-rw-r--r-- | libopie2/opienet/opcap.cpp | 33 | ||||
-rw-r--r-- | libopie2/opienet/udp_ports.h | 89 |
2 files changed, 112 insertions, 10 deletions
diff --git a/libopie2/opienet/opcap.cpp b/libopie2/opienet/opcap.cpp index cc8ce7f..f1f2b4b 100644 --- a/libopie2/opienet/opcap.cpp +++ b/libopie2/opienet/opcap.cpp @@ -1,91 +1,93 @@ /* This file is part of the Opie Project Copyright (C) 2003 by the Wellenreiter team: Martin J. Muench <mjm@remote-exploit.org> Max Moser <mmo@remote-exploit.org Michael 'Mickey' Lauer <mickey@tm.informatik.uni-frankfurt.de> =. .=l. .>+-= _;:, .> :=|. This program is free software; you can .> <`_, > . <= redistribute it and/or modify it under :`=1 )Y*s>-.-- : the terms of the GNU Library General Public .="- .-=="i, .._ License as published by the Free Software - . .-<_> .<> Foundation; either version 2 of the License, ._= =} : or (at your option) any later version. .%`+i> _;_. .i_,=:_. -<s. This program is distributed in the hope that + . -:. = it will be useful, but WITHOUT ANY WARRANTY; : .. .:, . . . without even the implied warranty of =_ + =;=|` MERCHANTABILITY or FITNESS FOR A _.=:. : :=>`: PARTICULAR PURPOSE. See the GNU ..}^=.= = ; Library General Public License for more ++= -. .` .: details. : = ...= . :.=- -. .:....=;==+<; You should have received a copy of the GNU -_. . . )=. = Library General Public License along with -- :-=` this library; see the file COPYING.LIB. If not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* OPIE */ #include <opie2/opcap.h> /* QT */ #include <qapplication.h> // don't use oapplication here (will decrease reusability in other projects) #include <qsocketnotifier.h> #include <qobjectlist.h> +#include "udp_ports.h" + /*====================================================================================== * OPacket *======================================================================================*/ OPacket::OPacket( int datalink, packetheaderstruct header, const unsigned char* data, QObject* parent ) :QObject( parent, "Generic" ), _hdr( header ), _data( data ) { //qDebug( "OPacket::OPacket(): (Len %d, CapLen %d)" /*, ctime((const time_t*) header.ts.tv_sec)*/, header.len, header.caplen ); _end = (unsigned char*) data + header.len; //qDebug( "OPacket::data @ %0x, end @ %0x", data, _end ); switch ( datalink ) { case DLT_EN10MB: qDebug( "OPacket::OPacket(): Received Packet. Datalink = ETHERNET" ); new OEthernetPacket( _end, (const struct ether_header*) data, this ); break; case DLT_IEEE802_11: qDebug( "OPacket::OPacket(): Received Packet. Datalink = IEEE802.11" ); new OWaveLanPacket( _end, (const struct ieee_802_11_header*) data, this ); break; case DLT_PRISM_HEADER: qDebug( "OPacket::OPacket(): Received Packet. Datalink = PRISM_HEADER" ); new OPrismHeaderPacket( _end, (const struct prism_hdr*) (unsigned char*) data, this ); break; default: qWarning( "OPacket::OPacket(): Received Packet over unsupported datalink (type %d)!", datalink ); } } OPacket::~OPacket() { } timevalstruct OPacket::timeval() const { return _hdr.ts; } int OPacket::caplen() const { @@ -309,197 +311,208 @@ QString OARPPacket::type() const switch ( EXTRACT_16BITS( &_arphdr->ar_op ) ) { case 1: return "REQUEST"; case 2: return "REPLY"; case 3: return "RREQUEST"; case 4: return "RREPLY"; case 8: return "InREQUEST"; case 9: return "InREPLY"; case 10: return "NAK"; default: qWarning( "OARPPacket::type(): invalid ARP type!" ); return "<unknown>"; } } QHostAddress OARPPacket::senderIPV4Address() const { return EXTRACT_32BITS( &_arphdr->ar_sip ); } QHostAddress OARPPacket::targetIPV4Address() const { return EXTRACT_32BITS( &_arphdr->ar_tip ); } OMacAddress OARPPacket::senderMacAddress() const { return OMacAddress( _arphdr->ar_sha ); } OMacAddress OARPPacket::targetMacAddress() const { return OMacAddress( _arphdr->ar_tha ); } /*====================================================================================== * OUDPPacket *======================================================================================*/ OUDPPacket::OUDPPacket( const unsigned char* end, const struct udphdr* data, QObject* parent ) :QObject( parent, "UDP" ), _udphdr( data ) { qDebug( "OUDPPacket::OUDPPacket(): decoding UDP header..." ); + qDebug( "fromPort = %d", fromPort() ); + qDebug( " toPort = %d", toPort() ); + + // TODO: Make this a case or a hash if we know more udp protocols + + if ( fromPort() == UDP_PORT_BOOTPS || fromPort() == UDP_PORT_BOOTPC || + toPort() == UDP_PORT_BOOTPS || toPort() == UDP_PORT_BOOTPC ) + { + qDebug( "seems to be part of a DHCP conversation => creating DHCP packet." ); + new ODHCPPacket( end, (const struct dhcp_packet*) (data+1), this ); + } } OUDPPacket::~OUDPPacket() { } int OUDPPacket::fromPort() const { - return _udphdr->source; + return EXTRACT_16BITS( &_udphdr->source ); } int OUDPPacket::toPort() const { - return _udphdr->dest; + return EXTRACT_16BITS( &_udphdr->dest ); } int OUDPPacket::length() const { - return _udphdr->len; + return EXTRACT_16BITS( &_udphdr->len ); } int OUDPPacket::checksum() const { - return _udphdr->check; + return EXTRACT_16BITS( &_udphdr->check ); } /*====================================================================================== * ODHCPPacket *======================================================================================*/ ODHCPPacket::ODHCPPacket( const unsigned char* end, const struct dhcp_packet* data, QObject* parent ) :QObject( parent, "DHCP" ), _dhcphdr( data ) { qDebug( "ODHCPPacket::ODHCPPacket(): decoding DHCP information..." ); } ODHCPPacket::~ODHCPPacket() { } /*====================================================================================== * OTCPPacket *======================================================================================*/ OTCPPacket::OTCPPacket( const unsigned char* end, const struct tcphdr* data, QObject* parent ) :QObject( parent, "TCP" ), _tcphdr( data ) { qDebug( "OTCPPacket::OTCPPacket(): decoding TCP header..." ); } OTCPPacket::~OTCPPacket() { } int OTCPPacket::fromPort() const { - return _tcphdr->source; + return EXTRACT_16BITS( &_tcphdr->source ); } int OTCPPacket::toPort() const { - return _tcphdr->dest; + return EXTRACT_16BITS( &_tcphdr->dest ); } int OTCPPacket::seq() const { - return _tcphdr->seq; + return EXTRACT_16BITS( &_tcphdr->seq ); } int OTCPPacket::ack() const { - return _tcphdr->ack_seq; + return EXTRACT_16BITS( &_tcphdr->ack_seq ); } int OTCPPacket::window() const { - return _tcphdr->window; + return EXTRACT_16BITS( &_tcphdr->window ); } int OTCPPacket::checksum() const { - return _tcphdr->check; + return EXTRACT_16BITS( &_tcphdr->check ); } /*====================================================================================== * OPrismHeaderPacket *======================================================================================*/ OPrismHeaderPacket::OPrismHeaderPacket( const unsigned char* end, const struct prism_hdr* data, QObject* parent ) :QObject( parent, "Prism" ), _header( data ) { qDebug( "OPrismHeaderPacket::OPrismHeaderPacket(): decoding PRISM header..." ); qDebug( "Signal Strength = %d", data->signal.data ); new OWaveLanPacket( end, (const struct ieee_802_11_header*) (data+1), this ); } OPrismHeaderPacket::~OPrismHeaderPacket() { } unsigned int OPrismHeaderPacket::signalStrength() const { return _header->signal.data; } /*====================================================================================== * OWaveLanPacket *======================================================================================*/ OWaveLanPacket::OWaveLanPacket( const unsigned char* end, const struct ieee_802_11_header* data, QObject* parent ) :QObject( parent, "802.11" ), _wlanhdr( data ) { qDebug( "OWaveLanPacket::OWaveLanPacket(): decoding IEEE 802.11 header..." ); qDebug( "type: %0X", type() ); qDebug( "subType: %0X", subType() ); qDebug( "duration: %d", duration() ); qDebug( "powermanagement: %d", usesPowerManagement() ); qDebug( "payload is encrypted: %s", usesWep() ? "yes" : "no" ); qDebug( "MAC1: %s", (const char*) macAddress1().toString() ); qDebug( "MAC2: %s", (const char*) macAddress2().toString() ); qDebug( "MAC3: %s", (const char*) macAddress3().toString() ); qDebug( "MAC4: %s", (const char*) macAddress4().toString() ); diff --git a/libopie2/opienet/udp_ports.h b/libopie2/opienet/udp_ports.h new file mode 100644 index 0000000..5e92497 --- a/dev/null +++ b/libopie2/opienet/udp_ports.h @@ -0,0 +1,89 @@ +/* + * This file has been generated by doing + * find . -name "*"|xargs grep -h '#define UDP_PORT' > udp_ports.h + * in the root directory of Ethereal 0.9.15. Cudos to the Ethereal Team. + * -- Michael 'Mickey' Lauer <mickeyl@handhelds.org> + */ + +#define UDP_PORT_AODV 654 +#define UDP_PORT_LENGTH 2 +#define UDP_PORT_OFFSET PARAMETER_VALUE_OFFSET +#define UDP_PORT_RAS1 1718 +#define UDP_PORT_RAS2 1719 +#define UDP_PORT_CPHA 8116 +#define UDP_PORT_DDTP 1052 +#define UDP_PORT_CUPS 631 +#define UDP_PORT_DLSW 2067 +#define UDP_PORT_ISAKMP 500 +#define UDP_PORT_L2TP 1701 +#define UDP_PORT_IAPP 2313 +#define UDP_PORT_HSRP 1985 +#define UDP_PORT_SSDP 1900 +#define UDP_PORT_TACACS 49 +#define UDP_PORT_CLDAP 389 +#define UDP_PORT_VINES 573 +#define UDP_PORT_NBNS 137 +#define UDP_PORT_NBDGM 138 +#define UDP_PORT_XYPLEX 173 +#define UDP_PORT_PIM_RP_DISC 496 +#define UDP_PORT_SLIMP3_V1 1069 +#define UDP_PORT_SLIMP3_V2 3483 +#define UDP_PORT_RMCP 623 +#define UDP_PORT_RMCP_SECURE 664 +#define UDP_PORT_SYSLOG 514 +#define UDP_PORT_SNMP 161 +#define UDP_PORT_SNMP_TRAP 162 +#define UDP_PORT_TFTP 69 +#define UDP_PORT_TIME 37 +#define UDP_PORT_STUN 3478 +#define UDP_PORT_SRVLOC 427 +#define UDP_PORT_TZSP 0x9090 +#define UDP_PORT_WCCP 2048 +#define UDP_PORT_MSPROXY 1745 +#define UDP_PORT_BOOTPS 67 +#define UDP_PORT_BOOTPC 68 +#define UDP_PORT_XDMCP 177 +#define UDP_PORT_DHCPV6_DOWNSTREAM 546 +#define UDP_PORT_DHCPV6_UPSTREAM 547 +#define UDP_PORT_DNS 53 +#define UDP_PORT_MDNS 5353 +#define UDP_PORT_ICP 3130 +#define UDP_PORT_ICQ 4000 +#define UDP_PORT_IPX 213 /* RFC 1234 */ +#define UDP_PORT_LDP 646 +#define UDP_PORT_LLC1 12000 +#define UDP_PORT_LLC2 12001 +#define UDP_PORT_LLC3 12002 +#define UDP_PORT_LLC4 12003 +#define UDP_PORT_LLC5 12004 +#define UDP_PORT_MIP 434 +#define UDP_PORT_NCP 524 +#define UDP_PORT_NTP 123 +#define UDP_PORT_RIP 520 +#define UDP_PORT_SAP 9875 +#define UDP_PORT_SIP 5060 +#define UDP_PORT_TIMED 525 +#define UDP_PORT_RIPNG 521 +#define UDP_PORT_WSP 9200 /* wap-wsp */ +#define UDP_PORT_WTP_WSP 9201 /* wap-wsp-wtp */ +#define UDP_PORT_WTLS_WSP 9202 /* wap-wsp-s */ +#define UDP_PORT_WTLS_WTP_WSP 9203 /* wap-wsp-wtp-s */ +#define UDP_PORT_WSP_PUSH 2948 /* wap-wsp */ +#define UDP_PORT_WTLS_WSP_PUSH 2949 /* wap-wsp-s */ +#define UDP_PORT_WHO 513 +#define UDP_PORT_KERBEROS 88 +#define UDP_PORT_SFLOW 6343 +#define UDP_PORT_LAPLINK 1547 +#define UDP_PORT_NETFLOW 2055 +#define UDP_PORT_RX_LOW 7000 +#define UDP_PORT_RX_HIGH 7009 +#define UDP_PORT_RX_AFS_BACKUPS 7021 +#define UDP_PORT_MGCP_GATEWAY 2427 +#define UDP_PORT_MGCP_CALLAGENT 2727 +#define UDP_PORT_PCLI 9000 +#define UDP_PORT_ARTNET 0x1936 +#define UDP_PORT_TERREDO 3544 +#define UDP_PORT_RADIUS 1645 +#define UDP_PORT_RADIUS_NEW 1812 +#define UDP_PORT_RADACCT 1646 +#define UDP_PORT_RADACCT_NEW 1813 |