I have been reading a lot about the recent activity between cyberbunker and spamhaus, and the concept of DNS reflection and amplification is extremely interesting to me. Are there any tools in kali for testing this types of attacks?? Im sure with the proper know how it can all be scripted out and done manually, but I'm not that fluent with linux and only understand the logical concept behind the attack.

If there isn't a tool already packaged with kali, I'm sure there is a python script that exists some where, but you would need a large list of open dns resolvers etc., etc.

I have been reading a lot about the recent activity between cyberbunker and spamhaus, and the concept of DNS reflection and amplification is extremely interesting to me.

I fail to see how this could be interesting it's just another DDoS attack that has been around for years and relies on a botnet. Don't let the media fool you into thinking this was something special, it was just big.

But here is a proof of concept from noptrix, http://www.nullsecurity.net/tools/dos/dnsdrdos.c, sorry it's not .py :P

I love your blog.. very nice colors u0026 theme. Did you create this website yourself or did you hire someone to do it for you? Plz reply as I'm looking to construct my own blog and would like to know where u got this from. thank you

Also interested in this. Theoretically yes you probably need a botnet for best results but for general testing of the concept a single machine will give you an idea of how it works if there's scripts about.

I fail to see how this could be interesting it's just another DDoS attack that has been around for years and relies on a botnet. Don't let the media fool you into thinking this was something special, it was just big.

But here is a proof of concept from noptrix, http://www.nullsecurity.net/tools/dos/dnsdrdos.c, sorry it's not .py :P

I used gcc to compile that code and used chmod +x to make it runnable.
I try the command
./dnsdrdos -f DNSservers.lst -s xxx.xxx.xxx.xxx -d google.com -l 10000
and get the following error
[ - ] ERROR: dnsdrdos.c:232 -> Permission denied
I'm unclear why, any more ideas for me?


Edit:I figured it out, I needed to specify path
./dnsdrdos -f /root/Dekstop/DNSservers.lst -s xxx.xxx.xxx.xxx -d google.com -l 10000

how to compile that code (http://www.nullsecurity.net/tools/dos/dnsdrdos.c) ,i got this error(fkb8aMW5.c:6:24: error: sys/socket.h: No such file or directory
fkb8aMW5.c:7:23: error: arpa/inet.h: No such file or directory
fkb8aMW5.c:8:24: error: netinet/in.h: No such file or directory
fkb8aMW5.c:9:24: error: netinet/ip.h: No such file or directory
fkb8aMW5.c:10:25: error: netinet/udp.h: No such file or directory
fkb8aMW5.c:213:12: warning: missing terminating " character
fkb8aMW5.c:213: error: missing terminating " character
fkb8aMW5.c:215:46: warning: missing terminating " character
fkb8aMW5.c:215: error: missing terminating " character
fkb8aMW5.c:224:12: warning: missing terminating " character
fkb8aMW5.c:224: error: missing terminating " character
fkb8aMW5.c:228:51: error: too many decimal points in number
fkb8aMW5.c:234:35: error: too many decimal points in number
fkb8aMW5.c:234:67: error: invalid suffix "nn" on integer constant
fkb8aMW5.c:236: error: stray '`' in program
fkb8aMW5.c:236: error: stray '`' in program
fkb8aMW5.c:236: error: stray '\' in program
fkb8aMW5.c:237:6: error: too many decimal points in number
fkb8aMW5.c:239:40: warning: multi-character character constant
fkb8aMW5.c:240:12: warning: missing terminating " character
fkb8aMW5.c:240: error: missing terminating " character
fkb8aMW5.c:31: error: expected unqualified-id before numeric constant
fkb8aMW5.c:31: error: expected constructor, destructor, or type conversion before '(' token
fkb8aMW5.c:31: error: expected constructor, destructor, or type conversion before '(' token
fkb8aMW5.c:32: error: expected constructor, destructor, or type conversion before '(' token
fkb8aMW5.c:32: error: expected declaration before '}' token )

i'm new, can help me,any body? thanks!

This technique requires a lot of prerequisites and probably shouldn't be discussed here as it can cause a lot of chaos on the networks in between the target and attacker.

your compile errors wont matter in the end... once its compiled, egress filtering is the key.

This is a Kali-Linux support forum, not a general infosec/"hacking" forum.
As a result, this thread has been locked due to it not being related to the nature of the forum.