How to use Exploits From Exploit-Database
Q. what is an exploit ?
a. An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized). Such behavior frequently includes things like gaining control of a computer system, allowing privilege escalation, or a denial-of-service attack.
Today we will learn how to use exploits, we now know what exploits are but the newbies quiet are messed up about their usage, exploits are of various kinds ( local, remote etc) and are coded in different languages ( python, perl, php etc). Today we will learn how can we exploit application layer 7, basically we will use remote exploit to perform denial of service over application layer 7 not the application layer 4 ( syn flood) thats too old school.
# Exploits we will use today –
~ Slowloris…: (Perl based Exploit)
~ HULK ……..: (Python based Exploit)
Slowloris HTTP DoS
Slowloris – the low bandwidth, yet greedy and poisonous HTTP client!
Written by RSnake with help from John Kinsella, IPv6 version by Hugo Gonzalez and a dash of inspiration from Robert E Lee.
You need some packages to be pre installed before you can proceed using the exploit.
Execute the commands –
sudo apt-get install perl-doc
sudo apt-get install libhtml-parser-perl libio-socket-ssl-perl
now grant permissions
chmod +x slowloris.pl
You will get the list of full options available, the one you can genreally use are –
perl slowloris.pl -dns (TARGET) -port 80
[+] HULK – Http Unbearable Load King
HULK is a web server denial of service tool written for research purposes. It is designed to generate volumes of unique and obfuscated traffic at a webserver, bypassing caching engines and therefore hitting the server’s direct resource pool.
DOWNLOAD HULK –
As such the requesired packages are pre installed in your distro so we come to the usage,
Execute these command –
chmod +x hulk.py
you will get to know how to use it, anyways still I tell you
python hulk.py http://target.com
Well now you must get a good idea on how to use exploits.
Story added 4. May 2014, content source with full text you can find at link above.