Module: Msf::Auxiliary::DRDoS

Defined in:

lib/msf/core/auxiliary/drdos.rb

Overview

This module provides methods for Distributed Reflective Denial of Service (DRDoS) attacks

Instance Method Summary

• #initialize(info = {}) ⇒ Object
• #prove_amplification(response_map) ⇒ Object
• #setup ⇒ Object
• #spoofed? ⇒ Boolean

Instance Method Details

#initialize(info = {}) ⇒ Object

# File 'lib/msf/core/auxiliary/drdos.rb', line 11

def initialize(info = {})
  super
  register_advanced_options(
    [
      OptAddress.new('SRCIP', [false, 'Use this source IP']),
      OptInt.new('NUM_REQUESTS', [false, 'Number of requests to send', 1]),
    ], self.class)
end

#prove_amplification(response_map) ⇒ Object

# File 'lib/msf/core/auxiliary/drdos.rb', line 31

def prove_amplification(response_map)
  vulnerable = false
  proofs = []
  response_map.each do |request, responses|
    responses ||= []
    this_proof = ''

    # compute packet amplification
    if responses.size > 1
      vulnerable = true
      this_proof += "#{responses.size}x packet amplification"
    else
      this_proof += 'No packet amplification'
    end

    this_proof += ' and '

    # compute bandwidth amplification
    total_size = responses.map(&:size).reduce(:+)
    bandwidth_amplification = total_size - request.size
    if bandwidth_amplification > 0
      vulnerable = true
      if request.size == 0
        multiplier = total_size
      else
        multiplier = total_size / request.size
      end
      this_proof += "a #{multiplier}x, #{bandwidth_amplification}-byte bandwidth amplification"
    else
      this_proof += 'no bandwidth amplification'
    end

    # TODO (maybe): show the request and responses in more detail?
    proofs << this_proof
  end

  [ vulnerable, proofs.join(', ') ]
end

#setup ⇒ Object

# File 'lib/msf/core/auxiliary/drdos.rb', line 20

def setup
  super
  if spoofed? && datastore['NUM_REQUESTS'].to_i < 1
    raise Msf::OptionValidateError.new(
      {
        'NUM_REQUESTS' => 'The number of requests must be >= 1'
      }
    )
  end
end

#spoofed? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/msf/core/auxiliary/drdos.rb', line 70

def spoofed?
  !datastore['SRCIP'].nil?
end