summaryrefslogtreecommitdiff
Unidiff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--noncore/net/wellenreiter/daemon/source/Makefile7
-rw-r--r--noncore/net/wellenreiter/daemon/source/TODO1
-rw-r--r--noncore/net/wellenreiter/daemon/source/cardmode.cc3
-rw-r--r--noncore/net/wellenreiter/daemon/source/cardmode.hh4
-rw-r--r--noncore/net/wellenreiter/daemon/source/daemon.cc50
-rw-r--r--noncore/net/wellenreiter/daemon/source/sniffer.cc41
-rw-r--r--noncore/net/wellenreiter/daemon/source/sniffer.hh8
7 files changed, 38 insertions, 76 deletions
diff --git a/noncore/net/wellenreiter/daemon/source/Makefile b/noncore/net/wellenreiter/daemon/source/Makefile
index bcbc799..f3f41f0 100644
--- a/noncore/net/wellenreiter/daemon/source/Makefile
+++ b/noncore/net/wellenreiter/daemon/source/Makefile
@@ -1,33 +1,28 @@
1# $Id$ 1# $Id$
2 2
3 CPP = g++ 3 CPP = g++
4 4
5 OPTIMFLAGS= -g 5 OPTIMFLAGS= -g
6 WARNFLAGS= -Wall -pedantic -DDEBUG 6 WARNFLAGS= -Wall -pedantic -DDEBUG
7 LDFLAGS = 7 LDFLAGS =
8 LIBS = -lpcap ../../libwellenreiter/source/libwellenreiter.a 8 LIBS = -lpcap ../../libwellenreiter/source/libwellenreiter.a
9 OBJ = daemon.o 9 OBJ = daemon.o cardmode.o sniffer.o
10 10
11.SUFFIXES: 11.SUFFIXES:
12 .PHONY: all wellenreiterd clean distclean realclean 12 .PHONY: all wellenreiterd clean distclean realclean
13 13
14%.o : %.cc 14%.o : %.cc
15 $(CPP) $(WARNFLAGS) $(OPTIMFLAGS) -c $< -o $@ 15 $(CPP) $(WARNFLAGS) $(OPTIMFLAGS) -c $< -o $@
16 16
17 all:wellenreiterd 17 all:wellenreiterd
18 18
19 wellenreiterd:$(OBJ) 19 wellenreiterd:$(OBJ)
20 $(CPP) $(OPTIMFLAGS) $(WARNFLAGS) $(OBJ) $(LDFLAGS) $(LIBS) -o $@ 20 $(CPP) $(OPTIMFLAGS) $(WARNFLAGS) $(OBJ) $(LDFLAGS) $(LIBS) -o $@
21 @echo Build wellenreiterd 21 @echo Build wellenreiterd
22 22
23sniffer: sniffer.o cardmode.o
24 $(CPP) $(OPTIMFLAGS) $(WARNFLAGS) sniffer.o cardmode.o $(LDFLAGS) $(LIBS) -o $@
25 @echo Build sniffer
26
27
28clean distclean realclean: 23clean distclean realclean:
29 @rm -rf wellenreiterd *~ *.o 24 @rm -rf wellenreiterd *~ *.o
30 @echo All dependent files have been removed. 25 @echo All dependent files have been removed.
31 26
32 daemon.o:config.hh 27 daemon.o:config.hh
33 28
diff --git a/noncore/net/wellenreiter/daemon/source/TODO b/noncore/net/wellenreiter/daemon/source/TODO
index 39b1a05..2d72ab7 100644
--- a/noncore/net/wellenreiter/daemon/source/TODO
+++ b/noncore/net/wellenreiter/daemon/source/TODO
@@ -1,5 +1,4 @@
1implement communication protocol 1implement communication protocol
2security analysis 2security analysis
3implement sniffer (last step)
4security analysis 3security analysis
5code cleanup \ No newline at end of file 4code cleanup \ No newline at end of file
diff --git a/noncore/net/wellenreiter/daemon/source/cardmode.cc b/noncore/net/wellenreiter/daemon/source/cardmode.cc
index f84ce23..8069edc 100644
--- a/noncore/net/wellenreiter/daemon/source/cardmode.cc
+++ b/noncore/net/wellenreiter/daemon/source/cardmode.cc
@@ -1,89 +1,90 @@
1/* $Id$ */ 1/* $Id$ */
2 2
3#include "config.hh"
3#include "cardmode.hh" 4#include "cardmode.hh"
4 5
5int card_into_monitormode (char *device, int cardtype) 6int card_into_monitormode (char *device, int cardtype)
6{ 7{
7 8
8 int datalink; /* used for getting the pcap datalink type */ 9 int datalink; /* used for getting the pcap datalink type */
9 char CiscoRFMON[35] = "/proc/driver/aironet/"; 10 char CiscoRFMON[35] = "/proc/driver/aironet/";
10 FILE *CISCO_CONFIG_FILE; 11 FILE *CISCO_CONFIG_FILE;
11 char errbuf[PCAP_ERRBUF_SIZE]; 12 char errbuf[PCAP_ERRBUF_SIZE];
12 pcap_t *handle; 13 pcap_t *handle;
13 14
14 /* Checks if we have a device to sniff on */ 15 /* Checks if we have a device to sniff on */
15 if(device == NULL) 16 if(device == NULL)
16 { 17 {
17 printf ("Fatal error i did not have any interfaces to sniff on\n"); 18 printf ("Fatal error i did not have any interfaces to sniff on\n");
18 return 0; 19 return 0;
19 } 20 }
20 21
21 /* Setting the prmiscous and up flag to the interface */ 22 /* Setting the prmiscous and up flag to the interface */
22 if (card_set_promisc_up (device) == 0) 23 if (card_set_promisc_up (device) == 0)
23 { 24 {
24 printf ("Interface flags correctly set using ifconfig\n"); 25 printf ("Interface flags correctly set using ifconfig\n");
25 } 26 }
26 27
27 /* Check the cardtype and executes the commands to go into monitor mode */ 28 /* Check the cardtype and executes the commands to go into monitor mode */
