X-Git-Url: https://hackdaworld.org/gitweb/?p=my-code%2Fhdw-sniff.git;a=blobdiff_plain;f=parse.c;h=151c9f52038955d066f4d57d14d9527d9cffef9c;hp=bae6cd9c3cac35f5838ee6f42d1ac1a53f25ffd1;hb=48833c4a97516456062f2ee1d9839aa15e74f929;hpb=e0585c09c6eca4aa0af0a5a658e6e711fb76d3a5 diff --git a/parse.c b/parse.c index bae6cd9..151c9f5 100644 --- a/parse.c +++ b/parse.c @@ -6,7 +6,6 @@ */ #include "parse.h" -//#include "802.11b.h" #include "main.h" /* all the parsing stuff will go here @@ -14,32 +13,116 @@ * different protocols should get to seperated files though ... */ +int switch_active_state(char *state) { + + switch(*state) { + case '-': + *state='\\'; + break; + case '\\': + *state='|'; + break; + case '|': + *state='/'; + break; + default: + *state='-'; + break; + } + + return 23; +} + void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,const unsigned char *package) { t_info *info; int i; - t_sta sniffed_sta; + t_sta new_sta; + t_sta *sta; + //t_frame4_hdr *f4hdr; + t_frame3_hdr *f3hdr; + //t_frame2_hdr *f2hdr; + //t_frame1_hdr *f1hdr; + t_beacon_fb *beacon_fb; int ret; + char string[MESSAGE_MAX]; + char sc[MAX_SYSCALL_CHARS]; + unsigned char new; info=(t_info *)ptr; info->count++; + memset(&new_sta,0,sizeof(t_sta)); + new=0; + if(info->dump_fd!=0) { ret=write(info->dump_fd,pcap_header,sizeof(struct pcap_pkthdr)); if(ret!=sizeof(struct pcap_pkthdr)) - display_console(info->display,"warning, pcap header write failed!"); + display_console(info,"warning, pcap header write failed!"); ret=write(info->dump_fd,package,pcap_header->caplen); if(ret!=pcap_header->caplen) - display_console(info->display,"warning, package write failed!"); + display_console(info,"warning, package write failed!"); } /* maybe there is offset to the actual ieee802.11 frame, - for example prism header ... */ + for example prism header ... + in that case, hack the source! */ + /* management */ + if(FCTL_TYPE(package[0])==FCTL_TYPE_MGMT) { + info->count_m++; - /* go on parsing frame ctl header here ... */ + /* beacon frames */ + if(FCTL_STYPE(package[0])==FCTL_STYPE_BEACON) { + f3hdr=(t_frame3_hdr *)package; + beacon_fb=(t_beacon_fb *)(package+sizeof(t_frame3_hdr)); + // check sta + memcpy(new_sta.addr,f3hdr->addr2,ADDR_LEN); + ret=list_search_data(&(info->sniffed_sta),&new_sta,ADDR_LEN); + if((ret==L_EMPTY_LIST)|(ret==L_NO_SUCH_ELEMENT)) { + list_add_element(&(info->sniffed_sta),&new_sta,sizeof(t_sta)); + sta=(t_sta *)info->sniffed_sta.current->data; + new=1; + } + else sta=(t_sta *)info->sniffed_sta.current->data; + // fill in stuff ... + memcpy(sta->ssid,beacon_fb->ssid,beacon_fb->ssid_length); + if((CAP_INFO_ESS(beacon_fb->cap_info))& + (CAP_INFO_IBSS(beacon_fb->cap_info)==0)) sta->ap=AP; + if(CAP_INFO_PRIVACY(beacon_fb->cap_info)) sta->wep=WEP; + sta->count_mgmt++; + switch_active_state(&(sta->active)); + strncpy(string,"last: beacon, source: ",MESSAGE_MAX); + for(i=0;iaddr[i], + (i==ADDR_LEN-1)?'.':':'); + string[22+3*ADDR_LEN+1]=0; + display_console(info,string); + if(new) { + snprintf(sc,MAX_SYSCALL_CHARS, + "flite 'access point found: %s'", + sta->ssid); + system(sc); + if(sta->wep&WEP) strncpy(sc,"flite ' crypted'",MAX_SYSCALL_CHARS); + else strncpy(sc,"flite 'not crypted'",MAX_SYSCALL_CHARS); + system(sc); + } + } + + } + + /* control */ + else if(FCTL_TYPE(package[0])==FCTL_TYPE_CTRL) { + info->count_c++; + display_console(info,"last: got control frame"); + } + + /* data */ + else if(FCTL_TYPE(package[0])==FCTL_TYPE_DATA) { + info->count_d++; + display_console(info,"last: got data frame"); + } - return 23; }