offensivepython / saddam Goto Github PK

View Code? Open in Web Editor NEW

857.0 72.0 349.0 132 KB

DDoS Amplification Tool

License: Apache License 2.0

Python 100.00%

saddam's Introduction

Saddam

DDoS Tool that supports:

DNS Amplification (Domain Name System)
NTP Amplification (Network Time Protocol)
SNMP Amplification (Simple Network Management Protocol)
SSDP Amplification (Simple Service Discovery Protocol)

Read more about DDoS Amplification Attacks here

Donation would be much appreciated: 1Gi5Rpz5RBEUpGknSwyRgqzk7b5bQ7Abp2

Requierments

OS Supports raw sockets
Python 2.7
Pinject

Usage

	   _____           __    __              
	  / ___/____ _____/ /___/ /___ _____ ___ 
	  \__ \/ __ `/ __  / __  / __ `/ __ `__ \
	 ___/ / /_/ / /_/ / /_/ / /_/ / / / / / /
	/____/\__,_/\__,_/\__,_/\__,_/_/ /_/ /_/ 
	https://github.com/OffensivePython/Saddam
	   https://twitter.com/OffensivePython

Usage: 
Saddam.py target.com [options]        # DDoS
Saddam.py benchmark [options]         # Calculate AMPLIFICATION factor


Options:
  -h, --help            show this help message and exit
  -d FILE:FILE|DOMAIN, --dns=FILE:FILE|DOMAIN
                        DNS Amplification File and Domains to Resolve (e.g:
                        dns.txt:[evildomain.com|domains_file.txt]
  -n FILE, --ntp=FILE   NTP Amplification file
  -s FILE, --snmp=FILE  SNMP Amplification file
  -p FILE, --ssdp=FILE  SSDP Amplification file
  -t N, --threads=N     Number of threads (default=1)

saddam's People

Contributors

Stargazers

Watchers

Forkers

shekkbuilder pombredanne chaturaphut nwork xi4oyu anhilo liuqian1990 dipsec sayiho ver007 ubuntuevangelist mujj peterpt noscripter rrosero2000 signedbytes swsmile rim99 cheeyeo beefcrack checkyourscreen l9c simudream lynnsst omegayalfa jacksyen noobzero pascal-gujer gamehacker nullkaos landonpowell soymgomez magma2 voletri 051r15 r00tak spider-zhong mobinlord douglasbuzatto hpetru djalienmeat witchfindertr m41doror paran0ids0ul infinityhacks hoangclinh neo2shyalien sasukeunai einar-lanfranco mzakyz666 ddosser shenxugongzi swordonly eniac888 nazim qingyunha kingmuhud pchl0203 takijoe gsdu8g9 egebalci xieqiwen1993 ghorix 4kercc fb11 lrfsh dandan08912 maxlubb lwhat ogordienko clicknull offseccat dnkls tuian jianan789 iqiangzi tamiilambrado sengkyaut fr34k8 olivierh59500 lucas-developer quydx idyllei zombig taylorwin jamexhuang danniellal sireof rollys bigbigx ro9ueadmin maxxiecook hack404-007 waploaj security-geeks passwordleak dukexia stuff2600 rob-rychs manazone

saddam's Issues

Errors

File "Saddam.py", line 122
print ATTACK
^
Kalli

I think there should be added rate (-r) parameter for outgoing packets.
When Saddam goes free and wild, and gets whole speed of upload, the connection drops almost immediately, don't know if my case is the only one, but i assume it's not. (Tested on Ubuntu 14)

Example DNS File

Is there an example DNS file that can be provided?

Is it still in effect？

Files?

Provide example files/commands? No documentation on this.

Ddos

Missing parentheses

Missing parentheses in call to 'print'. Did you mean print(ATTACK)?

error when running the file

Traceback (most recent call last):
File "./Saddam.py", line 321, in
main()
File "./Saddam.py", line 309, in main
Benchmark(ddos)
File "./Saddam.py", line 156, in Benchmark
recvd, sent = ddos.GetAmpSize(proto, soldier, domain)
File "./Saddam.py", line 210, in GetAmpSize
sock.sendto(packet, (soldier, PORT[proto]))
socket.gaierror: [Errno -2] Name or service not known

This is the error.

