NTP AMPLIFICATION ATTACKS: This script makes a MONLIST query to an NTP Server that is vulnerable, this is done through IP spoofing and will flood the victim with an amplified response.
In order to stop the execution of this program, press CTRL-C
Note: This script works for Python 3.7.x or above, other versions of Python 3 will probably work.
Make sure to install scapy library on your local machine. You can do this by installing it through pip3 and the requirements.txt file located in this folder.
pip3 install -r requirements.txtThis tool comes with a set of flags for use through the CLI, please note that if you do not set flags you will still be prompted for the information required.
- -d, --debug - Enabling debug will give you information on most of the steps, this is to be used when something is not working properly. May or not help you with your issue, keep this in mind.
- -t, --target - IP address of the victim host, this will be the IP that will received the amplified attack
- -f, --file - File that contains the NTP Servers, even if it is only one it needs to be in a file.
Example of usage on CLI:
python3 ntp.py -t "<victim_IP>" -f "<ntp_server_file>"Please take note of the following:
- Do not use this script for malicious purposes
- This is for educational and instructional use only
- Yes, the above point (2) includes Pentesting
- Use with caution, this can bring devices down VERY easily
- Implement method to allow IP addresses to be sent through the CLI as an alternative to a file.