API tools faq
paste
Guest User

Untitled

a guest
Dec 1st, 2017
406
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.98 KB | None | 0 0
raw download clone embed print report
  1. /*
  2. This is a fast and portable (i think). 48 bytes syn, w2k emulation, we are still working on it,
  3. drop an email to drbios2000@yahoo.com if something goes wrong.
  4. libnet and libpcap is required, the options are pretty self explanatory,
  5. stripped static binary included for lamers.
  6. Greets to kauggie (kaugex), nebunu, amidax, jhony si la ce tovarasi mai avem noi pe internetu asta.
  7. BAG PULA IN TOTI ADMINII CARE SE CRED DUMNEZEI CA SUNT CU CONSOLA IN FATA
  8. MUIE CUI SE SIMTE LUAT IN VIZOR DE HAITATEAM
  9. */
  10.  
  11. #include <libnet.h>
  12. #include <stdio.h>
  13. #include <sys/socket.h>
  14. #include <netinet/in.h>
  15. #include <arpa/inet.h>
  16. #include <sys/types.h>
  17. #include <unistd.h>
  18. #include <pcap.h>
  19. #include <time.h>
  20.  
  21.  
  22. int main(int argc, char **argv)
  23. {
  24. libnet_t *l;
  25. libnet_ptag_t t;
  26. unsigned short burst=50;
  27. unsigned short ct=0;
  28. char errbuff[LIBNET_ERRBUF_SIZE];
  29. unsigned long myip;
  30. struct in_addr sc;
  31. unsigned char tcpopt[]="\x02\x04\x05\xb4\x01\x01\x04\x02";
  32.  
  33. unsigned short port;
  34. unsigned long usec;
  35. //unsigned char outstr[1024];
  36. char cc;
  37. int i;
  38. pid_t pid;
  39. pcap_t *handle;
  40. char *temp_char;
  41. bpf_u_int32 mask;
  42. bpf_u_int32 net;
  43. char errbuf[PCAP_ERRBUF_SIZE];
  44. char filter[1024];
  45. struct bpf_program cfilter;
  46. struct pcap_pkthdr header;
  47. const unsigned char *packet;
  48. struct in_addr ekkt;
  49. unsigned char ip[50];
  50.  
  51. unsigned long dstip=0;
  52. unsigned short sport;
  53. char *interface=NULL;
  54. unsigned char bclass=0;
  55. unsigned char aclass=0;
  56. unsigned char rclass=1;
  57. unsigned int a=0,b=0,c=0,d=0;
  58.  
  59. srand(time(NULL));
  60. sport=rand();
  61. usec=1000000;
  62. if(argc<2)
  63. {
  64. printf("usage: %s <port> [-a <a class> | -b <b class>] [-i <interface] [-s <speed>]\n",argv[0]);
  65. printf("speed 10 -> as fast as possible, 1 -> it will take bloody ages (about 50 syns/s)\n");
  66. printf("by DrBIOS <drbios2000@yahoo.com> & Bagabontu <bagabonturo@yahoo.com>\n");
  67. exit(0x01);
  68. }
  69. for(i=1;i<argc;i++)
  70. {
  71. if(strstr(argv[i],"-s"))
  72. {
  73. if(i+1<argc)
  74. {
  75. switch (atoi(argv[i+1]))
  76. {
  77. case 1:usec=1000000;break;
  78. case 2:usec=500000;break;
  79. case 3:usec=250000;break;
  80. case 4:usec=125000;break;
  81. case 5:usec=60000;break;
  82. case 6:usec=30000;break;
  83. case 7:usec=10000;break;
  84. case 8:usec=1000;break;
  85. case 9:usec=100;break;
  86. case 10:usec=0;burst=65535;
  87. }
  88.  
  89. }
  90. else
  91. {
  92. printf("-s requires an argument\n");
  93. exit(0x01);
  94. }
  95. }
  96.  
  97. if(strstr(argv[i],"-i"))
  98. {
  99. if(i+1<argc) interface=argv[i+1];else
  100. {
  101. printf("-i requires an argument\n");
  102. exit(0x01);
  103. }
  104. }
  105. if(strstr(argv[i],"-a"))
  106. {
  107. if(i+1<argc)
  108. {
  109. aclass=1;
  110. bclass=0;
  111. rclass=0;
  112. a=atoi(argv[i+1]);
  113. b=0;
  114. c=0;
  115. d=0;
  116. //printf("%d\n",a);
  117. if((a<1) || (a>254))
  118. {
  119. printf("A must be between 1 and 254\n");
  120. exit(0x02);
  121. }
  122. printf("scanning network %d.*.*.*\n",a);
  123. }
  124. else
  125. {
  126. printf("-a requires an A network as argument\n");
  127. exit(0x01);
  128. }
  129. }
  130. if(strstr(argv[i],"-b"))
  131. {
  132. if(i+1<argc)
  133. {
  134. aclass=0;
  135. bclass=1;
  136. rclass=0;
  137. a=atoi(strtok(argv[i+1],"."));
  138. temp_char=strtok(NULL,".");
  139. if(temp_char==NULL)
  140. b=0;else b=atoi(temp_char);
  141. c=0;
  142. d=0;
  143. //printf("%d\n",a);
  144. if((a<1) || (a>254))
  145. {
  146. printf("A must be between 1 and 254\n");
  147. exit(0x02);
  148. }
  149. printf("scanning network %d.%d.*.*\n",a,b);
  150. }
  151. else
  152. {
  153. printf("-b requires an B network as argument(e.g. 192.168)\n");
  154. exit(0x01);
  155. }
  156. }
  157. }
  158. printf("usec: %ld, burst packets %d\n",usec,burst);
  159. port=(unsigned short)atoi(argv[1]);
  160. if((port<1) || (port>65535)) exit(printf("damn dude, port numbers are in 1 .. 65535\n"));
  161. if(interface!=NULL) printf("using inteface %s\n",interface);
  162.  
  163. l=libnet_init(LIBNET_RAW4,interface,errbuff);
  164. if(!l)
  165. {
  166. printf("ERROR: %s\n",errbuff);
  167. exit(0x02);
  168. }
  169. myip=libnet_get_ipaddr4(l);
  170. sc.s_addr=myip;
  171. sprintf(filter,"(tcp[tcpflags]=0x12) and (src port %d) and (dst port %d)",port,sport);
  172. printf("using \"%s\" as pcap filter\n",filter);
  173. printf("my detected ip on %s is %s\n",l->device,inet_ntoa(sc));
  174. pcap_lookupnet(l->device, &net, &mask, errbuf);
  175. pid=fork();
  176. handle=NULL;
  177. handle = pcap_open_live(l->device, BUFSIZ, 1, 0, errbuf);
  178. if(handle==NULL)
  179. {
  180. printf("ERROR: pcap_open_live() : %s\n",errbuff);
  181. exit(0x05);
  182. }
  183. cc=pcap_compile(handle, &cfilter, filter, 0, net);
  184. if(cc!=0)
  185. {
  186. printf("ERROR: pcap_compile() failed!!!\n");
  187. exit(0);
  188. }
  189. cc=pcap_setfilter(handle, &cfilter);
  190. if(cc!=0)
  191. {
  192. printf("ERROR: pcap_setfilter() failed!!!\n");
  193. exit(0);
  194. }
  195. if(pid==0)
  196. {
  197. /* sniff */
  198. while(1)
  199. {
  200. packet = pcap_next(handle, &header);
  201. memcpy(&ekkt.s_addr,packet+26,4);
  202. printf("%s\n",inet_ntoa(ekkt));
  203. FILE * fp;
  204. fp=fopen("bios.txt","a+");
  205. fprintf(fp,"%s\n",inet_ntoa(ekkt));
  206. fclose(fp);
  207. }
  208. }
  209. if(pid > 0)
  210. {
  211. printf("capturing process started pid %d\n",pid);
  212. usleep(500000);
  213. while(1)
  214. {
  215. t=LIBNET_PTAG_INITIALIZER;
  216. t=libnet_build_tcp_options(tcpopt, 8, l,0);
  217. //t=LIBNET_PTAG_INITIALIZER;
  218. t=libnet_build_tcp(sport,port,rand(),rand(),TH_SYN,65535,0,0,LIBNET_TCP_H+8,NULL,0,l,0);
  219. if(rclass) dstip=rand();
  220. if(aclass)
  221. {
  222. if(d==0) printf("scanning %d.%d.%d.*\n",a,b,c);
  223. d++;
  224. if(d>255) {c++;d=0;}
  225. if(c>255) {b++;c=0;}
  226. sprintf(ip,"%d.%d.%d.%d\n",a,b,c,d);
  227.  
  228. //printf("%s\n",ip);
  229. if((b==255)&& (c==255) && (d==255))
  230. {
  231. printf("aici trebuie stop\n");
  232. sleep(10);
  233. kill(pid,2);
  234. return 0;
  235. }
  236. sc.s_addr=inet_addr(ip);
  237. dstip=sc.s_addr;
  238. }
  239. if(bclass)
  240. {
  241. if(d==0) printf("scanning %d.%d.%d.*\n",a,b,c);
  242. d++;
  243. if(d>255)
  244. {
  245. c++;d=0;
  246. }
  247. sprintf(ip,"%d.%d.%d.%d",a,b,c,d);
  248. if((c==255) && (d==255))
  249. {
  250. printf("%s\n",ip);
  251. printf("aici trebuie stop\n");
  252. sleep(10);
  253. kill(pid,2);
  254. return 0;
  255. }
  256. sc.s_addr=inet_addr(ip);
  257. dstip=sc.s_addr;
  258. }
  259.  
  260. libnet_build_ipv4(LIBNET_TCP_H+LIBNET_IPV4_H+8,0,rand(),0,128,IPPROTO_TCP,0,myip,dstip,NULL,0,l,0);
  261. cc=libnet_write(l);
  262. if(cc<=0) printf("libnet_write() wtf %d\n",cc);
  263. libnet_clear_packet(l);
  264. if(ct==burst)
  265. {
  266. usleep(usec);
  267. ct=0;
  268. };
  269. ct++;
  270. }
  271.  
  272. }
  273. if(pid<0)
  274. {
  275. printf("cannot fork()\n");
  276. exit(0x05);
  277. }
  278. return 0;
  279. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!