| -rw-r--r-- | noncore/net/wellenreiter/daemon/source/sniffer.cc | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/noncore/net/wellenreiter/daemon/source/sniffer.cc b/noncore/net/wellenreiter/daemon/source/sniffer.cc index 65c8579..be64d67 100644 --- a/noncore/net/wellenreiter/daemon/source/sniffer.cc +++ b/noncore/net/wellenreiter/daemon/source/sniffer.cc | |||
| @@ -11,43 +11,54 @@ | |||
| 11 | #include "sniffer.hh" | 11 | #include "sniffer.hh" |
| 12 | #include "ieee802_11.hh" | 12 | #include "ieee802_11.hh" |
| 13 | #include "extract.hh" | 13 | #include "extract.hh" |
| 14 | 14 | ||
| 15 | int main(void) | 15 | int main(void) |
| 16 | { | 16 | { |
| 17 | if(card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG) < 0) | 17 | if(card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG) < 0) |
| 18 | return 0; | 18 | return 0; |
| 19 | start_sniffing (SNIFFER_DEVICE); | 19 | start_sniffing (SNIFFER_DEVICE); |
| 20 | 20 | ||
| 21 | return 1; | 21 | return 1; |
| 22 | } | 22 | } |
| 23 | 23 | ||
| 24 | int start_sniffing (char * device) | 24 | int start_sniffing (char * device) |
| 25 | { | 25 | { |
| 26 | 26 | ||
| 27 | pcap_t *handletopcap; | 27 | pcap_t *handletopcap; /* The handle to the libpcap */ |
| 28 | char errbuf[PCAP_ERRBUF_SIZE]; | 28 | char errbuf[PCAP_ERRBUF_SIZE]; /* The errorbuffer of libpacap */ |
| 29 | struct pcap_pkthdr header; /* The packet header from pcap*/ | ||
| 30 | const u_char *packet; /* The actual packet content*/ | ||
| 29 | 31 | ||
| 30 | /* opening the pcap for sniffing */ | 32 | /* opening the pcap for sniffing */ |
| 31 | handletopcap = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf); | 33 | handletopcap = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf); |
| 32 | 34 | ||
| 33 | #ifdef HAVE_PCAP_NONBLOCK | 35 | #ifdef HAVE_PCAP_NONBLOCK |
| 34 | pcap_setnonblock(handletopcap, 1, errstr); | 36 | pcap_setnonblock(handletopcap, 1, errstr); |
| 35 | #endif | 37 | #endif |
| 36 | /*start scanning */ | 38 | /*start scanning */ |
| 37 | pcap_loop(handletopcap,-1,process_packets,NULL); | 39 | //pcap_loop(handletopcap,-1,process_packets,NULL); |
| 40 | /* Loope endless */ | ||
| 41 | while(1) | ||
| 42 | { | ||
| 43 | /* Grab one single packet */ | ||
| 44 | packet = pcap_next(handletopcap, &header); | ||
| 45 | |||
| 46 | /* process the packet */ | ||
| 47 | process_packets(NULL,&header,*&packet); | ||
| 48 | } | ||
| 38 | 49 | ||
| 39 | printf("\nDone processing packets... wheew!\n"); | 50 | printf("\nDone processing packets... wheew!\n"); |
| 40 | return 1; | 51 | return 1; |
| 41 | } | 52 | } |
| 42 | 53 | ||
| 43 | void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet) | 54 | void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet) |
| 44 | { | 55 | { |
| 45 | u_int caplen = pkthdr->caplen; | 56 | u_int caplen = pkthdr->caplen; |
| 46 | u_int length = pkthdr->len; | 57 | u_int length = pkthdr->len; |
| 47 | u_int16_t fc; | 58 | u_int16_t fc; |
| 48 | u_int HEADER_LENGTH; | 59 | u_int HEADER_LENGTH; |
| 49 | 60 | ||
| 50 | /* pinfo holds all interresting information for us */ | 61 | /* pinfo holds all interresting information for us */ |
| 51 | struct packetinfo pinfo; | 62 | struct packetinfo pinfo; |
| 52 | struct packetinfo *pinfoptr; | 63 | struct packetinfo *pinfoptr; |
| 53 | pinfoptr=&pinfo; | 64 | pinfoptr=&pinfo; |
| @@ -85,33 +96,32 @@ void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_ch | |||
| 85 | packet += HEADER_LENGTH; | 96 | packet += HEADER_LENGTH; |
| 86 | } | 97 | } |
| 87 | else | 98 | else |
| 88 | { /* Something is wrong,could not be a correct packet */ | 99 | { /* Something is wrong,could not be a correct packet */ |
| 89 | return; | 100 | return; |
| 90 | } | 101 | } |
| 91 | 102 | ||
| 92 | switch (FC_TYPE(fc)) | 103 | switch (FC_TYPE(fc)) |
| 93 | { | 104 | { |
| 94 | /* Is it a managemnet frame? */ | 105 | /* Is it a managemnet frame? */ |
| 95 | case T_MGMT: | 106 | case T_MGMT: |
| 96 | switch (FC_SUBTYPE(fc)) | 107 | switch (FC_SUBTYPE(fc)) |
| 97 | { /* Is it a beacon frame? */ | 108 | { /* Is it a beacon frame? */ |
| 98 | case ST_BEACON: | 109 | case ST_BEACON: |
| 99 | if (handle_beacon(fc, packet,pinfoptr) ==0) | 110 | if (handle_beacon(fc, packet,pinfoptr) ==0) |
| 100 | { | 111 | { |
| 101 | printf ("\n\tOn network : %s",pinfoptr->ssid); | ||
| 102 | if (!strcmp(pinfoptr->desthwaddr,"ff:ff:ff:ff:ff:ff") == 0) | 112 | if (!strcmp(pinfoptr->desthwaddr,"ff:ff:ff:ff:ff:ff") == 0) |
| 103 | { | 113 | { |
| 104 | /* Every beacon must have the broadcast as destination | 114 | /* Every beacon must have the broadcast as destination |
| 105 | so it must be a shitti packet */ | 115 | so it must be a shitti packet */ |
| 106 | pinfoptr->isvalid = 0; | 116 | pinfoptr->isvalid = 0; |
| 107 | return; | 117 | return; |
| 108 | } | 118 | } |
| 109 | 119 | ||
| 110 | if (pinfoptr->cap_ESS == pinfoptr->cap_IBSS) | 120 | if (pinfoptr->cap_ESS == pinfoptr->cap_IBSS) |
| 111 | { | 121 | { |
| 112 | /* Only one of both are possible, so must be | 122 | /* Only one of both are possible, so must be |
| 113 | a noise packet, if this comes up */ | 123 | a noise packet, if this comes up */ |
| 114 | pinfoptr->isvalid = 0; | 124 | pinfoptr->isvalid = 0; |
| 115 | return; | 125 | return; |
| 116 | } | 126 | } |
| 117 | if (pinfoptr->channel < 1 || pinfoptr->channel > 14) | 127 | if (pinfoptr->channel < 1 || pinfoptr->channel > 14) |