1

Is there any attack out there that can be implemented where a single request to a server i host for example responds by sending the same file say 20 times back ? the idea behind the attack is to DOS tor nodes which are hosting the stream, this attack is for a masters project, and just want to prove the concept of it working, if this can be achieved how can it be done thanks

Rich
  • 11
  • 1
  • What you're looking for is termed "amplification", where a simple request produces an unusually large response. You haven't provided enough information to tell if your server is vulnerable to amplification attacks. – Mark Aug 11 '14 at 07:26
  • Yes thanks that is what i am trying to achieve, my server is a raspberry pi set up following these details http://www.wikihow.com/Make-a-Raspberry-Pi-Web-Server the server is online at http://82.26.108.68/ and the file i wish to try an send back more than once is the attack file i have called dosfile.dat which is just a 5gb empty file, currently i am making a GET reqest through tor to get this file, but this is what i want to try and get back multiple times – Rich Aug 11 '14 at 14:15

1 Answers1

1

Amplification attacks leverage the asymmetric nature of small amounts of data sent to servers producing a large amount of response towards a target. These are usually performed over protocols for which the source address is easily spoofed. This is not a strict requirement and certainly this could occur on a wide variety of protocols or services but the nature of being able to redirect traffic is what makes these protocols useful for attackers.

That said if you strictly want your dosfile.dat file to be used in a similar attack it would be easier to replicate this if you can insert it into a IP or UDP based service that can still allow for spoofing of source packets so the response can be redirected and sent to another system somehow. In theory, depending on the size of dosfile.dat you could create a DNS text record (or several) with this information and perform an DNS amplification attack of some form and that data would be included.

See the following for more information:

https://blog.cloudflare.com/deep-inside-a-dns-amplification-ddos-attack/

Trey Blalock
  • 14,099
  • 6
  • 43
  • 49