#include "main.h"
+void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,const unsigned char *package);
+
/* functions */
+int get_user_event(t_info *info) {
+ char event;
+ if(read(0,&event,1)!=1) {
+ perror("reading user interaction failed");
+ return -23;
+ }
+ printf("user event: %c ",event);
+ if(event=='h') {
+ info->mode^=MODE_HEXOUT;
+ printf("- hex output: %c\n",info->mode&MODE_HEXOUT?'a':'n');
+ }
+ if(event=='a') {
+ info->mode^=MODE_ASCIIOUT;
+ printf("- ascii output: %c\n",info->mode&MODE_ASCIIOUT?'a':'n');
+ }
+ if(event=='q') {
+ info->mode|=MODE_QUIT;
+ printf("- shutting down!\n");
+ }
+
+ return 23;
+}
+
int usage(void) {
puts("usage: hdw-sniff <options>");
- puts("\toptions:\t-m <mode> \t1 monitoring, 2 managed");
+ puts("\toptions:");
+ puts("\t\t-m <mode> \tmonitor and/or wlanng");
puts("\t\t-d <device> \twlan0,eth0");
puts("\t\t-l <logfile>");
puts("\t\t-k <key> \t(string)");
int main(int argc, char **argv) {
t_info info;
+ int pcap_fd;
+ fd_set fds;
+ struct timeval hop_f;
+ int i;
+ char sys_call[MAX_SYSCALL_CHARS];
+ char pcap_error[PCAP_ERRBUF_SIZE];
memset(&info,0,sizeof(t_info));
case 'h':
usage();
case 'm':
- info.caps=((1<<atoi(argv[i+1]))&CAP_MODE_MASK)|info.caps;
+ if(!strncmp(argv[i+1],"monitor",7)) {
+ info.mode|=MODE_MONITOR;
+ puts("will go to monitor mode.");
+ }
+ else if(!strncmp(argv[i+1],"wlanng",6)) {
+ info.mode|=MODE_WLANNG;
+ puts("expecting wlanng header in package.");
+ }
+ else {
+ printf("unknown mode: %s\n",argv[1]);
+ return -23;
+ }
++i;
break;
case 'l':
strncpy(info.device,argv[i+1],MAX_DEV_CHARS);
++i;
break;
+ default:
+ usage();
+ return -23;
}
- } else usage();
+ } else {
+ usage();
+ return -23;
+ }
}
/* setting up device */
- if((info.caps&CAP_MODE_MASK)==MONITORING_MODE)
- {
- sprintf(sys_call,"iwpriv %s monitor %d",info.device,IWPRIV_M_MODE);
- system(sys_call);
+ if(info.mode&MODE_MONITOR) {
+ sprintf(sys_call,"iwconfig %s mode monitor",info.device);
puts("set monitoring mode ...");
+ system(sys_call);
}
sprintf(sys_call,"ifconfig %s up",info.device);
+ puts("setting up device ...");
system(sys_call);
- puts("device up ...");
/* pcap */
if((info.pcap_handle=pcap_open_live(info.device,BUFSIZ,1,-1,pcap_error))==NULL)
printf("%s: %s\n",argv[0],pcap_error);
return -23;
}
- pcap_fd=pcap_fileno(pcap_handle);
+ pcap_fd=pcap_fileno(info.pcap_handle);
/* -> non blocking? */
- info.channel_hop_fd=socket(AF_INET,SOCK_DGRAM,0);
/* socket fd for channel hopping */
-
- /* watch pcap_fd for reading */
- FD_ZERO(&pcap_fd);
- FD_SET(pcap_fd,&pcap_fd_set);
- fd_set_tv.tv_sec=PCAP_SELECT_SEC;
- pcap_fd_set_tv.tv_usec=PCAP_SELECT_USEC;
+ info.channel_hop_fd=socket(AF_INET,SOCK_DGRAM,0);
/* parse packages until user breaks */
- while(!(info.caps&CAP_QUIT_MASK))
+ while(!(info.mode&MODE_QUIT))
{
- if(select(pcap_fd+1,&pcap_fd_set,NULL,NULL,&pcap_fd_set_tv))
- pcap_dispatch(pcap_handle,-1,parse_package,(unsigned char *)&info);
- else
- hop_channel(&info);
+ /* watch pcap_fd and stdin (reading) */
+ FD_ZERO(&fds);
+ FD_SET(pcap_fd,&fds);
+ FD_SET(0,&fds);
+ hop_f.tv_sec=HOP_SEC;
+ hop_f.tv_usec=HOP_USEC;
+
+ if(select(pcap_fd+1,&fds,NULL,NULL,&hop_f)) {
+ if(FD_ISSET(0,&fds))
+ get_user_event(&info);
+ else if(FD_ISSET(pcap_fd,&fds))
+ pcap_dispatch(info.pcap_handle,-1,parse_package,(unsigned char *)&info);
+ else
+ hop_channel(&info);
+ }
}
+ puts("");
+ puts("");
+ puts("thanks for using hdw-sniff (C) 2005 hackbard");
+ puts("");
puts("bugreports: hackbard@hackdaworld.dyndns.org");
+
return 23;
+
}
*
*/
+#ifndef MAIN_H
+#define MAIN_H
+
#define _GNU_SOURCE
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
+#include <sys/socket.h>
+#include <time.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <pcap.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/ioctl.h>
+#include <sys/time.h>
+
+#include <linux/wireless.h>
+
+#include "parse.h"
#define SYSCALL_MAX 32
+#define CHANNEL_MAX 13
#define MAX_DEV_CHARS 6
-#define SELECT_SEC 0
-#define SELECT_USEC 200000
+#define MAX_SYSCALL_CHARS 64
+
+#define HOP_SEC 0
+#define HOP_USEC 200000
/* modes */
-#define MONITORING_MODE 0x01
-#define MANAGED_MODE 0x00
-#define QUIT_MODE 0x02
+#define MODE_MONITOR (1<<0)
+#define MODE_WLANNG (1<<1)
+#define MODE_QUIT (1<<2)
+#define MODE_HEXOUT (1<<3)
+#define MODE_ASCIIOUT (1<<4)
#define MAX_BYTE_WEP 13 /* maximal 104 bit key */
/* type definitions */
typedef struct s_info {
+ int count; /* count packages */
unsigned char mode; /* monitoring/managed mode */
char device[MAX_DEV_CHARS]; /* sniffed devie */
int logfile_fd; /* file descriptof for logfile */
int pcap_fd; /* fd for reading pcap events */
+ int current_channel;
+ int channel_hop_fd;
char key[13]; /* wep key */
-
+ pcap_t *pcap_handle;
} t_info;
/* function prototypes */
int usage(void);
+int get_user_event(t_info *info);
+int hop_channel(t_info *info);
+
+#endif
*/
#include "parse.h"
-#include "802.11b.h"
+//#include "802.11b.h"
#include "main.h"
-#include "parse.h"
+/* all the parsing stuff will go here
+ *
+ * different protocols should get to seperated files though ...
+ */
+
+void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,const unsigned char *package) {
-int parse_package(unsigned char *info,const struct pcap_pkthdr *pcap_hdr,cont unsigned char *package)
-{
- if(info->caps&MONITORING_MODE)
- {
- struct linux_wlan_ng_prism_hdr *prism_hdr;
+ t_info *info;
+ int i;
- prism_hdr=(struct linux_wlan_ng_prism_hdr *)package;
-
+ info=(t_info *)ptr;
+ info->count++;
+ printf("---> package %d --- %s\n",
+ info->count,
+ ctime((const time_t*)&(pcap_header->ts.tv_sec)));
+ if(info->mode&MODE_ASCIIOUT) {
+ puts("content in ascii:");
+ for(i=0;i<pcap_header->caplen;i++) printf("%c ",package[i]);
+ puts("");
+ }
+ if(info->mode&MODE_HEXOUT) {
+ puts("content in ascii:");
+ for(i=0;i<pcap_header->caplen;i++) printf("%x ",package[i]);
+ puts("");
+ }
}
projects / my-code / hdw-sniff.git / commitdiff