Tmpertor / Raven-Storm

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
https://taguar258.github.io/Raven-Storm/
Other
600 stars 170 forks source link

Enhancements #25

Closed GuyPerson7018 closed 3 years ago

GuyPerson7018 commented 3 years ago

I tried this tool on a Linux OS, with the target set to a raspberry pi hosting a basic Apache webserver. As expected, it didn't work I used two attack methods, l4 and l7 l7, as expected, flooded the server with GET requests. I ran it for 10 minutes, and my webpage showed no signs of slowing down. Therefore, it is about as useless as LOIC or HOIC l4 doesn't do anything at all. It floods requests, but do you really expect the server to accept all of them? Thus, I can confirm that this tool is about as useless as LOIC or HOIC, and can't really do anything. Also, if you are making a botnet mode, why make it run on Linux only? Did you know that only 1% of the world's computers run Linux? So, to the creator of this tool, please grow up, and stop making such skiddish tools. This is only good for a wannabe hacker(also known as a skid, or script kiddie)

Taguar258 commented 3 years ago

Dear GuyPerson7018, The problem with DoS is that many parameters decide if the attacked service is going down. It would be naive to believe that DoS works under any circumstances. The L4 Attack included is not specifically designed for HTTP servers, and attacking a local device using L7 works to my knowledge (Tested it myself and by others with success). The server will not accept all requests, I know, but that's not important for a successful stress test. I did not create the botnet to affect "99%" of the world's devices because I do not want it to be used illegally. Neither do I believe that only 1% of the world's devices are running Linux because Linux is widely used, and this tool was coded in python so, it can be run on pretty much any device. Please do not tell me to grow up if you are opening an issue to spread your childish complaints. I am not proud of my tool anymore anyway.

Please stop sending other creators of DoS tools the same messages because it is inappropriate, childish and does not get your tool more attention.

I wish you a great day and good luck with your own DoS tool.

GuyPerson7018 commented 3 years ago

I wasn't trying to get more attention. I can remove my tool if you want. I was just stating that if you still consider your tool to be excellent, then you are definitely a skid. However, looking at your reply, I know that you are no longer proud of it. I also look at the tools of other creators before commenting, as I want to ensure that they truly do not work before commenting. I even tested your tool on a raspberry pi running an Apache server, which is notoriously easy to take down. I specially designed my server to be extremely easy to take down(some tools can take it down within 10 seconds). And as for your tool, it still is better than some tools made by other creators anyways, so I give you credit for that. After that, I tried running the l7 attack again on a google colab server, with 3000 threads, which managed to knock out my raspberry pi server after a few minutes, but stood no chance against a server hosted in WSL on my main computer. Also, 3000 threads is very intensive on the computing resources, so a person just running it on their own computer can't possibly take down a site, unless the site's server is running on a floppy disk.

GuyPerson7018 commented 3 years ago

And as for the part where you say "Please stop sending other creators of DoS tools the same messages because it is inappropriate, childish and does not get your tool more attention.", I only send these to those whose tools are very unlikely to work(for example, take a look at https://github.com/Ha3MrX/DDos-Attack). I post these in hope that some wannabe script kiddie will see it, and get a taste of reality, and understand that the likelyhood of such a tool working is close to zero, and so that they won't feel a false sense of power when having such tools, and so that they hopefully won't tell others that they will ddos them or whatever skids like to say.

Taguar258 commented 3 years ago

Dear GuyPerson7018, I just thought about it and might know the reason why your attack was not successful. Could it be that you had created a blank HTML site without any logic or resources/images because the first thing to mostly fail using the L7 attack included in the toolkit is the ability to return larger data fast enough.

I should totally be able to improve this by keeping the connections open and give the server more information to process.

GuyPerson7018 commented 3 years ago

Nope, it was a fairly large webpage with about 100kb in the index.html file

Taguar258 commented 3 years ago

You are completely right, I tested it the same way and both l4 and l7 failed though other tests I did months ago didn't fail. I'll try to think of an way to resolve this.

Taguar258 commented 3 years ago

I managed to get l4 to work and uploaded a newer version. The problem was, that the HTTP request was incorrect. L7 should work under other circumstances than what I have tested just now. I apologize for not taking you serious at first.

GuyPerson7018 commented 3 years ago

I would suggest that you use the socket module instead of urllib. Then you can manually customize each packet for maximum damage, and you can remove the \r\n\r\n at the end. You might also want to remove the print line during the attack, as that only slows it down. You can also use multiprocessing instead of threading, to make it faster.

Taguar258 commented 3 years ago

Well ngl those are some great tips. Thank you.

FormerlyChucks commented 3 years ago

Lmao

So, to the creator of this tool, please grow up,

Proceeds to act like a combination of an edgelord and a man baby

Taguar258 commented 3 years ago

I am closing this issue now because I don't see the relevance anymore now that I have fixed the http request.