search

shekyan / slowhttptest

Application Layer DoS attack simulator
Apache License 2.0
1.51k stars 303 forks source link

support mtls #86

Closed mmmds closed 1 year ago

mmmds commented 1 year ago

Currently the tool does not support servers that require client certificate present. The tool stops with an error Exit status: Connection refused. I've added a possibility to specify client certificate and client key to handle such situations. Cert and keys are set via environment variable because all single character parameter names are taken and I couldn't find an elegant way to handle multi-character parameter names.

PoC: Step 1. Generate server and client self-signed certificates

openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout server-key.pem -out server-cert.pem
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout client-key.pem -out client-cert.pem

Step 2. Run https server requiring mtls

openssl s_server -key server-key.pem -cert server-cert.pem -accept 4443 -Verify 1 -CAfile client-cert.pem -www -tls1_2

Step 3. Run the tool without cert/key pair. The tool stops to work.

./slowhttptest -X -u https://127.0.0.1:4443

Mon Aug 28 19:39:29 2023:
    slowhttptest version 1.9.0
 - https://github.com/shekyan/slowhttptest -
test type:                       SLOW READ
number of connections:           50
URL:                             https://127.0.0.1:4443/
verb:                            GET
cookie:                           
receive window range:            1 - 512
pipeline factor:                 1
read rate from receive buffer:   5 bytes / 1 sec
connections per seconds:         50
probe connection timeout:        5 seconds
test duration:                   240 seconds
using proxy:                     no proxy 

Mon Aug 28 19:39:29 2023:
slow HTTP test status on 0th second:

initializing:        0
pending:             1
connected:           0
error:               0
closed:              0
service available:   YES
Mon Aug 28 19:39:30 2023:
Test ended on 1th second
Exit status: Connection refused

Step 4. Run the tool with cert/key pair. The tool continues to work and successfully conducts the attack.

SSL_CERT=/home/mmm//slowhttptest/client-cert.pem SSL_KEY=/home/mmm/slowhttptest/client-key.pem ./slowhttptest -X -u https://127.0.0.1:4443

Mon Aug 28 19:40:34 2023:
    slowhttptest version 1.9.0
 - https://github.com/shekyan/slowhttptest -
test type:                       SLOW READ
number of connections:           50
URL:                             https://127.0.0.1:4443/
verb:                            GET
cookie:                           
receive window range:            1 - 512
pipeline factor:                 1
read rate from receive buffer:   5 bytes / 1 sec
connections per seconds:         50
probe connection timeout:        5 seconds
test duration:                   240 seconds
using proxy:                     no proxy 

Mon Aug 28 19:40:34 2023:
slow HTTP test status on 10th second:

initializing:        0
pending:             49
connected:           1
error:               0
closed:              0
service available:   NO
shekyan commented 1 year ago

Thank you!