bonesi man page

BoNeSi — the DDoS Botnet Simulator

Synopsis

bonesi [OPTION]... dst_ip:port

Description

BoNeSi is a DDoS Botnet Simulator for different protocol types. The attributes of the created packets and connections can be controlled by several parameters like packet rate or payload size. It spoofs the source IP addresses even when generating TCP traffic (HTTP-GET attack). Therefor it includes a simple TCP stack to handle tcp connections in promiscuous mode. In a working installation, one has to ensure that the response packets from the server are routed to the host running BoNeSi. Due to this limitation BoNeSi cannot be used in arbitrary network infrastructures running HTTP-GET attacks. The most advanced kind of traffic that can be generated are HTTP requests.

TCP/HTTP

In order to make the http requests more realistic, several things are determined by chance:
- source port: out of range defined in code
- ttl: 3..255
- tcp options: out of seven different real life options with different lengths and probabilities
- user agent for http header: out of a given list from a file

Options

-i, --ips=FILENAME

read ip addresses from this file

-p, --protocol=PROTO

udp (default), icmp or tcp

-r, --send_rate=NUM

packets per second, 0 = infinite (default)

-s, --playload_size=BYTES

size of the paylod, (default: 32)

-o, --stats_file=FILENAME

filename for the statistics, (default: 'stats')

-c, --max_packets=NUM

maximum number of packets (requests at tcp/http)
0 = infinite (default)

--integer

IPs are integers in host byte order instead of in dotted notation

-t, --max_bots=NUM

determine max_bots in the 24bit prefix randomly (1-256)

-u, --url=URL

the url (default: '/') (only for tcp/http)

-l, --url_list=FILENAME

filename with url list (only for tcp/http)

-b, --useragent_list=FILENAME

filename with useragent list (only for tcp/http)

-d, --device=DEVICE

network listening device (only for tcp/http)

-v, --verbose

print additional debug messages

-h, --help

print the help message and exit

Examples

Send 2 udp packets per second with a payload of 1200bytes to host 192.168.2.1 on port 2405:
bonesi -p udp -s 1200 -r 2 -i 50k-bots 192.168.2.1:2405

Send as many as possible, but only 100 in total udp packets with a payload of 10bytes to host 192.168.2.1 on port 2405:
bonesi -p udp -s 10 -c 100 -i 50k-bots 192.168.2.1:2405

Request http://192.168.2.1/site.html 1000 times per second via eth1:
bonesi -p tcp -r 1000 -i 50k-bots -u /site.html -d eth1 192.168.2.1:80

Author

Written by Matthias Reif, Markus Goldstein and Christian Jansohn

Reporting Bugs

Report bugs to <Markus-Go@users.noreply.github.com>.