In this video, you'll see a simple malformed packet attack which takes down an FTP server.
- [Voiceover] Websites are not the only targets for denial of service attacks. Other services, such as the file transfer protocol, FPT are internet facing and so also at risk of being attack. I use my Windows 7 machine as the target for this attack. I've installed the small FTP server, version 0.99, and we can see the shortcut on the screen. This is a very simple FTP server and I don't need to do any configuration so I'll start it. The software is loaded but the server isn't currently listening for connections.
I'll press the start icon to activate the server. Okay, it's now listening. In Kali, I'll open the terminal window and I'll start telnet. I need to make sure that I get a correct character turn and line feed when I'm sending data so I'll set that now. Okay, I'm ready to connect to the FTP server. I'll do that using the open command noting that I also need to specify port 21 for FTP.
We can see that the FTP server displays the connection on its panel. I'll now enter a known user name. The server displays this input on its own panel showing that the data we sent was user ray. I'll now enter a special attack string as the password. We can see that the FTP server has now crashed. This is because it doesn't correctly handle the string %s on input resulting in a internal memory corruption. Okay, that's a simple denial of service caused by an internal malfunction triggered from an incoming packet.
This is a full grand application and it's a pretty visible crash. It's not at all subtle. Many server applications will operate in the background however and may not provide any indication they stopped working. It's often difficult to pinpoint the cause of such failures with hardware or application code being perceived to be the cause.
Note: Our Ethical Hacking series will map to the 18 parts of the EC-Council's certification exam. This course maps to the 09 Denial of Service domain.
- What is denial of service?
- SYN flooding
- Smurf and URL flooding
- Deauthenticating a wireless host
- Flooding HTTP
- Using BlackEnergy
- Flooding SIP
- Detecting DoS with PeerShark
- Defeating DoS attacks