반응형
//raw tcp packet crafter
#include "stdio.h"
#include "winsock2.h"
#include "ws2tcpip.h" //IP_HDRINCL is here
#include "conio.h"
#pragma comment(lib,"ws2_32.lib") //winsock 2.2 library
typedef struct ip_hdr
{
unsigned char ip_header_len:4; // 4-bit header length (in 32-bit words) normally=5 (Means 20 Bytes may be 24 also)
unsigned char ip_version :4; // 4-bit IPv4 version
unsigned char ip_tos; // IP type of service
unsigned short ip_total_length; // Total length
unsigned short ip_id; // Unique identifier
unsigned char ip_frag_offset :5; // Fragment offset field
unsigned char ip_more_fragment :1;
unsigned char ip_dont_fragment :1;
unsigned char ip_reserved_zero :1;
unsigned char ip_frag_offset1; //fragment offset
unsigned char ip_ttl; // Time to live
unsigned char ip_protocol; // Protocol(TCP,UDP etc)
unsigned short ip_checksum; // IP checksum
unsigned int ip_srcaddr; // Source address
unsigned int ip_destaddr; // Source address
} IPV4_HDR, *PIPV4_HDR, FAR * LPIPV4_HDR;
struct icmp_hdr {
unsigned char Type;
unsigned char Code;
unsigned short checksum; //
unsigned short ID;
unsigned short Seq;
char Data;
};
// TCP header
typedef struct tcp_header
{
unsigned short source_port; // source port
unsigned short dest_port; // destination port
unsigned int sequence; // sequence number - 32 bits
unsigned int acknowledge; // acknowledgement number - 32 bits
unsigned char ns :1; //Nonce Sum Flag Added in RFC 3540.
unsigned char reserved_part1:3; //according to rfc
unsigned char data_offset:4; /*The number of 32-bit words in the TCP header.
This indicates where the data begins.
The length of the TCP header is always a multiple
of 32 bits.*/
unsigned char fin :1; //Finish Flag
unsigned char syn :1; //Synchronise Flag
unsigned char rst :1; //Reset Flag
unsigned char psh :1; //Push Flag
unsigned char ack :1; //Acknowledgement Flag
unsigned char urg :1; //Urgent Flag
unsigned char ecn :1; //ECN-Echo Flag
unsigned char cwr :1; //Congestion Window Reduced Flag
////////////////////////////////
unsigned short window; // window
unsigned short checksum; // checksum
unsigned short urgent_pointer; // urgent pointer
} TCP_HDR , *PTCP_HDR , FAR * LPTCP_HDR , TCPHeader , TCP_HEADER;
int main()
{
char host[100],buf[1000],*data=NULL,source_ip[20]; //buf is the complete packet
SOCKET s;
int k=1;
IPV4_HDR *v4hdr=NULL;
TCP_HDR *tcphdr=NULL;
icmp_hdr *icmphdr = NULL;
int payload=512 , optval;
SOCKADDR_IN dest;
//hostent *server;
//Initialise Winsock
WSADATA wsock;
printf("\nInitialising Winsock...");
if (WSAStartup(MAKEWORD(2,2),&wsock) != 0)
{
fprintf(stderr,"WSAStartup() failed");
exit(EXIT_FAILURE);
}
printf("Initialised successfully.");
////////////////////////////////////////////////
//Create Raw TCP Packet
printf("\nCreating Raw TCP Socket...");
if((s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW))==SOCKET_ERROR)
{
printf("Creation of raw socket failed.");
return 0;
}
printf("Raw TCP Socket Created successfully.");
////////////////////////////////////////////////
//Put Socket in RAW Mode.
printf("\nSetting the socket in RAW mode...");
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, (char *)&optval, sizeof(optval))==SOCKET_ERROR)
{
printf("failed to set socket in raw mode.");
return 0;
}
printf("Successful.");
////////////////////////////////////////////////
//Target Hostname
printf("\nEnter targetIP : ");
gets(host);
printf("\nResolving Hostname...");
dest.sin_family = AF_INET;
dest.sin_addr.s_addr = inet_addr(host);
dest.sin_port = htons(50005); //your destination port
//memcpy(&dest.sin_addr.s_addr,server->h_addr,server->h_length);
printf("Resolved.");
/////////////////////////////////////////////////
printf("\nEnter Source IP : ");
gets(source_ip);
v4hdr = (IPV4_HDR *)buf; //lets point to the ip header portion
v4hdr->ip_version=4;
v4hdr->ip_header_len=5;
v4hdr->ip_tos = 0;
v4hdr->ip_total_length = htons ( sizeof(IPV4_HDR) + sizeof(icmp_hdr) + payload );
v4hdr->ip_id = htons(2);
v4hdr->ip_frag_offset = 0;
v4hdr->ip_frag_offset1 = 0;
v4hdr->ip_reserved_zero = 0;
v4hdr->ip_dont_fragment = 1;
v4hdr->ip_more_fragment = 0;
v4hdr->ip_ttl = 8;
//v4hdr->ip_protocol = IPPROTO_TCP;
v4hdr->ip_protocol = IPPROTO_ICMP;
//v4hdr->ip_srcaddr = inet_addr(inet_ntoa(dest.sin_addr));
//v4hdr->ip_destaddr = inet_addr(source_ip);
v4hdr->ip_srcaddr = inet_addr(source_ip);
v4hdr->ip_destaddr = inet_addr(inet_ntoa(dest.sin_addr));
v4hdr->ip_checksum = 0;
icmphdr = (icmp_hdr *)&buf[sizeof(IPV4_HDR)];
//icmp_header set and mapping
icmphdr->Type = 8; //icmp type 8 = icmp echo request
icmphdr->Code = 0;
icmphdr->checksum = 0;
icmphdr->Seq = 1;
icmphdr->ID = rand()%0xffff;
/*
tcphdr = (TCP_HDR *)&buf[sizeof(IPV4_HDR)]; //get the pointer to the tcp header in the packet
tcphdr->source_port = htons(1234);
tcphdr->dest_port = htons(50000);
tcphdr->cwr=0;
tcphdr->ecn=1;
tcphdr->urg=0;
tcphdr->ack=0;
tcphdr->psh=0;
tcphdr->rst=1;
tcphdr->syn=0;
tcphdr->fin=0;
tcphdr->ns=1;
tcphdr->checksum = 0;
*/
// Initialize the TCP payload to some rubbish
data = &buf[sizeof(IPV4_HDR) + sizeof(icmp_hdr)];
memset(data, '*', payload);
printf("\nSending packet...\n");
while(!_kbhit())
{
printf(" %d packets send\r",k++);
if((sendto(s , buf , sizeof(IPV4_HDR)+sizeof(icmp_hdr) + payload, 0,
(SOCKADDR *)&dest, sizeof(dest)))==SOCKET_ERROR)
{
printf("Error sending Packet : %d",WSAGetLastError());
break;
}
}
return 0;
}
/*
//#include <Windows.h>
#pragma comment(lib, "Ws2_32.lib")
#include <WinSock2.h>
#include <stdio.h>
//#include <netinet/ip_icmp.h>
#include "ws2tcpip.h" //IP_HDRINCL is here
struct ip_hdr
{
unsigned char ip_ver; //4bit ipv4 version
//4bit ip header length
unsigned char ip_tos; //ip tos
unsigned short ip_totallength; //total length
unsigned short ip_id; //id
unsigned short ip_off; //offset
unsigned char ip_ttl; //ttl
unsigned char ip_protocol; //protocol
unsigned short sum; //checksum
unsigned int ip_srcaddr; //source
unsigned int ip_destaddr; //dest
};
struct icmp_hdr {
unsigned char Type;
unsigned char Code;
unsigned short checksum; //
unsigned short ID;
unsigned short Seq;
char Data;
};
struct tcp_hdr
{
unsigned short th_sport; //src port
unsigned short th_dport; //dest port
unsigned long seq; //sequence number
unsigned long ack; //acknowledgement number
unsigned char data; //offset
unsigned char flag; //flag
unsigned short win; //window
unsigned short sum; //checksum
unsigned short urgptr; //urgent pointer
};
struct pseudohdr
{
unsigned int saddr;
unsigned int daddr;
unsigned char useless;
unsigned char protocol;
unsigned short tcplength;
};
unsigned short in_chksum(unsigned short *addr, int len)
{
int sum = 0;
int nleft = len;
u_short *w=addr;
u_short answer = 0;
while(nleft >1)
{
sum +=*w++;
nleft -= 2;
}
if(nleft == 1)
{
*(u_char *)(&answer) = *(u_char *)w;
sum += answer;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
answer = ~sum;
return (answer);
}
int main()
{
struct sockaddr_in target_addr;
struct sockaddr_in your_addr;
ip_hdr *iphdr;
icmp_hdr *icmphdr;
//tcp_hdr *tcphdr;
//pseudohdr * pe;
SOCKET s;
WSADATA wsaData;
WORD wVersionRequested = MAKEWORD(2,2);
char buf[1500];
char *data;
int optval;
int nRet;
int payload;
payload = 1500 - sizeof(ip_hdr) - sizeof(icmp_hdr);
// Init WinSock
nRet = WSAStartup(wVersionRequested, &wsaData);
if (nRet)
{
fprintf(stderr,"\nError initializing WinSock\n");
return 0;
}
// Check version
if (wsaData.wVersion != wVersionRequested)
{
fprintf(stderr,"\nWinSock version not supported\n");
return 0;
}
target_addr.sin_family = AF_INET;
target_addr.sin_addr.s_addr = inet_addr("192.168.2.254");
target_addr.sin_port = htons(1500);
your_addr.sin_addr.s_addr = inet_addr("192.168.45.105");
your_addr.sin_port = htons(1500);
//tcphdr = (struct tcp_hdr *)&buf[sizeof(struct ip_hdr)];
//pe = (struct pseudohdr *)((char*)tcphdr-sizeof(struct pseudohdr));
//pe->saddr = your_addr.sin_addr.s_addr;
//pe->daddr = target_addr.sin_addr.s_addr;
//pe->protocol = IPPROTO_TCP;
//pe->protocol = IPPROTO_ICMP;
//pe->tcplength = htons(sizeof(struct tcp_hdr));
//ip_header set and mapping
iphdr = (struct ip_hdr *)buf;
icmphdr = (struct icmp_hdr *)&buf[sizeof(ip_hdr)];
iphdr->ip_ver = 4;
iphdr->ip_tos = 0;
iphdr->ip_totallength = htons(sizeof(ip_hdr) + sizeof(icmp_hdr) + payload);
iphdr->ip_id = rand()%0xffff;
iphdr->ip_off = 0;
iphdr->ip_ttl = 8;
//iphdr->ip_protocol = IPPROTO_TCP;
iphdr->ip_protocol = IPPROTO_ICMP;
//iphdr->sum = 0;
iphdr->ip_srcaddr = inet_addr("192.168.45.105");
iphdr->ip_destaddr = inet_addr("192.168.2.254");
iphdr->sum = in_chksum((u_short *)&iphdr, sizeof(ip_hdr));
//icmp_header set and mapping
icmphdr->Type = 8; //icmp type 8 = icmp echo request
icmphdr->Code = 0;
icmphdr->checksum = 0;
icmphdr->Seq = 1;
icmphdr->ID = rand()%0xffff;
/*
tcphdr->th_sport = htons(1500);
tcphdr->th_dport = htons(80);
tcphdr->flag = 0x02; //syn패킷
tcphdr->data = 0;
tcphdr->seq = htonl(100);
tcphdr->ack = htonl(0);
tcphdr->win = htons(512);
tcphdr->urgptr = 0;
tcphdr->sum = in_chksum((u_short *)pe,(sizeof(struct pseudohdr)+sizeof(struct tcp_hdr)));
*/
/*
data = &buf[sizeof(ip_hdr)+sizeof(icmp_hdr)];
memset(data,'@',payload);
s = socket(AF_INET,SOCK_RAW,IPPROTO_RAW);
optval = 1;
setsockopt(s,IPPROTO_IP,IP_HDRINCL, (char *) &optval, sizeof(optval));
for(int i=0;i<100;i++) {
sendto(s,buf,sizeof(ip_hdr) + sizeof(icmp_hdr)+ payload, 0, (SOCKADDR *)&target_addr, sizeof(target_addr));
}
// Free WinSock
WSACleanup();
return 0;
}
*/
#include "stdio.h"
#include "winsock2.h"
#include "ws2tcpip.h" //IP_HDRINCL is here
#include "conio.h"
#pragma comment(lib,"ws2_32.lib") //winsock 2.2 library
typedef struct ip_hdr
{
unsigned char ip_header_len:4; // 4-bit header length (in 32-bit words) normally=5 (Means 20 Bytes may be 24 also)
unsigned char ip_version :4; // 4-bit IPv4 version
unsigned char ip_tos; // IP type of service
unsigned short ip_total_length; // Total length
unsigned short ip_id; // Unique identifier
unsigned char ip_frag_offset :5; // Fragment offset field
unsigned char ip_more_fragment :1;
unsigned char ip_dont_fragment :1;
unsigned char ip_reserved_zero :1;
unsigned char ip_frag_offset1; //fragment offset
unsigned char ip_ttl; // Time to live
unsigned char ip_protocol; // Protocol(TCP,UDP etc)
unsigned short ip_checksum; // IP checksum
unsigned int ip_srcaddr; // Source address
unsigned int ip_destaddr; // Source address
} IPV4_HDR, *PIPV4_HDR, FAR * LPIPV4_HDR;
struct icmp_hdr {
unsigned char Type;
unsigned char Code;
unsigned short checksum; //
unsigned short ID;
unsigned short Seq;
char Data;
};
// TCP header
typedef struct tcp_header
{
unsigned short source_port; // source port
unsigned short dest_port; // destination port
unsigned int sequence; // sequence number - 32 bits
unsigned int acknowledge; // acknowledgement number - 32 bits
unsigned char ns :1; //Nonce Sum Flag Added in RFC 3540.
unsigned char reserved_part1:3; //according to rfc
unsigned char data_offset:4; /*The number of 32-bit words in the TCP header.
This indicates where the data begins.
The length of the TCP header is always a multiple
of 32 bits.*/
unsigned char fin :1; //Finish Flag
unsigned char syn :1; //Synchronise Flag
unsigned char rst :1; //Reset Flag
unsigned char psh :1; //Push Flag
unsigned char ack :1; //Acknowledgement Flag
unsigned char urg :1; //Urgent Flag
unsigned char ecn :1; //ECN-Echo Flag
unsigned char cwr :1; //Congestion Window Reduced Flag
////////////////////////////////
unsigned short window; // window
unsigned short checksum; // checksum
unsigned short urgent_pointer; // urgent pointer
} TCP_HDR , *PTCP_HDR , FAR * LPTCP_HDR , TCPHeader , TCP_HEADER;
int main()
{
char host[100],buf[1000],*data=NULL,source_ip[20]; //buf is the complete packet
SOCKET s;
int k=1;
IPV4_HDR *v4hdr=NULL;
TCP_HDR *tcphdr=NULL;
icmp_hdr *icmphdr = NULL;
int payload=512 , optval;
SOCKADDR_IN dest;
//hostent *server;
//Initialise Winsock
WSADATA wsock;
printf("\nInitialising Winsock...");
if (WSAStartup(MAKEWORD(2,2),&wsock) != 0)
{
fprintf(stderr,"WSAStartup() failed");
exit(EXIT_FAILURE);
}
printf("Initialised successfully.");
////////////////////////////////////////////////
//Create Raw TCP Packet
printf("\nCreating Raw TCP Socket...");
if((s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW))==SOCKET_ERROR)
{
printf("Creation of raw socket failed.");
return 0;
}
printf("Raw TCP Socket Created successfully.");
////////////////////////////////////////////////
//Put Socket in RAW Mode.
printf("\nSetting the socket in RAW mode...");
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, (char *)&optval, sizeof(optval))==SOCKET_ERROR)
{
printf("failed to set socket in raw mode.");
return 0;
}
printf("Successful.");
////////////////////////////////////////////////
//Target Hostname
printf("\nEnter targetIP : ");
gets(host);
printf("\nResolving Hostname...");
dest.sin_family = AF_INET;
dest.sin_addr.s_addr = inet_addr(host);
dest.sin_port = htons(50005); //your destination port
//memcpy(&dest.sin_addr.s_addr,server->h_addr,server->h_length);
printf("Resolved.");
/////////////////////////////////////////////////
printf("\nEnter Source IP : ");
gets(source_ip);
v4hdr = (IPV4_HDR *)buf; //lets point to the ip header portion
v4hdr->ip_version=4;
v4hdr->ip_header_len=5;
v4hdr->ip_tos = 0;
v4hdr->ip_total_length = htons ( sizeof(IPV4_HDR) + sizeof(icmp_hdr) + payload );
v4hdr->ip_id = htons(2);
v4hdr->ip_frag_offset = 0;
v4hdr->ip_frag_offset1 = 0;
v4hdr->ip_reserved_zero = 0;
v4hdr->ip_dont_fragment = 1;
v4hdr->ip_more_fragment = 0;
v4hdr->ip_ttl = 8;
//v4hdr->ip_protocol = IPPROTO_TCP;
v4hdr->ip_protocol = IPPROTO_ICMP;
//v4hdr->ip_srcaddr = inet_addr(inet_ntoa(dest.sin_addr));
//v4hdr->ip_destaddr = inet_addr(source_ip);
v4hdr->ip_srcaddr = inet_addr(source_ip);
v4hdr->ip_destaddr = inet_addr(inet_ntoa(dest.sin_addr));
v4hdr->ip_checksum = 0;
icmphdr = (icmp_hdr *)&buf[sizeof(IPV4_HDR)];
//icmp_header set and mapping
icmphdr->Type = 8; //icmp type 8 = icmp echo request
icmphdr->Code = 0;
icmphdr->checksum = 0;
icmphdr->Seq = 1;
icmphdr->ID = rand()%0xffff;
/*
tcphdr = (TCP_HDR *)&buf[sizeof(IPV4_HDR)]; //get the pointer to the tcp header in the packet
tcphdr->source_port = htons(1234);
tcphdr->dest_port = htons(50000);
tcphdr->cwr=0;
tcphdr->ecn=1;
tcphdr->urg=0;
tcphdr->ack=0;
tcphdr->psh=0;
tcphdr->rst=1;
tcphdr->syn=0;
tcphdr->fin=0;
tcphdr->ns=1;
tcphdr->checksum = 0;
*/
// Initialize the TCP payload to some rubbish
data = &buf[sizeof(IPV4_HDR) + sizeof(icmp_hdr)];
memset(data, '*', payload);
printf("\nSending packet...\n");
while(!_kbhit())
{
printf(" %d packets send\r",k++);
if((sendto(s , buf , sizeof(IPV4_HDR)+sizeof(icmp_hdr) + payload, 0,
(SOCKADDR *)&dest, sizeof(dest)))==SOCKET_ERROR)
{
printf("Error sending Packet : %d",WSAGetLastError());
break;
}
}
return 0;
}
/*
//#include <Windows.h>
#pragma comment(lib, "Ws2_32.lib")
#include <WinSock2.h>
#include <stdio.h>
//#include <netinet/ip_icmp.h>
#include "ws2tcpip.h" //IP_HDRINCL is here
struct ip_hdr
{
unsigned char ip_ver; //4bit ipv4 version
//4bit ip header length
unsigned char ip_tos; //ip tos
unsigned short ip_totallength; //total length
unsigned short ip_id; //id
unsigned short ip_off; //offset
unsigned char ip_ttl; //ttl
unsigned char ip_protocol; //protocol
unsigned short sum; //checksum
unsigned int ip_srcaddr; //source
unsigned int ip_destaddr; //dest
};
struct icmp_hdr {
unsigned char Type;
unsigned char Code;
unsigned short checksum; //
unsigned short ID;
unsigned short Seq;
char Data;
};
struct tcp_hdr
{
unsigned short th_sport; //src port
unsigned short th_dport; //dest port
unsigned long seq; //sequence number
unsigned long ack; //acknowledgement number
unsigned char data; //offset
unsigned char flag; //flag
unsigned short win; //window
unsigned short sum; //checksum
unsigned short urgptr; //urgent pointer
};
struct pseudohdr
{
unsigned int saddr;
unsigned int daddr;
unsigned char useless;
unsigned char protocol;
unsigned short tcplength;
};
unsigned short in_chksum(unsigned short *addr, int len)
{
int sum = 0;
int nleft = len;
u_short *w=addr;
u_short answer = 0;
while(nleft >1)
{
sum +=*w++;
nleft -= 2;
}
if(nleft == 1)
{
*(u_char *)(&answer) = *(u_char *)w;
sum += answer;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
answer = ~sum;
return (answer);
}
int main()
{
struct sockaddr_in target_addr;
struct sockaddr_in your_addr;
ip_hdr *iphdr;
icmp_hdr *icmphdr;
//tcp_hdr *tcphdr;
//pseudohdr * pe;
SOCKET s;
WSADATA wsaData;
WORD wVersionRequested = MAKEWORD(2,2);
char buf[1500];
char *data;
int optval;
int nRet;
int payload;
payload = 1500 - sizeof(ip_hdr) - sizeof(icmp_hdr);
// Init WinSock
nRet = WSAStartup(wVersionRequested, &wsaData);
if (nRet)
{
fprintf(stderr,"\nError initializing WinSock\n");
return 0;
}
// Check version
if (wsaData.wVersion != wVersionRequested)
{
fprintf(stderr,"\nWinSock version not supported\n");
return 0;
}
target_addr.sin_family = AF_INET;
target_addr.sin_addr.s_addr = inet_addr("192.168.2.254");
target_addr.sin_port = htons(1500);
your_addr.sin_addr.s_addr = inet_addr("192.168.45.105");
your_addr.sin_port = htons(1500);
//tcphdr = (struct tcp_hdr *)&buf[sizeof(struct ip_hdr)];
//pe = (struct pseudohdr *)((char*)tcphdr-sizeof(struct pseudohdr));
//pe->saddr = your_addr.sin_addr.s_addr;
//pe->daddr = target_addr.sin_addr.s_addr;
//pe->protocol = IPPROTO_TCP;
//pe->protocol = IPPROTO_ICMP;
//pe->tcplength = htons(sizeof(struct tcp_hdr));
//ip_header set and mapping
iphdr = (struct ip_hdr *)buf;
icmphdr = (struct icmp_hdr *)&buf[sizeof(ip_hdr)];
iphdr->ip_ver = 4;
iphdr->ip_tos = 0;
iphdr->ip_totallength = htons(sizeof(ip_hdr) + sizeof(icmp_hdr) + payload);
iphdr->ip_id = rand()%0xffff;
iphdr->ip_off = 0;
iphdr->ip_ttl = 8;
//iphdr->ip_protocol = IPPROTO_TCP;
iphdr->ip_protocol = IPPROTO_ICMP;
//iphdr->sum = 0;
iphdr->ip_srcaddr = inet_addr("192.168.45.105");
iphdr->ip_destaddr = inet_addr("192.168.2.254");
iphdr->sum = in_chksum((u_short *)&iphdr, sizeof(ip_hdr));
//icmp_header set and mapping
icmphdr->Type = 8; //icmp type 8 = icmp echo request
icmphdr->Code = 0;
icmphdr->checksum = 0;
icmphdr->Seq = 1;
icmphdr->ID = rand()%0xffff;
/*
tcphdr->th_sport = htons(1500);
tcphdr->th_dport = htons(80);
tcphdr->flag = 0x02; //syn패킷
tcphdr->data = 0;
tcphdr->seq = htonl(100);
tcphdr->ack = htonl(0);
tcphdr->win = htons(512);
tcphdr->urgptr = 0;
tcphdr->sum = in_chksum((u_short *)pe,(sizeof(struct pseudohdr)+sizeof(struct tcp_hdr)));
*/
/*
data = &buf[sizeof(ip_hdr)+sizeof(icmp_hdr)];
memset(data,'@',payload);
s = socket(AF_INET,SOCK_RAW,IPPROTO_RAW);
optval = 1;
setsockopt(s,IPPROTO_IP,IP_HDRINCL, (char *) &optval, sizeof(optval));
for(int i=0;i<100;i++) {
sendto(s,buf,sizeof(ip_hdr) + sizeof(icmp_hdr)+ payload, 0, (SOCKADDR *)&target_addr, sizeof(target_addr));
}
// Free WinSock
WSACleanup();
return 0;
}
*/
반응형