Denial of service (DoS) Application in Visual Studio 2010

Raj picture Raj · Apr 19, 2013 · Viewed 7.1k times · Source

Its a lengthy question and Its might be amature, sorry I'm new at programming; I want to design a console based application for testing with a Denial of service (DOS) attack. Suppose ping example.com -t -l 65000 is the only thing that needs to be executed in a console. I want the console to run in background. But I want lets say, 5 different console performing the ICMP flooding in the background. to kill the process, we manually need to kill the process. The testing will be done in a real-time environment. I need to make a .exe file for running it on windows.

I am building the program in c# using MS Visual studio 2010 what can be done?

Any suggestions will be greatly appreciated.

Answer

Pedro picture Pedro · Jul 5, 2013

Are you trying to kill a server with ping requests ? Ping requests are very easy for the server to handle. You may in theory attack via layer 4, flooding the pipe lines, but you're better off with anything else than a echo request.

If your trying DoS attacks (I hope it is for research only) you may want to take a look at partial GET requests. I've managed to perform a very effective attack with them, the server is doomed unresponsive for as long as I want it. Althought the HTTP server was not responding, ping request kept returning the exact same trip time, as if nothing happen.

Partial GET / POST requests, work very well for more time than they should now, it seems very difficult to overcome this problem, Apache is well aware of this situation.

I've heard that IIS also has the same reaction to partial POSTs but not to partial GETs.

Some numbers about this techinique :

~5000bytes/s for 2-3 sec, every 30 seconds. That is bandwith use, basically 150 GET requests from once in a while.

all open slots of apache server fill up immediately.

Very hard to detect something is going on, CPU is at around 0.05% during the attack, network connection isn't very stressed either.

And, of course, almost no other HTTP request managed to reach the server. They can reach when the server reading time out reaches and all connections have to restart again.

I haven't tried this on servers with more than 150 slots for HTTP connections.