StopPropaganda
Russia has invaded Ukraine and committed various war crimes. Russian media denies any of its attacks on civilian as well as any Russian troops casualties. According to them, they are doing this "special operation" to protect Ukrainians from...Ukraine. On top of that, some foreign media and even countries (e.g. Belarus) publicly support Russian aggression, therefore I created this simple DOS application that targets those websites/endpoints in order to take them down or significantly disrupt their services.
Mykhailo Federov (Vice Prime Minister and Minister of Digital Transformation of Ukraine) has shared this twitter post encouraging cyber attack on certain targets via Telegram group. This will be primary source of the target websites for this application.
Русский военный корабль, иди нахуй!
DISCLAIMER: (D)DOS'ing is illegal! Usage of this tool is intended for educational purposes only.
Table of contents generated with markdown-toc
Usage
Docker
Usage:
docker pull erikmnkl/stoppropaganda # Download latest docker image
docker rm -f stoppropaganda # Remove existing container (if any)
# Run container
docker run --name stoppropaganda -d --ulimit nofile=128000:128000 -p "8049:8049/tcp" erikmnkl/stoppropaganda
Also see Configuration and Web UI. For docker run
, pass environment variables using -e
argument, for example -e SP_WORKERS=50 -e SP_DNSWORKERS=500
.
docker-compose
docker-compose.yaml and other docker-compose YAML examples are available.
Usage:
docker-compose pull # Pull latest image
docker-compose up -d # Create/recreate container
See Docker for additional information. Also see Configuration and Web UI.
Kubernetes
See stoppropaganda.yaml.
You can also use kubectl
:
kubectl create ns stoppropaganda
kubectl apply -f stoppropaganda.yaml
NOTE: edit stoppropaganda.yaml
with required number of replicas.
See Docker for additional information. Also see Configuration and Web UI.
Android
In order to use on Android:
- Install Termux from Google Play.
- Install Automate from Google Play.
- Download StopPropaganda_launcher.flo and import (simply opening it with Automate will import it).
- Launch imported Flow into Automate app and it will guide you step by step.
NOTE: On startup it will pull the latest version automatically, so in order to update - stop the app in Termux and re-run this Flow.
More advanced users might want to edit Automate flow themselves to further customize configuration. See Configuration and Usage.
Binaries
Download binary from releases.
Additional steps needed for Linux prior usage:
# Make downloaded binary executable
chmod +x stoppropaganda_v0.0.1_linux_x86_64
# Increase open files limit for current terminal session to a maximum allowed by a kernel
ulimit -n unlimited
Usage:
# Execute binary
./stoppropaganda_v0.0.1_linux_x86_64 --help
# Example
./stoppropaganda_v0.0.1_linux_x86_64 --workers 10000 --dnsworkers 50000
Linux users might want to autostart this on boot, see stoppropaganda.service. Upload that file to /etc/systemd/system/stoppropaganda.service
with updated ExecStart
value and then usage;
# Reload SystemD daaemon (after editing service file)
systemctl daemon-reload
# Then usage
systemctl enable stoppropaganda.service
systemctl disable stoppropaganda.service
systemctl start stoppropaganda.service
systemctl stop stoppropaganda.service
systemctl status stoppropaganda.service
systemctl kill stoppropaganda.service
journalctl -f -u stoppropaganda.service
Configuration
Configuration can only be done in 2 ways:
- Command line arguments
- Environment variables
algorithm
Configuration via command line argument -algorithm fair
or via environment variable SP_ALGORITHM="fair"
.
The algorithm defines in what manner you want websites to be DOS'ed. It directly impacts resource usage and performance of this application.
Available algorithms:
fair
(Default)- Known as "workers per website" (specified amount of workers will be divided equally for each website).
- Specifying less workers than websites will result in some websites without workers.
- Uses less CPU and RAM.
- By nature it wastes more traffic and generally has bigger impact.
rr
- Similar to slow loris, but more random.
- Known as "pool of workers" (each worker will take the next pending website from the queue).
- Can be used with as low as 1 worker.
- Uses more CPU and RAM.
- By nature it prioritizes slower websites.
anticache
Configuration via command line argument -anticache true
or via environment variable SP_ANTICACHE=true
.
Default value of true
means that randomly generated query and cookie will be sent with each request.
bind
Configuration via command line argument -bind ":8049"
or via environment variable SP_BIND=":8049"
.
Default value of :8049
is the same as 0.0.0.0:8049
which means web interface is accessible externally on port 8049
. If you want to limit web interface to be accessible only from the same host, use 127.0.0.1:8049
.
dialconcurrency
Configuration via command line argument -dialconcurrency 10000
or via environment variable SP_DIALCONCURRENCY=10000
.
Default value of 10000
means that there will be maximum of 10000 concurrent dials from fasthttp.
dialspersecond
Configuration via command line argument -dialspersecond 2500
or via environment variable SP_DIALSPERSECOND=2500
.
