Russia has invaded Ukraine and committed various war crimes. Russian media denies any of its attacks on civilian as well as any Russian troops casualties. According to them, they are doing this "special operation" to protect Ukrainians from...Ukraine. On top of that, some foreign media and even countries (e.g. Belarus) publicly support Russian aggression, therefore I created this simple DOS application that targets those websites/endpoints in order to take them down or significantly disrupt their services.
Mykhailo Federov (Vice Prime Minister and Minister of Digital Transformation of Ukraine) has shared this twitter post encouraging cyber attack on certain targets via Telegram group. This will be primary source of the target websites for this application.
Русский военный корабль, иди нахуй!
DISCLAIMER: (D)DOS'ing is illegal! Usage of this tool is intended for educational purposes only.
Table of contents generated with markdown-toc
Usage:
docker pull erikmnkl/stoppropaganda # Download latest docker image
docker rm -f stoppropaganda # Remove existing container (if any)
# Run container
docker run --name stoppropaganda -d --ulimit nofile=128000:128000 -p "8049:8049/tcp" erikmnkl/stoppropagandaAlso see Configuration and Web UI. For docker run, pass environment variables using -e argument, for example -e SP_WORKERS=50 -e SP_DNSWORKERS=500.
docker-compose.yaml and other docker-compose YAML examples are available.
Usage:
docker-compose pull # Pull latest image
docker-compose up -d # Create/recreate containerSee Docker for additional information. Also see Configuration and Web UI.
See stoppropaganda.yaml.
You can also use kubectl:
kubectl create ns stoppropaganda
kubectl apply -f stoppropaganda.yamlNOTE: edit stoppropaganda.yaml with required number of replicas.
See Docker for additional information. Also see Configuration and Web UI.
In order to use on Android:
- Install Termux from Google Play.
- Install Automate from Google Play.
- Download StopPropaganda_launcher.flo and import (simply opening it with Automate will import it).
- Launch imported Flow into Automate app and it will guide you step by step.
NOTE: On startup it will pull the latest version automatically, so in order to update - stop the app in Termux and re-run this Flow.
More advanced users might want to edit Automate flow themselves to further customize configuration. See Configuration and Usage.
Download binary from releases.
Additional steps needed for Linux prior usage:
# Make downloaded binary executable
chmod +x stoppropaganda_v0.0.1_linux_x86_64
# Increase open files limit for current terminal session to a maximum allowed by a kernel
ulimit -n unlimitedUsage:
# Execute binary
./stoppropaganda_v0.0.1_linux_x86_64 --help
# Example
./stoppropaganda_v0.0.1_linux_x86_64 --workers 10000 --dnsworkers 50000Linux users might want to autostart this on boot, see stoppropaganda.service. Upload that file to /etc/systemd/system/stoppropaganda.service with updated ExecStart value and then usage;
# Reload SystemD daaemon (after editing service file)
systemctl daemon-reload
# Then usage
systemctl enable stoppropaganda.service
systemctl disable stoppropaganda.service
systemctl start stoppropaganda.service
systemctl stop stoppropaganda.service
systemctl status stoppropaganda.service
systemctl kill stoppropaganda.service
journalctl -f -u stoppropaganda.serviceConfiguration can only be done in 2 ways:
- Command line arguments
- Environment variables
Configuration via command line argument -algorithm fair or via environment variable SP_ALGORITHM="fair".
The algorithm defines in what manner you want websites to be DOS'ed. It directly impacts resource usage and performance of this application.
Available algorithms:
fair(Default)- Known as "workers per website" (specified amount of workers will be divided equally for each website).
- Specifying less workers than websites will result in some websites without workers.
- Uses less CPU and RAM.
- By nature it wastes more traffic and generally has bigger impact.
rr- Similar to slow loris, but more random.
- Known as "pool of workers" (each worker will take the next pending website from the queue).
- Can be used with as low as 1 worker.
- Uses more CPU and RAM.
- By nature it prioritizes slower websites.
Configuration via command line argument -anticache true or via environment variable SP_ANTICACHE=true.
Default value of true means that randomly generated query and cookie will be sent with each request.
Configuration via command line argument -bind ":8049" or via environment variable SP_BIND=":8049".
Default value of :8049 is the same as 0.0.0.0:8049 which means web interface is accessible externally on port 8049. If you want to limit web interface to be accessible only from the same host, use 127.0.0.1:8049.
Configuration via command line argument -dialconcurrency 10000 or via environment variable SP_DIALCONCURRENCY=10000.
Default value of 10000 means that there will be maximum of 10000 concurrent dials from fasthttp.
