DOS Attack on a .Onion Website With Tor Service Tutorial | Torshammer
INTRO
In my previous articles, we covered the Slowloris tool. which is the best tool I found to demonstrate the DOS attack. A DOS attack can be so dangerous for any website that works without any Cloud protection. Sometimes attackers are able to perform DOS attacks on the Cloud protection protected websites if the protection is somehow misconfigured.
I have explained very well to bypass a WAF or Cloud protection on a vulnerable website in my previous articles. you can read it on our website. but today, we are going to use the tor services to perform a DOS attack on any website. as it sounds, we are going to perform DOS on a .onion website using a script that uses the Tor service of your system.
Now, before going more further, I would recommend you some of my previous posts which can be useful to understand this article.
All these articles are worth looking once, in case, you have never read those on our website. I have described a normal DOS attack method in the first link above. so, it is really important for you to read that before reading this more. in the last one, I have described making your own .onion website. which is not much necessary to read.
ATTACK
I am pretty sure that it can be done manually. like using Proxychains, Tor services, and the Slowloris tool. you can try it. But I have a better way to do this attack. I found a tool on GitHub which can perform a very powerful DOS attack not only on the Surface websites but also on .onion websites. It is written in Python language.
Installation
The installation of this tool is so easy. or you can say that there is no installation. all you need to do is copy the git repository with this tool.
Type this command to download Torshammer on your system:
git clone https://github.com/dotfighter/torshammer.git
or you can just download the zip file: DOWNLOAD
RUN
∗ Fire up your terminal and go to the downloaded directory:
cd torshammer
∗ now run this command to give it all permissions:
chmod +x *.py
the “
∗” in the command is to tell the bash that apply this command on everything that has a “.py” as an extension in the end. now you can execute these files easily.
∗ now we will install the TOR services in our Linux, type this command:
apt install tor
Screenshot:
∗ let’s look at the help menu of this tool:python torshammer.pyScreenshot:As you can see the menu, we will require a HOST or IP mostly.∗ we are going to use it on our website which is locally hosted on my apache2 first:python toshammer.py -t 192.168.43.121/index.phpwell, it should work fine if you have set up everything correctly.∗ Now, we will use it on an onion website. but I will highly suggest you to perform it only on an onion website that you have created.python torshammer -t <onion website> -T-Tis for enabling Tor services. and remember one thing that it uses port 80 as default but if you want to change it then you can use -p <PORT> flag.Stay home, stay safe and keep reading our articles.Thanks For Visiting
Tags
ethical hacking