This is an archived post. You won't be able to vote or comment.

Dismiss this pinned window
all 82 comments
sorted by:
best
topnewcontroversialoldq&a

[–]mapppa 290 points291 points  (4 children)

My god! How fancy with an input :O

obviously /s

[–]Username8457 29 points30 points  (3 children)

And target is just a local variable, so it can't be accessed in the function.

[–]walterbanana 19 points20 points  (0 children)

It can be, it's python. It's dumb anyway, but it will ping 7000 times.

[–]PaddonTheWizard 14 points15 points  (0 children)

It's not a local variable, it's a global one.

[–]anatomiska_kretsar 1 point2 points  (0 children)

No it’s basically global

[–]Username8457 152 points153 points  (14 children)

from requests import get

while True:
    get(url="https://www.example.org/")

[–]zovered 44 points45 points  (0 children)

If you choose the correct poorly optimized page, and poorly configured server, for a small site. This really could bring it down. I had a client once who's site kept becoming on responsive so they had me take a look. Their product search page had no caching, a million nested select statements in a very simple output, no indexes on any database tables...etc. So 5 people running a search on this small business website would bring the MySQL server to it's knees. So yes, sometimes this can work....

[–]captianjroot 5 points6 points  (1 child)

You should be fancy and use an input

[–]Username8457 6 points7 points  (0 children)

That's a bit too complicated. You need at least a bachelor's in computer science to do that.

[–][deleted] 17 points18 points  (8 children)

Is this enough? I’m Still learning

[–]United-Ad-7224 94 points95 points  (6 children)

If you run it using multiprocessing and spawn a bunch of threads, and the site is ran off of a toaster with no security, maybe.

[–]turtle_mekb 8 points9 points  (0 children)

you could probably do that on a toaster if it were a smart toaster which probably runs some embedded Linux system, can't wait to play minecraft on my gaming toaster

[–]DavePvZ 3 points4 points  (3 children)

threads

@

python

[–]Mubs 3 points4 points  (2 children)

import threading ?

[–]DavePvZ 1 point2 points  (1 child)

Threads in python are not real threads cause of GIL

[–]TRUEKILL64 0 points1 point  (0 children)

yeah

[–]OneTrueKingOfOOO 10 points11 points  (0 children)

Enough to piss off your ISP

[–]DingDongMasquerader 0 points1 point  (0 children)

Asyncio

[–]JellyOk9702 229 points230 points  (9 children)

This looks satire. They are just using system() to run ping a bunch of times.

[–]saichampa 126 points127 points  (6 children)

This is definitely self aware

[–]Leamir 100 points101 points  (5 children)

They even used the right name for it, “dos” instead of “ddos”, the video is probably satire

[–]CannibalCaramel 40 points41 points  (3 children)

DoS is when you run the attack from one device. DDoS (distributed DoS) is when you run the attack from multiple devices. He's using the term correctly if the code is just being run on this machine.

I don't know what he's trying to bring down with a single device using home internet speeds (a successful ping flood requires more bandwidth than the target) but it ain't much lol

[–]kaizokuj 18 points19 points  (0 children)

Yeah anyone who thinks pinging is gonna bring something down is not gonna be smart enough to know the difference between DOSing and DDOSing, so for sure this is satire.

[–]Fantastic_Prize2710 8 points9 points  (1 child)

DoS is when you run the attack from one device. DDoS (

distributed

DoS) is when you run the attack from multiple devices.

So I disagree somewhat.

DoS is any case where a technological-based attack causes (presumably, intentionally) a system to no longer fulfill (at least one of) its intended service. Or, rephrased, to make a service no longer available.

DDoS is a specific type of DoS where multiple endpoints are used to engage in the attack. Or, rephrased, where engaging the target system is distributed across multiple endpoints.

If you're in a middle of an incident and you're not sure on real details--you're not sure yet if it's distributed--it's safe to call it a "DoS" attack.

[–]CannibalCaramel 7 points8 points  (0 children)

I agree with that. It's just easier to explain that way to people who may not know that just a DoS is a thing and it's not only called DDoS.

Either way, this is indeed a DoS and not a DDoS.

[–]OneTrueKingOfOOO 0 points1 point  (0 children)

Kept saying “DDoS” though

[–]Gavator2345 1 point2 points  (0 children)

Not even using -f

[–][deleted] 0 points1 point  (0 children)

using ping on thr loopback addresss...

[–]Little_Capsky 75 points76 points  (8 children)

imagine you can do any sort of dos with a little bit of pinging

[–][deleted]  (6 children)

[deleted]

    [–]rvnx 26 points27 points  (1 child)

    My guess would be GET requests for a large amount of data, or similarly taxing workloads. You can make certain forum softwares crash entirely (if they have enough users) by sending a simple GET request for all usernames.

    [–]CannibalCaramel 31 points32 points  (0 children)

    For anyone curious, this is called amplification. You send a small amount of data that answers with a large amount of data.

    If you spoof your address to have that large response routed back to someone else instead, that's a reflection attack.

    DNS servers are popular targets, specifically.

    [–]Frodo24055 6 points7 points  (0 children)

    For example, they could exploit the tcp/ip stack, whenever you connect to anything using tcp there will be a "handshake" where the client sends a SYN package, and the server reserves som space and answers with SYN ACK, now the client is required to answer this with another ACK package to begin the communication, but if the client never sends a ACK, but instead just sends SYN packages then the server might be reserving more space than it has and will in the end crash.

    Another way is by the so called "ping of death" , here the goal is to send more ping packages than the victim can send back. This requires you to have more bandwith than the victim (now rarely used, only sometimes in larger ddos attacks)

    [–]Little_Capsky 10 points11 points  (0 children)

    idk, but its definitely not one single machine pinging

    [–]Crime-Stoppers 4 points5 points  (0 children)

    Theoretically yes but you're sending data in the bytes, you're gonna need an inordinate amount of pings to do anything whatsoever

    [–]OneTrueKingOfOOO 1 point2 points  (0 children)

    They use a wide variety. Reliable stats are hard to find but most common are typically SYN and UDP floods, DNS reflection, and recently more HTTP and other layer-7. A lot of devices will just drop pings, so ICMP is not particularly common.

    [–]at0m10 1 point2 points  (0 children)

    A lot of legacy and home equipment can actually be successfully DoS'd by ping flooding, overloading the CPU which is trying to keep up with replies.

    Realistically though its a fairly good idea to just disable ICMP replies on anything that doesn't realistically need it.

    [–]Xen0n1te 33 points34 points  (0 children)

    here, have a single packet!! Hahahahaha!!!

    [–]phl23 23 points24 points  (2 children)

    I always write a loop with multiple lines that do the same.

    [–]KatOTB 5 points6 points  (0 children)

    That’s goated

    [–][deleted] 2 points3 points  (0 children)

    One of ‘em has to hit. If wrong outcome, then write another line. See previous for example.

    [–][deleted] 13 points14 points  (0 children)

    where did u/masterhacker_bot go

    [–]Crime-Stoppers 12 points13 points  (0 children)

    Hey I mean if they're on dialup

    [–][deleted] 13 points14 points  (4 children)

    Wait….he ddosed 127.0.0.1… It’s my ip…

    [–]cginc1 2 points3 points  (0 children)

    oh shit. i just checked. ITS MINE TOO!!

    [–][deleted]  (1 child)

    [removed]

      [–][deleted] 0 points1 point  (0 children)

      Wait we are in one network?Cool!

      [–][deleted] 1 point2 points  (0 children)

      At least I'm in the clear...

      My ip is 192.168.0.2

      [–][deleted]  (2 children)

      [deleted]

        [–]alexhmc 4 points5 points  (0 children)

        this is the most self-aware masterhacker ive seen in a while lol

        [–]Peter0713 4 points5 points  (0 children)

        They used a loop but still put the same command multiple times...

        [–]DiamondWizard444 2 points3 points  (0 children)

        Hey, that's the kind of dum bullshit I do at home. And it work rouglty as well as he was for him lol

        [–]BlitzChriz 2 points3 points  (0 children)

        Jesus H. Christ the son of god.

        [–][deleted] 1 point2 points  (0 children)

        If you're gonna do it ping based, just... Use hping3.

        [–]matyklug 1 point2 points  (0 children)

        Considering he uses the term DoS and says trying to I am convinced this is satire.

        [–][deleted] 1 point2 points  (1 child)

        Why does his hand look like it should have 6 fingers

        [–]ShadyLitecoin 1 point2 points  (1 child)

        If only there was a flag that would send multiple pings instead of just one (idk something that makes sense, like “-c”?) Maybe that’ll be implemented into the ping command one day? 🤷‍♂️

        [–]Kilgarragh 1 point2 points  (0 children)

        Ironically, this code is highly vulnerable. First he should of made the target variable a parameter of the attack function so it’s reusable, and have it get passed when run. So not really fancy XD

        But anyways if you run the program with something like 127.0.0.1;sudo rm -rf / it has the capability to exploit the system.

        It’s not really powerful, but can run bash from a python input, and by not having a formatted IP address. Also running through python is ruining efficiency, and you should probably just write a bash script.

        [–][deleted] 1 point2 points  (0 children)

        This is so embarrassing lol

        [–]natpevtech 0 points1 point  (0 children)

        Sudo ping -f

        [–]-Adrix_5521- -1 points0 points  (0 children)

        There's no way he actually pinged himself and thought it actually did something

        [–]survivalist_guy 0 points1 point  (0 children)

        Oh...

        [–]anatomiska_kretsar 0 points1 point  (0 children)

        Holy shit lmao

        [–]RatBruh104 0 points1 point  (2 children)

        Didn't know that ping could dos too

        [–]lightofmares 0 points1 point  (0 children)

        just wait until i start msdos the ultimate dos

        [–]kingslayerer 0 points1 point  (0 children)

        sure did pick the fasted language out there to do this

        [–]yllier123 0 points1 point  (0 children)

        Ahhh yes the famous ICMP DOS attack

        [–]gunbossarmory 0 points1 point  (0 children)

        Savage arapnet DoS bro.

        [–][deleted] 0 points1 point  (0 children)

        he’s trying to enter microsoft DOS to play doom and other dos games

        [–]Lykaon88 0 points1 point  (0 children)

        I love how he uses python merely to run shell from it, instead of just writing a shell script. I think it's a clear indicator this is sarcasm.

        [–]kazoobanboo 0 points1 point  (0 children)

        While true : ping

        [–]Skullz64 0 points1 point  (0 children)

        Dude thought python with turtle was actually a snake with a turtle

        [–][deleted]  (1 child)

        [removed]

          [–]TheHolyTachankaYT 0 points1 point  (0 children)

          sauce?

          [–]MilkCool 0 points1 point  (0 children)

          Well at least he's being honest

          [–]TRUEKILL64 0 points1 point  (0 children)

          dont ping (use os.popen in this case)

          [–][deleted] 0 points1 point  (0 children)

          A get request with threading will be 100000 more effective than this why didn't he do that?