From eaecbed44924ece119c5b41db2828b4554f263d2 Mon Sep 17 00:00:00 2001 From: mjm Date: Tue, 12 Nov 2002 22:12:33 +0000 Subject: pre-alpha version, most things does not work yet. todo: communication protocol with GUI and implementation of sniffer --- diff --git a/noncore/net/wellenreiter/daemon/source/Makefile b/noncore/net/wellenreiter/daemon/source/Makefile new file mode 100644 index 0000000..dc459af --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/Makefile @@ -0,0 +1,31 @@ +# $Id$ + +CPP = g++ + +CFLAGS = +OPTIMFLAGS = -g +WARNFLAGS = -Wall -pedantic -DDEBUG +LDFLAGS = +LIBS = -lpcap +OBJ = daemon.o log.o sendgui.o getgui.o sniffer.o + +.SUFFIXES: +.PHONY: all wellenreiterd clean distclean realclean + +%.o : %.cc + $(CPP) $(CFLAGS) $(WARNFLAGS) $(OPTIMFLAGS) -c $< -o $@ + +all: wellenreiterd + +wellenreiterd: $(OBJ) + $(CPP) $(OPTIMFLAGS) $(WARNFLAGS) $(CFLAGS) $(OBJ) $(LDFLAGS) $(LIBS) -o $@ + @echo Build wellenreiterd + +clean distclean realclean: + @rm -rf wellenreiterd *~ *.o + @echo All dependent files have been removed. + +wellenreiterd.o: config.hh +serve.o: config.hh +log.o: config.hh +sendgui.o: config.hh diff --git a/noncore/net/wellenreiter/daemon/source/README b/noncore/net/wellenreiter/daemon/source/README deleted file mode 100644 index 249d950..0000000 --- a/noncore/net/wellenreiter/daemon/source/README +++ b/dev/null @@ -1,5 +0,0 @@ -compile it using: - -gcc -o sniffer ./sniffer.c -lpcap - - diff --git a/noncore/net/wellenreiter/daemon/source/TODO b/noncore/net/wellenreiter/daemon/source/TODO new file mode 100644 index 0000000..39b1a05 --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/TODO @@ -0,0 +1,5 @@ +implement communication protocol +security analysis +implement sniffer (last step) +security analysis +code cleanup \ No newline at end of file diff --git a/noncore/net/wellenreiter/daemon/source/config.hh b/noncore/net/wellenreiter/daemon/source/config.hh new file mode 100644 index 0000000..b124f41 --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/config.hh @@ -0,0 +1,22 @@ +/* + * + * Global configuration for wellenreiter + * + * $Id$ + * + * Written by Martin J. Muench + * + */ + +#ifndef CONFIG_HH +#define CONFIG_HH + +#define PROGNAME "wellenreiter" /* Name of program (for syslog et.al.) */ +#define VERSION "0.2" /* Version of wellenreiter */ + +#define DAEMONPORT 37772 /* Port of Daemon */ + +#define GUIADDR "127.0.0.1" /* Adress of GUI, later specified in configfile */ +#define GUIPORT 37773 /* Port of GUI, " " */ + +#endif /* CONFIG_HH */ diff --git a/noncore/net/wellenreiter/daemon/source/daemon.cc b/noncore/net/wellenreiter/daemon/source/daemon.cc new file mode 100644 index 0000000..7972c0f --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/daemon.cc @@ -0,0 +1,82 @@ +/* + * Startup functions of wellenreiter + * + * $Id$ + */ + +#include "config.hh" +#include "daemon.hh" +#include "log.hh" +#include "sendgui.hh" +#include "getgui.hh" + +/* Main function of wellenreiterd */ +int main(int argc, char **argv) +{ + int sock, maxfd; + struct sockaddr_in *cliaddr; + socklen_t len=sizeof(struct sockaddr); + char buffer[128]; + FILE *fp=stdin; /* Will be replaced with sniffer */ + fd_set rset; + + fprintf(stderr, "wellenreiterd %s\n\n", VERSION); + + /* Setup socket for incoming commands */ + if(!commsock(&sock)) + return 0; + + log_info("Set up socket '%d' for GUI communication", sock); + + FD_ZERO(&rset); + + /* Start main loop */ + log_info("Starting main loop"); + while(1) + { + + FD_SET(sock, &rset); + FD_SET(fileno(fp), &rset); + maxfd=sock+fileno(fp)+1; + if(select(maxfd, &rset, NULL, NULL, NULL) < 0) + { + log_err("Error calling select: %s", strerror(errno)); + break; + } + + /* Got data on local socket from GUI */ + if(FD_ISSET(sock, &rset)) + { + memset(buffer, 