/***********************************************
 * released under (E) licensing ...            *
 *        (E) RULES AND REGULATIONS            *
 * permission to use/rewrite/add     : granted *
 * permission to trojan/steal        : denied  *
 * permission to use illegally       : denied  *
 * permission to use on /dev/urandom : denied  *
 ***********************************************/
/* contact el8@press.co.jp for full license    */
/* code copyrighted by ~el8 -- don't infringe! */

/* w00w00 RawIP packet generator by Shok */
/* (c) w00w00 1998                       */
/* gcc w00w00-RawIP.c -o w00rawip -l nsl */

#include <stdio.h>
#include <signal.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <net/if_packet.h>
#include <netinet/ip_icmp.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <sys/time.h>

#define INT(x) atoi(x)
#define OURHDRSIZE sizeof(struct ourhdr)
#define IPHDRSIZE sizeof(struct iphdr)
#ifndef __u32
#define __u32 u_long
#endif
#ifndef __u16
#define __u16 u_short
#endif

extern char *optarg;
extern int opterr,optind;
__u16 TTL=0,IHL=0,PROTOCOL=0;
u_char UN=0,TYPE=0,SEQ=0;
int verbose = -1;
char *packetdata = (char*) NULL;
int droppacket = -1;
int sizep = 1024;

struct ourhdr
{
  u_char type;
  u_char un;
  u_short seq;
};

unsigned short in_cksum(u_short*,int);
void sendraw (int,__u32,__u32);

int main ( argc , argv )
int argc;
char **argv;
{
   int sockfd=0,i=1,diq=1,socktype=0;
   struct hostent *me, *you;
   char *me_s = (char*) NULL, *you_s = (char*) NULL;

   struct sockaddr_in me_a, you_a;
   int c=0;
   setvbuf(stdout,(char*) NULL,_IONBF,0);
   setvbuf(stderr,(char*) NULL,_IONBF,0); // .. not usually buffered
   if (getuid()!=0 && geteuid()!=0)
   {
     fprintf(stderr,"This program requires root to use SOCK_RAW\n");
     exit(-1);
   }
   if (argc < 3)
   {
     usage:
     fprintf(stderr,"w00w00-RawIP[v0.2] by Shok for ~EL8\n"
                    "usage: %s [-i spoofhost] [-o destination] [options]\n"
                    "options:\n"
                    "\t[-c int]:\tcount [-1 = send until interrupted]\n"
                    "\t[-t int]:\ttype\n"
                    "\t[-p int]:\tprotocol\n"
                    "\t[-s int]:\tsize of packet\n"
                    "\t[-m str]:\tpacket data\n"
                    "\t[-U int]:\tun contents\n"
                    "\t[-S int]:\tseq contents\n"
                    "\t[-I int]:\tihl contents\n"
                    "\t[-T int]:\tTTL\n"
                    "\t[-d]:\tdump packet to stdout\n"
                    "\t[-v]:\tbe verbose\n"
                    "comments to el8@press.co.jp subject: w00w00-RawIP\n",
                    argv[0]);
      exit(-1);
   }

   while (EOF!=(c=getopt(argc,argv,"i:o:c:t:p:s:m:U:S:I:T:dv")))
   {
     switch(c)
     {
       case 'i':
         me_s = optarg;
         break;
       case 'o':
         you_s = optarg;
         break;
       case 'c':
         i = INT(optarg);
         break;
       case 't':
         TYPE = (u_char)INT(optarg);
         break;
       case 'p':
         PROTOCOL = (__u16) INT(optarg);
         break;
       case 's':
         sizep = INT(optarg);
         break;
       case 'm':
         packetdata = optarg;

