Introduction

Before coming to the impulse hacking tool, we must know about the DOS attack. DOS attack means Denial of services attack. When we try to search any information on the internet, the request goes to servers and the server replies back immediately. This process happen when the server doesn’t have any load. In case if the server has more traffic, it stops responding to the client. This is where hackers generate huge traffic using DOS tools to stop server from responding.

Now coming to the Impulse hacking tool, this tool is used to perform DOS attack like sending the huge traffic to the targeted devices, websites, etc. There are many tools available in open source community and are used by by ethical hacking researchers of International Institute of Cyber Security to perform in house DOS testing. Impulse tool can be used to bombard any mobile number with SMS, CALLS using DOS attack and even it can be used to do TCP, UDP DOS attack.

Environment

Os: Microsoft Windows [Version 10.0.18363.720]
PROCESSOR_ARCHITECTURE: AMD64

Installation steps

Before downloading the impulse in our windows machine. We have to install python on our windows machine.

Download python 3.6.0 version from the below link:
https://www.python.org/downloads/release/python-360/
After installing the python, verify the python installed correctly.
In the start menu type IDLE (python 3.6.0), write simple program print(“Hello-world”)
If it executes, our installation is successful
Now, download the impulse zip file from the below link and extract the files.
https://github.com/LimerBoy/Impulse/archive/master.zip
Now open the CMD as an Administrator and go to the Impulse Folder file by using cd command.
cd /path/to/Impulse-files/ in our case cd C:\iiCyberSecurity\Impulse-master
Next, we have to install dependencies, by using command pip install -r requirements.txt

Now, use below command to launch the Impulse Tool, and there we can find the help options.
python impulse.py

In the Impulse Tool we see different methods to perform this tool

SMS FLOODING

When can use this method to Bombard mobile number with SMS and Call on the target number, as it keeps on sending the SMS and Calling to the targeted number.

Type this command to perform SMS Bombarding
python impulse.py –method SMS –target +918328365*** –time 30 –threads 3
- Method:Select the method to attack
- Target: Enter target mobile number
- Threads: Number of times to process the attack
Here started the attack on target phone number, as we can see below that its sending Messages to the targeted number.

Below we can see that victim mobile has received few Messages.

In the same way victim has received Fraud call from number continuously.

Here we can see the number of times we received the call.

HTTP Method

HTTP (HyperText Transfer Protocol) is used for for data communication. Now in this tool we are going to use the HTTP method to send unwanted requests to the server to perform an DOS attack.

Use this command:
python impulse.py –method HTTP –target http://192.168.1.108 –time 20 –threads 5

We have captured the requests using Wireshark Tool to demonstrate HTTP flooding.

TCP Method

TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) theses both are used to data transmission. TCP is a connection-oriented protocol. In TCP is a 3-way handshake process SYN, SYN+ACK, and ACK.

UDP: User Datagram is a connectionless protocol and it is faster compared to the TCP Protocol. In the UDP Protocol, it sends the packets to the server and where we don’t have any confirmation about whether the packet is received by server or not

Use this command python impulse.py –method TCP –target 192.168.1.108:22 –time 20 –threads 5 to perform an attack.

In the same way, we have captured the request of these packets using Wireshark Tool.

After capturing the packets in the Wireshark tool, there we see different options sources, destination, protocol and info about the packets.

If we see there for few packets in different color and if we see in the info there, we can find ACK and [RST, ACK].
- ACK: ACK means Acknowledging data that has been received by another machine.
- [RST, ACK]: The [RST, ACK] means RESET send by other party with acknowledging the previous data.
Understanding of the wireshark is important part of digital Forensics.

Conclusion

This tool can be used in doing social engineering test at organization level, to check the organization behavior to such attacks. So we saw on how to perform a DOS attack on a particular mobile number and on how we can generate huge TCP, UDP traffic for your lab testings. DO NOT TRY DOS ON PRODUCTION SYSTEMS WITHOUT PRIOR PERMISSIONS.

Jitender Narula

Cyber Security Specialist with 18+ years of industry experience . Worked on the projects with AT&T, Citrix, Google, Conexant, IPolicy Networks (Tech Mahindra) and HFCL. Constantly keeping world update on the happening in Cyber Security Area.

How to Bombard Your Friend with SMS and CALLS using DOS Tool

Introduction

Environment

Installation steps

SMS FLOODING

HTTP Method

TCP Method

Conclusion

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

Web-Based PLC Malware: A New Technique to Hack Industrial Control Systems

The API Security Checklist: 10 strategies to keep API integrations secure

11 ways of hacking into ChatGpt like Generative AI systems

How to send spoof emails from domains that have SPF and DKIM protections?

Silent Email Attack CVE-2023-35628 : How to Hack Without an Email Click in Outlook

How to Bypass EDRs, AV with Ease using 8 New Process Injection Attacks

Cyber Security Channel