SYN Flood 拒绝服务攻击
This project is a simple DDos attack tool based on SYN flood. Written in C++, using libnet. I wrote a tutorial at http://blog.forec.cn/2016/11/20/ddos-syn-attack/.
- The code is written under Windows 10, in VS Ultimate 2013, version
- To configure the libnet package, you need to download its newest source code from here, and then install
WinPcapby this installer. After that, download
WpdPacksource code from this link. Unzip the libnet and wpdpack compressed package.
- Assume that you unzip libnet's package to
E:\libnet-1.2-rc3, unzip wpdpack's package to
E:\WpdPack. There's a folder
E:\libnet-1.2-rc3\libnet. You need to build a visual studio project, using the codes in that folder.
- Configure the project: there're two folders named
E:\WpdPack, here it should be
E:\WpdPack\include. Add the two paths into the
Includepath of the project (in project settings, choose VC++ path, and you will see this option).
- Add the lib path of WpdPack into
Libpath of the project, here it should be
- Edit the
E:\libnet-1.2-rc3\libnet\win32, add the following definitions at the end of file:
typedef char int8_t; typedef short int16_t; typedef int int32_t;
- Now you can build by press
F7. You will find
E:\libnet-1.2-rc3\libnet\win32\Debug. Copy them to
C:\Windows\SysWOW64. After the upper steps, you have configured libnet already.
- You can now create a VS project containing the two files in this repository:
- Setup the project settings, add
E:\WpdPack\Include\pcapinto the project's VC++ include path.
E:\libnet-1.2-rc3\libnet\win32\Debuginto the VC++ library path.
libnet.libto the addtional entries of linker.
E:\libnet-1.2-rc3\libnet\win32\Debugto the additional library paths.
- Generate the executable file now.
- You can download a compiled binary file from here.
- Three optional flags are provided:
-t: set the target ipaddress and port, using the format of
192.168.1.193.80, here 80 is the target port, and
192.168.1.193is the target ip address.
-s: the number of attacing packets to be sent per second. By default, it will send in maximum speed.
-p: number of threads to send packets per second. Default is 1 thread.
- For example, run
synFlood.exe -t 10.3.8.211.80, it will send syn packets to 10.3.8.211:80 at maximum speed with 1 thread.
- You can use
wiresharkto capture the SYN packets sent.
Use the program to attack my CVM, the
wireshark captures those SYN packets. However, since the provider of my CVM has defense for DDos attack, I didn't see any thing wrong with my website server running in CVM.
- 2016-11-20: Add this project and build repository.
All codes in this repository are licensed under the terms you may find in the file named "LICENSE" in this directory.