312-50V10 · Question #757
Which of the following DoS tools is used to attack target web applications by starvation of available sessions on the web server? The tool keeps sessions at halt using never-ending POST transmissions
The correct answer is C. R-U-Dead-Yet? (RUDY). R-U-Dead-Yet (RUDY) is a slow-rate HTTP DoS tool that starves web server session pools by sending POST requests with an enormous Content-Length header while drip-feeding the body, keeping threads occupied indefinitely.
Question
Which of the following DoS tools is used to attack target web applications by starvation of available sessions on the web server? The tool keeps sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value.
Options
- AStacheldraht
- BLOIC
- CR-U-Dead-Yet? (RUDY)
- DMyDoom
How the community answered
(40 responses)- B3% (1)
- C95% (38)
- D3% (1)
Why each option
R-U-Dead-Yet (RUDY) is a slow-rate HTTP DoS tool that starves web server session pools by sending POST requests with an enormous Content-Length header while drip-feeding the body, keeping threads occupied indefinitely.
Stacheldraht is a classic distributed DDoS agent that orchestrates ICMP echo and TCP SYN flood attacks across zombie hosts, not a slow-session web application POST tool.
LOIC (Low Orbit Ion Cannon) is a volumetric DDoS tool that floods targets with high-rate UDP, TCP, or HTTP traffic, rather than exploiting session starvation through slow POST transmissions.
RUDY (R-U-Dead-Yet) exploits web server session handling by initiating HTTP POST requests with an arbitrarily large Content-Length value and then transmitting the request body one byte at a time at minimum speed, keeping server-side sessions open and unavailable to legitimate users. This session-starvation technique operates at the application layer without generating high traffic volume, making it difficult to detect via bandwidth thresholds. It directly matches the question description of starvation via never-ending POST transmissions and large Content-Length headers.
MyDoom is a mass-mailing computer worm that opens a backdoor and launches SYN-flood DDoS attacks against specific hosts; it does not perform slow-POST HTTP session starvation against web servers.
Concept tested: Slow HTTP POST session-starvation DoS attack tool
Source: https://owasp.org/www-community/attacks/HTTP_Slow_POST_Attack
Topics
Community Discussion
No community discussion yet for this question.