Author: Xu FC
Platform: Linux kali141 5.3.0-kali1-amd64 #1 SMP Debian 5.3.7-1kali1 (2019-10-21) x86_64 GNU/Linux
概述
Slowhttptest 是一款支持 slowloris / slow body / range attack / slow read 的 slow HTTP DoS 攻击测试攻击。
Slowhttptest 安装
apt install slowhttptest -y
Slowhttptest 参数
root@client_1:/home/xufc/Templates# slowhttptest -h
slowhttptest, a tool to test for slow HTTP DoS vulnerabilities - version 1.7
Usage: slowhttptest [options ...]
Test modes:
-H slow headers a.k.a. Slowloris (default)
-B slow body a.k.a R-U-Dead-Yet
-R range attack a.k.a Apache killer
-X slow read a.k.a Slow Read
Reporting options:
-g generate statistics with socket state changes (off)
// 生成计信息并保存到 html 和 csv 文件中
-o file_prefix save statistics output in file.html and file.csv (-g required)
// 使用 -g 生成统计信息,指定 html 和 csv 文件名字
-v level verbosity level 0-4: Fatal, Info, Error, Warning, Debug
// 日志级别
General options:
-c connections target number of connections (50)
// CC 并发
-i seconds interval between followup data in seconds (10)
// 一个请求中,每隔几秒发送一部分数据
-l seconds target test length in seconds (240)
// 总体测试时间
-r rate connections per seconds (50)
// 每秒 connection attempt
-s bytes value of Content-Length header if needed (4096)
// content-length 值
-t verb verb to use in request, default to GET for
slow headers and response and to POST for slow body
// HTTP request method, slow headers -- GET, slow body -- POST
-u URL absolute URL of target (http://localhost/)
// 目标URL
-x bytes max length of each randomized name/value pair of
followup data per tick, e.g. -x 2 generates
X-xx: xx for header or &xx=xx for body, where x
is random character (32)
// name/value 的长度,e.g. -x 2 表示 name = (X-)xx, value=xx, 组合起来 header -- X-xx: xx, body -- &xx=xx
-f content-type value of Content-type header (application/x-www-form-urlencoded)
// content-type 值
-m accept value of Accept header (text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5)
// accept 值
Probe/Proxy options:
-d host:port all traffic directed through HTTP proxy at host:port (off)
// HTTP proxy
-e host:port probe traffic directed through HTTP proxy at host:port (off)
-p seconds timeout to wait for HTTP response on probe connection,
after which server is considered inaccessible (5)
Range attack specific options:
-a start left boundary of range in range header (5)
// Byte range 起始位置
-b bytes limit for range header right boundary values (2000)
// Byte range 结束位置
Slow read specific options:
-k num number of times to repeat same request in the connection. Use to
multiply response size if server supports persistent connections (1)
// 支持长连接的情况下,一个 TCP 连接中发送 request 的数量
-n seconds interval between read operations from recv buffer in seconds (1)
-w bytes start of the range advertised window size would be picked from (1)
// TCP window size 范围 最小值
-y bytes end of the range advertised window size would be picked from (512)
// TCP window size 范围 最大值
-z bytes bytes to slow read from receive buffer with single read() call (5)
网友评论