0, sizeof(buffer)); + if(recvfrom(sock, buffer, sizeof(buffer)-1, 0, (struct sockaddr *)cliaddr, &len) < 0) + { + log_err("Cannot read from socket: %s", strerror(errno)); + break; + } + log_info("Received command from '%s': %s", inet_ntoa(cliaddr->sin_addr), buffer); + + /* Pass string to analyze function */ + commstring(buffer); + + } + + /* Will be replaced with sniffer ... later */ + if(FD_ISSET(fileno(fp), &rset)) + { + memset(buffer, 0, sizeof(buffer)); + if(fgets(buffer, sizeof(buffer) - 1, fp) == NULL) + { + log_err("Cannot read from stdin: %s", strerror(errno)); + break; + } + + /* Send string to GUI */ + sendgui("%d: %s", 1234, buffer); + + } + + } + + close(sock); + return 0; +} diff --git a/noncore/net/wellenreiter/daemon/source/daemon.hh b/noncore/net/wellenreiter/daemon/source/daemon.hh new file mode 100644 index 0000000..6776d37 --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/daemon.hh @@ -0,0 +1,16 @@ +/* $Id$ */ + +#ifndef DAEMON_HH +#define DAEMON_HH + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#endif /* DAEMON_HH */ diff --git a/noncore/net/wellenreiter/daemon/source/extract.h b/noncore/net/wellenreiter/daemon/source/extract.hh index c1bcdcd..21dcffa 100644 --- a/noncore/net/wellenreiter/daemon/source/extract.h +++ b/noncore/net/wellenreiter/daemon/source/extract.hh @@ -1,3 +1,4 @@ +/* $Id */ /* * Copyright (c) 1992, 1993, 1994, 1995, 1996 * The Regents of the University of California. All rights reserved. @@ -17,12 +18,12 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. - * - * @(#) $Header$ (LBL) */ - /* Network to host order macros */ +#ifndef EXTRACT_HH +#define EXTRACT_HH + #ifdef LBL_ALIGN #define EXTRACT_16BITS(p) \ ((u_int16_t)((u_int16_t)*((const u_int8_t *)(p) + 0) << 8 | \ @@ -55,3 +56,5 @@ (u_int32_t)*((const u_int8_t *)(p) + 2) << 16 | \ (u_int32_t)*((const u_int8_t *)(p) + 1) << 8 | \ (u_int32_t)*((const u_int8_t *)(p) + 0))) + +#endif /* EXTRACT_HH */ diff --git a/noncore/net/wellenreiter/daemon/source/getgui.cc b/noncore/net/wellenreiter/daemon/source/getgui.cc new file mode 100644 index 0000000..f56f40b --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/getgui.cc @@ -0,0 +1,43 @@ +/* + * Setup UDP socket for commands + * Misc wrapper functions for incoming commands + * + * $Id$ + */ + +#include "config.hh" +#include "getgui.hh" +#include "log.hh" + +struct sockaddr_in saddr; + +/* Setup UDP Socket for incoming commands */ +int commsock(int *sock) +{ + + if((*sock=socket(AF_INET, SOCK_DGRAM, 0)) < 0) + { + log_err("Cannot set up socket: %s", strerror(errno)); + return 0; + } + + memset(&saddr, 0, sizeof(saddr)); + saddr.sin_family = PF_INET; + saddr.sin_port = htons(DAEMONPORT); + saddr.sin_addr.s_addr = htonl(INADDR_ANY); + + if(bind(*sock,(struct sockaddr *)&saddr, sizeof(saddr)) < 0) + { + log_err("Cannot bind socket: %s", strerror(errno)); + close(*sock); + return 0; + } + + return 1; +} + +int commstring(const char *input) +{ + + return 1; +} diff --git a/noncore/net/wellenreiter/daemon/source/getgui.hh b/noncore/net/wellenreiter/daemon/source/getgui.hh new file mode 100644 index 0000000..f5a37f9 --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/getgui.hh @@ -0,0 +1,16 @@ +/* $id */ + +#ifndef GETGUI_HH +#define GETGUI_HH + +#include +#include +#include +#include +#include +#include + +int commsock(int *); +int commstring(const char *); + +#endif /* GETGUI_HH */ diff --git a/noncore/net/wellenreiter/daemon/source/ieee802_11.h b/noncore/net/wellenreiter/daemon/source/ieee802_11.hh index 497e6ed..3cc5343 100644 --- a/noncore/net/wellenreiter/daemon/source/ieee802_11.h +++ b/noncore/net/wellenreiter/daemon/source/ieee802_11.hh @@ -1,4 +1,4 @@ -/* @(#) $Header$ (LBL) */ +/* $Id$ */ /* * Copyright (c) 2001 * Fortress Technologies @@ -21,6 +21,9 @@ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ +#ifndef IEEE802_11_HH +#define IEEE802_11_HH + #define IEEE802_11_FC_LEN 2 #define T_MGMT 0x0 /* management */ @@ -243,3 +246,5 @@ struct ctrl_end_ack_t { #define IV_IV(iv) ((iv) & 0xFFFFFF) #define IV_PAD(iv) (((iv) >> 24) & 0x3F) #define IV_KEYID(iv) (((iv) >> 30) & 0x03) + +#endif /* IEEE802_11_HH */ diff --git a/noncore/net/wellenreiter/daemon/source/log.cc b/noncore/net/wellenreiter/daemon/source/log.cc new file mode 100644 index 0000000..47589d2 --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/log.cc @@ -0,0 +1,52 @@ +/* + * Small functions to log to syslog + * + * $Id$ + */ + +#include "config.hh" +#include "log.hh" + +/* Log to syslog INFO */ +void log_info(const char *fmt,...) +{ + + char buffer[4096]; + va_list ap; + + memset(buffer, 0, sizeof(buffer)), + va_start(ap, fmt); + vsnprintf(buffer, sizeof(buffer)-1, fmt, ap); + va_end(ap); + + openlog(PROGNAME, LOG_PID, LOG_SYSLOG); + syslog(LOG_INFO, "(info) %s", buffer); + closelog(); + +#ifdef DEBUG + fprintf(stderr, "(info) %s\n", buffer); +#endif + +} + +/* Log to syslog ERR */ +void log_err(const char *fmt,...) +{ + + char buffer[4096]; + va_list ap; + + memset(buffer, 0, sizeof(buffer)); + va_start(ap, fmt); + vsnprintf(buffer, sizeof(buffer)-1, fmt, ap); + va_end(ap); + + openlog(PROGNAME, LOG_PID, LOG_SYSLOG); + syslog(LOG_INFO, "(err) %s", buffer); + closelog(); + +#ifdef DEBUG + fprintf(stderr, "(err) %s\n", buffer); +#endif + +} diff --git a/noncore/net/wellenreiter/daemon/source/log.hh b/noncore/net/wellenreiter/daemon/source/log.hh new file mode 100644 index 0000000..bdea7e4 --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/log.hh @@ -0,0 +1,14 @@ +/* $Id$ */ + +#ifndef LOG_HH +#define LOG_HH + +#include +#include +#include +#include + +void log_info(const char *, ...); +void log_err(const char *, ...); + +#endif /* LOG_HH */ diff --git a/noncore/net/wellenreiter/daemon/source/sendgui.cc b/noncore/net/wellenreiter/daemon/source/sendgui.cc new file mode 100644 index 0000000..48ad5b8 --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/sendgui.cc @@ -0,0 +1,75 @@ +/* + * Send string to GUI + * + * $Id$ + */ + +#include "config.hh" +#include "sendgui.hh" +#include "log.hh" + +/* Simple dummy for alarm timer */ +static void alarmdummy(int signo) +{ + alarm (0); +} + +/* Connect to given IP on given port */ +int connect_server(int *sock, unsigned int ipaddr, int port) +{ + struct sockaddr_in saddr; + int retval=0; + + *sock = socket (PF_INET, SOCK_STREAM, 0); + saddr.sin_family = PF_INET; + saddr.sin_port = htons (port); + saddr.sin_addr.s_addr = ipaddr; + + signal (SIGALRM, alarmdummy); + siginterrupt (SIGALRM, 1); + + alarm(5); + retval=connect (*sock, (struct sockaddr *) &saddr, sizeof (saddr)); + alarm(0); + + if(retval < 0) + { + close (*sock); + return 0; + } + + return 1; +} + +/* Send a string to the GUI */ +int sendgui(const char *string, ...) +{ + int sock=0; + char buffer[4096]; + va_list ap; + + /* Generate string */ + memset(buffer, 0, sizeof(buffer)); + va_start(ap, string); + vsnprintf(buffer, sizeof(buffer)-1, string, ap); + va_end(ap); + + if(!connect_server(&sock, inet_addr(GUIADDR), GUIPORT)) + { + log_err("Connect to GUI at '%s' failed: %s", GUIADDR, strerror(errno)); + return 0; + } + + if(write(sock, buffer, sizeof(buffer)) < 0) + { + log_err("Cannot write to socket: %s", strerror(errno)); + close(sock); + return 0; + } + + if(close(sock) < 0) + log_err("Cannot close socket: %s", strerror(errno)); + + return 1; +} + diff --git a/noncore/net/wellenreiter/daemon/source/sendgui.hh b/noncore/net/wellenreiter/daemon/source/sendgui.hh new file mode 100644 index 0000000..e083704 --- a/dev/null +++ b/noncore/net/wellenreiter/daemon/source/sendgui.hh @@ -0,0 +1,20 @@ +/* $Id$ */ + +#ifndef SENDGUI_HH +#define SENDGUI_HH + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +int connect_server(int *, unsigned int, int); +int sendgui(const char *string, ...); + +#endif /* SENDGUI_HH */ diff --git a/noncore/net/wellenreiter/daemon/source/sniffer.c b/noncore/net/wellenreiter/daemon/source/sniffer.cc index 31a5d13..c837505 100644 --- a/noncore/net/wellenreiter/daemon/source/sniffer.c +++ b/noncore/net/wellenreiter/daemon/source/sniffer.cc @@ -1,32 +1,28 @@ -/* Its just a simple rfmon mode sniffer - i hope my C is at last a bit better then in my - early days :-). - This works only with cisco wireless cards with an rfmon - able driver and not with wifi stuff. - Btw. did i mention that i hate C? - - To compile use: - gcc sniffer.c -o wlan-sniffer -lpcap - -*/ -#include "sniffer.h" - -int main(int argc, char **argv) -{ - int ret; /* return code */ - ret = card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG); - if (ret == -1) - { - exit(-1); - } +/* + * rfmon mode sniffer + * This works only with cisco wireless cards with an rfmon + * able driver and not with wifi stuff. + * + * $Id$ + */ + +#include "config.hh" +#include "sniffer.hh" +#include "ieee802_11.hh" +#include "extract.hh" + +int sniffer(void) +{ + if(card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG) < 0) + return 0; start_sniffing (SNIFFER_DEVICE); - return 0; + return 1; } -int card_into_monitormode (char * device, int cardtype) +int card_into_monitormode (char *device, int cardtype) { - int ret = -1; + int datalink; /* used for getting the pcap datalink type */ char CiscoRFMON[35] = "/proc/driver/aironet/"; FILE *CISCO_CONFIG_FILE; @@ -37,7 +33,7 @@ int card_into_monitormode (char * device, int cardtype) if(device == NULL) { printf ("Fatal error i did not have any interfaces to sniff on\n"); - exit(1); + return 0; } /* Setting the prmiscous and up flag to the interface */ @@ -61,10 +57,10 @@ int card_into_monitormode (char * device, int cardtype) { char wlanngcmd[62]; snprintf(wlanngcmd, sizeof(wlanngcmd),"%s %s lnxreq_wlansniff channel=1 enable=true",WLANCTL_PATH,device); - if (ret = (system (wlanngcmd)) != 0) + if (system (wlanngcmd) != 0) { printf ("\n Fatal error could not set %s in raw mode, check cardtype\n",device); - exit(1); + return 0; } } else if (cardtype == CARD_TYPE_HOSTAP) @@ -82,15 +78,15 @@ int card_into_monitormode (char * device, int cardtype) if (datalink == DLT_IEEE802_11) /* Rawmode is IEEE802_11 */ { printf ("Your successfully listen on %s in 802.11 raw mode\n",device); - pcap_close(handle); - return (0); + pcap_close(handle); + return 0; } else { printf ("Fatal error, cannot continue, your interface %s does not work in the correct 802.11 raw mode, check you driver please\n",device); - pcap_close(handle); - exit(1); + pcap_close(handle); + return 0; } } @@ -103,21 +99,19 @@ int card_set_promisc_up (char * device) if (ret > 0) { printf ("\nFatal error, could not execute %s please check your card,binary location and permission\n",ifconfigcmd); - exit(1); + return 0; } - return(0); + return 1; } int start_sniffing (char * device) { - int ret; /* return code */ + pcap_t *handletopcap; char errbuf[PCAP_ERRBUF_SIZE]; - struct pcap_pkthdr header; /* The header that pcap gives us */ - const u_char *packet; /* The actual packet */ /* opening the pcap for sniffing */ - handletopcap = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf); + handletopcap = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf); /* Next few lines a taken out of kismet */ #ifdef HAVE_PCAP_NONBLOCK @@ -125,10 +119,10 @@ int start_sniffing (char * device) #endif /*start scanning */ - pcap_loop(handletopcap,-1,process_packets,NULL); + pcap_loop(handletopcap,-1,process_packets,NULL); - printf("\nDone processing packets... wheew!