Default value of 2500
means that there will be maximum of 2500 TCP SYN packets sent per second from fasthttp.
dnstimeout
Configuration via command line argument -dnstimeout 1s
or via environment variable SP_DNSTIMEOUT=1s
.
Default value of 1s
means that worker will wait for a DNS server response for 1s
until it gives up.
dnsworkers
Configuration via command line argument -dnsworkers 100
or via environment variable SP_DNSWORKERS=100
.
Default value of 100
means that there will be a pool of 100 workers that will DOS all the defined DNS servers.
maxprocs
Configuration via command line argument -maxprocs 1
or via environment variable SP_MAXPROCS=1
.
Defines amount of system threads (runtime.GOMAXPROCS
) used by the program.
Default value of 1 provides some optimization, because Golang doesn't have to use mutexes, atomics and inter-process synchronization mechanisms.
proxy
Configuration via command line argument -proxy ""
or via environment variable SP_PROXY=""
.
Proxy supports SOCKS4, SOCKS5 and HTTP proxies (or comma separated proxy chains). For example -proxy "socks5://tor:9050"
.
Usage of this parameter can be combined with proxybypass
parameter.
proxybypass
Configuration via command line argument -proxybypass ""
or via environment variable SP_PROXYBYPASS=""
.
For example -proxybypass "localhost"
.
This parameter is only applicable when used with proxy parameter.
timeout
Configuration via command line argument -timeout 10s
or via environment variable SP_TIMEOUT=10s
.
Default value of 10s
means that worker will wait for a website response for 10s
until it gives up.
useragent
Configuration via command line argument -useragent "..."
or via environment variable SP_USERAGENT="..."
.
Default value is Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4896.127 Safari/537.36
. User agent is sent with HTTP requests to defined websites.
workers
Configuration via command line argument -workers 1000
or via environment variable SP_WORKERS=1000
.
Default value of 1000
means that there will be a pool of 1000 workers that will DOS all the defined websites.
Web UI
As of now there is no fancy web interface, only a JSON pre-formatted output.
The following endpoints are available:
http://127.0.0.1:8049/status
http://127.0.0.1:8049/dnscache
http://127.0.0.1:8049/downloaded
Example usage on Linux:
# Simple:
curl http://127.0.0.1:8049/status
# Using JQ to format output
curl http://127.0.0.1:8049/status | jq .
Also see bind for host and port configuration.
Building from source
Uninstall any existing Golang installations if you installed from official Linux repos. They are usually outdated and might not work at all.
Download and install Golang using these instructions. Validate if Golang binary works:
$ go version
go version go1.17.7 linux/amd64
Download this repo:
git clone https://github.com/erkexzcx/stoppropaganda.git
cd stoppropaganda
Now you have 2 options to run this application:
# Increase open files limit for current terminal session to a maximum allowed by a kernel
ulimit -n unlimited
# Run without compiling to binary
go run cmd/stoppropaganda/main.go --help
# Build binary and run it
go build -o stoppropaganda cmd/stoppropaganda/main.go
./stoppropaganda --help
You can also build for other architectures/platforms as well, see build.sh
file.
Troubleshooting
Too many open files
Most Linux distributions have limits on how many files (connections) can be opened to prevents things like fork bomb.
More information on how to increase them here.
Crashing
Reason 1: Make sure you have enough RAM. It is also wise to monitor RAM and CPU usage once application is started. Since March 3, with the latest release it was switched from workers per website/dns to pool of workers. Once you find a sweet spot resource-wise, there should be no need to change it with updates.
Reason 2: Work in progress. Always check if (a) Russians are still invading Ukraine and (b) there is a new release available.
Detected as virus
Some anti-virus applications detect this application as virus. This application is not a virus and it has no malicious code in it. In fact, this application is open source and by the nature - everyone is free to inspect the code, improve it and build their own binaries by themselves (if you don't trust my binaries).
There are several reasons why this application might be tagged as virus:
- Putin wants this application to be treated as virus. Haters do exist. EDIT: I've disabled
Issues
tab since some russian users decided to scare me by spamming issues, spamming emails using haveibeenpwned websites via "forgot password" mechanism and d0xxing. - This application has hardcoded Yandex DNS servers (helps with some russian websites "geoblocking") that ignores your network settings.
- At the moment this application has ~400 hardcoded targets, which is not common in regular applications.
- Malware that is used to DDOS targets is usually working in pretty much the same manner as this application, so this application might be treated as such.
Recommendations
- Increase
workers
/dnsworkers
count for a greater effect. For example,-workers 1000000
worked great with 1GBPS internet. - Adjust
dnstimeout
based on your location. Change to something like200ms
and see how it behaves. If "success" queries are low and thus "timeout errors" increase - increase timeout. - Change
useragent
to yours (used for websites only). See this. - General recommendation is to use VPN, but this is not necessary. Remember - DOS/DDOS is illegal.
Inspiration
This application was inspired by the following projects: