rain - a powerful, fully customizable packet builder
Synopsis
Description
Disclaimer
Options
Examples
Bugs
Author
Copyright
Conforming To
rain [ options ] -t lt;target-hostgt;
rain is a powerful packet builder for stress testing hardware and software. Its features include support for all IP protocols, and the ability to fully customize the packets it sends.
This program was written with the intent to help system administrators discover weaknesses in their services. This program is not intended to be abused maliciously and the author of this program will take absolutely no responsibility for any damage that this program may cause.Please be responsible and use this program for testing on your system only!!
Options must be seperate. -v -v is recognized while -vv is not.Most options can also take hexidecimal arguments, prefixed with 0x.
Alot of the following options require root priviledges. Try rain --help as a non-root user to see normal user options.
-v This causes rain to output more verbosely. You may use it up to three times. It is recommended that you use this option, and verbose mode may very well be implemented without the use of -v in the future
-c <count> When specified, count packets will be sent, rather than infinite. Default value is 0 (infinite).
-d <delay> This will cause rain to wait delay microseconds between packet sends. The default value is 10000.
-b Specify this option if the target host is a broadcast address. If the target address contains "255", rain will automatically assume it to be a broadcast address, and allow broadcast messages.
-s <source-hostname> This sets the source hostname of each packet sends. The default value will be the IP address of the primary outgoing interface. -s 0 will cause the source hostname to be random with each packet sent.
-t <target-hostname> This sets the target hostname, where the packets will be sent.
--size <bytes> This specifies the size in bytes of each packet sent. The default is the kernels default maximum TCP segment size, usually 507. (See macro TCP_MSS in netinet/tcp.h)
-p | --dport | --destination-port <destination-port> These options specify the destination port on the target host. Using a value of 0 will cause the destination-port to be random with each packet. Default value is 138.
--sport | --source-port <source-port> These options specify the default source port of each packet. Using a value of 0 will cause the source-port to be random with each packet. Default value is 420.
--timeout <seconds> This specifies how many seconds of inactivity to wait before exiting in TCP streaming showers, such as --stream and --connect which are described later. The default value is 10 seconds.
--sim <simulation-number> When specified, rain will simulate one of several well known DoS attacks. Here are the possible values:
0 - fawx2.c
1 - bloop.c
2 - jolt2.c
3 - trash2.c
4 - raped.c
--noblock This sets all socket I/O to be non-blocking. This will result in faster packet sending with showers such as --connect, although it will not wait for the entire TCP handshake before sending the next connection request. If you are not sure what this is for, dont use it.
--oob When specified, all packets will be sent as Out-of-Band data (MSG_OOB).
--noroute When specified, rain will bypass any underlying routing mechanisms (such as the kernel routing table) for direct sends to local area networks.
--udp This option specifies that you will be sending UDP/IP packets.
--tcp This option specifies that you will be sending TCP/IP packets. (Default)
--stream When specified, rain will use a connection based, streaming send shower. This means that you cannot spoof the source address nor customize any aspects of the packets other than the size, payload, Time to Live, and Type of Service.
--connect When specified, rain will use a streamed connection shower (it will call connect() many times). The same non-spoofing and customization rules apply to --connect as they do in --stream.
--seq <number> When specified, the TCP sequence value will be set to number. The default value is the process id.
--win <number> When specified, the TCP window-size will be set to number. The default value is 56.
--urg This will set the TCP URG (urgent) bit.
--ack This will set the TCP ACK (acknowledgement) bit.
--psh This will set the TCP PSH (push) bit.
--rst This will set the TCP RST (reset) bit.
--syn This will set the TCP SYN (synchronize) bit.
--fin This will set the TCP FIN (finish) bit.
--ack-seq <number> When specified, rain will set the TCP acknowledgement sequence to number. Specifying a value of 0 will cause the ack sequence field to increase with each packet send, thus overflowing it in large sends. Default value is 0 (overflow).
--res <number> When specified, rain will set the TCP reserved bits to number. This number cannot exceed 15. The default value is 0. It is highly recommended that you do not touch this option unless you are confident with what you are doing.
--icmp This option specifies that you will be sending ICMP/IP packets.
--list-icmp This will cause rain to list all known ICMP type/code combinations for your reference.
--icmp-type <number> This will set the packets ICMP type to number. ( see --list-icmp )
--icmp-code <number> This will set the packets ICMP code to number. ( see --list-icmp )
--icmp-id <number> This will set the packets ICMP id to number.
--icmp-seq <number> This will set the packets ICMP sequence value to number.
--icmp-mtu <number> This will set the packets ICMP MTU (maximum transfer unit) value to number.
--icmp-gw | -g <address> This will set the packets ICMP gateway address to address.
--igmp This options specifies that you will be using IGMP/IP packets.
--list-igmp This will cause rain to list all known IGMP type/code combinations for your reference.
--igmp-type <number> This will set the packets IGMP type to number. ( see --list-igmp )
--igmp-code <number> This will set the packets IGMP code to number. ( see --list-igmp )
--igmp-ga | -g <address> This will set that packets IGMP group address to address. This is only effective in non membership queries.
--frag <number> This will set the packets fragmentation offset to number.
--df When specified, rain will set the appropriate "Dont Fragment!" bits in each packet, which tells the target host not to fragment the packets it receives.
--tos <number> This will set the packets TOS (Type of Service) value to number. Use with -v -v to see a description of the Type of Service you specified.
--ttl <number> This will set the packets TTL (Time to Live) value to number. Default value is 64.
--id <number> This will set the packets IP id sequence to number. Default value is the process id.
--id-of When specified, rain will increase the value of the IP ID field by one with each packet, hence overflowing the field in large sends.
--payload | --pl <string> This will insert string into each packets payload. Note that multi word strings must be quoted.
--fill <ascii-character> This will initially fill the packets payload with ascii-character. This does not conflict with --payload. Default value is 0xA1.
--version | -V This will print rains version information and exit.
--help [topic] This will print rains help menu. topic is an optional argument that will print topic specific information. Such as --help --tos
Here are some examples of using rain.rain -t localhost -s 0 --tcp --ack -p 0 --sport 0 --size 1024
This will send an infinite amount of 1,024 byte TCP ACK packets to random ports on localhost, from random ports and random hosts. (similar to raped.c)
rain -c 10 -t localhost --igmp --igmp-type 0x17 --igmp-code 0 -g 192.168.1.24 -s 192.168.0.4
This will send 10 IGMP "leave group 192.168.1.24" packets to localhost from 192.168.0.4
rain -t localhost -c 0xA --udp --size 1400 -s localhost --df --tos 0x24 --ttl 255
This will send 10 1,400 byte UDP packets across the loopback interface with the "Dont Fragment!" bits set, a high priority Type of Service and the maxmimum Time to Live value of 255.
There is an issue with malloc() allocating the wrong amount of bytes for packet sizes in FreeBSD 4.3-STABLEIn Linux, Kernel 2.4.4, packets will not pass through IP when a fragmentation offset is specified. This is a bug in the Linux kernel and not rain.
Michael - mystic@tenebrous.com
This software is Copyright(c) 2001 by Michael (mystic@tenebrous.com) and licensed under the GNU General Public License.
Posix, 4.4BSD
Version 1.2.8 | rain (1) | July 30th, 2001 |
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek