Author: Xu FC
Platform: Linux kali141 5.3.0-kali1-amd64 #1 SMP Debian 5.3.7-1kali1 (2019-10-21) x86_64 GNU/Linux

概述

Slowhttptest 是一款支持 slowloris / slow body / range attack / slow read 的 slow HTTP DoS 攻击测试攻击。

Slowhttptest 安装

apt install slowhttptest -y

Slowhttptest 参数

root@client_1:/home/xufc/Templates# slowhttptest -h

slowhttptest, a tool to test for slow HTTP DoS vulnerabilities - version 1.7
Usage: slowhttptest [options ...]
Test modes:
  -H               slow headers a.k.a. Slowloris (default)
  -B               slow body a.k.a R-U-Dead-Yet
  -R               range attack a.k.a Apache killer
  -X               slow read a.k.a Slow Read

Reporting options:

  -g               generate statistics with socket state changes (off)
                   // 生成计信息并保存到 html 和 csv 文件中
  -o file_prefix   save statistics output in file.html and file.csv (-g required)
                   // 使用 -g 生成统计信息，指定 html 和 csv 文件名字
  -v level         verbosity level 0-4: Fatal, Info, Error, Warning, Debug
                   // 日志级别

General options:

  -c connections   target number of connections (50)
                   // CC 并发
  -i seconds       interval between followup data in seconds (10) 
                   // 一个请求中，每隔几秒发送一部分数据
  -l seconds       target test length in seconds (240)
                   // 总体测试时间
  -r rate          connections per seconds (50)
                   // 每秒 connection attempt 
  -s bytes         value of Content-Length header if needed (4096)
                   // content-length 值
  -t verb          verb to use in request, default to GET for
                   slow headers and response and to POST for slow body
                   // HTTP request method, slow headers -- GET, slow body -- POST
  -u URL           absolute URL of target (http://localhost/)
                   // 目标URL
  -x bytes         max length of each randomized name/value pair of
                   followup data per tick, e.g. -x 2 generates
                   X-xx: xx for header or &xx=xx for body, where x
                   is random character (32)
                   // name/value 的长度，e.g. -x 2 表示 name = (X-)xx, value=xx, 组合起来 header -- X-xx: xx, body -- &xx=xx
  -f content-type  value of Content-type header (application/x-www-form-urlencoded)
                   // content-type 值
  -m accept        value of Accept header (text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5)
                   // accept 值

Probe/Proxy options:

  -d host:port     all traffic directed through HTTP proxy at host:port (off)
                   // HTTP proxy
  -e host:port     probe traffic directed through HTTP proxy at host:port (off)
  -p seconds       timeout to wait for HTTP response on probe connection,
                   after which server is considered inaccessible (5)

Range attack specific options:

  -a start        left boundary of range in range header (5)
                  // Byte range 起始位置
  -b bytes        limit for range header right boundary values (2000)
                  // Byte range 结束位置

Slow read specific options:

  -k num          number of times to repeat same request in the connection. Use to
                  multiply response size if server supports persistent connections (1)
                  // 支持长连接的情况下，一个 TCP 连接中发送 request 的数量
  -n seconds      interval between read operations from recv buffer in seconds (1)
  -w bytes        start of the range advertised window size would be picked from (1)
                  // TCP window size 范围 最小值
  -y bytes        end of the range advertised window size would be picked from (512)
                  // TCP window size 范围 最大值
  -z bytes        bytes to slow read from receive buffer with single read() call (5)