This is a fork from the original thc-ssl-dos tool written by The Hacker's Choice in 2011.
Original source code was found in Kali Linux repository here https://gitlab.com/kalilinux/packages/thc-ssl-dos
This fork supports all SSL/TLS implementations, UDP protocol (using DTLS) and both renegotiation and reconnect attacks.
It also includes a docker lab to test the exploit.
Same instructions as for original tool:
./configure
make all
src/thc-ssl-dos -h
- Code refactoring (more readable IMHO)
- SSL/TLS connection protocol choice (using
-por--protocoloption) - Cipher list choice (using
-cor--cipheroption) - Reconnect attack (using
-ror--reconnectoption) - UDP protocol support (using
DTLSv1orDTLSv1_2on protocol choice) - SOCKS5 proxy support (using
-sor--socks-proxyoption)
- A docker lab (using
docker-compose) to test the exploit (Tomcat 6.0.48 with self-signed SSL certificate, TLS1.2 and Secure Client-Initiated Renegotiation enabled) - A little script to launch infinite instances to flood target and a oneliner to kill all spawned instances
One thing i still have to do is implement multithreading, in order to spawn multiple threads to attack target, but this will require a lot of time...