[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] [TOOL RELEASE] T50 Sukhoi PAK FA Mixed Packet Injector v2.45r-H2HC



T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool
designed to perform "Stress Testing". It is a powerful and an unique packet
injection tool, that is capable of:
1. Send sequentially (i.e., ALMOST on the same time) the following
protocols:
   - ICMP: Internet Control Message Protocol
   - IGMP: Internet Group Management Protocol
   - TCP:  Transmission Control Protocol
   - UDP:  User Datagram Protocol

2. Send an (quite) incredible amount of packets per second, making it a
?second to none? tool:
   - More than 1,000,000 pps of SYN Flood (+50% of the network?s uplink) in
a 1000BASE-T Network (Gigabit Ethernet).
   - More than 120,000 pps of SYN Flood (+60% of the network?s uplink) in a
100BASE-TX Network (Fast Ethernet).

3. Perform ?Stress Testing? on a variety of network infrastructure, network
devices and security solutions in place.

4. Simulate Denial-of-Service attacks, validating the Firewall rules and
Intrusion Detection System/Intrusion Prevention System policies.

Further information can be found @ http://fnstenv.blogspot.com (demo video
and source code).

PS: Yes, there are some "anti-kiddo" tricks, so, please, don't blame me for
doing that...

The new version of the "T50 Sukhoi PAK FA Mixed Packet Injector" (v5.2-NG)
will be unleashed on "WEB Security Forum" (http://websecforum.com.br/evento/
/ April 9th-10th 2011 / São Paulo, Brazil).

The next release will include:
1. New License: It is still not licensed under GPL or any other common
Open-source license, but the source code will be available and the use of
any piece of source code for any free or commercial software is denied.

2. CIDR Support: Classless Inter-Domain Routing support for destination IP
address, using a really tiny C algorithm. This would allow the "T50 Sukhoi
PAK FA Mixed Packet Injector" to simulate DDoS in a laboratory environment.

   001 netmask = ~(0xffffffff>>cidr);
   002 hostid = (int)(pow(2,(32-cidr))-2);
   003 __1st_host = (ntohl(addr)&netmask)+1;
   004 __lst_host = (ntohl(addr)&netmask)+hostid;

3. TEN NEW Protocols: TEN (10) more protocols supported by "T50 Sukhoi PAK
FA Mixed Packet Injector" (IGMPv3, EGP, DCCP, RSVP, RIPv1, RIPv2, GRE, ESP,
AH and EIGRP).

4. Exotic Protocols: Advanced options and protocol crafting for EIGRP and
GRE were added, allowing users to make any combination while using those
exotic protocols. By the way, EIGRP is a proprietary protocol developed by
CISCO Systems, Inc.

5. TCP Options Support: TCP Options (MSS, NOP, EOL, WSCALE, TSTAMP, T/TCP CC
and SACK) are supported to improve the TCP protocol.

6. DATA Payload Support: The data payload support is back, and it can be
rand or user defined.

Best regards.

Nelson Brito
Security Researcher
http://fnstenv.blogspot.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/