Git Product home page Git Product logo

inventedattack's Introduction

inventedAttack.py - A POC attack combining IP SPoofing, SYN Flood and IP Fragmentation

I only made this to feed my own curiosity (and for a classroom homework too tbh) since it's not very effective nowadays, but feel free to use it! Python 3 required (if you want to use python2 change the print near the end of the script)

To use it run

pip install -r requirements.txt

to install the required dependencies

Usage: inventedAttack.py [OPTIONS]

Options:
  -i, --ip TEXT          IP address of the target machine
  -p, --port INTEGER     Port of the service to attack with SYN Flood
  -t, --threads INTEGER  Number of concurrent threads
  -s, --size INTEGER     Fragment size
  --help                 Show this message and exit.

If you don't pass any of the parameters, the script will ask for them with an interactive prompt

I actually tried it on some machines and it had 0 impact, probably because the base of the attack (SYN Flood) was effective when resources were scarcer and the was no SYN Flood protection builtin in the kernel. If you want to play around the idea anyways take a look at

/proc/sys/net/ipv4/tcp_syncookies

/proc/sys/net/ipv4/tcp_max_syn_backlog

/proc/sys/net/ipv4/tcp_synack_retries

If you want to monitor the half-open connections on the server you can try

netstat -tuna | grep :443 | grep SYN_RECV

Change 443 for whatever port you are using, also you can pipe again | wc -l to count the number of connections made, in my tests they stay in the range of 50-100.

The fragmentation part makes no difference either.

About the source IP spoofing I found it was the most effective part since the web server was making DNS PTR requests for each random source IP, so it kind flooded the DNS with them.

Lessons learned : turn off reverse DNS resolution in your services.

Things I might improve:

  • Write this in Python 3 (I actually don't know why I was sing python 2, the only incompatible function was a print!)
  • Use Python 3 async, see how performance improves Asyncio makes no difference at all, but I'm leaving anyways a branch here https://github.com/avantasia/inventedAttack/tree/async for testing purposes (and to remind me the next time)
  • More configurable parameters (fragment size, threads)
  • Tests with WAF/IDS and fragmentation on target machine
  • Performance graphs on target machine
  • Maybe dockerize both this and target machine

David Carracedo Martinez - [email protected] 2019

inventedattack's People

Contributors

avantasia avatar

Stargazers

avatar avatar Dean avatar Shiv4x6c avatar Sean Roob avatar Abell avatar Alexander Knorr avatar avatar

Watchers

James Cloos avatar avatar

Forkers

kilo-411 tquentin

inventedattack's Issues

Performance issues

I think the current performance issues comes from the fact every packet is a new socket, and it needs to be that way because the source IP changes every time.

Roadmap for fix, ideas welcome:

  • Add a packet/s and fragments/s (or even bytes/s) counter to properly meter performance
  • Try to send more than 1 packet with each spoofed IP, so we can reuse a socket more than once, that way the threaded design will make more sense.
  • If that doesn't work, I might consider leaving scapy and rewriting this with a raw socket, custom headers so it has less overhead

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.