Tuesday, October 25, 2011

New DOS tool to Kill SSL servers - Complete Tutorial





A newly released denial-of-service (DOS) tool can be used to bring down SSL servers using an average laptop computer and a standard DSL connection.
The hacking outfit decided to release the tool, called THC-SSL-DOS, now because it has already been leaked online a couple of months ago. "We are hoping that the fishy security in SSL does not go unnoticed. The industry should step in to fix the problem so that citizens are safe and secure again," a THC member said.


It's worth pointing out that even without SSL renegotiation enabled, attackers can still use THC-SSL-DOS successfully against servers. However, such attacks would require more than a single laptop.

"It still works if SSL renegotiation is not supported but requires some modifications and more bots before an effect can be seen," the group noted. "Taking on larger server farms who make use of SSL load balancers required 20 average size laptops and about 120kbit/sec of traffic," it added.

Download THC-SSL-DOS

How it works :

Unzip the downloaded file to any drive.
Change the prompt to the drive in which you have unzipped the tool.
Change directory to thc-ssl-dos.
Now run the exe file. Pass the command thc-ssl-dos to execute it. The figure below demonstrates the above steps.

Now in order to perform attack using this tool , you will have to pass the following command;

thc-ssl-dos TARGET IP --accept
On passing the following command the tool will start its process.
The below figure demonstrates this process.



You can also download the source code and analyse it to have a deeper understanding of the tool.

If you have any queries and suggestions then add your comments below.

DARKLORD!!

13 comments:

  1. @abhinav what is the application of dis tool?????

    ReplyDelete
  2. i also tried it but it only shows handshakes,no of connections,0 error i mean wht is the usage of dis

    ReplyDelete
  3. @ravi : the tool is made to attack SSL websites.

    @Jai : make sure that the website you are targeting has SSL service, ie port 443 open.
    See if this helps.

    ReplyDelete
  4. @abhinav im not understanding what dis port 443 open means...the website i tried has a ssl service for sure... it only shows
    handshakes some value[some no h/s],any no connections,any no error when i tried thc-ssl-dos in it

    ReplyDelete
  5. @jai : There is a possibility that the website has disabled SSL renogotiation. In that case the tool will not work. Try some other server.

    ReplyDelete
  6. Good one Abhi.. - Hari

    ReplyDelete
  7. Last but not the least - When we are publishing anything , be that a document or a screen grab, we always wipe out the usernames, ip addresses , email ids and anything that might be used for retrieving additional information.

    Even location awareness is disabled in my tweets. I hope you understand and next time onwards be careful with these things.

    regards

    ReplyDelete
  8. awsum bhai mast hai ye to ......

    ReplyDelete
  9. Im on the path C:\Users\Petters\Desktop\Ny mappe\DDOS\ddos\ddos>

    Which is where the thc-ssl-dos is located

    I write: cd thc-ssl-dos
    When I do nothing happens... it just stays there. This happens with every program I try to run trough CMD, what is wrong?

    ReplyDelete
  10. The problem might be with your class path and environment settings I believe..Before trying anything big, I would suggest that you first copy a working DOS prompt from your friends system(make sure that you and your friend have the same version of windows) into yours...If the problem still persists then go for environment variables...Please use your identity while commenting..It will help me

    ReplyDelete
  11. As I try to run it, I get access is denied from cmd. Not too sure why. I am running CMD as administrator and path is C:\Users\administrator D:

    ReplyDelete