Introduction
Sometimes hacking is just Fun! but its sometimes bad too. So we should always be cautious while taking any action. Now you can prank with your friends by performing the SMS DOS attack on your friend mobile number by simply sending the huge number of SMS. According to researcher of International Institute of Cyber Security, SMS can be a critical vulnerability of hack any mobile.
This bomb3r tool is used for SMS DOS attack, this tool sends a large number of OTPs to the target mobile number.
Environment
- OS: Kali Linux 2020 64 bit
- Kernel-Version: 5.6.0
Installation Steps
- Use this command to clone the project on kali machine.
- git clone https://github.com/crinny/b0mb3r
root@kali:/home/iicybersecurity# git clone https://github.com/crinny/b0mb3r Cloning into 'b0mb3r'... remote: Enumerating objects: 12, done. remote: Counting objects: 100% (12/12), done. remote: Compressing objects: 100% (12/12), done. remote: Total 1596 (delta 4), reused 0 (delta 0), pack-reused 1584 Receiving objects: 100% (1596/1596), 778.31 KiB | 960.00 KiB/s, done. Resolving deltas: 100% (1040/1040), done.
- Use this command to enter into the b0mb3r directory
root@kali:/home/iicybersecurity# cd b0mb3r/ root@kali:/home/iicybersecurity/b0mb3r#
- Use this command to install the requirements
- pip3 install -r requirements.txt
root@kali:/home/iicybersecurity/b0mb3r# pip3 install -r requirements.txt Requirement already satisfied: wheel in /usr/lib/python3/dist-packages (from -r requirements.txt (line 1)) (0.34.2) Collecting fastapi Downloading fastapi-0.59.0-py3-none-any.whl (49 kB) |████████████████████████████████| 49 kB 332 kB/s Collecting uvicorn Downloading uvicorn-0.11.6-py3-none-any.whl (43 kB) |████████████████████████████████| 43 kB 468 kB/s Collecting aiofiles Downloading aiofiles-0.5.0-py3-none-any.whl (11 kB) Collecting pydantic Downloading pydantic-1.6.1-cp38-cp38-manylinux2014_x86_64.whl (11.5 MB) |████████████████████████████████| 11.5 MB 3.7 MB/s =================================================================================================SNIP=================================================================================================================================== Requirement already satisfied: urllib3>=1.10.0 in /usr/local/lib/python3.8/dist-packages (from sentry-sdk->-r requirements.txt (line 10)) (1.25.8) Requirement already satisfied: h2==3.* in /usr/lib/python3/dist-packages (from httpcore==0.9.*->httpx->-r requirements.txt (line 7)) (3.2.0) Installing collected packages: pydantic, starlette, fastapi, websockets, httptools, uvloop, uvicorn, aiofiles, rfc3986, hstspreload, sniffio, httpcore, httpx, sentry-sdk, loguru Successfully installed aiofiles-0.5.0 fastapi-0.59.0 hstspreload-2020.7.17 httpcore-0.9.1 httptools-0.1.1 httpx-0.13.3 loguru-0.5.1 pydantic-1.6.1 rfc3986-1.4.0 sentry-sdk-0.16.1 sniffio-1.1.0 starlette-0.13.4 uvicorn-0.11.6 uvloop-0.14.0 websockets-8.1
- Now, use this command to launch the tool, b0mb3r
- This will start the service on loopback IP and on a particular port. http://127.0.0.1:8080.
- Now, open this URL in the browser
- Successfully we launched the tool.
- Now choose the country code, the enter the target number and number of SMS you want to send to victim mobile
- Now, click on start attack option.
- This will send the large number of SMS to the target number as shown below.
- In the same way, we also receive the logs files on kali console.
Conclusion
We saw on how to perform a DOS attack on a particular mobile number by sending huge traffic and most of the people use this tool for fun purpose.
Cyber Security Specialist with 18+ years of industry experience . Worked on the projects with AT&T, Citrix, Google, Conexant, IPolicy Networks (Tech Mahindra) and HFCL. Constantly keeping world update on the happening in Cyber Security Area.