#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; version 2 only.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program; if not, write to the Free Software
#    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
#

# This is a rather dumb TCP fuzzer I coded during some free time
# It requires Scapy (http://www.secdev.org/projects/scapy/)
# This will create thousands of correct TCP/IP-packets and append some random bits from /dev/urandom
# After sending the packet the fuzzer will check if the targeted server is still running

from scapy import *
from commands import getoutput


TARGET_IP = "127.0.0.1" # Where to? Needs to be an IP of the local machine!
SOURCE_IP = "133.7.133.7" # Where from?
TARGET_PORT = 80 # What port to?
SOURCE_PORT = 31337 # What port from?
PID = "10609" # PID of the server

ip_part = IP()
ip_part.dst = TARGET_IP
ip_part.src = SOURCE_IP
tcp_part = TCP()
tcp_part.dport = TARGET_PORT
tcp_part.sport = SOURCE_PORT
tcp_part.ack = 1

urandom = open("/dev/urandom")

conf.verb = 0

x = 0
while 1:
	x += 1
	crap = urandom.readline()
	tcp_part.seq = x
	send(ip_part/tcp_part/crap)
	if PID in getoutput("ps -ax"):
		if x % 100 == 0:
			print "Paket "+repr(x)+" looks good"
		continue
	else:
		import random
		r = repr(random.randint(0,99999999))
		print "Server Crashed..."
		print "Please investigate"
		f = open(r+".dump","w")
		f.write(crap)
		f.close()
		print "Crap has been saved to "+r+".dump!"
		break