X-Git-Url: https://hackdaworld.org/gitweb/?a=blobdiff_plain;f=hdw-sniff.c;fp=hdw-sniff.c;h=0000000000000000000000000000000000000000;hb=1bc659fa450df2108ab59b085e75564b7ac19995;hp=bd0b8edabee6a367ff58a8951fbd60ab5ab6d104;hpb=f495a11c9e880f1f55aa8e6c44c065228e55e5c5;p=my-code%2Fhdw-sniff.git

diff --git a/hdw-sniff.c b/hdw-sniff.c
deleted file mode 100644
index bd0b8ed..0000000
--- a/hdw-sniff.c
+++ /dev/null
@@ -1,383 +0,0 @@
-/*
- * hdw-sniff, sniffer using pcap lib
- *
- * author: hackbard@hackdaworld.dyndns.org
- */
-
-#define _GNU_SOURCE
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <sys/socket.h>
-#include <time.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <pcap.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <sys/ioctl.h>
-
-/* IEEE 802.3 stuff -- i will concentrate on .11 stuff before! */
-#include <netinet/if_ether.h>  /* for ethhdr struct */
-#include <netinet/ip.h> /* ip */
-#include <netinet/in.h>	/* in_addr , inet_ntoa */
-#include <netinet/tcp.h> /* tcp header and protocols */
-
-/* IEEE 802.11 stuff -- will become one include later ... */
-#include "ieee80211.h" /* from hunz's aeolus, short hostap_wlan.h */
-#include "ieee802_11.h" /* from pcmcia-cs */
-
-#include "hdw-sniff.h" /* my functions */
-
-/* global variables */
-int file_fd=0;
-
-int main(int argc, char *argv[]) {
-
-	char pcap_error[PCAP_ERRBUF_SIZE];
-	pcap_t *pcap_handle;
-	int pcap_fd,foo_fd;
-	fd_set pcap_fd_set;
-	struct timeval fd_set_tv;
-	char sys_call[30];
-	struct info_struct my_info_struct;
-	
-	/* parse the arguments */
-	if(argc<3) {
-		printf("usage: %s <interface> <monitor mode> <logfile>\n",
-			argv[0]);
-		return 0;
-	}
-	if(argc!=4) {
-		printf("no logfile specified, writing to stdout ...\n");
-	} 
-	else {
-		if((file_fd=open(argv[3],O_RDWR | O_CREAT))!=0) {
-			printf("writing to logfile %s ...\n",argv[3]);
-			dprintf(file_fd,"|iv - --|id|crypted_snap - --|\n");
-		}
-		else {
-			printf("can't open logfile. not logged to file!\n");
-		}
-	}
-			
-	/* setting up device and set monitor mode */
-	if(atoi(argv[2])==1) {
-		printf("setting to monitor mode\n");
-		if(strncmp(argv[1],"wlan",4)==0)
-			sprintf(sys_call,"iwpriv %s monitor 3",argv[1]);
-		if(strncmp(argv[1],"eth",3)==0)
-			sprintf(sys_call,"ifconfig %s promisc",argv[1]);
-	system(sys_call);
-	}
-	printf("setting up interface\n");
-	sprintf(sys_call,"ifconfig %s up",argv[1]);
-	system(sys_call);
-
-	/* start pcap session */
-	pcap_handle=pcap_open_live(argv[1],BUFSIZ,1,-1,pcap_error);
-	if(pcap_handle==NULL) {
-		printf("%s: %s\n",argv[0],pcap_error);
-		return 1;
-	}
-
-	/* set non blocking */
-	if((pcap_setnonblock(pcap_handle,1,pcap_error))==-1) {
-		printf("%s: %s\n",argv[0],pcap_error);
-		return 1;
-	}
-	
-	/* set info struct */
-	my_info_struct.count=0;
-	my_info_struct.mmode=argv[2][0];
-	my_info_struct.ssid_list=(struct list *)malloc(sizeof(struct list));
-	my_info_struct.ssid_list->next=NULL;
-	// strcpy(my_info_struct.ssid_list->ssid,"test");
-	strcpy(my_info_struct.dev,argv[1]);
-
-	/* prepare for select */
-	pcap_fd=pcap_fileno(pcap_handle);
-
-	/* create file descriptor */
-	if((foo_fd=socket(AF_INET,SOCK_DGRAM,0))==-1) {
-		printf("unable to create socket foo_fd\n");
-		return -1;
-	}
-
-	/* do loopp */
-	while (1) {
-
-		/* set pcap_fd */
-		FD_ZERO(&pcap_fd_set);
-		FD_SET(pcap_fd,&pcap_fd_set);
-		fd_set_tv.tv_sec=0;
-		fd_set_tv.tv_usec=200000;
-
-		if((select(pcap_fd+1,&pcap_fd_set,NULL,NULL,&fd_set_tv)) && (FD_ISSET(pcap_fd,&pcap_fd_set))) pcap_dispatch(pcap_handle,-1,pcap_process,(u_char *)&my_info_struct);
-		else if((hop_channel(&my_info_struct,foo_fd))==-1) { 
-			printf("channelhopping failed, aborting\n");
-			return -1;
-		}
-	}
-	return 0;
-}
-
-
-/* pcap_process callback function */
-void pcap_process(u_char *info,const struct pcap_pkthdr *pcap_header,
-			const u_char *package) {
-	
-	/* local variables */
-	char tmp_buf[20],tmp_buf1[10],tmp_buf2[32];
-	unsigned char crypted_snap[12];
-	struct linux_wlan_ng_prism_hdr *prism_hdr;
-	struct ieee802_11_hdr *w_hdr;
-	struct snaphdr *snap_hdr;
-	struct beacon_struct *beacon_hdr;
-	struct ethhdr *e_hdr;
-	struct info_struct *my_info_struct;
-	int i,p_o,w_o,e_o,i_o,special_o=0;
-	
-	my_info_struct=(struct info_struct *)info;
-	++(my_info_struct->count);
-	
-	/* cache offsets */
-	p_o=((strncmp(my_info_struct->dev,"wlan",4)==0)?sizeof(struct linux_wlan_ng_prism_hdr):0);
-	w_o=((strncmp(my_info_struct->dev,"wlan",4)==0)?sizeof(struct ieee802_11_hdr):0);
-	e_o=sizeof(struct ethhdr);
-	i_o=sizeof(struct iphdr);
-
-	/* new package */
-	printf("\n");
-	printf("---> package %d ---- %s",my_info_struct->count,
-			ctime((const time_t*)&(pcap_header->ts.tv_sec)));
-	
-	/* pcap header */
-	printf("pcap header: ");
-	printf("capture_length(dec): %d\t",pcap_header->caplen);
-	printf("off_wire_length(dec): %d\n",pcap_header->len);
-
-	/* wireless stuff */
-	/* prism wlan ng headers */
-	if((my_info_struct->mmode-0x30==1) &
-		(strncmp(my_info_struct->dev,"wlan",4)==0)) {
-	printf("prism header: (%d bytes)\n",p_o);
-	prism_hdr=(struct linux_wlan_ng_prism_hdr *)package;
-	printf("| message code/length: %d/%d |\t",prism_hdr->msgcode,
-						prism_hdr->msglen);
-	printf("device: %s |\n",prism_hdr->devname);
-	/* ieee802.11 header */
-
-	/* we need smaller w_hdr for non distributed frames */
-	if((w_hdr->frame_ctl & (1<<8)) && (w_hdr->frame_ctl & (1<<9))) {
-		printf("=> distributed packet !!!!11\n");
-	} else w_o-=(sizeof(struct snaphdr)-sizeof(unsigned short));
-
-	printf("ieee802.11 header: (%d bytes)\n",w_o);
-	w_hdr=(struct ieee802_11_hdr *)(package+p_o);
-	
-	printf("fc: ");
-	for(i=0;i<16;i++)
-		printf("%s%d%s",(i==0?"|":""),
-				(((w_hdr->frame_ctl) & (1<<i))>0?1:0),
-				(i==15?"|\n":"|"));
-	printf("    | v | t |  s-t  |t|f|m|r|p|m|w|o|\n");
-	/* frame type */
-	/* management */
-	if(!(w_hdr->frame_ctl & 0x0c)) {
-	tmp_buf1[0]='\0'; tmp_buf2[0]='\0';
-	if((w_hdr->frame_ctl & IEEE802_11_STYPE_ASSOC_REQ)>0)
-		strcpy(tmp_buf,"association request");
-	else if((w_hdr->frame_ctl & IEEE802_11_STYPE_ASSOC_RESP)>0)
-		strcpy(tmp_buf,"association response");
-	else if((w_hdr->frame_ctl & IEEE802_11_STYPE_REASSOC_REQ)>0)
-		strcpy(tmp_buf,"reassociation request");
-	else if((w_hdr->frame_ctl & IEEE802_11_STYPE_REASSOC_RESP)>0)
-		strcpy(tmp_buf,"reassociation response");
-	else if((w_hdr->frame_ctl & IEEE802_11_STYPE_PROBE_REQ)>0)
-		strcpy(tmp_buf,"probe request");
-	else if((w_hdr->frame_ctl & IEEE802_11_STYPE_PROBE_RESP)>0)
-		strcpy(tmp_buf,"probe response");
-	else if((w_hdr->frame_ctl & IEEE802_11_STYPE_BEACON)==IEEE802_11_STYPE_BEACON) {
-		beacon_hdr=(struct beacon_struct *)(package+p_o+w_o);
-		beacon_hdr->ssid_s.elementid==0?strcpy(tmp_buf1,"essid = ")
-						:strcpy(tmp_buf1,"ibssid = ");
-		strncpy(tmp_buf2,beacon_hdr->ssid_s.ssid,
-				beacon_hdr->ssid_s.length);
-		
-		tmp_buf2[beacon_hdr->ssid_s.length]='\0';
-		strcpy(tmp_buf,"beacon");
-		add_ssid_2_list(tmp_buf2,beacon_hdr->capability,
-				my_info_struct->ssid_list);
-	}
-	else if((w_hdr->frame_ctl & IEEE802_11_STYPE_ATIM)>0)
-		strcpy(tmp_buf,"announcement traffic indication message");
-	else if((w_hdr->frame_ctl & IEEE802_11_STYPE_DISASSOC)>0)
-		strcpy(tmp_buf,"disassociation");
-	else if((w_hdr->frame_ctl & IEEE802_11_STYPE_AUTH)>0)
-		strcpy(tmp_buf,"authentification");
-	else if((w_hdr->frame_ctl & IEEE802_11_STYPE_DEAUTH)>0)
-		strcpy(tmp_buf,"deauthentification");
-	else strcpy(tmp_buf,"impossible situation \%) - go mail the author.");
-	}
-	else strcpy(tmp_buf,"control or data frame type");
-
-	printf("=> %s\n",tmp_buf);
-	if((strlen(tmp_buf1)>0) && (strlen(tmp_buf2)>0)) printf("   %s%s\n",
-							tmp_buf1,
-							tmp_buf2);
-	printf("duration/id: 0x%x\n",w_hdr->duration_id);
-	printf("version check ... %s\n",
-	((w_hdr->frame_ctl & IEEE802_11_FCTL_VERS)==0x00)?
-							"ok":"unknown");
-	}
-
-	/* ethernet */
-	if((strncmp(my_info_struct->dev,"eth",3)==0) | 
-	((w_hdr->frame_ctl & IEEE802_11_FTYPE_DATA)==IEEE802_11_FTYPE_DATA)) {
-
-	if((strncmp(my_info_struct->dev,"eth",3)==0)) {
-		printf("ethernet: (%d bytes)\n",e_o);
-		e_hdr=(struct ethhdr *)(package+p_o+w_o);
-		special_o=sizeof(struct ethhdr);
-		/* what types ? */
-		printf("type = ");
-		printf("%x  ",ntohs(e_hdr->h_proto));
-		printf("dest_addr = ");
-		for(i=0;i<ETH_ALEN;i++)
-		printf("%x%s",*(e_hdr->h_dest+i),((i==ETH_ALEN-1)?" ":":"));
-		printf(" src_addr = ");
-		for(i=0;i<ETH_ALEN;i++) printf("%x%s",*(e_hdr->h_source+i),
-						((i==ETH_ALEN-1)?"\n":":"));
-		if((ntohs(e_hdr->h_proto)==ETH_P_IP))
-					parse_ip(package+p_o+w_o+e_o);
-	} 
-	else {
-		snap_hdr=(struct snaphdr *)(package+p_o+w_o);
-		if((snap_hdr->snap[0]==0xaa) &
-		   (snap_hdr->snap[1]==0xaa) &
-		   (snap_hdr->snap[2]==0x03) &
-		   (snap_hdr->snap[3]==0x00) &
-		   (snap_hdr->snap[4]==0x00) &
-		   (snap_hdr->snap[5]==0x00)) {
-			printf("- no encryption!\n");
-			if(snap_hdr->proto==ntohs(ETH_P_IP)) {
-				e_o=sizeof(struct snaphdr);
-				parse_ip((char *)(snap_hdr+e_o));
-			}
-
-		}
-		else {
-			printf("- crypted packet!\n");
-			/* print crypted snap - write into file */