\n"); - return 0; + printf("\nDone processing packets... wheew!\n"); + return 1; } void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet) @@ -137,9 +131,7 @@ void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_ch u_int length = pkthdr->len; u_int16_t fc; u_int HEADER_LENGTH; - u_short extracted_ethertype; - int snapend; - int ret; + /* pinfo holds all interresting information for us */ struct packetinfo pinfo; struct packetinfo *pinfoptr; @@ -263,17 +255,15 @@ void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_ch all the infos is placed into the packetinfo structure */ int decode_80211b_hdr(const u_char *p,struct packetinfo *ppinfo) { - char * ret; - char testme[16]; const struct mgmt_header_t *mgthdr = (const struct mgmt_header_t *) p; ppinfo->fcsubtype = FC_SUBTYPE(mgthdr->fc); - + /* Get the sender, bssid and dest mac address */ etheraddr_string(mgthdr->bssid,ppinfo->bssid); etheraddr_string(mgthdr->da,ppinfo->desthwaddr); etheraddr_string(mgthdr->sa,ppinfo->sndhwaddr); ppinfo->fc_wep = FC_WEP(mgthdr->fc); - return(0); + return 0; } @@ -295,7 +285,6 @@ void etheraddr_string(register const u_char *ep,char * text) } *cp = '\0'; strcpy(text,buf); - return; } int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo) @@ -328,13 +317,13 @@ int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo) { memcpy(&(pbody.ssid.ssid),p+offset,pbody.ssid.length); offset += pbody.ssid.length; pbody.ssid.ssid[pbody.ssid.length]='\0'; - if (strcmp(pbody.ssid.ssid,"")==0) + if (strcmp((char *)pbody.ssid.ssid,"")==0) { ppinfo->ssid = NONBROADCASTING; } else { - ppinfo->ssid = pbody.ssid.ssid; + ppinfo->ssid = (char *)pbody.ssid.ssid; } ppinfo->ssid_len = pbody.ssid.length; } @@ -370,17 +359,12 @@ int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo) } break; default: -#if 0 - printf("(1) unhandled element_id (%d) ", *(p+offset) ); -#endif + offset+= *(p+offset+1) + 2; break; } /* end of switch*/ } /* end of for loop */ - return(0); - - - + return 1; } /* End of handle_beacon */ diff --git a/noncore/net/wellenreiter/daemon/source/sniffer.h b/noncore/net/wellenreiter/daemon/source/sniffer.hh index b880b68..7f45be6 100644 --- a/noncore/net/wellenreiter/daemon/source/sniffer.h +++ b/noncore/net/wellenreiter/daemon/source/sniffer.hh @@ -1,4 +1,7 @@ -// Wellenreiter-sniffer-code header file +/* $Id$ */ + +#ifndef SNIFFER_HH +#define SNIFFER_HH #include #include @@ -9,8 +12,6 @@ #include #include #include -#include "ieee802_11.h" -#include "extract.h" #define DEFAULT_PATH "/proc/driver/aironet/%s/Config" #define CARD_TYPE_CISCO 1 @@ -47,40 +48,18 @@ struct packetinfo /* Prototypes */ -int card_into_monitormode (char * device, int cardtype); +int sniffer(void); +int card_into_monitormode (char * device, int cardtype); int card_set_promisc_up (char * device); - int start_sniffing (char * device); - void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet); - int decode_80211b_hdr(const u_char *p,struct packetinfo *ppinfo); - void etheraddr_string(register const u_char *ep,char * text); - int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo); static int GetHeaderLength(u_int16_t fc); -static const char *subtype_text[]={ - "Assoc Request", - "Assoc Response", - "ReAssoc Request", - "ReAssoc Response", - "Probe Request", - "Probe Response", - "RESERVED", - "RESERVED", - "Beacon", - "ATIM", - "Disassociation", - "Authentication", - "DeAuthentication", - "RESERVED", - "RESERVED" -}; - /* * True if "l" bytes of "var" were captured. * @@ -100,3 +79,5 @@ static const char *subtype_text[]={ /* Bail if "var" was not captured */ #define TCHECK(var) TCHECK2(var, sizeof(var)) + +#endif /* SNIFFER_HH */ -- cgit v0.9.0.2