puts("\t\t-d <device> \twlan0,eth0");
puts("\t\t-l <logfile>");
puts("\t\t-k <key> \t(string)");
+ puts("\t\t-D <file> \t(dump packages to file)");
puts("\t\t-h \tdisplay this help message");
puts("");
++i;
break;
case 'l':
- if ((info.logfile_fd=open(argv[i+1],O_RDWR|O_CREAT))!=0)
+ if((info.log_fd=open(argv[i+1],O_RDWR|O_CREAT))!=0)
printf("logfile -> %s\n",argv[i+1]);
else
puts("warning: can't write to logfile.");
++i;
break;
+ case 'D':
+ if((info.dump_fd=open(argv[i+1],O_RDWR|O_CREAT))!=0)
+ printf("dump file -> %s\n",argv[i+1]);
+ else
+ puts("warning: can't dump to file.");
+ ++i;
+ break;
case 'd':
strncpy(info.device,argv[i+1],MAX_DEV_CHARS);
++i;
puts("setting up device ...");
system(sys_call);
- // todo
- logfd=open("/tmp/hdw-sniff.log",O_WRONLY|O_CREAT);
+ if(info.log_fd==0) {
+ if((info.log_fd=open("/tmp/hdw-sniff.log",O_RDWR|O_CREAT))!=0)
+ puts("using logfile /tmp/hdw-sniff.log ...");
+ else {
+ puts("failed to open logfile ...");
+ return -23;
+ }
/* pcap */
if((info.pcap_handle=pcap_open_live(info.device,BUFSIZ,1,-1,pcap_error))==NULL)
/* socket fd for channel hopping */
info.channel_hop_fd=socket(AF_INET,SOCK_DGRAM,0);
- display_init(&(info.display),logfd);
+ display_init(&(info.display),info.log_fd);
- input_init(&(info.input),logfd);
+ input_init(&(info.input),info.log_fd);
//input.mode=CONTENT_BUFFER;
input_ios_init(&info.input);
- event_init(&(info.event),logfd);
+ event_init(&(info.event),info.log_fd);
event_set_timeout(&(info.event),HOP_SEC,HOP_USEC);
event_math(0,&(info.event),READ,ADD);
event_math(pcap_fd,&(info.event),READ,ADD);
+ list_init(&(info.sniffed_sta),info.log_fd);
+
display_console(&info,"foo");
event_start(&(info.event),&info,react_on_event,hop_channel);
int count; /* count packages */
unsigned char mode; /* monitoring/managed mode */
char device[MAX_DEV_CHARS]; /* sniffed devie */
- int logfile_fd; /* file descriptof for logfile */
+ int log_fd; /* file descriptor for logfile */
int pcap_fd; /* fd for reading pcap events */
+ int dump_fd; /* fd for dumping received packages */
int current_channel;
int channel_hop_fd;
- char key[13]; /* wep key */
pcap_t *pcap_handle;
- t_data data;
+ t_list sniffed_sta;
int view_table;
} t_info;
void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,const unsigned char *package) {
- t_info *info;
- int i;
-
- info=(t_info *)ptr;
-
- info->count++;
-
- printf("---> package %d --- %s\n",
- info->count,
- ctime((const time_t*)&(pcap_header->ts.tv_sec)));
- if(info->mode&MODE_ASCIIOUT) {
- puts("content in ascii:");
- for(i=0;i<pcap_header->caplen;i++) printf("%c ",package[i]);
- puts("");
- }
- if(info->mode&MODE_HEXOUT) {
- puts("content in ascii:");
- for(i=0;i<pcap_header->caplen;i++) printf("%x ",package[i]);
- puts("");
- }
+ t_info *info;
+ int i;
+ t_sta sniffed_sta;
+ int ret;
+
+ info=(t_info *)ptr;
+
+ info->count++;
+
+ if(info->dump_fd!=0) {
+ ret=write(info->dump_fd,pcap_header,sizeof(struct pcap_pkthdr));
+ if(ret!=sizeof(struct pcap_pkthdr))
+ display_console(info->display,"warning, pcap header write failed!");
+ ret=write(info->dump_fd,package,pcap_header->caplen);
+ if(ret!=pcap_header->caplen)
+ display_console(info->display,"warning, package write failed!");
+ }
+
+ /* maybe there is offset to the actual ieee802.11 frame,
+ for example prism header ... */
+
+
+ /* go on parsing frame ctl header here ... */
+
+ return 23;
}
#ifndef PARSE_H
#define PARSE_H
-typedef struct s_data {
- unsigned char **package;
- int p_count;
+/* ieee802.11 stuff */
-} t_data;
+#define ADDR_LEN 6
+typedef struct s_frame4_hdr {
+ u16 frame_ctl;
+ u16 duration_id;
+ u8 addr1[ADDR_LEN]; /* receiver */
+ u8 addr2[ADDR_LEN]; /* transmitter */
+ u8 addr3[ADDR_LEN]; /* destination */
+ u16 seq_ctrl;
+ u8 addr4[ADDR_LEN]; /* source */
+} __attribute__ ((packed)) t_frame4_hdr;
+
+typedef struct s_frame3_hdr {
+ u16 frame_ctl;
+ u16 duration_id;
+ u8 addr1[ADDR_LEN]; /* destination / bssid */
+ u8 addr2[ADDR_LEN]; /* source /bssid */
+ u8 addr3[ADDR_LEN]; /* bssid / source / destination */
+ u16 seq_ctrl;
+} __attribute__ ((packed)) t_frame3_hdr;
+
+typedef struct s_frame2_hdr {
+ u16 frame_ctl;
+ u16 duration_id;
+ u8 addr1[ADDR_LEN]; /* receiver / bssid / receiver */
+ u8 addr2[ADDR_LEN]; /* transmitter / transmitter / bssid */
+ u16 seq_ctrl;
+} __attribute__ ((packed)) t_frame2_hdr;
+
+typedef struct s_frame1_hdr {
+ u16 frame_ctl;
+ u16 duration_id;
+ u8 addr1[ADDR_LEN]; /* receiver */
+ u16 seq_ctrl;
+} __attribute__ ((packed)) t_frame1_hdr;
+
+#define FCTL_VER(X) ((X&0x0003))
+#define FCTL_TYPE(X) ((X&0x000c)>>2)
+#define FCTL_STYPE(X) ((X&0x00f0)>>4)
+#define FCTL_TODS(X) ((X&0x0100)>>8)
+#define FCTL_FROMDS(X) ((X&0x0200)>>9)
+#define FCTL_MOREFRAG(X) ((X&0x0400)>>10)
+#define FCTL_RETRY(X) ((X&0x0800)>>11)
+#define FCTL_PWRMGT(X) ((X&1000)>>12)
+#define FCTL_MOREDATA(X) ((X&0x2000)>>13)
+#define FCTL_WEP(X) ((X&0x4000)>>14)
+#define FCTL_ORDER(X) ((X&0x800)>>15)
+
+#define FCTL_TYPE_MGMT 0
+#define FCTL_TYPE_CTRL 1
+#define FCTL_TYPE_DATA 2
+
+#define FCTL_STYPE_ASSOC_REQ 0x0
+#define FCTL_STYPE_ASSOC_RESP 0x1
+#define FCTL_STYPE_REASSOC_REQ 0x2
+#define FCTL_STYPE_REASSOC_RESP 0x3
+#define FCTL_STYPE_PROBE_REQ 0x4
+#define FCTL_STYPE_PROBE_RESP 0x5
+#define FCTL_STYPE_BEACON 0x8
+#define FCTL_STYPE_ATIM 0x9
+#define FCTL_STYPE_DISASSOC 0xa
+#define FCTL_STYPE_AUTH 0xb
+#define FCTL_STYPE_DEAUTH 0xc
+
+#define FCTL_STYPE_PSPOLL 0xa
+#define FCTL_STYPE_RTS 0xb
+#define FCTL_STYPE_CTS 0xc
+#define FCTL_STYPE_ACK 0xd
+#define FCTL_STYPE_CFEND 0xe
+#define FCTL_STYPE_CFENDACK 0xf
+
+#define FCTL_STYPE_DATA 0x0
+#define FCTL_STYPE_DATA_CFACK 0x1
+#define FCTL_STYPE_DATA_CFPOLL 0x2
+#define FCTL_STYPE_DATA_CFACKPOLL 0x3
+#define FCTL_STYPE_NULLFUNC 0x4
+#define FCTL_STYPE_CFACK 0x5
+#define FCTL_STYPE_CFPOLL 0x6
+#define FCTL_STYPE_CFACKPOLL 0x7
+
+
+/* hdw-sniff stuff */
+
+#define MAX_SSID_LEN 32
+#define AP 1
+#define WEP 1
+#define WEP_MAX_DIGITS 13
+
+typedef struct s_sta {
+ u8 addr[ADDR_LEN];
+ char ssid[MAX_SSID_LEN];
+ u8 ap;
+ u8 wep;
+ int count_mgmt;
+ int count_ctrl;
+ int count_data;
+ char key[WEP_MAX_DIGITS];
+} t_sta;
+
/* function prototypes */
#endif
projects / my-code / hdw-sniff.git / commitdiff