tuibuilder_pel7x64builder0
3 years ago
36 changed files with 4131 additions and 0 deletions
@ -0,0 +1,219 @@
@@ -0,0 +1,219 @@
|
||||
Patch by Steve Kemp <skx@debian.org> for dsniff >= 2.4b1, which fixes the |
||||
compiling under AMD64 respectively x86_64. For further information, please |
||||
have a look to Debian bug ID #254002. |
||||
|
||||
--- dsniff-2.4b1/configure 2005-06-23 03:30:37.000000000 +0000 |
||||
+++ dsniff-2.4b1/configure.amd64_fix 2005-06-23 04:15:59.000000000 +0000 |
||||
@@ -2667,15 +2667,62 @@ |
||||
echo "$ac_t""no" 1>&6 |
||||
fi |
||||
|
||||
+echo $ac_n "checking for __dn_expand in -lresolv""... $ac_c" 1>&6 |
||||
+echo "configure:2672: checking for __dn_expand in -lresolv" >&5 |
||||
+ac_lib_var=`echo resolv'_'__dn_expand | sed 'y%./+-%__p_%'` |
||||
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then |
||||
+ echo $ac_n "(cached) $ac_c" 1>&6 |
||||
+else |
||||
+ ac_save_LIBS="$LIBS" |
||||
+LIBS="-lresolv $LIBS" |
||||
+cat > conftest.$ac_ext <<EOF |
||||
+#line 2680 "configure" |
||||
+#include "confdefs.h" |
||||
+/* Override any gcc2 internal prototype to avoid an error. */ |
||||
+/* We use char because int might match the return type of a gcc2 |
||||
+ builtin and then its argument prototype would still apply. */ |
||||
+char __dn_expand(); |
||||
+ |
||||
+int main() { |
||||
+__dn_expand() |
||||
+; return 0; } |
||||
+EOF |
||||
+if { (eval echo configure:2691: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||
+ rm -rf conftest* |
||||
+ eval "ac_cv_lib_$ac_lib_var=yes" |
||||
+else |
||||
+ echo "configure: failed program was:" >&5 |
||||
+ cat conftest.$ac_ext >&5 |
||||
+ rm -rf conftest* |
||||
+ eval "ac_cv_lib_$ac_lib_var=no" |
||||
+fi |
||||
+rm -f conftest* |
||||
+LIBS="$ac_save_LIBS" |
||||
+ |
||||
+fi |
||||
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then |
||||
+ echo "$ac_t""yes" 1>&6 |
||||
+ ac_tr_lib=HAVE_LIB`echo resolv | sed -e 's/[^a-zA-Z0-9_]/_/g' \ |
||||
+ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` |
||||
+ cat >> confdefs.h <<EOF |
||||
+#define $ac_tr_lib 1 |
||||
+EOF |
||||
+ |
||||
+ LIBS="-lresolv $LIBS" |
||||
+ |
||||
+else |
||||
+ echo "$ac_t""no" 1>&6 |
||||
+fi |
||||
+ |
||||
for ac_func in dirname strlcpy strlcat strsep |
||||
do |
||||
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 |
||||
-echo "configure:2674: checking for $ac_func" >&5 |
||||
+echo "configure:2721: checking for $ac_func" >&5 |
||||
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then |
||||
echo $ac_n "(cached) $ac_c" 1>&6 |
||||
else |
||||
cat > conftest.$ac_ext <<EOF |
||||
-#line 2679 "configure" |
||||
+#line 2726 "configure" |
||||
#include "confdefs.h" |
||||
/* System header to define __stub macros and hopefully few prototypes, |
||||
which can conflict with char $ac_func(); below. */ |
||||
@@ -2698,7 +2745,7 @@ |
||||
|
||||
; return 0; } |
||||
EOF |
||||
-if { (eval echo configure:2702: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||
+if { (eval echo configure:2749: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||
rm -rf conftest* |
||||
eval "ac_cv_func_$ac_func=yes" |
||||
else |
||||
@@ -2728,12 +2775,12 @@ |
||||
for ac_func in MD5Update |
||||
do |
||||
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 |
||||
-echo "configure:2732: checking for $ac_func" >&5 |
||||
+echo "configure:2779: checking for $ac_func" >&5 |
||||
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then |
||||
echo $ac_n "(cached) $ac_c" 1>&6 |
||||
else |
||||
cat > conftest.$ac_ext <<EOF |
||||
-#line 2737 "configure" |
||||
+#line 2784 "configure" |
||||
#include "confdefs.h" |
||||
/* System header to define __stub macros and hopefully few prototypes, |
||||
which can conflict with char $ac_func(); below. */ |
||||
@@ -2756,7 +2803,7 @@ |
||||
|
||||
; return 0; } |
||||
EOF |
||||
-if { (eval echo configure:2760: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||
+if { (eval echo configure:2807: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||
rm -rf conftest* |
||||
eval "ac_cv_func_$ac_func=yes" |
||||
else |
||||
@@ -2788,12 +2835,12 @@ |
||||
for ac_func in warnx |
||||
do |
||||
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 |
||||
-echo "configure:2792: checking for $ac_func" >&5 |
||||
+echo "configure:2839: checking for $ac_func" >&5 |
||||
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then |
||||
echo $ac_n "(cached) $ac_c" 1>&6 |
||||
else |
||||
cat > conftest.$ac_ext <<EOF |
||||
-#line 2797 "configure" |
||||
+#line 2844 "configure" |
||||
#include "confdefs.h" |
||||
/* System header to define __stub macros and hopefully few prototypes, |
||||
which can conflict with char $ac_func(); below. */ |
||||
@@ -2816,7 +2863,7 @@ |
||||
|
||||
; return 0; } |
||||
EOF |
||||
-if { (eval echo configure:2820: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||
+if { (eval echo configure:2867: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||
rm -rf conftest* |
||||
eval "ac_cv_func_$ac_func=yes" |
||||
else |
||||
@@ -2848,12 +2895,12 @@ |
||||
for ac_func in ether_ntoa |
||||
do |
||||
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 |
||||
-echo "configure:2852: checking for $ac_func" >&5 |
||||
+echo "configure:2899: checking for $ac_func" >&5 |
||||
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then |
||||
echo $ac_n "(cached) $ac_c" 1>&6 |
||||
else |
||||
cat > conftest.$ac_ext <<EOF |
||||
-#line 2857 "configure" |
||||
+#line 2904 "configure" |
||||
#include "confdefs.h" |
||||
/* System header to define __stub macros and hopefully few prototypes, |
||||
which can conflict with char $ac_func(); below. */ |
||||
@@ -2876,7 +2923,7 @@ |
||||
|
||||
; return 0; } |
||||
EOF |
||||
-if { (eval echo configure:2880: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||
+if { (eval echo configure:2927: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||
rm -rf conftest* |
||||
eval "ac_cv_func_$ac_func=yes" |
||||
else |
||||
@@ -2912,7 +2959,7 @@ |
||||
fi |
||||
|
||||
echo $ac_n "checking for Berkeley DB with 1.85 compatibility""... $ac_c" 1>&6 |
||||
-echo "configure:2916: checking for Berkeley DB with 1.85 compatibility" >&5 |
||||
+echo "configure:2963: checking for Berkeley DB with 1.85 compatibility" >&5 |
||||
# Check whether --with-db or --without-db was given. |
||||
if test "${with_db+set}" = set; then |
||||
withval="$with_db" |
||||
@@ -3015,7 +3062,7 @@ |
||||
|
||||
|
||||
echo $ac_n "checking for libpcap""... $ac_c" 1>&6 |
||||
-echo "configure:3019: checking for libpcap" >&5 |
||||
+echo "configure:3066: checking for libpcap" >&5 |
||||
# Check whether --with-libpcap or --without-libpcap was given. |
||||
if test "${with_libpcap+set}" = set; then |
||||
withval="$with_libpcap" |
||||
@@ -3063,7 +3110,7 @@ |
||||
|
||||
|
||||
echo $ac_n "checking for libnet""... $ac_c" 1>&6 |
||||
-echo "configure:3067: checking for libnet" >&5 |
||||
+echo "configure:3114: checking for libnet" >&5 |
||||
# Check whether --with-libnet or --without-libnet was given. |
||||
if test "${with_libnet+set}" = set; then |
||||
withval="$with_libnet" |
||||
@@ -3110,7 +3157,7 @@ |
||||
|
||||
|
||||
echo $ac_n "checking for libnids""... $ac_c" 1>&6 |
||||
-echo "configure:3114: checking for libnids" >&5 |
||||
+echo "configure:3161: checking for libnids" >&5 |
||||
# Check whether --with-libnids or --without-libnids was given. |
||||
if test "${with_libnids+set}" = set; then |
||||
withval="$with_libnids" |
||||
@@ -3152,9 +3199,9 @@ |
||||
save_cppflags="$CPPFLAGS" |
||||
CPPFLAGS="$NIDSINC" |
||||
echo $ac_n "checking whether libnids version is good""... $ac_c" 1>&6 |
||||
-echo "configure:3156: checking whether libnids version is good" >&5 |
||||
+echo "configure:3203: checking whether libnids version is good" >&5 |
