I’ve talked about testing few DoS tools that can put heavy load on HTTP servers in order to bring them to their knees by exhausting resource pools. GoldenEye is the first of those tools and it is one of the newest I discovered in GitHub. You can DoS websites with GoldenEye and bring it down almost within 30 seconds depending on how big their memory pool is. Of course, it wont work on protected servers and servers behind a proper WAF, IDS, but this is a great tool to test your own Web Server for load testing and amend your iptables/Firewall rules accordingly. I will put several warnings and disclaimers in this post so that even the most feeble minds wont be able to deny reading those.

Details for GoldenEye tool is listed below:

• Tool Name: GoldenEye
• Author: Jan Seidl
• Website: http://wroot.org/

From GoldenEye’s writer’s post:

1. This tool is meant for research purposes only and any malicious usage of this tool is prohibited.
2. GoldenEye is an python app for SECURITY TESTING PURPOSES ONLY!
3. GoldenEye is a HTTP DoS Test Tool.
4. Attack Vector exploited: HTTP Keep Alive + NoCache

Types of DoS or DDoS attacks

Let’s go over some very basic info regarding DoS or DDoS attacks. There are basically three types of DoS and DDoS attacks:

1. Application layer DoS and DDoS attacks
2. Protocol layer DoS and DDoS attacks
3. Volume-based DoS and DDoS attacks

Application layer DoS and DDoS attacks

Application-layer DoS and DDoS attacks are attacks that target Windows, Apache, OpenBSD, or other software vulnerabilities to perform the attack and crash the server.

Protocol layer DoS and DDoS attacks

A protocol DoS and DDoS attacks is an attack on the protocol level. This category includes Synflood, Ping of Death, and more.

Volume-based DoS and DDoS attacks attacks

This type of DoS and DDoS attacks includes ICMP floods, UDP floods, and other kind of floods performed via spoofed packets.

The word DoS and DDoS is used loosely as when you attack from a single machine, it’s usually considered as a DoS attack. Multiply a single attacker from a botnet (or a group) then it becomes a DDoS attack. There are many explanations to it, but just know that no matter which type of attack it is, they are equally detrimental for a server/network.

DoS website with GoldenEye – Layer 7 attack tool

So let me introduce GoldenEye.

 

     /$$$$$$            /$$       /$$                     /$$$$$$$$                    
    /$$__  $$          | $$      | $$                    | $$_____/                    
   | $$  __/  /$$$$$$ | $$  /$$$$$$$  /$$$$$$  /$$$$$$$ | $$       /$$   /$$  /$$$$$$ 
   | $$ /$$$$ /$$__  $$| $$ /$$__  $$ /$$__  $$| $$__  $$| $$$$$   | $$  | $$ /$$__  $$
   | $$|_  $$| $$   $$| $$| $$  | $$| $$$$$$$$| $$   $$| $$__/   | $$  | $$| $$$$$$$$
   | $$   $$| $$  | $$| $$| $$  | $$| $$_____/| $$  | $$| $$      | $$  | $$| $$_____/
   |  $$$$$$/|  $$$$$$/| $$|  $$$$$$$|  $$$$$$$| $$  | $$| $$$$$$$$|  $$$$$$$|  $$$$$$$
    ______/  ______/ |__/ _______/ _______/|__/  |__/|________/ ____  $$ _______/
                                                                     /$$  | $$          
                                                                    |  $$$$$$/          
                                                                     ______/           

This tool is a dos tool that is meant to put heavy load on HTTP servers
in order to bring them to their knees by exhausting the resource pool.

This tool is meant for research purposes only
and any malicious usage of this tool is prohibited.

@author Jan Seidl <http://wroot.org/>

@date 2014-02-18
@version 2.1

@TODO Test in python 3.x

LICENSE:
This software is distributed under the GNU General Public License version 3 (GPLv3)

LEGAL NOTICE:
THIS SOFTWARE IS PROVIDED FOR EDUCATIONAL USE ONLY!
IF YOU ENGAGE IN ANY ILLEGAL ACTIVITY
THE AUTHOR (or blackMORE Ops / darkMORE Ops) DOES NOT TAKE ANY RESPONSIBILITY FOR IT.
BY USING THIS SOFTWARE YOU AGREE WITH THESE TERMS.

 

USAGE: ./goldeneye.py <url> [OPTIONS]

 OPTIONS:
    Flag           Description                     Default
    -u, --useragents   File with user-agents to use                     (default: randomly generated)
    -w, --workers      Number of concurrent workers                     (default: 50)
    -s, --sockets      Number of concurrent sockets                     (default: 30)
    -m, --method       HTTP Method to use 'get' or 'post'  or 'random'  (default: get)
    -d, --debug        Enable Debug Mode [more verbose output]          (default: False)
    -h, --help         Shows this help

Download GoldenEye

I prefer to make a folder for everything. I will just do that. You do what you need to do.

root@kali:~# mkdir GoldenEye
root@kali:~# 
root@kali:~# cd GoldenEye/
root@kali:~/GoldenEye# 
root@kali:~/GoldenEye# wget https://github.com/jseidl/GoldenEye/archive/master.zip
root@kali:~/GoldenEye#

So I made a folder named ‘GoldenEye‘ and changed directory to that. Then used wget to pull down the master archive. Codes are highlighted in red.

Once download completes, unzip the master.zip file.

root@kali:~/GoldenEye# unzip master.zip

This creates a new folder named GoldenEye-master.

root@kali:~/GoldenEye# 
root@kali:~/GoldenEye# ls
GoldenEye-master master.zip
root@kali:~/GoldenEye# 
root@kali:~/GoldenEye# cd GoldenEye-master/
root@kali:~/GoldenEye/GoldenEye-master# 
root@kali:~/GoldenEye/GoldenEye-master# ls
goldeneye.py README.md res util
root@kali:~/GoldenEye/GoldenEye-master#