summaryrefslogtreecommitdiff
Side-by-side diff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--noncore/net/wellenreiter/daemon/source/Makefile5
-rw-r--r--noncore/net/wellenreiter/daemon/source/cardmode.cc89
-rw-r--r--noncore/net/wellenreiter/daemon/source/cardmode.hh36
-rw-r--r--noncore/net/wellenreiter/daemon/source/sniffer.cc95
-rw-r--r--noncore/net/wellenreiter/daemon/source/sniffer.hh13
5 files changed, 137 insertions, 101 deletions
diff --git a/noncore/net/wellenreiter/daemon/source/Makefile b/noncore/net/wellenreiter/daemon/source/Makefile
index f6efa3d..bcbc799 100644
--- a/noncore/net/wellenreiter/daemon/source/Makefile
+++ b/noncore/net/wellenreiter/daemon/source/Makefile
@@ -1,28 +1,33 @@
# $Id$
CPP = g++
OPTIMFLAGS = -g
WARNFLAGS = -Wall -pedantic -DDEBUG
LDFLAGS =
LIBS = -lpcap ../../libwellenreiter/source/libwellenreiter.a
OBJ = daemon.o
.SUFFIXES:
.PHONY: all wellenreiterd clean distclean realclean
%.o : %.cc
$(CPP) $(WARNFLAGS) $(OPTIMFLAGS) -c $< -o $@
all: wellenreiterd
wellenreiterd: $(OBJ)
$(CPP) $(OPTIMFLAGS) $(WARNFLAGS) $(OBJ) $(LDFLAGS) $(LIBS) -o $@
@echo Build wellenreiterd
+sniffer: sniffer.o cardmode.o
+ $(CPP) $(OPTIMFLAGS) $(WARNFLAGS) sniffer.o cardmode.o $(LDFLAGS) $(LIBS) -o $@
+ @echo Build sniffer
+
+
clean distclean realclean:
@rm -rf wellenreiterd *~ *.o
@echo All dependent files have been removed.
daemon.o: config.hh
diff --git a/noncore/net/wellenreiter/daemon/source/cardmode.cc b/noncore/net/wellenreiter/daemon/source/cardmode.cc
new file mode 100644
index 0000000..ae32af4
--- a/dev/null
+++ b/noncore/net/wellenreiter/daemon/source/cardmode.cc
@@ -0,0 +1,89 @@
+/* $Id$ */
+
+#include "cardmode.hh"
+
+int card_into_monitormode (char *device, int cardtype)
+{
+
+ int datalink; /* used for getting the pcap datalink type */
+ char CiscoRFMON[35] = "/proc/driver/aironet/";
+ FILE *CISCO_CONFIG_FILE;
+ char errbuf[PCAP_ERRBUF_SIZE];
+ pcap_t *handle;
+
+ /* Checks if we have a device to sniff on */
+ if(device == NULL)
+ {
+ printf ("Fatal error i did not have any interfaces to sniff on\n");
+ return 0;
+ }
+
+ /* Setting the prmiscous and up flag to the interface */
+ if (card_set_promisc_up (device) == 0)
+ {
+ printf ("Interface flags correctly set using ifconfig\n");
+ }
+
+ /* Check the cardtype and executes the commands to go into monitor mode */
+ if (cardtype == CARD_TYPE_CISCO) /* I got a cisco card */
+ {
+ /* bring the sniffer into rfmon mode */
+ snprintf(CiscoRFMON, sizeof(CiscoRFMON),DEFAULT_PATH, device);
+ CISCO_CONFIG_FILE = fopen(CiscoRFMON,"w");
+ fputs ("Mode: r",CISCO_CONFIG_FILE);
+ fputs ("Mode: y",CISCO_CONFIG_FILE);
+ fputs ("XmitPower: 1",CISCO_CONFIG_FILE);
+ fclose(CISCO_CONFIG_FILE);
+ }
+ else if (cardtype == CARD_TYPE_NG)
+ {
