JAVAFLOOD is developed strictly for educational and research purposes within a controlled environment. This tool must only be used with the explicit permission of the server owner.
Any unauthorized use, including attempting to disrupt, overload, or damage servers, is strictly prohibited and may be considered illegal under applicable laws. Such actions can lead to severe consequences for both the target systems and the individuals involved.
Please use this tool responsibly and only for legitimate security testing and academic purposes. Misuse of this tool is unethical, potentially unlawful, and strongly discouraged.
JAVAFLOOD is a tool designed for launching Denial of Service (DoS) attacks on Minecraft Java Edition servers. This tool floods the server with multiple methods to overload the server’s resources, resulting in an unresponsive state.
-
TCP Handshake Flooding:
- Repeatedly initziates
TCP handshakesto consume server socket resources.
- Repeatedly initziates
-
Connection Reuse:
- Sends multiple forged packets over the same
TCP connectionto maximize impact.
- Sends multiple forged packets over the same
-
Multithreading:
- Uses
ThreadPoolExecutorto run multiple threads for parallel packet sending.
- Uses
-
Thread Synchronization:
- The monitoring thread runs in the background as a
daemon threads
- The monitoring thread runs in the background as a
-
Minecraft Protocol Abuse:
- Crafts and sends fake Minecraft handshake packets to simulate player connections.
-
Payload Padding:
- Adds random bytes to increase packet size and obfuscate attack patterns.
-
Rapid Connect-Disconnect Loops:
- Quickly opens and closes connections to exhaust server capacity.
-
Protocol Version Spoofing:
- Sends handshake packets using spoofed or invalid protocol versions to trigger unexpected server behavior.
-
Check Server Status:
- To check the server status directly with the api provided by mcstatus.io. Use the parameter
python3 javaflood.py -api < IP/Domain >
- To check the server status directly with the api provided by mcstatus.io. Use the parameter
| Argument | Required | Description |
|---|---|---|
-ip |
Yes | Target server IP address (e.g., 127.0.0.1). |
-port |
Yes | Target server port (must be an integer between 1 and 65535). |
-s |
Yes | Packet size (must be an integer). |
-t |
Yes | Number of threads (must be an integer). |
-p |
Yes | Protocol version (choose an integer value or set to 0 for random). |
-d |
Yes | Duration of the attack in seconds (must be an integer). |
-icon |
Optional | Hide Skull&Flood logo (1 to Enable / 0 to Disable) |
-load |
Optional | Path to a .json configuration file (loads all parameters). |
-wait |
Optional | Delay the attack by X seconds after all required arguments are set. |
-api |
Optional | Call the api function with the provided domain/IP and exit. |
-h |
No | Show help message and exit. |
-
Clone this repository to your local machine:
git clone https://github.com/Audrise/javaflood.git
Or you can download this repo to your local machine
https://github.com/Audrise/javaflood/archive/refs/heads/main.zip
cd javaflood -
Install the necessary Python libraries:
pip3 install -r requirements.txt
Or you can install it manually
pip3 install pystyle requests
-
To run
javaflood.py, open a terminal and use the following command:python3 javaflood.py -ip [ ip address ] -port [ port ] -s [ packet size ] -t [ threads ] -p [ protocol ] -d [ duration ]
Example 1
python3 javaflood.py -ip 120.0.0.1 -port 25565 -s 100 -t 100 -p 47 -d 60
Example 2
python3 javaflood.py -ip 120.0.0.1 -port 25565 -s 100 -t 100 -p 47 -d 60 -wait 10
Example 3
python3 javaflood.py -ip 120.0.0.1 -port 25565 -s 100 -t 100 -p 47 -d 60 -wait 10 -icon 0
-
or you can use
python3 javaflood.py -load config.json
and don't forget to configure the attack in
config.json
- Thanks to FiePaw to enable me to strengthen and modify the initial version of
JAVAFLOODthat FiePaw developed - Thanks to BillyTheGoat356 which provides the PyStyle module for very nice terminal styling and Hyperion for nice obfuscation tool
- Thanks to mcstatus.io which provides API to check minecraft server easily and quickly.
By using the -load parameter, you can directly run the tool with the configuration set inside a .json file, without the need to manually input all the parameters. This is particularly useful for speeding up the setup process and running the tool with pre-configured settings.
For example, if you have a configuration file named config.json that contains the default settings for the tool, you can run the tool with the following command:
python3 javaflood.py -load config.jsonThis will load all parameters from config.json and run the tool.
Make sure the .json file you create is formatted correctly, with the parameters expected by the tool. Here's an example of a valid JSON structure for this tool:
{
"ip": "127.0.0.1",
"port": 25565,
"packet_size": 0,
"threads": 0,
"protocol": 0,
"duration": 0,
"wait": 60,
"icon": 0
}