BugTraq
[TOOL RELEASE] T50 - an Experimental Mixed Packet Injector ( v5.3) Apr 25 2011 02:55PM
Nelson Brito (nbrito sekure org)
___________._______________
\__ ___/| ____/\ _ \ T50: an Experimental Packet Injector Tool
| | |____ \ / /_\ \ Release 5.3
| | / \\ \_/ |____| /______ / \_____ / Copyright (c) 2001-2011 Nelson Brito
\/ \/ All Rights Reserved

Since the previous release version (H2HC), some improvements were introduced to this new version:
1. New License: It is, finally, licensed under GPL Version 2.0. Please, refer to LICENSE document for further information. The new project leader is Fernando Mercês (@FernandoMerces) and, as soon as possible, he will upload the source code to:
- http://t50.sourceforge.net/

2. CIDR Support: Classless Inter-Domain Routing support for destination IP address, using a really tiny C algorithm. This would allow the new version to simulate DDoS/DRDoS in a laboratory environment.

[...]

001 netmask = ~(0xffffffff>>bits);
002 __1st_addr = (ntohl(address)&netmask)+1;
003 hostid = (1 << (32 - bits)) - 2;

[...]

3. ELEVEN NEW Protocols: ELEVEN (11) more protocols supported by T50:
1. IGMPv3: Internet Group Message Protocol v3
2. EGP: Exterior Gateway Protocol
3. RIPv1: Routing Information Protocol v1
4. RIPv2: Routing Information Protocol v2
5. DCCP: Datagram Congestion Control Protocol
6. RSVP: Resource ReSerVation Protocol
7. IPSec: Internet Protocol Security (AH/ESP)
8. GRE: Generic Routing Encapsulation
9. EIGRP: Enhanced Interior Gateway Routing Protocol
10. OSPF: Open Shortest Path First

4. Exotic Protocols: Advanced options and protocol crafting for RSVP, EIGRP, OSPF and GRE were added, allowing users to make any combination while using those exotic protocols. By the way, EIGRP is a proprietary protocol developed by CISCO Systems, Inc.

5. Encapsulation: T50 is capable now to encapsulate all its packet within the Generic Routing Encapsulation, making it the most powerful tool ever.

6. TCP Options Support: TCP Options are now supported to improve the TCP protocol, such as:
1. TCP End of Option List (RFC 793)
2. TCP No-Operation Option (RFC 793)
3. TCP Maximum Segment Size Option (RFC 793)
4. TCP Window Scale Option (RFC 1323)
5. TCP Timestamps Option (RFC 1323)
6. T/TCP Connection Count Option (RFC 1644)
7. T/TCP CC.NEW Option (RFC 1644)
8. T/TCP CC.ECHO Option (RFC 1644)
9. TCP SACK-Permitted Option (RFC 2018)
10. TCP Selective Acknowledgement Option (RFC 2018)
11. TCP MD5 Signature Option (RFC 2385)
12. TCP Authentication Option (RFC 5925)

7. Some T50 statistics (as of April 17th, 2011):
- 33 code files
- 13,763 code lines
- 15 supported protocols
- 1 socket file descriptor
- 238 command line interface options

You can download both slide deck announcement and source code for the new version @ http://t50.4shared.com/!

If you want, you can check the demo videos:
- H2HC Demo: http://www.videolog.tv/video.php?id=614528
- Web Security Forum Announcement: http://www.videolog.tv/video.php?id=643819

PS: Be nice when using T50, the authors (myself and Fernando Mercês - as of today) DENY its use for DoS/DDoS/DRDoS purposes.

Best regards.
--
Nelson Brito (@nbrito)
Security Researcher Enthusiast
8BD6 8CAD 41B7 19C5 EC04 C66D 70ED 23E4 E5AB 95EB

IP calculator - C algorithm three lines:
001 netmask = ~(0xffffffff >> cidr);
002 hostid = (1 << (32 - cidr)) - 2;
003 _1st_addr = (ntohl(addr) & netmask) + 1;

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAABAgAGBQJNtYtTAAoJEHDtI+Tlq5XrA90H+wcG8Dkjv7BTioOKjPAnN0OR
A3klbnhE0munCd8gtrTXv1sHy9RrAsWP/GNN1vNRo+hSOFQDi1R/D0/1UY9YRUlU
t0h7AOnei7JWyZ0WFVDXe9U7uU8uENXZssj3NxePqoQfh6srLdBiR8b83ckKuAXq
oVdF4OPZQTNcsjpQnPI4XVuyUDIzVBeIv8YHto+vWafvJ9CCmx13lOZTfWXKdcKP
mQAZaLDL39rjaeS/xTo7lW8o0UqpxOZQeXBMbltVD8RMYlXecgEFxHDGUguBatQZ
VB3vZsepUByatOmzsnHnauWbfYtYPcsor7MY+oKZWppLIu+lLv8hRmoOc6kNses=
=8TLf
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus