Here is some sourcecode of an old kd-team post. Sending a ICMP packet where you can specify all you want yourself. This source can be used for a variaty of stuff and well…just use your imagination.
The .c
/* ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +This is a little Disclaimer for if you havn't read the one on our site. + +The tools and tutorials KD-Team develops and publishes are only ment for + +educational purpose only.WE DO NOT encourage the use of this tools and + +tutorials for mailicious purpose.We learned a lot during the development of them + +so we hope you also learn and don't just use it without any brains. + +We take completly NO responsability for any damage caused by them nor + +are we or our isp responsible for what you do with them. + +Greetz: KD-Team + +http://www.kd-team.com + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Made By DiabloHorn Thx to vnet576 for helping out with a few things. NOTE: this has only been tested succesfull on lans it seems that most ip's block outgoing packets with spoofed ip. This has no error checking so just use like: spoofip.exe destination source Excelent reference on coding with win32 raw socket: http://blacksun.box.sk - Windows Internet Programming, Written by: Binary Rape */ #include <windows.h> #include <winsock2.h> #include <stdio.h> #include <stdlib.h> #include "icmp.h" // This is the global define for the kinda icmp packet we are gonna send //it's a echo request. #define TYPEREQUEST 8 void main(int argc,char *argv[]) { WSADATA wsa; //normal windows startup thingie for sockets SOCKET sock; // the socket itself SOCKADDR_IN dinfo; //inet protocol structure char sbuffer[DATALEN+28]; //buffer we are gonna send icmpreq *icmp_packet; BOOL bopt = 1; //setting the sockopt to true //normal wsastartup on windows if(WSAStartup(MAKEWORD(2,0),&wsa) != 0) { printf("WSAStartup() failed\n"); } //normal socket making if((sock = socket(AF_INET,SOCK_RAW,IPPROTO_RAW)) == SOCKET_ERROR) { printf("Socket failed %d\n",GetLastError()); exit(0); } //preparing the buffer to hold our packet. icmp_packet = (icmpreq*)sbuffer; //defining the sendto ip dinfo.sin_family = AF_INET; dinfo.sin_port = htons(0); dinfo.sin_addr.s_addr = inet_addr(argv[1]); //just some general debug info printf("spoofed header: %i\n",sizeof(icmp_packet->sphdr)); printf("icmp header %i\n",sizeof(icmp_packet->icmp)); printf("echo data: %i\n",sizeof(icmp_packet->echoData)); printf("total: %i\n",(sizeof(icmp_packet->sphdr) + sizeof(icmp_packet->icmp) + sizeof(icmp_packet->echoData))); //Here we are filling in the ip header with the data. icmp_packet->sphdr.ip_hl = 5; icmp_packet->sphdr.ip_v = 4; icmp_packet->sphdr.ip_tos = 0; icmp_packet->sphdr.ip_len = sizeof(icmp_packet->sphdr) + sizeof(icmp_packet->icmp) + sizeof(icmp_packet->echoData) ; icmp_packet->sphdr.ip_id = 1; icmp_packet->sphdr.ip_off = 0; icmp_packet->sphdr.ip_ttl = 255; icmp_packet->sphdr.ip_p = IPPROTO_ICMP; icmp_packet->sphdr.ip_sum = 0; //The following line is where we spoofe the sender ip like you can see it's just 1 line;) icmp_packet->sphdr.ip_src = inet_addr(argv[2]); icmp_packet->sphdr.ip_dst = dinfo.sin_addr.s_addr; //Here we are filling the icmp header. icmp_packet->icmp.icmp_type = TYPEREQUEST; icmp_packet->icmp.icmp_code = 0; icmp_packet->icmp.icmp_seq = GetTickCount(); //GetTickCount() is just to make shure it's unique icmp_packet->icmp.icmp_id = GetTickCount(); //Filling the echodata buffer with a's can also be filled with other things as well ;) memset(icmp_packet->echoData,'a',DATALEN); //Calculating the checksum for the icmp header. icmp_packet->icmp.icmp_cksum = checksum((unsigned short*)sbuffer,sizeof(icmpreq)); //Setting the correct options for the socket. Thus making it take our own ip header //instead of the normal one. if(setsockopt(sock,IPPROTO_IP,IP_HDRINCL,(char *)&bopt,sizeof(bopt)) == SOCKET_ERROR) { printf("IP_HDRINCL failed\n"); } //and finallay sending the entire packet to the destination host. if(sendto(sock,sbuffer,sizeof(icmpreq),0,(SOCKADDR*)&dinfo,sizeof(SOCKADDR)) == SOCKET_ERROR) { printf("sendto error %d\n",GetLastError()); exit(0); } //Closing and cleaning up the socket and wsa closesocket(sock); WSACleanup(); }
The .h
/* ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +This is a little Disclaimer for if you havn't read the one on our site. + +The tools and tutorials KD-Team develops and publishes are only ment for + +educational purpose only.WE DO NOT encourage the use of this tools and + +tutorials for mailicious purpose.We learned a lot during the development of them + +so we hope you also learn and don't just use it without any brains. + +We take completly NO responsability for any damage caused by them nor + +are we or our isp responsible for what you do with them. + +Greetz: KD-Team + +http://www.kd-team.com + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ */ //Universal Checksum // Mike Muuss' in_cksum() function // and his comments from the original // ping program // // * Author - // *Mike Muuss // *U. S. Army Ballistic Research Laboratory // *December, 1983 USHORT checksum(USHORT *buffer, int size) { unsigned long cksum=0; while (size > 1) { cksum += *buffer++; size -= sizeof(USHORT); } if (size) { cksum += *(UCHAR*)buffer; } cksum = (cksum >> 16) + (cksum & 0xffff); cksum += (cksum >>16); return (USHORT)(~cksum); } //Just the needed define for the sockopt #define IP_HDRINCL 2 //the IP Header struct typedef struct ipheader { unsigned char ip_hl:4, ip_v:4; //this means that each member is 4 bits unsigned char ip_tos; unsigned short int ip_len; unsigned short int ip_id; unsigned short int ip_off; unsigned char ip_ttl; unsigned char ip_p; unsigned short int ip_sum; unsigned int ip_src; unsigned int ip_dst; }spoofediphdr; //total ip header length: 20 bytes (=160 bits) //The ICMP header struct typedef struct ICMP_HDR { unsigned char icmp_type; unsigned char icmp_code; unsigned short icmp_cksum; unsigned short icmp_id; unsigned short icmp_seq; //8bytes }icmp_header; //The size of the echodata that we are gonna fill #define DATALEN 100 //The inal struct that will be sended. typedef struct icmprequest { spoofediphdr sphdr; icmp_header icmp; char echoData[DATALEN]; } icmpreq;
Pradeep, I’m sorry I don’t have enough knowledge of c# to know if it supports raw sockets. If it doesn’t I think you can use assemblied to still use them. You have to figure out the rest on yourself.
May u please convert this code into the C#..Please I need that
Thanks, the template is one of the several you can choose at wordpress.
It’s the first time I commented here and I should say that you give genuine, and quality information for bloggers! Great job.
p.s. You have an awesome template for your blog. Where have you got it from?