         break;
       case 'U':
         UN = (u_char)INT(optarg);
         break;
       case 'S':
         SEQ = (u_short)INT(optarg);
         break;
       case 'I':
         IHL = (__u16) INT(optarg);
         break;
       case 'T':
         TTL = (__u16) INT(optarg);
         break;
       case 'd':
         droppacket=1;
         break;
       case 'v':
         verbose=1;
         break;
       case '?':
         goto usage;
         exit(-1);
       default:
         goto usage;
         exit(-1);
     }
   }
   if (packetdata != (char*) NULL) sizep += strlen(packetdata);
   if ((me_s == (char*)NULL)||(you_s == (char*)NULL)) exit(-1);
   if((me = gethostbyname(me_s)) == NULL)
   {
        herror(me_s);
        exit(-1);
   }
   memcpy((caddr_t)&me_a.sin_addr,me->h_addr,me->h_length);
   if((you = gethostbyname(you_s)) == NULL )
   {
        herror(you_s);
        exit(-1);
   }
   memcpy((caddr_t)&you_a.sin_addr,you->h_addr,you->h_length);
   if((sockfd = socket(PF_INET,SOCK_RAW,IPPROTO_RAW))< 0)
   {
        perror("socket(SOCK_RAW)");
        exit(-1);
   }
   if ((setsockopt(sockfd, IPPROTO_IP, SO_SNDBUF,(int*)&sizep,sizeof(sizep)))<0) {
      perror("setsockopt(SO_SNDBUF)");
      exit( -1);
   }
   if ((setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, (char *)&diq, sizeof(diq)))<0) {
      perror("setsockopt(IP_HDRINCL)");
      exit( -1);
   }

   putc('\n',stderr);

   if (verbose!=-1)
   {
     fprintf(stderr,"[source = %s | dest = %s ]\n[size = %i | count = %i]\n",
                    me_s,you_s,sizep,i);
   }

   for(;i!=0;i--){

       if (verbose!=-1) putc('.',stderr);
       sendraw(sockfd,me_a.sin_addr.s_addr,you_a.sin_addr.s_addr);
   }

   if (verbose!=-1) putc('\n',stderr);
   printf("done.\n\n");
   close(sockfd);
   exit(0);

}

/* i hate this .. */
unsigned short in_cksum (addr,len)
  u_short *addr;
  int len;
{
  register int nleft=len,sum=0;
  register u_short* w=addr;
  u_short answer=0;
  while(nleft>1){sum+=*w++;nleft-=2;}
  if(nleft==1){*(u_char*)(&answer)=*(u_char*)w;sum+=answer;}
  sum=(sum>>16)+(sum&0xffff);sum+=(sum>>16);
  answer=~sum;
  return(answer);
}

void sendraw (s,s_a,d_a)
   int s;
   __u32 s_a;
   __u32 d_a;
{
  struct sockaddr_in ta;
  char *packet = malloc ( sizep );
  struct iphdr *ip;
  struct ourhdr  *rp;
  // strncpy(packet,msg,1024);
  bzero (packet, sizeof (packet));
  if (packetdata != (char*) NULL)
  {
    strncat(packet,packetdata,(sizeof(packet) - (IPHDRSIZE + OURHDRSIZE)));
  }
  ip = (struct iphdr *)  packet;
  rp = (struct ourhdr  *)( packet + IPHDRSIZE );


  bzero (packet, sizeof (packet));

  if (TYPE!=  0) rp->type = TYPE;
  else rp->type = 8;
  if (UN  != 0)  rp->un  = UN;
  if (SEQ != 0)  rp->seq = SEQ;

  bzero (packet, IPHDRSIZE);
  ip->saddr=s_a;
  ip->daddr=d_a;
  ip->version=4;
  ip->ihl=(IHL!=0)?IHL:5;
  ip->ttl=(TTL!=0)?TTL:245;
  ip->id=random()%5985;
  ip->protocol = (PROTOCOL!=0)?PROTOCOL:16;
  ip->tot_len = htons (IPHDRSIZE + OURHDRSIZE);
  ip->check = in_cksum ((u_short *)packet, IPHDRSIZE);

  if (droppacket!=-1) fprintf(stderr,"%s",packet);

  ta.sin_family = AF_INET;
  ta.sin_addr.s_addr = d_a;

  if ((sendto (s, packet, IPHDRSIZE + OURHDRSIZE, 0,
	       (struct sockaddr *) &ta, sizeof (struct sockaddr))) == -1)
    {
      perror ("sendto()");
      exit (-1);
    }

}


syntax highlighted by Code2HTML, v. 0.9.1