X-Git-Url: https://hackdaworld.org/gitweb/?p=my-code%2Fhdw-sniff.git;a=blobdiff_plain;f=parse.c;h=151c9f52038955d066f4d57d14d9527d9cffef9c;hp=b325728ad47eb638ec7ae6bcd83283bcfab02f06;hb=48833c4a97516456062f2ee1d9839aa15e74f929;hpb=c191ef245532c978ebdfbcb25056500fab9eb638 diff --git a/parse.c b/parse.c index b325728..151c9f5 100644 --- a/parse.c +++ b/parse.c @@ -13,23 +13,48 @@ * different protocols should get to seperated files though ... */ +int switch_active_state(char *state) { + + switch(*state) { + case '-': + *state='\\'; + break; + case '\\': + *state='|'; + break; + case '|': + *state='/'; + break; + default: + *state='-'; + break; + } + + return 23; +} + void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,const unsigned char *package) { t_info *info; int i; t_sta new_sta; - t_frame4_hdr *f4hdr; + t_sta *sta; + //t_frame4_hdr *f4hdr; t_frame3_hdr *f3hdr; - t_frame2_hdr *f2hdr; - t_frame1_hdr *f1hdr; + //t_frame2_hdr *f2hdr; + //t_frame1_hdr *f1hdr; t_beacon_fb *beacon_fb; int ret; + char string[MESSAGE_MAX]; + char sc[MAX_SYSCALL_CHARS]; + unsigned char new; info=(t_info *)ptr; info->count++; memset(&new_sta,0,sizeof(t_sta)); + new=0; if(info->dump_fd!=0) { ret=write(info->dump_fd,pcap_header,sizeof(struct pcap_pkthdr)); @@ -41,24 +66,63 @@ void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,cons } /* maybe there is offset to the actual ieee802.11 frame, - for example prism header ... */ + for example prism header ... + in that case, hack the source! */ + /* management */ if(FCTL_TYPE(package[0])==FCTL_TYPE_MGMT) { - if(FCTL_STYPE(package[0])==FCTL_STYPE_BEACON) + info->count_m++; + + /* beacon frames */ + if(FCTL_STYPE(package[0])==FCTL_STYPE_BEACON) { f3hdr=(t_frame3_hdr *)package; - beacon_fb=(t_beacon_fb *)package+sizeof(t_frame3_hdr); - dprintf(info->log_fd,"beacon: "); - for(i=0;ilog_fd,"%02x ",*((f3hdr->addr2)+i)); - dprintf(info->log_fd," essid: "); - for(i=0;issid_length;i++) - dprintf(info->log_fd,"%c ",(beacon_fb->ssid)+i); - dprintf(info->log_fd,"\n"); + beacon_fb=(t_beacon_fb *)(package+sizeof(t_frame3_hdr)); + // check sta + memcpy(new_sta.addr,f3hdr->addr2,ADDR_LEN); + ret=list_search_data(&(info->sniffed_sta),&new_sta,ADDR_LEN); + if((ret==L_EMPTY_LIST)|(ret==L_NO_SUCH_ELEMENT)) { + list_add_element(&(info->sniffed_sta),&new_sta,sizeof(t_sta)); + sta=(t_sta *)info->sniffed_sta.current->data; + new=1; + } + else sta=(t_sta *)info->sniffed_sta.current->data; + // fill in stuff ... + memcpy(sta->ssid,beacon_fb->ssid,beacon_fb->ssid_length); + if((CAP_INFO_ESS(beacon_fb->cap_info))& + (CAP_INFO_IBSS(beacon_fb->cap_info)==0)) sta->ap=AP; + if(CAP_INFO_PRIVACY(beacon_fb->cap_info)) sta->wep=WEP; + sta->count_mgmt++; + switch_active_state(&(sta->active)); + strncpy(string,"last: beacon, source: ",MESSAGE_MAX); + for(i=0;iaddr[i], + (i==ADDR_LEN-1)?'.':':'); + string[22+3*ADDR_LEN+1]=0; + display_console(info,string); + if(new) { + snprintf(sc,MAX_SYSCALL_CHARS, + "flite 'access point found: %s'", + sta->ssid); + system(sc); + if(sta->wep&WEP) strncpy(sc,"flite ' crypted'",MAX_SYSCALL_CHARS); + else strncpy(sc,"flite 'not crypted'",MAX_SYSCALL_CHARS); + system(sc); + } + } + } - else { - dprintf(info->log_fd,"other: "); - for(i=0;i<16;i++) dprintf(info->log_fd,"%02x ",package[i]); - dprintf(info->log_fd,"\n"); + /* control */ + else if(FCTL_TYPE(package[0])==FCTL_TYPE_CTRL) { + info->count_c++; + display_console(info,"last: got control frame"); } + /* data */ + else if(FCTL_TYPE(package[0])==FCTL_TYPE_DATA) { + info->count_d++; + display_console(info,"last: got data frame"); + } + + }