+ char wlanngcmd[62];
+ snprintf(wlanngcmd, sizeof(wlanngcmd),"%s %s lnxreq_wlansniff channel=1 enable=true",WLANCTL_PATH,device);
+ if (system (wlanngcmd) != 0)
+ {
+ printf ("\n Fatal error could not set %s in raw mode, check cardtype\n",device);
+ return 0;
+ }
+ }
+ else if (cardtype == CARD_TYPE_HOSTAP)
+ {
+ printf ("Got a host-ap card, nothing is implemented now\n");
+ }
+
+
+ /* Check the interface if it is in the correct raw mode */
+ handle = pcap_open_live(device, BUFSIZ, 1, 0, errbuf);
+
+ /* getting the datalink type */
+ datalink = pcap_datalink(handle);
+
+ if (datalink == DLT_IEEE802_11) /* Rawmode is IEEE802_11 */
+ {
+ printf ("Your successfully listen on %s in 802.11 raw mode\n",device);
+ pcap_close(handle);
+ return 0;
+
+ }
+ else
+ {
+ printf ("Fatal error, cannot continue, your interface %s does not work in the correct 802.11 raw mode, check you driver please\n",device);
+ pcap_close(handle);
+ return 0;
+ }
+}
+
+
+
+int card_set_promisc_up (char * device)
+{
+ int ret;
+ char ifconfigcmd[32];
+ snprintf(ifconfigcmd,sizeof(ifconfigcmd),SBIN_PATH, device);
+ ret = system (ifconfigcmd);
+ if (ret > 0)
+ {
+ printf ("\nFatal error, could not execute %s please check your card,binary location and permission\n",ifconfigcmd);
+ return 0;
+ }
+ return 1;
+}
diff --git a/noncore/net/wellenreiter/daemon/source/cardmode.hh b/noncore/net/wellenreiter/daemon/source/cardmode.hh
new file mode 100644
index 0000000..87284a1
--- a/dev/null
+++ b/noncore/net/wellenreiter/daemon/source/cardmode.hh
@@ -0,0 +1,36 @@
+/* $Id$ */
+
+#ifndef CARDMODE_HH
+#define CARDMODE_HH
+
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <pcap.h>
+#include <errno.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <net/bpf.h>
+
+#endif /* CARDMODE_HH */
+
+/* Defines, used for the card setup */
+#define DEFAULT_PATH "/proc/driver/aironet/%s/Config"
+#define CARD_TYPE_CISCO 1
+#define CARD_TYPE_NG 2
+#define CARD_TYPE_HOSTAP 3
+
+/* only for now, until we have the daemon running */
+/*the config file should provide these information */
+#define SNIFFER_DEVICE "wlan0"
+#define CARD_TYPE CARD_TYPE_CISCO
+#define SBIN_PATH "/sbin/ifconfig %s promisc up"
+#define WLANCTL_PATH "/sbin/wlanctl-ng"
+
+/* Prototypes */
+
+int card_into_monitormode (char * device, int cardtype);
+int card_set_promisc_up (char * device);
+
+
diff --git a/noncore/net/wellenreiter/daemon/source/sniffer.cc b/noncore/net/wellenreiter/daemon/source/sniffer.cc
index c837505..65c8579 100644
--- a/noncore/net/wellenreiter/daemon/source/sniffer.cc
+++ b/noncore/net/wellenreiter/daemon/source/sniffer.cc
@@ -1,223 +1,141 @@
/*
* rfmon mode sniffer
* This works only with cisco wireless cards with an rfmon
* able driver and not with wifi stuff.
*
* $Id$
*/
#include "config.hh"
+#include "cardmode.hh"
#include "sniffer.hh"
#include "ieee802_11.hh"
#include "extract.hh"
-int sniffer(void)
+int main(void)
{
if(card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG) < 0)
return 0;
start_sniffing (SNIFFER_DEVICE);
return 1;
}
-int card_into_monitormode (char *device, int cardtype)
-{
-
- int datalink; /* used for getting the pcap datalink type */
- char CiscoRFMON[35] = "/proc/driver/aironet/";
- FILE *CISCO_CONFIG_FILE;
- char errbuf[PCAP_ERRBUF_SIZE];
- pcap_t *handle;
-
- /* Checks if we have a device to sniff on */
- if(device == NULL)
- {
- printf ("Fatal error i did not have any interfaces to sniff on\n");
- return 0;
- }
-
- /* Setting the prmiscous and up flag to the interface */
- if (card_set_promisc_up (device) == 0)
- {
- printf ("Interface flags correctly set using ifconfig\n");
- }
-
- /* Check the cardtype and executes the commands to go into monitor mode */
- if (cardtype == CARD_TYPE_CISCO) /* I got a cisco card */
- {
- /* bring the sniffer into rfmon mode */
- snprintf(CiscoRFMON, sizeof(CiscoRFMON),DEFAULT_PATH, device);
- CISCO_CONFIG_FILE = fopen(CiscoRFMON,"w");
- fputs ("Mode: r",CISCO_CONFIG_FILE);
- fputs ("Mode: y",CISCO_CONFIG_FILE);
- fputs ("XmitPower: 1",CISCO_CONFIG_FILE);
- fclose(CISCO_CONFIG_FILE);
- }
- else if (cardtype == CARD_TYPE_NG)
- {
- char wlanngcmd[62];
- snprintf(wlanngcmd, sizeof(wlanngcmd),"%s %s lnxreq_wlansniff channel=1 enable=true",WLANCTL_PATH,device);
- if (system (wlanngcmd) != 0)
- {
- printf ("\n Fatal error could not set %s in raw mode, check cardtype\n",device);
- return 0;
- }
- }
- else if (cardtype == CARD_TYPE_HOSTAP)
- {
- printf ("Got a host-ap card, nothing is implemented now\n");
- }
-
-
- /* Check the interface if it is in the correct raw mode */
- handle = pcap_open_live(device, BUFSIZ, 1, 0, errbuf);
-
- /* getting the datalink type */
- datalink = pcap_datalink(handle);
-
- if (datalink == DLT_IEEE802_11) /* Rawmode is IEEE802_11 */
- {
- printf ("Your successfully listen on %s in 802.11 raw mode\n",device);
- pcap_close(handle);
- return 0;
-
- }
- else
- {
- printf ("Fatal error, cannot continue, your interface %s does not work in the correct 802.11 raw mode, check you driver please\n",device);
- pcap_close(handle);
- return 0;
- }
-}
-
-int card_set_promisc_up (char * device)
-{
- int ret;
- char ifconfigcmd[32];
- snprintf(ifconfigcmd,sizeof(ifconfigcmd),SBIN_PATH, device);
- ret = system (ifconfigcmd);
- if (ret > 0)
- {
- printf ("\nFatal error, could not execute %s please check your card,binary location and permission\n",ifconfigcmd);
- return 0;
- }
- return 1;
-}
-
int start_sniffing (char * device)
{
pcap_t *handletopcap;
char errbuf[PCAP_ERRBUF_SIZE];
/* opening the pcap for sniffing */
handletopcap = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf);
- /* Next few lines a taken out of kismet */
#ifdef HAVE_PCAP_NONBLOCK
pcap_setnonblock(handletopcap, 1, errstr);
#endif
-
/*start scanning */
pcap_loop(handletopcap,-1,process_packets,NULL);
printf("\nDone processing packets... wheew!\n");
return 1;
}
void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet)
{
u_int caplen = pkthdr->caplen;
u_int length = pkthdr->len;
u_int16_t fc;
u_int HEADER_LENGTH;
/* pinfo holds all interresting information for us */
struct packetinfo pinfo;
struct packetinfo *pinfoptr;
pinfoptr=&pinfo;
pinfoptr->isvalid = 0;
pinfoptr->pktlen = pkthdr->len;
+
if (caplen < IEEE802_11_FC_LEN)
{
/* This is a garbage packet, because is does not long enough
to hold a 802.11b header */
pinfoptr->isvalid = 0;
return;
}
/* Gets the framecontrol bits (2bytes long) */
fc = EXTRACT_LE_16BITS(packet);
HEADER_LENGTH = GetHeaderLength(fc);
if (caplen < HEADER_LENGTH)
{
/* This is a garbage packet, because it is not long enough
to hold a correct header of its type */
pinfoptr->isvalid = 0;
return;
}
/* Decode 802.11b header out of the packet */
if (decode_80211b_hdr(packet,pinfoptr) == 0)
{
/* Justification of the ofset to further process the packet */
length -= HEADER_LENGTH;
caplen -= HEADER_LENGTH;
packet += HEADER_LENGTH;
}
else
{ /* Something is wrong,could not be a correct packet */
return;
}
switch (FC_TYPE(fc))
{
/* Is it a managemnet frame? */
case T_MGMT:
switch (FC_SUBTYPE(fc))
{ /* Is it a beacon frame? */
case ST_BEACON:
if (handle_beacon(fc, packet,pinfoptr) ==0)
{
+ printf ("\n\tOn network : %s",pinfoptr->ssid);
if (!strcmp(pinfoptr->desthwaddr,"ff:ff:ff:ff:ff:ff") == 0)
{
/* Every beacon must have the broadcast as destination
so it must be a shitti packet */
pinfoptr->isvalid = 0;
return;
}
+
if (pinfoptr->cap_ESS == pinfoptr->cap_IBSS)
{
/* Only one of both are possible, so must be
a noise packet, if this comes up */
pinfoptr->isvalid = 0;
return;
}
if (pinfoptr->channel < 1 || pinfoptr->channel > 14)
{
/* Only channels between 1 and 14 are possible
others must be noise packets */
pinfoptr->isvalid = 0;
return;
}
/* Here should be the infos to the gui issued */
if (pinfoptr->cap_ESS == 1 &&pinfoptr->cap_IBSS ==0)
{
printf ("\nHave found an accesspoint:");
}
else if(pinfoptr->cap_ESS == 0 && pinfoptr->cap_IBSS == 1)
{
printf ("\nHave found an AD-HOC station:");
}
if (strcmp (pinfoptr->ssid,NONBROADCASTING) ==0)
{
printf ("\n\tOn a non-broadcasting network");
}
else
{
printf ("\n\tOn network : %s",pinfoptr->ssid);
@@ -299,101 +217,102 @@ int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo)
pbody.beacon_interval = EXTRACT_LE_16BITS(p+offset);
offset += 2;
pbody.capability_info = EXTRACT_LE_16BITS(p+offset);
offset += 2;
/* Gets the different flags out of the capabilities */
ppinfo->cap_ESS = CAPABILITY_ESS(pbody.capability_info);
ppinfo->cap_IBSS = CAPABILITY_IBSS(pbody.capability_info);
ppinfo->cap_WEP = CAPABILITY_PRIVACY(pbody.capability_info);
/* Gets the tagged elements out of the packets */
while (offset + 1 < ppinfo->pktlen)
{
switch (*(p + offset))
{
case E_SSID:
memcpy(&(pbody.ssid),p+offset,2); offset += 2;
if (pbody.ssid.length > 0)
{
memcpy(&(pbody.ssid.ssid),p+offset,pbody.ssid.length); offset += pbody.ssid.length;
pbody.ssid.ssid[pbody.ssid.length]='\0';
if (strcmp((char *)pbody.ssid.ssid,"")==0)
{
ppinfo->ssid = NONBROADCASTING;
}
else
{
ppinfo->ssid = (char *)pbody.ssid.ssid;
}
ppinfo->ssid_len = pbody.ssid.length;
}
break;
+
case E_CHALLENGE:
memcpy(&(pbody.challenge),p+offset,2); offset += 2;
if (pbody.challenge.length > 0)
{
memcpy(&(pbody.challenge.text),p+offset,pbody.challenge.length); offset += pbody.challenge.length;
pbody.challenge.text[pbody.challenge.length]='\0';
}
break;
case E_RATES:
memcpy(&(pbody.rates),p+offset,2); offset += 2;
if (pbody.rates.length > 0) {
memcpy(&(pbody.rates.rate),p+offset,pbody.rates.length); offset += pbody.rates.length;