28 if (cardtype == CARD_TYPE_CISCO) /* I got a cisco card */ 29 if (cardtype == CARD_TYPE_CISCO) /* I got a cisco card */
29 { 30 {
30 /* bring the sniffer into rfmon mode */ 31 /* bring the sniffer into rfmon mode */
31 snprintf(CiscoRFMON, sizeof(CiscoRFMON),DEFAULT_PATH, device); 32 snprintf(CiscoRFMON, sizeof(CiscoRFMON),DEFAULT_PATH, device);
32 CISCO_CONFIG_FILE = fopen(CiscoRFMON,"w"); 33 CISCO_CONFIG_FILE = fopen(CiscoRFMON,"w");
33 fputs ("Mode: r",CISCO_CONFIG_FILE); 34 fputs ("Mode: r",CISCO_CONFIG_FILE);
34 fputs ("Mode: y",CISCO_CONFIG_FILE); 35 fputs ("Mode: y",CISCO_CONFIG_FILE);
35 fputs ("XmitPower: 1",CISCO_CONFIG_FILE); 36 fputs ("XmitPower: 1",CISCO_CONFIG_FILE);
36 fclose(CISCO_CONFIG_FILE); 37 fclose(CISCO_CONFIG_FILE);
37 } 38 }
38 else if (cardtype == CARD_TYPE_NG) 39 else if (cardtype == CARD_TYPE_NG)
39 { 40 {
40 char wlanngcmd[62]; 41 char wlanngcmd[62];
41 snprintf(wlanngcmd, sizeof(wlanngcmd),"%s %s lnxreq_wlansniff channel=1 enable=true",WLANCTL_PATH,device); 42 snprintf(wlanngcmd, sizeof(wlanngcmd),"%s %s lnxreq_wlansniff channel=1 enable=true",WLANCTL_PATH,device);
42 if (system (wlanngcmd) != 0) 43 if (system (wlanngcmd) != 0)
43 { 44 {
44 printf ("\n Fatal error could not set %s in raw mode, check cardtype\n\n\tterminating now...\n\n",device); 45 printf ("\n Fatal error could not set %s in raw mode, check cardtype\n\n\tterminating now...\n\n",device);
45 exit(1); 46 exit(1);
46 } 47 }
47 } 48 }
48 else if (cardtype == CARD_TYPE_HOSTAP) 49 else if (cardtype == CARD_TYPE_HOSTAP)
49 { 50 {
50 printf ("Got a host-ap card, nothing is implemented now\n"); 51 printf ("Got a host-ap card, nothing is implemented now\n");
51 } 52 }
52 53
53 54
54 /* Check the interface if it is in the correct raw mode */ 55 /* Check the interface if it is in the correct raw mode */
55 handle = pcap_open_live(device, BUFSIZ, 1, 0, errbuf); 56 handle = pcap_open_live(device, BUFSIZ, 1, 0, errbuf);
56 57
57 /* getting the datalink type */ 58 /* getting the datalink type */
58 datalink = pcap_datalink(handle); 59 datalink = pcap_datalink(handle);
59 60
60 if (datalink == DLT_IEEE802_11) /* Rawmode is IEEE802_11 */ 61 if (datalink == DLT_IEEE802_11) /* Rawmode is IEEE802_11 */
61 { 62 {
62 printf ("Your successfully listen on %s in 802.11 raw mode\n",device); 63 printf ("Your successfully listen on %s in 802.11 raw mode\n",device);
63 pcap_close(handle); 64 pcap_close(handle);
64 return 0; 65 return 0;
65 66
66 } 67 }
67 else 68 else
68 { 69 {
69 printf ("Fatal error, cannot continue, your interface %s does not work in the correct 802.11 raw mode, check you driver please\n\tterminating now",device); 70 printf ("Fatal error, cannot continue, your interface %s does not work in the correct 802.11 raw mode, check you driver please\n\tterminating now",device);
70 pcap_close(handle); 71 pcap_close(handle);
71 exit(1); 72 exit(1);
72 } 73 }
73} 74}
74 75
75 76
76 77
77int card_set_promisc_up (char * device) 78int card_set_promisc_up (char * device)
78{ 79{
79 int ret; 80 int ret;
80 char ifconfigcmd[32]; 81 char ifconfigcmd[32];
81 snprintf(ifconfigcmd,sizeof(ifconfigcmd),SBIN_PATH, device); 82 snprintf(ifconfigcmd,sizeof(ifconfigcmd),SBIN_PATH, device);
82 ret = system (ifconfigcmd); 83 ret = system (ifconfigcmd);
83 if (ret > 0) 84 if (ret > 0)
84 { 85 {
85 printf ("\nFatal error, could not execute %s please check your card,binary location and permission\n",ifconfigcmd); 86 printf ("\nFatal error, could not execute %s please check your card,binary location and permission\n",ifconfigcmd);
86 return 0; 87 return 0;
87 } 88 }
88 return 1; 89 return 1;
89} 90}
diff --git a/noncore/net/wellenreiter/daemon/source/cardmode.hh b/noncore/net/wellenreiter/daemon/source/cardmode.hh
index 87284a1..ecc97b1 100644
--- a/noncore/net/wellenreiter/daemon/source/cardmode.hh
+++ b/noncore/net/wellenreiter/daemon/source/cardmode.hh
@@ -1,36 +1,34 @@
1/* $Id$ */ 1/* $Id$ */
2 2
3#ifndef CARDMODE_HH 3#ifndef CARDMODE_HH
4#define CARDMODE_HH 4#define CARDMODE_HH
5 5
6#include <string.h> 6#include <string.h>
7#include <stdio.h> 7#include <stdio.h>
8#include <stdlib.h> 8#include <stdlib.h>
9#include <pcap.h> 9#include <pcap.h>
10#include <errno.h> 10#include <errno.h>
11#include <sys/socket.h> 11#include <sys/socket.h>
12#include <netinet/in.h> 12#include <netinet/in.h>
13#include <arpa/inet.h> 13#include <arpa/inet.h>
14#include <net/bpf.h> 14#include <net/bpf.h>
15 15
16#endif /* CARDMODE_HH */
17
18/* Defines, used for the card setup */ 16/* Defines, used for the card setup */
19#define DEFAULT_PATH "/proc/driver/aironet/%s/Config" 17#define DEFAULT_PATH "/proc/driver/aironet/%s/Config"
20 #define CARD_TYPE_CISCO1 18 #define CARD_TYPE_CISCO1
21 #define CARD_TYPE_NG2 19 #define CARD_TYPE_NG2
22 #define CARD_TYPE_HOSTAP3 20 #define CARD_TYPE_HOSTAP3
23 21
24/* only for now, until we have the daemon running */ 22/* only for now, until we have the daemon running */
25/*the config file should provide these information */ 23/*the config file should provide these information */
26 #define SNIFFER_DEVICE "wlan0" 24 #define SNIFFER_DEVICE "wlan0"
27#define CARD_TYPE CARD_TYPE_CISCO 25#define CARD_TYPE CARD_TYPE_CISCO
28 #define SBIN_PATH"/sbin/ifconfig %s promisc up" 26 #define SBIN_PATH"/sbin/ifconfig %s promisc up"
29#define WLANCTL_PATH "/sbin/wlanctl-ng" 27#define WLANCTL_PATH "/sbin/wlanctl-ng"
30 28
31/* Prototypes */ 29/* Prototypes */
32 30
33int card_into_monitormode (char * device, int cardtype); 31int card_into_monitormode (char * device, int cardtype);
34int card_set_promisc_up (char * device); 32int card_set_promisc_up (char * device);
35 33
36 34#endif /* CARDMODE_HH */
diff --git a/noncore/net/wellenreiter/daemon/source/daemon.cc b/noncore/net/wellenreiter/daemon/source/daemon.cc
index b3a37b6..1f9e98a 100644
--- a/noncore/net/wellenreiter/daemon/source/daemon.cc
+++ b/noncore/net/wellenreiter/daemon/source/daemon.cc
@@ -1,81 +1,95 @@
1/* 1/*
2 * Startup functions of wellenreiter 2 * Startup functions of wellenreiter
3 * 3 *
4 * $Id$ 4 * $Id$
5 */ 5 */
6 6
7#include "config.hh" 7#include "config.hh"
8#include "daemon.hh" 8#include "daemon.hh"
9#include "cardmode.hh"
10#include "sniffer.hh"
9 11
10/* Main function of wellenreiterd */ 12/* Main function of wellenreiterd */
11int main(int argc, char **argv) 13int main(int argc, char **argv)
12{ 14{
13 int sock, maxfd, guiport=GUIPORT; 15 int sock, maxfd;
14 char guihost[]="127.0.0.1";
15 struct sockaddr_in *cliaddr; 16 struct sockaddr_in *cliaddr;
16 socklen_t len=sizeof(struct sockaddr); 17 socklen_t len=sizeof(struct sockaddr);
17 char buffer[128]; 18 char buffer[128];
18 FILE *fp=stdin; /* Will be replaced with sniffer */ 19 pcap_t *handletopcap; /* The handle to the libpcap */
20 char errbuf[PCAP_ERRBUF_SIZE]; /* The errorbuffer of libpacap */
21 struct pcap_pkthdr header; /* The packet header from pcap*/
22 const u_char *packet; /* The actual packet content*/
23
19 fd_set rset; 24 fd_set rset;
20 25
21 fprintf(stderr, "wellenreiterd %s\n\n", VERSION); 26 fprintf(stderr, "wellenreiterd %s\n\n", VERSION);
22 27
28 /* will be replaced soon, just for max because max is lazy :-) */
29 if(card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG) < 0)
30 {
31 fprintf(stderr, "Cannot set card into mon mode, aborting\n");
32 exit(-1);
33 }
34
35 /* opening the pcap for sniffing */
36 handletopcap = pcap_open_live(SNIFFER_DEVICE, BUFSIZ, 1, 1000, errbuf);
37#ifdef HAVE_PCAP_NONBLOCK
38 pcap_setnonblock(handletopcap, 1, errstr);
39#endif
40
23 /* Setup socket for incoming commands */ 41 /* Setup socket for incoming commands */
24 if((sock=commsock(DAEMONADDR, DAEMONPORT)) < 0) 42 if((sock=commsock(DAEMONADDR, DAEMONPORT)) < 0)
25 { 43 {
26 wl_logerr("Cannot setup socket"); 44 wl_logerr("Cannot setup socket");
27 exit(-1); 45 exit(-1);
28 } 46 }
29 wl_loginfo("Set up socket '%d' for GUI communication", sock); 47 wl_loginfo("Set up socket '%d' for GUI communication", sock);
30 48
31 FD_ZERO(&rset); 49 FD_ZERO(&rset);
32 50
33 /* Start main loop */ 51 /* Start main loop */
34 wl_loginfo("Starting main loop"); 52 wl_loginfo("Starting main loop");
35 while(1) 53 while(1)
36 { 54 {
37 55
38 FD_SET(sock, &rset); 56 FD_SET(sock, &rset);
39 FD_SET(fileno(fp), &rset); 57 FD_SET(pcap_fileno(handletopcap), &rset);
40 maxfd=sock+fileno(fp)+1; 58 maxfd=sock + pcap_fileno(handletopcap) + 1;
41 if(select(maxfd, &rset, NULL, NULL, NULL) < 0) 59 if(select(maxfd, &rset, NULL, NULL, NULL) < 0)
42 { 60 {
43 wl_logerr("Error calling select: %s", strerror(errno)); 61 wl_logerr("Error calling select: %s", strerror(errno));
44 break; 62 break;
45 } 63 }
46 64
47 /* Got data on local socket from GUI */ 65 /* Got data on local socket from GUI */
48 if(FD_ISSET(sock, &rset)) 66 if(FD_ISSET(sock, &rset))
49 { 67 {
50 memset(buffer, 0, sizeof(buffer)); 68 memset(buffer, 0, sizeof(buffer));
51 if(recvfrom(sock, buffer, sizeof(buffer)-1, 0, (struct sockaddr *)cliaddr, &len) < 0) 69 if(recvfrom(sock, buffer, sizeof(buffer)-1, 0, (struct sockaddr *)cliaddr, &len) < 0)
