--- /dev/null
+todo
+----
+
+sniffer:
+- connect sta's with associated ap's
+- parse ctrl frames
+- get ssid from (re)associations and connect to (hidden) ap
+- fix display (if #sta/ap exceeds number of lines)
+
+wep:
+- write wep daemon waiting for crypted ethernet snaps to be cracked
+ - win key gen (40 bit) bug
+ - wordlist attack
+
display_string(display,GUI_OFFSET_AP,3+i,help,3);
snprintf(help,5,"| %c",sta->wep?'y':'n');
display_string(display,GUI_OFFSET_WEP,3+i,help,4);
- snprintf(help,21,"| %04d | n.a. | n.a.",
- sta->count_mgmt);
+ snprintf(help,21,"| %04d | n.a. | %04d",
+ sta->count_mgmt,sta->count_data);
display_string(display,GUI_OFFSET_MGMT,3+i,help,20);
snprintf(help,5,"| %c",sta->active);
display_string(display,GUI_OFFSET_ACTIVE,3+i,help,4);
else strcpy(help,"(station)");
s=strlen(help);
display_string(display,23,1,help,s);
+ if(sta->wds) {
+ strcpy(help,"wds link");
+ display_string(display,60,1,help,8);
+ }
snprintf(help,2,"%c",sta->active);
display_string(display,x-1,1,help,1);
snprintf(help,7,"sq: %02d",sta->sq);
display_string(display,1,6,help,12);
snprintf(help,13,"data: %06d",sta->count_data);
display_string(display,1,7,help,12);
+
+ snprintf(help,33,"ethernet snap: %02x %02x %02x %02x %02x %02x",
+ sta->snap[0],sta->snap[1],sta->snap[2],
+ sta->snap[3],sta->snap[4],sta->snap[5]);
+ display_string(display,1,9,help,32);
+ snprintf(help,25,"bssid: %02x:%02x:%02x:%02x:%02x:%02x",
+ sta->bssid[0],sta->bssid[1],sta->bssid[2],
+ sta->bssid[3],sta->bssid[4],sta->bssid[5]);
+ display_string(display,1,10,help,24);
}
/* footer */
t_sta new_sta;
t_sta *sta;
unsigned char *package=NULL;
- //t_frame4_hdr *f4hdr;
+ t_frame4_hdr *f4hdr;
t_frame3_hdr *f3hdr;
//t_frame2_hdr *f2hdr;
//t_frame1_hdr *f1hdr;
t_beacon_fb *beacon_fb;
+ unsigned char *data;
t_prism_hdr *prismhdr=NULL;
int ret;
char string[MESSAGE_MAX];
char sc[MAX_SYSCALL_CHARS];
unsigned char new;
+ unsigned char foo;
info=(t_info *)ptr;
memset(&new_sta,0,sizeof(t_sta));
new=0;
+ foo=0;
if(info->dump_fd!=0) {
ret=write(info->dump_fd,pcap_header,sizeof(struct pcap_pkthdr));
display_console(info,"warning, package write failed!");
}
- /* maybe there is offset to the actual ieee802.11 frame,
- for example prism header ...
- in that case, hack the source! */
+ /* prism or ieee802.11 header ? */
if(info->mode&MODE_IEEE80211) {
package=(unsigned char *)pkg;
prismhdr=NULL;
/* data */
else if(FCTL_TYPE(package[0])==FCTL_TYPE_DATA) {
info->count_d++;
+
+ //if(FCTL_STYPE(package[0])==FCTL_STYPE_DATA) {
+ if(FCTL_TODS(package[0])&FCTL_FROMDS(package[0])) {
+ f4hdr=(t_frame4_hdr *)package;
+ data=package+sizeof(t_frame4_hdr);
+ memcpy(new_sta.addr,f4hdr->addr4,ADDR_LEN);
+ foo=1;
+ }
+ else {
+ f3hdr=(t_frame3_hdr *)package;
+ data=package+sizeof(t_frame3_hdr);
+ if(FCTL_TODS(package[0])) {
+ memcpy(new_sta.addr,f3hdr->addr2,ADDR_LEN);
+ memcpy(new_sta.bssid,f3hdr->addr1,ADDR_LEN);
+ }
+ else if(FCTL_FROMDS(package[0])) {
+ memcpy(new_sta.addr,f3hdr->addr3,ADDR_LEN);
+ memcpy(new_sta.bssid,f3hdr->addr2,ADDR_LEN);
+ }
+ else {
+ memcpy(new_sta.addr,f3hdr->addr2,ADDR_LEN);
+ memcpy(new_sta.bssid,f3hdr->addr3,ADDR_LEN);
+ }
+ }
+ ret=list_search_data(&(info->sniffed_sta),&new_sta,ADDR_LEN);
+ if((ret==L_EMPTY_LIST)|(ret==L_NO_SUCH_ELEMENT)) {
+ list_add_element(&(info->sniffed_sta),&new_sta,sizeof(t_sta));
+ sta=(t_sta *)info->sniffed_sta.current->data;
+ new=1;
+ }
+ else sta=(t_sta *)info->sniffed_sta.current->data;
+ // fill in stuff ...
+ sta->count_data++;
+ switch_active_state(&(sta->active));
+ if(info->mode&MODE_IEEE80211) sta->sq=0;
+ else if(info->mode&MODE_PRISM)
+ sta->sq=(prismhdr->signal.data)-(prismhdr->noise.data);
+ if(new) {
+ strcpy(sc,"flite 'new station. data package'");
+ system(sc);
+ }
+ if(foo) {
+ sta->wds=1;
+ strcpy(sc,"flite 'wds package'");
+ system(sc);
+ }
+ memcpy(sta->snap,data,6);
+ //}
+
display_console(info,"last: got data frame");
}
#define FCTL_ORDER(X) ((X&0x800)>>15)
#define FCTL_TYPE_MGMT 0
-#define FCTL_TYPE_CTRL 2
-#define FCTL_TYPE_DATA 1
+#define FCTL_TYPE_CTRL 1
+#define FCTL_TYPE_DATA 2
#define FCTL_STYPE_ASSOC_REQ 0x0
#define FCTL_STYPE_ASSOC_RESP 0x1
char ssid[MAX_SSID_LEN];
u8 ap;
u8 wep;
+ u8 wds;
int count_mgmt;
int count_ctrl;
int count_data;
char active;
char key[WEP_MAX_DIGITS];
int sq;
+ u8 snap[6];
+ u8 bssid[ADDR_LEN];
} t_sta;
/* function prototypes */
projects / my-code / hdw-sniff.git / commitdiff