How It Works?
THC-SSL-DOS exploits this asymmetric property by overloading theserver and knocking it off the Internet.This problem affects all SSL implementations today. The vendors are awareof this problem since 2003 and the topic has been widely discussed.This attack further exploits the SSL secure Renegotiation featureto trigger thousands of renegotiations via single TCP connection.
Download:
Windows binary: thc-ssl-dos-1.4-win-bin.zip
Unix Source : thc-ssl-dos-1.4.tar.gz
Usage:
./thc-ssl-dos Target 443 or any other SSL enabled port.
Countermeasures:
As this is protocol based flaw it cannot be completly avoided, but the best mitigation technique is to disable SSL-Renegotiation as the exploit purely targets SSL-Renegotiation.
Subscribe to our Newsletter and receive updates directly via email - Get Ethical hacking and security tips directly to your inbox. Alternatively you can Join our Hackers Community on Facebook, Google+ and Twitter.
Tags:
Hacking News
Kindly Bookmark it and Share it with Friends:
3 comments:
Nice tut rafay !!!
plzz upload a tut about hacking "shop admin"
hey i jst double clicked on tat, exe file in my own pc after i downloaded the winzip file unfortunately, so plz could u tell me hw to get rid of it now, tnx ion advance :(
Its Amazing