52 { 70 {
53 wl_logerr("Cannot read from socket: %s", strerror(errno)); 71 wl_logerr("Cannot read from socket: %s", strerror(errno));
54 break; 72 break;
55 } 73 }
56 wl_loginfo("Received command from '%s': %s", inet_ntoa(cliaddr->sin_addr), buffer); 74 wl_loginfo("Received command from '%s': %s", inet_ntoa(cliaddr->sin_addr), buffer);
57 75
58 /* Pass string to analyze function */ 76 /* will be passed to analyze function */
59 // sendcomm(guihost, guiport, buffer); 77 fprintf(stderr, "Received command: %s\n", buffer);
60 78
61 } 79 }
62 80
63 /* Will be replaced with sniffer ... later */ 81 /* Pcap stuff */
64 if(FD_ISSET(fileno(fp), &rset)) 82 if(FD_ISSET(pcap_fileno(handletopcap), &rset))
65 { 83 {
66 memset(buffer, 0, sizeof(buffer));
67 if(fgets(buffer, sizeof(buffer) - 1, fp) == NULL)
68 {
69 wl_logerr("Cannot read from stdin: %s", strerror(errno));
70 break;
71 }
72 wl_loginfo("Sending command to '%s': %s", GUIADDR, buffer);
73 84
74 /* Send string to GUI */ 85 /* Grab one single packet */
75 sendcomm(guihost, guiport, "%d: %s", 1234, buffer); 86 packet = pcap_next(handletopcap, &header);
87
88 /* process the packet */
89 process_packets(NULL,&header,*&packet);
76 90
77 } 91 }
78 } 92 }
79 close(sock); 93 close(sock);
80 exit(0); 94 exit(0);
81} 95}
diff --git a/noncore/net/wellenreiter/daemon/source/sniffer.cc b/noncore/net/wellenreiter/daemon/source/sniffer.cc
index be64d67..66d5b6f 100644
--- a/noncore/net/wellenreiter/daemon/source/sniffer.cc
+++ b/noncore/net/wellenreiter/daemon/source/sniffer.cc
@@ -1,347 +1,308 @@
1/* 1/*
2 * rfmon mode sniffer 2 * rfmon mode sniffer
3 * This works only with cisco wireless cards with an rfmon 3 * This works only with cisco wireless cards with an rfmon
4 * able driver and not with wifi stuff. 4 * able driver and not with wifi stuff.
5 * 5 *
6 * $Id$ 6 * $Id$
7 */ 7 */
8 8
9#include "config.hh" 9#include "config.hh"
10#include "cardmode.hh" 10#include "cardmode.hh"
11#include "sniffer.hh" 11#include "sniffer.hh"
12#include "ieee802_11.hh" 12#include "ieee802_11.hh"
13#include "extract.hh" 13#include "extract.hh"
14 14
15int main(void)
16 {
17 if(card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG) < 0)
18 return 0;
19 start_sniffing (SNIFFER_DEVICE);
20
21 return 1;
22}
23
24int start_sniffing (char * device)
25{
26
27 pcap_t *handletopcap; /* The handle to the libpcap */
28 char errbuf[PCAP_ERRBUF_SIZE]; /* The errorbuffer of libpacap */
29 struct pcap_pkthdr header; /* The packet header from pcap*/
30 const u_char *packet; /* The actual packet content*/
31
32 /* opening the pcap for sniffing */
33 handletopcap = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf);
34
35 #ifdef HAVE_PCAP_NONBLOCK
36 pcap_setnonblock(handletopcap, 1, errstr);
37 #endif
38 /*start scanning */
39 //pcap_loop(handletopcap,-1,process_packets,NULL);
40 /* Loope endless */
41 while(1)
42 {
43 /* Grab one single packet */
44 packet = pcap_next(handletopcap, &header);
45
46 /* process the packet */
47 process_packets(NULL,&header,*&packet);
48 }
49
50 printf("\nDone processing packets... wheew!\n");
51 return 1;
52}
53
54void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet) 15void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet)
55{ 16{
56 u_int caplen = pkthdr->caplen; 17 u_int caplen = pkthdr->caplen;
57 u_int length = pkthdr->len; 18 u_int length = pkthdr->len;
58 u_int16_t fc; 19 u_int16_t fc;
59 u_int HEADER_LENGTH; 20 u_int HEADER_LENGTH;
60 21
61 /* pinfo holds all interresting information for us */ 22 /* pinfo holds all interresting information for us */
62 struct packetinfo pinfo; 23 struct packetinfo pinfo;
63 struct packetinfo *pinfoptr; 24 struct packetinfo *pinfoptr;
64 pinfoptr=&pinfo; 25 pinfoptr=&pinfo;
65 26
66 pinfoptr->isvalid = 0; 27 pinfoptr->isvalid = 0;
67 pinfoptr->pktlen = pkthdr->len; 28 pinfoptr->pktlen = pkthdr->len;
68 29
69 if (caplen < IEEE802_11_FC_LEN) 30 if (caplen < IEEE802_11_FC_LEN)
70 { 31 {
71 /* This is a garbage packet, because is does not long enough 32 /* This is a garbage packet, because is does not long enough
72 to hold a 802.11b header */ 33 to hold a 802.11b header */
73 pinfoptr->isvalid = 0; 34 pinfoptr->isvalid = 0;
74 return; 35 return;
75 } 36 }
76 37
77 /* Gets the framecontrol bits (2bytes long) */ 38 /* Gets the framecontrol bits (2bytes long) */
78 fc = EXTRACT_LE_16BITS(packet); 39 fc = EXTRACT_LE_16BITS(packet);
