flat assembler
Message board for the users of flat assembler.

Index > Windows > I'm trying to make SYN flooder on Windows OS

Author
Thread Post new topic Reply to topic
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 18 Sep 2011, 23:37
Hello everyone, I have little question. Is there any way to block recipient via winsock ? I'm trying to play with packets. I'm trying to make SYN flooder on Windows OS. Microsoft said, RAW packets are blocked on Windows, it can be used only with winpcap (like nmap does). As I know, when packet is sent to server, it responds back answer, but SYN flood style, it just sends with spoofed IP address and packets are sent to random, not known IP addresses. How if I'll do that manually ? Here's what I think if that's even possible I don't know.. Just asking, if it's possible. I'm trying to block inbound connections from that IP address, what I'm going to flood. Is there any way to do that ? if it is, it will work like SYN flooder right ?

P.S for security reasons only of course.
Thanks.
Post 18 Sep 2011, 23:37
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 18 Sep 2011, 23:59
Overflowz wrote:

P.S for security reasons only of course.
Thanks.


Why not just admit it Shocked

Don't hide behind the "Security Reasons" Very Happy

Here's a pillbox (Very Happy) for you http://www.binarytides.com/blog/syn-flood-dos-attack/
Post 18 Sep 2011, 23:59
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20363
Location: In your JS exploiting you and your system
revolution 19 Sep 2011, 00:02
Overflowz: Do you really expect us to help you write your malware?
Overflowz wrote:
P.S for security reasons only of course.
I doubt that.


Last edited by revolution on 19 Sep 2011, 00:16; edited 1 time in total
Post 19 Sep 2011, 00:02
View user's profile Send private message Visit poster's website Reply with quote
asmhack



Joined: 01 Feb 2008
Posts: 431
asmhack 19 Sep 2011, 00:09
Actually he needs that code to simulate the DoS Attack in lab environment to proof and study the concept of three-way handshaking.
Post 19 Sep 2011, 00:09
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20363
Location: In your JS exploiting you and your system
revolution 19 Sep 2011, 00:16
asmhack wrote:
Actually he needs that code to simulate the DoS Attack in lab environment to proof and study the concept of three-way handshaking.
Hehe. Yeah, sure, that must be it. [/sarcasm]
Post 19 Sep 2011, 00:16
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 19 Sep 2011, 00:41
asmhack wrote:
Actually he needs that code to simulate the DoS Attack in lab environment to proof and study the concept of three-way handshaking.


I can prove it if he gives me his public IP address. I'll port scan him and DDOS him with botnets at the same time and make a video of it in action. Wink
Post 19 Sep 2011, 00:41
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 19 Sep 2011, 10:46
revolution
as I guess, you don't trust anyone in your life, and as I said, before and everytime I'm saying, I AM NOT WRITING MALWARES! I am trying to understand how it can be done, how it works, if it's possible to do on different way, etc.. Do I look like malware writer ? I even don't asked about code, I need just answer, so, PLEASE, you're playing on my nerves everytime I write something about things like this.
typedef
Because I am not writing malwares, I don't get anything useful from them.
and 1 more thing, I'm doing it on my VM box.
--
I know how it is done on linux sockets, but I'm just asking, if it's possible to do same on windows but with real ip address but block inbound connections, is that even possible or will work like that ?
--
Thanks to board admin for renaming this topic like nobody will help. Really, thank you.
Post 19 Sep 2011, 10:46
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 19 Sep 2011, 10:57
your router of cource blocks(technically drops the connection) that kind of traffic if it finds null bytes. But there still other ways to DDOS a router.
Post 19 Sep 2011, 10:57
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 19 Sep 2011, 10:58
SYN flood,...did you check on wkipedia?
Post 19 Sep 2011, 10:58
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 19 Sep 2011, 15:10
typedef
Yes, I checked it on wikipedia and I know how 3 way handshake works, but I'm trying to do it on Windows, just though that what I said before and interested if it would work like that.
Post 19 Sep 2011, 15:10
View user's profile Send private message Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
Dex4u 19 Sep 2011, 17:34
@Overflowz, I have read your post and still do not know what your trying to do.
Yes we all know how the 3way hand shake works.

But it is not clear at all, what you want to do.
Post 19 Sep 2011, 17:34
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 19 Sep 2011, 20:27
Dex4u
I'll try explain further..
3 way handshake vulnerability = Send packet with spoofed ip address, then server tries to respond back the answer on spoofed IP adress which doesn't exist and waits for it to be reached. a lot of traffics like this will cause server to stop working propertly, right ?
Now Windows style, what I'm trying.
When I'll send packet to server, with my real ip address, it will send me the answer - OK. But what if I'll block inbound connection from that server ? I mean, when I'll send some packets to server, when server will try to send me back answer, it will fail because I have blocked his IP on inbound connection. I don't know how to explain better.. Sorry for my English.
Post 19 Sep 2011, 20:27
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 20 Sep 2011, 01:04
Overflowz wrote:
Sorry for my English.

It's ok dude, maybe you can use images Wink

Like this one

Image
Post 20 Sep 2011, 01:04
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 20 Sep 2011, 10:20
typedef
Sorry, not registered on that host. Can't see the image.
Post 20 Sep 2011, 10:20
View user's profile Send private message Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
Dex4u 20 Sep 2011, 18:30
typedef wrote:
Overflowz wrote:
Sorry for my English.

It's ok dude, maybe you can use images Wink

Like this one

Image

If you do what your image shows typedef, it will still return to your IP, as the router stick your real IP, as it re placers the one you put, with the real one.

@Overflowz, can you not just flush the NAT ?.
Post 20 Sep 2011, 18:30
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 20 Sep 2011, 19:04
@Dex4u That is why I use botnets.

PS: the target's router will parse the packet to the target machine giving it the forged source IP. The gateway can reach you back but not the target. Wink
Post 20 Sep 2011, 19:04
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 20 Sep 2011, 19:32
Never mind, I get it what I was thinking. It will fail. Thanks for replies.
Post 20 Sep 2011, 19:32
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 20 Sep 2011, 19:35
Overflowz wrote:
It will fail.

Did you try at all ?
Don't let them beat you down broah. Wink
Post 20 Sep 2011, 19:35
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 20 Sep 2011, 19:58
typedef
It will fail because someone would try it before me. I'm not professional programmer or "idea creator". I'd better do some useful, like learn some HLL language (perl and C) and more about Overflows Very Happy
Post 20 Sep 2011, 19:58
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 20 Sep 2011, 20:07
@Overflowz
Well, do what suits you best. Very Happy
Post 20 Sep 2011, 20:07
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.