-			printf("snap: (iv(3) + index(1) + crypted snap(6)) ");
-			for(i=0;i<10;i++) {
-				printf("%x ",*(snap_hdr->snap+i));
-				crypted_snap[i]=*(snap_hdr->snap+i);
-			}
-			/* xor with plain
-			crypted_snap[4]^=0xaa;
-			crypted_snap[5]^=0xaa;
-			crypted_snap[6]^=0x03;
-			crypted_snap[7]^=0x00;
-			crypted_snap[8]^=0x00;
-			crypted_snap[9]^=0x00;
-			*/
-
-			printf("\n");
-			crypted_snap[10]='\0';
-			crypted_snap[11]='\n';
-			
-			if(file_fd>0) {
-				printf("debug: saved to file\n");
-				dprintf(file_fd,IVLINE,IVL_ARGS);
-			}
-		}
-	}
-	}
-
-	/* dump it */
-#ifdef SHOW_HEX
-	printf("all dump: (hex)\n");
-	for(i=p_o+w_o+special_o;i<pcap_header->caplen;i++)
-		printf("%x ",*(package+i));
-	printf("\n");
-#endif
-#ifdef DEBUG_CHAR
-	printf("all dump: (char)\n");
-	for(i=p_o+w_o;i<pcap_header->caplen;i++)
-		printf("%c ",*(package+i));
-	printf("\n");
-#endif
-}
-
-int hop_channel(struct info_struct *info,int foo_fd) {
-	if((info->mmode-0x30==1) && (strncmp(info->dev,"wlan",4)==0)) {
-
-	struct iwreq my_iwreq;
-
-	if (info->channel>=C_MAX) info->channel=1;
-
-	memset(&my_iwreq,0,sizeof(my_iwreq));
-	strcpy(my_iwreq.ifr_name,info->dev);
-	my_iwreq.u.freq.e=0;
-	my_iwreq.u.freq.m=info->channel;
-	if((ioctl(foo_fd,SIOCSIWFREQ,&my_iwreq))==-1) {
-		printf("unable to hop channels\n");
-		perror("ioctl");
-		return -1;
-	}
-	++(info->channel);
-	}
-	return 0;
-}
-
-int parse_ip(char *ip_o) {
-	struct iphdr *ip_hdr;
-	int i;
-
-	printf("ip protocol:\n");
-	ip_hdr=(struct iphdr *)ip_o;
-	printf("version = %x ",ip_hdr->version);
-        printf("header_length = %x \n",ip_hdr->ihl);
-        printf("service = %x ",ip_hdr->tos);
-        printf("total_length(dec.) = %d \n",ip_hdr->tot_len);
-        printf("source_ip: ");
-        	for(i=0;i<=3;++i) {
-                        printf("%d%s",
-                        (ip_hdr->saddr&(0xff<<(8*i)))>>(8*i),
-                        (i==3?"\n":"."));
-                }
-        printf("destination_ip: ");
-        for(i=0;i<=3;++i) {
-        	printf("%d%s",
-               	(ip_hdr->daddr&(0xff<<(8*i)))>>(8*i),
-                (i==3?"\n":"."));
-	}
-	printf("ip_id = %x ",ntohs(ip_hdr->id));
-        printf("ip_offset = %x \n",ip_hdr->frag_off);
-        printf("time2live = %x ip_proto = %x\n",ip_hdr->ttl,ip_hdr->protocol);
-	/* how to continue */
-	if(ip_hdr->protocol==IPPROTO_TCP) 
-			parse_tcp(ip_hdr+sizeof(struct iphdr));
-	if(ip_hdr->protocol==IPPROTO_UDP)
-			printf("udp package! get's parsed in the future\n");
-        // printf("chksum: %x\n",ntohs(ip_hdr->ip_sum));
-}
-
-int parse_tcp(char *tcp_o) {
-	struct tcphdr *tcp_hdr;
-
-	printf("tcp protocol:\n");
-	tcp_hdr=(struct tcphdr *)tcp_o;
-	printf("source port: %d - dest port: %d\n",ntohs(tcp_hdr->source),
-						ntohs(tcp_hdr->dest));
-	printf("sequence: %d - ack sequence: %d\n",ntohs(tcp_hdr->seq),
-						ntohs(tcp_hdr->ack_seq));
-	printf("offset to data: %d - checksumm: %d\n",ntohs(tcp_hdr->doff)
-						,ntohs(tcp_hdr->check));
-	return 1;
-}