THC is The Hacker’s Choice. They are a group of hackers from Germany. Thc-SSL-dos is used for checking whether a website or server is enabled with SSL-renegotiation, thereby checking for renegotiation vulnerability (CVE-2009-3555).
SSL renegotiation is the process of renegotiating a client at the time of authentication. This tools sends SSL requests(Client Hello) to a webserver & then rejects the reply from the server(Server Hello) multiple times.
So eventually when the server tries to renegotiate during authentication, the client rejects it and thereby crashes the server making it a Denial of Service attack.
Also, this proves that the server is vulnerable to SSL-renegotiation vulnerability.
Homepage: http://www.thc.org/thc-ssl-dos
Syntax: thc-ssl-dos <options> ip port -h -Help -l <n> Limit parallel connections [default: 400]
NOTE: This lab causes a DOS attack, it may temporary disable your target. Please use this tool wisely. Never use it on a company network without an agreement.
In this lab, we perform a dos attack on the https login page of the router web-based control panel. The SSL-dos sends requests to the SSL/HTTPS server.
When receiving acknowledgments, it rejects before handshake occurs. Thus the server tries again & again if SSL-renegotiation is enabled. Here the router ip is 192.168.1.1 and HTTPS login page is running on port 443
Command: thc-ssl-dos 192.168.1.1 443 –accept
Now try to login to the page https://192.168.1.1 <replace with yours>
References:
garak checks if an LLM can be made to fail in a way we don't…
Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration…
ADCFFS is a PowerShell script that can be used to exploit the AD CS container…
Tartufo will, by default, scan the entire history of a git repository for any text…
Loco is strongly inspired by Rails. If you know Rails and Rust, you'll feel at…
A data hoarder’s dream come true: bundle any web page into a single HTML file.…