THC-SSL-DOS is tool to stress test the SSL handshake by triggering processor intensive RSA_encrypt() calls on the server side. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via a single TCP connection.
a559f69caba2886e2be8e9cd6a47cd3c
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments (1)
Here the Update of THC
011-OCT-24 UPDATE:
SSL-DOS released. Some organizations already found out
about this release a while ago and mistakenly identified it as an
SSL-RENEGOTIATION BUG. This is not true. The tool can be modified to work
without SSL-RENEGOTIATION by just establishing a new TCP connection for every
new handshake.
2011-10-26 08:49:26 UTC | Permalink | Reply