79 40
80 HEADER_LENGTH = GetHeaderLength(fc); 41 HEADER_LENGTH = GetHeaderLength(fc);
81 42
82 if (caplen < HEADER_LENGTH) 43 if (caplen < HEADER_LENGTH)
83 { 44 {
84 /* This is a garbage packet, because it is not long enough 45 /* This is a garbage packet, because it is not long enough
85 to hold a correct header of its type */ 46 to hold a correct header of its type */
86 pinfoptr->isvalid = 0; 47 pinfoptr->isvalid = 0;
87 return; 48 return;
88 } 49 }
89 50
90 /* Decode 802.11b header out of the packet */ 51 /* Decode 802.11b header out of the packet */
91 if (decode_80211b_hdr(packet,pinfoptr) == 0) 52 if (decode_80211b_hdr(packet,pinfoptr) == 0)
92 { 53 {
93 /* Justification of the ofset to further process the packet */ 54 /* Justification of the ofset to further process the packet */
94 length -= HEADER_LENGTH; 55 length -= HEADER_LENGTH;
95 caplen -= HEADER_LENGTH; 56 caplen -= HEADER_LENGTH;
96 packet += HEADER_LENGTH; 57 packet += HEADER_LENGTH;
97 } 58 }
98 else 59 else
99 { /* Something is wrong,could not be a correct packet */ 60 { /* Something is wrong,could not be a correct packet */
100 return; 61 return;
101 } 62 }
102 63
103 switch (FC_TYPE(fc)) 64 switch (FC_TYPE(fc))
104 { 65 {
105 /* Is it a managemnet frame? */ 66 /* Is it a managemnet frame? */
106 case T_MGMT: 67 case T_MGMT:
107 switch (FC_SUBTYPE(fc)) 68 switch (FC_SUBTYPE(fc))
108 { /* Is it a beacon frame? */ 69 { /* Is it a beacon frame? */
109 case ST_BEACON: 70 case ST_BEACON:
110 if (handle_beacon(fc, packet,pinfoptr) ==0) 71 if (handle_beacon(fc, packet,pinfoptr) ==0)
111 { 72 {
112 if (!strcmp(pinfoptr->desthwaddr,"ff:ff:ff:ff:ff:ff") == 0) 73 if (!strcmp(pinfoptr->desthwaddr,"ff:ff:ff:ff:ff:ff") == 0)
113 { 74 {
114 /* Every beacon must have the broadcast as destination 75 /* Every beacon must have the broadcast as destination
115 so it must be a shitti packet */ 76 so it must be a shitti packet */
116 pinfoptr->isvalid = 0; 77 pinfoptr->isvalid = 0;
117 return; 78 return;
118 } 79 }
119 80
120 if (pinfoptr->cap_ESS == pinfoptr->cap_IBSS) 81 if (pinfoptr->cap_ESS == pinfoptr->cap_IBSS)
121 { 82 {
122 /* Only one of both are possible, so must be 83 /* Only one of both are possible, so must be
123 a noise packet, if this comes up */ 84 a noise packet, if this comes up */
124 pinfoptr->isvalid = 0; 85 pinfoptr->isvalid = 0;
125 return; 86 return;
126 } 87 }
127 if (pinfoptr->channel < 1 || pinfoptr->channel > 14) 88 if (pinfoptr->channel < 1 || pinfoptr->channel > 14)
128 { 89 {
129 /* Only channels between 1 and 14 are possible 90 /* Only channels between 1 and 14 are possible
130 others must be noise packets */ 91 others must be noise packets */
131 pinfoptr->isvalid = 0; 92 pinfoptr->isvalid = 0;
132 return; 93 return;
133 } 94 }
134 95
135 /* Here should be the infos to the gui issued */ 96 /* Here should be the infos to the gui issued */
136 if (pinfoptr->cap_ESS == 1 &&pinfoptr->cap_IBSS ==0) 97 if (pinfoptr->cap_ESS == 1 &&pinfoptr->cap_IBSS ==0)
137 { 98 {
138 printf ("\nHave found an accesspoint:"); 99 printf ("\nHave found an accesspoint:");
139 } 100 }
140 else if(pinfoptr->cap_ESS == 0 && pinfoptr->cap_IBSS == 1) 101 else if(pinfoptr->cap_ESS == 0 && pinfoptr->cap_IBSS == 1)
141 { 102 {
142 printf ("\nHave found an AD-HOC station:"); 103 printf ("\nHave found an AD-HOC station:");
143 104
144 } 105 }
145 if (strcmp (pinfoptr->ssid,NONBROADCASTING) ==0) 106 if (strcmp (pinfoptr->ssid,NONBROADCASTING) ==0)
146 { 107 {
147 printf ("\n\tOn a non-broadcasting network"); 108 printf ("\n\tOn a non-broadcasting network");
148 } 109 }
149 else 110 else
150 { 111 {
151 printf ("\n\tOn network : %s",pinfoptr->ssid); 112 printf ("\n\tOn network : %s",pinfoptr->ssid);
152 } 113 }
153 printf ("\n\tLen SSID : %d",pinfoptr->ssid_len); 114 printf ("\n\tLen SSID : %d",pinfoptr->ssid_len);
154 printf ("\n\tOn Channel : %d",pinfoptr->channel); 115 printf ("\n\tOn Channel : %d",pinfoptr->channel);
155 printf ("\n\tEncryption : %s", pinfoptr->cap_WEP ? "ON" : "OFF"); 116 printf ("\n\tEncryption : %s", pinfoptr->cap_WEP ? "ON" : "OFF");
156 printf ("\n\tMacaddress : %s",pinfoptr->sndhwaddr); 117 printf ("\n\tMacaddress : %s",pinfoptr->sndhwaddr);
157 printf ("\n\tBssid : %s",pinfoptr->bssid); 118 printf ("\n\tBssid : %s",pinfoptr->bssid);
158 printf ("\n\tDest : %s\n",pinfoptr->desthwaddr); 119 printf ("\n\tDest : %s\n",pinfoptr->desthwaddr);
159 } 120 }
160 break; 121 break;
161 default: 122 default:
162 printf("Unknown IEEE802.11 frame subtype (%d)",FC_SUBTYPE(fc)); 123 printf("Unknown IEEE802.11 frame subtype (%d)",FC_SUBTYPE(fc));
163 break; 124 break;
164 } /* End of switch over different mgt frame types */ 125 } /* End of switch over different mgt frame types */
165 126
166 break; 127 break;
167 case T_CTRL: 128 case T_CTRL:
168 //decode_control_frames(fc, packet); 129 //decode_control_frames(fc, packet);
169 printf ("Its a control frame"); 130 printf ("Its a control frame");
170 break; 131 break;
171 case T_DATA: 132 case T_DATA:
172 //decode_data_frames(fc, packet); 133 //decode_data_frames(fc, packet);
173 printf ("Its a date frame"); 134 printf ("Its a date frame");
174 break; 135 break;
175 default: 136 default:
176 printf("Unknown IEEE802.11 frame type (%d)",FC_TYPE(fc)); 137 printf("Unknown IEEE802.11 frame type (%d)",FC_TYPE(fc));
177 break; 138 break;
178 } 139 }
179} 140}
180 141
181 142
182/* This decodes the 802.11b frame header out of the 802.11b packet 143/* This decodes the 802.11b frame header out of the 802.11b packet
183 all the infos is placed into the packetinfo structure */ 144 all the infos is placed into the packetinfo structure */
184int decode_80211b_hdr(const u_char *p,struct packetinfo *ppinfo) 145int decode_80211b_hdr(const u_char *p,struct packetinfo *ppinfo)
185{ 146{
186 const struct mgmt_header_t *mgthdr = (const struct mgmt_header_t *) p; 147 const struct mgmt_header_t *mgthdr = (const struct mgmt_header_t *) p;
187 ppinfo->fcsubtype = FC_SUBTYPE(mgthdr->fc); 148 ppinfo->fcsubtype = FC_SUBTYPE(mgthdr->fc);
188 149
189 /* Get the sender, bssid and dest mac address */ 150 /* Get the sender, bssid and dest mac address */
190 etheraddr_string(mgthdr->bssid,ppinfo->bssid); 151 etheraddr_string(mgthdr->bssid,ppinfo->bssid);
191 etheraddr_string(mgthdr->da,ppinfo->desthwaddr); 152 etheraddr_string(mgthdr->da,ppinfo->desthwaddr);
192 etheraddr_string(mgthdr->sa,ppinfo->sndhwaddr); 153 etheraddr_string(mgthdr->sa,ppinfo->sndhwaddr);
193 ppinfo->fc_wep = FC_WEP(mgthdr->fc); 154 ppinfo->fc_wep = FC_WEP(mgthdr->fc);
194 return 0; 155 return 0;
195} 156}
196 157
197 158
198void etheraddr_string(register const u_char *ep,char * text) 159void etheraddr_string(register const u_char *ep,char * text)
199{ 160{
200 static char hex[] = "0123456789abcdef"; 161 static char hex[] = "0123456789abcdef";
201 register u_int i, j; 162 register u_int i, j;
202 register char *cp; 163 register char *cp;
203 char buf[sizeof("00:00:00:00:00:00")]; 164 char buf[sizeof("00:00:00:00:00:00")];
204 cp = buf; 165 cp = buf;
205 if ((j = *ep >> 4) != 0) 166 if ((j = *ep >> 4) != 0)
206 *cp++ = hex[j]; 167 *cp++ = hex[j];
207 *cp++ = hex[*ep++ & 0xf]; 168 *cp++ = hex[*ep++ & 0xf];
208 for (i = 5; (int)--i >= 0;) { 169 for (i = 5; (int)--i >= 0;) {
209 *cp++ = ':'; 170 *cp++ = ':';
210 if ((j = *ep >> 4) != 0) 171 if ((j = *ep >> 4) != 0)
211 *cp++ = hex[j]; 172 *cp++ = hex[j];
212 *cp++ = hex[*ep++ & 0xf]; 173 *cp++ = hex[*ep++ & 0xf];
213 } 174 }
214 *cp = '\0'; 175 *cp = '\0';
215 strcpy(text,buf); 176 strcpy(text,buf);
216} 177}
217 178
218int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo) 179int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo)
219{ 180{
220 struct mgmt_body_t pbody; 181 struct mgmt_body_t pbody;
221 int offset = 0; 182 int offset = 0;
222 183
223 /* Get the static informations out of the packet */ 184 /* Get the static informations out of the packet */
224 memset(&pbody, 0, sizeof(pbody)); 185 memset(&pbody, 0, sizeof(pbody));
225 memcpy(&pbody.timestamp, p, 8); 186 memcpy(&pbody.timestamp, p, 8);
226 offset += 8; 187 offset += 8;
227 pbody.beacon_interval = EXTRACT_LE_16BITS(p+offset); 188 pbody.beacon_interval = EXTRACT_LE_16BITS(p+offset);
228 offset += 2; 189 offset += 2;
229 pbody.capability_info = EXTRACT_LE_16BITS(p+offset); 190 pbody.capability_info = EXTRACT_LE_16BITS(p+offset);
230 offset += 2; 191 offset += 2;
231 192
232 /* Gets the different flags out of the capabilities */ 193 /* Gets the different flags out of the capabilities */
233 ppinfo->cap_ESS = CAPABILITY_ESS(pbody.capability_info); 194 ppinfo->cap_ESS = CAPABILITY_ESS(pbody.capability_info);
234 ppinfo->cap_IBSS = CAPABILITY_IBSS(pbody.capability_info); 195 ppinfo->cap_IBSS = CAPABILITY_IBSS(pbody.capability_info);
235 ppinfo->cap_WEP = CAPABILITY_PRIVACY(pbody.capability_info); 196 ppinfo->cap_WEP = CAPABILITY_PRIVACY(pbody.capability_info);
236 197
