UNIX Socket FAQ

A forum for questions and answers about network programming on Linux and all other Unix-like systems

You are not logged in.

#1 2011-07-08 03:28 AM

S2xCracker1234
Member
Registered: 2011-07-08
Posts: 3

Syn Flood

Guys can anyone explain what the following 4 lines do,it's a piece of code from a syn flood attack.
int packet_size = (sizeof (struct iphdr)+sizeof (struct tcphdr)) * sizeof (char);
char *packet = (char *) malloc (packet_size);
struct iphdr *ip;
ip = (struct iphdr *) packet;

Last edited by S2xCracker1234 (2011-07-08 05:22 AM)

Offline

#2 2011-07-08 09:45 AM

i3839
Oddministrator
From: Amsterdam
Registered: 2003-06-07
Posts: 2,234

Re: Syn Flood

It just allocates enough memory for a whole packet, so IP and TCP headers.
It packs struct iphdr and tcphdr together manually. The code is quite ugly,
that might have confused you a bit.

Identical code:

int packet_size = sizeof(struct iphdr) + sizeof(struct tcphdr);
struct iphdr *ip = malloc(packet_size);

Offline

#3 2011-07-08 12:07 PM

S2xCracker1234
Member
Registered: 2011-07-08
Posts: 3

Re: Syn Flood

The part that confused me was that instead of sending ip/tcp headers he sends the char *packet can you explain why ?
http://www.binarytides.com/blog/syn-flood-dos-attack/
You can see that instead of ip/tcp headers in sento function he sends packet.

I think the assignment part is here,he assigns to packet the value of ip. " struct iphdr *ip = (struct iphdr *) packet; "
Am I right ? =/

Last edited by S2xCracker1234 (2011-07-08 12:34 PM)

Offline

#4 2011-07-08 01:50 PM

i3839
Oddministrator
From: Amsterdam
Registered: 2003-06-07
Posts: 2,234

Re: Syn Flood

It's just an ugly way to deal with type differences between what data
is sent and what type is expected by sendto().  It used to be char*, but
nowadays it's void*, so there should be no need for keeping around
two pointers and all the unecessary casting.

Either you posted the wrong link, or the code in question got much
improved. As you can see in the link you posted, there is no need for
malloc at all.

Offline

#5 2011-07-08 05:01 PM

S2xCracker1234
Member
Registered: 2011-07-08
Posts: 3

Re: Syn Flood

i3839 wrote:

It's just an ugly way to deal with type differences between what data
is sent and what type is expected by sendto().  It used to be char*, but
nowadays it's void*, so there should be no need for keeping around
two pointers and all the unecessary casting.

Either you posted the wrong link, or the code in question got much
improved. As you can see in the link you posted, there is no need for
malloc at all.

Anyway thank you dude,a friend of mine explained what it does,it just uses datagram memory.Then it fills ip structure and instead of using he's memory of struct it uses datagram's

Offline

#6 2011-08-19 05:33 PM

developwyo
Member
Registered: 2011-08-16
Posts: 6

Re: Syn Flood

S2xCracker1234 wrote:
i3839 wrote:

It's just an ugly way to deal with type differences between what data
is sent and what type is expected by sendto().  It used to be char*, but
nowadays it's void*, so there should be no need for keeping around
two pointers and all the unecessary casting.

Either you posted the wrong link, or the code in question got much
improved. As you can see in the link you posted, there is no need for
malloc at all.

Anyway thank you dude,a friend of mine explained what it does,it just uses datagram memory.Then it fills ip structure and instead of using he's memory of struct it uses datagram's

If that's the way you want to think of it yeah, in a simplified kind of way. I use some datagram memory in storing memory using online file storage methods and it has been quite useful. It is always nice to have a protocol that is useful for a variety of tasks.

Last edited by developwyo (2011-09-22 05:49 PM)

Offline

Board footer

Powered by FluxBB