Post by Raheem on Sept 10, 2017 6:03:22 GMT
The method in this video is OLD but it based on query someone can send to the server to get back some information about the server. Although it's old it will work on many servers.
Script i edited to send many packets as possible so it get the server down. But one issue for now i don't know how to solve is that IPs i try to make it random (Spoofed) But it seems not working well.. It's like in range and not follow what i coded. I don't know why i try to use my own ips via array but also same problem it generate random ones. I'am not going to update it more maybe.
It goes like:
If willing to upgrade this i give you tips:
1-Use spoofed IPs list - To make sure these ips is found in real so it's not filtered by some good hosts as invalid packets.
2-Set Checksum for the IP header and UDP header.
3-Make the rate of sending queries good with ips there so it can't be blocked for example by IPTables with iplimit patch.
4-Or if you can make good approximation for spoofed ips so it can't be detected so as you need.
And you may know better than me just i try tell you what problems for now that can make the packets sent by this script detected as invalid traffic.
The aim of publishing this is to help server owners to know that there is DoS attacks and they should stick to good host with protection. And if this is one type of attack there is many and many not published and used by attackers. Never let yourself victim for them.
HOPE this help you and DON'T ABUSE!
Script i edited to send many packets as possible so it get the server down. But one issue for now i don't know how to solve is that IPs i try to make it random (Spoofed) But it seems not working well.. It's like in range and not follow what i coded. I don't know why i try to use my own ips via array but also same problem it generate random ones. I'am not going to update it more maybe.
It goes like:
05:39:15.622267 IP 212.237.30.94.27010 > 56.53.46.49.45033: UDP, length 86
05:39:15.880741 IP 212.237.30.94.27010 > 56.49.46.53.2302: UDP, length 86
05:39:15.880762 IP 212.237.30.94.27010 > 57.50.46.49.33222: UDP, length 86
05:39:15.880789 IP 212.237.30.94.27010 > 49.49.55.46.13800: UDP, length 86
05:39:15.880806 IP 212.237.30.94.27010 > 49.52.48.46.38297: UDP, length 86
05:39:15.880821 IP 212.237.30.94.27010 > 50.48.52.46.21283: UDP, length 86
05:39:15.880827 IP 212.237.30.94.27010 > 50.52.51.46.51328: UDP, length 86
05:39:15.880835 IP 212.237.30.94.27010 > 49.57.53.46.59419: UDP, length 86
05:39:16.134927 IP 212.237.30.94.27010 > 54.57.46.49.63480: UDP, length 86
05:39:16.134944 IP 212.237.30.94.27010 > 49.56.54.46.56123: UDP, length 86
05:39:16.134948 IP 212.237.30.94.27010 > 50.53.51.46.41147: UDP, length 86
05:39:16.134952 IP 212.237.30.94.27010 > 49.51.51.46.5879: UDP, length 86
05:39:16.135226 IP 212.237.30.94.27010 > 50.49.50.46.15978: UDP, length 86
05:39:16.135232 IP 212.237.30.94.27010 > 56.54.46.54.2269: UDP, length 86
05:39:16.135236 IP 212.237.30.94.27010 > 49.56.50.46.44383: UDP, length 86
05:39:16.135242 IP 212.237.30.94.27010 > 55.49.46.49.36895: UDP, length 86
05:39:16.135245 IP 212.237.30.94.27010 > 49.54.54.46.18292: UDP, length 86
05:39:16.135249 IP 212.237.30.94.27010 > 49.55.56.46.57771: UDP, length 86
05:39:16.135252 IP 212.237.30.94.27010 > 50.51.50.46.4781: UDP, length 86
05:39:16.392862 IP 212.237.30.94.27010 > 49.52.48.46.32809: UDP, length 86
If willing to upgrade this i give you tips:
1-Use spoofed IPs list - To make sure these ips is found in real so it's not filtered by some good hosts as invalid packets.
2-Set Checksum for the IP header and UDP header.
3-Make the rate of sending queries good with ips there so it can't be blocked for example by IPTables with iplimit patch.
4-Or if you can make good approximation for spoofed ips so it can't be detected so as you need.
And you may know better than me just i try tell you what problems for now that can make the packets sent by this script detected as invalid traffic.
The aim of publishing this is to help server owners to know that there is DoS attacks and they should stick to good host with protection. And if this is one type of attack there is many and many not published and used by attackers. Never let yourself victim for them.
HOPE this help you and DON'T ABUSE!