Skip to main content

Posts

Showing posts from June, 2020

Performing a genuine slowloris attack (SlowHTTP) of indefinite length in Kali Linux

Slowloris is without a doubt, one of the favorite attacks of many white/gray/black hats, due to its simplicity and effectiveness. Let's explain quickly graphically what the attack looks like: Unlike another tutorial about how to test if your server is vulnerable to Slowloris attacks and where we explain how this kind of attack works , this tutorial aims to be a genuine attack, this means one of those attacks that are not limited by some condition in the script, this attack will run forever if you want it (until you close the terminal that runs the attack). We recommend you to read the first article before proceeding with this one. In this article, we will explain you how to run a Python version of a genuine Slowloris attack in Kali Linux. 1. Clone Slowloris script Slowloris is basically an HTTP Denial of Service attack that affects threaded servers. It works like this: We start making lots of HTTP requests. We send headers periodically (every ~15 seconds) to keep the connections op...

How to scan for web server vulnerabilities with Nikto2 in Kali Linux

Nikto is an open source web server vulnerabilities scanner, it is written in Perl, publically available since 2011. Nikto provides the hability to search in webservers for wide known vulnerabilites. It does by itself more than 6.400 verifications about potentially dangerous web server flaws. Not every check is a security problem, though most are. There are some items that are "info only" type checks that look for things that may not have a security flaw, but the webmaster or security engineer may not know are present on the server. These items are usually marked appropriately in the information printed. There are also some checks for unknown items which have been seen scanned for in log files. For more information about Nikto,  please visit the official repository of the project at Github here  or  visit the official documentation here . In this article, we will explain you briefly how to use Nikto properly and easily in Kali Linux. How to use it? Nikto is included b...

How to perform a DoS attack "Slow HTTP" with SlowHTTPTest (test your server Slowloris protection) in Kali Linux

Most of web administrators that doesn't care properly about the security of the servers, are often target of attacks that a lot of black hat hackers know how to perform in mass. One of those tricky attacks are the Slow HTTP attacks that target any kind of web server. Let's explain quickly graphically what the attack looks like: It's just, pretty simple right? However for a bad configured server this can be the doom, the hardware won't be pushed up to the limits, however it hangs basically for education ... (bad example i know). Didn't get it ? Imagine sending 100 old grandmas to a store, with all of them trying to tell a story from their childhood to the cashier so that no other customers can buy anything. For education, the cashier won't kick the grandmas out of the store until they end up telling the story. So, how you can perform such attack easily to a server and don't die trying ? The SlowHTTPTest is a highly configurable tool that simulates some Applic...

How to protect your Apache server from DoS attacks (denial-of-service) using the quality of service (QoS) module on Ubuntu 16.04

There are a lot of attacks that can be performed to a server when it's not correctly configured or doesn't expect such kind of attack at all. One of the most known and easy to implement, is the Slowloris attack. This algorithm is designed so that a single machine (Linux/Unix based machine since Windows limits how many sockets you can have open at any given time) can easily tie up a typical web server or proxy server by locking up all of it's threads as they patiently wait for more data. Some servers may have a smaller tolerance for timeouts than others, all depends of your configuration, but the algorithm can compensate for that by customizing timeouts. This kind of attack does not consume a lot of resources or bandwith at all.The load-impact is pretty low, however the http(s) services quits serving really fast. mod_qos provides you with some opportunities to scale the number of used connections on your server to defend it from the attack according to the bandwith limits. T...

How to perform a Man-in-the-middle (MITM) attack with Kali Linux

In this article, you will learn how to perform a MITM attack to a device that's connected in the same Wi-Fi networks as yours. Requirements This article assumes that you know what is a network interface and you know to how to work with Kali Linux and the command line. Before starting, you will need to know the name of the Network interface (installed on your machine) and the IP of the router that provides Wi-Fi access. Attacker Required information Example value (you need to replace these values) Network Interface Name wlan0 Router IP 192.000.000.1 The Network Interface Name can be easily obtained as running the  ifconfig  command on a terminal, then from the list copy the name of the interface that you want to use. The IP of the router can be obtained executing  ip route show  on a terminal and a message like  "default via [This is the router IP]" . From the victim, you will only need the IP (the user needs to be connected to the network provided by the router)...