Roy 10,832 / 0 Report Post Posted December 2, 2021 Hi all! I just wanted to announce a new project I am working on called Packet Batch. It is based off of my previous project, Packet Sequence. In fact, a majority of the code I wrote for Packet Sequence is being used in this project. However, I made a more modular system for Packet Batch that utilizes GitHub submodules themselves. Description Packet Batch is a tool that can be used for pen-testing or network monitoring. It allows you to specify multiple sequences where you can specify custom thread spawning counts, layer 2/3/4 and payload modifications, and much more. The tool can be considered a DoS tool all the way to a network monitoring tool (e.g. if you want to send single packets to a destination). Configuration for this tool may be found here. Test YAML configuration files may be found here. Standard Version The Packet Batch Standard Version uses AF_PACKETv3 Linux sockets. With that said, it has support for TCP cooked sockets which automatically establishes a TCP three-way handshake and is great for sending HTTP requests and more. GitHub Repository AF_XDP Version The Packet Batch AF_XDP Version utilizes the newest type of Linux sockets called AF_XDP. While the programming aspects of AF_XDP sockets are more complicated, it is just as easy to setup this special version of Packet Batch compared to the standard version. However, two things to keep in mind. AF_XDP sockets require a more recent Linux kernel. TCP cooked sockets are NOT supported in AF_XDP. Due to the above, I decided not to utilize AF_XDP sockets in the standard version. With that said, from the benchmarks I've performed on my Proxmox VMs, the AF_XDP version is 5 - 10% more faster than the standard version and also is a lot more consistent in the amount of packets it is sending (due to the use of rings I'd imagine and also we aren't performing as many system calls such as sendto()). GitHub Repository The DPDK Version The Packet Batch DPDK Version is yet to be released, but will be utilizing the DPDK to send packets out. The DPDK should be faster than both the standard and AF_XDP versions. However, the DPDK itself is a kernel-bypass library which means it is more complex to setup as a whole and only supported by certain hardware. GitHub Repository Credits @Roy (me) - Christian Deacon Project's Organization Share this post Link to post Share on other sites More sharing options...
DrakoHD 222 / 4,291 Report Post Posted December 2, 2021 · Hidden Hidden Man this is very useful I know someone who might need this! Thanks to @Auralanity for the amazing signature Share this post Link to post
Salad 1,132 / 18,831 Report Post Posted December 2, 2021 · Hidden Hidden Nice... a new tool for me to use...... Spoiler /s Director of Divisions and Physion Unturned Division Leader xQc on GFL Surf 7/16/22 Share this post Link to post
Guest SpookyOwO Report Post Posted December 2, 2021 · Hidden Hidden Roy i love you Share this post Link to post
Roy 10,832 / 0 Report Post Posted December 2, 2021 10 hours ago, DrakoHD said: Man this is very useful I know someone who might need this! I hope they enjoy it! It reminds me of someone I knew who (D)DoS'd people in 2016 within GFL and didn't even bother to attack me. Like honestly what a bitch they were! If you're going to go around (D)DoS'ing people's home network (which is honestly the least impressive thing I've seen), at least do it to me! 10 hours ago, Salad said: Nice... a new tool for me to use...... Reveal hidden contents /s Just wait for the DPDK version 😄 Hey! Do you remember that person who attacked everyone BUT me in 2016? I really hope they're smart enough to learn how to install and use the DPDK! I love you Salad xD 1 hour ago, spookyowo said: Roy i love you I love you too ❤️ Share this post Link to post Share on other sites More sharing options...
Roy 10,832 / 0 Report Post Posted December 4, 2021 The special version of Packet Batch that utilizes the DPDK is released! Read here for more information. I have only been able to utilize one port (therefore, one l-core) on my home VMs. However, I was able to send ~410K packets per second alone with this one single core. Whereas, the AF_XDP version was sending 1.2 million packets per second on four cores. Therefore, at this rate, the DPDK version will be able to push closer to TWO million packets per second if I utilized all four cores. Keep in mind this is one an older Intel Xeon CPU with virtualization and more. With that said, the DPDK side of this version utilizes TX buffers. We use the rte_eth_tx_buffer() function so that we buffer a certain amount of packets before sending them all at once. This is usually faster than sending the packets one by one, especially if we want to send a large amount of packets. Thank you! Share this post Link to post Share on other sites More sharing options...