Venom Academy/Ethical Hacking/Denial of Service
Denial of service is one of the most exciting topics in ethical hacking. A denial of service attack is a special attack that is done on a target host to stop it from offering the services and connections that it intends to give. Imagine a store or supermarket that sells goods, when the entrance door gets packed by people who are not even buying anything this will block out the legitimate customers and this will cause the business to lose a lot of money.
Denial of Service attacks case studies
editDenial of services happen almost everyday, you might have one day visited a website and found that the website is offline, it might have shown you a text like "website is too busy" this may have been the case of a DoS attack (Denial of service attack). DoS attacks can cause businesses to lose a lot of money since they can no longer be able to interact with legitimate customers. Throughout this module we will perform a few attacks.
Distributive Denial of Service attacks
editMostly in penetration testing we perform regular DoS tests and we perform these to flood a normal server using its domain or IP address. What if we can attack the whole network and every computer that is connected inside the network. This type of attack is known as the distributive Denial of service attack whereby the attack just propagated to all the machines in the target network. DDoS attacks are extremely hard to trace because it becomes difficult to determine where the attack comes from.
Lab exercise
editNow that we understand that a denial of service attack happens when multiple unnecessary connections happen to a server now let's try to conduct a few attacks.
hulk
editHulk is a DoS tool that was developed in python so that it could be used for stress testing. Hulk is now being used by hackers all around the world to test machines and also terrorize them. Hulk is extremely easy to use. You can download hulk from the GitHub repository and clone it. Hulk has a very simple syntax, the syntax is shown below
root@venom [$]~ hulk <target server> <port>
As we can see above, first we invoke hulk then specify the target host, then specify the port let's perform an example.
root@venom [$]~ hulk localhost 80 Handshake 1.......... Handshake 2.......... Handshake 3.......... Handshake 4.......... Handshake 5.......... Handshake 6.......... Handshake 7.......... Handshake 8..........
As it is illustrated in the example above Hulk then started to open handshakes to a web server running on localhost, which caused a flood on the domain.