Categories: Kali Linux

Bonesi : Tool For DDoS Botnet Simulator

BoNeSi, the DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a tested environment on the wire. It is designed to study the effect of DDoS attacks.

What traffic can be generated?

BoNeSi generates ICMP, UDP and TCP (HTTP) flooding attacks from a defined botnet size (different IP addresses). BoNeSi is highly configurable and rates, data volume, source IP addresses, URLs and other parameters can be configured.

What makes it different from other tools?

There are plenty of other tools out there to spoof IP addresses with UDP and ICMP, but for TCP spoofing, there is no solution. BoNeSi is the first tool to simulate HTTP-GET floods from large-scale bot networks. BoNeSi also tries to avoid to generate packets with easy identifiable patterns (which can be filtered out easily).

Also Read – RapidScan : The Multi-Tool Web Vulnerability Scanner

Where can I run BoNeSi?

We highly recommend to run BoNeSi in a closed testbed environment. However, UDP and ICMP attacks could be run in the internet as well, but you should be carefull. HTTP-Flooding attacks can not be simulated in the internet, because answers from the webserver must be routed back to the host running BoNeSi.

How does TCP Spoofing work?

BoNeSi sniffs for TCP packets on the network interface and responds to all packets in order to establish TCP connections. For this feature, it is necessary, that all traffic from the target webserver is routed back to the host running BoNeSi

How good is the perfomance of BoNeSi?

We focused very much on performance in order to simulate big botnets. On an AMD Opteron with 2Ghz we were able to generate up to 150,000 packets per second. On a more recent AMD Phenom II X6 1100T with 3.3Ghz you can generate 300,000 pps (running on 2 cores).

Are BoNeSi attacks successful?

Yes, they are very successful. UDP/ ICMP attacks can easily fill the bandwidth and HTTP-Flooding attacks knock out webservers fast. We also tested BoNeSi against state-of-the-art commercial DDoS mitigation systems and where able to either crash them or hiding the attack from being detected.

Installation

:~$ ./configure
:~$ make
:~$ make install

Usage

:~$ bonesi [OPTION…]

Options:

-i, –ips=FILENAME filename with ip list
-p, –protocol=PROTO udp (default), icmp or tcp
-r, –send_rate=NUM packets per second, 0 = infinite (default)
-s, –payload_size=SIZE size of the paylod, (default: 32)
-o, –stats_file=FILENAME filename for the statistics, (default: ‘stats’)
-c, –max_packets=NUM maximum number of packets (requests at tcp/http), 0 = infinite (default)
–integer IPs are integers in host byte order instead of in dotted notation
-t, –max_bots=NUM determine max_bots in the 24bit prefix randomly (1-256)
-u, –url=URL the url (default: ‘/’) (only for tcp/http)
-l, –url_list=FILENAME filename with url list (only for tcp/http)
-b, –useragent_list=FILENAME filename with useragent list (only for tcp/http)
-d, –device=DEVICE network listening device (only for tcp/http, e.g. eth1)
-m, –mtu=NUM set MTU, (default 1500). Currently only when using TCP.
-f, –frag=NUM set fragmentation mode (0=IP, 1=TCP, default: 0). Currently only when using TCP.
-v, –verbose print additional debug messages
-h, –help print help message and exit

Video Tutorial

R K

Recent Posts

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

1 week ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

2 weeks ago

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

3 weeks ago

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

3 weeks ago

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

3 weeks ago

MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…

3 weeks ago