[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <000001cbb1c7$dcb4b630$961e2290$@org>
Date: Tue, 11 Jan 2011 17:43:35 -0200
From: "Nelson Brito" <nbrito@...ure.org>
To: <dailydave@...ts.immunitysec.com>, <bugtraq@...urityfocus.com>,
<full-disclosure@...ts.grok.org.uk>
Subject: [TOOL RELEASE] T50 Sukhoi PAK FA Mixed Packet
Injector v2.45r-H2HC
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool
designed to perform "Stress Testing". It is a powerful and an unique packet
injection tool, that is capable of:
1. Send sequentially (i.e., ALMOST on the same time) the following
protocols:
- ICMP: Internet Control Message Protocol
- IGMP: Internet Group Management Protocol
- TCP: Transmission Control Protocol
- UDP: User Datagram Protocol
2. Send an (quite) incredible amount of packets per second, making it a
second to none tool:
- More than 1,000,000 pps of SYN Flood (+50% of the networks uplink) in
a 1000BASE-T Network (Gigabit Ethernet).
- More than 120,000 pps of SYN Flood (+60% of the networks uplink) in a
100BASE-TX Network (Fast Ethernet).
3. Perform Stress Testing on a variety of network infrastructure, network
devices and security solutions in place.
4. Simulate Denial-of-Service attacks, validating the Firewall rules and
Intrusion Detection System/Intrusion Prevention System policies.
Further information can be found @ http://fnstenv.blogspot.com (demo video
and source code).
PS: Yes, there are some "anti-kiddo" tricks, so, please, don't blame me for
doing that...
The new version of the "T50 Sukhoi PAK FA Mixed Packet Injector" (v5.2-NG)
will be unleashed on "WEB Security Forum" (http://websecforum.com.br/evento/
/ April 9th-10th 2011 / São Paulo, Brazil).
The next release will include:
1. New License: It is still not licensed under GPL or any other common
Open-source license, but the source code will be available and the use of
any piece of source code for any free or commercial software is denied.
2. CIDR Support: Classless Inter-Domain Routing support for destination IP
address, using a really tiny C algorithm. This would allow the "T50 Sukhoi
PAK FA Mixed Packet Injector" to simulate DDoS in a laboratory environment.
001 netmask = ~(0xffffffff>>cidr);
002 hostid = (int)(pow(2,(32-cidr))-2);
003 __1st_host = (ntohl(addr)&netmask)+1;
004 __lst_host = (ntohl(addr)&netmask)+hostid;
3. TEN NEW Protocols: TEN (10) more protocols supported by "T50 Sukhoi PAK
FA Mixed Packet Injector" (IGMPv3, EGP, DCCP, RSVP, RIPv1, RIPv2, GRE, ESP,
AH and EIGRP).
4. Exotic Protocols: Advanced options and protocol crafting for EIGRP and
GRE were added, allowing users to make any combination while using those
exotic protocols. By the way, EIGRP is a proprietary protocol developed by
CISCO Systems, Inc.
5. TCP Options Support: TCP Options (MSS, NOP, EOL, WSCALE, TSTAMP, T/TCP CC
and SACK) are supported to improve the TCP protocol.
6. DATA Payload Support: The data payload support is back, and it can be
rand or user defined.
Best regards.
Nelson Brito
Security Researcher
http://fnstenv.blogspot.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists