Proj 17: Slowloris in Python (10 pts.)

What you need

• Any computer with Python. I used a Mac.

Purpose

Task 1: GET in Python (10 pts.)

HEAD Request

import socket
s = socket.socket()

req = """HEAD / HTTP/1.1
Host: ad.samsclass.info

"""

s.connect(("ad.samsclass.info", 80))
s.send(req)
print s.recv(1024)
s.close()

Save the file. Run the code with this command:

python head.py

Viewing a GET Request in Chrome Developer Tools

In Chrome, go to http://ad.samsclass.info/

In Chrome Developer tools, click the Network tab. Scroll to the top. You should see a Name of ad.samsclass.info, as shown below.

In Chrome Developer Tools, click ad.samsclass.info. On the right side, scroll down to see the "Request Headers", as shown below.

In Chrome Developer Tools, in the "Request Headers" section, click "view source".

Highlight the source code, right-click it, and click Copy, as shown below.

GET Request in Python

Open get.py in a text editor. Delete the contents of the "req" variable and paste in the text you copied from Chrome Developer Tools, as shown below.

At the end of the "req" text, insert two carriage returns, as shown below.

Save the file. Run the code with this command:

python get.py

Saving a Screen Image

Capture a whole-desktop image.

YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!

Save the image with the filename "YOUR NAME Proj 17a", replacing "YOUR NAME" with your real name.

Task 2: HTTP Slowloris Attack (10 pts. extra credit)

• Remove one of the carriage returns at the end of the "req"
• Send 100 requests, not just one
• Open a new socket for each request. I recommend Creating a list of objects in Python
• Pause before stopping the program, using either sleep() or a raw_input statement.

http://ad.samsclass.info/server-status

Capture a whole-desktop image showing more than 100 requests being processed, as shown below.

Turning in your Project