C
C#8mo ago
Kroks

How to use the same HttpClient instance with different session cookies / proxies?

Hello I am managing thousands of accounts at once (nothing malicious, just for pentesting reasons). And was wondering how I could accomplish this. For each of these accounts I am currently using one HttpClient. But after a while I get "Unable to read data from the transport connection: Connection reset by peer". I believe this is due to Socket exhaustion. And Socket exhaustion is due to the fact that I use so many clients.
No description
18 Replies
Kroks
KroksOP8mo ago
Each account has different cookies (authorization etc.) and uses a different proxy. So how can I implement this code pattern by using one single instance for all accounts
Mkp
Mkp8mo ago
You can probably interlace them instead of immediately firing all of them. Knowing your upper limit. I don’t think you’ll do your pen testing any wrong. You could choose to elect more computers, nics, or a local vpn.
Kroks
KroksOP8mo ago
the network shouldnt limit me though like the server has 1gbps and im not sending more than 5mb ps
Mkp
Mkp8mo ago
Speed is irrelevant
Kroks
KroksOP8mo ago
Whats relevant?
Mkp
Mkp8mo ago
Amount of socket connections
Kroks
KroksOP8mo ago
isnt one socket = one httpclient ?
Mkp
Mkp8mo ago
Mhm Opened on connect
Kroks
KroksOP8mo ago
i dont think i even get close to the max socket amount that is allowed with 3k httpclients
Joschi
Joschi8mo ago
Just to be sure, how do you instantiate your Http Clients?
Kroks
KroksOP8mo ago
var handler = new HttpClientHandler
{
Proxy = proxy,
AutomaticDecompression = DecompressionMethods.All,
CookieContainer = new CookieContainer(),
AllowAutoRedirect = false
};
Client = new MyHttpClient(account, handler);
var handler = new HttpClientHandler
{
Proxy = proxy,
AutomaticDecompression = DecompressionMethods.All,
CookieContainer = new CookieContainer(),
AllowAutoRedirect = false
};
Client = new MyHttpClient(account, handler);
MyHttpClient is public class MyHttpClient : HttpClient @Joschi Wym
Joschi
Joschi8mo ago
Just newing up http clients is not the recommended best practice. Mainly because it can lead to socket exhaustion. Take a look at the IHttpClientFactory https://learn.microsoft.com/en-us/dotnet/architecture/microservices/implement-resilient-applications/use-httpclientfactory-to-implement-resilient-http-requests
Use IHttpClientFactory to implement resilient HTTP requests - .NET
Learn how to use IHttpClientFactory, available since .NET Core 2.1, for creating HttpClient instances, making it easy for you to use it in your applications.
Kroks
KroksOP8mo ago
Ye thought the same basically but i dont even have that many open sockets a fewk k the weird thing is after this happens it works again in 10min even if I restart right after it doesnt work, i need to wait like 10mins and its 100% unrelated to the target machine that im requesting because on my local it doesnt happen
Kroks
KroksOP8mo ago
but on my local machine it works
Mkp
Mkp8mo ago
Connection reset is a funny way of saying disconnect
Kroks
KroksOP8mo ago
Current progress: - Once this happens the server needs 10-15min before I can request it again (a restart wont even fix this) - I tried to login manually into the proxy and got "Connection reset" in the firefox browser. Tried the same on my local machine and it worked - I believe it must be the server provider. I think that they have a mechanism that prevents us to send thousands of requests to the same host (the host is the proxy provider) I think that their mechanism thinks that we are trying to ddos some service or idk makes literally no sense
Want results from more Discord servers?
Add your server