||||
cat > conftest.$ac_ext <<EOF |
||||
-#line 3158 "configure" |
||||
+#line 3205 "configure" |
||||
#include "confdefs.h" |
||||
#include <nids.h> |
||||
EOF |
||||
@@ -3173,7 +3220,7 @@ |
||||
|
||||
|
||||
echo $ac_n "checking for OpenSSL""... $ac_c" 1>&6 |
||||
-echo "configure:3177: checking for OpenSSL" >&5 |
||||
+echo "configure:3224: checking for OpenSSL" >&5 |
||||
# Check whether --with-openssl or --without-openssl was given. |
||||
if test "${with_openssl+set}" = set; then |
||||
withval="$with_openssl" |
||||
--- dsniff-2.4b1/configure.in 2005-06-23 03:30:37.000000000 +0000 |
||||
+++ dsniff-2.4b1/configure.in.amd64_fix 2005-06-23 04:16:01.000000000 +0000 |
||||
@@ -57,6 +57,7 @@ |
||||
AC_CHECK_LIB(nsl, gethostbyname) |
||||
dnl XXX - feh, everything except OpenBSD sux. |
||||
AC_CHECK_LIB(resolv, dn_expand) |
||||
+AC_CHECK_LIB(resolv, __dn_expand) |
||||
AC_REPLACE_FUNCS(dirname strlcpy strlcat strsep) |
||||
needmd5=no |
||||
AC_CHECK_FUNCS(MD5Update, , [needmd5=yes]) |
@ -0,0 +1,63 @@
@@ -0,0 +1,63 @@
|
||||
Patch by Luciano Bello <luciano@linux.org.ar> for dsniff >= 2.4b1, which |
||||
adds the missing includes of arpa/inet. |
||||
|
||||
--- dsniff-2.4b1/decode_aim.c 2007-06-17 16:22:39.000000000 -0300 |
||||
+++ dsniff-2.4b1/decode_aim.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||
@@ -14,6 +14,7 @@ |
||||
|
||||
#include <stdio.h> |
||||
#include <string.h> |
||||
+#include <arpa/inet.h> |
||||
|
||||
#include "hex.h" |
||||
#include "buf.h" |
||||
--- dsniff-2.4b1/decode_mmxp.c 2007-06-17 16:22:39.000000000 -0300 |
||||
+++ dsniff-2.4b1/decode_mmxp.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||
@@ -21,6 +21,7 @@ |
||||
|
||||
#include <stdio.h> |
||||
#include <string.h> |
||||
+#include <arpa/inet.h> |
||||
|
||||
#include "buf.h" |
||||
#include "decode.h" |
||||
--- dsniff-2.4b1/decode_pptp.c 2007-06-17 16:22:39.000000000 -0300 |
||||
+++ dsniff-2.4b1/decode_pptp.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||
@@ -16,6 +16,7 @@ |
||||
|
||||
#include <stdio.h> |
||||
#include <string.h> |
||||
+#include <arpa/inet.h> |
||||
|
||||
#include "buf.h" |
||||
#include "decode.h" |
||||
--- dsniff-2.4b1/decode_tds.c 2007-06-17 16:26:46.000000000 -0300 |
||||
+++ dsniff-2.4b1/decode_tds.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||
@@ -19,6 +19,7 @@ |
||||
#include <stdio.h> |
||||
#include <string.h> |
||||
#include <strlcat.h> |
||||
+#include <arpa/inet.h> |
||||
|
||||
#include "decode.h" |
||||
|
||||
--- dsniff-2.4b1/decode_vrrp.c 2007-06-17 16:22:39.000000000 -0300 |
||||
+++ dsniff-2.4b1/decode_vrrp.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||
@@ -15,6 +15,7 @@ |
||||
|
||||
#include <stdio.h> |
||||
#include <string.h> |
||||
+#include <arpa/inet.h> |
||||
|
||||
#include "buf.h" |
||||
#include "decode.h" |
||||
--- dsniff-2.4b1/ssh.c 2007-06-17 16:26:46.000000000 -0300 |
||||
+++ dsniff-2.4b1/ssh.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||
@@ -23,6 +23,7 @@ |
||||
#include <stdio.h> |
||||
#include <stdlib.h> |
||||
#include <string.h> |
||||
+#include <arpa/inet.h> |
||||
#include <unistd.h> |
||||
|
||||
#include "hex.h" |
@ -0,0 +1,218 @@
@@ -0,0 +1,218 @@
|
||||
Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to allow the |
||||
selection of source hw address. |
||||
|
||||
In certain networks, sending with the wrong hardware source address can jeopardize |
||||
the network connection of the host running arpspoof. This patch makes it possible |
||||
to specify whether arpspoof should use the own hardware address or the one of the |
||||
real host when resetting the arp table of the target systems; it is also possible |
||||
to use both. |
||||
|
||||
For some more information, please have a look to Debian bug ID #650752. |
||||
|
||||
--- dsniff-2.4/arpspoof.8 2013-12-20 20:54:25.000000000 +0100 |
||||
+++ dsniff-2.4/arpspoof.8.arpspoof_hwaddr 2013-12-20 20:55:19.000000000 +0100 |
||||
@@ -9,7 +9,7 @@ |
||||
.na |
||||
.nf |
||||
.fi |
||||
-\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR |
||||
+\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-c \fIown|host|both\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR |
||||
.SH DESCRIPTION |
||||
.ad |
||||
.fi |
||||
@@ -23,6 +23,13 @@ |
||||
.SH OPTIONS |
||||
.IP "\fB-i \fIinterface\fR" |
||||
Specify the interface to use. |
||||
+.IP "\fB-c \fIown|host|both\fR" |
||||
+Specify which hardware address t use when restoring the arp configuration; |
||||
+while cleaning up, packets can be send with the own address as well as with |
||||
+the address of the host. Sending packets with a fake hw address can disrupt |
||||
+connectivity with certain switch/ap/bridge configurations, however it works |
||||
+more reliably than using the own address, which is the default way arpspoof |
||||
+cleans up afterwards. |
||||
.IP "\fB-t \fItarget\fR" |
||||
Specify a particular host to ARP poison (if not specified, all hosts |
||||
on the LAN). Repeat to specify multiple hosts. |
||||
--- dsniff-2.4/arpspoof.c 2013-12-20 20:54:25.000000000 +0100 |
||||
+++ dsniff-2.4/arpspoof.c.arpspoof_hwaddr 2013-12-20 21:02:10.000000000 +0100 |
||||
@@ -40,37 +40,36 @@ |
||||
static char *intf; |
||||
static int poison_reverse; |
||||
|
||||
+static uint8_t *my_ha = NULL; |
||||
+static uint8_t *brd_ha = "\xff\xff\xff\xff\xff\xff"; |
||||
+ |
||||
+static int cleanup_src_own = 1; |
||||
+static int cleanup_src_host = 0; |
||||
+ |
||||
static void |
||||
usage(void) |
||||
{ |
||||
fprintf(stderr, "Version: " VERSION "\n" |
||||
- "Usage: arpspoof [-i interface] [-t target] [-r] host\n"); |
||||
+ "Usage: arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host\n"); |
||||
exit(1); |
||||
} |
||||
|
||||
static int |
||||
-arp_send(libnet_t *l, int op, u_int8_t *sha, |
||||
- in_addr_t spa, u_int8_t *tha, in_addr_t tpa) |
||||
+arp_send(libnet_t *l, int op, |
||||
+ u_int8_t *sha, in_addr_t spa, |
||||
+ u_int8_t *tha, in_addr_t tpa, |
||||
+ u_int8_t *me) |
||||
{ |
||||
int retval; |
||||
|
||||
- if (sha == NULL && |
||||
- (sha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { |
||||
- return (-1); |
||||
- } |
||||
- if (spa == 0) { |
||||
- if ((spa = libnet_get_ipaddr4(l)) == -1) |
||||
- return (-1); |
||||
- } |
||||
- if (tha == NULL) |
||||
- tha = "\xff\xff\xff\xff\xff\xff"; |
||||
+ if (!me) me = sha; |
||||
|
||||
libnet_autobuild_arp(op, sha, (u_int8_t *)&spa, |
||||
tha, (u_int8_t *)&tpa, l); |
||||
- libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, l, 0); |
||||
+ libnet_build_ethernet(tha, me, ETHERTYPE_ARP, NULL, 0, l, 0); |
||||
|
||||
fprintf(stderr, "%s ", |
||||
- ether_ntoa((struct ether_addr *)sha)); |
||||
+ ether_ntoa((struct ether_addr *)me)); |
||||
|
||||
if (op == ARPOP_REQUEST) { |
||||
fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n", |
||||
@@ -129,7 +128,7 @@ |
||||
/* XXX - force the kernel to arp. feh. */ |
||||
arp_force(ip); |
||||
#else |
||||
- arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip); |
||||
+ arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip, NULL); |
||||
#endif |
||||
sleep(1); |
||||
} |
||||
@@ -156,17 +155,22 @@ |
||||
int fw = arp_find(spoof.ip, &spoof.mac); |
||||
int bw = poison_reverse && targets[0].ip && arp_find_all(); |
||||
int i; |
||||
+ int rounds = (cleanup_src_own*5 + cleanup_src_host*5); |
||||
|
||||
fprintf(stderr, "Cleaning up and re-arping targets...\n"); |
||||
- for (i = 0; i < 5; i++) { |
||||
+ for (i = 0; i < rounds; i++) { |
||||
struct host *target = targets; |
||||
while(target->ip) { |
||||
+ uint8_t *src_ha = NULL; |
||||
+ if (cleanup_src_own && (i%2 || !cleanup_src_host)) { |
||||
+ src_ha = my_ha; |
||||
+ } |
||||
/* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||
if (fw) { |
||||
arp_send(l, ARPOP_REPLY, |
||||
(u_int8_t *)&spoof.mac, spoof.ip, |
||||
- (target->ip ? (u_int8_t *)&target->mac : NULL), |
||||
- target->ip); |
||||
+ (target->ip ? (u_int8_t *)&target->mac : brd_ha), |
||||
+ target->ip, src_ha); |
||||
/* we have to wait a moment before sending the next packet */ |
||||
sleep(1); |
||||
} |
||||
@@ -174,7 +178,7 @@ |
||||
arp_send(l, ARPOP_REPLY, |
||||
(u_int8_t *)&target->mac, target->ip, |
||||
(u_int8_t *)&spoof.mac, |
||||
- spoof.ip); |
||||
+ spoof.ip, src_ha); |
||||
sleep(1); |
||||
} |
||||
target++; |
||||
@@ -193,6 +197,7 @@ |
||||
char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||
int c; |
||||
int n_targets; |
||||
+ char *cleanup_src = NULL; |
||||
|
||||
spoof.ip = 0; |
||||
intf = NULL; |
||||
@@ -202,7 +207,7 @@ |
||||
/* allocate enough memory for target list */ |
||||
targets = calloc( argc+1, sizeof(struct host) ); |
||||
|
||||
- while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) { |
||||
+ while ((c = getopt(argc, argv, "ri:t:c:h?V")) != -1) { |
||||
switch (c) { |
||||
case 'i': |
||||
intf = optarg; |
||||
@@ -214,6 +219,9 @@ |
||||
case 'r': |
||||
poison_reverse = 1; |
||||
break; |
||||
+ case 'c': |
||||
+ cleanup_src = optarg; |
||||
+ break; |
||||
default: |
||||
usage(); |
||||
} |
||||
@@ -229,6 +237,29 @@ |
||||
usage(); |
||||
} |
||||
|
||||
+ if (!cleanup_src || strcmp(cleanup_src, "own") == 0) { /* default! */ |
||||
+ /* only use our own hw address when cleaning up, |
||||
+ * not jeopardizing any bridges on the way to our |
||||
+ * target |
||||
+ */ |
||||
+ cleanup_src_own = 1; |
||||
+ cleanup_src_host = 0; |
||||
+ } else if (strcmp(cleanup_src, "host") == 0) { |
||||
+ /* only use the target hw address when cleaning up; |
||||
+ * this can screw up some bridges and scramble access |
||||
+ * for our own host, however it resets the arp table |
||||
+ * more reliably |
||||
+ */ |
||||
+ cleanup_src_own = 0; |
||||
+ cleanup_src_host = 1; |
||||
+ } else if (strcmp(cleanup_src, "both") == 0) { |
||||
+ cleanup_src_own = 1; |
||||
+ cleanup_src_host = 1; |
||||
+ } else { |
||||
+ errx(1, "Invalid parameter to -c: use 'own' (default), 'host' or 'both'."); |
||||
+ usage(); |
||||
+ } |
||||
+ |
||||
if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||
usage(); |
||||
|
||||
@@ -253,6 +284,10 @@ |
||||
} |
||||
} |
||||
|
||||
+ if ((my_ha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { |
||||
+ errx(1, "Unable to determine own mac address"); |
||||
+ } |
||||
+ |
||||
signal(SIGHUP, cleanup); |
||||
signal(SIGINT, cleanup); |
||||
signal(SIGTERM, cleanup); |
||||
@@ -260,11 +295,11 @@ |
||||
for (;;) { |
||||
struct host *target = targets; |
||||
while(target->ip) { |
||||
- arp_send(l, ARPOP_REPLY, NULL, spoof.ip, |
||||
- (target->ip ? (u_int8_t *)&target->mac : NULL), |
||||
- target->ip); |
||||
+ arp_send(l, ARPOP_REPLY, my_ha, spoof.ip, |
||||
+ (target->ip ? (u_int8_t *)&target->mac : brd_ha), |
||||
+ target->ip, my_ha); |
||||
if (poison_reverse) { |
||||
- arp_send(l, ARPOP_REPLY, NULL, target->ip, (uint8_t *)&spoof.mac, spoof.ip); |
||||
+ arp_send(l, ARPOP_REPLY, my_ha, target->ip, (uint8_t *)&spoof.mac, spoof.ip, my_ha); |
||||
} |
||||
target++; |
||||
} |
@ -0,0 +1,186 @@
@@ -0,0 +1,186 @@
|
||||
Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to allow the use |
||||
of of multiple targets. For some more information, please have a look to Debian bug |
||||
ID #650751. |
||||
|
||||
--- dsniff-2.4/arpspoof.8 2013-12-20 20:40:36.000000000 +0100 |
||||
+++ dsniff-2.4/arpspoof.8.arpspoof_multiple 2013-12-20 20:41:45.000000000 +0100 |
||||
@@ -25,7 +25,7 @@ |
||||
Specify the interface to use. |
||||
.IP "\fB-t \fItarget\fR" |
||||
Specify a particular host to ARP poison (if not specified, all hosts |
||||
-on the LAN). |
||||
+on the LAN). Repeat to specify multiple hosts. |
||||
.IP "\fB\-r\fR" |
||||
Poison both hosts (host and target) to capture traffic in both directions. |
||||
(only valid in conjuntion with \-t) |
||||
--- dsniff-2.4/arpspoof.c 2013-12-20 20:40:36.000000000 +0100 |
||||
+++ dsniff-2.4/arpspoof.c.arpspoof_multiple 2013-12-20 20:50:34.000000000 +0100 |
||||
@@ -27,11 +27,16 @@ |
||||
#include "arp.h" |
||||
#include "version.h" |
||||
|
||||
+struct host { |
||||
+ in_addr_t ip; |
||||
+ struct ether_addr mac; |
||||
+}; |
||||
+ |
||||
extern char *ether_ntoa(struct ether_addr *); |
||||
|
||||
static libnet_t *l; |
||||
-static struct ether_addr spoof_mac, target_mac; |
||||
-static in_addr_t spoof_ip, target_ip; |
||||
+static struct host spoof = {0}; |
||||
+static struct host *targets; |
||||
static char *intf; |
||||
static int poison_reverse; |
||||
|
||||
@@ -133,30 +138,46 @@ |
||||
return (0); |
||||
} |
||||
|
||||
+static int arp_find_all() { |
||||
+ struct host *target = targets; |
||||
+ while(target->ip) { |
||||
+ if (arp_find(target->ip, &target->mac)) { |
||||
+ return 1; |
||||
+ } |
||||
+ target++; |
||||
+ } |
||||
+ |
||||
+ return 0; |
||||
+} |
||||
+ |
||||
static void |
||||
cleanup(int sig) |
||||
{ |
||||
- int fw = arp_find(spoof_ip, &spoof_mac); |
||||
- int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac); |
||||
+ int fw = arp_find(spoof.ip, &spoof.mac); |
||||
+ int bw = poison_reverse && targets[0].ip && arp_find_all(); |
||||
int i; |
||||
|
||||
fprintf(stderr, "Cleaning up and re-arping targets...\n"); |
||||
for (i = 0; i < 5; i++) { |
||||
- /* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||
- if (fw) { |
||||
- arp_send(l, ARPOP_REPLY, |
||||
- (u_int8_t *)&spoof_mac, spoof_ip, |
||||
- (target_ip ? (u_int8_t *)&target_mac : NULL), |
||||
- target_ip); |
||||
- /* we have to wait a moment before sending the next packet */ |
||||
- sleep(1); |
||||
- } |
||||
- if (bw) { |
||||
- arp_send(l, ARPOP_REPLY, |
||||
- (u_int8_t *)&target_mac, target_ip, |
||||
- (u_int8_t *)&spoof_mac, |
||||
- spoof_ip); |
||||
- sleep(1); |
||||
+ struct host *target = targets; |
||||
+ while(target->ip) { |
||||
+ /* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||
+ if (fw) { |
||||
+ arp_send(l, ARPOP_REPLY, |
||||
+ (u_int8_t *)&spoof.mac, spoof.ip, |
||||
+ (target->ip ? (u_int8_t *)&target->mac : NULL), |
||||
+ target->ip); |
||||
+ /* we have to wait a moment before sending the next packet */ |
||||
+ sleep(1); |
||||
+ } |
||||
+ if (bw) { |
||||
+ arp_send(l, ARPOP_REPLY, |
||||
+ (u_int8_t *)&target->mac, target->ip, |
||||
+ (u_int8_t *)&spoof.mac, |
||||
+ spoof.ip); |
||||
+ sleep(1); |
||||
+ } |
||||
+ target++; |
||||
} |
||||
} |
||||
|
||||
@@ -171,10 +192,15 @@ |
||||
char pcap_ebuf[PCAP_ERRBUF_SIZE]; |
||||
char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||
int c; |
||||
+ int n_targets; |
||||
|
||||
+ spoof.ip = 0; |
||||
intf = NULL; |
||||
- spoof_ip = target_ip = 0; |
||||
poison_reverse = 0; |
||||
+ n_targets = 0; |
||||
+ |
||||
+ /* allocate enough memory for target list */ |
||||
+ targets = calloc( argc+1, sizeof(struct host) ); |
||||
|
||||
while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) { |
||||
switch (c) { |
||||
@@ -182,7 +208,7 @@ |
||||
intf = optarg; |
||||
break; |
||||
case 't': |
||||
- if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) |
||||
+ if ((targets[n_targets++].ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) |
||||
usage(); |
||||
break; |
||||
case 'r': |
||||
@@ -198,12 +224,12 @@ |
||||
if (argc != 1) |
||||
usage(); |
||||
|
||||
- if (poison_reverse && !target_ip) { |
||||
+ if (poison_reverse && !n_targets) { |
||||
errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t)."); |
||||
usage(); |
||||
} |
||||
|
||||
- if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||
+ if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||
usage(); |
||||
|
||||
if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL) |
||||
@@ -212,14 +238,18 @@ |
||||
if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL) |
||||
errx(1, "%s", libnet_ebuf); |
||||
|
||||
- if (target_ip != 0 && !arp_find(target_ip, &target_mac)) |
||||
- errx(1, "couldn't arp for host %s", |
||||
- libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); |
||||
+ struct host *target = targets; |
||||
+ while(target->ip) { |
||||
+ if (target->ip != 0 && !arp_find(target->ip, &target->mac)) |
||||
+ errx(1, "couldn't arp for host %s", |
||||
+ libnet_addr2name4(target->ip, LIBNET_DONT_RESOLVE)); |
||||
+ target++; |
||||
+ } |
||||
|
||||
if (poison_reverse) { |
||||
- if (!arp_find(spoof_ip, &spoof_mac)) { |
||||
+ if (!arp_find(spoof.ip, &spoof.mac)) { |
||||
errx(1, "couldn't arp for spoof host %s", |
||||
- libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE)); |
||||
+ libnet_addr2name4(spoof.ip, LIBNET_DONT_RESOLVE)); |
||||
} |
||||
} |
||||
|
||||
@@ -228,11 +258,15 @@ |
||||
signal(SIGTERM, cleanup); |
||||
|
||||
for (;;) { |
||||
- arp_send(l, ARPOP_REPLY, NULL, spoof_ip, |
||||
- (target_ip ? (u_int8_t *)&target_mac : NULL), |
||||
- target_ip); |
||||
- if (poison_reverse) { |
||||
- arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip); |
||||
+ struct host *target = targets; |
||||
+ while(target->ip) { |
||||
+ arp_send(l, ARPOP_REPLY, NULL, spoof.ip, |
||||
+ (target->ip ? (u_int8_t *)&target->mac : NULL), |
||||
+ target->ip); |
||||
+ if (poison_reverse) { |
||||
+ arp_send(l, ARPOP_REPLY, NULL, target->ip, (uint8_t *)&spoof.mac, spoof.ip); |
||||
+ } |
||||
+ target++; |
||||
} |
||||
sleep(2); |
||||
} |
@ -0,0 +1,142 @@
@@ -0,0 +1,142 @@
|
||||
Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to add add -r |
||||
switch to poison both directions. For some more information, please have a look to |
||||
Debian bug ID #650749. |
||||
|
||||
--- dsniff-2.4/arpspoof.8 2000-11-28 08:43:43.000000000 +0100 |
||||
+++ dsniff-2.4/arpspoof.8.arpspoof_reverse 2013-12-20 20:27:49.000000000 +0100 |
||||
@@ -9,7 +9,7 @@ |
||||
.na |
||||
.nf |
||||
.fi |
||||
-\fBarpspoof\fR [\fB-i \fIinterface\fR] [\fB-t \fItarget\fR] \fIhost\fR |
||||
+\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR |
||||
.SH DESCRIPTION |
||||
.ad |
||||
.fi |
||||
@@ -26,6 +26,9 @@ |
||||
.IP "\fB-t \fItarget\fR" |
||||
Specify a particular host to ARP poison (if not specified, all hosts |
||||
on the LAN). |
||||
+.IP "\fB\-r\fR" |
||||
+Poison both hosts (host and target) to capture traffic in both directions. |
||||
+(only valid in conjuntion with \-t) |
||||
.IP \fIhost\fR |
||||
Specify the host you wish to intercept packets for (usually the local |
||||
gateway). |
||||
--- dsniff-2.4/arpspoof.c 2013-12-20 20:25:04.000000000 +0100 |
||||
+++ dsniff-2.4/arpspoof.c.arpspoof_reverse 2013-12-20 20:34:31.000000000 +0100 |
||||
@@ -7,6 +7,8 @@ |
||||
* Copyright (c) 1999 Dug Song <dugsong@monkey.org> |
||||
* |
||||
* $Id: arpspoof.c,v 1.5 2001/03/15 08:32:58 dugsong Exp $ |
||||
+ * |
||||
+ * Improved 2011 by Stefan Tomanek <stefa@pico.ruhr.de> |
||||
*/ |
||||
|
||||
#include "config.h" |
||||
@@ -31,12 +33,13 @@ |
||||
static struct ether_addr spoof_mac, target_mac; |
||||
static in_addr_t spoof_ip, target_ip; |
||||
static char *intf; |
||||
+static int poison_reverse; |
||||
|
||||
static void |
||||
usage(void) |
||||
{ |
||||
fprintf(stderr, "Version: " VERSION "\n" |
||||
- "Usage: arpspoof [-i interface] [-t target] host\n"); |
||||
+ "Usage: arpspoof [-i interface] [-t target] [-r] host\n"); |
||||
exit(1); |
||||
} |
||||
|
||||
@@ -133,18 +136,30 @@ |
||||
static void |
||||
cleanup(int sig) |
||||
{ |
||||
+ int fw = arp_find(spoof_ip, &spoof_mac); |
||||
+ int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac); |
||||
int i; |
||||
|
||||
- if (arp_find(spoof_ip, &spoof_mac)) { |
||||
- for (i = 0; i < 3; i++) { |
||||
- /* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||
+ fprintf(stderr, "Cleaning up and re-arping targets...\n"); |
||||
+ for (i = 0; i < 5; i++) { |
||||
+ /* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||
+ if (fw) { |
||||
arp_send(l, ARPOP_REPLY, |
||||
(u_int8_t *)&spoof_mac, spoof_ip, |
||||
(target_ip ? (u_int8_t *)&target_mac : NULL), |
||||
target_ip); |
||||
+ /* we have to wait a moment before sending the next packet */ |
||||
+ sleep(1); |
||||
+ } |
||||
+ if (bw) { |
||||
+ arp_send(l, ARPOP_REPLY, |
||||
+ (u_int8_t *)&target_mac, target_ip, |
||||
+ (u_int8_t *)&spoof_mac, |
||||
+ spoof_ip); |
||||
sleep(1); |
||||
} |
||||
} |
||||
+ |
||||
exit(0); |
||||
} |
||||
|
||||
@@ -159,8 +174,9 @@ |
||||
|
||||
intf = NULL; |
||||
spoof_ip = target_ip = 0; |
||||
+ poison_reverse = 0; |
||||
|
||||
- while ((c = getopt(argc, argv, "i:t:h?V")) != -1) { |
||||
+ while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) { |
||||
switch (c) { |
||||
case 'i': |
||||
intf = optarg; |
||||
@@ -169,6 +185,9 @@ |
||||
if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) |
||||
usage(); |
||||
break; |
||||
+ case 'r': |
||||
+ poison_reverse = 1; |
||||
+ break; |
||||
default: |
||||
usage(); |
||||
} |
||||
@@ -179,6 +198,11 @@ |
||||
if (argc != 1) |
||||
usage(); |
||||
|
||||
+ if (poison_reverse && !target_ip) { |
||||
+ errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t)."); |
||||
+ usage(); |
||||
+ } |
||||
+ |
||||
if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||
usage(); |
||||
|
||||
@@ -192,6 +216,13 @@ |
||||
errx(1, "couldn't arp for host %s", |
||||
libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); |
||||
|
||||
+ if (poison_reverse) { |
||||
+ if (!arp_find(spoof_ip, &spoof_mac)) { |
||||
+ errx(1, "couldn't arp for spoof host %s", |
||||
+ libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE)); |
||||
+ } |
||||
+ } |
||||
+ |
||||
signal(SIGHUP, cleanup); |
||||
signal(SIGINT, cleanup); |
||||
signal(SIGTERM, cleanup); |
||||
@@ -200,6 +231,9 @@ |
||||
arp_send(l, ARPOP_REPLY, NULL, spoof_ip, |
||||
(target_ip ? (u_int8_t *)&target_mac : NULL), |
||||
target_ip); |
||||
+ if (poison_reverse) { |
||||
+ arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip); |
||||
+ } |
||||
sleep(2); |
||||
} |
||||
/* NOTREACHED */ |
@ -0,0 +1,27 @@
@@ -0,0 +1,27 @@
|
||||
Patch by iotr Engelking <inkerman42@gmail.com> for dsniff >= 2.4b1, which |
||||
disables the filtering packets with incorrect checksum. And for any further |
||||
information, please have a look to Debian bug ID #372536. |
||||
|
||||
--- dsniff-2.4b1/urlsnarf.c 2006-09-21 01:50:01.000000000 +0200 |
||||
+++ dsniff-2.4b1/urlsnarf.c.checksum 2006-09-21 01:51:13.000000000 +0200 |
||||
@@ -200,6 +200,7 @@ |
||||
extern char *optarg; |
||||
extern int optind; |
||||
int c; |
||||
+ struct nids_chksum_ctl chksum_ctl; |
||||
|
||||
while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) { |
||||
switch (c) { |
||||
@@ -260,6 +261,12 @@ |
||||
} |
||||
} |
||||
|
||||
+ chksum_ctl.netaddr = 0; |
||||
+ chksum_ctl.mask = 0; |
||||
+ chksum_ctl.action = NIDS_DONT_CHKSUM; |
||||
+ |
||||
+ nids_register_chksum_ctl(&chksum_ctl, 1); |
||||
+ |
||||
nids_run(); |
||||
|
||||
/* NOTREACHED */ |
@ -0,0 +1,96 @@
@@ -0,0 +1,96 @@
|
||||
Patch by Gleb Paharenko <gpaharenko@gmail.com> for dsniff >= 2.4b1, which |
||||
adds checksum for libnids. For further information, please have a look to |
||||
Debian bug ID #420129. |
||||
|
||||
--- dsniff-2.4b1/dsniff.c 2007-08-11 01:37:33.000000000 -0300 |
||||
+++ dsniff-2.4b1/dsniff.c.checksum 2007-08-11 01:38:55.000000000 -0300 |
||||
@@ -70,6 +70,80 @@ |
||||
{ |
||||
} |
||||
|
||||
+ |
||||
+static int get_all_ifaces(struct ifreq **, int *); |
||||
+static unsigned int get_addr_from_ifreq(struct ifreq *); |
||||
+ |
||||
+int all_local_ipaddrs_chksum_disable() |
||||
+{ |
||||
+ struct ifreq *ifaces; |
||||
+ int ifaces_count; |
||||
+ int i, ind = 0; |
||||
+ struct nids_chksum_ctl *ctlp; |
||||
+ unsigned int tmp; |
||||
+ |
||||
+ if (!get_all_ifaces(&ifaces, &ifaces_count)) |
||||
+ return -1; |
||||
+ ctlp = |
||||
+ (struct nids_chksum_ctl *) malloc(ifaces_count * |
||||
+ sizeof(struct |
||||
+ nids_chksum_ctl)); |
||||
+ if (!ctlp) |
||||
+ return -1; |
||||
+ for (i = 0; i < ifaces_count; i++) { |
||||
+ tmp = get_addr_from_ifreq(ifaces + i); |
||||
+ if (tmp) { |
||||
+ ctlp[ind].netaddr = tmp; |
||||
+ ctlp[ind].mask = inet_addr("255.255.255.255"); |
||||
+ ctlp[ind].action = NIDS_DONT_CHKSUM; |
||||
+ ind++; |
||||
+ } |
||||
+ } |
||||
+ free(ifaces); |
||||
+ nids_register_chksum_ctl(ctlp, ind); |
||||
+} |
||||
+ |
||||
+/* helper functions for Example 2 */ |
||||
+unsigned int get_addr_from_ifreq(struct ifreq *iface) |
||||
+{ |
||||
+ if (iface->ifr_addr.sa_family == AF_INET) |
||||
+ return ((struct sockaddr_in *) &(iface->ifr_addr))-> |
||||
+ sin_addr.s_addr; |
||||
+ return 0; |
||||
+} |
||||
+ |
||||
+static int get_all_ifaces(struct ifreq **ifaces, int *count) |
||||
+{ |
||||
+ int ifaces_size = 8 * sizeof(struct ifreq); |
||||
+ struct ifconf param; |
||||
+ int sock; |
||||
+ unsigned int i; |
||||
+ |
||||
+ *ifaces = malloc(ifaces_size); |
||||
+ sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); |
||||
+ if (sock <= 0) |
||||
+ return 0; |
||||
+ for (;;) { |
||||
+ param.ifc_len = ifaces_size; |
||||
+ param.ifc_req = *ifaces; |
||||
+ if (ioctl(sock, SIOCGIFCONF, ¶m)) |
||||
+ goto err; |
||||
+ if (param.ifc_len < ifaces_size) |
||||
+ break; |
||||
+ free(*ifaces); |
||||
+ ifaces_size *= 2; |
||||
+ ifaces = malloc(ifaces_size); |
||||
+ } |
||||
+ *count = param.ifc_len / sizeof(struct ifreq); |
||||
+ close(sock); |
||||
+ return 1; |
||||
+ err: |
||||
+ close(sock); |
||||
+ return 0; |
||||
+} |
||||
+ |
||||
+ |
||||
+ |
||||
int |
||||
main(int argc, char *argv[]) |
||||
{ |
||||
@@ -189,6 +263,8 @@ |
||||
warnx("using %s", nids_params.filename); |
||||
} |
||||
} |
||||
+ |
||||
+ all_local_ipaddrs_chksum_disable(); |
||||
|
||||
nids_run(); |
||||
|
@ -0,0 +1,60 @@
@@ -0,0 +1,60 @@
|
||||
Patch by Steve Kemp <skx@debian.org> for dsniff >= 2.4b1, which changes |
||||
various paths for the Fedora directory structure. |
||||
|
||||
--- dsniff-2.4b1/Makefile.in 2005-06-23 03:30:37.000000000 +0000 |
||||
+++ dsniff-2.4b1/Makefile.in.fedora 2005-06-23 04:17:14.000000000 +0000 |
||||
@@ -11,7 +11,7 @@ |
||||
install_prefix = |
||||
prefix = @prefix@ |
||||
exec_prefix = @exec_prefix@ |
||||
-libdir = @libdir@ |
||||
+libdir = @sysconfdir@/dsniff |
||||
sbindir = @sbindir@ |
||||
mandir = @mandir@ |
||||
|
||||
@@ -37,8 +37,7 @@ |
||||
X11INC = @X_CFLAGS@ |
||||
X11LIB = @X_LIBS@ @X_PRE_LIBS@ -lXmu -lX11 @X_EXTRA_LIBS@ |
||||
|
||||
-INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \ |
||||
- -I$(srcdir)/missing |
||||
+INCS = -I. $(X11INC) $(SSLINC) -I$(srcdir)/missing |
||||
LIBS = @LIBS@ -L$(srcdir) -lmissing |
||||
|
||||
INSTALL = @INSTALL@ |
||||
--- dsniff-2.4b1/dnsspoof.8 2005-06-23 03:30:37.000000000 +0000 |
||||
+++ dsniff-2.4b1/dnsspoof.8.fedora 2005-06-23 04:17:37.000000000 +0000 |
||||
@@ -31,7 +31,7 @@ |
||||
address queries on the LAN with an answer of the local machine's IP |
||||
address. |
||||
.SH FILES |
||||
-.IP \fI/usr/local/lib/dnsspoof.hosts\fR |
||||
+.IP \fI/etc/dsniff/dnsspoof.hosts\fR |
||||
Sample hosts file. |
||||
.SH "SEE ALSO" |
||||
dsniff(8), hosts(5) |
||||
--- dsniff-2.4b1/dsniff.8 2005-06-23 04:17:06.000000000 +0000 |
||||
+++ dsniff-2.4b1/dsniff.8.fedora 2005-06-23 04:18:21.000000000 +0000 |
||||
@@ -68,9 +68,9 @@ |
||||
On a hangup signal \fBdsniff\fR will dump its current trigger table to |
||||
\fIdsniff.services\fR. |
||||
.SH FILES |
||||
-.IP \fI/usr/local/lib/dsniff.services\fR |
||||
+.IP \fI/etc/dsniff/dsniff.services\fR |
||||
Default trigger table |
||||
-.IP \fI/usr/local/lib/dsniff.magic\fR |
||||
+.IP \fI/etc/dsniff/dsniff.magic\fR |
||||
Network protocol magic |
||||
.SH "SEE ALSO" |
||||
arpspoof(8), libnids(3), services(5), magic(5) |
||||
--- dsniff-2.4b1/pathnames.h 2005-06-23 03:30:37.000000000 +0000 |
||||
+++ dsniff-2.4b1/pathnames.h.fedora 2005-06-23 04:17:25.000000000 +0000 |
||||
@@ -12,7 +12,7 @@ |
||||
#define PATHNAMES_H |
||||
|
||||
#ifndef DSNIFF_LIBDIR |
||||
-#define DSNIFF_LIBDIR "/usr/local/lib/" |
||||
+#define DSNIFF_LIBDIR "/etc/dsniff/" |
||||
#endif |
||||
|
||||
#define DSNIFF_SERVICES "dsniff.services" |
@ -0,0 +1,14 @@
@@ -0,0 +1,14 @@
|
||||
Patch by Robert Scheck <robert@fedoraproject.org> for dsniff >= 2.4b1, that |
||||
adds some missing linkages to glib2. |
||||
|
||||
--- dsniff-2.4b1/Makefile.in 2007-11-24 13:56:47.000000000 +0100 |
||||
+++ dsniff-2.4b1/Makefile.in.glib2 2007-11-24 15:40:55.000000000 +0100 |
||||
@@ -26,7 +26,7 @@ |
||||
LNETLIB = @LNETLIB@ |
||||
|
||||
NIDSINC = @NIDSINC@ |
||||
-NIDSLIB = @NIDSLIB@ |
||||
+NIDSLIB = @NIDSLIB@ -lglib-2.0 -lgthread-2.0 -lpthread |
||||
|
||||
DBINC = @DBINC@ |
||||
DBLIB = @DBLIB@ |
@ -0,0 +1,904 @@
@@ -0,0 +1,904 @@
|
||||
Patch for dsniff >= 2.4b1, which adds support for libnet >= 1.1 having a |
||||
completely rewritten API. |
||||
|
||||
--- dsniff-2.4b1/arpspoof.c 2006-06-09 13:35:29.000000000 +0300 |
||||
+++ dsniff-2.4b1/arpspoof.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||
@@ -27,7 +27,7 @@ |
||||
|
||||
extern char *ether_ntoa(struct ether_addr *); |
||||
|
||||
-static struct libnet_link_int *llif; |
||||
+static libnet_t *l; |
||||
static struct ether_addr spoof_mac, target_mac; |
||||
static in_addr_t spoof_ip, target_ip; |
||||
static char *intf; |
||||
@@ -41,47 +41,49 @@ |
||||
} |
||||
|
||||
static int |
||||
-arp_send(struct libnet_link_int *llif, char *dev, |
||||
- int op, u_char *sha, in_addr_t spa, u_char *tha, in_addr_t tpa) |
||||
+arp_send(libnet_t *l, int op, u_int8_t *sha, |
||||
+ in_addr_t spa, u_int8_t *tha, in_addr_t tpa) |
||||
{ |
||||
- char ebuf[128]; |
||||
- u_char pkt[60]; |
||||
- |
||||
+ int retval; |
||||
+ |
||||
if (sha == NULL && |
||||
- (sha = (u_char *)libnet_get_hwaddr(llif, dev, ebuf)) == NULL) { |
||||
+ (sha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { |
||||
return (-1); |
||||
} |
||||
if (spa == 0) { |
||||
- if ((spa = libnet_get_ipaddr(llif, dev, ebuf)) == 0) |
||||
+ if ((spa = libnet_get_ipaddr4(l)) == -1) |
||||
return (-1); |
||||
- spa = htonl(spa); /* XXX */ |
||||
} |
||||
if (tha == NULL) |
||||
tha = "\xff\xff\xff\xff\xff\xff"; |
||||
|
||||
- libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, pkt); |
||||
+ libnet_autobuild_arp(op, sha, (u_int8_t *)&spa, |
||||
+ tha, (u_int8_t *)&tpa, l); |
||||
+ libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, l, 0); |
||||
|
||||
- libnet_build_arp(ARPHRD_ETHER, ETHERTYPE_IP, ETHER_ADDR_LEN, 4, |
||||
- op, sha, (u_char *)&spa, tha, (u_char *)&tpa, |
||||
- NULL, 0, pkt + ETH_H); |
||||
- |
||||
fprintf(stderr, "%s ", |
||||
ether_ntoa((struct ether_addr *)sha)); |
||||
|
||||
if (op == ARPOP_REQUEST) { |
||||
fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n", |
||||
ether_ntoa((struct ether_addr *)tha), |
||||
- libnet_host_lookup(tpa, 0), |
||||
- libnet_host_lookup(spa, 0)); |
||||
+ libnet_addr2name4(tpa, LIBNET_DONT_RESOLVE), |
||||
+ libnet_addr2name4(spa, LIBNET_DONT_RESOLVE)); |
||||
} |
||||
else { |
||||
fprintf(stderr, "%s 0806 42: arp reply %s is-at ", |
||||
ether_ntoa((struct ether_addr *)tha), |
||||
- libnet_host_lookup(spa, 0)); |
||||
+ libnet_addr2name4(spa, LIBNET_DONT_RESOLVE)); |
||||
fprintf(stderr, "%s\n", |
||||
