{"id":25318,"date":"2024-02-28T04:42:04","date_gmt":"2024-02-28T04:42:04","guid":{"rendered":"https:\/\/linuxways.net\/?p=25318"},"modified":"2024-02-28T04:42:04","modified_gmt":"2024-02-28T04:42:04","slug":"perform-ddos-attack-kali-linux","status":"publish","type":"post","link":"https:\/\/linuxways.net\/de\/kali-linux\/perform-ddos-attack-kali-linux\/","title":{"rendered":"How to Perform DDOS Attack on Kali Linux"},"content":{"rendered":"<p><strong>Denial-of-Service Attack<\/strong>, commonly referred to as <strong>DDOS <\/strong>attack, is a type of malicious attack that is used to disrupt the traffic of a target server, service or network. This type of attack is performed by overwhelming the server with a flood of internet traffic, preventing legitimate users from accessing the target resource. Though using <strong>DDOS<\/strong> attacks is illegal and harmful, understanding the basics of how it is done is crucial for beginners who have recently started using the Kali Linux system. Performing <strong>DDOS attack <\/strong>on a server will help you in checking the efficacy of the website against such type of attack. With the right amount of knowledge, the users can protect their servers from such attacks in the future.<\/p>\n<p>This article is presented for educational purposes, providing you with the right amount of guidance to perform <strong>DDOS attacks<\/strong> on Kali Linux systems.<\/p>\n<h2><a id=\"post-25318-_3tzrolmiq7n6\"><\/a><strong>How to Perform DDOS Attack on Kali Linux<\/strong><\/h2>\n<p>There are multiple tools available for performing <strong>DDOS attacks <\/strong>on Kali Linux and checking the efficacy of the website, some of the widely used one are:<\/p>\n<ul>\n<li><a href=\"#post-25318-_49bdbzwob9km\"><strong>Slowloris<\/strong> <\/a><\/li>\n<li><a href=\"#post-25318-_vf4n78bvct68\"><strong>slowhttptest<\/strong><\/a><\/li>\n<\/ul>\n<h2><a id=\"post-25318-_49bdbzwob9km\"><\/a><strong>How to Perform DDOS Attack on Kali Linux Using Slowloris<\/strong><\/h2>\n<p><strong>Slowloris <\/strong>is an open-source tool available in the official Kali Linux repository that allows you to perform a <strong>DDOS attack<\/strong>. This tool is written in Python programming language and helps you in taking down another machine\u2019s web server from another machine.<\/p>\n<p>To install and use <strong>Slowloris <\/strong>on Kali Linux for performing <strong>DDOS attacks<\/strong>, follow the below-given steps:<\/p>\n<h3><a id=\"post-25318-_e9o8zrasio9c\"><\/a><strong>Step 1: Install Slowloris on Kali Linux<\/strong><\/h3>\n<p>First, you have to install <strong>Slowloris<\/strong> on your Kali Linux system through the apt repository using the below-given command:<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"width:100%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> apt <span class=\"kw2\">install<\/span> slowloris <span class=\"re5\">-y<\/span><\/div><\/div>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"406\" class=\"wp-image-25347\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-1.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-1.png 700w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-1-300x174.png 300w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<h3><a id=\"post-25318-_knpc7ia89z06\"><\/a><strong>Step 2: Start Apache Service on Kali Linux (Optional)<\/strong><\/h3>\n<p>This step is optional since we are going to block our Apache server to ensure<strong> DDOS attack<\/strong> is successfully performed. You can skip it if you want to perform a <strong>DDOS attack<\/strong> on some other server.<\/p>\n<p>The Apache service can be started on Kali Linux system from the following command:<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"width:100%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> systemctl start apache2<\/div><\/div>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"738\" height=\"124\" class=\"wp-image-25352\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-2.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-2.png 738w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-2-300x50.png 300w\" sizes=\"auto, (max-width: 738px) 100vw, 738px\" \/><\/p>\n<h3><a id=\"post-25318-_lm1f2hk3q459\"><\/a><strong>Step 3: Check Apache Service Status on Kali Linux (Optional)<\/strong><\/h3>\n<p>This step is optional too because here we are going to check whether Apache service is running on Kali Linux system, it can be done using:<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"width:100%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> systemctl status apache2<\/div><\/div>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"735\" height=\"466\" class=\"wp-image-25365\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-3.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-3.png 735w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-3-300x190.png 300w\" sizes=\"auto, (max-width: 735px) 100vw, 735px\" \/><\/p>\n<h3><a id=\"post-25318-_lak5ueparirr\"><\/a><strong>Step 4: Load the Apache Web Server on Browser (Optional)<\/strong><\/h3>\n<p>To ensure <strong>Apache web server<\/strong> is running, navigate to any system browser and use the IP address of your Kali Linux system to access the server:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"1544\" height=\"831\" class=\"wp-image-25374\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-4.