漏洞平台

POC详情： 0e710d535e8f86709a90254bbe0fd694136c5d31

来源

https://github.com/secengjeff/rapidresetclient

关联漏洞

标题： Apache HTTP/2 资源管理错误漏洞 (CVE-2023-44487)
描述：HTTP/2是超文本传输协议的第二版，主要用于保证客户机与服务器之间的通信。 Apache HTTP/2存在安全漏洞。攻击者利用该漏洞导致系统拒绝服务。以下产品和版本受到影响：.NET 6.0,ASP.NET Core 6.0,.NET 7.0,Microsoft Visual Studio 2022 version 17.2,Microsoft Visual Studio 2022 version 17.4,Microsoft Visual Studio 2022 version 17.6,Micros

描述

Tool for testing mitigations and exposure to Rapid Reset DDoS (CVE-2023-44487)

介绍

# Rapid Reset Client

Rapid Reset Client is a tool for testing mitigations and exposure to CVE-2023-44487 (Rapid Reset DDoS attack vector). It implements a minimal HTTP/2 client that opens a single TCP socket, negotiates TLS, ignores the certificate, and exchanges SETTINGS frames. The client then sends rapid HEADERS frames followed by RST_STREAM frames. It monitors for (but does not handle) server frames after initial setup, other than to send to stdout. This functionality is easily removed from source if it's too annoying. 

## Prerequisites

- [Go](https://golang.org/dl/)

Tested on go1.21.3 on arm64.  

## Installation

### Clone the Repository

```
git clone https://github.com/secengjeff/rapidresetclient.git
```

### Installing

```
cd rapidresetclient

go get golang.org/x/net/http2

go get golang.org/x/net/http2/hpack

go build -o rapidresetclient
```

### Flags

- `requests`: Number of requests to send (default is 5)

- `url`: Server URL (default is `https://localhost:443`)

- `wait`: Wait time in milliseconds between starting workers (default is 0)

- `delay`: Delay in milliseconds between sending HEADERS and RST_STREAM frames (default is 0)

- `concurrency`: Maximum number of concurrent workers (default is 0)

### Example

Send 10 HTTP/2 requests (HEADERS and RST_STREAM frames) over a single connection to https://example.com using 5 workers, a 10 ms delay between sending HEADERS and RST_STREAM frames, and a wait time of 100 ms between each invocation.

```
./rapidresetclient  -requests=10  -url  https://example.com  -wait=100  -delay=10 -concurrency=5
```

## Built With

- [http2](https://pkg.go.dev/golang.org/x/net/http2) - Package that exposes low-level HTTP/2 primitives

- [http2/hpack](https://pkg.go.dev/golang.org/x/net/http2/hpack) - HTTP/2 header compression package

## Authors

-  Jeffrey  Lyon  -  *Initial  release*  - @secengjeff

See also the list of [contributors](https://github.com/secengjeff/rapidresetclient/contributors)

## License

This project is licensed under the Apache License - see the [LICENSE](LICENSE) file for details

## Acknowledgments

This work is based on the [initial analysis of CVE-2023-44487](https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack) by Juho Snellman and  Daniele Iamartino at Google.

文件快照


 [4.0K]  /data/pocs/0e710d535e8f86709a90254bbe0fd694136c5d31
├── [ 519]  CHANGELOG.md
├── [ 138]  go.mod
├── [ 308]  go.sum
├── [ 11K]  LICENSE
├── [4.6K]  main.go
└── [2.3K]  README.md

0 directories, 6 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。