2018-06-18 05:27 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0004628Kali Linux[All Projects] New Tool Requestspublic2018-04-03 13:57
Reporterhoussniyh 
Assigned To 
PrioritynormalSeverityfeatureReproducibilityN/A
StatusnewResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0004628: pwnloris - Improved new DOS Slowloris testing tool
DescriptionI have created a DOS Slowloris tool which is an improved version. The features are: using tor when that flag is passed (without needing to install proxychains or torify/torsocks), and the attack continues until the server is starting to get exhausted. It is written in Python 3 and I would love to see this tool being added into Kali. Works on Apache servers IF the developer hasn't patched it to mitigate such attacks.

https://github.com/houssniyh/Slowloris-DOS-Attack
Steps To Reproduce$ ./slowloris.py kali.org -t
Additional Informationhttps://github.com/houssniyh/Slowloris-DOS-Attack

Repo, main branch is development so it won't be indexed, I will change that later on if needed.
Attached Files

-Relationships
+Relationships

-Notes

~0008900

g0tmi1k (administrator)

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

- [Name] - The name of the tool
- [Version] - What version of the tool should be added?
--- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
- [Homepage] - Where can the tool be found online? Where to go to get more information?
- [Download] - Where to go to get the tool? either a download page or a link to the latest version
- [Author] - Who made the tool?
- [Licence] - How is the software distributed? What conditions does it come with?
- [Description] - What is the tool about? What does it do?
- [Dependencies] - What is needed for the tool to work?
- [Similar tools] - What other tools are out there?
- [Activity] - When did the project start? Is is still actively being deployed?
- [How to install] - How do you compile it?
--- Note, using source code to acquire (e.g. git clone/svn checkout) can't be used - Also downloading from the head. Please use a "tag" or "release" version.
- [How to use] - What are some basic commands/functions to demonstrate it?

~0008901

houssniyh (reporter)

- [Name] - pwnloris
- [Version] - 1.0
--- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag) (https://github.com/houssniyh/pwnloris/releases)
- [Homepage] - https://github.com/houssniyh/pwnloris
- [Download] - https://github.com/houssniyh/pwnloris/releases
- [Author] - Houssni
- [Licence] - GNU General Public License v3.0
- [Description] - "This script abuses the CVE-2007-6750 vulnerability. This exploits works using just one machine by creating multiple threads and sending from each thread incomplete requests while keeping the collection alive thus using up all the resources of the server and making the website unreachable."
- [Dependencies] - pip install pysocks socket requests
- [Similar tools] - https://github.com/llaera/slowloris.pl (but it is less efficient than pwnloris)
- [Activity] - August 2017 in bitbucket private repo, but just recently made it public on github
- [How to install] - pip install -r requirements.txt
--- Note, using source code to acquire (e.g. git clone/svn checkout) can't be used - Also downloading from the head. Please use a "tag" or "release" version.
- [How to use]
    - ./slowloris.py kali.org
    - ./slowloris.py kali.org --tor

~0008902

houssniyh (reporter)

- ./pwnloris.py kali.org
- ./pwnloris.py kali.org --tor

Renamed the tool to be more distinguished.
+Notes

-Issue History
Date Modified Username Field Change
2018-03-12 09:37 houssniyh New Issue
2018-03-12 09:56 g0tmi1k Note Added: 0008900
2018-03-12 10:15 houssniyh Note Added: 0008901
2018-03-12 10:20 houssniyh Note Added: 0008902
2018-04-03 13:57 g0tmi1k Summary Improved new DOS Slowloris testing tool => pwnloris - Improved new DOS Slowloris testing tool
+Issue History