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-4.png 1544w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-4-300x161.png 300w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-4-1024x551.png 1024w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-4-768x413.png 768w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-4-1536x827.png 1536w\" sizes=\"auto, (max-width: 1544px) 100vw, 1544px\" \/><\/p>\n<p>You can find your Kali Linux IP address from the hostname command given below:<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"width:100%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">hostname<\/span> <span class=\"re5\">-I<\/span><\/div><\/div>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"736\" height=\"149\" class=\"wp-image-25405\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-5.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-5.png 736w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-5-300x61.png 300w\" sizes=\"auto, (max-width: 736px) 100vw, 736px\" \/><\/p>\n<h3><a id=\"post-25318-_pjaqjdr0tad1\"><\/a><strong>Step 5: Perform DDOS Attack on Server<\/strong><\/h3>\n<p>Now, to perform the <strong>DDOS attack<\/strong> on a server with Kali Linux, you can use the below-given syntax:<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"width:100%;\"><div class=\"bash codecolorer\">slowloris <span class=\"re5\">-p<\/span> port <span class=\"re5\">-s<\/span> socket_count <span class=\"re5\">-v<\/span> target_IPaddress<\/div><\/div>\n<p>Where <strong>-p <\/strong>specifies the port number, <strong>-s <\/strong>is for socket count used in the attack and <strong>-v<\/strong> enables the verbose mode (printing more information). It should also be noted that the more sockets are, the more connections the attackers can open with the server.<\/p>\n<p>Here, I am going to block my target IP address <strong>192.168.221.141 <\/strong>using port number <strong>80<\/strong>, socket count as <strong>1000<\/strong>:<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"width:100%;\"><div class=\"bash codecolorer\">slowloris <span class=\"re5\">-p<\/span> <span class=\"nu0\">80<\/span> <span class=\"re5\">-s<\/span> <span class=\"nu0\">1000<\/span> <span class=\"re5\">-v<\/span> 192.168.221.141<\/div><\/div>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"706\" height=\"448\" class=\"wp-image-25420\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-6.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-6.png 706w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-6-300x190.png 300w\" sizes=\"auto, (max-width: 706px) 100vw, 706px\" \/><\/p>\n<p>Once you run the attack, you can go back to the browser to ensure the service is down after performing the <strong>DDOS attack<\/strong>.<\/p>\n<p>Here, I have added the screenshot after performing the <strong>DDOS attack<\/strong>, where page is loading for a longer time, which ensures the attack is performed successfully on the server:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"2048\" height=\"1077\" class=\"wp-image-25504\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-7.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-7.png 2048w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-7-300x158.png 300w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-7-1024x539.png 1024w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-7-768x404.png 768w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-7-1536x808.png 1536w\" sizes=\"auto, (max-width: 2048px) 100vw, 2048px\" \/><\/p>\n<h2><a id=\"post-25318-_vf4n78bvct68\"><\/a><strong>How to Perform DDOS Attack on Kali Linux Using slowhttptest<\/strong><\/h2>\n<p><strong>slowhttp<\/strong> test is another command line tool that you can use to stimulate various <strong>DDOS attacks<\/strong> on the server. You can use this tool to test the efficacy of a server against different types of attacks including the infamous <strong>Slowloris attack<\/strong>. To perform <strong>DDOS attack<\/strong> on Kali Linux using <strong>slowhttptest<\/strong>, use the following steps:<\/p>\n<h3><a id=\"post-25318-_y9kv18mmsnky\"><\/a><strong>Step 1: Install slowhttptest on Kali Linux<\/strong><\/h3>\n<p>First, install <strong>slowhttptest<\/strong> on your Kali Linux system from the apt repository through the following command:<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"width:100%;\"><div class=\"bash codecolorer\"><span class=\"kw2\">sudo<\/span> apt <span class=\"kw2\">install<\/span> slowhttptest <span class=\"re5\">-y<\/span><\/div><\/div>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"683\" height=\"460\" class=\"wp-image-25507\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-8.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-8.png 683w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-8-300x202.png 300w\" sizes=\"auto, (max-width: 683px) 100vw, 683px\" \/><\/p>\n<h3><a id=\"post-25318-_cwokxs45hu81\"><\/a><strong>Step 2: Perform DDOS Attack Using slowhttptest<\/strong><\/h3>\n<p>To perform<strong> DDOS attack<\/strong> on Kali Linux using<strong> slowhttptest,<\/strong> you can follow the below-given command:<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"width:100%;\"><div class=\"bash codecolorer\">slowhttptest <span class=\"re5\">-c<\/span> <span class=\"nu0\">1000<\/span> <span class=\"re5\">-H<\/span> <span class=\"re5\">-g<\/span> <span class=\"re5\">-o<\/span> slowhttp <span class=\"re5\">-i<\/span> <span class=\"nu0\">10<\/span> <span class=\"re5\">-r<\/span> <span class=\"nu0\">200<\/span> <span class=\"re5\">-t<\/span> GET <span class=\"re5\">-u<\/span> http:<span class=\"sy0\">\/\/<\/span>192.168.18.122<span class=\"sy0\">\/<\/span> <span class=\"re5\">-x<\/span> <span class=\"nu0\">24<\/span> <span class=\"re5\">-p<\/span> <span class=\"nu0\">3<\/span><\/div><\/div>\n<p>Here in the above command:<\/p>\n<ul>\n<li><strong>-c<\/strong> 1000 is the target number of established connections during the test.