| -rw-r--r-- | noncore/net/wellenreiter/daemon/source/sniffer.cc | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/noncore/net/wellenreiter/daemon/source/sniffer.cc b/noncore/net/wellenreiter/daemon/source/sniffer.cc index 65c8579..be64d67 100644 --- a/noncore/net/wellenreiter/daemon/source/sniffer.cc +++ b/noncore/net/wellenreiter/daemon/source/sniffer.cc | |||
| @@ -3,59 +3,70 @@ | |||
| 3 | * This works only with cisco wireless cards with an rfmon | 3 | * This works only with cisco wireless cards with an rfmon |
| 4 | * able driver and not with wifi stuff. | 4 | * able driver and not with wifi stuff. |
| 5 | * | 5 | * |
| 6 | * $Id$ | 6 | * $Id$ |
| 7 | */ | 7 | */ |
| 8 | 8 | ||
| 9 | #include "config.hh" | 9 | #include "config.hh" |
| 10 | #include "cardmode.hh" | 10 | #include "cardmode.hh" |
| 11 | #include "sniffer.hh" | 11 | #include "sniffer.hh" |
| 12 | #include "ieee802_11.hh" | 12 | #include "ieee802_11.hh" |
| 13 | #include "extract.hh" | 13 | #include "extract.hh" |
| 14 | 14 | ||
| 15 | int main(void) | 15 | int main(void) |
| 16 | { | 16 | { |
| 17 | if(card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG) < 0) | 17 | if(card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG) < 0) |
| 18 | return 0; | 18 | return 0; |
| 19 | start_sniffing (SNIFFER_DEVICE); | 19 | start_sniffing (SNIFFER_DEVICE); |
| 20 | 20 | ||
| 21 | return 1; | 21 | return 1; |
| 22 | } | 22 | } |
| 23 | 23 | ||
| 24 | int start_sniffing (char * device) | 24 | int start_sniffing (char * device) |
| 25 | { | 25 | { |
| 26 | 26 | ||
| 27 | pcap_t *handletopcap; | 27 | pcap_t *handletopcap; /* The handle to the libpcap */ |
| 28 | char errbuf[PCAP_ERRBUF_SIZE]; | 28 | char errbuf[PCAP_ERRBUF_SIZE]; /* The errorbuffer of libpacap */ |
| 29 | struct pcap_pkthdr header; /* The packet header from pcap*/ | ||
| 30 | const u_char *packet; /* The actual packet content*/ | ||
| 29 | 31 | ||
| 30 | /* opening the pcap for sniffing */ | 32 | /* opening the pcap for sniffing */ |
| 31 | handletopcap = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf); | 33 | handletopcap = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf); |
| 32 | 34 | ||
| 33 | #ifdef HAVE_PCAP_NONBLOCK | 35 | #ifdef HAVE_PCAP_NONBLOCK |
| 34 | pcap_setnonblock(handletopcap, 1, errstr); | 36 | pcap_setnonblock(handletopcap, 1, errstr); |
| 35 | #endif | 37 | #endif |
| 36 | /*start scanning */ | 38 | /*start scanning */ |
| 37 | pcap_loop(handletopcap,-1,process_packets,NULL); | 39 | //pcap_loop(handletopcap,-1,process_packets,NULL); |
| 40 | /* Loope endless */ | ||
| 41 | while(1) | ||
| 42 | { | ||
| 43 | /* Grab one single packet */ | ||
| 44 | packet = pcap_next(handletopcap, &header); | ||
| 45 | |||
| 46 | /* process the packet */ | ||
| 47 | process_packets(NULL,&header,*&packet); | ||
| 48 | } | ||
| 38 | 49 | ||
| 39 | printf("\nDone processing packets... wheew!\n"); | 50 | printf("\nDone processing packets... wheew!\n"); |
| 40 | return 1; | 51 | return 1; |
| 41 | } | 52 | } |
| 42 | 53 | ||
| 43 | void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet) | 54 | void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet) |
| 44 | { | 55 | { |
| 45 | u_int caplen = pkthdr->caplen; | 56 | u_int caplen = pkthdr->caplen; |
| 46 | u_int length = pkthdr->len; | 57 | u_int length = pkthdr->len; |
| 47 | u_int16_t fc; | 58 | u_int16_t fc; |
| 48 | u_int HEADER_LENGTH; | 59 | u_int HEADER_LENGTH; |
| 49 | 60 | ||
| 50 | /* pinfo holds all interresting information for us */ | 61 | /* pinfo holds all interresting information for us */ |
| 51 | struct packetinfo pinfo; | 62 | struct packetinfo pinfo; |
| 52 | struct packetinfo *pinfoptr; | 63 | struct packetinfo *pinfoptr; |
| 53 | pinfoptr=&pinfo; | 64 | pinfoptr=&pinfo; |
| 54 | 65 | ||
| 55 | pinfoptr->isvalid = 0; | 66 | pinfoptr->isvalid = 0; |
| 56 | pinfoptr->pktlen = pkthdr->len; | 67 | pinfoptr->pktlen = pkthdr->len; |
| 57 | 68 | ||
| 58 | if (caplen < IEEE802_11_FC_LEN) | 69 | if (caplen < IEEE802_11_FC_LEN) |
| 59 | { | 70 | { |
| 60 | /* This is a garbage packet, because is does not long enough | 71 | /* This is a garbage packet, because is does not long enough |
| 61 | to hold a 802.11b header */ | 72 | to hold a 802.11b header */ |
| @@ -77,49 +88,48 @@ void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_ch | |||
| 77 | } | 88 | } |
| 78 | 89 | ||
| 79 | /* Decode 802.11b header out of the packet */ | 90 | /* Decode 802.11b header out of the packet */ |
| 80 | if (decode_80211b_hdr(packet,pinfoptr) == 0) | 91 | if (decode_80211b_hdr(packet,pinfoptr) == 0) |
| 81 | { | 92 | { |
| 82 | /* Justification of the ofset to further process the packet */ | 93 | /* Justification of the ofset to further process the packet */ |
| 83 | length -= HEADER_LENGTH; | 94 | length -= HEADER_LENGTH; |
| 84 | caplen -= HEADER_LENGTH; | 95 | caplen -= HEADER_LENGTH; |
| 85 | packet += HEADER_LENGTH; | 96 | packet += HEADER_LENGTH; |
| 86 | } | 97 | } |
| 87 | else | 98 | else |
| 88 | { /* Something is wrong,could not be a correct packet */ | 99 | { /* Something is wrong,could not be a correct packet */ |
| 89 | return; | 100 | return; |
| 90 | } | 101 | } |
| 91 | 102 | ||
| 92 | switch (FC_TYPE(fc)) | 103 | switch (FC_TYPE(fc)) |
| 93 | { | 104 | { |
| 94 | /* Is it a managemnet frame? */ | 105 | /* Is it a managemnet frame? */ |
| 95 | case T_MGMT: | 106 | case T_MGMT: |
| 96 | switch (FC_SUBTYPE(fc)) | 107 | switch (FC_SUBTYPE(fc)) |
| 97 | { /* Is it a beacon frame? */ | 108 | { /* Is it a beacon frame? */ |
| 98 | case ST_BEACON: | 109 | case ST_BEACON: |
| 99 | if (handle_beacon(fc, packet,pinfoptr) ==0) | 110 | if (handle_beacon(fc, packet,pinfoptr) ==0) |
| 100 | { | 111 | { |
| 101 | printf ("\n\tOn network : %s",pinfoptr->ssid); | ||
| 102 | if (!strcmp(pinfoptr->desthwaddr,"ff:ff:ff:ff:ff:ff") == 0) | 112 | if (!strcmp(pinfoptr->desthwaddr,"ff:ff:ff:ff:ff:ff") == 0) |
| 103 | { | 113 | { |
| 104 | /* Every beacon must have the broadcast as destination | 114 | /* Every beacon must have the broadcast as destination |
| 105 | so it must be a shitti packet */ | 115 | so it must be a shitti packet */ |
| 106 | pinfoptr->isvalid = 0; | 116 | pinfoptr->isvalid = 0; |
| 107 | return; | 117 | return; |
| 108 | } | 118 | } |
| 109 | 119 | ||
| 110 | if (pinfoptr->cap_ESS == pinfoptr->cap_IBSS) | 120 | if (pinfoptr->cap_ESS == pinfoptr->cap_IBSS) |
| 111 | { | 121 | { |
| 112 | /* Only one of both are possible, so must be | 122 | /* Only one of both are possible, so must be |
| 113 | a noise packet, if this comes up */ | 123 | a noise packet, if this comes up */ |
| 114 | pinfoptr->isvalid = 0; | 124 | pinfoptr->isvalid = 0; |
| 115 | return; | 125 | return; |
| 116 | } | 126 | } |
| 117 | if (pinfoptr->channel < 1 || pinfoptr->channel > 14) | 127 | if (pinfoptr->channel < 1 || pinfoptr->channel > 14) |
| 118 | { | 128 | { |
| 119 | /* Only channels between 1 and 14 are possible | 129 | /* Only channels between 1 and 14 are possible |
| 120 | others must be noise packets */ | 130 | others must be noise packets */ |
| 121 | pinfoptr->isvalid = 0; | 131 | pinfoptr->isvalid = 0; |
| 122 | return; | 132 | return; |
| 123 | } | 133 | } |
| 124 | 134 | ||
| 125 | /* Here should be the infos to the gui issued */ | 135 | /* Here should be the infos to the gui issued */ |