From: hackbard Date: Thu, 27 Mar 2003 15:53:12 +0000 (+0000) Subject: moved old stuff to old/, added new stuff X-Git-Url: https://hackdaworld.org/gitweb/?a=commitdiff_plain;h=1bc659fa450df2108ab59b085e75564b7ac19995;p=my-code%2Fhdw-sniff.git moved old stuff to old/, added new stuff --- diff --git a/Makefile b/Makefile deleted file mode 100644 index 7169c03..0000000 --- a/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/make - -CC = gcc -CFLAGS = -O3 -LDFLAGS = -lpcap - -TARGETS = hdw-sniff - -all: $(TARGETS) - -hdw-sniff: - $(CC) $(CFLAGS) -Wall list.c hdw_outlib.c hdw-sniff.c $(LDFLAGS) \ - -o hdw-sniff -# $(CC) $(CFLAGS) -Wall hdw-sniff.c $(LDFLAGS) -o hdw-sniff - diff --git a/hdw-sniff.c b/hdw-sniff.c deleted file mode 100644 index bd0b8ed..0000000 --- a/hdw-sniff.c +++ /dev/null @@ -1,383 +0,0 @@ -/* - * hdw-sniff, sniffer using pcap lib - * - * author: hackbard@hackdaworld.dyndns.org - */ - -#define _GNU_SOURCE - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/* IEEE 802.3 stuff -- i will concentrate on .11 stuff before! */ -#include /* for ethhdr struct */ -#include /* ip */ -#include /* in_addr , inet_ntoa */ -#include /* tcp header and protocols */ - -/* IEEE 802.11 stuff -- will become one include later ... */ -#include "ieee80211.h" /* from hunz's aeolus, short hostap_wlan.h */ -#include "ieee802_11.h" /* from pcmcia-cs */ - -#include "hdw-sniff.h" /* my functions */ - -/* global variables */ -int file_fd=0; - -int main(int argc, char *argv[]) { - - char pcap_error[PCAP_ERRBUF_SIZE]; - pcap_t *pcap_handle; - int pcap_fd,foo_fd; - fd_set pcap_fd_set; - struct timeval fd_set_tv; - char sys_call[30]; - struct info_struct my_info_struct; - - /* parse the arguments */ - if(argc<3) { - printf("usage: %s \n", - argv[0]); - return 0; - } - if(argc!=4) { - printf("no logfile specified, writing to stdout ...\n"); - } - else { - if((file_fd=open(argv[3],O_RDWR | O_CREAT))!=0) { - printf("writing to logfile %s ...\n",argv[3]); - dprintf(file_fd,"|iv - --|id|crypted_snap - --|\n"); - } - else { - printf("can't open logfile. not logged to file!\n"); - } - } - - /* setting up device and set monitor mode */ - if(atoi(argv[2])==1) { - printf("setting to monitor mode\n"); - if(strncmp(argv[1],"wlan",4)==0) - sprintf(sys_call,"iwpriv %s monitor 3",argv[1]); - if(strncmp(argv[1],"eth",3)==0) - sprintf(sys_call,"ifconfig %s promisc",argv[1]); - system(sys_call); - } - printf("setting up interface\n"); - sprintf(sys_call,"ifconfig %s up",argv[1]); - system(sys_call); - - /* start pcap session */ - pcap_handle=pcap_open_live(argv[1],BUFSIZ,1,-1,pcap_error); - if(pcap_handle==NULL) { - printf("%s: %s\n",argv[0],pcap_error); - return 1; - } - - /* set non blocking */ - if((pcap_setnonblock(pcap_handle,1,pcap_error))==-1) { - printf("%s: %s\n",argv[0],pcap_error); - return 1; - } - - /* set info struct */ - my_info_struct.count=0; - my_info_struct.mmode=argv[2][0]; - my_info_struct.ssid_list=(struct list *)malloc(sizeof(struct list)); - my_info_struct.ssid_list->next=NULL; - // strcpy(my_info_struct.ssid_list->ssid,"test"); - strcpy(my_info_struct.dev,argv[1]); - - /* prepare for select */ - pcap_fd=pcap_fileno(pcap_handle); - - /* create file descriptor */ - if((foo_fd=socket(AF_INET,SOCK_DGRAM,0))==-1) { - printf("unable to create socket foo_fd\n"); - return -1; - } - - /* do loopp */ - while (1) { - - /* set pcap_fd */ - FD_ZERO(&pcap_fd_set); - FD_SET(pcap_fd,&pcap_fd_set); - fd_set_tv.tv_sec=0; - fd_set_tv.tv_usec=200000; - - if((select(pcap_fd+1,&pcap_fd_set,NULL,NULL,&fd_set_tv)) && (FD_ISSET(pcap_fd,&pcap_fd_set))) pcap_dispatch(pcap_handle,-1,pcap_process,(u_char *)&my_info_struct); - else if((hop_channel(&my_info_struct,foo_fd))==-1) { - printf("channelhopping failed, aborting\n"); - return -1; - } - } - return 0; -} - - -/* pcap_process callback function */ -void pcap_process(u_char *info,const struct pcap_pkthdr *pcap_header, - const u_char *package) { - - /* local variables */ - char tmp_buf[20],tmp_buf1[10],tmp_buf2[32]; - unsigned char crypted_snap[12]; - struct linux_wlan_ng_prism_hdr *prism_hdr; - struct ieee802_11_hdr *w_hdr; - struct snaphdr *snap_hdr; - struct beacon_struct *beacon_hdr; - struct ethhdr *e_hdr; - struct info_struct *my_info_struct; - int i,p_o,w_o,e_o,i_o,special_o=0; - - my_info_struct=(struct info_struct *)info; - ++(my_info_struct->count); - - /* cache offsets */ - p_o=((strncmp(my_info_struct->dev,"wlan",4)==0)?sizeof(struct linux_wlan_ng_prism_hdr):0); - w_o=((strncmp(my_info_struct->dev,"wlan",4)==0)?sizeof(struct ieee802_11_hdr):0); - e_o=sizeof(struct ethhdr); - i_o=sizeof(struct iphdr); - - /* new package */ - printf("\n"); - printf("---> package %d ---- %s",my_info_struct->count, - ctime((const time_t*)&(pcap_header->ts.tv_sec))); - - /* pcap header */ - printf("pcap header: "); - printf("capture_length(dec): %d\t",pcap_header->caplen); - printf("off_wire_length(dec): %d\n",pcap_header->len); - - /* wireless stuff */ - /* prism wlan ng headers */ - if((my_info_struct->mmode-0x30==1) & - (strncmp(my_info_struct->dev,"wlan",4)==0)) { - printf("prism header: (%d bytes)\n",p_o); - prism_hdr=(struct linux_wlan_ng_prism_hdr *)package; - printf("| message code/length: %d/%d |\t",prism_hdr->msgcode, - prism_hdr->msglen); - printf("device: %s |\n",prism_hdr->devname); - /* ieee802.11 header */ - - /* we need smaller w_hdr for non distributed frames */ - if((w_hdr->frame_ctl & (1<<8)) && (w_hdr->frame_ctl & (1<<9))) { - printf("=> distributed packet !!!!11\n"); - } else w_o-=(sizeof(struct snaphdr)-sizeof(unsigned short)); - - printf("ieee802.11 header: (%d bytes)\n",w_o); - w_hdr=(struct ieee802_11_hdr *)(package+p_o); - - printf("fc: "); - for(i=0;i<16;i++) - printf("%s%d%s",(i==0?"|":""), - (((w_hdr->frame_ctl) & (1<0?1:0), - (i==15?"|\n":"|")); - printf(" | v | t | s-t |t|f|m|r|p|m|w|o|\n"); - /* frame type */ - /* management */ - if(!(w_hdr->frame_ctl & 0x0c)) { - tmp_buf1[0]='\0'; tmp_buf2[0]='\0'; - if((w_hdr->frame_ctl & IEEE802_11_STYPE_ASSOC_REQ)>0) - strcpy(tmp_buf,"association request"); - else if((w_hdr->frame_ctl & IEEE802_11_STYPE_ASSOC_RESP)>0) - strcpy(tmp_buf,"association response"); - else if((w_hdr->frame_ctl & IEEE802_11_STYPE_REASSOC_REQ)>0) - strcpy(tmp_buf,"reassociation request"); - else if((w_hdr->frame_ctl & IEEE802_11_STYPE_REASSOC_RESP)>0) - strcpy(tmp_buf,"reassociation response"); - else if((w_hdr->frame_ctl & IEEE802_11_STYPE_PROBE_REQ)>0) - strcpy(tmp_buf,"probe request"); - else if((w_hdr->frame_ctl & IEEE802_11_STYPE_PROBE_RESP)>0) - strcpy(tmp_buf,"probe response"); - else if((w_hdr->frame_ctl & IEEE802_11_STYPE_BEACON)==IEEE802_11_STYPE_BEACON) { - beacon_hdr=(struct beacon_struct *)(package+p_o+w_o); - beacon_hdr->ssid_s.elementid==0?strcpy(tmp_buf1,"essid = ") - :strcpy(tmp_buf1,"ibssid = "); - strncpy(tmp_buf2,beacon_hdr->ssid_s.ssid, - beacon_hdr->ssid_s.length); - - tmp_buf2[beacon_hdr->ssid_s.length]='\0'; - strcpy(tmp_buf,"beacon"); - add_ssid_2_list(tmp_buf2,beacon_hdr->capability, - my_info_struct->ssid_list); - } - else if((w_hdr->frame_ctl & IEEE802_11_STYPE_ATIM)>0) - strcpy(tmp_buf,"announcement traffic indication message"); - else if((w_hdr->frame_ctl & IEEE802_11_STYPE_DISASSOC)>0) - strcpy(tmp_buf,"disassociation"); - else if((w_hdr->frame_ctl & IEEE802_11_STYPE_AUTH)>0) - strcpy(tmp_buf,"authentification"); - else if((w_hdr->frame_ctl & IEEE802_11_STYPE_DEAUTH)>0) - strcpy(tmp_buf,"deauthentification"); - else strcpy(tmp_buf,"impossible situation \%) - go mail the author."); - } - else strcpy(tmp_buf,"control or data frame type"); - - printf("=> %s\n",tmp_buf); - if((strlen(tmp_buf1)>0) && (strlen(tmp_buf2)>0)) printf(" %s%s\n", - tmp_buf1, - tmp_buf2); - printf("duration/id: 0x%x\n",w_hdr->duration_id); - printf("version check ... %s\n", - ((w_hdr->frame_ctl & IEEE802_11_FCTL_VERS)==0x00)? - "ok":"unknown"); - } - - /* ethernet */ - if((strncmp(my_info_struct->dev,"eth",3)==0) | - ((w_hdr->frame_ctl & IEEE802_11_FTYPE_DATA)==IEEE802_11_FTYPE_DATA)) { - - if((strncmp(my_info_struct->dev,"eth",3)==0)) { - printf("ethernet: (%d bytes)\n",e_o); - e_hdr=(struct ethhdr *)(package+p_o+w_o); - special_o=sizeof(struct ethhdr); - /* what types ? */ - printf("type = "); - printf("%x ",ntohs(e_hdr->h_proto)); - printf("dest_addr = "); - for(i=0;ih_dest+i),((i==ETH_ALEN-1)?" ":":")); - printf(" src_addr = "); - for(i=0;ih_source+i), - ((i==ETH_ALEN-1)?"\n":":")); - if((ntohs(e_hdr->h_proto)==ETH_P_IP)) - parse_ip(package+p_o+w_o+e_o); - } - else { - snap_hdr=(struct snaphdr *)(package+p_o+w_o); - if((snap_hdr->snap[0]==0xaa) & - (snap_hdr->snap[1]==0xaa) & - (snap_hdr->snap[2]==0x03) & - (snap_hdr->snap[3]==0x00) & - (snap_hdr->snap[4]==0x00) & - (snap_hdr->snap[5]==0x00)) { - printf("- no encryption!\n"); - if(snap_hdr->proto==ntohs(ETH_P_IP)) { - e_o=sizeof(struct snaphdr); - parse_ip((char *)(snap_hdr+e_o)); - } - - } - else { - printf("- crypted packet!\n"); - /* print crypted snap - write into file */ - printf("snap: (iv(3) + index(1) + crypted snap(6)) "); - for(i=0;i<10;i++) { - printf("%x ",*(snap_hdr->snap+i)); - crypted_snap[i]=*(snap_hdr->snap+i); - } - /* xor with plain - crypted_snap[4]^=0xaa; - crypted_snap[5]^=0xaa; - crypted_snap[6]^=0x03; - crypted_snap[7]^=0x00; - crypted_snap[8]^=0x00; - crypted_snap[9]^=0x00; - */ - - printf("\n"); - crypted_snap[10]='\0'; - crypted_snap[11]='\n'; - - if(file_fd>0) { - printf("debug: saved to file\n"); - dprintf(file_fd,IVLINE,IVL_ARGS); - } - } - } - } - - /* dump it */ -#ifdef SHOW_HEX - printf("all dump: (hex)\n"); - for(i=p_o+w_o+special_o;icaplen;i++) - printf("%x ",*(package+i)); - printf("\n"); -#endif -#ifdef DEBUG_CHAR - printf("all dump: (char)\n"); - for(i=p_o+w_o;icaplen;i++) - printf("%c ",*(package+i)); - printf("\n"); -#endif -} - -int hop_channel(struct info_struct *info,int foo_fd) { - if((info->mmode-0x30==1) && (strncmp(info->dev,"wlan",4)==0)) { - - struct iwreq my_iwreq; - - if (info->channel>=C_MAX) info->channel=1; - - memset(&my_iwreq,0,sizeof(my_iwreq)); - strcpy(my_iwreq.ifr_name,info->dev); - my_iwreq.u.freq.e=0; - my_iwreq.u.freq.m=info->channel; - if((ioctl(foo_fd,SIOCSIWFREQ,&my_iwreq))==-1) { - printf("unable to hop channels\n"); - perror("ioctl"); - return -1; - } - ++(info->channel); - } - return 0; -} - -int parse_ip(char *ip_o) { - struct iphdr *ip_hdr; - int i; - - printf("ip protocol:\n"); - ip_hdr=(struct iphdr *)ip_o; - printf("version = %x ",ip_hdr->version); - printf("header_length = %x \n",ip_hdr->ihl); - printf("service = %x ",ip_hdr->tos); - printf("total_length(dec.) = %d \n",ip_hdr->tot_len); - printf("source_ip: "); - for(i=0;i<=3;++i) { - printf("%d%s", - (ip_hdr->saddr&(0xff<<(8*i)))>>(8*i), - (i==3?"\n":".")); - } - printf("destination_ip: "); - for(i=0;i<=3;++i) { - printf("%d%s", - (ip_hdr->daddr&(0xff<<(8*i)))>>(8*i), - (i==3?"\n":".")); - } - printf("ip_id = %x ",ntohs(ip_hdr->id)); - printf("ip_offset = %x \n",ip_hdr->frag_off); - printf("time2live = %x ip_proto = %x\n",ip_hdr->ttl,ip_hdr->protocol); - /* how to continue */ - if(ip_hdr->protocol==IPPROTO_TCP) - parse_tcp(ip_hdr+sizeof(struct iphdr)); - if(ip_hdr->protocol==IPPROTO_UDP) - printf("udp package! get's parsed in the future\n"); - // printf("chksum: %x\n",ntohs(ip_hdr->ip_sum)); -} - -int parse_tcp(char *tcp_o) { - struct tcphdr *tcp_hdr; - - printf("tcp protocol:\n"); - tcp_hdr=(struct tcphdr *)tcp_o; - printf("source port: %d - dest port: %d\n",ntohs(tcp_hdr->source), - ntohs(tcp_hdr->dest)); - printf("sequence: %d - ack sequence: %d\n",ntohs(tcp_hdr->seq), - ntohs(tcp_hdr->ack_seq)); - printf("offset to data: %d - checksumm: %d\n",ntohs(tcp_hdr->doff) - ,ntohs(tcp_hdr->check)); - return 1; -} diff --git a/hdw-sniff.h b/hdw-sniff.h deleted file mode 100644 index 83d4dbd..0000000 --- a/hdw-sniff.h +++ /dev/null @@ -1,54 +0,0 @@ -#include -#include "list.h" - -#define C_MAX 14 -#define IVLINE "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n" -#define cs(n) crypted_snap[n] -#define IVL_ARGS cs(0),cs(1),cs(2),cs(3),cs(4),cs(5),cs(6),cs(7),cs(8),cs(9) - -/* the pcap_process callback function */ -void pcap_process(u_char *count,const struct pcap_pkthdr *pcap_header, - const u_char *package); - -/* snap header struct */ -struct snaphdr { - unsigned char snap[6]; /* the six magic snap chars */ - unsigned short proto; /* protocol type */ -} __attribute__ ((packed)); - -/* info struct */ -struct info_struct { - int count; /* count packages */ - char dev[10]; /* device */ - char mmode; /* monitor type ... and later more */ - int channel; /* current freq channel */ - struct list *ssid_list; /* pointer to ssid list */ -}; - -/* hop_chanel function */ -int hop_channel(struct info_struct *info,int foo_fd); -int parse_ip(char *ip_o); -int parse_tcp(char *tcp_o); - -/* ssid struct */ -struct ssid_struct { - unsigned char elementid; /* element id */ - unsigned char length; /* length of ssid */ - unsigned char ssid[32]; /* ssid */ -} __attribute__ ((packed)); - -/* beacon header */ -struct beacon_struct { - long long timestamp; /* time stamp */ - unsigned short interval; /* beacon interval field */ - unsigned short capability; /* capability field */ - struct ssid_struct ssid_s; /* ssid field */ -} __attribute__ ((packed)); - -/* association request header */ -struct asso_req_struct { - unsigned short capability; /* capability field */ - unsigned short listeninterval; /* listen interval field */ - unsigned short ssid; /* ssid field */ - /* supported rates missing */ -} __attribute__ ((packed)); diff --git a/hdw_outlib.c b/hdw_outlib.c deleted file mode 100644 index bc552cc..0000000 --- a/hdw_outlib.c +++ /dev/null @@ -1,52 +0,0 @@ -/* call out ieee802.11 information - * - * author: hackbard - * - */ - -#define _GNU_SOURCE - -#include -#include -#include -#include -#include -#include -#include - -char sys_call[20]; - -int tell_ssid(char *ssid) { - sprintf(sys_call,"flite \"new ssid. %s\"",ssid); - system(sys_call); - return 1; -} - -int lcd_ssid(char *ssid,unsigned short cap) { - int lcd_fd; - char lcd_com[2]; - char c_msg[7]; - - if((lcd_fd=open("/dev/lcd",O_WRONLY|O_NDELAY)) <= 0) { - printf("failed to open lcd device"); - exit -1; - } - - printf("debug: lcd_fd = %d\n",lcd_fd); - strcpy(sys_call,ssid); - lcd_com[0]=27; - lcd_com[1]='c'; - write(lcd_fd,lcd_com,sizeof(lcd_com)); - lcd_com[0]=27; - lcd_com[1]='h'; - write(lcd_fd,lcd_com,sizeof(lcd_com)); - if((1<<4 & cap)) sprintf(c_msg," wep"); - else sprintf(c_msg," no_wep"); - dprintf(lcd_fd,"ssid: %s\ncap: %x%s",sys_call,cap,c_msg); - // write(lcd_fd,sys_call,sizeof(sys_call)); - close(lcd_fd); - return 1; -} - - - diff --git a/hdw_outlib.h b/hdw_outlib.h deleted file mode 100644 index 8fd1149..0000000 --- a/hdw_outlib.h +++ /dev/null @@ -1,10 +0,0 @@ -/* outlib.h - prototypes - * - * author: hackbard - * - */ - -/* prototypes */ -int tell_ssid(char *ssid); -int lcd_ssid(char *ssidi,unsigned short cap); - diff --git a/ieee80211.h b/ieee80211.h deleted file mode 100644 index d3b2453..0000000 --- a/ieee80211.h +++ /dev/null @@ -1,141 +0,0 @@ -#ifndef IEEE80211_H -#define IEEE80211_H - -typedef unsigned int u32; -typedef unsigned short u16; -typedef unsigned char u8; - -#include -#if __BYTE_ORDER == __LITTLE_ENDIAN -#define le_to_host16(n) (n) -#define host_to_le32(n) (n) -#else -#include -#define le_to_host16(n) bswap_16(n) -#define host_to_le32(n) bswap_32(n) -#endif - -struct linux_wlan_ng_val { - u32 did; - u16 status, len; - u32 data; -} __attribute__ ((packed)); - -struct linux_wlan_ng_prism_hdr { - u32 msgcode, msglen; - char devname[16]; - struct linux_wlan_ng_val hosttime, mactime, channel, rssi, sq, signal, - noise, rate, istx, frmlen; -} __attribute__ ((packed)); - -#define BIT(x) (1 << (x)) - -#define WLAN_FC_PVER (BIT(1) | BIT(0)) -#define WLAN_FC_TODS BIT(8) -#define WLAN_FC_FROMDS BIT(9) -#define WLAN_FC_MOREFRAG BIT(10) -#define WLAN_FC_RETRY BIT(11) -#define WLAN_FC_PWRMGT BIT(12) -#define WLAN_FC_MOREDATA BIT(13) -#define WLAN_FC_ISWEP BIT(14) -#define WLAN_FC_ORDER BIT(15) - -#define WLAN_FC_GET_TYPE(fc) (((fc) & (BIT(3) | BIT(2))) >> 2) -#define WLAN_FC_GET_STYPE(fc) \ - (((fc) & (BIT(7) | BIT(6) | BIT(5) | BIT(4))) >> 4) - -#define WLAN_GET_SEQ_FRAG(seq) ((seq) & (BIT(3) | BIT(2) | BIT(1) | BIT(0))) -#define WLAN_GET_SEQ_SEQ(seq) \ - (((seq) & (~(BIT(3) | BIT(2) | BIT(1) | BIT(0)))) >> 4) - -#define WLAN_FC_TYPE_MGMT 0 -#define WLAN_FC_TYPE_CTRL 1 -#define WLAN_FC_TYPE_DATA 2 - -/* management */ -#define WLAN_FC_STYPE_ASSOC_REQ 0 -#define WLAN_FC_STYPE_ASSOC_RESP 1 -#define WLAN_FC_STYPE_REASSOC_REQ 2 -#define WLAN_FC_STYPE_REASSOC_RESP 3 -#define WLAN_FC_STYPE_PROBE_REQ 4 -#define WLAN_FC_STYPE_PROBE_RESP 5 -#define WLAN_FC_STYPE_BEACON 8 -#define WLAN_FC_STYPE_ATIM 9 -#define WLAN_FC_STYPE_DISASSOC 10 -#define WLAN_FC_STYPE_AUTH 11 -#define WLAN_FC_STYPE_DEAUTH 12 - -/* control */ -#define WLAN_FC_STYPE_PSPOLL 10 -#define WLAN_FC_STYPE_RTS 11 -#define WLAN_FC_STYPE_CTS 12 -#define WLAN_FC_STYPE_ACK 13 -#define WLAN_FC_STYPE_CFEND 14 -#define WLAN_FC_STYPE_CFENDACK 15 - -/* data */ -#define WLAN_FC_STYPE_DATA 0 -#define WLAN_FC_STYPE_DATA_CFACK 1 -#define WLAN_FC_STYPE_DATA_CFPOLL 2 -#define WLAN_FC_STYPE_DATA_CFACKPOLL 3 -#define WLAN_FC_STYPE_NULLFUNC 4 -#define WLAN_FC_STYPE_CFACK 5 -#define WLAN_FC_STYPE_CFPOLL 6 -#define WLAN_FC_STYPE_CFACKPOLL 7 - -/* Authentication algorithms */ -#define WLAN_AUTH_OPEN 0 -#define WLAN_AUTH_SHARED_KEY 1 - -#define WLAN_AUTH_CHALLENGE_LEN 128 - -#define WLAN_CAPABILITY_ESS BIT(0) -#define WLAN_CAPABILITY_IBSS BIT(1) -#define WLAN_CAPABILITY_CF_POLLABLE BIT(2) -#define WLAN_CAPABILITY_CF_POLL_REQUEST BIT(3) -#define WLAN_CAPABILITY_PRIVACY BIT(4) - -/* Status codes */ -#define WLAN_STATUS_SUCCESS 0 -#define WLAN_STATUS_UNSPECIFIED_FAILURE 1 -#define WLAN_STATUS_CAPS_UNSUPPORTED 10 -#define WLAN_STATUS_REASSOC_NO_ASSOC 11 -#define WLAN_STATUS_ASSOC_DENIED_UNSPEC 12 -#define WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG 13 -#define WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION 14 -#define WLAN_STATUS_CHALLENGE_FAIL 15 -#define WLAN_STATUS_AUTH_TIMEOUT 16 -#define WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA 17 -#define WLAN_STATUS_ASSOC_DENIED_RATES 18 -/* 802.11b */ -#define WLAN_STATUS_ASSOC_DENIED_NOSHORT 19 -#define WLAN_STATUS_ASSOC_DENIED_NOPBCC 20 -#define WLAN_STATUS_ASSOC_DENIED_NOAGILITY 21 - -/* Reason codes */ -#define WLAN_REASON_UNSPECIFIED 1 -#define WLAN_REASON_PREV_AUTH_NOT_VALID 2 -#define WLAN_REASON_DEAUTH_LEAVING 3 -#define WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY 4 -#define WLAN_REASON_DISASSOC_AP_BUSY 5 -#define WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA 6 -#define WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA 7 -#define WLAN_REASON_DISASSOC_STA_HAS_LEFT 8 -#define WLAN_REASON_STA_REQ_ASSOC_WITHOUT_AUTH 9 - - -/* Information Element IDs */ -#define WLAN_EID_SSID 0 -#define WLAN_EID_SUPP_RATES 1 -#define WLAN_EID_FH_PARAMS 2 -#define WLAN_EID_DS_PARAMS 3 -#define WLAN_EID_CF_PARAMS 4 -#define WLAN_EID_TIM 5 -#define WLAN_EID_IBSS_PARAMS 6 -#define WLAN_EID_CHALLENGE 16 - - -#define MAC2STR(a) (a)[0], (a)[1], (a)[2], (a)[3], (a)[4], (a)[5] -#define MACSTR "%02x:%02x:%02x:%02x:%02x:%02x" - -#endif diff --git a/ieee802_11.h b/ieee802_11.h deleted file mode 100644 index e399f13..0000000 --- a/ieee802_11.h +++ /dev/null @@ -1,73 +0,0 @@ -#ifndef _IEEE802_11_H -#define _IEEE802_11_H - -#define IEEE802_11_DATA_LEN 2304 -/* Actually, the standard seems to be inconsistent about what the - maximum frame size really is. S6.2.1.1.2 says 2304 octets, but the - figure in section 7.1.2 says 2312 octects. */ -#define IEEE802_11_HLEN 30 -#define IEEE802_11_FRAME_LEN (IEEE802_11_DATA_LEN + IEEE802_11_HLEN) - -struct ieee802_11_hdr { - u16 frame_ctl; - u16 duration_id; - u8 addr1[ETH_ALEN]; - u8 addr2[ETH_ALEN]; - u8 addr3[ETH_ALEN]; - u16 seq_ctl; - u8 addr4[ETH_ALEN]; -} __attribute__ ((packed)); - -/* Frame control field constants */ -#define IEEE802_11_FCTL_VERS 0x0002 -#define IEEE802_11_FCTL_FTYPE 0x000c -#define IEEE802_11_FCTL_STYPE 0x00f0 -#define IEEE802_11_FCTL_TODS 0x0100 -#define IEEE802_11_FCTL_FROMDS 0x0200 -#define IEEE802_11_FCTL_MOREFRAGS 0x0400 -#define IEEE802_11_FCTL_RETRY 0x0800 -#define IEEE802_11_FCTL_PM 0x1000 -#define IEEE802_11_FCTL_MOREDATA 0x2000 -#define IEEE802_11_FCTL_WEP 0x4000 -#define IEEE802_11_FCTL_ORDER 0x8000 - -#define IEEE802_11_FTYPE_MGMT 0x0000 -#define IEEE802_11_FTYPE_CTL 0x0004 -#define IEEE802_11_FTYPE_DATA 0x0008 - -/* management */ -#define IEEE802_11_STYPE_ASSOC_REQ 0x0000 -#define IEEE802_11_STYPE_ASSOC_RESP 0x0010 -#define IEEE802_11_STYPE_REASSOC_REQ 0x0020 -#define IEEE802_11_STYPE_REASSOC_RESP 0x0030 -#define IEEE802_11_STYPE_PROBE_REQ 0x0040 -#define IEEE802_11_STYPE_PROBE_RESP 0x0050 -#define IEEE802_11_STYPE_BEACON 0x0080 -#define IEEE802_11_STYPE_ATIM 0x0090 -#define IEEE802_11_STYPE_DISASSOC 0x00A0 -#define IEEE802_11_STYPE_AUTH 0x00B0 -#define IEEE802_11_STYPE_DEAUTH 0x00C0 - -/* control */ -#define IEEE802_11_STYPE_PSPOLL 0x00A0 -#define IEEE802_11_STYPE_RTS 0x00B0 -#define IEEE802_11_STYPE_CTS 0x00C0 -#define IEEE802_11_STYPE_ACK 0x00D0 -#define IEEE802_11_STYPE_CFEND 0x00E0 -#define IEEE802_11_STYPE_CFENDACK 0x00F0 - -/* data */ -#define IEEE802_11_STYPE_DATA 0x0000 -#define IEEE802_11_STYPE_DATA_CFACK 0x0010 -#define IEEE802_11_STYPE_DATA_CFPOLL 0x0020 -#define IEEE802_11_STYPE_DATA_CFACKPOLL 0x0030 -#define IEEE802_11_STYPE_NULLFUNC 0x0040 -#define IEEE802_11_STYPE_CFACK 0x0050 -#define IEEE802_11_STYPE_CFPOLL 0x0060 -#define IEEE802_11_STYPE_CFACKPOLL 0x0070 - -#define IEEE802_11_SCTL_FRAG 0x000F -#define IEEE802_11_SCTL_SEQ 0xFFF0 - -#endif /* _IEEE802_11_H */ - diff --git a/list.c b/list.c deleted file mode 100644 index 3b4946e..0000000 --- a/list.c +++ /dev/null @@ -1,33 +0,0 @@ -/* manage sniffed stuff in linked lists - * - * author: hackbard@hackdaworld.dyndns.org - * - */ - -#include "hdw_outlib.h" -#include "list.h" -#include -#include -#include - - -// char sys_call[20]; - -int add_ssid_2_list(char *ssid,unsigned short cap,struct list *my_list) { - - struct list *new_entry; - - if(my_list->next==NULL) { - tell_ssid(ssid); - lcd_ssid(ssid,cap); - new_entry=(struct list *)malloc(sizeof(struct list)); - my_list->next=new_entry; - strcpy(my_list->ssid,ssid); - new_entry->next=NULL; - } else if(!strcmp(my_list->ssid,ssid)) { - /* do nothing! */ - } else { - add_ssid_2_list(ssid,cap,my_list->next); - } - return 1; -} diff --git a/list.h b/list.h deleted file mode 100644 index 075bc50..0000000 --- a/list.h +++ /dev/null @@ -1,13 +0,0 @@ -/* - * list header file - * - */ - -/* data structures */ -struct list { - char ssid[32]; /* ssid */ - struct list *next; /* pointer to next list */ -}; - -/* prototypes */ -int add_ssid_2_list(char *ssid,unsigned short cap, struct list *my_list); diff --git a/main.c b/main.c new file mode 100644 index 0000000..2926a76 --- /dev/null +++ b/main.c @@ -0,0 +1,129 @@ +/* + * main.c - main hdw-sniff + * + * author: hackbard@hackdaworld.dyndns.org + * + */ + +#include +#include "main.h" + +/* functions */ +int usage(void) +{ + puts("usage: hdw-sniff "); + puts("\toptions:\t-m \t1 monitoring, 2 managed"); + puts("\t\t-d \twlan0,eth0"); + puts("\t\t-l "); + puts("\t\t-h \tdisplay this help message"); + return -23; +} + +int hop_channel(info_struct *info) +{ + struct iwreq iwreq; + if(info->current_channel>=CHANNEL_MAX) info->current_channel=1; + memset(&iwreq,0,sizeof(iwreq)); + strcpy(iwreq.ifr_name,info->device); + iwreq.u.freq.e=0; + iwreq.u.freq.m=info->current_channel; + if(ioctl(info->channel_hop_fd,SIOCSIWFREQ,&iwreq)<0) + { + puts("unable to hop channel"); + perror("ioctl"); + return -23; + } + ++(info->current_channel; + return 23; +} + +int main(int argc, char **argv) +{ + /* local variables */ + char pcap_error[PCAP_ERRBUF_SIZE]; + char sys_call[SYSCALL_MAX]; + + int pcap_fd,channel_hop_fd;; + int i; + + fd_set pcap_fd_set; + struct timeval pcap_fd_set_tv; + + struct info_struct info; + + + memset(&info,0,sizeof(struct info_struct)); + /* default values */ + info.caps=0; + info.logfile_fd=0; + info.quit=0; + + /* parse arguments */ + for(i=1;i %s\n",argv[i+1]); + else + puts("warning: can't write to logfile."); + ++i; + break; + case 'd': + strncpy(info.device,argv[i+1],MAX_DEV_CHARS); + ++i; + break; + } + } else usage(); + } + + /* setting up device */ + if((info.caps&CAP_MODE_MASK)==MONITORING_MODE) + { + sprintf(sys_call,"iwpriv %s monitor %d",info.device,IWPRIV_M_MODE); + system(sys_call); + puts("set monitoring mode ..."); + } + sprintf(sys_call,"ifconfig %s up",info.device); + system(sys_call); + puts("device up ..."); + + /* pcap */ + if((info.pcap_handle=pcap_open_live(info.device,BUFSIZ,1,-1,pcap_error))==NULL) + { + printf("%s: %s\n",argv[0],pcap_error); + return -23; + } + pcap_fd=pcap_fileno(pcap_handle); + /* -> non blocking? */ + + info.channel_hop_fd=socket(AF_INET,SOCK_DGRAM,0); + /* socket fd for channel hopping */ + + /* watch pcap_fd for reading */ + FD_ZERO(&pcap_fd); + FD_SET(pcap_fd,&pcap_fd_set); + fd_set_tv.tv_sec=PCAP_SELECT_SEC; + pcap_fd_set_tv.tv_usec=PCAP_SELECT_USEC; + + /* parse packages until user breaks */ + while(!