ether_ntoa((struct ether_addr *)sha)); |
||||
} |
||||
- return (libnet_write_link_layer(llif, dev, pkt, sizeof(pkt)) == sizeof(pkt)); |
||||
+ retval = libnet_write(l); |
||||
+ if (retval) |
||||
+ fprintf(stderr, "%s", libnet_geterror(l)); |
||||
+ |
||||
+ libnet_clear_packet(l); |
||||
+ |
||||
+ return retval; |
||||
} |
||||
|
||||
#ifdef __linux__ |
||||
@@ -119,7 +121,7 @@ |
||||
/* XXX - force the kernel to arp. feh. */ |
||||
arp_force(ip); |
||||
#else |
||||
- arp_send(llif, intf, ARPOP_REQUEST, NULL, 0, NULL, ip); |
||||
+ arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip); |
||||
#endif |
||||
sleep(1); |
||||
} |
||||
@@ -136,9 +138,9 @@ |
||||
if (arp_find(spoof_ip, &spoof_mac)) { |
||||
for (i = 0; i < 3; i++) { |
||||
/* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||
- arp_send(llif, intf, ARPOP_REPLY, |
||||
- (u_char *)&spoof_mac, spoof_ip, |
||||
- (target_ip ? (u_char *)&target_mac : NULL), |
||||
+ arp_send(l, ARPOP_REPLY, |
||||
+ (u_int8_t *)&spoof_mac, spoof_ip, |
||||
+ (target_ip ? (u_int8_t *)&target_mac : NULL), |
||||
target_ip); |
||||
sleep(1); |
||||
} |
||||
@@ -151,7 +153,8 @@ |
||||
{ |
||||
extern char *optarg; |
||||
extern int optind; |
||||
- char ebuf[PCAP_ERRBUF_SIZE]; |
||||
+ char pcap_ebuf[PCAP_ERRBUF_SIZE]; |
||||
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||
int c; |
||||
|
||||
intf = NULL; |
||||
@@ -163,7 +166,7 @@ |
||||
intf = optarg; |
||||
break; |
||||
case 't': |
||||
- if ((target_ip = libnet_name_resolve(optarg, 1)) == -1) |
||||
+ if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) |
||||
usage(); |
||||
break; |
||||
default: |
||||
@@ -176,26 +179,26 @@ |
||||
if (argc != 1) |
||||
usage(); |
||||
|
||||
- if ((spoof_ip = libnet_name_resolve(argv[0], 1)) == -1) |
||||
+ if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||
usage(); |
||||
|
||||
- if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) |
||||
- errx(1, "%s", ebuf); |
||||
+ if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL) |
||||
+ errx(1, "%s", pcap_ebuf); |
||||
|
||||
- if ((llif = libnet_open_link_interface(intf, ebuf)) == 0) |
||||
- errx(1, "%s", ebuf); |
||||
+ if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL) |
||||
+ errx(1, "%s", libnet_ebuf); |
||||
|
||||
if (target_ip != 0 && !arp_find(target_ip, &target_mac)) |
||||
errx(1, "couldn't arp for host %s", |
||||
- libnet_host_lookup(target_ip, 0)); |
||||
+ libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); |
||||
|
||||
signal(SIGHUP, cleanup); |
||||
signal(SIGINT, cleanup); |
||||
signal(SIGTERM, cleanup); |
||||
|
||||
for (;;) { |
||||
- arp_send(llif, intf, ARPOP_REPLY, NULL, spoof_ip, |
||||
- (target_ip ? (u_char *)&target_mac : NULL), |
||||
+ arp_send(l, ARPOP_REPLY, NULL, spoof_ip, |
||||
+ (target_ip ? (u_int8_t *)&target_mac : NULL), |
||||
target_ip); |
||||
sleep(2); |
||||
} |
||||
--- dsniff-2.4b1/dnsspoof.c 2001-03-15 10:33:03.000000000 +0200 |
||||
+++ dsniff-2.4b1/dnsspoof.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||
@@ -38,7 +38,7 @@ |
||||
|
||||
pcap_t *pcap_pd = NULL; |
||||
int pcap_off = -1; |
||||
-int lnet_sock = -1; |
||||
+libnet_t *l; |
||||
u_long lnet_ip = -1; |
||||
|
||||
static void |
||||
@@ -90,19 +90,18 @@ |
||||
dns_init(char *dev, char *filename) |
||||
{ |
||||
FILE *f; |
||||
- struct libnet_link_int *llif; |
||||
+ libnet_t *l; |
||||
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||
struct dnsent *de; |
||||
char *ip, *name, buf[1024]; |
||||
|
||||
- if ((llif = libnet_open_link_interface(dev, buf)) == NULL) |
||||
- errx(1, "%s", buf); |
||||
+ if ((l = libnet_init(LIBNET_LINK, dev, libnet_ebuf)) == NULL) |
||||
+ errx(1, "%s", libnet_ebuf); |
||||
|
||||
- if ((lnet_ip = libnet_get_ipaddr(llif, dev, buf)) == -1) |
||||
- errx(1, "%s", buf); |
||||
+ if ((lnet_ip = libnet_get_ipaddr4(l)) == -1) |
||||
+ errx(1, "%s", libnet_geterror(l)); |
||||
|
||||
- lnet_ip = htonl(lnet_ip); |
||||
- |
||||
- libnet_close_link_interface(llif); |
||||
+ libnet_destroy(l); |
||||
|
||||
SLIST_INIT(&dns_entries); |
||||
|
||||
@@ -180,7 +179,7 @@ |
||||
static void |
||||
dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, const u_char *pkt) |
||||
{ |
||||
- struct libnet_ip_hdr *ip; |
||||
+ struct libnet_ipv4_hdr *ip; |
||||
struct libnet_udp_hdr *udp; |
||||
HEADER *dns; |
||||
char name[MAXHOSTNAMELEN]; |
||||
@@ -189,7 +188,7 @@ |
||||
in_addr_t dst; |
||||
u_short type, class; |
||||
|
||||
- ip = (struct libnet_ip_hdr *)(pkt + pcap_off); |
||||
+ ip = (struct libnet_ipv4_hdr *)(pkt + pcap_off); |
||||
udp = (struct libnet_udp_hdr *)(pkt + pcap_off + (ip->ip_hl * 4)); |
||||
dns = (HEADER *)(udp + 1); |
||||
p = (u_char *)(dns + 1); |
||||
@@ -212,7 +211,7 @@ |
||||
if (class != C_IN) |
||||
return; |
||||
|
||||
- p = buf + IP_H + UDP_H + dnslen; |
||||
+ p = buf + dnslen; |
||||
|
||||
if (type == T_A) { |
||||
if ((dst = dns_lookup_a(name)) == -1) |
||||
@@ -234,38 +233,38 @@ |
||||
anslen += 12; |
||||
} |
||||
else return; |
||||
- |
||||
- libnet_build_ip(UDP_H + dnslen + anslen, 0, libnet_get_prand(PRu16), |
||||
- 0, 64, IPPROTO_UDP, ip->ip_dst.s_addr, |
||||
- ip->ip_src.s_addr, NULL, 0, buf); |
||||
- |
||||
- libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport), |
||||
- NULL, dnslen + anslen, buf + IP_H); |
||||
|
||||
- memcpy(buf + IP_H + UDP_H, (u_char *)dns, dnslen); |
||||
+ memcpy(buf, (u_char *)dns, dnslen); |
||||
|
||||
- dns = (HEADER *)(buf + IP_H + UDP_H); |
||||
+ dns = (HEADER *)buf; |
||||
dns->qr = dns->ra = 1; |
||||
if (type == T_PTR) dns->aa = 1; |
||||
dns->ancount = htons(1); |
||||
|
||||
dnslen += anslen; |
||||
+ |
||||
+ libnet_clear_packet(l); |
||||
+ libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport), |
||||
+ LIBNET_UDP_H + dnslen, 0, |
||||
+ (u_int8_t *)buf, dnslen, l, 0); |
||||
+ |
||||
+ libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_UDP_H + dnslen, 0, |
||||
+ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_UDP, 0, |
||||
+ ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, l, 0); |
||||
|
||||
- libnet_do_checksum(buf, IPPROTO_UDP, UDP_H + dnslen); |
||||
- |
||||
- if (libnet_write_ip(lnet_sock, buf, IP_H + UDP_H + dnslen) < 0) |
||||
+ if (libnet_write(l) < 0) |
||||
warn("write"); |
||||
|
||||
fprintf(stderr, "%s.%d > %s.%d: %d+ %s? %s\n", |
||||
- libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport), |
||||
- libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport), |
||||
+ libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport), |
||||
+ libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport), |
||||
ntohs(dns->id), type == T_A ? "A" : "PTR", name); |
||||
} |
||||
|
||||
static void |
||||
cleanup(int sig) |
||||
{ |
||||
- libnet_close_raw_sock(lnet_sock); |
||||
+ libnet_destroy(l); |
||||
pcap_close(pcap_pd); |
||||
exit(0); |
||||
} |
||||
@@ -276,6 +275,7 @@ |
||||
extern char *optarg; |
||||
extern int optind; |
||||
char *p, *dev, *hosts, buf[1024]; |
||||
+ char ebuf[LIBNET_ERRBUF_SIZE]; |
||||
int i; |
||||
|
||||
dev = hosts = NULL; |
||||
@@ -306,7 +306,7 @@ |
||||
strlcpy(buf, p, sizeof(buf)); |
||||
} |
||||
else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s", |
||||
- libnet_host_lookup(lnet_ip, 0)); |
||||
+ libnet_addr2name4(lnet_ip, LIBNET_DONT_RESOLVE)); |
||||
|
||||
if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL) |
||||
errx(1, "couldn't initialize sniffing"); |
||||
@@ -314,10 +314,10 @@ |
||||
if ((pcap_off = pcap_dloff(pcap_pd)) < 0) |
||||
errx(1, "couldn't determine link layer offset"); |
||||
|
||||
- if ((lnet_sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) |
||||
+ if ((l = libnet_init(LIBNET_RAW4, dev, ebuf)) == NULL) |
||||
errx(1, "couldn't initialize sending"); |
||||
|
||||
- libnet_seed_prand(); |
||||
+ libnet_seed_prand(l); |
||||
|
||||
signal(SIGHUP, cleanup); |
||||
signal(SIGINT, cleanup); |
||||
--- dsniff-2.4b1/filesnarf.c 2006-06-09 13:35:29.000000000 +0300 |
||||
+++ dsniff-2.4b1/filesnarf.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||
@@ -134,8 +134,8 @@ |
||||
int fd; |
||||
|
||||
warnx("%s.%d > %s.%d: %s (%d@%d)", |
||||
- libnet_host_lookup(addr->daddr, 0), addr->dest, |
||||
- libnet_host_lookup(addr->saddr, 0), addr->source, |
||||
+ libnet_addr2name4(addr->daddr, LIBNET_DONT_RESOLVE), addr->dest, |
||||
+ libnet_addr2name4(addr->saddr, LIBNET_DONT_RESOLVE), addr->source, |
||||
ma->filename, len, ma->offset); |
||||
|
||||
if ((fd = open(ma->filename, O_WRONLY|O_CREAT, 0644)) >= 0) { |
||||
@@ -353,7 +353,7 @@ |
||||
} |
||||
|
||||
static void |
||||
-decode_udp_nfs(struct libnet_ip_hdr *ip) |
||||
+decode_udp_nfs(struct libnet_ipv4_hdr *ip) |
||||
{ |
||||
static struct tuple4 addr; |
||||
struct libnet_udp_hdr *udp; |
||||
--- dsniff-2.4b1/macof.c 2001-03-15 10:33:04.000000000 +0200 |
||||
+++ dsniff-2.4b1/macof.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||
@@ -48,8 +48,8 @@ |
||||
static void |
||||
gen_mac(u_char *mac) |
||||
{ |
||||
- *((in_addr_t *)mac) = libnet_get_prand(PRu32); |
||||
- *((u_short *)(mac + 4)) = libnet_get_prand(PRu16); |
||||
+ *((in_addr_t *)mac) = libnet_get_prand(LIBNET_PRu32); |
||||
+ *((u_short *)(mac + 4)) = libnet_get_prand(LIBNET_PRu16); |
||||
} |
||||
|
||||
int |
||||
@@ -59,22 +59,23 @@ |
||||
extern int optind; |
||||
int c, i; |
||||
struct libnet_link_int *llif; |
||||
- char ebuf[PCAP_ERRBUF_SIZE]; |
||||
+ char pcap_ebuf[PCAP_ERRBUF_SIZE]; |
||||
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||
u_char sha[ETHER_ADDR_LEN], tha[ETHER_ADDR_LEN]; |
||||
in_addr_t src, dst; |
||||
u_short sport, dport; |
||||
u_int32_t seq; |
||||
- u_char pkt[ETH_H + IP_H + TCP_H]; |
||||
+ libnet_t *l; |
||||
|
||||
while ((c = getopt(argc, argv, "vs:d:e:x:y:i:n:h?V")) != -1) { |
||||
switch (c) { |
||||
case 'v': |
||||
break; |
||||
case 's': |
||||
- Src = libnet_name_resolve(optarg, 0); |
||||
+ Src = libnet_name2addr4(l, optarg, 0); |
||||
break; |
||||
case 'd': |
||||
- Dst = libnet_name_resolve(optarg, 0); |
||||
+ Dst = libnet_name2addr4(l, optarg, 0); |
||||
break; |
||||
case 'e': |
||||
Tha = (u_char *)ether_aton(optarg); |
||||
@@ -101,13 +102,13 @@ |
||||
if (argc != 0) |
||||
usage(); |
||||
|
||||
- if (!Intf && (Intf = pcap_lookupdev(ebuf)) == NULL) |
||||
- errx(1, "%s", ebuf); |
||||
+ if (!Intf && (Intf = pcap_lookupdev(pcap_ebuf)) == NULL) |
||||
+ errx(1, "%s", pcap_ebuf); |
||||
|
||||
- if ((llif = libnet_open_link_interface(Intf, ebuf)) == 0) |
||||
- errx(1, "%s", ebuf); |
||||
+ if ((l = libnet_init(LIBNET_LINK, Intf, libnet_ebuf)) == NULL) |
||||
+ errx(1, "%s", libnet_ebuf); |
||||
|
||||
- libnet_seed_prand(); |
||||
+ libnet_seed_prand(l); |
||||
|
||||
for (i = 0; i != Repeat; i++) { |
||||
|
||||
@@ -117,39 +118,39 @@ |
||||
else memcpy(tha, Tha, sizeof(tha)); |
||||
|
||||
if (Src != 0) src = Src; |
||||
- else src = libnet_get_prand(PRu32); |
||||
+ else src = libnet_get_prand(LIBNET_PRu32); |
||||
|
||||
if (Dst != 0) dst = Dst; |
||||
- else dst = libnet_get_prand(PRu32); |
||||
+ else dst = libnet_get_prand(LIBNET_PRu32); |
||||
|
||||
if (Sport != 0) sport = Sport; |
||||
- else sport = libnet_get_prand(PRu16); |
||||
+ else sport = libnet_get_prand(LIBNET_PRu16); |
||||
|
||||
if (Dport != 0) dport = Dport; |
||||
- else dport = libnet_get_prand(PRu16); |
||||
+ else dport = libnet_get_prand(LIBNET_PRu16); |
||||
|
||||
- seq = libnet_get_prand(PRu32); |
||||
- |
||||
- libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, pkt); |
||||
- |
||||
- libnet_build_ip(TCP_H, 0, libnet_get_prand(PRu16), 0, 64, |
||||
- IPPROTO_TCP, src, dst, NULL, 0, pkt + ETH_H); |
||||
+ seq = libnet_get_prand(LIBNET_PRu32); |
||||
|
||||
libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512, |
||||
- 0, NULL, 0, pkt + ETH_H + IP_H); |
||||
+ 0, 0, LIBNET_TCP_H, NULL, 0, l, 0); |
||||
|
||||
- libnet_do_checksum(pkt + ETH_H, IPPROTO_IP, IP_H); |
||||
- libnet_do_checksum(pkt + ETH_H, IPPROTO_TCP, TCP_H); |
||||
+ libnet_build_ipv4(LIBNET_TCP_H, 0, |
||||
+ libnet_get_prand(LIBNET_PRu16), 0, 64, |
||||
+ IPPROTO_TCP, 0, src, dst, NULL, 0, l, 0); |
||||
|
||||
- if (libnet_write_link_layer(llif, Intf, pkt, sizeof(pkt)) < 0) |
||||
+ libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, l, 0); |
||||
+ |
||||
+ if (libnet_write(l) < 0) |
||||
errx(1, "write"); |
||||
|
||||
+ libnet_clear_packet(l); |
||||
+ |
||||
fprintf(stderr, "%s ", |
||||
ether_ntoa((struct ether_addr *)sha)); |
||||
fprintf(stderr, "%s %s.%d > %s.%d: S %u:%u(0) win 512\n", |
||||
ether_ntoa((struct ether_addr *)tha), |
||||
- libnet_host_lookup(Src, 0), sport, |
||||
- libnet_host_lookup(Dst, 0), dport, seq, seq); |
||||
+ libnet_addr2name4(Src, 0), sport, |
||||
+ libnet_addr2name4(Dst, 0), dport, seq, seq); |
||||
} |
||||
exit(0); |
||||
} |
||||
--- dsniff-2.4b1/record.c 2001-03-15 10:33:04.000000000 +0200 |
||||
+++ dsniff-2.4b1/record.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||
@@ -65,8 +65,8 @@ |
||||
tm = localtime(&rec->time); |
||||
strftime(tstr, sizeof(tstr), "%x %X", tm); |
||||
|
||||
- srcp = libnet_host_lookup(rec->src, Opt_dns); |
||||
- dstp = libnet_host_lookup(rec->dst, Opt_dns); |
||||
+ srcp = libnet_addr2name4(rec->src, Opt_dns); |
||||
+ dstp = libnet_addr2name4(rec->dst, Opt_dns); |
||||
|
||||
if ((pr = getprotobynumber(rec->proto)) == NULL) |
||||
protop = "unknown"; |
||||
--- dsniff-2.4b1/sshmitm.c 2001-03-15 10:33:04.000000000 +0200 |
||||
+++ dsniff-2.4b1/sshmitm.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||
@@ -389,7 +389,7 @@ |
||||
if (argc < 1) |
||||
usage(); |
||||
|
||||
- if ((ip = libnet_name_resolve(argv[0], 1)) == -1) |
||||
+ if ((ip = libnet_name2addr4(NULL, argv[0], LIBNET_RESOLVE)) == -1) |
||||
usage(); |
||||
|
||||
if (argc == 2 && (rport = atoi(argv[1])) == 0) |
||||
--- dsniff-2.4b1/tcpkill.c 2001-03-17 10:10:43.000000000 +0200 |
||||
+++ dsniff-2.4b1/tcpkill.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||
@@ -39,17 +39,18 @@ |
||||
static void |
||||
tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) |
||||
{ |
||||
- struct libnet_ip_hdr *ip; |
||||
+ struct libnet_ipv4_hdr *ip; |
||||
struct libnet_tcp_hdr *tcp; |
||||
- u_char ctext[64], buf[IP_H + TCP_H]; |
||||
+ u_char ctext[64]; |
||||
u_int32_t seq, win; |
||||
- int i, *sock, len; |
||||
+ int i, len; |
||||
+ libnet_t *l; |
||||
|
||||
- sock = (int *)user; |
||||
+ l = (libnet_t *)user; |
||||
pkt += pcap_off; |
||||
len = pcap->caplen - pcap_off; |
||||
|
||||
- ip = (struct libnet_ip_hdr *)pkt; |
||||
+ ip = (struct libnet_ipv4_hdr *)pkt; |
||||
if (ip->ip_p != IPPROTO_TCP) |
||||
return; |
||||
|
||||
@@ -57,34 +58,31 @@ |
||||
if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST)) |
||||
return; |
||||
|
||||
- libnet_build_ip(TCP_H, 0, 0, 0, 64, IPPROTO_TCP, |
||||
- ip->ip_dst.s_addr, ip->ip_src.s_addr, |
||||
- NULL, 0, buf); |
||||
- |
||||
- libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), |
||||
- 0, 0, TH_RST, 0, 0, NULL, 0, buf + IP_H); |
||||
- |
||||
seq = ntohl(tcp->th_ack); |
||||
win = ntohs(tcp->th_win); |
||||
|
||||
snprintf(ctext, sizeof(ctext), "%s:%d > %s:%d:", |
||||
- libnet_host_lookup(ip->ip_src.s_addr, 0), |
||||
+ libnet_addr2name4(ip->ip_src.s_addr, LIBNET_DONT_RESOLVE), |
||||
ntohs(tcp->th_sport), |
||||
- libnet_host_lookup(ip->ip_dst.s_addr, 0), |
||||
+ libnet_addr2name4(ip->ip_dst.s_addr, LIBNET_DONT_RESOLVE), |
||||
ntohs(tcp->th_dport)); |
||||
|
||||
- ip = (struct libnet_ip_hdr *)buf; |
||||
- tcp = (struct libnet_tcp_hdr *)(ip + 1); |
