From aldeid
Jump to: navigation, search
You are here:


LetDown is a tcp flooder that is inspired from the article "TCP Resource Exhaustion and Botched Disclosure" from Fyodor ( It has an (experimental) userland TCP/IP stack, and supports multistage payloads for complex protocols, fragmentation of packets and variable tcp window.


Download and uncompress

First of all download complemento:

$ mkdir -p /pentest/enumeration/
$ cd /pentest/enumeration/
$ wget
$ tar xzvf complemento-0.7.6.tar.gz
$ cd complemento/letdown/

At this stage, check your version of Python:

$ python -V
Python 2.6.5

Python 2.5

If your version of Python is 2.5, you can directly compile:

$ make

Python 2.6

If you have Python 2.6, you need to apply this patch:

$ wget
$ patch -p0 < letdown-python2.6.patch

Then you can compile:

$ make
The make command will output warnings. They aren't errors, just warning, and nothing blocking.


Basic syntax

$ sudo ./letdown -d destination ip -p port [options]
Notice that letdown requires root privileges.

Common Options

destination ip address or dns name, target
destination port
source ip address
first source port (default 1025)
last source port (default 65534)
enables infinite loop mode
network interface
sleep time in microseconds (default 10000)
max time in second for waiting responses (default 40)

Extra options

verbosity level (0=quiet, 1=normal, 2=verbose)
automagically set firewall rules for blocking rst packet generated by the kernel
examples: -f iptables, -f blackhole (for freebsd)
special interaction levels with the target
  • s: syn flooding, no 3-way-handshake
  • a: send acknowledgment packets (polite mode)
  • f: send finalize packets (include polite mode)
  • r: send reset packets (check firewall rules...)
window size for ack packets (ex: 0-window attack)
enable ack fragmentation and set fragment offset delta
fragment counter if fragmentation is enabled (default 1)
payload file (see payloads directory...)
multistage payload file (see payloads directory...)


  • Generic attack
$ sudo ./letdown -d 208.xx.xx.xx -s 192.168.1.x -p 21
  • Attack against a webserver using payload and firewall options:
$ sudo ./letdown -d 208.xx.xx.xx -s 192.168.1.x -p 80 -f iptables -P payloads/http.txt
  • Connections from 3 ports < 1024 and with the time option:
$ sudo ./letdown -d 208.xx.xx.xx -s 192.168.1.x -p 80 -x 80 -y 100 -t 10000


blog comments powered by Disqus