[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] [TOOL RELEASE] T50 - an Experimental Mixed Packet Injector ( v5.3)



  ___________._______________
  \__    ___/|   ____/\   _  \   T50: an Experimental Packet Injector Tool
    |    |   |____  \ /  /_\  \                 Release 5.3
    |    |   /       \\  \_/   \
    |____|  /______  / \_____  /   Copyright (c) 2001-2011 Nelson Brito
                   \/        \/             All Rights Reserved

Since the previous release version (H2HC), some improvements were introduced to 
this new version:
1. New License: It is, finally, licensed under GPL Version 2.0. Please, refer 
to LICENSE document for further information. The new project leader is Fernando 
Mercês (@FernandoMerces) and, as soon as possible, he will upload the source 
code to:
    - http://t50.sourceforge.net/

2. CIDR Support: Classless Inter-Domain Routing support for destination IP 
address, using a really tiny C algorithm. This would allow the new version to 
simulate DDoS/DRDoS in a laboratory environment.

    [...]

    001 netmask    = ~(0xffffffff>>bits);
    002 __1st_addr = (ntohl(address)&netmask)+1;
    003 hostid     = (1 << (32 - bits)) - 2;

    [...]

3. ELEVEN NEW Protocols: ELEVEN (11) more protocols supported by T50:
    1. IGMPv3: Internet Group Message Protocol v3
    2. EGP:    Exterior Gateway Protocol
    3. RIPv1:  Routing Information Protocol v1
    4. RIPv2:  Routing Information Protocol v2
    5. DCCP:   Datagram Congestion Control Protocol
    6. RSVP:   Resource ReSerVation Protocol
    7. IPSec:  Internet Protocol Security (AH/ESP)
    8. GRE:    Generic Routing Encapsulation
    9. EIGRP:  Enhanced Interior Gateway Routing Protocol
   10. OSPF:   Open Shortest Path First

4. Exotic Protocols: Advanced options and protocol crafting for RSVP, EIGRP, 
OSPF and GRE were added, allowing users to make any combination while using 
those exotic protocols. By the way, EIGRP is a proprietary protocol developed 
by CISCO Systems, Inc.

5. Encapsulation: T50 is capable now to encapsulate all its packet within the 
Generic Routing Encapsulation, making it the most powerful tool ever.

6. TCP Options Support: TCP Options are now supported to improve the TCP 
protocol, such as:
    1. TCP End of Option List (RFC 793)
    2. TCP No-Operation Option (RFC 793)
    3. TCP Maximum Segment Size Option (RFC 793)
    4. TCP Window Scale Option (RFC 1323)
    5. TCP Timestamps Option (RFC 1323)
    6. T/TCP Connection Count Option (RFC 1644)
    7. T/TCP CC.NEW Option (RFC 1644)
    8. T/TCP CC.ECHO Option (RFC 1644)
    9. TCP SACK-Permitted Option (RFC 2018)
   10. TCP Selective Acknowledgement Option (RFC 2018)
   11. TCP MD5 Signature Option (RFC 2385)
   12. TCP Authentication Option (RFC 5925)

7. Some T50 statistics (as of April 17th, 2011):
    - 33 code files
    - 13,763 code lines
    - 15 supported protocols
    - 1 socket file descriptor
    - 238 command line interface options

You can download both slide deck announcement and source code for the new 
version @ http://t50.4shared.com/! 

If you want, you can check the demo videos:
    - H2HC Demo: http://www.videolog.tv/video.php?id=614528
    - Web Security Forum Announcement: 
http://www.videolog.tv/video.php?id=643819

PS: Be nice when using T50, the authors (myself and Fernando Mercês - as of 
today) DENY its use for DoS/DDoS/DRDoS purposes.

Best regards.
--
Nelson Brito (@nbrito)
Security Researcher Enthusiast
8BD6 8CAD 41B7 19C5 EC04 C66D 70ED 23E4 E5AB 95EB

IP calculator - C algorithm three lines:
001 netmask   = ~(0xffffffff >> cidr);
002 hostid    = (1 << (32 - cidr)) - 2;
003 _1st_addr = (ntohl(addr) & netmask) + 1;


Attachment: pgpDAGfbeWr46.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/