Configuration via command line argument -dialspersecond 2500 or via environment variable SP_DIALSPERSECOND=2500.
Default value of 2500 means that there will be maximum of 2500 TCP SYN packets sent per second from fasthttp.
Configuration via command line argument -dnstimeout 1s or via environment variable SP_DNSTIMEOUT=1s.
Default value of 1s means that worker will wait for a DNS server response for 1s until it gives up.
Configuration via command line argument -dnsworkers 100 or via environment variable SP_DNSWORKERS=100.
Default value of 100 means that there will be a pool of 100 workers that will DOS all the defined DNS servers.
Configuration via command line argument -maxprocs 1 or via environment variable SP_MAXPROCS=1.
Defines amount of system threads (runtime.GOMAXPROCS) used by the program.
Default value of 1 provides some optimization, because Golang doesn't have to use mutexes, atomics and inter-process synchronization mechanisms.
Configuration via command line argument -proxy "" or via environment variable SP_PROXY="".
Proxy supports SOCKS4, SOCKS5 and HTTP proxies (or comma separated proxy chains). For example -proxy "socks5:https://tor:9050".
Usage of this parameter can be combined with proxybypass parameter.
Configuration via command line argument -proxybypass "" or via environment variable SP_PROXYBYPASS="".
For example -proxybypass "localhost".
This parameter is only applicable when used with proxy parameter.
Configuration via command line argument -timeout 10s or via environment variable SP_TIMEOUT=10s.
Default value of 10s means that worker will wait for a website response for 10s until it gives up.
Configuration via command line argument -useragent "..." or via environment variable SP_USERAGENT="...".
Default value is Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36. User agent is sent with HTTP requests to defined websites.
Configuration via command line argument -workers 1000 or via environment variable SP_WORKERS=1000.
Default value of 1000 means that there will be a pool of 1000 workers that will DOS all the defined websites.
As of now there is no fancy web interface, only a JSON pre-formatted output.
The following endpoints are available:
https://127.0.0.1:8049/status
https://127.0.0.1:8049/dnscache
https://127.0.0.1:8049/downloaded
Example usage on Linux:
# Simple:
curl https://127.0.0.1:8049/status
# Using JQ to format output
curl https://127.0.0.1:8049/status | jq .Also see bind for host and port configuration.
Uninstall any existing Golang installations if you installed from official Linux repos. They are usually outdated and might not work at all.
Download and install Golang using these instructions. Validate if Golang binary works:
$ go version
go version go1.17.7 linux/amd64Download this repo:
git clone https://github.com/erkexzcx/stoppropaganda.git
cd stoppropagandaNow you have 2 options to run this application:
# Increase open files limit for current terminal session to a maximum allowed by a kernel
ulimit -n unlimited
# Run without compiling to binary
go run cmd/stoppropaganda/main.go --help
# Build binary and run it
go build -o stoppropaganda cmd/stoppropaganda/main.go
./stoppropaganda --helpYou can also build for other architectures/platforms as well, see build.sh file.
Most Linux distributions have limits on how many files (connections) can be opened to prevents things like fork bomb.
More information on how to increase them here.
Reason 1: Make sure you have enough RAM. It is also wise to monitor RAM and CPU usage once application is started. Since March 3, with the latest release it was switched from workers per website/dns to pool of workers. Once you find a sweet spot resource-wise, there should be no need to change it with updates.
Reason 2: Work in progress. Always check if (a) Russians are still invading Ukraine and (b) there is a new release available.
Some anti-virus applications detect this application as virus. This application is not a virus and it has no malicious code in it. In fact, this application is open source and by the nature - everyone is free to inspect the code, improve it and build their own binaries by themselves (if you don't trust my binaries).
There are several reasons why this application might be tagged as virus:
- Putin wants this application to be treated as virus. Haters do exist.
- This application has hardcoded Yandex DNS servers (helps with some russian websites "geoblocking") that ignores your network settings.
- At the moment this application has ~400 hardcoded targets, which is not common in regular applications.
- Malware that is used to DDOS targets is usually working in pretty much the same manner as this application, so this application might be treated as such.
- Increase
workers/dnsworkerscount for a greater effect. For example,-workers 1000000worked great with 1GBPS internet. - Adjust
dnstimeoutbased on your location. Change to something like200msand see how it behaves. If "success" queries are low and thus "timeout errors" increase - increase timeout. - Change
useragentto yours (used for websites only). See this. - General recommendation is to use VPN, but this is not necessary. Remember - DOS/DDOS is illegal.
This application was inspired by the following projects: