| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200211290907.gAT97pD0068490@mailserver2.hushmail.com>
From: es at hush.com (es@...h.com)
Subject: [ElectronicSouls] subnet scanner faster than nmap
-----BEGIN PGP SIGNED MESSAGE-----
Before we wrote the network DDOS code that was responsible for
holding down a prominent blackhat wannabe website, we experimented
with various scanners -- such as the subnet scanner below.
This scanner literally steamrolls nmap. Nmap is very crappy code.
This code makes nmap look like a dwarf. We fork off 255 processes
to handle a /24 subnet, including xxx.xxx.xxx.255 for good measure
(future compatibility -- always a good thing). By forking this
many processes instead of using threads, we reduce resource
consumption tremendously, as running the pr0ggie 255 times in
a threaded shell environment is bad on system resources. We also
use alarm() timeouts on the connects because non-blocking connects
are too complex for a scanner designed for simplicity such as this
one. Either way, nmap bites the dust. Fyodor can't code, his stuff
is a complete mess -- we, on the other hand, understand advanced
software engineering concepts such as loose coupling and tight
cohesion and therefore... well we'll let our code speak for
itself.
/*
Class C Subnet Scanner
a ElectronicSouls production.
(C) BrainStorm
simple but fast !
*/
#include <stdio.h>
#include <stdlib.h>
#include <sys/signal.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <unistd.h>
#include <errno.h>
#define PORT 22
int main (int argc, char *argv[])
{
int fd,
res,
port,
counter = 0;
char host[30];
char *ip;
struct sockaddr_in target;
if (argc < 2)
{
printf ("Usage: %s <class-c> <port>\n", argv[0]);
exit (1);
}
if(argv[2] != NULL)
port=atoi(argv[2]);
else
port=PORT;
ip=argv[1];
sprintf(host,"%s.255",ip);
if(!inet_aton(host,&target.sin_addr))
{
printf("error: invalid class c\n");
exit(1);
}
printf("\n *** ElectronicSouls Class C Subnet Scanner ***\n");
printf(" (C) BrainStorm \n\n");
while (counter < 255)
{
++counter;
sprintf (host, "%s.%d\n",ip,counter);
if ((fork ()) == 0)
{
target.sin_family = AF_INET;
target.sin_port = htons (port);
target.sin_addr.s_addr = inet_addr (host);
fd = socket (AF_INET, SOCK_STREAM, 0);
if (fd < 0)
{
perror ("Socket");
exit (2);
}
alarm (3);
res = connect (fd,(struct sockaddr *)&target,sizeof(target));
if (res == 0)
{
printf ("%s", host);
close (fd);
exit (0);
continue;
}
exit(0);
}
}
sleep(1);
close (fd);
exit (0);
}
The Electronic Souls Crew
[ElectronicSouls] (c) 2002
"You can take my breath away."
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify
wlMEARECABMFAj3nMKIMHGVzQGh1c2guY29tAAoJEN5nGqhGcjltQFUAn0wHrgA8oSx5
iymU7mVxOIV/hyVIAJ0U3VhSG2+yPTL22L+3r8Jc/7P4Mg==
=FvLH
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Big $$$ to be made with the HushMail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
Powered by blists - more mailing lists