This script was written by Christian Mehlmauer <FireFart@gmail.com> https://twitter.com/#!/_FireFart_ Sourcecode online at: https://github.com/FireFart/HashCollision-DOS-POC Original PHP Payloadgenerator taken from https://github.com/koto/blog-kotowicz-net-examples/tree/master/hashcollision http://www.ocert.org/advisories/ocert-2011-003.html CVE: Apache Geronimo: CVE-2011-5034 Oracle Glassfish: CVE-2011-5035 PHP: CVE-2011-4885 Apache Tomcat: CVE-2011-4858 requires Python 2.7 Examples: -) Make a single Request, wait for the response and save the response to output0.html python HashtablePOC.py -u https://host/index.php -v -c 1 -w -o output -t PHP -) Take down a PHP server(make 500 requests without waiting for a response): python HashtablePOC.py -u https://host/index.php -v -c 500 -t PHP -) Take down a JAVA server(tested with Tomcat and Glassfish; make 500 requests without waiting for a response, maximum POST data size 2MB): python HashtablePOC.py -u https://host/index.jsp -v -c 500 -t JAVA -m 2 Changelog: v6.0: Added Javapayloadgenerator v5.0: Define max payload size as parameter v4.0: Get PHP Collision Chars on the fly v3.0: Load Payload from file v2.0: Added Support for https, switched to HTTP 1.1 v1.0: Initial Release
firefart/HashCollision-DOS-POC
Proof of Concept for the PHP and JAVA Hashcollision Denial of service attack
Python