1 files changed, 182 insertions, 0 deletions
diff --git a/other/3wahas/sniff.c b/other/3wahas/sniff.c
new file mode 100644
index 0000000..826638d
--- /dev/null
+++ b/other/3wahas/sniff.c
@@ -0,0 +1,182 @@
+/* zodiac - advanced dns spoofer
+ *
+ * sniffing functions
+ *
+ * by scut
+ *
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <pcap.h>
+#include <pthread.h>
+#include "common.h"
+#include "network.h"
+#include "packet.h"
+#include "sniff.h"
+#include "3wahas.h"
+/* sniff_new
+ *
+ * the only function that should be called from outside. set up sniffing
+ * device, create a new thread, then return.
+ * open `interface' device for sniffing, tell sniffing thread to use
+ * `pq_size' packet queues, available through `pq_list'.
+ * store thread id of new thread in `tid'.
+ *
+ * return 0 if thread creation was successful
+ * return 1 if thread creation failed
+ */
+void
+sniff_new (char *interface, char *ip_dst)
+{
+        sniff_info      *sinfo;         /* sniff information structure */
+        sinfo = xcalloc (1, sizeof (sniff_info));
+        sinfo->ip_dst.s_addr = net_resolve (ip_dst);
+        /* open interface
+         */
+        sinfo->device = sniff_open (interface);
+        if (sinfo->device == NULL) {
+                free (sinfo);
+                return;
+        }
+        sniff_handle (sinfo);
+        /* successfully created sniffer thread
+         */
+        return;
+}
+/* sniff_handle
+ *
+ * the main sniffing thread, fetching packets from the device, then calling
+ * the packet grinder `pq_grind' to process the packets
+ *
+ * should never return except on error or program exit
+ */ 
+void *
+sniff_handle (sniff_info *sinfo)
+{
+        int             n;              /* temporary return value */
+        pcap_handler    grinder;        /* pcap handler for the packet grinding function */
+        printf ("[phx] hello world from sniff handler\n\n");
+        grinder = (pcap_handler) pq_grind;
+        n = pcap_loop (sinfo->device->pd, -1, grinder, (void *) sinfo);
+        if (n == -1) {
+                printf ("[phx] sniff_handle (pcap_loop): %s\n", pcap_geterr (sinfo->device->pd));
+        }
+        return (NULL);
+}
+/* sniff_open
+ *
+ * open `dev' for sniffing, or just the first sniffable one, if
+ * dev is NULL.
+ *
+ * return NULL on failure
+ * return pointer sniffing device structure on success
+ */
+s_dev *
+sniff_open (char *devname)
+{
+        int     n;                              /* temporary return value */
+        s_dev   *device;                        /* sniffing device structure to create */
+        char    errorbuf[PCAP_ERRBUF_SIZE];     /* error buffer for pcap message */
+        /* create new sniffing device structure in s_dev
+         */
+        device = xcalloc (1, sizeof (s_dev));
+        /* check wether to use the first device or a specified device
+         */
+        if (devname == NULL) {
+                /* due to lame pcap manpage, you should not know that it's static *doh* */
+                device->interface = pcap_lookupdev (errorbuf);
+                if (device->interface == NULL) {
+                        printf ("[phx] sniff_open (pcap_lookupdev): %s\n", errorbuf);
+                        device->error = 1;
+                        return (device);
+                }
+        } else {
+                /* if the interface we have to use is already known just copy it
+                 */
+                device->interface = xstrdup (devname);
+        }
+        /* try to open the device found
+         */
+        device->pd = sniff_pcap_open (device->interface);
+        if (device->pd == NULL) {
+                device->error = 1;
+                return (device);
+        }
+        /* now query some information about the device and store them into our struct
+         */
+        n = pcap_lookupnet (device->interface, &device->localnet,
+                &device->netmask, errorbuf);
+        if (n == -1) {
+                device->error = 1;
+                return (device);
+        }
+        device->linktype = pcap_datalink (device->pd);
+        if (device->linktype == -1) {
+                device->error = 1;
+                return (device);
+        }
+        return (device);
+}
+/* sniff_pcap_open
+ *
+ * securely wraps the pcap_open_live call to catch any errors
+ *
+ * return NULL on failure
+ * return capture descriptor on succes
+ */
+pcap_t *
+sniff_pcap_open (char *device)
+{
+        char    errorbuf[PCAP_ERRBUF_SIZE];     /* error buffer */
+        pcap_t  *pdes = NULL;                   /* packet capture descriptor */
+        pdes = pcap_open_live (device, SNAPLEN, PROMISC, READ_TIMEOUT, errorbuf);
+        if (pdes == NULL) {
+                printf ("[phx] sniff_pcap_open (pcap_open_live): %s\n", errorbuf);
+                return (NULL);
+        }
+        return (pdes);
+}
+/* sniff_dev_free
+ *
+ * close and free a sniffing device
+ */
+void
+sniff_dev_free (s_dev *device)
+{
+        pcap_close (device->pd);
+        if (device->interface)
+                free (device->interface);
+        free (device);
+        return;
+}

diff --git a/other/3wahas/sniff.c b/other/3wahas/sniff.c new file mode 100644 index 0000000..826638d --- /dev/null +++ b/other/3wahas/sniff.c
@@ -0,0 +1,182 @@
	1	/* zodiac - advanced dns spoofer
	2	*
	3	* sniffing functions
	4	*
	5	* by scut
	6	*
	7	*/
	8
	9	#include <stdio.h>
	10	#include <stdlib.h>
	11	#include <string.h>
	12	#include <pcap.h>
	13	#include <pthread.h>
	14	#include "common.h"
	15	#include "network.h"
	16	#include "packet.h"
	17	#include "sniff.h"
	18	#include "3wahas.h"
	19
	20	/* sniff_new
	21	*
	22	* the only function that should be called from outside. set up sniffing
	23	* device, create a new thread, then return.
