NSE script for web infrastructure testing

[Michael Pattrick <mpattrick () rhinovirus org>]

Last night I wrote a small script to test how well a target HTTP
server can handle load. This script starts off by flooding a server
with SYN packets, and then proceeds to respond to every SYN-ACK it
sniffs with an ACK and then an HTTP GET. Thus simulating thousands of
concurrent connections.

Apache usually hits the MaxClients limit after a few seconds.

Because I use raw sockets, you have to apply a firewall rule to
prevent your operating system from interfering with this script, the
following iptables rule should do the trick:
iptables -A OUTPUT --dst <target> --protocol tcp --tcp-flags RST RST -j DROP

This script is pretty rough and it technically never exits, I plan on
fixing all the warts later. I may even add support for other protocols
if anyone is interested in this.

I made some small changes to packet.lua and nse_nmaplib.cc to make
things easier for me, if these changes are totally off the mark I can
easily write most of them out.

Cheers,
Michael Pattrick
https://www.rhinovirus.org/math

Attachment: ndos.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org