As a guideline, the main concept of HULK, is to generate Unique requests for each and every request generated, thus avoiding/bypassing caching engines and effecting directly on the server’s load itself." this can be optimized much much further, but as a proof of concept and generic guidance it does its job. "Enforcing Python’s engines, I wrote a script that generates some nicely crafted unique Http requests, one after the other, generating a fair load on a webserver, eventually exhausting it of resources. Some, although elegant, lack the horsepower to really put a system on its knees," he wrote in his notes on HULK. too easy to predict the next request that is coming, and therefor mitigate. "For a while now, I have been playing with some of the more exotic tools, finding that their main problem is always the same… they create repeatable patterns. The HULK DDoS tool is the work of Barry Shteiman, a security pro who developed it out of frustration with the obvious patterns produced by other such tools. Instead, HULK generates numerous unique requests designed to prevent server defenses from recognizing a pattern and filtering the attack traffic. The HULK ( HTTP Unbearable Load King) DDoS tool is somewhat different from others of its ilk in that it doesn't simply hammer a server with a massive load of TCP SYN requests or other predictable packets. Enter HULK, a new DDoS tool that arrives just in time to coincide with the release of some movie involving the actual Hulk and other CGI-ified mediocre-heroes. But, the Internet being what it is, there's always room for one more. It is designed to generate volumes of unique and obfuscated traffic at a webserver, bypassing caching engines and therefore hitting the server's direct resource pool.įor the aspiring attacker or pen tester, there is no shortage of attack tools, scripts, crimeware kits and exploits available online. HULK is a web server denial of service tool written for research purposes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |