* author: hackbard@hackdaworld.dyndns.org
*/
+#define _GNU_SOURCE
+
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <netinet/if_ether.h> /* for ethhdr struct */
#include <netinet/ip.h> /* ip */
#include <netinet/in.h> /* in_addr , inet_ntoa */
+#include <netinet/tcp.h> /* tcp header and protocols */
/* IEEE 802.11 stuff -- will become one include later ... */
#include "ieee80211.h" /* from hunz's aeolus, short hostap_wlan.h */
else {
if((file_fd=open(argv[3],O_RDWR | O_CREAT))!=0) {
printf("writing to logfile %s ...\n",argv[3]);
+ dprintf(file_fd,"|iv - --|id|crypted_snap - --|\n");
}
else {
- printf("can't open logfile!\n");
+ printf("can't open logfile. not logged to file!\n");
}
}
const u_char *package) {
/* local variables */
- char tmp_buf[20],crypted_snap[12],tmp_buf1[10],tmp_buf2[32];
+ char tmp_buf[20],tmp_buf1[10],tmp_buf2[32];
+ unsigned char crypted_snap[12];
struct linux_wlan_ng_prism_hdr *prism_hdr;
struct ieee802_11_hdr *w_hdr;
struct snaphdr *snap_hdr;
struct beacon_struct *beacon_hdr;
struct ethhdr *e_hdr;
- struct iphdr *ip_hdr;
struct info_struct *my_info_struct;
- int i,p_o,w_o,e_o,i_o;
+ int i,p_o,w_o,e_o,i_o,special_o=0;
my_info_struct=(struct info_struct *)info;
++(my_info_struct->count);
/* ieee802.11 header */
/* we need smaller w_hdr for non distributed frames */
- if((w_hdr->frame_ctl & (1<<8)) & (w_hdr->frame_ctl & (1<<9))) {
+ if((w_hdr->frame_ctl & (1<<8)) && (w_hdr->frame_ctl & (1<<9))) {
printf("=> distributed packet !!!!11\n");
} else w_o-=(sizeof(struct snaphdr)-sizeof(unsigned short));
/* frame type */
/* management */
if(!(w_hdr->frame_ctl & 0x0c)) {
+ tmp_buf1[0]='\0'; tmp_buf2[0]='\0';
if((w_hdr->frame_ctl & IEEE802_11_STYPE_ASSOC_REQ)>0)
strcpy(tmp_buf,"association request");
else if((w_hdr->frame_ctl & IEEE802_11_STYPE_ASSOC_RESP)>0)
:strcpy(tmp_buf1,"ibssid = ");
strncpy(tmp_buf2,beacon_hdr->ssid_s.ssid,
beacon_hdr->ssid_s.length);
+
tmp_buf2[beacon_hdr->ssid_s.length]='\0';
strcpy(tmp_buf,"beacon");
- add_ssid_2_list(tmp_buf2,my_info_struct->ssid_list);
+ add_ssid_2_list(tmp_buf2,beacon_hdr->capability,
+ my_info_struct->ssid_list);
}
else if((w_hdr->frame_ctl & IEEE802_11_STYPE_ATIM)>0)
strcpy(tmp_buf,"announcement traffic indication message");
strcpy(tmp_buf,"deauthentification");
else strcpy(tmp_buf,"impossible situation \%) - go mail the author.");
}
- else strcpy(tmp_buf,"control & data frame type not supported yet");
- /* print out frame type */
+ else strcpy(tmp_buf,"control or data frame type");
+
printf("=> %s\n",tmp_buf);
- printf(" %s%s\n",tmp_buf1,tmp_buf2);
+ if((strlen(tmp_buf1)>0) && (strlen(tmp_buf2)>0)) printf(" %s%s\n",
+ tmp_buf1,
+ tmp_buf2);
printf("duration/id: 0x%x\n",w_hdr->duration_id);
printf("version check ... %s\n",
((w_hdr->frame_ctl & IEEE802_11_FCTL_VERS)==0x00)?
if((strncmp(my_info_struct->dev,"eth",3)==0) |
((w_hdr->frame_ctl & IEEE802_11_FTYPE_DATA)==IEEE802_11_FTYPE_DATA)) {
- if(!(w_hdr->frame_ctl & IEEE802_11_FTYPE_DATA)) {
+ if((strncmp(my_info_struct->dev,"eth",3)==0)) {
printf("ethernet: (%d bytes)\n",e_o);
e_hdr=(struct ethhdr *)(package+p_o+w_o);
+ special_o=sizeof(struct ethhdr);
/* what types ? */
printf("type = ");
printf("%x ",ntohs(e_hdr->h_proto));
printf(" src_addr = ");
for(i=0;i<ETH_ALEN;i++) printf("%x%s",*(e_hdr->h_source+i),
((i==ETH_ALEN-1)?"\n":":"));
+ if((ntohs(e_hdr->h_proto)==ETH_P_IP))
+ parse_ip(package+p_o+w_o+e_o);
}
else {
snap_hdr=(struct snaphdr *)(package+p_o+w_o);
printf("- no encryption!\n");
if(snap_hdr->proto==ntohs(ETH_P_IP)) {
e_o=sizeof(struct snaphdr);
+ parse_ip((char *)(snap_hdr+e_o));
}
+
}
else {
printf("- crypted packet!\n");
printf("%x ",*(snap_hdr->snap+i));
crypted_snap[i]=*(snap_hdr->snap+i);
}
- /*
+ /* xor with plain
crypted_snap[4]^=0xaa;
crypted_snap[5]^=0xaa;
crypted_snap[6]^=0x03;
printf("\n");
crypted_snap[10]='\0';
crypted_snap[11]='\n';
+
if(file_fd>0) {
printf("debug: saved to file\n");
- write(file_fd,crypted_snap,11);
+ dprintf(file_fd,IVLINE,IVL_ARGS);
}
}
}
-
- /* IP ? */
- if((ntohs(e_hdr->h_proto)==ETH_P_IP) | (ntohs(snap_hdr->proto)==ETH_P_IP)) {
- printf("ip protocol: (%d bytes)\n",i_o);
- ip_hdr=(struct iphdr *)(package+p_o+w_o+e_o);
- printf("version = %x ",ntohs(ip_hdr->version));
- printf("header_length = %x \n",ntohs(ip_hdr->ihl));
- printf("service = %x ",ntohs(ip_hdr->tos));
- printf("total_length(dec.) = %d \n",ntohs(ip_hdr->tot_len));
- printf("source_ip: ");
- for(i=0;i<=3;++i) {
- printf("%d%s",
- (ip_hdr->saddr&(0xff<<(8*i)))>>(8*i),
- (i==3?"\n":"."));
- }
- printf("destination_ip: ");
- for(i=0;i<=3;++i) {
- printf("%d%s",
- (ip_hdr->daddr&(0xff<<(8*i)))>>(8*i),
- (i==3?"\n":"."));
- }
- printf("ip_id = %x ",ntohs(ip_hdr->id));
- printf("ip_offset = %x \n",ntohs(ip_hdr->frag_off));
- printf("time2live = %x ip_proto = %x\n",ntohs(ip_hdr->ttl),
- ntohs(ip_hdr->protocol));
- // printf("chksum: %x\n",ntohs(ip_hdr->ip_sum));
- }
}
- /* check what we have ... */
+ /* dump it */
+#ifdef SHOW_HEX
printf("all dump: (hex)\n");
- for(i=p_o+w_o;i<pcap_header->caplen;i++)
+ for(i=p_o+w_o+special_o;i<pcap_header->caplen;i++)
printf("%x ",*(package+i));
printf("\n");
+#endif
#ifdef DEBUG_CHAR
printf("all dump: (char)\n");
for(i=p_o+w_o;i<pcap_header->caplen;i++)
}
return 0;
}
+
+int parse_ip(char *ip_o) {
+ struct iphdr *ip_hdr;
+ int i;
+
+ printf("ip protocol:\n");
+ ip_hdr=(struct iphdr *)ip_o;
+ printf("version = %x ",ip_hdr->version);
+ printf("header_length = %x \n",ip_hdr->ihl);
+ printf("service = %x ",ip_hdr->tos);
+ printf("total_length(dec.) = %d \n",ip_hdr->tot_len);
+ printf("source_ip: ");
+ for(i=0;i<=3;++i) {
+ printf("%d%s",
+ (ip_hdr->saddr&(0xff<<(8*i)))>>(8*i),
+ (i==3?"\n":"."));
+ }
+ printf("destination_ip: ");
+ for(i=0;i<=3;++i) {
+ printf("%d%s",
+ (ip_hdr->daddr&(0xff<<(8*i)))>>(8*i),
+ (i==3?"\n":"."));
+ }
+ printf("ip_id = %x ",ntohs(ip_hdr->id));
+ printf("ip_offset = %x \n",ip_hdr->frag_off);
+ printf("time2live = %x ip_proto = %x\n",ip_hdr->ttl,ip_hdr->protocol);
+ /* how to continue */
+ if(ip_hdr->protocol==IPPROTO_TCP)
+ parse_tcp(ip_hdr+sizeof(struct iphdr));
+ if(ip_hdr->protocol==IPPROTO_UDP)
+ printf("udp package! get's parsed in the future\n");
+ // printf("chksum: %x\n",ntohs(ip_hdr->ip_sum));
+}
+
+int parse_tcp(char *tcp_o) {
+ struct tcphdr *tcp_hdr;
+
+ printf("tcp protocol:\n");
+ tcp_hdr=(struct tcphdr *)tcp_o;
+ printf("source port: %d - dest port: %d\n",ntohs(tcp_hdr->source),
+ ntohs(tcp_hdr->dest));
+ printf("sequence: %d - ack sequence: %d\n",ntohs(tcp_hdr->seq),
+ ntohs(tcp_hdr->ack_seq));
+ printf("offset to data: %d - checksumm: %d\n",ntohs(tcp_hdr->doff)
+ ,ntohs(tcp_hdr->check));
+ return 1;
+}