Простая Dos атака с Golden Eye в Kali Linux
В этой статье мы разберём один из самых простых способов Dos атак с помощью «Golden Eye»
DoS-атака представляет собой генерацию «мусорного» трафика с одного устройства (IP-адреса) на ресурс-«жертву» (например, сайт). Цель — исчерпать вычислительные и иные мощности «жертвы», чтобы заблокировать работу последней.
Не стоит путать DDos с Dos, хотя аббревиатуры различаются всего лишь на одну букву, за ней скрывается огромная фактическая разница. Dos атаку производит одна машина, а DDos атака зачастую делается с использованием ботнета.
Ботнет — это сеть компьютеров, зараженных вредоносным ПО. Киберпреступники используют специальные троянские программы, чтобы обойти систему защиты компьютеров, получить контроль над ними и объединить их в единую сеть (ботнет), которой можно управлять удаленно.
Действия в данной статье являются образовательными и будут проходить на собственном ресурсе. Автор никого не призывает к действиям и не несёт ответственности.
Установка
Для начала нам понадобится поставить на OC «Golden Eye». Выделим каталог под наш софт, в моём случае я создам новый.
Перейдём в него:
Теперь качаем архив:
Атака
Тесты
Следить за состоянием сервера я буду командой top:
Cервер находится в состоянии простоя, процесс полностью свободен, свободной оперативной памяти доступно 350 мегабайт.
Результат
Можно посмотреть по скриншоту, процессор по-прежнему практически бездействует, но количество свободной памяти резко сократилось, увеличилось количество спящих процессов.
Анализ логов
Одного взгляда на логи достаточно, что каждый запрос GET содержит различные строки, различные пользовательские агенты и различных реферов, среди которых Bing, Baidu, Yandex и другие рандомные поисковые системы.
Так что происходит, когда ваш веб-сервер встречается с этой атакой? Он анализирует входящий трафик, проверяет запрашиваемые URL, адреса источников и поле Referrer и пропускает их с кодом 200 OK. Почему? Потому что каждый браузер был различным.
Инструмент был создан остроумно так, чтобы любой сервер мог подумать, что это различные пользователи, пытающие зайти с одного IP (может быть IP прокси или большой организации?) с различными браузерами (Firefox, Chrome, MSIE, Safari и т. д.), различными операционными системами (Mac, Linux, Windows и т.д.) и даже с различными реферами. Да, возможно запрашиваемый URL был неправильным, но нормальные веб-сервера всё равно пропустят его, перенаправят на страницу ошибки в то время как соединение будет оставаться открытым (например, Apache worker/socket). Стандартный веб-сервер обычно позволяет X число одновременных пользователей с одного IP и с большим количеством соединений/используемых сокетов, этот тип атаке приводит к тяжёлому давлению на сервер и последующие пользователи получают ошибку (HTTP 503 или наподобии). Следовательно, атакующий с несколькими рандомными proxy/VPN может быстро истощить ресурсы сервера. Он даже может замедлить атаки на один IP для избежания начального выявления:
Вышеприведённая команда использует:
-w = 10 одновременные рабочие
-s = 10 одновременных соединений
-m = рандом, смесь GET и POST
Заключение
GoldenEye выглядит как расширенная (или схожая на) HTTP Flooder программа. Обе работают похожим образом, но NoCache и KeepAlive от GoldenEye делают большую разницу. Также она использует интересный способ перемешивания браузеров, операционных систем и рефереров, что может обмануть файервол.
В общем, это хороший инструмент для тестирования на нагрузку своего собственного веб-сайта (с разрешения вашей хостинг компании), вашего корпоративного веб-сайта и любых веб-приложений, которые позволяют входящие GET или POST запросы. Используйте её для обновления ваших правил файервола. WAF и благодаря этому избежите будущих атак.
Источник
DDoS attack using SlowHTTPTest (Slowloris) in Kali Linux
Most of web administrators that doesn’t care properly about the security of the servers, are often target of attacks that a lot of black hat hackers know how to perform in mass. One of those tricky attacks are the Slow HTTP attacks that target any kind of web server. Let’s explain quickly graphically what the attack looks like:
It’s just, pretty simple right? However for a bad configured server this can be the doom, the hardware won’t be pushed up to the limits, however it hangs basically for education … (bad example i know). Didn’t get it ? Imagine sending 100 old grandmas to a store, with all of them trying to tell a story from their childhood to the cashier so that no other customers can buy anything. For education, the cashier won’t kick the grandmas out of the store until they end up telling the story.
So, how you can perform such attack easily to a server and don’t die trying ? The SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks by prolonging HTTP connections in different ways. Use it to test your web server for DoS vulnerabilites, or just to figure out how many concurrent connections it can handle. SlowHTTPTest works on majority of Linux platforms, OS X and Cygwin – a Unix-like environment and command-line interface for Microsoft Windows, and comes with a Dockerfile to make things even easier.
Currently, the supported attacks by the slowhttptest library are:
- Slowloris
- Slow HTTP POST
- Apache Range Header
- Slow Read
In this article, we’ll teach you how to install slowhttptest on your Kali Linux system and how to use it to perform this attack on your servers.
1. Install slowhttptest
The Slowhttptest library is available from the repositories, so you can easily install it from the command line with the following command:
2. Running test
Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed. If an HTTP request is not complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data. If the server keeps too many resources busy, this creates a denial of service. This tool is sending partial HTTP requests, trying to get denial of service from target HTTP server.
Slow Read DoS attack aims the same resources as slowloris and slow POST, but instead of prolonging the request, it sends legitimate HTTP request and reads the response slowly. The command to run the attack to check if the server is the following one:
Note that this will make the server hang if there’s not protection against this attack implemented on the target server.
The command is described as next:
- -c : Specifies the target number of connections to establish during the test (in this example 500, normally with 200 should be enough to hang a server that doesn’t have protection against this attack).
- -H : Starts slowhttptest in SlowLoris mode, sending unfinished HTTP requests.
- -g : Forces slowhttptest to generate CSV and HTML files when test finishes with timestamp in filename.
- -o : Specifies custom file name, effective with -g .
- -i : Specifies the interval between follow up data for slowrois and Slow POST tests (in seconds).
- -r : Specifies the connection rate (per second).
- -t : Specifies the verb to use in HTTP request (POST, GET etc).
- -u : Specifies the URL or IP of the server that you want to attack.
- -x : Starts slowhttptest in Slow Read mode, reading HTTP responses slowly.
- -p : Specifies the interval to wait for HTTP response onprobe connection, before marking the server as DoSed (in seconds).
Now if we run the command with the target server, we get a similar output in the terminal:
As you can see, our target is our own website, however even with 500 connections, our server doesn’t hang at all because we do have protection against this kind of attacks. The service available will be always YES if the target is reachable. You can test with another computer/network if the website is still up indeed. The generate output in HTML created by our options, will be the following one:
But, what if we disable the protection against Slow HTTP attacks in our server? Well, the output should be different and the website on the target server won’t be reachable:
Don’t trust always the service available message, just try accessing the real website from a browser and you will see if it works or not. The generated output this time is different because of the unreachable website:
Note that the Slow HTTP test needs to be executed on one of your own servers, do not run this kind of test on any third party server without its consent because this could get you in a lot of trouble (this is kind of illegal). This tool is meant to be used to test your own servers and implement protection against it.
Besides, do not try to run this attack on our website (spyboy.blog) as we do obviously have protection against this attack and your IP may get banned if we trace an intent of yours , thank you !!
Feel free to leave a comment below or reach me on Instagram @iamshubhamkumar__.
Источник
DOS and DDOS Attacks in Kali Linux
Today we are going to learn DOS and DDOS attack techniques. Denial-of-service (DOS) is an attack crashes a server, or make it extremely slow. DOS is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. In simple words by DOS attack an attacker sends a lots of useless traffic to targeted website or server or network that because the system can’t handle this very huge amount of requests, and the system goes down, no one can use the system. As we all know that every server have traffic limits if the requests are more then the traffic limit at once the server becomes very slow or even it can crash. This technique is called DOS (Denial-Of-Service) attack.
DDOS is Distributed Denial-of-Service attack. DOS is the attack which performed from one computer to one targeted network, in DOS a single machine sends millions of useless traffic on a network but in the case of DDOS many attacker machine targets one network and every attacker machine is performing DOS. That means each and every attacker machine sends millions of traffics. DOS becomes useless against high capacity servers because larger servers easily manages millions of traffics. In such cases the attacker needs thousands or more machines from various networks to knee down the target, this is DDOS attack. To do this DDOS attacker need a organized group of hackers or botnets. Hacking group Anonymous is famous for their DDOS attacks.
Black hat hackers uses DDOS to slow down or crashes high profile web servers like banks or payment gateways, for revenges or blackmail and activism.
DOS attack can perform easily using various tools like
- Nemesy
- RUDY
- GolodenEye
- UDP flood
- PyLoris
- HULK
- ToR’s Hammer
- xerxess
- LOIC
- HOIC
- MetaSploit
There are also various types of DOS attack techniques:
- Distributed volume based DOS attack
- Degradation of service attacks
- Application-layer floods
- DDOS extortion
- HTTP POST DOS Attack
- Internet control message protocol (ICPM) flood
- R U Dead-Yet (RUDY)
- Nuke
- Peer-to Peer attacks
- Permanent denial-of-service attacks
- Reflected/spoofed attack
- shrew attack
- (S)SYN Attack
- Teardeop attacks
- Telephony denial-of-service (TDOS)
Now we practically do this on our localhost server using Slowloris. We clone Slowloris from it’s GitHub repository by using following command:
The screenshot of the command is following:
Then we type cd command to navigate in to Slowloris’s directory:
Then we need to run Slowloris Python script. Here we need the IP address of the targeted server or website in our case it is 127.0.0.1 that is our localhost. The command of DOS attack using Slowloris will be as following:
Источник
Top10 PowerFull DoS/DDoS Attacking Tools for Linux,Windows & Android
W elcome Back our Tech kiddies. Today, We will explore some popular tools which are used for Network stress testing. As these tools was developed for network testing, but now some people uses these tools for malicious purposes.
What is DOS Attack ?
Before proceeding , those who are not aware of the term DOS (Denial of Service Attack), this paragraph is for you :
- DOS (Denial of Service) is an attack performed on computer or network that reduces, restricts or prevents accessibility os system resources to legitimate users.
- In simple terms, Attacker floods the victim system with malicious traffic to overload its resources.
- DOS attack can do temporary or permanent damage to a website. I can also slows down network performance.
DDOS Attack Report
- Largest DDOS attack size is 127 Gigabits per second(Gbps) with speed of 50million packets per second.
- 167% increase in average attack peak size from 2015 to 2016.
Powerfull DoS/DDoS Attack Tools
There are many tools available on internet today. You can also find some tools in Kali Linux. I am figuring out some common and effective tools.
1. Slowloris
Slowloris is the most effective tool for launching the dos attack. It works by opening multiple connections to the targeted web server and keeping them open as long as possible. It does this by continuously sending partial HTTP requests, none of which are ever completed. The attacked servers open more and connections open, waiting for each of the attack requests to be completed.
Due the simple yet elegant nature of this attack, it requires minimal bandwidth to implement and affects the target server’s web server only, with almost no side effects on other services and ports.
You can easily download this tool from github.
2. LOIC (Low Orbit Ion Canon)
The Low Orbit Ion Cannon (LOIC) may be the most popular DoS tool and has made its way into hacker lore. LOIC was initially developed by Praetox Technologies in C#, but was later released into the public domain.
