How to make a DoS using Go?

xuanbao · · 421 次点击    
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
<p>So i am wanting to make a simple DoS program that will ping a IP with junk data... Would anyone be able to help me figure out how to do this?</p> <p>Anyone who helps will be added to the credits of my project, as its open source.</p> <hr/>**评论:**<br/><br/>bbrazil: <pre><p>ICMP is tricky as you have to use raw sockets, see <a href="https://github.com/prometheus/blackbox_exporter/blob/master/icmp.go" rel="nofollow">https://github.com/prometheus/blackbox_exporter/blob/master/icmp.go</a></p></pre>SaturnsVoid: <pre><p>wow. Go is based around internet uses but they didn&#39;t implement a simple ping system?</p></pre>TheMerovius: <pre><p>You should really read up about how this stuff works. For one thing, using raw sockets requires elevated privileges.</p></pre>Kyrra: <pre><p>If you search, they actually have this: <a href="https://godoc.org/golang.org/x/net/icmp" rel="nofollow">https://godoc.org/golang.org/x/net/icmp</a></p> <p>Ping is really just a subset of the ICMP protocol, just most people use ping from it. It can do a lot of stuff beyond just ping. And it has a different spec when it comes to IPv6.</p></pre>TheMerovius: <pre><p>You don&#39;t, in go or otherwise. Doing stuff like this is unethical and illegal.</p></pre>toelint: <pre><p>It&#39;s only illegal to use against a system you don&#39;t own. It&#39;s great to understand how the bad guys work in order to figure out how to stop them.</p></pre>mwholt: <pre><blockquote> <p>a system you don&#39;t own</p> </blockquote> <p>*without permission and with malicious intent</p></pre>TheMerovius: <pre><p>Intent is actually irrelevant. If I attack your system, claiming that it was &#34;well-intended&#34; is in no way a defense.</p></pre>toelint: <pre><blockquote> <p>*without permission and with malicious intent</p> </blockquote> <p><strong>AND</strong></p> <p>If you don&#39;t have permission, intent is meaningless and it&#39;s illegal. If you have permission and then you abuse that permission, it&#39;s still illegal. If you have both, it&#39;s legal.</p></pre>TheMerovius: <pre><p>I claim, that someone who doesn&#39;t understand why ping doesn&#39;t just simply work as a go library, won&#39;t be able (nor intends) to use this for defense or &#34;understanding how the bad guys work&#34;.</p></pre>TheMerovius: <pre><p>And yes, I did indeed think about this before I wrote that comment and I stand by it. Defending obvious mal-intended software because it&#39;s &#34;cool&#34; is an occupational disease of programmers. Teaching ethical standards is at least as important as teaching technical abilities.</p></pre>toelint: <pre><p>You thought about the fact that it&#39;s not illegal before you wrote that it was illegal?</p> <p>I&#39;m not defending anyone. I&#39;m not advocating creating a mal-intended piece of software. I&#39;m stating that <em>you</em> were wrong. It&#39;s not illegal. It <em>is</em> a great way to understand how the bad guys work. Whether he is doing that or not is irrelevant to what I said.</p></pre>TheMerovius: <pre><blockquote> <p>You thought about the fact that it&#39;s not illegal before you wrote that it was illegal?</p> </blockquote> <p>You are clearly trying to twist my words without being interested in a serious discussion. Yes, it is indeed illegal in the vast majority of cases. I had good reasons to believe (and I still believe) that the here intended usecase is indeed an illegal one. I had no reasons to believe, that OP is well-aware of the ethical and legal implications of writing and asking for such software, which is really the <em>minimum</em> requirement for giving technical help in something like this.</p> <p>To be absolutely clear: With stuff like this, it is &#34;if in doubt, assume a person is untrained and refuse them the means to do harm to other people&#34; not &#34;well, at least at it could <em>potentially</em> be meant for nothing bad, there is nothing problematic here&#34;. You shouldn&#39;t give a gun to a child or an untrained person without a clear need to own one. You should apply the same responsibility to malware (which OP was <em>literally</em> asking for).</p> <blockquote> <p>I&#39;m stating that you were wrong.</p> </blockquote> <p>At worst, I was presumptuous. At best, I was responsible.</p> <blockquote> <p>It is a great way to understand how the bad guys work.</p> </blockquote> <p>It&#39;s actually a pretty crappy way, to be honest. Especially if your background obviously is not in IT security, because it is a very poor place to start educating yourself. For example, you should really know about basic user permissions and capabilities before it is a good idea to start nuking machines - even your own - when your intend really is to educate yourself. Otherwise you will at best observe that yes, this machine is indeed DoS&#39;d, without having any means to find out how to defend the machine or how a real attacker would <em>actually</em> work (it&#39;s probably not by sending junk pings).</p> <blockquote> <p>Whether he is doing that or not is irrelevant to what I said.</p> </blockquote> <p>No, it is not. You are behaving irresponsible. You are ignoring the lessons of history. Every major scientific field has had major ethical discussions in the past (think chemical and nuclear warfare or economic crises) and as a result decided that it is irresponsible to let knowledge just free-roam without <em>also</em> educating about basic ethical standards and the correct civil usage of technology. As a result, <em>every academic degree</em> (in Europe at least) has the education about ethical and societal impacts of the subject matter as a <em>mandatory</em> part of the curriculum. Just Computer Science (and in particular &#34;hacker culture&#34;) seems to ignore these lessons of history and offers the same BS explanations of how &#34;malware is only evil if it&#39;s used for bad things, yadayada&#34;. Probably because it&#39;s so widely viewed as a craft instead of a science and thus people <em>without</em> a proper education about the impact of their work can still do high-profile work and feel and be viewed as competent.</p></pre>noorex: <pre><p>So, owning a hammer should be illegal too? I mean, it could be used to kill people. </p></pre>TheMerovius: <pre><p>Owning a gun should be, yes. Not because it <em>could</em>, but because it is <em>designed</em> to. It&#39;s just an american notion that because an instrument designed for killing can also be used for sports and thus everyone should have one.</p></pre>SaturnsVoid: <pre><p>There isn&#39;t anything illegal about this. Anything can be used for &#34;unethical&#34; reasons, this is not. I am working on changing some programs i wrote in .NET to Go. </p></pre>Sanguistuus: <pre><p>What you&#39;ve just said is one of the most insanely idiotic things I have ever heard. At no point in your rambling, incoherent response were you even close to anything that could be considered a rational thought. Everyone in this room is now dumber for having listened to it. I award you no points, and may God have mercy on your soul.</p></pre>TheMerovius: <pre><p>I think you need to look up <a href="https://en.wiktionary.org/wiki/ramble" rel="nofollow">rambling</a>. It is characterized mostly by length. More specifically: I didn&#39;t ramble, I was to the point. You, however, did ramble quite literally.</p></pre>Sanguistuus: <pre><p>You&#39;re correct, it was an attempt at humor. </p></pre>
421 次点击  
加入收藏 微博
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传