PtokaX forum

Lua 5.3/5.2/5.1 Scripts (for PtokaX 0.4.0.0 and newer) => Finished Scripts => Topic started by: PPK on 17 January, 2015, 16:14:46

Title: Anti ConnectToMe DDOS
Post by: PPK on 17 January, 2015, 16:14:46
This script is sending reaction to $MyNick received from user. This is usually used as ddos when bad user or bad hubowner sending connection request ($ConnectToMe) with address of hub that he want to attack.
Script is very simple and support on client side is needed. Actually it is supported in FlylinkDC++

Code (lua) Select
function UnknownArrival(tUser, sData)
if sData:sub(1, 8) == "$MyNick " then
Core.SendToUser(tUser, "$Error CTM2HUB|")
Core.Disconnect(tUser)
end
end


How this works. Description as i'm received it from Rolex.

Quote
HUB1      = exploited hub that allows to send fake CTM
HUB2      = attacked hub
HUB2.ADDR   = address of attacked hub

DC1      = a bot that sends bad CTM requests to HUB1
DC2      = regular user on HUB1

DC1   ->   HUB1   $ConnectToMe DC2 HUB2.ADDR|
HUB1   ->   DC2   $ConnectToMe DC2 HUB2.ADDR|

DC2 doesnt find HUB2.ADDR in his blacklist and continues to process CTM request

DC2   ->   HUB2   socket_connect(HUB2.ADDR) + $MyNick DC2|$Lock ABC|
HUB2   ->   DC2   $Error CTM2HUB|      (this is the part needed to be done by the hub)

DC2 adds HUB2.ADDR  in his blacklist and closes connection

DC1   ->   HUB1   $ConnectToMe DC2 HUB2.ADDR|
HUB1   ->   DC2   $ConnectToMe DC2 HUB2.ADDR|

DC2 finds HUB2.ADDR in blacklist and ignores CTM request