THC-SSL-DOS

THC-SSL-DOS verifies the performance of SSL implementations by establishing multiple SSL connections, which require significantly more processing power on the server side than the client. This tool exploits this asymmetry to flood the target server, potentially knocking it offline. It affects all current SSL implementations, a known issue since 2003.

The tool is particularly effective against servers using the SSL secure Renegotiation feature, triggering thousands of renegotiations over a single TCP connection. Use cases include testing server resilience under SSL load and demonstrating DoS vulnerabilities in SSL deployments.

Designed for security researchers, it provides real-time statistics on handshakes, connections, and errors during the attack.

SSL connections demand 15x more processing on servers than clients due to cryptographic operations. THC-SSL-DOS floods the target with connection attempts, overwhelming server resources. It further exploits SSL Renegotiation to amplify the attack via repeated renegotiations on single TCP connections, causing excessive CPU load and potential service denial.