beacons recognized, minimal gui working

diff --git a/Makefile b/Makefile
deleted file mode 100644 (file)
index 80353ae..0000000
--- a/Makefile
+++ /dev/null
@@ -1,29 +0,0 @@
-# hdw-sniff Makefile, created Fri May 27 20:42:55 CEST 2005
-
-INCLUDEDIR = /usr/include
-CFLAGS = -DDEBUG -O3 -Wall
-LIBS = -lm -lncurses -lpcap
-
-OBJS = network.o event.o list.o display.o input.o
-OBJS2 = hdw-sniff
-
-links:
-       ln -sf ../api/network/network.{c,h} .
-       ln -sf ../api/event/event.{c,h} .
-       ln -sf ../api/list/list.{c,h} .
-       ln -sf ../api/display/display.{c,h} .
-       ln -sf ../api/input/input.{c,h} .
-
-hdw-sniff: links $(OBJS)
-       $(CC) $(CFLAGS) -o $@ $(OBJS) main.c parse.c $(LIBS)
-
-all: hdw-sniff
-
-clean:
-       rm -f $(OBJS) $(OBJS2)
-
-remake: clean all
-
-install:
-       mkdir -p /usr/bin
-       cp hdw-sniff /usr/bin

diff --git a/README b/README
new file mode 100644 (file)
index 0000000..ab0d0c7
--- /dev/null
+++ b/README
@@ -0,0 +1,37 @@
+hdw-sniff
+---------
+
+ieee 802.11 sniffer
+
+
+install
+#######
+
+- required:
+
+       - my minimalistic apis (get it via cvs from hackdaworld.org)
+       - libpcap (freshmeat may help)
+       - wlan card supporting monitor mode
+
+- build: (an example)
+
+       mkdir ~/foo && cd ~/foo
+       cvs -d:pserver:anonymous@hackdaworld.org:/my-code co api
+       cvs -d:pserver:anonymous@hackdaworld.org:/my-code co hdw-sniff
+       cd hdw-sniff
+       ./configure
+       make
+
+- usage: (another example)
+
+       ./hdw-sniff -m monitor -d wlan0
+
+
+troubleshooting
+###############
+
+irc: server = irc.hackdaworld.org , channel = #hackdaworld
+email: hackbard@hackdaworld.org
+
+
+have fun!

diff --git a/configure b/configure
index f99f757..ee4ddea 100755 (executable)
--- a/configure
+++ b/configure
@@ -58,6 +58,8 @@ LIBS = $GENLIBS
 OBJS = $GENAPI
 OBJS2 = $name
 
+all: $name
+
 links:
 EOF
 
@@ -78,8 +80,6 @@ EOF
 done
 
 cat >> Makefile << EOF
-all: $name
-
 clean:
        rm -f \$(OBJS) \$(OBJS2)
 

diff --git a/main.c b/main.c
index 4a878cf..8a6a4c2 100644 (file)
--- a/main.c
+++ b/main.c
@@ -13,9 +13,11 @@
 
 int display_console(t_info *info,char *string) {
 
-  int x,y,size;
+  int x,y,size,count,cnt,i,s;
   t_display *display;
+  t_sta *sta;
   char help[32];
+  char *blank;
 
   display=(t_display *)&(info->display);
 
@@ -24,40 +26,72 @@ int display_console(t_info *info,char *string) {
 
   size=strlen(string);
 
-  display_line(display,0,0,2,0,'-');
-  display_string(display,4,0,"sta",3);
-  display_line(display,8,0,12,0,'-');
-
-  display_string(display,13,0,"bssid",5);
-  display_line(display,19,0,23,0,'-');
-
-  display_string(display,25,0,"M",1);
-  display_line(display,27,0,x,0,'-');
-
-  //display_line(display,0,0,0,y,'|');
-  //display_line(display,x,0,x,y,'|');
+  count=list_count(&(info->sniffed_sta));
+  cnt=((count>y-5)?y-5:count);
+
+  display_line(display,0,0,x,0,'-');
+  display_string(display,GUI_OFFSET_STA,1,"sta/ap",6);
+  display_string(display,GUI_OFFSET_SSID,1,"| ssid",6);
+  display_string(display,GUI_OFFSET_AP,1,"| ap",4);
+  display_string(display,GUI_OFFSET_WEP,1,"| wep",5);
+  display_string(display,GUI_OFFSET_MGMT,1,"| mgmt",6);
+  display_string(display,GUI_OFFSET_CTRL,1,"| ctrl",6);
+  display_string(display,GUI_OFFSET_DATA,1,"| data",6);
+  display_string(display,GUI_OFFSET_ACTIVE,1,"| act",5);
+  display_line(display,0,2,x,2,'-');
+
+  list_reset(&(info->sniffed_sta));
+
+  for(i=0;i<cnt;i++) {
+    sta=(t_sta *)info->sniffed_sta.current->data;
+    snprintf(help,32,"%02x:%02x:%02x:%02x:%02x:%02x",
+             sta->addr[0],sta->addr[1],sta->addr[2],
+             sta->addr[3],sta->addr[4],sta->addr[5]);
+    display_string(display,GUI_OFFSET_STA,3+i,help,17);
+    s=strlen(sta->ssid);
+    s=((s>=16)?16:s);
+    help[0]='|'; help[1]=' ';
+    memcpy(&help[2],sta->ssid,s);
+    display_string(display,GUI_OFFSET_SSID,3+i,help,s+2);
+    snprintf(help,4,"| %c",sta->ap?'y':'n');
+    display_string(display,GUI_OFFSET_AP,3+i,help,3);
+    snprintf(help,5,"|  %c",sta->wep?'y':'n');
+    display_string(display,GUI_OFFSET_WEP,3+i,help,4);
+/*
+    snprintf(help,21,"| %04d | %04d | %04d",
+             sta->count_mgmt,sta->count_ctrl,
+             sta->count_data);
+*/
+    snprintf(help,21,"| %04d | n.a. | n.a.",
+             sta->count_mgmt);
+    display_string(display,GUI_OFFSET_MGMT,3+i,help,20);
+    snprintf(help,5,"|  %c",sta->active);
+    display_string(display,GUI_OFFSET_ACTIVE,3+i,help,4);
+    list_next(&(info->sniffed_sta));
+  }
 
   /* footer */
   display_line(display,0,y-3,x,y-3,'-');
 
-  memset(help,0,32);
-  snprintf(help,32,"total: %06d",info->count);
+  snprintf(help,14,"total: %06d",info->count);
   display_string(display,3,y-2,help,13);
-
-  memset(help,0,32);
-  snprintf(help,32,"management: %06d",info->count_m);
+  snprintf(help,19,"management: %06d",info->count_m);
   display_string(display,18,y-2,help,18);
-
-  memset(help,0,32);
-  snprintf(help,32,"control: %06d",info->count_c);
+  snprintf(help,16,"control: %06d",info->count_c);
   display_string(display,38,y-2,help,15);
-
-  memset(help,0,32);
-  snprintf(help,32,"data: %06d",info->count_d);
+  snprintf(help,13,"data: %06d",info->count_d);
   display_string(display,55,y-2,help,12);
 
   display_line(display,0,y-1,x,y-1,'-');
 
+  if(size!=0) {
+    blank=(char *)malloc(display->max_x);
+    memset(blank,0x20,display->max_x);
+    display_string(display,0,y,blank,x);
+    display_string(display,1,y,string,size);
+    free(blank);
+  }
+
   display_draw(display);
 
   return 23;
@@ -170,7 +204,7 @@ int main(int argc, char **argv) {
   char pcap_error[PCAP_ERRBUF_SIZE];
 
   memset(&info,0,sizeof(t_info));
- 
+
  /* parse arguments */
  for(i=1;i<argc;i++) {
   if(argv[i][0]=='-') {
@@ -252,6 +286,22 @@ int main(int argc, char **argv) {
  info.channel_hop_fd=socket(AF_INET,SOCK_DGRAM,0);
 
