it's a professional tool and so you have to get a little into it first...but this also forces you to learn...