msf dos module for fb messenger bots
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
auxiliary/dos/http check if attack was sucessful Nov 1, 2016
README.md fixed typo Nov 3, 2016

README.md

msf-fb-messenger-bot-dos

metasploit framework module for dos fb bots.This module generates a 100kb payload which contains around 600 messages which a bot with wrong X-Hub-Signature implementation will handle like they came from facebook.That will cause the bot to start serveral http calls to facebook and 3rd party servers which have most likely a rate limiting of 1 request per second. That means one request keeps the server busy for 10 minutes.

vid-gif-4 1

To use this module you can either pass this parameter to msfconsole:

msfconsole -m ~/path/to/this/repo

or you could use the loadpath command:

loadpath ~/path/to/this/repo

just set RHOST and RPORT and run exploit. In some cases you can also use the app scoped user id to start an attack against a fb user of this bot. You can use rounds to adjust the amount of requests sent to the server. One request keeps one thread busy for 10 minutes.