Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: THC SSL DOS tool released
From: coderman <coderman () gmail com>
Date: Wed, 2 Nov 2011 14:07:36 -0700

On Wed, Nov 2, 2011 at 1:21 AM, Marc Heuse <mh () mh-sec de> wrote:
still you dont need a gpu, even with renegotiation disabled and hardware
acceleration present.
Just don't use openssl (or similar libraries).


reminds me of the vanity onion generator shallot. you could do this
with legitimate keys and take forever, or you could generate weak keys
quickly to find a prefix in reasonable time.

(in this case, legitimate handshakes are not strictly required for
testing, but it would be nice to keep that option. for example,
establishing an upper bound of concurrent SSL/TLS connections for load
balancer / server benchmarks. it takes me forever to do this in
software. i can actually stress with hardware acceleration performing
full handshakes. i've had to test upwards of 1.5MM concurrent sessions
per endpoint on such systems; this is not a theoretical need :)

and the thc-ssl-dos is a proof of concept code, and could be enhanced to
do be more effective too.

since we're on the subject:

- cipher suite probing to find un-accelerated suites or more
computationally expensive suites supported by a target.

- client certificate support (with either static|fixed, pre-generated,
or on-demand client cert generation)

regardless, this is a handy tool. even if i have to manually edit out
the script kiddie pisser. :P

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]