----
sniffer:
-- connect sta's with associated ap's
- parse ctrl frames
- get ssid from (re)associations and connect to (hidden) ap
- fix display (if #sta/ap exceeds number of lines)
puts("\t\t-m <mode> \tieee80211 or prism");
puts("\t\t-d <device> \twlan0,eth0");
puts("\t\t-l <logfile>");
- puts("\t\t-k <key> \t(string)");
- puts("\t\t-D <file> \t(dump packages to file)");
+ //puts("\t\t-k <key> \t(string)");
+ puts("\t\t-D <file> \t(dump packages to file (pcap format))");
puts("\t\t-h \tdisplay this help message");
puts("");
++i;
break;
case 'D':
- if((info.dump_fd=open(argv[i+1],O_RDWR|O_CREAT))!=0)
- printf("dump file -> %s\n",argv[i+1]);
- else
- puts("warning: can't dump to file.");
+ printf("dump file -> %s\n",argv[i+1]);
+ strncpy(info.dump_file,argv[i+1],128);
++i;
break;
case 'd':
pcap_fd=pcap_fileno(info.pcap_handle);
/* -> non blocking? */
+ /* pcap dump */
+ if(strcmp(info.dump_file,"")) {
+ if((info.dump_handle=pcap_dump_open(info.pcap_handle,info.dump_file))==NULL) {
+ puts("pcap open dump file failed");
+ return -23;
+ }
+ }
+
/* socket fd for channel hopping */
info.channel_hop_fd=socket(AF_INET,SOCK_DGRAM,0);
list_shutdown(&(info.sniffed_sta));
input_shutdown(&(info.input));
display_shutdown(&(info.display));
+
+ if(info.dump_handle!=NULL) pcap_dump_close(info.dump_handle);
puts("");
puts("");
unsigned char mode; /* ieee802.11/prism mode */
char device[MAX_DEV_CHARS]; /* sniffed devie */
int log_fd; /* file descriptor for logfile */
- int pcap_fd; /* fd for reading pcap events */
- int dump_fd; /* fd for dumping received packages */
+ char dump_file[128];
+ pcap_dumper_t *dump_handle;
int current_channel;
int channel_hop_fd;
pcap_t *pcap_handle;
t_info *info;
int i;
t_sta new_sta;
+ t_sta *cmp_sta;
t_sta *sta;
unsigned char *package=NULL;
t_frame4_hdr *f4hdr;
new=0;
foo=0;
- if(info->dump_fd!=0) {
- ret=write(info->dump_fd,pcap_header,sizeof(struct pcap_pkthdr));
- if(ret!=sizeof(struct pcap_pkthdr))
- display_console(info,"warning, pcap header write failed!");
- ret=write(info->dump_fd,package,pcap_header->caplen);
- if(ret!=pcap_header->caplen)
- display_console(info,"warning, package write failed!");
- }
-
/* prism or ieee802.11 header ? */
if(info->mode&MODE_IEEE80211) {
package=(unsigned char *)pkg;
memcpy(new_sta.bssid,f3hdr->addr3,ADDR_LEN);
}
}
+
ret=list_search_data(&(info->sniffed_sta),&new_sta,ADDR_LEN);
if((ret==L_EMPTY_LIST)|(ret==L_NO_SUCH_ELEMENT)) {
list_add_element(&(info->sniffed_sta),&new_sta,sizeof(t_sta));
new=1;
}
else sta=(t_sta *)info->sniffed_sta.current->data;
+ if(!(sta->ap)) {
+ ret=list_count(&(info->sniffed_sta));
+ list_reset(&(info->sniffed_sta));
+ for(i=0;i<ret;i++) {
+ cmp_sta=(t_sta *)info->sniffed_sta.current->data;
+ if(!memcmp(cmp_sta->bssid,sta->bssid,ADDR_LEN)) {
+ if(FCTL_FROMDS(package[0]))
+ snprintf(sta->ssid,MAX_SSID_LEN,"<- %s",cmp_sta->ssid);
+ else if(FCTL_TODS(package[0]))
+ snprintf(sta->ssid,MAX_SSID_LEN,"-> %s",cmp_sta->ssid);
+ else
+ snprintf(sta->ssid,MAX_SSID_LEN,"<> %s",cmp_sta->ssid);
+ break;
+ }
+ list_next(&(info->sniffed_sta));
+ }
+ }
// fill in stuff ...
sta->count_data++;
switch_active_state(&(sta->active));
display_console(info,"last: got data frame");
}
+ if(info->dump_handle!=NULL) pcap_dump((unsigned char *)(info->dump_handle),pcap_header,pkg);
}
t_prism_val frame_len;
} __attribute__ ((packed)) t_prism_hdr;
-#define FCTL_VER(X) ((X&0x0003))
-#define FCTL_TYPE(X) ((X&0x000c)>>2)
-#define FCTL_STYPE(X) ((X&0x00f0)>>4)
-#define FCTL_TODS(X) ((X&0x0100)>>8)
-#define FCTL_FROMDS(X) ((X&0x0200)>>9)
-#define FCTL_MOREFRAG(X) ((X&0x0400)>>10)
-#define FCTL_RETRY(X) ((X&0x0800)>>11)
-#define FCTL_PWRMGT(X) ((X&1000)>>12)
-#define FCTL_MOREDATA(X) ((X&0x2000)>>13)
-#define FCTL_WEP(X) ((X&0x4000)>>14)
-#define FCTL_ORDER(X) ((X&0x800)>>15)
+#define FCTL_VER(X) (((*(u16 *)&X)&0x0003))
+#define FCTL_TYPE(X) (((*(u16 *)&X)&0x000c)>>2)
+#define FCTL_STYPE(X) (((*(u16 *)&X)&0x00f0)>>4)
+#define FCTL_TODS(X) (((*(u16 *)&X)&0x0100)>>8)
+#define FCTL_FROMDS(X) (((*(u16 *)&X)&0x0200)>>9)
+#define FCTL_MOREFRAG(X) (((*(u16 *)&X)&0x0400)>>10)
+#define FCTL_RETRY(X) (((*(u16 *)&X)&0x0800)>>11)
+#define FCTL_PWRMGT(X) (((*(u16 *)&X)&1000)>>12)
+#define FCTL_MOREDATA(X) (((*(u16 *)&X)&0x2000)>>13)
+#define FCTL_WEP(X) (((*(u16 *)&X)&0x4000)>>14)
+#define FCTL_ORDER(X) (((*(u16 *)&X)&0x800)>>15)
#define FCTL_TYPE_MGMT 0
#define FCTL_TYPE_CTRL 1
projects / my-code / hdw-sniff.git / commitdiff