From: hackbard Date: Wed, 4 Dec 2002 22:47:32 +0000 (+0000) Subject: clean file write now X-Git-Url: https://hackdaworld.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2d887777866454a450211bd1373b0f716abb9fb4;p=my-code%2Fhdw-sniff.git clean file write now --- diff --git a/hdw-sniff.c b/hdw-sniff.c index 0c73bc9..7a549e5 100644 --- a/hdw-sniff.c +++ b/hdw-sniff.c @@ -127,13 +127,13 @@ void pcap_process(u_char *info,const struct pcap_pkthdr *pcap_header, const u_char *package) { /* local variables */ - char tmp_buf[20],crypted_snap[12],tmp_buf1[10],tmp_buf2[32]; + char tmp_buf[20],tmp_buf1[10],tmp_buf2[32]; + unsigned char crypted_snap[12]; struct linux_wlan_ng_prism_hdr *prism_hdr; struct ieee802_11_hdr *w_hdr; struct snaphdr *snap_hdr; struct beacon_struct *beacon_hdr; struct ethhdr *e_hdr; - struct iphdr *ip_hdr; struct info_struct *my_info_struct; int i,p_o,w_o,e_o,i_o; @@ -230,7 +230,7 @@ void pcap_process(u_char *info,const struct pcap_pkthdr *pcap_header, if((strncmp(my_info_struct->dev,"eth",3)==0) | ((w_hdr->frame_ctl & IEEE802_11_FTYPE_DATA)==IEEE802_11_FTYPE_DATA)) { - if(!(w_hdr->frame_ctl & IEEE802_11_FTYPE_DATA)) { + if((strncmp(my_info_struct->dev,"eth",3)==0)) { printf("ethernet: (%d bytes)\n",e_o); e_hdr=(struct ethhdr *)(package+p_o+w_o); /* what types ? */ @@ -242,6 +242,8 @@ void pcap_process(u_char *info,const struct pcap_pkthdr *pcap_header, printf(" src_addr = "); for(i=0;ih_source+i), ((i==ETH_ALEN-1)?"\n":":")); + if((ntohs(e_hdr->h_proto)==ETH_P_IP)) + parse_ip(package+p_o+w_o+e_o); } else { snap_hdr=(struct snaphdr *)(package+p_o+w_o); @@ -254,7 +256,9 @@ void pcap_process(u_char *info,const struct pcap_pkthdr *pcap_header, printf("- no encryption!\n"); if(snap_hdr->proto==ntohs(ETH_P_IP)) { e_o=sizeof(struct snaphdr); + parse_ip(snap_hdr+e_o); } + } else { printf("- crypted packet!\n"); @@ -264,7 +268,7 @@ void pcap_process(u_char *info,const struct pcap_pkthdr *pcap_header, printf("%x ",*(snap_hdr->snap+i)); crypted_snap[i]=*(snap_hdr->snap+i); } - /* + /* xor with plain crypted_snap[4]^=0xaa; crypted_snap[5]^=0xaa; crypted_snap[6]^=0x03; @@ -276,46 +280,22 @@ void pcap_process(u_char *info,const struct pcap_pkthdr *pcap_header, printf("\n"); crypted_snap[10]='\0'; crypted_snap[11]='\n'; + if(file_fd>0) { printf("debug: saved to file\n"); - write(file_fd,crypted_snap,11); + dprintf(file_fd,IVLINE,IVL_ARGS); } } } - - /* IP ? */ - if((ntohs(e_hdr->h_proto)==ETH_P_IP) | (ntohs(snap_hdr->proto)==ETH_P_IP)) { - printf("ip protocol: (%d bytes)\n",i_o); - ip_hdr=(struct iphdr *)(package+p_o+w_o+e_o); - printf("version = %x ",ntohs(ip_hdr->version)); - printf("header_length = %x \n",ntohs(ip_hdr->ihl)); - printf("service = %x ",ntohs(ip_hdr->tos)); - printf("total_length(dec.) = %d \n",ntohs(ip_hdr->tot_len)); - printf("source_ip: "); - for(i=0;i<=3;++i) { - printf("%d%s", - (ip_hdr->saddr&(0xff<<(8*i)))>>(8*i), - (i==3?"\n":".")); - } - printf("destination_ip: "); - for(i=0;i<=3;++i) { - printf("%d%s", - (ip_hdr->daddr&(0xff<<(8*i)))>>(8*i), - (i==3?"\n":".")); - } - printf("ip_id = %x ",ntohs(ip_hdr->id)); - printf("ip_offset = %x \n",ntohs(ip_hdr->frag_off)); - printf("time2live = %x ip_proto = %x\n",ntohs(ip_hdr->ttl), - ntohs(ip_hdr->protocol)); - // printf("chksum: %x\n",ntohs(ip_hdr->ip_sum)); - } } - /* check what we have ... */ + /* dump it */ +#ifdef SHOW_HEX printf("all dump: (hex)\n"); for(i=p_o+w_o;icaplen;i++) printf("%x ",*(package+i)); printf("\n"); +#endif #ifdef DEBUG_CHAR printf("all dump: (char)\n"); for(i=p_o+w_o;icaplen;i++) @@ -344,3 +324,32 @@ int hop_channel(struct info_struct *info,int foo_fd) { } return 0; } + +int parse_ip(char *ip_o) { + struct iphdr *ip_hdr; + int i; + + printf("ip protocol:\n"); + ip_hdr=(struct iphdr *)ip_o; + printf("version = %x ",ntohs(ip_hdr->version)); + printf("header_length = %x \n",ntohs(ip_hdr->ihl)); + printf("service = %x ",ntohs(ip_hdr->tos)); + printf("total_length(dec.) = %d \n",ntohs(ip_hdr->tot_len)); + printf("source_ip: "); + for(i=0;i<=3;++i) { + printf("%d%s", + (ip_hdr->saddr&(0xff<<(8*i)))>>(8*i), + (i==3?"\n":".")); + } + printf("destination_ip: "); + for(i=0;i<=3;++i) { + printf("%d%s", + (ip_hdr->daddr&(0xff<<(8*i)))>>(8*i), + (i==3?"\n":".")); + } + printf("ip_id = %x ",ntohs(ip_hdr->id)); + printf("ip_offset = %x \n",ntohs(ip_hdr->frag_off)); + printf("time2live = %x ip_proto = %x\n",ntohs(ip_hdr->ttl), + ntohs(ip_hdr->protocol)); + // printf("chksum: %x\n",ntohs(ip_hdr->ip_sum)); +} diff --git a/hdw-sniff.h b/hdw-sniff.h index 38b2db9..908b95b 100644 --- a/hdw-sniff.h +++ b/hdw-sniff.h @@ -2,6 +2,9 @@ #include "list.h" #define C_MAX 14 +#define IVLINE "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n" +#define cs(n) crypted_snap[n] +#define IVL_ARGS cs(0),cs(1),cs(2),cs(3),cs(4),cs(5),cs(6),cs(7),cs(8),cs(9) /* the pcap_process callback function */ void pcap_process(u_char *count,const struct pcap_pkthdr *pcap_header, @@ -24,6 +27,7 @@ struct info_struct { /* hop_chanel function */ int hop_channel(struct info_struct *info,int foo_fd); +int parse_ip(char *ip_o); /* ssid struct */ struct ssid_struct {