X-Git-Url: https://hackdaworld.org/gitweb/?p=my-code%2Fhdw-sniff.git;a=blobdiff_plain;f=parse.c;h=7eac80362f91202bed52bbfe8b995ede8e553850;hp=f60dc044fd97c1ba73f539f5504e26319768524c;hb=2ede1086cab0258aad9ac4706350d3b461adb44f;hpb=ce967f4d1e3dc10cda58062bc21aaf264e1a0f81 diff --git a/parse.c b/parse.c index f60dc04..7eac803 100644 --- a/parse.c +++ b/parse.c @@ -6,7 +6,6 @@ */ #include "parse.h" -//#include "802.11b.h" #include "main.h" /* all the parsing stuff will go here @@ -14,27 +13,111 @@ * different protocols should get to seperated files though ... */ +int switch_active_state(char *state) { + + switch(*state) { + case '-': + *state='\\'; + break; + case '\\': + *state='|'; + break; + case '|': + *state='/'; + break; + default: + *state='-'; + break; + } + + return 23; +} + void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,const unsigned char *package) { - t_info *info; - int i; - - info=(t_info *)ptr; - - info->count++; - - printf("---> package %d --- %s\n", - info->count, - ctime((const time_t*)&(pcap_header->ts.tv_sec))); - if(info->mode&MODE_ASCIIOUT) { - puts("content in ascii:"); - for(i=0;icaplen;i++) printf("%c ",package[i]); - puts(""); - } - if(info->mode&MODE_HEXOUT) { - puts("content in ascii:"); - for(i=0;icaplen;i++) printf("%x ",package[i]); - puts(""); - } + t_info *info; + int i; + t_sta new_sta; + t_sta *sta; + //t_frame4_hdr *f4hdr; + t_frame3_hdr *f3hdr; + //t_frame2_hdr *f2hdr; + //t_frame1_hdr *f1hdr; + t_beacon_fb *beacon_fb; + int ret; + char string[MESSAGE_MAX]; + char sc[MAX_SYSCALL_CHARS]; + unsigned char new; + + info=(t_info *)ptr; + + info->count++; + + memset(&new_sta,0,sizeof(t_sta)); + new=0; + + if(info->dump_fd!=0) { + ret=write(info->dump_fd,pcap_header,sizeof(struct pcap_pkthdr)); + if(ret!=sizeof(struct pcap_pkthdr)) + display_console(info,"warning, pcap header write failed!"); + ret=write(info->dump_fd,package,pcap_header->caplen); + if(ret!=pcap_header->caplen) + display_console(info,"warning, package write failed!"); + } + + /* maybe there is offset to the actual ieee802.11 frame, + for example prism header ... + in that case, hack the source! */ + + /* management */ + if(FCTL_TYPE(package[0])==FCTL_TYPE_MGMT) { + info->count_m++; + + /* beacon frames */ + if(FCTL_STYPE(package[0])==FCTL_STYPE_BEACON) { + f3hdr=(t_frame3_hdr *)package; + beacon_fb=(t_beacon_fb *)(package+sizeof(t_frame3_hdr)); + // check sta + memcpy(new_sta.addr,f3hdr->addr2,ADDR_LEN); + ret=list_search_data(&(info->sniffed_sta),&new_sta,ADDR_LEN); + if((ret==L_EMPTY_LIST)|(ret==L_NO_SUCH_ELEMENT)) { + list_add_element(&(info->sniffed_sta),&new_sta,sizeof(t_sta)); + sta=(t_sta *)info->sniffed_sta.current->data; + new=1; + } + else sta=(t_sta *)info->sniffed_sta.current->data; + // fill in stuff ... + memcpy(sta->ssid,beacon_fb->ssid,beacon_fb->ssid_length); + if((CAP_INFO_ESS(beacon_fb->cap_info))& + (CAP_INFO_IBSS(beacon_fb->cap_info)==0)) sta->ap=AP; + if(CAP_INFO_PRIVACY(beacon_fb->cap_info)) sta->wep=WEP; + sta->count_mgmt++; + switch_active_state(&(sta->active)); + strncpy(string,"last: beacon, source: ",MESSAGE_MAX); + for(i=0;iaddr[i], + (i==ADDR_LEN-1)?'.':':'); + string[22+3*ADDR_LEN+1]=0; + display_console(info,string); + if(new) { + snprintf(sc,MAX_SYSCALL_CHARS,"flite 'new ssid: %s'",sta->ssid); + system(sc); + } + } + + } + + /* control */ + else if(FCTL_TYPE(package[0])==FCTL_TYPE_CTRL) { + info->count_c++; + display_console(info,"last: got control frame"); + } + + /* data */ + else if(FCTL_TYPE(package[0])==FCTL_TYPE_DATA) { + info->count_d++; + display_console(info,"last: got data frame"); + } + }