2 * parse.c - parsing of pcap packages
4 * author: hackbard@hackdaworld.dyndns.org
11 /* all the parsing stuff will go here
13 * different protocols should get to seperated files though ...
16 int switch_active_state(char *state) {
36 void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,const unsigned char *package) {
42 //t_frame4_hdr *f4hdr;
44 //t_frame2_hdr *f2hdr;
45 //t_frame1_hdr *f1hdr;
46 t_beacon_fb *beacon_fb;
48 char string[MESSAGE_MAX];
49 char sc[MAX_SYSCALL_CHARS];
56 memset(&new_sta,0,sizeof(t_sta));
59 if(info->dump_fd!=0) {
60 ret=write(info->dump_fd,pcap_header,sizeof(struct pcap_pkthdr));
61 if(ret!=sizeof(struct pcap_pkthdr))
62 display_console(info,"warning, pcap header write failed!");
63 ret=write(info->dump_fd,package,pcap_header->caplen);
64 if(ret!=pcap_header->caplen)
65 display_console(info,"warning, package write failed!");
68 /* maybe there is offset to the actual ieee802.11 frame,
69 for example prism header ...
70 in that case, hack the source! */
73 if(FCTL_TYPE(package[0])==FCTL_TYPE_MGMT) {
77 if(FCTL_STYPE(package[0])==FCTL_STYPE_BEACON) {
78 f3hdr=(t_frame3_hdr *)package;
79 beacon_fb=(t_beacon_fb *)(package+sizeof(t_frame3_hdr));
81 memcpy(new_sta.addr,f3hdr->addr2,ADDR_LEN);
82 ret=list_search_data(&(info->sniffed_sta),&new_sta,ADDR_LEN);
83 if((ret==L_EMPTY_LIST)|(ret==L_NO_SUCH_ELEMENT)) {
84 list_add_element(&(info->sniffed_sta),&new_sta,sizeof(t_sta));
85 sta=(t_sta *)info->sniffed_sta.current->data;
88 else sta=(t_sta *)info->sniffed_sta.current->data;
90 memcpy(sta->ssid,beacon_fb->ssid,beacon_fb->ssid_length);
91 if((CAP_INFO_ESS(beacon_fb->cap_info))&
92 (CAP_INFO_IBSS(beacon_fb->cap_info)==0)) sta->ap=AP;
93 if(CAP_INFO_PRIVACY(beacon_fb->cap_info)) sta->wep=WEP;
95 switch_active_state(&(sta->active));
96 strncpy(string,"last: beacon, source: ",MESSAGE_MAX);
97 for(i=0;i<ADDR_LEN;i++)
98 snprintf(&string[22+3*i],4,"%02x%c",sta->addr[i],
99 (i==ADDR_LEN-1)?'.':':');
100 string[22+3*ADDR_LEN+1]=0;
101 display_console(info,string);
103 snprintf(sc,MAX_SYSCALL_CHARS,
104 "flite 'access point found: %s'",
107 if(sta->wep&WEP) strncpy(sc,"flite ' crypted'",MAX_SYSCALL_CHARS);
108 else strncpy(sc,"flite 'not crypted'",MAX_SYSCALL_CHARS);
116 else if(FCTL_TYPE(package[0])==FCTL_TYPE_CTRL) {
118 display_console(info,"last: got control frame");
122 else if(FCTL_TYPE(package[0])==FCTL_TYPE_DATA) {
124 display_console(info,"last: got data frame");