nielsvanderbeke

Slow HTTP attacks are denial-of-service (DoS) attacks in which the attacker sends HTTP requests in pieces slowly, one at a time to a Web server. If an HTTP request is not complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data. When the server’s concurrent connection pool reaches its maximum, this creates a DoS. Slow HTTP attacks are easy to execute because they require only minimal resources from the attacker.

Attack exploits the fact that most of modern web servers are not limiting the connection duration if there is a data flow going on, and with possiblity to prolong TCP connection virtually forever with zero or minimal data flow by manipulating TCP receive window size value, it is possible to acquire concurent connections pool of the application. Possibility to prolong TCP connection is described in several vulnerability reports: MS09-048, CVE-2008-4609, CVE-2009-1925, CVE-2009-1926 .

Prerequisites for the successful attack are: - victim serve

nielsvanderbeke

Libraries

• jQuery - The de-facto library for the modern age. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers.
• Backbone - Backbone.js gives structure to web applications by providing models with key-value binding and custom events, collections with a rich API of enumerable functions, views with declarative event handling, and connects it all to your existing API over a RESTful JSON interface.
• AngularJS - Conventions based MVC framework for HTML5 apps.
• Underscore - Underscore is a utility-belt library for JavaScript that provides a lot of the functional programming support that you would expect in Prototype.js (or Ruby), but without extending any of the built-in JavaScript objects.
• lawnchair - Key/value store adapter for indexdb, localStorage

nielsvanderbeke

sudo mkdir /mnt/media
sudo sh -c 'echo "//<ip synology>/media /mnt/media cifs user,uid=pi,gid=users,rw,suid,credentials=/etc/cifspwd 0 0" >> /etc/fstab'

sudo sh -c 'echo username=raspbmc > /etc/cifspwd'
sudo sh -c 'echo password=<password> >> /etc/cifspwd'

nielsvanderbeke

documentation

• http://www.oracle.com/technetwork/java/javase/tech/vmoptions-jsp-140102.html
• http://middlewaremagic.com/weblogic/?p=8338%29
• http://jyates.github.io/2012/11/05/rolling-java-gc-logs.html

jvm parameters

-Xloggc: -XX:-UseGCLogFileRotation -XX:GCLogFileSize=10M

" -XX:+PrintVMOptions -XX:+PrintAdaptiveSizePolicy -XX:AdaptiveSizePolicyOutputInterval=1" " -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -Xloggc://serve-gc.log -XX:-UseGCLogFileRotation -XX:NumberOfGClogFiles=50 -XX:GCLogFileSize=10M"

nielsvanderbeke

curl  -sLe ';auto' -k -d 'email=niels.vanderbeke@gmail.com' -d "keuze=EA" -d "netbeheerdere=Imea" -d "netbeheerderg=Imea" -d "tarief=TV" -d "tarief2=VER" -d "postcode=2570" -d "zipcodeid=2823" -d "gezinsleden=2"  -d "tariefdag=1600" -d "tariefnacht=1900" -d "verbruik=23000" -d "javascript:submitForm();" 'http://vtest.vreg.be/hh/resultaat.asp' > vreg.html

nielsvanderbeke

#!/bin/sh
######################################################################
# script getMealVoucherSaldo.sh
# purpose Get meal voucher saldo from monizze card
# author Niels Vanderbeke
# date 20140108
# parameters none
# changed at 20140108
# changed by Niels Vanderbeke
######################################################################

nielsvanderbeke

#!/bin/sh
######################################################################
# script telemeter.sh
# purpose Get internet usage indicator telenet using telemeter webservice
# author Niels Vanderbeke
# date 20140103
# parameters none
# changed at 20140103
# changed by Niels Vanderbeke
######################################################################

nielsvanderbeke

# request.xml
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wst="http://sensedia.com/repository/wstoolkit">
   <soapenv:Header>
       <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
           <wsse:UsernameToken wsu:Id="UsernameToken-1">
               <wsse:Username>system</wsse:Username>
               <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">manager</wsse:Password>
               <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">DWk64SMfJ6RxHAKgPRGtPA==</wsse:Nonce>
               <wsu:Created>2013-04-17T18:36:54.013Z</wsu:Created>
           </wsse:UsernameToken>

nielsvanderbeke

#short cut to open file in gui notepad++
np ()
{
    /cygdrive/c/Program\ Files/Notepad++/notepad++.exe $* &
}

#short cut to open gui winscp
winscp ()
{

nielsvanderbeke

one-liner
=======================
echo "cat //*[local-name()='domain']/*[local-name()='server']/*[local-name()='name']/text()"| xmllint --shell config.xml | grep -v "/ >" | grep -v " -------"

in shell mode
=======================
xmllint --shell config.xml

/ > setns x=http://xmlns.oracle.com/weblogic/domain