Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/lib/msf/core/auxiliary/drdos.rb
Views: 11784
# -*- coding: binary -*-1module Msf23###4#5# This module provides methods for Distributed Reflective Denial of Service (DRDoS) attacks6#7###8module Auxiliary::DRDoS910def initialize(info = {})11super12register_advanced_options(13[14OptAddress.new('SRCIP', [false, 'Use this source IP']),15OptInt.new('NUM_REQUESTS', [false, 'Number of requests to send', 1]),16], self.class)17end1819def setup20super21if spoofed? && datastore['NUM_REQUESTS'].to_i < 122raise Msf::OptionValidateError.new(23{24'NUM_REQUESTS' => 'The number of requests must be >= 1'25}26)27end28end2930def prove_amplification(response_map)31vulnerable = false32proofs = []33response_map.each do |request, responses|34responses ||= []35this_proof = ''3637# compute packet amplification38if responses.size > 139vulnerable = true40this_proof += "#{responses.size}x packet amplification"41else42this_proof += 'No packet amplification'43end4445this_proof += ' and '4647# compute bandwidth amplification48total_size = responses.map(&:size).reduce(:+)49bandwidth_amplification = total_size - request.size50if bandwidth_amplification > 051vulnerable = true52if request.size == 053multiplier = total_size54else55multiplier = total_size / request.size56end57this_proof += "a #{multiplier}x, #{bandwidth_amplification}-byte bandwidth amplification"58else59this_proof += 'no bandwidth amplification'60end6162# TODO (maybe): show the request and responses in more detail?63proofs << this_proof64end6566[ vulnerable, proofs.join(', ') ]67end6869def spoofed?70!datastore['SRCIP'].nil?71end7273end74end757677