	24	* open `interface' device for sniffing, tell sniffing thread to use
	25	* `pq_size' packet queues, available through `pq_list'.
	26	* store thread id of new thread in `tid'.
	27	*
	28	* return 0 if thread creation was successful
	29	* return 1 if thread creation failed
	30	*/
	31
	32	void
	33	sniff_new (char interface, char ip_dst)
	34	{
	35	sniff_info sinfo; / sniff information structure */
	36
	37	sinfo = xcalloc (1, sizeof (sniff_info));
	38
	39	sinfo->ip_dst.s_addr = net_resolve (ip_dst);
	40
	41	/* open interface
	42	*/
	43	sinfo->device = sniff_open (interface);
	44	if (sinfo->device == NULL) {
	45	free (sinfo);
	46	return;
	47	}
	48
	49	sniff_handle (sinfo);
	50	/* successfully created sniffer thread
	51	*/
	52	return;
	53	}
	54
	55	/* sniff_handle
	56	*
	57	* the main sniffing thread, fetching packets from the device, then calling
	58	* the packet grinder `pq_grind' to process the packets
	59	*
	60	* should never return except on error or program exit
	61	*/
	62
	63	void *
	64	sniff_handle (sniff_info *sinfo)
	65	{
	66	int n; /* temporary return value */
	67	pcap_handler grinder; /* pcap handler for the packet grinding function */
	68
	69	printf ("[phx] hello world from sniff handler\n\n");
	70	grinder = (pcap_handler) pq_grind;
	71	n = pcap_loop (sinfo->device->pd, -1, grinder, (void *) sinfo);
	72
	73	if (n == -1) {
	74	printf ("[phx] sniff_handle (pcap_loop): %s\n", pcap_geterr (sinfo->device->pd));
	75	}
	76
	77	return (NULL);
	78	}
	79
	80	/* sniff_open
	81	*
	82	* open `dev' for sniffing, or just the first sniffable one, if
	83	* dev is NULL.
	84	*
	85	* return NULL on failure
	86	* return pointer sniffing device structure on success
	87	*/
	88
	89	s_dev *
	90	sniff_open (char *devname)
	91	{
	92	int n; /* temporary return value */
	93	s_dev device; / sniffing device structure to create */
	94	char errorbuf[PCAP_ERRBUF_SIZE]; /* error buffer for pcap message */
	95
	96	/* create new sniffing device structure in s_dev
	97	*/
	98	device = xcalloc (1, sizeof (s_dev));
	99
	100	/* check wether to use the first device or a specified device
	101	*/
	102	if (devname == NULL) {
	103	/* due to lame pcap manpage, you should not know that it's static doh */
	104	device->interface = pcap_lookupdev (errorbuf);
	105	if (device->interface == NULL) {
	106	printf ("[phx] sniff_open (pcap_lookupdev): %s\n", errorbuf);
	107	device->error = 1;
	108	return (device);
	109	}
	110	} else {
	111	/* if the interface we have to use is already known just copy it
	112	*/
	113	device->interface = xstrdup (devname);
	114	}
	115
	116	/* try to open the device found
	117	*/
	118	device->pd = sniff_pcap_open (device->interface);
	119	if (device->pd == NULL) {
	120	device->error = 1;
	121	return (device);
	122	}
	123
	124	/* now query some information about the device and store them into our struct
	125	*/
	126	n = pcap_lookupnet (device->interface, &device->localnet,
	127	&device->netmask, errorbuf);
	128	if (n == -1) {
	129	device->error = 1;
	130	return (device);
	131	}
	132
	133	device->linktype = pcap_datalink (device->pd);
	134	if (device->linktype == -1) {
	135	device->error = 1;
	136	return (device);
	137	}
	138
	139	return (device);
	140	}
	141
	142	/* sniff_pcap_open
	143	*
	144	* securely wraps the pcap_open_live call to catch any errors
	145	*
	146	* return NULL on failure
	147	* return capture descriptor on succes
	148	*/
	149
	150	pcap_t *
	151	sniff_pcap_open (char *device)
	152	{
	153	char errorbuf[PCAP_ERRBUF_SIZE]; /* error buffer */
	154	pcap_t pdes = NULL; / packet capture descriptor */
	155
	156	pdes = pcap_open_live (device, SNAPLEN, PROMISC, READ_TIMEOUT, errorbuf);
	157
	158	if (pdes == NULL) {
	159	printf ("[phx] sniff_pcap_open (pcap_open_live): %s\n", errorbuf);
	160	return (NULL);
	161	}
	162
	163	return (pdes);
	164	}
	165
	166	/* sniff_dev_free
	167	*
	168	* close and free a sniffing device
	169	*/
	170
	171	void
	172	sniff_dev_free (s_dev *device)
	173	{
	174	pcap_close (device->pd);
	175	if (device->interface)
	176	free (device->interface);
	177
	178	free (device);
	179
	180	return;
	181	}
	182