DDosPing (Build Status Gem Version)

0 Replies, 8 Views

[Image: OIP.qZZYSSvqkJLdCbY3T2VNHgHaFj?r=0&rs=1&...n&o=7&rm=3]
DDosPing
DDosPing
DDOS
DDOS
Version 1.2.4
Build Status Gem Version
A bash script inspired by pentbox.
Designed to be a simple way to implement various network pentesting functions, including network attacks, using wherever possible readily available software commonly installed on most linux distributions without having to resort to multiple specialist tools.
Sudo is implemented where necesssary.
Tested on Debian and Arch.
Requirements:
bash
sudo
curl
netcat (must support '-k' option, openbsd variant recommended)
hping3 (or nping can be used as a substitute for flood attacks)
openssl
stunnel
nmap
whois (not essential but preferred)
nslookup (or 'host')
How to use?
Download the script:
$ wget
Make it executable:
$ chmod +x ./ddos
Run it:
$ ./ddos
Module detail
RECON MODULES
Show IP - uses curl to perform a lookup of your external IP. Runs ip a or ifconfig (as appropriate) to show local interface IP's.
DNS Recon - passive recon, performs a DNS lookup (forward or reverse as appropriate for target input) and a whois lookup of the target. If whois is not available it will perform a lookup against ipinfo.io (only works for IP's, not hostnames).
Ping Sweep - uses nmap to perform an ICMP echo (ping) against the target host or network.
Quick Scan - TCP Port scanner using nmap to scan for open ports using TCP SYN scan. Nmap will not perform a ping sweep prior to performing the TCP SYN scan. This module scans the 1,000 most common ports. This module can, of course, be used to scan a single host or a full network. This scan can take a long time to finish, please be patient.
Detailed Scan - uses nmap to identify live hosts, open ports, attempts OS identification, grabs banners/identifies running software version and attempts OS detection. Nmap will not perform a ping sweep prior as part of this scan. Nmap's default User-Agent string is changed to that of IE11 in this mode, to help avoid detection via HTTP. All TCP ports on the target (hostname/IP/subnet) are scanned. This scan can take a long time to finish, please be patient.
UDP scan - uses nmap to scan for open UDP ports. All UDP ports are scanned.
Check Server Uptime - estimates the uptime of the target by querying an open TCP port with hping. Accuracy of the results varies from one machine to another; this does not work against all servers.
DOS MODULES
TCP SYN Flood - sends a flood of TCP SYN packets using hping3. If hping3 is not found, it attempts to use the nmap-nping utility instead. Hping3 is preferred since it sends packets as fast as possible. Options are provided to use a source IP of your interface, or specify (spoof) a source IP, or spoof a random source IP for each packet. Optionally, you can add data to the SYN packet. All SYN packets have the fragmentation bit set and use hpings virtual MTU of 16 bytes, guaranteeing fragmentation. Falling back to nmap-nping means sending X number of packets per second until Y number of packets is sent and only allows the use of interface IP or a specified (spoofed) source IP. A TCP SYN flood is unlikely to break a server, but is a good way to test switch/router/firewall infrastructure and state tables. Note that whilst hping will report the outbound interface and IP which might make you think script does not work as expected, the source IP will be set as specified; review a packet capture of the traffic if in doubt! Since the source port is definable, it is simple to launch a LAND attack for example. The ability to set the source port also allows, for example, sending SYN packets to one target and forcing the SYN-ACK responses to a second target.
[/center]

Messages In This Thread
DDosPing (Build Status Gem Version) - by botty - 3 hours ago



Users browsing this thread: 1 Guest(s)