  display_init(&(info.display),info.log_fd);
+ if(info.display.max_x<HDW_SNIFF_MAX_WIDTH) {
+   display_shutdown(&(info.display));
+   puts("");
+   puts("");
+   puts("fatal! please increase your terminals width");
+   puts("");
+   return -23;
+ }
+ if(info.display.max_y<HDW_SNIFF_MAX_HEIGHT) {
+   display_shutdown(&(info.display));
+   puts("");
+   puts("");
+   puts("fatal! please increase your terminals width");
+   puts("");
+   return -23;
+ }
 
  input_init(&(info.input),info.log_fd);
  //input.mode=CONTENT_BUFFER;
@@ -265,10 +315,19 @@ int main(int argc, char **argv) {
 
  list_init(&(info.sniffed_sta),info.log_fd);
 
- display_console(&info,"foo");
+ display_console(&info,
+   "                       Welcome to hdw-sniff ... :-D");
+
+ sleep(2);
+
+ display_console(&info,
+ "    Copyright (C) 2004/05 hackbard@hackdaworld.org (press any button)");
+
+ getchar();
 
  event_start(&(info.event),&info,react_on_event,hop_channel);
 
+ list_shutdown(&(info.sniffed_sta));
  input_shutdown(&(info.input));
  display_shutdown(&(info.display));
  

diff --git a/main.h b/main.h
index e9fd872..1628c91 100644 (file)
--- a/main.h
+++ b/main.h
@@ -34,13 +34,26 @@
 #include "list.h"
 
 #define SYSCALL_MAX 32
+#define MESSAGE_MAX 64
 #define CHANNEL_MAX 13
 #define MAX_DEV_CHARS 6
 #define MAX_SYSCALL_CHARS 64
 
+#define HDW_SNIFF_MAX_WIDTH 80
+#define HDW_SNIFF_MAX_HEIGHT 8
+
 #define HOP_SEC 0
 #define HOP_USEC 200000
 
+#define GUI_OFFSET_STA 1
+#define GUI_OFFSET_SSID 19
+#define GUI_OFFSET_AP 39
+#define GUI_OFFSET_WEP 44
+#define GUI_OFFSET_MGMT 50
+#define GUI_OFFSET_CTRL 57
+#define GUI_OFFSET_DATA 64
+#define GUI_OFFSET_ACTIVE 71
+
 /* modes */
 #define MODE_MONITOR (1<<0)
 #define MODE_WLANNG (1<<1)

diff --git a/parse.c b/parse.c
index 647c176..f18ba98 100644 (file)
--- a/parse.c
+++ b/parse.c
@@ -13,17 +13,39 @@
  * different protocols should get to seperated files though ...
  */
 
+int switch_active_state(char *state) {
+
+  switch(*state) {
+    case '-':
+      *state='\\';
+      break;
+    case '\\':
+      *state='|';
+      break;
+    case '|':
+      *state='/';
+      break;
+    default:
+      *state='-';
+      break;
+  }
+
+  return 23;
+}
+
 void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,const unsigned char *package) {
 
   t_info *info;
   int i;
   t_sta new_sta;
-  t_frame4_hdr *f4hdr;
+  t_sta *sta;
+  //t_frame4_hdr *f4hdr;
   t_frame3_hdr *f3hdr;
-  t_frame2_hdr *f2hdr;
-  t_frame1_hdr *f1hdr;
+  //t_frame2_hdr *f2hdr;
+  //t_frame1_hdr *f1hdr;
   t_beacon_fb *beacon_fb;
   int ret;
+  char string[MESSAGE_MAX];
 
   info=(t_info *)ptr;
 
@@ -41,30 +63,53 @@ void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,cons
   }
   
   /* maybe there is offset to the actual ieee802.11 frame,
-     for example prism header ... */
+     for example prism header ...
+     in that case, hack the source! */
 
+  /* management */
   if(FCTL_TYPE(package[0])==FCTL_TYPE_MGMT) {
     info->count_m++;
+
+    /* beacon frames */
     if(FCTL_STYPE(package[0])==FCTL_STYPE_BEACON) {
       f3hdr=(t_frame3_hdr *)package;
       beacon_fb=(t_beacon_fb *)(package+sizeof(t_frame3_hdr));
-      // new_sta.
-      /* debug output */
-      dprintf(info->log_fd,"beacon: ");
-      for(i=0;i<ADDR_LEN;i++) dprintf(info->log_fd,"%02x ",*((f3hdr->addr2)+i));
-        dprintf(info->log_fd,"  essid: (len=%x) ",beacon_fb->ssid_length);
-      for(i=0;i<beacon_fb->ssid_length;i++)
-        dprintf(info->log_fd,"%c ",*(u8 *)(beacon_fb->ssid+i));
-      dprintf(info->log_fd,"\n");
+      // check sta
+      memcpy(new_sta.addr,f3hdr->addr2,ADDR_LEN);
+      ret=list_search_data(&(info->sniffed_sta),&new_sta,ADDR_LEN);
+      if((ret==L_EMPTY_LIST)|(ret==L_NO_SUCH_ELEMENT)) {
+        list_add_element(&(info->sniffed_sta),&new_sta,sizeof(t_sta));
+        sta=(t_sta *)info->sniffed_sta.current->data;
+      }
+      else sta=(t_sta *)info->sniffed_sta.current->data;
+      // fill in stuff ...
+      memcpy(sta->ssid,beacon_fb->ssid,beacon_fb->ssid_length);
+      if((CAP_INFO_ESS(beacon_fb->cap_info))&
+         (CAP_INFO_IBSS(beacon_fb->cap_info)==0)) sta->ap=AP;
+      if(CAP_INFO_PRIVACY(beacon_fb->cap_info)) sta->wep=WEP;
+      sta->count_mgmt++;
+      switch_active_state(&(sta->active));
+      strncpy(string,"last: beacon, source: ",MESSAGE_MAX);
+      for(i=0;i<ADDR_LEN;i++)
+        snprintf(&string[22+3*i],4,"%02x%c",sta->addr[i],
+                 (i==ADDR_LEN-1)?'.':':');
+      string[22+3*ADDR_LEN+1]=0;
+      display_console(info,string);
     }
+
   }
+
+  /* control */
   else if(FCTL_TYPE(package[0])==FCTL_TYPE_CTRL) {
     info->count_c++;
+    display_console(info,"last: got control frame");
   }
+
+  /* data */
   else if(FCTL_TYPE(package[0])==FCTL_TYPE_DATA) {
     info->count_d++;
+    display_console(info,"last: got data frame");
   }
 
-  display_console(info,"");
 
 }

diff --git a/parse.h b/parse.h
index 31aa94b..3d1d290 100644 (file)
--- a/parse.h
+++ b/parse.h
@@ -60,8 +60,8 @@ typedef struct s_frame1_hdr {
 #define FCTL_ORDER(X) ((X&0x800)>>15)
 
 #define FCTL_TYPE_MGMT 0
-#define FCTL_TYPE_CTRL 1
-#define FCTL_TYPE_DATA 2
+#define FCTL_TYPE_CTRL 2
+#define FCTL_TYPE_DATA 1
 
 #define FCTL_STYPE_ASSOC_REQ 0x0
 #define FCTL_STYPE_ASSOC_RESP 0x1
@@ -103,6 +103,9 @@ typedef struct s_beacon_fb {
   u8 rest; /* go on here ... */
 } __attribute__ ((packed)) t_beacon_fb;
 
+#define CAP_INFO_ESS(X) ((X&0x0001))
+#define CAP_INFO_IBSS(X) ((X&0x0002)>>1)
+#define CAP_INFO_PRIVACY(X) ((X&0x0010)>>4)
 
 /* hdw-sniff stuff */
 
@@ -119,6 +122,7 @@ typedef struct s_sta {
   int count_mgmt;
   int count_ctrl;
   int count_data;
+  char active;
   char key[WEP_MAX_DIGITS];
 } t_sta;