From 0f2d363e4506da5d761c082fd20d450544539bbc Mon Sep 17 00:00:00 2001 From: hackbard Date: Tue, 14 Jun 2005 23:08:09 +0000 Subject: [PATCH] some more data filtering, fixed data/ctrl bug, some more special info output. --- TODO | 14 ++++++++++++++ main.c | 17 +++++++++++++++-- parse.c | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++++---- parse.h | 7 +++++-- 4 files changed, 88 insertions(+), 8 deletions(-) create mode 100644 TODO diff --git a/TODO b/TODO new file mode 100644 index 0000000..80d37a2 --- /dev/null +++ b/TODO @@ -0,0 +1,14 @@ +todo +---- + +sniffer: +- connect sta's with associated ap's +- parse ctrl frames +- get ssid from (re)associations and connect to (hidden) ap +- fix display (if #sta/ap exceeds number of lines) + +wep: +- write wep daemon waiting for crypted ethernet snaps to be cracked + - win key gen (40 bit) bug + - wordlist attack + diff --git a/main.c b/main.c index 9322b74..b7d0b53 100644 --- a/main.c +++ b/main.c @@ -56,8 +56,8 @@ int display_console(t_info *info,char *string) { display_string(display,GUI_OFFSET_AP,3+i,help,3); snprintf(help,5,"| %c",sta->wep?'y':'n'); display_string(display,GUI_OFFSET_WEP,3+i,help,4); - snprintf(help,21,"| %04d | n.a. | n.a.", - sta->count_mgmt); + snprintf(help,21,"| %04d | n.a. | %04d", + sta->count_mgmt,sta->count_data); display_string(display,GUI_OFFSET_MGMT,3+i,help,20); snprintf(help,5,"| %c",sta->active); display_string(display,GUI_OFFSET_ACTIVE,3+i,help,4); @@ -80,6 +80,10 @@ int display_console(t_info *info,char *string) { else strcpy(help,"(station)"); s=strlen(help); display_string(display,23,1,help,s); + if(sta->wds) { + strcpy(help,"wds link"); + display_string(display,60,1,help,8); + } snprintf(help,2,"%c",sta->active); display_string(display,x-1,1,help,1); snprintf(help,7,"sq: %02d",sta->sq); @@ -100,6 +104,15 @@ int display_console(t_info *info,char *string) { display_string(display,1,6,help,12); snprintf(help,13,"data: %06d",sta->count_data); display_string(display,1,7,help,12); + + snprintf(help,33,"ethernet snap: %02x %02x %02x %02x %02x %02x", + sta->snap[0],sta->snap[1],sta->snap[2], + sta->snap[3],sta->snap[4],sta->snap[5]); + display_string(display,1,9,help,32); + snprintf(help,25,"bssid: %02x:%02x:%02x:%02x:%02x:%02x", + sta->bssid[0],sta->bssid[1],sta->bssid[2], + sta->bssid[3],sta->bssid[4],sta->bssid[5]); + display_string(display,1,10,help,24); } /* footer */ diff --git a/parse.c b/parse.c index 3dc4301..0da5e6f 100644 --- a/parse.c +++ b/parse.c @@ -52,16 +52,18 @@ void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,cons t_sta new_sta; t_sta *sta; unsigned char *package=NULL; - //t_frame4_hdr *f4hdr; + t_frame4_hdr *f4hdr; t_frame3_hdr *f3hdr; //t_frame2_hdr *f2hdr; //t_frame1_hdr *f1hdr; t_beacon_fb *beacon_fb; + unsigned char *data; t_prism_hdr *prismhdr=NULL; int ret; char string[MESSAGE_MAX]; char sc[MAX_SYSCALL_CHARS]; unsigned char new; + unsigned char foo; info=(t_info *)ptr; @@ -69,6 +71,7 @@ void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,cons memset(&new_sta,0,sizeof(t_sta)); new=0; + foo=0; if(info->dump_fd!=0) { ret=write(info->dump_fd,pcap_header,sizeof(struct pcap_pkthdr)); @@ -79,9 +82,7 @@ void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,cons display_console(info,"warning, package write failed!"); } - /* maybe there is offset to the actual ieee802.11 frame, - for example prism header ... - in that case, hack the source! */ + /* prism or ieee802.11 header ? */ if(info->mode&MODE_IEEE80211) { package=(unsigned char *)pkg; prismhdr=NULL; @@ -146,6 +147,55 @@ void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,cons /* data */ else if(FCTL_TYPE(package[0])==FCTL_TYPE_DATA) { info->count_d++; + + //if(FCTL_STYPE(package[0])==FCTL_STYPE_DATA) { + if(FCTL_TODS(package[0])&FCTL_FROMDS(package[0])) { + f4hdr=(t_frame4_hdr *)package; + data=package+sizeof(t_frame4_hdr); + memcpy(new_sta.addr,f4hdr->addr4,ADDR_LEN); + foo=1; + } + else { + f3hdr=(t_frame3_hdr *)package; + data=package+sizeof(t_frame3_hdr); + if(FCTL_TODS(package[0])) { + memcpy(new_sta.addr,f3hdr->addr2,ADDR_LEN); + memcpy(new_sta.bssid,f3hdr->addr1,ADDR_LEN); + } + else if(FCTL_FROMDS(package[0])) { + memcpy(new_sta.addr,f3hdr->addr3,ADDR_LEN); + memcpy(new_sta.bssid,f3hdr->addr2,ADDR_LEN); + } + else { + memcpy(new_sta.addr,f3hdr->addr2,ADDR_LEN); + memcpy(new_sta.bssid,f3hdr->addr3,ADDR_LEN); + } + } + ret=list_search_data(&(info->sniffed_sta),&new_sta,ADDR_LEN); + if((ret==L_EMPTY_LIST)|(ret==L_NO_SUCH_ELEMENT)) { + list_add_element(&(info->sniffed_sta),&new_sta,sizeof(t_sta)); + sta=(t_sta *)info->sniffed_sta.current->data; + new=1; + } + else sta=(t_sta *)info->sniffed_sta.current->data; + // fill in stuff ... + sta->count_data++; + switch_active_state(&(sta->active)); + if(info->mode&MODE_IEEE80211) sta->sq=0; + else if(info->mode&MODE_PRISM) + sta->sq=(prismhdr->signal.data)-(prismhdr->noise.data); + if(new) { + strcpy(sc,"flite 'new station. data package'"); + system(sc); + } + if(foo) { + sta->wds=1; + strcpy(sc,"flite 'wds package'"); + system(sc); + } + memcpy(sta->snap,data,6); + //} + display_console(info,"last: got data frame"); } diff --git a/parse.h b/parse.h index 384e65c..4c1d770 100644 --- a/parse.h +++ b/parse.h @@ -83,8 +83,8 @@ typedef struct s_prism_hdr { #define FCTL_ORDER(X) ((X&0x800)>>15) #define FCTL_TYPE_MGMT 0 -#define FCTL_TYPE_CTRL 2 -#define FCTL_TYPE_DATA 1 +#define FCTL_TYPE_CTRL 1 +#define FCTL_TYPE_DATA 2 #define FCTL_STYPE_ASSOC_REQ 0x0 #define FCTL_STYPE_ASSOC_RESP 0x1 @@ -142,12 +142,15 @@ typedef struct s_sta { char ssid[MAX_SSID_LEN]; u8 ap; u8 wep; + u8 wds; int count_mgmt; int count_ctrl; int count_data; char active; char key[WEP_MAX_DIGITS]; int sq; + u8 snap[6]; + u8 bssid[ADDR_LEN]; } t_sta; /* function prototypes */ -- 2.20.1