Wednesday, March 5, 2014

Denial Of Service Attacks : Explained for Beginners

Just like most other things associated with hacking, a denial of service attack is not everyone's cup of tea. It, however, can be understood if explained properly. In this tutorial, I'll try to give you a big picture of denial of service attacks, before I start using geeky terms like packets and all that. We'll start at the easiest point.


What effect does a denial of service attack have


Wireless hacking usually gives you the password of a wireless network. A man in the middle attack lets you spy on network traffic. Exploiting a vulnerability and sending a payload gives you access and control over the target machine. What exactly does a Denial of Service (DOS) attack do? Basically, it robs the legitimate owner of a resource from the right to use it. I mean if I successfully perform a DOS on your machine, you won't be able to use it anymore. In the modern scenario, it is used to disrupt online services. Many hacktivist groups (internet activists who use hacking as a form of active resistance - a name worth mentioning here is Anonymous) do a Distributed Denial of service attack on government and private websites to make them listen to the people's opinion (the legitimacy of this method of dictating your opinion has been a topic of debate, and a lot of hactivists had to suffer jailtime for participating in DDOS). So basically it's just what its name suggests, Denial Of Service.

Basic Concept

It uses the fact that while a service can be more than sufficient to cater to the demands of the desired users, a drastic increase in unwelcome users can make the service go down. Most of us use the words like "This website was down the other day" without any idea what it actually means. Well now you do. To give you a good idea of what is happening, I'll take the example from the movie "We Are Legion".


Scenario One : Multiplayer online game

Now consider you are playing an online multi-player game. There are millions of other people who also play this game. Now there's a pool in the game that everyone likes to visit. Now you and your friends know that they have the power of numbers. There are a lot of you, and together you decide to make identical characters in the game. And then all of you go and block the access to the pool. You just carried out a denial of service attack. The users of the game have now been deprived of a service which they had obtained the right to use when they signed up for the game. This is just what the guys at 4chan (birthplace and residence of Anonymous) did a long time ago. This is the kind of thing that gives you a very basic idea what a denial of service attack can be.
Denial of service in a game
They made a Swastika and blocked access to the pool

Scenario 2 : Bus stop

Now assume that due to some reason, you want to disrupt the bus service of your city and stop the people from using the service. To stop the legitimate people from utilizing this service, you can call your friends to unnecessarily use it. Basically you can invite millions of friends to come and crowd around all the bus stops and take the buses without any purpose. Practically it is not feasible since you don't have millions of friends, and they are definitely not wasting their time and money riding aimlessly from one place to another.

So while this may seem impossible in the real world, in the virtual world, you can cause as much load as a thousand (or even a million) users alone at the click of a button. There are many tools out there for this purpose, however, you are not recommended to use them as a DOS on someone else is illegal, and easy to detect (Knock, knock. It's the police). We will, come back to this later, and do a DOS on our own computer.

 

How denial of service attacks are carried out

Basically, when you visit a website, you send them a request to deliver their content to you. What you send is a packet. Basically, it take more than just one packet, you need a lot of them. But still, the bandwidth that you consume in requesting the server to send you some data is very little. In return, the data they send you is huge. This takes up server resources, for which they pay for. A legitimate view can easily earn more than the server costs on account of advertisements, etc. So, companies buy server that can provide enough data transfer for its regular users. However, if the number of users suddenly increases, the server gives up. It goes down. And since the company knows it under DOS, it just turns off the server, so that it does not have to waste its monetary resources on a DOS, and wait till the DOS stops. Now with the modern computers and bandwidth, we alone can easily pretend to be a thousand or even more users at once. While this is not good for the server, it is not something that can make it succumb (your computer is not the only thing that gets better with time, the servers do too). However, if a lot of people like you do a DOS attack, it becomes a distributed denial of service attack. This can easily be fatal for a server. It's just like you go to a page, and start refreshing it very fast, maybe a thousand times every second. And you are not the only one. There are thousand others that are doing the same thing. So basically you guys are equivalent to more than a million users using the site simultaneously, and that's not something the server can take. Sites like Google and Facebook have stronger servers, and algorithms that can easily identify a DOS and block the traffic from that IP. But it's not just the websites that get better, and the black hat hackers too are improving every day. This leaves a huge scope for understanding DOS attacks and becoming an asset to one of these sides ( the good, the bad and the ugly).


A Live DOS on your Kali Machine

If you have Kali linux (The hackers OS- the OS of choice if you use this blog) the here's a small exercise for you. 
We are going to execute a command in the Kali linux terminal that will cripple the operating system and make it hand. It will most probably work on other linux distributions too.
Warning : This code will freeze Kali linux, and most probably it will not recover from the shock. You'll lose any unsaved data. You will have to restart the machine the hard way (turn of the virtual machine directly or cut the power supply if its a real machine). Just copy paste the code and your computer is gone.
:(){ :|:& };:

The machine froze right after I pressed enter. I had to power it off from the Vmware interface.
What basically happened is that the one line command asked the operating system to keep opening process very fast for an infinite period of time. It just gave up.
Here's something for the Windows Users

Crashing Windows Using Batch file

Open a notepad. Put the following code in it-
:1
Start
goto 1
Save the file as name.bat
Bat here is batch file extension. Run it. Game over.
It basically executes the second line, and the third line makes it go over to the first, execute the second, and then over to first again, execute the second..... infinitely. So again, denial of service. All the processing power is used by a useless command, while you, the legitimate user, can't do anything.

That's it for this tutorial, we'll discuss the technical details of a practical denial of service in a later tutorial.

PS:
As suggested in the comments, this script will crash windows much faster-

:1
bash name.bat
goto 1

If you look at the script carefully, it is quite easy to understand what it does. Everytime the script is executed, it does two things-

  1. Opens another instance of the same script
  2. Goes to the beginning of the script
So for every execution, the number of scripts slowing down your computer doubles up. This means that instead of linear, the load on memory and processor is now exponential (the script gets more and more dangerous with time).


38 comments:

  1. Thanks it's a good job :)

    ReplyDelete
  2. Interesting. Can't wait for the next tutorial. I watched the doc about Anonymous, they showed how and why they did a DOS Attack in the game example you refer to. Genius. Could you do the attack via TOR to enable you to change your ip. We have Macchanger, why doesn't somebody write a exploit that will change your ip. I knew I should have lernt how to program when I had a spectrum 48k, back in 1984.

    ReplyDelete
    Replies
    1. Next tutorial on IP masking during DOS. We will spoof the source ip with random ones. Wait for it... :D

      Delete
  3. Thank you for a great detailed description in response to my question. I always learn something or become a little wiser after visiting your cool site.

    ReplyDelete
  4. dont call a person who is willing to learn a dummy you idiot...people want to hack for their own benefit but they just dont understand how hard it really is...and plz stop showing off...it makes you a dick

    ReplyDelete
    Replies
    1. Nevermind read your comment on the other post.

      Delete
    2. relax :D dont take it seriously dummy :P

      Delete
    3. There's only 1 dick here, and that's you Mr. anon ...
      Show some respect.

      Delete
  5. This Might sound dumb but, if you are on a public network, (like a starbucks) and you change you ip and MAC address, are you anonymous? if not, what im I missing? Is there anyother simple ways to be anonymous without VPNs and other "hard stuff"

    ReplyDelete
    Replies
    1. ismit possible to hack a WPA password without a wireless extension

      Delete
  6. Thanks So much that was very detailed.

    ReplyDelete
  7. "Innocence factor - Most of the DOS attacks are carried out by botnets. Botnets are a network of computers infected by malware (trojan known as remote administration tool or RAT). They are controlled by a main master who owns these bots/slaves. He can order them to conduct a DOS attack, and the traffic will originate from the computers of innocent users who have no idea what a malicious program is doing in the background while they are playing their favorite game." - Shashwat Chaudhary. Can This concept using RATS, apply easily to most kinds of hacking?

    ReplyDelete
  8. That answered my question! thanks!

    ReplyDelete
  9. I tried to crash windows 7 using the batch file but nothing happened. Is it because I have 8 GB of RAM ?

    ReplyDelete
    Replies
    1. What happens when you execute the batch file? Do you see new command prompt windows opening up automatically? On a high end device, it'll take quite a good while for the system to crash.

      Delete
    2. You only have 8GB of RAM? XD I have half a terabyte (But my computer is giant)

      Delete
  10. the file name will be "stuck.bat"
    edit the file and enter:

    :a
    bash stuck.bat
    goto a

    O = 2^x will overload the computer faster than O =x

    ReplyDelete
    Replies
    1. haha, using it exponentially...

      Delete
    2. Thanks for the addition, making corresponding changes.

      Delete
  11. see how websites are vulnerable to SQL map
    Real Admin Hacking of a website click on
    https://www.youtube.com/watch?v=72Gi1oDkHdM

    ReplyDelete
  12. thank you so much,,

    ReplyDelete
  13. Very well put. (Almost) Anybody can follow a step-by-step tut, but the key to being successful isn't in "knowing" what what's going to happen because the tut says so, but "understanding" what's going on as you progress through the steps. I spent more time trying trying to find "understanding" (hard to find)....Good to see someone taking the time to explain the "how it works"

    ReplyDelete
  14. A quick tip you can add names of softwares installed on the system before the GOTO statement. larger softwares eat up ram faster...

    ReplyDelete
  15. Thank you so much for explaining things so clearly! I will be spending a lot of time reading your tutorials in the near future

    ReplyDelete
  16. how to perform dos using hping3 in kali linux?

    ReplyDelete
  17. brief abt how to ddos to site anonymously.
    hkope u get my point.

    ReplyDelete
  18. Great job explaining what I saw in Mr.Robot

    ReplyDelete
  19. great!!!
    I never know those much clear details about what DOS actually mean.

    ReplyDelete
  20. Can I do a DOS attack on a friend's website/my own website? Is the web hotel/server going to have a problem with that and is it illegal? If I would do it on a friend's website then he would be with me as i do it.

    ReplyDelete
    Replies
    1. For practice host something on intranet (use IP 0.0.0.0) and then try to take it down. Or maybe try to perform a DOS on your wireless router.

      Delete
    2. And yeah, your web host won't be happy about a DOS attack on it (attacking your site is same as attacking your web host/server.)

      Delete
  21. where i can get the rest of the tutorial?

    ReplyDelete
  22. The ":1
    bash name.bat
    goto 1" code is what's known as a ForkBomb. Just throwing this out there bc it's really fun to say. :)

    ReplyDelete
  23. how long does a ddos attack effective ?
    like is it a permanent effect to the page u want to attck or is there a time-limit

    ReplyDelete
    Replies
    1. As long as one continues the attack, the target is down. There could also be some buffer time (depending on the magnitude of the attack) needed to recover after the DDOS is over.

      Delete
  24. i execute this command ":(){ :|:& };:" in my own kali linux pc and freezed it, but when i restarted it, the so doesnt runs, and keep in the black screen with the white "-" twinkling.. anyone knows how to fix it ?

    ReplyDelete

© Kali Tutorials, 2016. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Shashwat Chaudhary and Kali Tutorials with appropriate and specific direction to the original content.
Bitcoin: 1B5aLqJcMW7zznffTxQwta8JTZsxBDPguC