(info.caps&CAP_QUIT_MASK)) + { + if(select(pcap_fd+1,&pcap_fd_set,NULL,NULL,&pcap_fd_set_tv)) + pcap_dispatch(pcap_handle,-1,parse_package,(unsigned char *)&info); + else + hop_channel(&info); + } + + puts("bugreports: hackbard@hackdaworld.dyndns.org"); + return 23; +} diff --git a/main.h b/main.h new file mode 100644 index 0000000..4d9b7b6 --- /dev/null +++ b/main.h @@ -0,0 +1,37 @@ +/* + * main.h - main header file + * + * author: hackbard@hackdaworld.dyndns.org + * + */ + +#include + + +#define SYSCALL_MAX 32 +#define MAX_DEV_CHARS 6 +#define PCAP_SELECT_SEC 0 +#define PCAP_SELECT_USEC 200000 + +#define CAP_MODE_MASK 0x01 +#define CAP_QUIT_MASK 0x02 + +#define MONITORING_MODE 0x01 +#define MANAGED_MODE 0x00 +#define QUIT_MODE 0x02 + +#define IWPRIV_M_MODE 3 + + +/* typedefinitions */ +struct info_struct +{ + unsigned char caps; /* capabilities */ + int logfile_fd; /* file descriptof for logfile */ + char device[MAX_DEV_CHARS]; /* sniffed devie */ + int channel_hop_fd; /* fd for channel hopping */ +}; + + +/* function prototypes */ +int usage(void); diff --git a/old/Makefile b/old/Makefile new file mode 100644 index 0000000..7169c03 --- /dev/null +++ b/old/Makefile @@ -0,0 +1,15 @@ +#!/usr/bin/make + +CC = gcc +CFLAGS = -O3 +LDFLAGS = -lpcap + +TARGETS = hdw-sniff + +all: $(TARGETS) + +hdw-sniff: + $(CC) $(CFLAGS) -Wall list.c hdw_outlib.c hdw-sniff.c $(LDFLAGS) \ + -o hdw-sniff +# $(CC) $(CFLAGS) -Wall hdw-sniff.c $(LDFLAGS) -o hdw-sniff + diff --git a/old/hdw-sniff.c b/old/hdw-sniff.c new file mode 100644 index 0000000..bd0b8ed --- /dev/null +++ b/old/hdw-sniff.c @@ -0,0 +1,383 @@ +/* + * hdw-sniff, sniffer using pcap lib + * + * author: hackbard@hackdaworld.dyndns.org + */ + +#define _GNU_SOURCE + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/* IEEE 802.3 stuff -- i will concentrate on .11 stuff before! */ +#include /* for ethhdr struct */ +#include /* ip */ +#include /* in_addr , inet_ntoa */ +#include /* tcp header and protocols */ + +/* IEEE 802.11 stuff -- will become one include later ... */ +#include "ieee80211.h" /* from hunz's aeolus, short hostap_wlan.h */ +#include "ieee802_11.h" /* from pcmcia-cs */ + +#include "hdw-sniff.h" /* my functions */ + +/* global variables */ +int file_fd=0; + +int main(int argc, char *argv[]) { + + char pcap_error[PCAP_ERRBUF_SIZE]; + pcap_t *pcap_handle; + int pcap_fd,foo_fd; + fd_set pcap_fd_set; + struct timeval fd_set_tv; + char sys_call[30]; + struct info_struct my_info_struct; + + /* parse the arguments */ + if(argc<3) { + printf("usage: %s \n", + argv[0]); + return 0; + } + if(argc!=4) { + printf("no logfile specified, writing to stdout ...\n"); + } + else { + if((file_fd=open(argv[3],O_RDWR | O_CREAT))!=0) { + printf("writing to logfile %s ...\n",argv[3]); + dprintf(file_fd,"|iv - --|id|crypted_snap - --|\n"); + } + else { + printf("can't open logfile. not logged to file!\n"); + } + } + + /* setting up device and set monitor mode */ + if(atoi(argv[2])==1) { + printf("setting to monitor mode\n"); + if(strncmp(argv[1],"wlan",4)==0) + sprintf(sys_call,"iwpriv %s monitor 3",argv[1]); + if(strncmp(argv[1],"eth",3)==0) + sprintf(sys_call,"ifconfig %s promisc",argv[1]); + system(sys_call); + } + printf("setting up interface\n"); + sprintf(sys_call,"ifconfig %s up",argv[1]); + system(sys_call); + + /* start pcap session */ + pcap_handle=pcap_open_live(argv[1],BUFSIZ,1,-1,pcap_error); + if(pcap_handle==NULL) { + printf("%s: %s\n",argv[0],pcap_error); + return 1; + } + + /* set non blocking */ + if((pcap_setnonblock(pcap_handle,1,pcap_error))==-1) { + printf("%s: %s\n",argv[0],pcap_error); + return 1; + } + + /* set info struct */ + my_info_struct.count=0; + my_info_struct.mmode=argv[2][0]; + my_info_struct.ssid_list=(struct list *)malloc(sizeof(struct list)); + my_info_struct.ssid_list->next=NULL; + // strcpy(my_info_struct.ssid_list->ssid,"test"); + strcpy(my_info_struct.dev,argv[1]); + + /* prepare for select */ + pcap_fd=pcap_fileno(pcap_handle); + + /* create file descriptor */ + if((foo_fd=socket(AF_INET,SOCK_DGRAM,0))==-1) { + printf("unable to create socket foo_fd\n"); + return -1; + } + + /* do loopp */ + while (1) { + + /* set pcap_fd */ + FD_ZERO(&pcap_fd_set); + FD_SET(pcap_fd,&pcap_fd_set); + fd_set_tv.tv_sec=0; + fd_set_tv.tv_usec=200000; + + if((select(pcap_fd+1,&pcap_fd_set,NULL,NULL,&fd_set_tv)) && (FD_ISSET(pcap_fd,&pcap_fd_set))) pcap_dispatch(pcap_handle,-1,pcap_process,(u_char *)&my_info_struct); + else if((hop_channel(&my_info_struct,foo_fd))==-1) { + printf("channelhopping failed, aborting\n"); + return -1; + } + } + return 0; +} + + +/* pcap_process callback function */ +void pcap_process(u_char *info,const struct pcap_pkthdr *pcap_header, + const u_char *package) { + + /* local variables */ + char tmp_buf[20],tmp_buf1[10],tmp_buf2[32]; + unsigned char crypted_snap[12]; + struct linux_wlan_ng_prism_hdr *prism_hdr; + struct ieee802_11_hdr *w_hdr; + struct snaphdr *snap_hdr; + struct beacon_struct *beacon_hdr; + struct ethhdr *e_hdr; + struct info_struct *my_info_struct; + int i,p_o,w_o,e_o,i_o,special_o=0; + + my_info_struct=(struct info_struct *)info; + ++(my_info_struct->count); + + /* cache offsets */ + p_o=((strncmp(my_info_struct->dev,"wlan",4)==0)?sizeof(struct linux_wlan_ng_prism_hdr):0); + w_o=((strncmp(my_info_struct->dev,"wlan",4)==0)?sizeof(struct ieee802_11_hdr):0); + e_o=sizeof(struct ethhdr); + i_o=sizeof(struct iphdr); + + /* new package */ + printf("\n"); + printf("---> package %d ---- %s",my_info_struct->count, + ctime((const time_t*)&(pcap_header->ts.tv_sec))); + + /* pcap header */ + printf("pcap header: "); + printf("capture_length(dec): %d\t",pcap_header->caplen); + printf("off_wire_length(dec): %d\n",pcap_header->len); + + /* wireless stuff */ + /* prism wlan ng headers */ + if((my_info_struct->mmode-0x30==1) & + (strncmp(my_info_struct->dev,"wlan",4)==0)) { + printf("prism header: (%d bytes)\n",p_o); + prism_hdr=(struct linux_wlan_ng_prism_hdr *)package; + printf("| message code/length: %d/%d |\t",prism_hdr->msgcode, + prism_hdr->msglen); + printf("device: %s |\n",prism_hdr->devname); + /* ieee802.11 header */ + + /* we need smaller w_hdr for non distributed frames */ + if((w_hdr->frame_ctl & (1<<8)) && (w_hdr->frame_ctl & (1<<9))) { + printf("=> distributed packet !!!!11\n"); + } else w_o-=(sizeof(struct snaphdr)-sizeof(unsigned short)); + + printf("ieee802.11 header: (%d bytes)\n",w_o); + w_hdr=(struct ieee802_11_hdr *)(package+p_o); + + printf("fc: "); + for(i=0;i<16;i++) + printf("%s%d%s",(i==0?"