Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

(solved)Bad bash script

Programming languages, Coding, Executables, Package Creation, and Scripting.
Post Reply
Message
Author
User avatar
GarryRicketson
Posts: 5644
Joined: 2015-01-20 22:16
Location: Durango, Mexico

(solved)Bad bash script

#1 Post by GarryRicketson »

I have someone asking me about this on the spanish forum,
Ataque DoS, question

In a nut shell, a user , experimenting , started this script:

Code: Select all

 #!/bin/bash
# Ping multiple destinations at once
args=$#
interval=$1
shift;
pktsize=$1
shift;
for (( i=3; i<=$args; i++ )); do
        ping -i $interval -s $pktsize $1 > /dev/null &
        shift;
done 
I do not know enough about bash scripts to even know what it does,
However, DO NOT run it, the problem it has caused is they can not stop
it, even killing the process, apparently, it starts up again even after re-booting
the server,
some additional info:

Code: Select all

 ps -ef | grep pingIP | grep -v 'grep pingIP'
lausan     3317  2649  0 10:23 pts/0    00:00:00 grep --color=auto pingIP
lausan     3318  2649  0 10:23 pts/0    00:00:00 grep --color=auto pingIP 
and

Code: Select all

 pkill pingIP 
I have told the person to try using
'top' and see what the P id number is, and instead of
"pkill"

Code: Select all

 kill "pid number" 
Any way , if anyone has some ideas, any feed back or suggestion is
appreciated, and thanks.
P.S. I am also trying to do some searches, to see what more
I can find,
Last edited by GarryRicketson on 2017-01-29 18:53, edited 1 time in total.

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Bad bash script

#2 Post by bw123 »

Any way , if anyone has some ideas, any feed back or suggestion is
appreciated, and thanks.
Tell the punk that DoS ain't funny, and grow up?
resigned by AI ChatGPT

User avatar
GarryRicketson
Posts: 5644
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: Bad bash script

#3 Post by GarryRicketson »

Well, yes, I mean no it is not funny, But how to stop the script forever ?

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Bad bash script

#4 Post by bw123 »

sheesh... these kids nowadays, how about this?

# rm pingIP
resigned by AI ChatGPT

User avatar
GarryRicketson
Posts: 5644
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: Bad bash script

#5 Post by GarryRicketson »

OK thanks

csystem
Posts: 4
Joined: 2016-08-20 12:47

Re: Bad bash script

#6 Post by csystem »

All that that script appears to do is ping a bunch of host at the same time with the same interval and packet size
e.g. $bash pingIP.sh 1 56 192.168.1.1 google.com
Then it will send a 56 byte size packet to 192.168.1.1 and google.com every second indefinitely.
Yes, it can be used as a ddos by setting the packet size very high and the interval very low.

But your script is not running forever. It just stats as many ping commands as you have agruments and stops.
After a reboot, this will most definitely stop.
GarryRicketson wrote:

Code: Select all

 ps -ef | grep pingIP | grep -v 'grep pingIP'
lausan     3317  2649  0 10:23 pts/0    00:00:00 grep --color=auto pingIP
lausan     3318  2649  0 10:23 pts/0    00:00:00 grep --color=auto pingIP 
Check the actual process you are seeing here: "grep --color=auto pingIP"
You are just seeing the grep process that is obviously running as you just started it.

Just check your running processes using htop and press f4 to filter the results

User avatar
GarryRicketson
Posts: 5644
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: (solved)Bad bash script

#7 Post by GarryRicketson »

Thanks for explaining it more, this was so long ago, and I had forgotten
to mark it solved, but anyway the explanation will help others understand
it better.
Thanks

Post Reply