1. 首页首页
  2. 编程汇总编程汇总

python版DDOS攻击工具脚本

编程汇总 阅读 4

python版DDOS攻击工具脚本代码中有注释说明 usr bin env python coding UTF 8 from redis import Redis import time from gurd import rdb Redis 127 0 0 1 vips def setOffset offset keys rdb

代码中有注释说明

#! /usr/bin/env python

# -*- coding: UTF-8 -*-  

from redis import Redis

import time

from gurd import *

rdb = Redis("127.0.0.1")

vips = {}





def setOffset(offset):
keys = rdb.keys("*")
min = offset
for key in keys:
	if key=="offset":
		continue
	elif int(key)		min = int(key)
if offset > min:
	rdb.set("offset",min)
	time.sleep(5)







def main():
icmp = {}
udp = {}
http = {}
syn = {}
count = 0
offset = int(rdb.incr("offset"))-1
data = rdb.hgetall(offset)
for key in data.keys():
	if key.endswith("http"):
		items = key.split("-")
		if http.has_key(items[1]):
			http[items[1]] += int(data[key])
		else:
			http[items[1]] = int(data[key])
	elif key.endswith("syn"):
		items = key.split("-")
		if syn.has_key(items[1]):
			syn[items[1]] += int(data[key])
		else:
			syn[items[1]] = int(data[key])
	elif key.endswith("icmp"):
		items = key.split("-")
		if icmp.has_key(items[1]):
			icmp[items[1]] += int(data[key])
		else:
			icmp[items[1]] = int(data[key])
	elif key.endswith("udp"):
		items = key.split("-")
		if udp.has_key(items[1]):
			udp[items[1]] += int(data[key])
		else:
			udp[items[1]] = int(data[key])
	elif key.endswith("count"):
		count += int(data[key])
	else:
		continue
count = 0
#syn flood 判断和检测
for key in syn.keys():
	if syn[key]<5000:
		continue
	if http[key]/syn[key]<=3:
		if vips.has_key(key):
			vips[key]["attack"] += 1
			vips[key]["type"] = "syn"
			vips[key]["count"]+= syn[key]
			vips[key]["end"]=offset
		else:
			# 往列表里添加被攻击VIP,统计被攻击VIP的攻击量,如果一个VIP 持续10未收到攻击则从受攻击VIP列表中移除
			vips[key]={"attack":10,"type":"syn","count":syn[key],"guard":0,"start":offset,"end":offset}
# udp flood 判断和检测
for key in udp.keys():
	if udp[key]<5000:
		continue
	if vips.has_key(key):
		vips[key]["attack"] += 1
		vips[key]["type"] = "udp"
		vips[key]["count"]+= udp[key]
		vips[key]["end"]=offset
	else:
		vips[key]={"attack":10,"type":"syn","count":udp[key],"guard":0,"start":offset,"end":offset}
# icmp flood 判断和检测
for key in icmp.keys():
	if icmp[key]<5000:
		continue
	if vips.has_key(key):
		vips[key]["attack"] += 1
		vips[key]["type"] = "icmp"
		vips[key]["count"]+= icmp[key]
		vips[key]["end"]=offset
	else:
		vips[key]={"attack":10,"type":"syn","count":icmp[key],"guard":0,"start":offset,"end":offset}
# 遍历所有被攻击的VIP,所有的attack减一,attack为0的从受攻击队列中移除
for key in vips.keys():
	vips[key]["attack"] += -1
	if vips[key]["guard"]==0:
		print "find ddos attack on %s  from :%d " %(key,vips[key]["start"])
		addVip(key)
		# add to guard
		vips[key]["guard"]=1
	if vips[key]["attack"]==0:
		# remove from guard and vips 
		delVip(key)
		print "find ddos attack end on %s time:%d " %(key,vips[key]["end"])
		vips.pop(key)
rdb.expire(offset,1)
while offset < int(time.time()-10):
	offset = int(rdb.incr("offset"))-1
	rdb.expire(offset,1)
#print "offset:%d time:%d" %(offset,int(time.time()))
if offset > int(time.time())-5:
	time.sleep(2)
else:
	setOffset(offset)





while 1:
try:
	main()
except:
	rdb = Redis("127.0.0.1")
	vips = {}
	pass
编程小号
上一篇 2025-01-16 12:21
没有下一篇了

相关推荐

版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
如需转载请保留出处:https://bianchenghao.cn/hz/148979.html