|":""), + (((w_hdr->frame_ctl) & (1<0?1:0), + (i==15?"|\n":"|")); + printf(" | v | t | s-t |t|f|m|r|p|m|w|o|\n"); + /* frame type */ + /* management */ + if(!(w_hdr->frame_ctl & 0x0c)) { + tmp_buf1[0]='\0'; tmp_buf2[0]='\0'; + if((w_hdr->frame_ctl & IEEE802_11_STYPE_ASSOC_REQ)>0) + strcpy(tmp_buf,"association request"); + else if((w_hdr->frame_ctl & IEEE802_11_STYPE_ASSOC_RESP)>0) + strcpy(tmp_buf,"association response"); + else if((w_hdr->frame_ctl & IEEE802_11_STYPE_REASSOC_REQ)>0) + strcpy(tmp_buf,"reassociation request"); + else if((w_hdr->frame_ctl & IEEE802_11_STYPE_REASSOC_RESP)>0) + strcpy(tmp_buf,"reassociation response"); + else if((w_hdr->frame_ctl & IEEE802_11_STYPE_PROBE_REQ)>0) + strcpy(tmp_buf,"probe request"); + else if((w_hdr->frame_ctl & IEEE802_11_STYPE_PROBE_RESP)>0) + strcpy(tmp_buf,"probe response"); + else if((w_hdr->frame_ctl & IEEE802_11_STYPE_BEACON)==IEEE802_11_STYPE_BEACON) { + beacon_hdr=(struct beacon_struct *)(package+p_o+w_o); + beacon_hdr->ssid_s.elementid==0?strcpy(tmp_buf1,"essid = ") + :strcpy(tmp_buf1,"ibssid = "); + strncpy(tmp_buf2,beacon_hdr->ssid_s.ssid, + beacon_hdr->ssid_s.length); + + tmp_buf2[beacon_hdr->ssid_s.length]='\0'; + strcpy(tmp_buf,"beacon"); + add_ssid_2_list(tmp_buf2,beacon_hdr->capability, + my_info_struct->ssid_list); + } + else if((w_hdr->frame_ctl & IEEE802_11_STYPE_ATIM)>0) + strcpy(tmp_buf,"announcement traffic indication message"); + else if((w_hdr->frame_ctl & IEEE802_11_STYPE_DISASSOC)>0) + strcpy(tmp_buf,"disassociation"); + else if((w_hdr->frame_ctl & IEEE802_11_STYPE_AUTH)>0) + strcpy(tmp_buf,"authentification"); + else if((w_hdr->frame_ctl & IEEE802_11_STYPE_DEAUTH)>0) + strcpy(tmp_buf,"deauthentification"); + else strcpy(tmp_buf,"impossible situation \%) - go mail the author."); + } + else strcpy(tmp_buf,"control or data frame type"); + + printf("=> %s\n",tmp_buf); + if((strlen(tmp_buf1)>0) && (strlen(tmp_buf2)>0)) printf(" %s%s\n", + tmp_buf1, + tmp_buf2); + printf("duration/id: 0x%x\n",w_hdr->duration_id); + printf("version check ... %s\n", + ((w_hdr->frame_ctl & IEEE802_11_FCTL_VERS)==0x00)? + "ok":"unknown"); + } + + /* ethernet */ + if((strncmp(my_info_struct->dev,"eth",3)==0) | + ((w_hdr->frame_ctl & IEEE802_11_FTYPE_DATA)==IEEE802_11_FTYPE_DATA)) { + + if((strncmp(my_info_struct->dev,"eth",3)==0)) { + printf("ethernet: (%d bytes)\n",e_o); + e_hdr=(struct ethhdr *)(package+p_o+w_o); + special_o=sizeof(struct ethhdr); + /* what types ? */ + printf("type = "); + printf("%x ",ntohs(e_hdr->h_proto)); + printf("dest_addr = "); + for(i=0;ih_dest+i),((i==ETH_ALEN-1)?" ":":")); + printf(" src_addr = "); + for(i=0;ih_source+i), + ((i==ETH_ALEN-1)?"\n":":")); + if((ntohs(e_hdr->h_proto)==ETH_P_IP)) + parse_ip(package+p_o+w_o+e_o); + } + else { + snap_hdr=(struct snaphdr *)(package+p_o+w_o); + if((snap_hdr->snap[0]==0xaa) & + (snap_hdr->snap[1]==0xaa) & + (snap_hdr->snap[2]==0x03) & + (snap_hdr->snap[3]==0x00) & + (snap_hdr->snap[4]==0x00) & + (snap_hdr->snap[5]==0x00)) { + printf("- no encryption!\n"); + if(snap_hdr->proto==ntohs(ETH_P_IP)) { + e_o=sizeof(struct snaphdr); + parse_ip((char *)(snap_hdr+e_o)); + } + + } + else { + printf("- crypted packet!\n"); + /* print crypted snap - write into file */ + printf("snap: (iv(3) + index(1) + crypted snap(6)) "); + for(i=0;i<10;i++) { + printf("%x ",*(snap_hdr->snap+i)); + crypted_snap[i]=*(snap_hdr->snap+i); + } + /* xor with plain + crypted_snap[4]^=0xaa; + crypted_snap[5]^=0xaa; + crypted_snap[6]^=0x03; + crypted_snap[7]^=0x00; + crypted_snap[8]^=0x00; + crypted_snap[9]^=0x00; + */ + + printf("\n"); + crypted_snap[10]='\0'; + crypted_snap[11]='\n'; + + if(file_fd>0) { + printf("debug: saved to file\n"); + dprintf(file_fd,IVLINE,IVL_ARGS); + } + } + } + } + + /* dump it */ +#ifdef SHOW_HEX + printf("all dump: (hex)\n"); + for(i=p_o+w_o+special_o;icaplen;i++) + printf("%x ",*(package+i)); + printf("\n"); +#endif +#ifdef DEBUG_CHAR + printf("all dump: (char)\n"); + for(i=p_o+w_o;icaplen;i++) + printf("%c ",*(package+i)); + printf("\n"); +#endif +} + +int hop_channel(struct info_struct *info,int foo_fd) { + if((info->mmode-0x30==1) && (strncmp(info->dev,"wlan",4)==0)) { + + struct iwreq my_iwreq; + + if (info->channel>=C_MAX) info->channel=1; + + memset(&my_iwreq,0,sizeof(my_iwreq)); + strcpy(my_iwreq.ifr_name,info->dev); + my_iwreq.u.freq.e=0; + my_iwreq.u.freq.m=info->channel; + if((ioctl(foo_fd,SIOCSIWFREQ,&my_iwreq))==-1) { + printf("unable to hop channels\n"); + perror("ioctl"); + return -1; + } + ++(info->channel); + } + return 0; +} + +int parse_ip(char *ip_o) { + struct iphdr *ip_hdr; + int i; + + printf("ip protocol:\n"); + ip_hdr=(struct iphdr *)ip_o; + printf("version = %x ",ip_hdr->version); + printf("header_length = %x \n",ip_hdr->ihl); + printf("service = %x ",ip_hdr->tos); + printf("total_length(dec.) = %d \n",ip_hdr->tot_len); + printf("source_ip: "); + for(i=0;i<=3;++i) { + printf("%d%s", + (ip_hdr->saddr&(0xff<<(8*i)))>>(8*i), + (i==3?"\n":".")); + } + printf("destination_ip: "); + for(i=0;i<=3;++i) { + printf("%d%s", + (ip_hdr->daddr&(0xff<<(8*i)))>>(8*i), + (i==3?"