}
break;
case E_DS:
memcpy(&(pbody.ds),p+offset,3); offset +=3;
ppinfo->channel = pbody.ds.channel;
break;
case E_CF:
memcpy(&(pbody.cf),p+offset,8); offset +=8;
break;
case E_TIM:
memcpy(&(pbody.tim),p+offset,2); offset +=2;
memcpy(&(pbody.tim.count),p+offset,3); offset +=3;
if ((pbody.tim.length -3) > 0)
{
memcpy((pbody.tim.bitmap),p+(pbody.tim.length -3),(pbody.tim.length -3));
offset += pbody.tim.length -3;
}
break;
default:
offset+= *(p+offset+1) + 2;
break;
} /* end of switch*/
} /* end of for loop */
- return 1;
+ return 0;
} /* End of handle_beacon */
static int GetHeaderLength(u_int16_t fc)
{
int iLength=0;
switch (FC_TYPE(fc)) {
case T_MGMT:
iLength = MGMT_HEADER_LEN;
break;
case T_CTRL:
switch (FC_SUBTYPE(fc)) {
case CTRL_PS_POLL:
iLength = CTRL_PS_POLL_LEN;
break;
case CTRL_RTS:
iLength = CTRL_RTS_LEN;
break;
case CTRL_CTS:
iLength = CTRL_CTS_LEN;
break;
case CTRL_ACK:
iLength = CTRL_ACK_LEN;
break;
case CTRL_CF_END:
iLength = CTRL_END_LEN;
break;
case CTRL_END_ACK:
iLength = CTRL_END_ACK_LEN;
break;
diff --git a/noncore/net/wellenreiter/daemon/source/sniffer.hh b/noncore/net/wellenreiter/daemon/source/sniffer.hh
index 7f45be6..d262353 100644
--- a/noncore/net/wellenreiter/daemon/source/sniffer.hh
+++ b/noncore/net/wellenreiter/daemon/source/sniffer.hh
@@ -1,83 +1,70 @@
/* $Id$ */
#ifndef SNIFFER_HH
#define SNIFFER_HH
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <pcap.h>
#include <errno.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <net/bpf.h>
-#define DEFAULT_PATH "/proc/driver/aironet/%s/Config"
-#define CARD_TYPE_CISCO 1
-#define CARD_TYPE_NG 2
-#define CARD_TYPE_HOSTAP 3
#define NONBROADCASTING "non-broadcasting"
-/* only for now, until we have the daemon running */
-/*the config file should provide these information */
-#define SNIFFER_DEVICE "wlan0"
-#define CARD_TYPE CARD_TYPE_CISCO
-#define SBIN_PATH "/sbin/ifconfig %s promisc up"
-#define WLANCTL_PATH "/sbin/wlanctl-ng"
/* holds all the interresting data */
struct packetinfo
{
int isvalid;
int pktlen;
int fctype;
int fcsubtype;
int fc_wep;
int cap_WEP;
int cap_IBSS;
int cap_ESS;
int channel;
char bssid[sizeof("00:00:00:00:00:00")];
char desthwaddr[sizeof("00:00:00:00:00:00")];
char sndhwaddr[sizeof("00:00:00:00:00:00")];
char *ssid;
int ssid_len;
};
/* Prototypes */
-
int sniffer(void);
-int card_into_monitormode (char * device, int cardtype);
-int card_set_promisc_up (char * device);
int start_sniffing (char * device);
void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet);
int decode_80211b_hdr(const u_char *p,struct packetinfo *ppinfo);
void etheraddr_string(register const u_char *ep,char * text);
int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo);
static int GetHeaderLength(u_int16_t fc);
/*
* True if "l" bytes of "var" were captured.
*
* The "snapend - (l) <= snapend" checks to make sure "l" isn't so large
* that "snapend - (l)" underflows.
*
* The check is for <= rather than < because "l" might be 0.
*/
#define TTEST2(var, l) (snapend - (l) <= snapend && \
(const u_char *)&(var) <= snapend - (l))
/* True if "var" was captured */
#define TTEST(var) TTEST2(var, sizeof(var))
/* Bail if "l" bytes of "var" were not captured */
#define TCHECK2(var, l) if (!TTEST2(var, l)) goto trunc
/* Bail if "var" was not captured */
#define TCHECK(var) TCHECK2(var, sizeof(var))
#endif /* SNIFFER_HH */