How to launch dos attack – slowloris

In computing, a denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. A distributed denial-of-service (DDoS) is where the attack source is more than one–and often thousands of-unique IP addresses. Criminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks, credit card payment gateways; but motives of revenge, blackmail or activism can be behind other attacks.

Slowloris is written by Robert “RSnake” Hansen which allows a single machine to take down another machine’s web server with minimal bandwidth and side effects on unrelated services and ports. Slowloris tries to keep many connections to the target web server open and hold them open as long as possible. It accomplishes this by opening connections to the target web server and sending a partial request. Slowloris is one of the best DDOS tool.Slowloris can knockout Apache servers efficiently. Slowloris makes a partial http request in multi-thread mode. This is very effective against apache servers because apache server works in such a way that it waits for the connection to complete i.e timeout mechanism. Since we generate huge traffic with partial request on a multi-thread mode the target server’s resource get used up . Continuous attack can ruin the server resources and throws an internal error.

 

Requirements

Since slowloris is written in perl we need to install perl and its components
# sudo apt-get install perl
# sudo apt-get install libwww-mechanize-shell-perl
# sudo apt-get install perl-mechanize

Download the slowloris.pl script from the below link

slowloris.pl-v.0.7

 

Launch the attack

Extract the downloaded file and open terminal and navigate to the folder “cd path/to/folder/” or just go to the extracted folder right click > open in terminal. Follow the commands.
# chmod +x slowloris.pl

Just copy your target’s IP or URL and start attacking

# perl slowloris.pl -dns < target.com >
The above command is basic, i.e. with the default values. To make the attcak more powerful increase the sockets(say 1000) and decrease the timeout (set to 1). use “-num” to increase no: of sockets or connections, “-timeout” to set timeout, “-port” to set port default is 80 (better dont change it). for more powerful attack use the command below.
# perl slowloris.pl -dns < target.com > -timeout 1 -num 1000 -cache

Unlike other server attacks DOS attack is not very effective, you cannot take a large website with your single machine. It will be more effective when you have more attackers. Form a BOT-NET army to launch a DDOS or do it along with your friends. Attacking a huge server with one machine will consume more hours.

An advantage of slowloris is it will evade most of the IDS system, because its not sending malformed request. The traffic seems to be legitimate by all IDS or WAF systems.

The disadvantage of slowloris is the target server come back online as soon as the script is stopped because the web server close the connections automatically after the request timeout. So you have run the script consistently to knockout the server

susmith HCK

susmith HCK

I’m a computer enthusiast basically and i love to write blogs on tech issues and cyber security. I started penetration testing at the age of 16 and i would like to explore security vulnerabilities and latest tech news and wanna share with you. If you like all these stuffs add me on Facebook and Google plus.

You may also like...

1 Response

  1. Anonymous says:

    webcam_stream & webcam_stream 2 both use the same camera. (Back)
    Samsung Galaxy tablet

Leave a Reply

Your email address will not be published. Required fields are marked *