\n":".")); + } + printf("ip_id = %x ",ntohs(ip_hdr->id)); + printf("ip_offset = %x \n",ip_hdr->frag_off); + printf("time2live = %x ip_proto = %x\n",ip_hdr->ttl,ip_hdr->protocol); + /* how to continue */ + if(ip_hdr->protocol==IPPROTO_TCP) + parse_tcp(ip_hdr+sizeof(struct iphdr)); + if(ip_hdr->protocol==IPPROTO_UDP) + printf("udp package! get's parsed in the future\n"); + // printf("chksum: %x\n",ntohs(ip_hdr->ip_sum)); +} + +int parse_tcp(char *tcp_o) { + struct tcphdr *tcp_hdr; + + printf("tcp protocol:\n"); + tcp_hdr=(struct tcphdr *)tcp_o; + printf("source port: %d - dest port: %d\n",ntohs(tcp_hdr->source), + ntohs(tcp_hdr->dest)); + printf("sequence: %d - ack sequence: %d\n",ntohs(tcp_hdr->seq), + ntohs(tcp_hdr->ack_seq)); + printf("offset to data: %d - checksumm: %d\n",ntohs(tcp_hdr->doff) + ,ntohs(tcp_hdr->check)); + return 1; +} diff --git a/old/hdw-sniff.h b/old/hdw-sniff.h new file mode 100644 index 0000000..83d4dbd --- /dev/null +++ b/old/hdw-sniff.h @@ -0,0 +1,54 @@ +#include +#include "list.h" + +#define C_MAX 14 +#define IVLINE "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n" +#define cs(n) crypted_snap[n] +#define IVL_ARGS cs(0),cs(1),cs(2),cs(3),cs(4),cs(5),cs(6),cs(7),cs(8),cs(9) + +/* the pcap_process callback function */ +void pcap_process(u_char *count,const struct pcap_pkthdr *pcap_header, + const u_char *package); + +/* snap header struct */ +struct snaphdr { + unsigned char snap[6]; /* the six magic snap chars */ + unsigned short proto; /* protocol type */ +} __attribute__ ((packed)); + +/* info struct */ +struct info_struct { + int count; /* count packages */ + char dev[10]; /* device */ + char mmode; /* monitor type ... and later more */ + int channel; /* current freq channel */ + struct list *ssid_list; /* pointer to ssid list */ +}; + +/* hop_chanel function */ +int hop_channel(struct info_struct *info,int foo_fd); +int parse_ip(char *ip_o); +int parse_tcp(char *tcp_o); + +/* ssid struct */ +struct ssid_struct { + unsigned char elementid; /* element id */ + unsigned char length; /* length of ssid */ + unsigned char ssid[32]; /* ssid */ +} __attribute__ ((packed)); + +/* beacon header */ +struct beacon_struct { + long long timestamp; /* time stamp */ + unsigned short interval; /* beacon interval field */ + unsigned short capability; /* capability field */ + struct ssid_struct ssid_s; /* ssid field */ +} __attribute__ ((packed)); + +/* association request header */ +struct asso_req_struct { + unsigned short capability; /* capability field */ + unsigned short listeninterval; /* listen interval field */ + unsigned short ssid; /* ssid field */ + /* supported rates missing */ +} __attribute__ ((packed)); diff --git a/old/hdw_outlib.c b/old/hdw_outlib.c new file mode 100644 index 0000000..bc552cc --- /dev/null +++ b/old/hdw_outlib.c @@ -0,0 +1,52 @@ +/* call out ieee802.11 information + * + * author: hackbard + * + */ + +#define _GNU_SOURCE + +#include +#include +#include +#include +#include +#include +#include + +char sys_call[20]; + +int tell_ssid(char *ssid) { + sprintf(sys_call,"flite \"new ssid. %s\"",ssid); + system(sys_call); + return 1; +} + +int lcd_ssid(char *ssid,unsigned short cap) { + int lcd_fd; + char lcd_com[2]; + char c_msg[7]; + + if((lcd_fd=open("/dev/lcd",O_WRONLY|O_NDELAY)) <= 0) { + printf("failed to open lcd device"); + exit -1; + } + + printf("debug: lcd_fd = %d\n",lcd_fd); + strcpy(sys_call,ssid); + lcd_com[0]=27; + lcd_com[1]='c'; + write(lcd_fd,lcd_com,sizeof(lcd_com)); + lcd_com[0]=27; + lcd_com[1]='h'; + write(lcd_fd,lcd_com,sizeof(lcd_com)); + if((1<<4 & cap)) sprintf(c_msg," wep"); + else sprintf(c_msg," no_wep"); + dprintf(lcd_fd,"ssid: %s\ncap: %x%s",sys_call,cap,c_msg); + // write(lcd_fd,sys_call,sizeof(sys_call)); + close(lcd_fd); + return 1; +} + + + diff --git a/old/hdw_outlib.h b/old/hdw_outlib.h new file mode 100644 index 0000000..8fd1149 --- /dev/null +++ b/old/hdw_outlib.h @@ -0,0 +1,10 @@ +/* outlib.h - prototypes + * + * author: hackbard + * + */ + +/* prototypes */ +int tell_ssid(char *ssid); +int lcd_ssid(char *ssidi,unsigned short cap); + diff --git a/old/ieee80211.h b/old/ieee80211.h new file mode 100644 index 0000000..d3b2453 --- /dev/null +++ b/old/ieee80211.h @@ -0,0 +1,141 @@ +#ifndef IEEE80211_H +#define IEEE80211_H + +typedef unsigned int u32; +typedef unsigned short u16; +typedef unsigned char u8; + +#include +#if __BYTE_ORDER == __LITTLE_ENDIAN +#define le_to_host16(n) (n) +#define host_to_le32(n) (n) +#else +#include +#define le_to_host16(n) bswap_16(n) +#define host_to_le32(n) bswap_32(n) +#endif + +struct linux_wlan_ng_val { + u32 did; + u16 status, len; + u32 data; +} __attribute__ ((packed)); + +struct linux_wlan_ng_prism_hdr { + u32 msgcode, msglen; + char devname[16]; + struct linux_wlan_ng_val hosttime, mactime, channel, rssi, sq, signal, + noise, rate, istx, frmlen; +} __attribute__ ((packed)); + +#define BIT(x) (1 << (x)) + +#define WLAN_FC_PVER (BIT(1) | BIT(0)) +#define WLAN_FC_TODS BIT(8) +#define WLAN_FC_FROMDS BIT(9) +#define WLAN_FC_MOREFRAG BIT(10) +#define WLAN_FC_RETRY BIT(11) +#define WLAN_FC_PWRMGT BIT(12) +#define WLAN_FC_MOREDATA BIT(13) +#define WLAN_FC_ISWEP BIT(14) +#define WLAN_FC_ORDER BIT(15) + +#define WLAN_FC_GET_TYPE(fc) (((fc) & (BIT(3) | BIT(2))) >> 2) +#define WLAN_FC_GET_STYPE(fc) \ + (((fc) & (BIT(7) | BIT(6) | BIT(5) | BIT(4))) >> 4) + +#define WLAN_GET_SEQ_FRAG(seq) ((seq) & (BIT(3) | BIT(2) | BIT(1) | BIT(0))) +#define WLAN_GET_SEQ_SEQ(seq) \ + (((seq) & (~(BIT(3) | BIT(2) | BIT(1) | BIT(0)))) >> 4) + +#define WLAN_FC_TYPE_MGMT 0 +#define WLAN_FC_TYPE_CTRL 1 +#define WLAN_FC_TYPE_DATA 2 + +/* management */ +#define WLAN_FC_STYPE_ASSOC_REQ 0 +#define WLAN_FC_STYPE_ASSOC_RESP 1 +#define WLAN_FC_STYPE_REASSOC_REQ 2 +#define WLAN_FC_STYPE_REASSOC_RESP 3 +#define WLAN_FC_STYPE_PROBE_REQ 4 +#define WLAN_FC_STYPE_PROBE_RESP 5 +#define WLAN_FC_STYPE_BEACON 8 +#define WLAN_FC_STYPE_ATIM 9 +#define WLAN_FC_STYPE_DISASSOC 10 +#define WLAN_FC_STYPE_AUTH 11 +#define WLAN_FC_STYPE_DEAUTH 12 + +/* control */ +#define WLAN_FC_STYPE_PSPOLL 10 +#define WLAN_FC_STYPE_RTS 11 +#define WLAN_FC_STYPE_CTS 12 +#define WLAN_FC_STYPE_ACK 13 +#define WLAN_FC_STYPE_CFEND 14 +#define WLAN_FC_STYPE_CFENDACK 15 + +/* data */ +#define WLAN_FC_STYPE_DATA 0 +#define WLAN_FC_STYPE_DATA_CFACK 1 +#define WLAN_FC_STYPE_DATA_CFPOLL 2 +#define WLAN_FC_STYPE_DATA_CFACKPOLL 3 +#define WLAN_FC_STYPE_NULLFUNC 4 +#define WLAN_FC_STYPE_CFACK 