LOIC basically turns computer’s network connection into a firehose of garbage requests, directed towards a target web server. On its own, one computer rarely generates enough TCP, UDP, or HTTP requests at once to overwhelm a web server—garbage requests can easily ignored while legit requests for web pages are responded to as normal.
This tool is available for Linux, Windows and Android as well.
3. GoldenEye
GoldenEye is another popular tool which is used for security testing purposes. This tool is capable of bringing down victims web servers. This tool is written in python. GoldenEye is available on github. You can download it from here.
GoldenEye is an python app for SECURITY TESTING PURPOSES ONLY!
4. HOIC (High Orbit Ion Canon)
The High Orbit Ion Cannon (HOIC) is a tool that could aid an unauthenticated, remote attacker in conducting distributed denial of service (DDoS) attacks. High Orbit Ion Canon or HOIC is developed by popular group Anonymous, a hacktivist collective, to replace the Low Orbit Ion Cannon (LOIC) tool. It functions by flooding target systems with junk HTTP GET and POST requests.
The tool can open up to 256 simultaneous attack sessions at once, bringing down a target system by sending a continuous stream of junk traffic until legitimate requests are no longer able to be processed. HOIC’s deceptive and variation techniques make it more difficult for traditional security tools and firewalls to pinpoint and block DDoS attacks.
The HOIC is a popular DDoS attack tool that is free to download and available for Windows, Mac, and Linux platforms.
5. XOIC
XOIC is another nice DOS attacking tool. It performs a DOS attack on any server with an IP address, a user-selected port, and a user-selected protocol. Developers of XOIC claim that XOIC is more powerful than LOIC in many ways. Like LOIC, it comes with an easy-to-use GUI, so a beginner can easily use this tool to perform attacks on other websites or servers.
6. RUDY (R U Dead Yet ?)
R.U.D.Y. is a popular low and slow attack tool that is designed to crash a web server by submitting long form fields.
The attack is executed via a DoS tool which browses the target website and detects embedded web forms. Once the forms have been identified, R.U.D.Y. sends a legitimate HTTP POST request with an abnormally long ‘content-length’ header field and then t starts injecting the form with information, one byte-sized packet at a time.
7. TOR’s Hammer
ToR’s Hammer was designed to be run through the ToR network to anonymize the attack and limit mitigation. The problem with this strategy is that the ToR network tends to be very slow, thereby limiting the rate at which the packets can be sent and thereby limiting the effectiveness of this tool.
8. THC-SSL-DoS
This DDoS tool (built right into Kali) is different from most DoS tools in that it doesn’t require huge amounts of bandwidth and can be conducted with a single system. It attacks vulnerabilities in SSL to bring down the server. You can download it from THC, but if you are using Kali, you already have it.
9. Pyloris
PyLoris is said to be a testing tool for servers. It can be used to perform DOS attacks on a service. This tool can utilize SOCKS proxies and SSL connections to perform a DOS attack on a server. It can target various protocols, including HTTP, FTP, SMTP, IMAP, and Telnet. The latest version of the tool comes with a simple and easy-to-use GUI. Unlike other traditional DOS attacking tools, this tool directly hits the service.
10. HULK (Http Unbearable Load King)
HULK is another nice DOS attacking tool that generates a unique request for each and every generated request to obfuscated traffic at a web server. This tool uses many other techniques to avoid attack detection via known patterns.
Dos/DDos Attack Tools For Android
1. AnDOSid
2. LOIC
Low Orbit Ion Cannon is a simple application that allows users to send UDP, HTTP, or TCP data packets to any IP address. LOIC can help users with testing server data flow by emulating controlled traffic flow. Since LOIC supports all three socket protocols (UDP, TCP, and HTTP), LOIC could thus be used with any type of server.
Video
Subscribe To Our Newsletter to get latest technical related stuff directly to your inbox. We’ll not spam you. For More Related Stuff – Subscribe to Our YouTube Channel
Источник
