Connect with us

www.i4info.org

www.i4info.org

How to use amp attack scripts, basic info. [Spoofable hosts included]

How to

How to use amp attack scripts, basic info. [Spoofable hosts included]

What you need:
Spoof enabled Dedicated server or XEN/KVM VPS.
Any attack script: SSDP NTP DNS CHARGEN
Amp list made for the attack script.
CentOS 6/7

This was written by: Reece Leu

Spoof-enabled hosts list.
http://colocrossing.com/
http://www.cogentco.com/
http://vps6.net/
http://www.enwebhost.com/
http://vpsace.com/
http://quadranet.com/
http://www.ecatel.info/ (CDN SERVERS ONLY)

What is server amplification/spoofing?
These amplification scripts allow the server to send a request to an IP in the
amplification list which then reponds. It basically tells the IP/Server in the
amplification script to send information to the target. It does this rapidly
resulting in a mass-flood of packets. Hence the “Amplification” name.
Yes this is a basic explanation and isn’t the same for every attack script.

– Install the dependencies.

Code:
yum -y install gcc make php libpcap-devel libpcap libcap dstat screen

The basics

– You will want to purchase a server and install CentOS 64-bit onto it.
– Download the program called PuTTY to connect to your server.
– Connect to the server through PuTTY.
– Use an FTP Client to connect to your server to upload files.- How to compile attack scripts:
Note* Change the attackscript.c to your attack scripts name.

CODE:
gcc -pthread attackscript.c -o attackscript

– How to use attack scripts:

CODE:
./attackscript

– After running that command, it will give you parameters to enter. As an example below I will be using the SSDP script.

Code:
./ssdpattack
Invalid parameters!
Usage: ./ssdp <target IP> <target port> <reflection file> <throttle> <time (optional)>
./ssdpattack 1.1.1.1 80 ssdpamplist.txt 2 100

Note* The throttle in this case is the amount of threads. Time of course is in seconds.

Amplification lists are needed depending on the attack scripts you would like to use. If you’d like to create your own amplification lists please click: Here

How to check if your server spoofs.

– Make sure you install the dependencies above.
– Purchase a cheapo VPS that doesn’t have spoofing enabled.
– Open 3 PuTTY sessions, 2 connected to the spoof enabled server and 1 connected to the non-spoof enabled cheapo VPS.- Run DSTAT on the non-spoof enabled server & on 1 of the spoofable servers.

Code:
dstat

Note* Your screen should look like this: (I am using MTPuTTY which is essentially the same with multiple tabs.)

[Image: 5bXuArP.png]

– Upload the attack script & amplist to the spoof-enabled server.
Note* In this case I will be using the SSDP attack script & amp list.

– Attack the non-spoofable server using the spoofable server not running dstat.

Code:
./ssdpattack 1.1.1.1 80 amplist.txt 2 10

– Watch the DSTAT on both servers. This is what you should see.
Note* If you do not see any incoming packets on your non-spoofable server but you attack server is sending packets. You either are hitting the wrong IP or your attack server does not spoof. If you dont see any packets being sent from your attack server, yours server does not spoof.

[Image: uggzJYW.png]

There you go! Enjoy your servers.

How many threads you should use.

\This question is asked a lot. Well here is a simple explanation.
You will want to use as many threads as you can until your server stops sending
out any more packets but you also want to use the least amount of threads
to do this.- Here is an example:
Using 2 threads my server sends 8000KBps. My CPU usage is at 10% used.
Using 4 threads my server sends 10MBps. My CPU usage is at 18% used.
Using 8 threads my server sends 10MBps. My CPU usage is at 25% used.
Using 10 threads my server sends 10MBps. My CPU usage is at 30% used.

I will want to use 4 threads as the server sends 10MBps but the CPU usage is the lowest.

– How to check the CPU usage on dstat.
Note* I was using the SSDP attack script with 20 threads.

[Image: cJ42ikY.png]

Hope you enjoyed this little lesson on threads.

More information:
– If you need help, post below.
– Yes this tutorial is for the real big noobs.
– I’ll be adding more to this thread as I go.

This is for educational purposes only.
Leave a thanks if you enjoyed my tutorial. Have fun, be safe.
Don’t take the candy.

Continue Reading
You may also like...
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in How to

Facebook

Categories

To Top