5 +#define WLAN_FC_STYPE_CFPOLL 6 +#define WLAN_FC_STYPE_CFACKPOLL 7 + +/* Authentication algorithms */ +#define WLAN_AUTH_OPEN 0 +#define WLAN_AUTH_SHARED_KEY 1 + +#define WLAN_AUTH_CHALLENGE_LEN 128 + +#define WLAN_CAPABILITY_ESS BIT(0) +#define WLAN_CAPABILITY_IBSS BIT(1) +#define WLAN_CAPABILITY_CF_POLLABLE BIT(2) +#define WLAN_CAPABILITY_CF_POLL_REQUEST BIT(3) +#define WLAN_CAPABILITY_PRIVACY BIT(4) + +/* Status codes */ +#define WLAN_STATUS_SUCCESS 0 +#define WLAN_STATUS_UNSPECIFIED_FAILURE 1 +#define WLAN_STATUS_CAPS_UNSUPPORTED 10 +#define WLAN_STATUS_REASSOC_NO_ASSOC 11 +#define WLAN_STATUS_ASSOC_DENIED_UNSPEC 12 +#define WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG 13 +#define WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION 14 +#define WLAN_STATUS_CHALLENGE_FAIL 15 +#define WLAN_STATUS_AUTH_TIMEOUT 16 +#define WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA 17 +#define WLAN_STATUS_ASSOC_DENIED_RATES 18 +/* 802.11b */ +#define WLAN_STATUS_ASSOC_DENIED_NOSHORT 19 +#define WLAN_STATUS_ASSOC_DENIED_NOPBCC 20 +#define WLAN_STATUS_ASSOC_DENIED_NOAGILITY 21 + +/* Reason codes */ +#define WLAN_REASON_UNSPECIFIED 1 +#define WLAN_REASON_PREV_AUTH_NOT_VALID 2 +#define WLAN_REASON_DEAUTH_LEAVING 3 +#define WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY 4 +#define WLAN_REASON_DISASSOC_AP_BUSY 5 +#define WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA 6 +#define WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA 7 +#define WLAN_REASON_DISASSOC_STA_HAS_LEFT 8 +#define WLAN_REASON_STA_REQ_ASSOC_WITHOUT_AUTH 9 + + +/* Information Element IDs */ +#define WLAN_EID_SSID 0 +#define WLAN_EID_SUPP_RATES 1 +#define WLAN_EID_FH_PARAMS 2 +#define WLAN_EID_DS_PARAMS 3 +#define WLAN_EID_CF_PARAMS 4 +#define WLAN_EID_TIM 5 +#define WLAN_EID_IBSS_PARAMS 6 +#define WLAN_EID_CHALLENGE 16 + + +#define MAC2STR(a) (a)[0], (a)[1], (a)[2], (a)[3], (a)[4], (a)[5] +#define MACSTR "%02x:%02x:%02x:%02x:%02x:%02x" + +#endif diff --git a/old/ieee802_11.h b/old/ieee802_11.h new file mode 100644 index 0000000..e399f13 --- /dev/null +++ b/old/ieee802_11.h @@ -0,0 +1,73 @@ +#ifndef _IEEE802_11_H +#define _IEEE802_11_H + +#define IEEE802_11_DATA_LEN 2304 +/* Actually, the standard seems to be inconsistent about what the + maximum frame size really is. S6.2.1.1.2 says 2304 octets, but the + figure in section 7.1.2 says 2312 octects. */ +#define IEEE802_11_HLEN 30 +#define IEEE802_11_FRAME_LEN (IEEE802_11_DATA_LEN + IEEE802_11_HLEN) + +struct ieee802_11_hdr { + u16 frame_ctl; + u16 duration_id; + u8 addr1[ETH_ALEN]; + u8 addr2[ETH_ALEN]; + u8 addr3[ETH_ALEN]; + u16 seq_ctl; + u8 addr4[ETH_ALEN]; +} __attribute__ ((packed)); + +/* Frame control field constants */ +#define IEEE802_11_FCTL_VERS 0x0002 +#define IEEE802_11_FCTL_FTYPE 0x000c +#define IEEE802_11_FCTL_STYPE 0x00f0 +#define IEEE802_11_FCTL_TODS 0x0100 +#define IEEE802_11_FCTL_FROMDS 0x0200 +#define IEEE802_11_FCTL_MOREFRAGS 0x0400 +#define IEEE802_11_FCTL_RETRY 0x0800 +#define IEEE802_11_FCTL_PM 0x1000 +#define IEEE802_11_FCTL_MOREDATA 0x2000 +#define IEEE802_11_FCTL_WEP 0x4000 +#define IEEE802_11_FCTL_ORDER 0x8000 + +#define IEEE802_11_FTYPE_MGMT 0x0000 +#define IEEE802_11_FTYPE_CTL 0x0004 +#define IEEE802_11_FTYPE_DATA 0x0008 + +/* management */ +#define IEEE802_11_STYPE_ASSOC_REQ 0x0000 +#define IEEE802_11_STYPE_ASSOC_RESP 0x0010 +#define IEEE802_11_STYPE_REASSOC_REQ 0x0020 +#define IEEE802_11_STYPE_REASSOC_RESP 0x0030 +#define IEEE802_11_STYPE_PROBE_REQ 0x0040 +#define IEEE802_11_STYPE_PROBE_RESP 0x0050 +#define IEEE802_11_STYPE_BEACON 0x0080 +#define IEEE802_11_STYPE_ATIM 0x0090 +#define IEEE802_11_STYPE_DISASSOC 0x00A0 +#define IEEE802_11_STYPE_AUTH 0x00B0 +#define IEEE802_11_STYPE_DEAUTH 0x00C0 + +/* control */ +#define IEEE802_11_STYPE_PSPOLL 0x00A0 +#define IEEE802_11_STYPE_RTS 0x00B0 +#define IEEE802_11_STYPE_CTS 0x00C0 +#define IEEE802_11_STYPE_ACK 0x00D0 +#define IEEE802_11_STYPE_CFEND 0x00E0 +#define IEEE802_11_STYPE_CFENDACK 0x00F0 + +/* data */ +#define IEEE802_11_STYPE_DATA 0x0000 +#define IEEE802_11_STYPE_DATA_CFACK 0x0010 +#define IEEE802_11_STYPE_DATA_CFPOLL 0x0020 +#define IEEE802_11_STYPE_DATA_CFACKPOLL 0x0030 +#define IEEE802_11_STYPE_NULLFUNC 0x0040 +#define IEEE802_11_STYPE_CFACK 0x0050 +#define IEEE802_11_STYPE_CFPOLL 0x0060 +#define IEEE802_11_STYPE_CFACKPOLL 0x0070 + +#define IEEE802_11_SCTL_FRAG 0x000F +#define IEEE802_11_SCTL_SEQ 0xFFF0 + +#endif /* _IEEE802_11_H */ + diff --git a/old/list.c b/old/list.c new file mode 100644 index 0000000..3b4946e --- /dev/null +++ b/old/list.c @@ -0,0 +1,33 @@ +/* manage sniffed stuff in linked lists + * + * author: hackbard@hackdaworld.dyndns.org + * + */ + +#include "hdw_outlib.h" +#include "list.h" +#include +#include +#include + + +// char sys_call[20]; + +int add_ssid_2_list(char *ssid,unsigned short cap,struct list *my_list) { + + struct list *new_entry; + + if(my_list->next==NULL) { + tell_ssid(ssid); + lcd_ssid(ssid,cap); + new_entry=(struct list *)malloc(sizeof(struct list)); + my_list->next=new_entry; + strcpy(my_list->ssid,ssid); + new_entry->next=NULL; + } else if(!strcmp(my_list->ssid,ssid)) { + /* do nothing! */ + } else { + add_ssid_2_list(ssid,cap,my_list->next); + } + return 1; +} diff --git a/old/list.h b/old/list.h new file mode 100644 index 0000000..075bc50 --- /dev/null +++ b/old/list.h @@ -0,0 +1,13 @@ +/* + * list header file + * + */ + +/* data structures */ +struct list { + char ssid[32]; /* ssid */ + struct list *next; /* pointer to next list */ +}; + +/* prototypes */ +int add_ssid_2_list(char *ssid,unsigned short cap, struct list *my_list); diff --git a/parse.c b/parse.c new file mode 100644 index 0000000..70d15c9 --- /dev/null +++ b/parse.c @@ -0,0 +1,25 @@ +/* + * parse.c - parsing of pcap packages + * + * author: hackbard@hackdaworld.dyndns.org + * + */ + +#include "parse.h" +#include "802.11b.h" +#include "main.h" +#include "parse.h" + + +int parse_package(unsigned char *info,const struct pcap_pkthdr *pcap_hdr,cont unsigned char *package) +{ + if(info->caps&MONITORING_MODE) + { + struct linux_wlan_ng_prism_hdr *prism_hdr; + + prism_hdr=(struct linux_wlan_ng_prism_hdr *)package; + + + + +}