Speed 0

   _____           __    __              
  / ___/____ _____/ /___/ /___ _____ ___ 
  \__ \/ __ `/ __  / __  / __ `/ __ `__ \
 ___/ / /_/ / /_/ / /_/ / /_/ / / / / / /
/____/\__,_/\__,_/\__,_/\__,_/_/ /_/ /_/ 
https://github.com/OffensivePython/Saddam
   https://twitter.com/OffensivePython

 Sent      |    Traffic    |    Packet/s   |     Bit/s     
 0.00      |     0.00B     |    0.00pps    |    0.00bps

Any help?

error

** print attack |Line 122 **

bootstrap_inner self.run()

Exception in thread Thread-24:
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 801, in __bootstrap_inner
self.run()
File "/usr/lib/python2.7/threading.py", line 754, in run
self.__target(*self.__args, **self.__kwargs)
File "Saddam.py", line 265, in __attack
size, _ = self.GetAmpSize(proto, soldier)
File "Saddam.py", line 198, in GetAmpSize
sock.sendto(packet, (soldier, PORT[proto]))
gaierror: [Errno -2] Name or service not known

 Sent      |    Traffic    |    Packet/s   |     Bit/s

Error: float division by zero

Please tell me why, thank you

Missing parentheses in call to 'print'

C:\Users\Admin>Saddam.py -help

File "...", line 122 print ATTACK ^ SyntaxError: Missing parentheses in call to 'print'. Did you mean print(ATTACK)?

Lot of mistakes

There are lot of mistakes

cannot import name IP

I get this error when running python Saddam.py

Traceback (most recent call last):
  File "Saddam.py", line 9, in <module>
    from pinject import IP, UDP
ImportError: cannot import name IP

Any help?

delete

Testing this out on Kali (Debian) Linux with Python 2.7.3
getting error message:
"File './Saddam.py', line 9, in
from pinject import IP, UDP
ImportError: cannot import name IP

DDoS throttles on GetAmp..

When you start a DDoS with ntp list, and some servers dont response, __attack method will call GetAmpSize as long as it will get a response, which for some servers is never, this is slowing the attack, waiting for calculating GetAmpSize for servers that wont reponse anyway.
Solution would be to ignore such servers after few not succesful tries of GetAmpSize.
I wrote duck tape solution, where soldiers are in list, and they are removed from it when they dont respond, although that doesnt work with multithreading.

How to fill in the format of the port

Doesnt do more then one run

So i try to use Saddam.py and i have pinject. I can benchmark and in my unbound i see that the request. This all works fine. But now i have a problem that when i do an "Attack" i only see all the "domains" requested one time.

This makes that is doesn/t push any "real" load. Anyone here who got it working with his own unbound server?

Benchmark issue

So i scan with nscan for NTP with the imported Monlist script using the stable version.

Like this : ./nscan.py 0.range.0/0 -p123 --import=monlist:123 -n 2000 -o amp_ntp.txt --cooldown=10000,0.3

So i got my results in a text file but when i try to benchmark using saddam with pinject in the same folder like this : python Saddam.py benchmark -n ntp.txt
i get these errors:

Traceback (most recent call last):
File "Saddam.py", line 321, in
main()
File "Saddam.py", line 309, in main
Benchmark(ddos)
File "Saddam.py", line 163, in Benchmark
recvd, sent = ddos.GetAmpSize(proto, soldier)
File "Saddam.py", line 198, in GetAmpSize
sock.sendto(packet, (soldier, PORT[proto]))
socket.gaierror: [Errno -2] Name or service not known

Division by zero

From line 124 to 130:
start = time.time() while True: try: current = time.time() - start bps = (nbytes*8)/current pps = npackets/current
when this chunk of code gets executed fast enough, current is 0 and python throws and exception about float division error.
example Solution: setting current to non-zero value eg. 1 when it is 0

No traffic

What is the reason for the lack of traffic during the run and ask anyone to answer:
./Saddam.py xxx.com -d dns.txt:xxx.com -t 115

       _____           __    __
      / ___/____ _____/ /___/ /___ _____ ___
      \__ \/ __ `/ __  / __  / __ `/ __ `__ \
     ___/ / /_/ / /_/ / /_/ / /_/ / / / / / /
    /____/\__,_/\__,_/\__,_/\__,_/_/ /_/ /_/
    https://github.com/OffensivePython/Saddam
       https://twitter.com/OffensivePython

 Sent      |    Traffic    |    Packet/s   |     Bit/s

 0.00      |     0.00B     |    0.00pps    |    0.00bps