Apache (all) Unclean Header DDoS
Found By Slavik453 of http://www.slavik453.net

An overload of traffic in all versions of Apache Webserver can be caused by using a multi-thread HTTP query software and Opera 3.6's headers.

Execution:

I will use HTTPGetter as an example query software. http://www.intervelopers.com/http-getter/

Open HTTPGetter and select a thread count above 800.

Select the "Agent" tab and select Opera 3.6

Enter a URL and click start.

This has been tested and patched independendly by 2 web hosts.

There is no offical patch availible.

This bug has not yet been reported to Apache.

enjoy and have fun

very nice
thank you

Thx for the info m8

I will try this.

seems to work very effectivly..

thanks

buz

heheh bbone fell easy :)

hey man it was nice thx
me and my friend with 2 28.kb dialing modems could dos a persian security site which the admin is my friend !!!!

he was suprised

and im tooo

c u

thanks for the info, but it didnt work for me...

Nice, like this one, it works perfectly

oh by the way i have to say i was goin to try the others in agent tab

the opera 5.11 with thread 400 with two 28.k dialing modems gimme the ame result

and also the getright with the thread 600 with one 28.k dialing modems seems to work to (about 20 req/sec)

hey all i found some thing new about the IIS

with that prog i chose the agent MS-IE 5.5
and thered 750

then i use it on local network target :win2k advance server sp4 + IIS5
after 3 mins it was down.

the results are amazing !!!!!

so nice

it works very good man, so (filtered) good! thanks

hey i tried this some time ago, i saw it somewhere else.
I had no luck. I was doing it over the network to a friends apache running on what i think is win XP. That program ran for a while and then i started to get problems and it would crash. and my friends site was still up. What else can i use?