
每天都会收到阿里云推送的短信,说服务器被攻击了。突生想法,自己试试来对自己服务器做压力测试。到 GitHub 搜了一圈,发现了一个叫 GoldenEye 的项目。和大家分享一下,体验一把当 Hacker 的瘾。不过只会 DOS 攻击的是伪 Hacker ,粗鲁霸道,想要成为一名真正的 Hacker 还是要深入学习。
GoldenEye is an python app for SECURITY TESTING PURPOSES ONLY!
GoldenEye is a HTTP DoS Test Tool.
Attack Vector exploited: HTTP Keep Alive + NoCache
该项目只用于 DOS 测试,请勿作他用!
测试环境: Centos 7.2
具体步骤如下:
yum install git wget -y
wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm
rpm -ivh epel-release-7-9.noarch.rpm
yum install tor -y
git clone https://github.com/jseidl/GoldenEye.git
cd GoldenEye
chmod +x goldeneye.py
service tor start
./goldeneye.py [OPTIONS]
用法也很简单
USAGE: ./goldeneye.py [OPTIONS]
OPTIONS:
Flag
Description
Default
-u, –useragents
File with user-agents to use
(default: randomly generated)
-w, –workers
Number of concurrent workers
(default: 50)
-s, –sockets
Number of concurrent sockets
(default: 30)
-m, –method
HTTP Method to use ‘get’ or ‘post’ or ‘random’
(default: get)
-d, –debug
Enable Debug Mode [more verbose output]
(default: False)
-h, –help
Shows this help
“Strikes Deffered” variable saying what number of strikes was blocked or crashed. In brackets says what number of connection timed out was responded (or responded error 500).
示范:./goldeneye.py https://127.0.0.1 -w 200 -s 100
开始测试之后,注意 Strikes Deffered 提示,这个代表了攻击阻碍或崩溃的数量。圆括号里的数字则表示链接超时或者 error 500 的数量。
git clone https://github.com/zyl6698/Goldendos && cd Goldendos
chmod +x hack1.0.sh
./hack1.0.sh
食用愉快!
在树莓派上同样运行成功,有设备的同学可以尝试一下。
再次申明:该项目只能用于学习测试,不能用于其他!
1746
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