<\/li>\n<li><strong>-H<\/strong> uses the Slowloris mode by sending unfinished HTTP requests.<\/li>\n<li><strong>-g <\/strong>is used to generated statistics with socket state changes<\/li>\n<li><strong>-o slowhttp <\/strong>will save the output of the test.<\/li>\n<li><strong>-i <\/strong>is the interval between follow up data in seconds.<\/li>\n<li><strong>-r 200 <\/strong>is the connection rate per seconds, which is 200 in this case<\/li>\n<li><strong>-t GET<\/strong> explicitly sets the HTTP method to GET.<\/li>\n<li>-u http:\/\/(link to the website) is the URL address of the target, change it accordingly.<\/li>\n<li><strong>-x 24 <\/strong>max length of each randomized name.<\/li>\n<li>&#8211;<strong>p 3 <\/strong>is the number of parallel requests per seconds, which is 3 in this case.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"708\" height=\"451\" class=\"wp-image-25510\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-9.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-9.png 708w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-9-300x191.png 300w\" sizes=\"auto, (max-width: 708px) 100vw, 708px\" \/><\/p>\n<p>After you execute the above command, it will send a large amount of traffic to the given IP address with a short delay, thus overloading the target source.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"706\" height=\"468\" class=\"wp-image-25512\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-10.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-10.png 706w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-10-300x199.png 300w\" sizes=\"auto, (max-width: 706px) 100vw, 706px\" \/><\/p>\n<p>To check whether the <strong>DDOS attack<\/strong> is successfully performed on the given target you can verify by loading the target address. Here, I have performed <strong>DDOS attack<\/strong> on IP address <strong>192.168.18.122. <\/strong>By loading the server, it will refuse the connection during the attack, which ensures that attack is successfully performed on the target server address.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"1549\" height=\"830\" class=\"wp-image-25514\" src=\"http:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-11.png\" srcset=\"https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-11.png 1549w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-11-300x161.png 300w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-11-1024x549.png 1024w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-11-768x412.png 768w, https:\/\/linuxways.net\/wp-content\/uploads\/2024\/02\/word-image-25318-11-1536x823.png 1536w\" sizes=\"auto, (max-width: 1549px) 100vw, 1549px\" \/><\/p>\n<p><strong>Note: <\/strong>Besides<strong> Slowloris<\/strong> and <strong>slowhttptest, <\/strong>you can also install and use tools <a href=\"https:\/\/www.kali.org\/tools\/goldeneye\/\"><strong>Goldeneye<\/strong><\/a>, and <a href=\"https:\/\/www.kali.org\/tools\/dsniff\/\"><strong>dsniff<\/strong><\/a> to check the efficacy of a website against the <strong>DDOS attack<\/strong>.<\/p>\n<h2><a id=\"post-25318-_acbqzdnv52r6\"><\/a><strong>Conclusion<\/strong><\/h2>\n<p>Performing<strong> DDOS attacks <\/strong>on a server is illegal and should be done with extreme caution and under strict ethical guidelines. There are multiple tools that can help you perform <strong>DDOS attacks<\/strong> on Kali Linux and check the efficacy of a server. Here, in this guide, we have discussed two widely used tools called <strong>Slowloris <\/strong>and <strong>slowhttptest <\/strong>to perform <strong>DDOS attacks<\/strong> on a web server. The web server will fail to load if <strong>DDOS attack<\/strong> is performed and if it has the efficacy, it will load normally even with a high amount of HTTP requests.<\/p>","protected":false},"excerpt":{"rendered":"<p>You can run DDOS attack on Kali Linux from Slowloris or slowhttptest. Read this guide to learn how to run DDOS attacks in Kali Linux.<\/p>","protected":false},"author":116,"featured_media":25578,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1054],"tags":[],"class_list":["post-25318","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali-linux"],"_links":{"self":[{"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/posts\/25318","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/users\/116"}],"replies":[{"embeddable":true,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/comments?post=25318"}],"version-history":[{"count":0,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/posts\/25318\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/media\/25578"}],"wp:attachment":[{"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/media?parent=25318"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/categories?post=25318"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/tags?post=25318"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}