Siege: test squirrelmail
Jump to navigation
Jump to search
Sadap menggunakan wireshark untuk dapat semua parameter yang dibutuhkan. Saat login ke squirrelmail akan tampak
Frame 2223: 709 bytes on wire (5672 bits), 709 bytes captured (5672 bits) on interface 0 Linux cooked capture Internet Protocol Version 4, Src: 192.168.88.82, Dst: 192.168.88.240 Transmission Control Protocol, Src Port: 50376, Dst Port: 80, Seq: 1, Ack: 1, Len: 641 Hypertext Transfer Protocol POST /squirrelmail/src/redirect.php HTTP/1.1\r\n Host: 192.168.88.240\r\n User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:59.0) Gecko/20100101 Firefox/59.0\r\n Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n Accept-Language: en-US,en;q=0.5\r\n Accept-Encoding: gzip, deflate\r\n Referer: http://192.168.88.240/squirrelmail/src/login.php\r\n Content-Type: application/x-www-form-urlencoded\r\n Content-Length: 77\r\n Cookie: SQMSESSID=jd0tis57a3hmp846rurn28rop7; PHPSESSID=cu6ai52hnttq3s4fpvotkos3a0\r\n Connection: keep-alive\r\n Upgrade-Insecure-Requests: 1\r\n \r\n [Full request URI: http://192.168.88.240/squirrelmail/src/redirect.php] [HTTP request 1/3] [Response in frame: 2225] [Next request in frame: 2232] File Data: 77 bytes HTML Form URL Encoded: application/x-www-form-urlencoded Form item: "login_username" = "onno" Form item: "secretkey" = "123456" Form item: "js_autodetect_results" = "1" Form item: "just_logged_in" = "1"
attack
siege --content-type='application/x-www-form-urlencoded' --header='Referer: http://192.168.88.240/squirrelmail/src/login.php' --header='Cookie: SQMSESSID=jd0tis57a3hmp846rurn28rop7; PHPSESSID=cu6ai52hnttq3s4fpvotkos3a0' -d1 -r10 -c25 'http://192.168.88.240/squirrelmail/src/redirect.php POST login_username=onno&secretkey=123456&js_autodetect_results=1&just_logged_in=1' --time=10s
Hasil
Transactions: 0 hits Availability: 0.00 % Elapsed time: 9.47 secs Data transferred: 0.00 MB Response time: 0.00 secs Transaction rate: 0.00 trans/sec Throughput: 0.00 MB/sec Concurrency: 17.70 Successful transactions: 200 Failed transactions: 0 Longest transaction: 1.70 Shortest transaction: 0.05