Tuesday, November 15, 2011

THC-SSL-DoS on BackTrack5

One Oct 24, 2011, The Hacker Choice (THC) released a DoS tool that targeting vulnerable SSL/https servers. Here's how I compile it on BT5 together with a modified version.

First, I download the modified version of thc-ssl-dos.c from http://pastebin.com/bKLue33XInstead of conducting a real DoS attack, the modified version will merely check if the target server vulnerable or not.

Secondly, I have to install the libssl-dev. I download the latest copy of OpenSSL and point the configure script to the libraries.


# tar zxvf openssl-1.0.0e.tar.gz
# cd openssl-1.0.0e
# make
# cd ../thc-ssl-dos-1.4
# ./configure --prefix=/opt/thc-ssl-dos --with-includes=/opt/openssl-1.0.0e/include/ --with-libs=/opt/openssl-1.0.0e/
# make
# cd /opt/thc-ssl-dos/src

# ./thc-ssl-dos 
     ______________ ___  _________
     \__    ___/   |   \ \_   ___ \
       |    | /    ~    \/    \  \/
       |    | \    Y    /\     \____
       |____|  \___|_  /  \______  /
                     \/          \/
            http://www.thc.org


          Twitter @hackerschoice


Greetingz: the french underground


./thc-ssl-dos [options] 
  -h      help
  -l   Limit parallel connections [default: 400] 



# mv /opt/thc-ssl-dos /opt/thc-ssl-dos-attack
# cd ..

# tar zxvf thc-ssl-dos-1.4.tag.gz

# cd ../thc-ssl-dos-1.4/src
# cp /opt/SSL_Renegotiation_Check_-_thc-ssl-dos.c_modification.txt thc-ssl-dos.c
# ..
# ./configure --prefix=/opt/thc-ssl-dos --with-includes=/opt/openssl-1.0.0e/include/ --with-libs=/opt/openssl-1.0.0e/
# make
# cd ..
# mv /opt/thc-ssl-dos /opt/thc-ssl-dos-check