237 /* Gets the tagged elements out of the packets */ 198 /* Gets the tagged elements out of the packets */
238 while (offset + 1 < ppinfo->pktlen) 199 while (offset + 1 < ppinfo->pktlen)
239 { 200 {
240 switch (*(p + offset)) 201 switch (*(p + offset))
241 { 202 {
242 case E_SSID: 203 case E_SSID:
243 memcpy(&(pbody.ssid),p+offset,2); offset += 2; 204 memcpy(&(pbody.ssid),p+offset,2); offset += 2;
244 if (pbody.ssid.length > 0) 205 if (pbody.ssid.length > 0)
245 { 206 {
246 memcpy(&(pbody.ssid.ssid),p+offset,pbody.ssid.length); offset += pbody.ssid.length; 207 memcpy(&(pbody.ssid.ssid),p+offset,pbody.ssid.length); offset += pbody.ssid.length;
247 pbody.ssid.ssid[pbody.ssid.length]='\0'; 208 pbody.ssid.ssid[pbody.ssid.length]='\0';
248 if (strcmp((char *)pbody.ssid.ssid,"")==0) 209 if (strcmp((char *)pbody.ssid.ssid,"")==0)
249 { 210 {
250 ppinfo->ssid = NONBROADCASTING; 211 ppinfo->ssid = NONBROADCASTING;
251 } 212 }
252 else 213 else
253 { 214 {
254 ppinfo->ssid = (char *)pbody.ssid.ssid; 215 ppinfo->ssid = (char *)pbody.ssid.ssid;
255 } 216 }
256 ppinfo->ssid_len = pbody.ssid.length; 217 ppinfo->ssid_len = pbody.ssid.length;
257 } 218 }
258 break; 219 break;
259 220
260 case E_CHALLENGE: 221 case E_CHALLENGE:
261 memcpy(&(pbody.challenge),p+offset,2); offset += 2; 222 memcpy(&(pbody.challenge),p+offset,2); offset += 2;
262 if (pbody.challenge.length > 0) 223 if (pbody.challenge.length > 0)
263 { 224 {
264 memcpy(&(pbody.challenge.text),p+offset,pbody.challenge.length); offset += pbody.challenge.length; 225 memcpy(&(pbody.challenge.text),p+offset,pbody.challenge.length); offset += pbody.challenge.length;
265 pbody.challenge.text[pbody.challenge.length]='\0'; 226 pbody.challenge.text[pbody.challenge.length]='\0';
266 } 227 }
267 break; 228 break;
268 case E_RATES: 229 case E_RATES:
269 memcpy(&(pbody.rates),p+offset,2); offset += 2; 230 memcpy(&(pbody.rates),p+offset,2); offset += 2;
270 if (pbody.rates.length > 0) { 231 if (pbody.rates.length > 0) {
271 memcpy(&(pbody.rates.rate),p+offset,pbody.rates.length); offset += pbody.rates.length; 232 memcpy(&(pbody.rates.rate),p+offset,pbody.rates.length); offset += pbody.rates.length;
272 } 233 }
273 break; 234 break;
274 case E_DS: 235 case E_DS:
275 memcpy(&(pbody.ds),p+offset,3); offset +=3; 236 memcpy(&(pbody.ds),p+offset,3); offset +=3;
276 ppinfo->channel = pbody.ds.channel; 237 ppinfo->channel = pbody.ds.channel;
277 break; 238 break;
278 case E_CF: 239 case E_CF:
279 memcpy(&(pbody.cf),p+offset,8); offset +=8; 240 memcpy(&(pbody.cf),p+offset,8); offset +=8;
280 break; 241 break;
281 case E_TIM: 242 case E_TIM:
282 memcpy(&(pbody.tim),p+offset,2); offset +=2; 243 memcpy(&(pbody.tim),p+offset,2); offset +=2;
283 memcpy(&(pbody.tim.count),p+offset,3); offset +=3; 244 memcpy(&(pbody.tim.count),p+offset,3); offset +=3;
284 if ((pbody.tim.length -3) > 0) 245 if ((pbody.tim.length -3) > 0)
285 { 246 {
286 memcpy((pbody.tim.bitmap),p+(pbody.tim.length -3),(pbody.tim.length -3)); 247 memcpy((pbody.tim.bitmap),p+(pbody.tim.length -3),(pbody.tim.length -3));
287 offset += pbody.tim.length -3; 248 offset += pbody.tim.length -3;
288 } 249 }
289 break; 250 break;
290 default: 251 default:
291 252
292 offset+= *(p+offset+1) + 2; 253 offset+= *(p+offset+1) + 2;
293 break; 254 break;
294 } /* end of switch*/ 255 } /* end of switch*/
295 } /* end of for loop */ 256 } /* end of for loop */
296 return 0; 257 return 0;
297 258
298} /* End of handle_beacon */ 259} /* End of handle_beacon */
299 260
300 261
301static int GetHeaderLength(u_int16_t fc) 262int GetHeaderLength(u_int16_t fc)
302{ 263{
303 int iLength=0; 264 int iLength=0;
304 265
305 switch (FC_TYPE(fc)) { 266 switch (FC_TYPE(fc)) {
306 case T_MGMT: 267 case T_MGMT:
307 iLength = MGMT_HEADER_LEN; 268 iLength = MGMT_HEADER_LEN;
308 break; 269 break;
309 case T_CTRL: 270 case T_CTRL:
310 switch (FC_SUBTYPE(fc)) { 271 switch (FC_SUBTYPE(fc)) {
311 case CTRL_PS_POLL: 272 case CTRL_PS_POLL:
312 iLength = CTRL_PS_POLL_LEN; 273 iLength = CTRL_PS_POLL_LEN;
313 break; 274 break;
314 case CTRL_RTS: 275 case CTRL_RTS:
315 iLength = CTRL_RTS_LEN; 276 iLength = CTRL_RTS_LEN;
316 break; 277 break;
317 case CTRL_CTS: 278 case CTRL_CTS:
318 iLength = CTRL_CTS_LEN; 279 iLength = CTRL_CTS_LEN;
319 break; 280 break;
320 case CTRL_ACK: 281 case CTRL_ACK:
321 iLength = CTRL_ACK_LEN; 282 iLength = CTRL_ACK_LEN;
322 break; 283 break;
323 case CTRL_CF_END: 284 case CTRL_CF_END:
324 iLength = CTRL_END_LEN; 285 iLength = CTRL_END_LEN;
