Jump to content
 Share

Roy

Packet Batch

Recommended Posts

Hi all!

 

I just wanted to announce a new project I am working on called Packet Batch. It is based off of my previous project, Packet Sequence. In fact, a majority of the code I wrote for Packet Sequence is being used in this project. However, I made a more modular system for Packet Batch that utilizes GitHub submodules themselves.

 

Description

Packet Batch is a tool that can be used for pen-testing or network monitoring. It allows you to specify multiple sequences where you can specify custom thread spawning counts, layer 2/3/4 and payload modifications, and much more. The tool can be considered a DoS tool all the way to a network monitoring tool (e.g. if you want to send single packets to a destination).

 

Configuration for this tool may be found here. Test YAML configuration files may be found here.

 

Standard Version

The Packet Batch Standard Version uses AF_PACKETv3 Linux sockets. With that said, it has support for TCP cooked sockets which automatically establishes a TCP three-way handshake and is great for sending HTTP requests and more.

 

GitHub Repository

 

AF_XDP Version

The Packet Batch AF_XDP Version utilizes the newest type of Linux sockets called AF_XDP. While the programming aspects of AF_XDP sockets are more complicated, it is just as easy to setup this special version of Packet Batch compared to the standard version. However, two things to keep in mind.

 

  1. AF_XDP sockets require a more recent Linux kernel.
  2. TCP cooked sockets are NOT supported in AF_XDP.

 

Due to the above, I decided not to utilize AF_XDP sockets in the standard version.

 

With that said, from the benchmarks I've performed on my Proxmox VMs, the AF_XDP version is 5 - 10% more faster than the standard version and also is a lot more consistent in the amount of packets it is sending (due to the use of rings I'd imagine and also we aren't performing as many system calls such as sendto()).

 

GitHub Repository

 

The DPDK Version

The Packet Batch DPDK Version is yet to be released, but will be utilizing the DPDK to send packets out.

 

The DPDK should be faster than both the standard and AF_XDP versions. However, the DPDK itself is a kernel-bypass library which means it is more complex to setup as a whole and only supported by certain hardware.

 

GitHub Repository

 

Credits

 

Project's Organization

Share this post


Link to post
Share on other sites


10 hours ago, DrakoHD said:

Man this is very useful I know someone who might need this!

I hope they enjoy it! It reminds me of someone I knew who (D)DoS'd people in 2016 within GFL and didn't even bother to attack me. Like honestly what a bitch they were! If you're going to go around (D)DoS'ing people's home network (which is honestly the least impressive thing I've seen), at least do it to me!

 

10 hours ago, Salad said:

Nice... a new tool for me to use......

  Reveal hidden contents

 

Just wait for the DPDK version 😄 Hey! Do you remember that person who attacked everyone BUT me in 2016? I really hope they're smart enough to learn how to install and use the DPDK!

 

I love you Salad xD

 

1 hour ago, spookyowo said:

Roy i love you

I love you too ❤️

Share this post


Link to post
Share on other sites


The special version of Packet Batch that utilizes the DPDK is released! Read here for more information.

 

I have only been able to utilize one port (therefore, one l-core) on my home VMs. However, I was able to send ~410K packets per second alone with this one single core. Whereas, the AF_XDP version was sending 1.2 million packets per second on four cores. Therefore, at this rate, the DPDK version will be able to push closer to TWO million packets per second if I utilized all four cores.

 

Keep in mind this is one an older Intel Xeon CPU with virtualization and more.

 

With that said, the DPDK side of this version utilizes TX buffers. We use the rte_eth_tx_buffer() function so that we buffer a certain amount of packets before sending them all at once. This is usually faster than sending the packets one by one, especially if we want to send a large amount of packets.

 

Thank you!

Share this post


Link to post
Share on other sites


Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×
×
  • Create New...