slowloris example.com
Traceback (most recent call last):
File "/usr/local/bin/slowloris", line 7, in
from slowloris import main
File "/usr/local/lib/python3.5/dist-packages/slowloris.py", line 108
line = f"{line}\r\n"
^
SyntaxError: invalid syntax

hello this is amazing tool but i was just wondering how do you stop the attack, i just turned off the command prompt but is that he proper way to stop the attack?

└─# python3 SlowLoris.py fxxxxx.com 80 100 10
Traceback (most recent call last):
File "/home/kali/Downloads/Slow-Loris/SlowLoris.py", line 66, in
main()
File "/home/kali/Downloads/Slow-Loris/SlowLoris.py", line 41, in main
next(bar)
TypeError: 'Bar' object is not an iterator

I tried using some proxies, but always get "Timeout" exception. Using same proxy with requests module - works. Or if I use with '--https' argument it just hangs, nothing happens.

How'd i do this

I am getting a error when trying to install slowloris with the provided pip3 command, the error is provided below, am I missing something here

can't open file 'slowloris': [Errno 2] No such file or directory
when i was using HOIC
Please help

root@kali:~# sudo apt-get update Hit:1 https://download.mono-project.com/repo/ubuntu vs-bionic InRelease Hit:2 http://ftp.harukasan.org/kali kali-rolling InRelease Reading package lists... Done root@kali:~# sudo apt-get install python Reading package lists... Done Building dependency tree Reading state information... Done python is already the newest version (2.7.17-2). 0 upgraded, 0 newly installed, 0 to remove and 692 not upgraded. root@kali:~# git clone https://github.com/gkbrk/slowloris.git Cloning into 'slowloris'... remote: Enumerating objects: 8, done. remote: Counting objects: 100% (8/8), done. remote: Compressing objects: 100% (6/6), done. remote: Total 106 (delta 2), reused 4 (delta 2), pack-reused 98 Receiving objects: 100% (106/106), 19.53 KiB | 571.00 KiB/s, done. Resolving deltas: 100% (49/49), done. root@kali:~# sudo cd slowloris & then type chmod u+x setup.py -bash: syntax error near unexpected token then'
root@kali:# sudo cd slowloris
sudo: cd: command not found
root@kali:# cd slowloris
root@kali:/slowloris# chmod u+x setup.py
root@kali:/slowloris# python setup.py install
/usr/lib/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'entry_points'
warnings.warn(msg)
running install
running build
running build_py
creating build
creating build/lib.linux-x86_64-2.7
copying slowloris.py -> build/lib.linux-x86_64-2.7
running install_lib
copying build/lib.linux-x86_64-2.7/slowloris.py -> /usr/local/lib/python2.7/dist-packages
byte-compiling /usr/local/lib/python2.7/dist-packages/slowloris.py to slowloris.pyc
running install_egg_info
Writing /usr/local/lib/python2.7/dist-packages/Slowloris-0.2.1.egg-info
root@kali:/slowloris# python slowloris 45.127.101.81
python: can't open file 'slowloris': [Errno 2] No such file or directory
root@kali:/slowloris#`

while import slowloris or run .py file raise this error

s.send("GET /?{} HTTP/1.1
                             ^
SyntaxError: EOL while scanning string literal

Hello.
I have tried to use the script in my personal computer and the output was like:
Sending keep-alive header
Socket count: 0

The command I'm using is:
slowloris.py IP -p 80 -s 150

The weird thing the script works perfectly for my friend but for me no.
Any help will be appreciated.

no description provided

It always send 0 socket, how can I fix this? I'm testing a website.

When I use proxy with slowloris, slowloris doesn't write anything to console and the test doesn't work.
Couldy anyone please tell me, what I am doing wrong? Or add some command examples? Thank you.

My command: slowloris [website address] -x --proxy-host [proxy IP] --proxy-port [proxy port, in my case 80]

I don't know why it happened. I was tryna dos a server with 1k sockets fsr and it came up to this in a few moments

Does this hide my IP address?

What am I doing wrong?

I didn't find a good documentation whether it works on litespeed or not?
Anyone any idea or experience?

Is it possible to disable ipv6 and enable ONLY ipv4 in Slowloris?

socket 0 hatası alıyorum başkan -v komutunuda ekleyince name or service not knov hatası alıyorum

I tried on apache2 with index.html default page, sockets getting created but not issues with webpage. Can someone please recommend me the demo webapp on which I can try simulation?

I wanted to see if one of my Apache websites is vulnerable and when I ran it, it just keeps saying socket: 0. My Apache configuration uses the event mpm with 50 threads per process and about 12 processes. Either I'm doing it wrong, or I think Apache might've finally fixed the issue. I am using Apache v2.4.41.

Can someone please confirm?

It seems that the socket count on mac is 247, idk how to fix or if it is a bug.

Also don't worry this is my own website I am testing it on.

I am using slowloris on local server web app but it's not showing packets in wireshark

At line 167 you send some data with sockets to keep the connections alive: "X-a: " followed by some random numbers. Is this actually random data or "X-a:" means something? Thank you!

I recommend using the SOCKS5 parameters as -x 127.0.0.1:9050 instead of using -x --proxy-host 127.0.0.1 --proxy-port 9050.
I'll start coding about that if it's approved.

[root@localhost slowloris]# python3 slowloris.py -p=443 --https 172.19.6.213
[21-01-2021 14:08:15] Importing ssl module
[21-01-2021 14:08:15] Attacking 172.19.6.213 with 150 sockets.
[21-01-2021 14:08:15] Creating sockets...
Traceback (most recent call last):
File "slowloris.py", line 217, in
main()
File "slowloris.py", line 181, in main
s = init_socket(ip)
File "slowloris.py", line 161, in init_socket
s.send_line(f"GET /?{random.randint(0, 2000)} HTTP/1.1")
AttributeError: 'SSLSocket' object has no attribute 'send_line'

py -3 --version
Python 3.10.2

It might be useful to automatically populate the program configuration if a URL is passed instead of a naked domain.

This will be very convenient to use, while also resolving a common user error of passing URLs instead of domains.

It'd be better if the documentation had more info than "can be used to modify the scripts behaviour".

s.connect((ip,80)) (line 57 in slowloris.py) should look like this s.connect((ip,args.port)), otherwise user can't specify port.

I used this script to attack my server and did not kill the server. Is it a problem with my usage?

There is some code repetition for formatting and sending the headers. It might be worth extracting that to a helper function.

i have cloned the code but i dont know how to get it to run. can you please help me? and yes i've read the stuff in your text

C:\Users\ASUS\Downloads\slowloris-master>py slowloris.py HIDDEN IP -s 500
[02-09-2021 10:24:46] Attacking HIDDEN IP with 500 sockets.
[02-09-2021 10:24:46] Creating sockets...
[02-09-2021 10:24:50] Sending keep-alive headers... Socket count: 0
[02-09-2021 10:25:09] Sending keep-alive headers... Socket count: 0
[02-09-2021 10:25:28] Sending keep-alive headers... Socket count: 0

There is a syntax error or line 108 keeping it from executing

I have a web server hosted on 192.168.1.103:3000, I used

pi@ciscoPi1:~ $ slowloris 192.168.1.103 -p 3000 -v -s 5000

to attack the server from a raspberry pi. I received this back into the console:

[22-05-2022 23:42:55] [Errno 24] Too many open files [22-05-2022 23:42:55] Sending keep-alive headers... Socket count: 1021 [22-05-2022 23:42:55] Recreating socket... [22-05-2022 23:42:55] [Errno 24] Too many open files [22-05-2022 23:42:55] Sleeping for 15 seconds

after 1021 sockets. It rested 15 seconds then sent another 1021 sockets. This process repeated for about 40 minutes while I did other things, and my web server was fine.

When I specify a port number, is it specifying the data's exit point (my device) or entry point (webserver)? Do I need to type :3000 at the end of the IP? How long should a successful attack take?

Also, I'm using a node.js server with a simple HTTP input form. It sends the data back to a database and then prints a response on 192.168.1.103:3000/auth. I attempted a RUDY attack using software I found on GitHub and couldn't get it working either.

Thanks for any help!

It would be cool not to depend on PySocks if it can be avoided with a small amount of code.

asyncio should be convenient for the code, but I am not sure which versions of Python have it. I don't want to tie the project to something too new.

Threading can be implemented easily, but scaling might be tricky if we have one thread per connection and people want to keep 1000 connections. Probably fine though.

When running with a command line like:
python3 slowloris.py -s 100 -v -ua -p 443 --https example.com

If the remote target has strict requirements for SNI hostname checks then the connection can fail with:

[SSL: WRONG_VERSION_NUMBER] wrong version number

The fix was to use Python3 library methods to change
s = ssl.wrap_socket(s)

to

context = ssl.create_default_context()
s = context.wrap_socket(s,server_hostname=ip)

Heyyy, um, not sure if it's an error or if it's normal but when I attack a website (I got permission ;), it's my own) I get: Sending keep-alive headers... Socket count: 0, the website is running on apache, it seems like it disconnects all the sockets :/

Is this normal?
,
Eli

EDIT:

tried too with -ua (random user agent)

I am new to python and I was not able to get the slowloris.py script to work until I added main() to the bottom. Is this a required step that's missing from the documentation?

I am invoking it as python3 ./slowloris.py 10.0.0.2

how do i set the proxy ? i tried installing it. it wont work

Some people have trouble running this due to very old Python versions bundled with their distros. We can bundle a recent Python along with slowloris to make it easier to install.

Maximum 1021 sockets are created during execution in Ubuntu server 16.04 Linux 4.4.0-116 Python 2.7.12
command used:
sudo ./slowloris.py -p 80 -s 2000 -v -ua A.B.C.D

results this:

 Attacking A.B.C.D with 10 sockets.
[16-05-2018 15:48:53] Creating sockets...
[16-05-2018 15:48:53] Creating socket nr 0
[16-05-2018 15:48:53] Creating socket nr 1
[16-05-2018 15:48:53] Creating socket nr 2
[16-05-2018 15:48:53] Creating socket nr 3
.
.
.
Creating socket nr 1017
[16-05-2018 15:45:28] Creating socket nr 1018
[16-05-2018 15:45:28] Creating socket nr 1019
[16-05-2018 15:45:28] Creating socket nr 1020
[16-05-2018 15:45:28] Creating socket nr 1021
[16-05-2018 15:45:28] Sending keep-alive headers... Socket count: 102