325 break; 286 break;
326 case CTRL_END_ACK: 287 case CTRL_END_ACK:
327 iLength = CTRL_END_ACK_LEN; 288 iLength = CTRL_END_ACK_LEN;
328 break; 289 break;
329 default: 290 default:
330 iLength = 0; 291 iLength = 0;
331 break; 292 break;
332 } 293 }
333 break; 294 break;
334 case T_DATA: 295 case T_DATA:
335 if (FC_TO_DS(fc) && FC_FROM_DS(fc)) 296 if (FC_TO_DS(fc) && FC_FROM_DS(fc))
336 iLength = 30; 297 iLength = 30;
337 else 298 else
338 iLength = 24; 299 iLength = 24;
339 break; 300 break;
340 default: 301 default:
341 printf("unknown IEEE802.11 frame type (%d)", 302 printf("unknown IEEE802.11 frame type (%d)",
342 FC_TYPE(fc)); 303 FC_TYPE(fc));
343 break; 304 break;
344 } 305 }
345 306
346 return iLength; 307 return iLength;
347} 308}
diff --git a/noncore/net/wellenreiter/daemon/source/sniffer.hh b/noncore/net/wellenreiter/daemon/source/sniffer.hh
index d262353..7e1e3be 100644
--- a/noncore/net/wellenreiter/daemon/source/sniffer.hh
+++ b/noncore/net/wellenreiter/daemon/source/sniffer.hh
@@ -1,70 +1,64 @@
1/* $Id$ */ 1/* $Id$ */
2 2
3#ifndef SNIFFER_HH 3#ifndef SNIFFER_HH
4#define SNIFFER_HH 4#define SNIFFER_HH
5 5
6#include <string.h> 6#include <string.h>
7#include <stdio.h> 7#include <stdio.h>
8#include <stdlib.h> 8#include <stdlib.h>
9#include <pcap.h> 9#include <pcap.h>
10#include <errno.h> 10#include <errno.h>
11#include <sys/socket.h> 11#include <sys/socket.h>
12#include <netinet/in.h> 12#include <netinet/in.h>
13#include <arpa/inet.h> 13#include <arpa/inet.h>
14#include <net/bpf.h> 14#include <net/bpf.h>
15 15
16
17#define NONBROADCASTING "non-broadcasting" 16#define NONBROADCASTING "non-broadcasting"
18 17
19
20/* holds all the interresting data */ 18/* holds all the interresting data */
21struct packetinfo 19struct packetinfo
22{ 20{
23 int isvalid; 21 int isvalid;
24 int pktlen; 22 int pktlen;
25 int fctype; 23 int fctype;
26 int fcsubtype; 24 int fcsubtype;
27 int fc_wep; 25 int fc_wep;
28 int cap_WEP; 26 int cap_WEP;
29 int cap_IBSS; 27 int cap_IBSS;
30 int cap_ESS; 28 int cap_ESS;
31 int channel; 29 int channel;
32 char bssid[sizeof("00:00:00:00:00:00")]; 30 char bssid[sizeof("00:00:00:00:00:00")];
33 char desthwaddr[sizeof("00:00:00:00:00:00")]; 31 char desthwaddr[sizeof("00:00:00:00:00:00")];
34 char sndhwaddr[sizeof("00:00:00:00:00:00")]; 32 char sndhwaddr[sizeof("00:00:00:00:00:00")];
35 char *ssid; 33 char *ssid;
36 int ssid_len; 34 int ssid_len;
37}; 35};
38 36
39
40/* Prototypes */
41int sniffer(void);
42int start_sniffing (char * device);
43void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet); 37void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet);
44int decode_80211b_hdr(const u_char *p,struct packetinfo *ppinfo); 38int decode_80211b_hdr(const u_char *p,struct packetinfo *ppinfo);
45void etheraddr_string(register const u_char *ep,char * text); 39void etheraddr_string(register const u_char *ep,char * text);
46int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo); 40int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo);
47 41
48static int GetHeaderLength(u_int16_t fc); 42int GetHeaderLength(u_int16_t fc);
49 43
50/* 44/*
51 * True if "l" bytes of "var" were captured. 45 * True if "l" bytes of "var" were captured.
52 * 46 *
53 * The "snapend - (l) <= snapend" checks to make sure "l" isn't so large 47 * The "snapend - (l) <= snapend" checks to make sure "l" isn't so large
54 * that "snapend - (l)" underflows. 48 * that "snapend - (l)" underflows.
55 * 49 *
56 * The check is for <= rather than < because "l" might be 0. 50 * The check is for <= rather than < because "l" might be 0.
57 */ 51 */
58#define TTEST2(var, l) (snapend - (l) <= snapend && \ 52#define TTEST2(var, l) (snapend - (l) <= snapend && \
59 (const u_char *)&(var) <= snapend - (l)) 53 (const u_char *)&(var) <= snapend - (l))
60 54
61/* True if "var" was captured */ 55/* True if "var" was captured */
62#define TTEST(var) TTEST2(var, sizeof(var)) 56#define TTEST(var) TTEST2(var, sizeof(var))
63 57
64/* Bail if "l" bytes of "var" were not captured */ 58/* Bail if "l" bytes of "var" were not captured */
65#define TCHECK2(var, l) if (!TTEST2(var, l)) goto trunc 59#define TCHECK2(var, l) if (!TTEST2(var, l)) goto trunc
66 60
67/* Bail if "var" was not captured */ 61/* Bail if "var" was not captured */
68#define TCHECK(var) TCHECK2(var, sizeof(var)) 62#define TCHECK(var) TCHECK2(var, sizeof(var))
69 63
70#endif /* SNIFFER_HH */ 64#endif /* SNIFFER_HH */