||||
- |
||||
for (i = 0; i < Opt_severity; i++) { |
||||
- ip->ip_id = libnet_get_prand(PRu16); |
||||
seq += (i * win); |
||||
- tcp->th_seq = htonl(seq); |
||||
|
||||
- libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); |
||||
+ libnet_clear_packet(l); |
||||
|
||||
- if (libnet_write_ip(*sock, buf, sizeof(buf)) < 0) |
||||
- warn("write_ip"); |
||||
+ libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), |
||||
+ seq, 0, TH_RST, 0, 0, 0, LIBNET_TCP_H, |
||||
+ NULL, 0, l, 0); |
||||
+ |
||||
+ libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H, 0, |
||||
+ libnet_get_prand(LIBNET_PRu16), 0, 64, |
||||
+ IPPROTO_TCP, 0, ip->ip_dst.s_addr, |
||||
+ ip->ip_src.s_addr, NULL, 0, l, 0); |
||||
+ |
||||
+ if (libnet_write(l) < 0) |
||||
+ warn("write"); |
||||
|
||||
fprintf(stderr, "%s R %lu:%lu(0) win 0\n", ctext, seq, seq); |
||||
} |
||||
@@ -95,8 +93,10 @@ |
||||
{ |
||||
extern char *optarg; |
||||
extern int optind; |
||||
- int c, sock; |
||||
+ int c; |
||||
char *p, *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; |
||||
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||
+ libnet_t *l; |
||||
pcap_t *pd; |
||||
|
||||
intf = NULL; |
||||
@@ -136,14 +136,14 @@ |
||||
if ((pcap_off = pcap_dloff(pd)) < 0) |
||||
errx(1, "couldn't determine link layer offset"); |
||||
|
||||
- if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) |
||||
+ if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL) |
||||
errx(1, "couldn't initialize sending"); |
||||
|
||||
- libnet_seed_prand(); |
||||
+ libnet_seed_prand(l); |
||||
|
||||
warnx("listening on %s [%s]", intf, filter); |
||||
|
||||
- pcap_loop(pd, -1, tcp_kill_cb, (u_char *)&sock); |
||||
+ pcap_loop(pd, -1, tcp_kill_cb, (u_char *)l); |
||||
|
||||
/* NOTREACHED */ |
||||
|
||||
--- dsniff-2.4b1/tcpnice.c 2001-03-17 09:41:51.000000000 +0200 |
||||
+++ dsniff-2.4b1/tcpnice.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||
@@ -41,107 +41,106 @@ |
||||
} |
||||
|
||||
static void |
||||
-send_tcp_window_advertisement(int sock, struct libnet_ip_hdr *ip, |
||||
+send_tcp_window_advertisement(libnet_t *l, struct libnet_ipv4_hdr *ip, |
||||
struct libnet_tcp_hdr *tcp) |
||||
{ |
||||
int len; |
||||
|
||||
ip->ip_hl = 5; |
||||
- ip->ip_len = htons(IP_H + TCP_H); |
||||
- ip->ip_id = libnet_get_prand(PRu16); |
||||
- memcpy(buf, (u_char *)ip, IP_H); |
||||
+ ip->ip_len = htons(LIBNET_IPV4_H + LIBNET_TCP_H); |
||||
+ ip->ip_id = libnet_get_prand(LIBNET_PRu16); |
||||
+ memcpy(buf, (u_char *)ip, LIBNET_IPV4_H); |
||||
|
||||
tcp->th_off = 5; |
||||
tcp->th_win = htons(MIN_WIN); |
||||
- memcpy(buf + IP_H, (u_char *)tcp, TCP_H); |
||||
+ memcpy(buf + LIBNET_IPV4_H, (u_char *)tcp, LIBNET_TCP_H); |
||||
|
||||
- libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); |
||||
+ libnet_do_checksum(l, buf, IPPROTO_TCP, LIBNET_TCP_H); |
||||
|
||||
- len = IP_H + TCP_H; |
||||
+ len = LIBNET_IPV4_H + LIBNET_TCP_H; |
||||
|
||||
- if (libnet_write_ip(sock, buf, len) != len) |
||||
+ if (libnet_write_raw_ipv4(l, buf, len) != len) |
||||
warn("write"); |
||||
|
||||
fprintf(stderr, "%s:%d > %s:%d: . ack %lu win %d\n", |
||||
- libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), |
||||
- libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), |
||||
+ libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), |
||||
+ libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), |
||||
ntohl(tcp->th_ack), 1); |
||||
} |
||||
|
||||
static void |
||||
-send_icmp_source_quench(int sock, struct libnet_ip_hdr *ip) |
||||
+send_icmp_source_quench(libnet_t *l, struct libnet_ipv4_hdr *ip) |
||||
{ |
||||
- struct libnet_icmp_hdr *icmp; |
||||
+ struct libnet_icmpv4_hdr *icmp; |
||||
int len; |
||||
|
||||
len = (ip->ip_hl * 4) + 8; |
||||
|
||||
- libnet_build_ip(ICMP_ECHO_H + len, 0, libnet_get_prand(PRu16), |
||||
- 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, |
||||
- ip->ip_src.s_addr, NULL, 0, buf); |
||||
- |
||||
- icmp = (struct libnet_icmp_hdr *)(buf + IP_H); |
||||
+ icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H); |
||||
icmp->icmp_type = ICMP_SOURCEQUENCH; |
||||
icmp->icmp_code = 0; |
||||
- memcpy((u_char *)icmp + ICMP_ECHO_H, (u_char *)ip, len); |
||||
+ memcpy((u_char *)icmp + LIBNET_ICMPV4_ECHO_H, (u_char *)ip, len); |
||||
|
||||
- libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_ECHO_H + len); |
||||
+ len += LIBNET_ICMPV4_ECHO_H; |
||||
|
||||
- len += (IP_H + ICMP_ECHO_H); |
||||
+ libnet_build_ipv4(LIBNET_IPV4_H + len, 0, |
||||
+ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP, |
||||
+ 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, |
||||
+ (u_int8_t *) icmp, len, l, 0); |
||||
|
||||
- if (libnet_write_ip(sock, buf, len) != len) |
||||
+ if (libnet_write(l) != len) |
||||
warn("write"); |
||||
|
||||
fprintf(stderr, "%s > %s: icmp: source quench\n", |
||||
- libnet_host_lookup(ip->ip_dst.s_addr, 0), |
||||
- libnet_host_lookup(ip->ip_src.s_addr, 0)); |
||||
+ libnet_addr2name4(ip->ip_dst.s_addr, 0), |
||||
+ libnet_addr2name4(ip->ip_src.s_addr, 0)); |
||||
} |
||||
|
||||
static void |
||||
-send_icmp_frag_needed(int sock, struct libnet_ip_hdr *ip) |
||||
+send_icmp_frag_needed(libnet_t *l, struct libnet_ipv4_hdr *ip) |
||||
{ |
||||
- struct libnet_icmp_hdr *icmp; |
||||
+ struct libnet_icmpv4_hdr *icmp; |
||||
int len; |
||||
|
||||
len = (ip->ip_hl * 4) + 8; |
||||
|
||||
- libnet_build_ip(ICMP_MASK_H + len, 4, libnet_get_prand(PRu16), |
||||
- 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, |
||||
- ip->ip_src.s_addr, NULL, 0, buf); |
||||
- |
||||
- icmp = (struct libnet_icmp_hdr *)(buf + IP_H); |
||||
+ icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H); |
||||
icmp->icmp_type = ICMP_UNREACH; |
||||
icmp->icmp_code = ICMP_UNREACH_NEEDFRAG; |
||||
icmp->hun.frag.pad = 0; |
||||
icmp->hun.frag.mtu = htons(MIN_MTU); |
||||
- memcpy((u_char *)icmp + ICMP_MASK_H, (u_char *)ip, len); |
||||
+ memcpy((u_char *)icmp + LIBNET_ICMPV4_MASK_H, (u_char *)ip, len); |
||||
|
||||
- libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_MASK_H + len); |
||||
- |
||||
- len += (IP_H + ICMP_MASK_H); |
||||
+ len += LIBNET_ICMPV4_MASK_H; |
||||
+ |
||||
+ libnet_build_ipv4(LIBNET_IPV4_H + len, 4, |
||||
+ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP, |
||||
+ 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, |
||||
+ (u_int8_t *) icmp, len, l, 0); |
||||
|
||||
- if (libnet_write_ip(sock, buf, len) != len) |
||||
+ if (libnet_write(l) != len) |
||||
warn("write"); |
||||
|
||||
fprintf(stderr, "%s > %s: icmp: ", |
||||
- libnet_host_lookup(ip->ip_dst.s_addr, 0), |
||||
- libnet_host_lookup(ip->ip_src.s_addr, 0)); |
||||
+ libnet_addr2name4(ip->ip_dst.s_addr, 0), |
||||
+ libnet_addr2name4(ip->ip_src.s_addr, 0)); |
||||
fprintf(stderr, "%s unreachable - need to frag (mtu %d)\n", |
||||
- libnet_host_lookup(ip->ip_src.s_addr, 0), MIN_MTU); |
||||
+ libnet_addr2name4(ip->ip_src.s_addr, 0), MIN_MTU); |
||||
} |
||||
|
||||
static void |
||||
tcp_nice_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) |
||||
{ |
||||
- struct libnet_ip_hdr *ip; |
||||
+ struct libnet_ipv4_hdr *ip; |
||||
struct libnet_tcp_hdr *tcp; |
||||
- int *sock, len; |
||||
+ int len; |
||||
+ libnet_t *l; |
||||
|
||||
- sock = (int *)user; |
||||
+ l = (libnet_t *)user; |
||||
pkt += pcap_off; |
||||
len = pcap->caplen - pcap_off; |
||||
|
||||
- ip = (struct libnet_ip_hdr *)pkt; |
||||
+ ip = (struct libnet_ipv4_hdr *)pkt; |
||||
if (ip->ip_p != IPPROTO_TCP) |
||||
return; |
||||
|
||||
@@ -151,11 +150,11 @@ |
||||
|
||||
if (ntohs(ip->ip_len) > (ip->ip_hl << 2) + (tcp->th_off << 2)) { |
||||
if (Opt_icmp) |
||||
- send_icmp_source_quench(*sock, ip); |
||||
+ send_icmp_source_quench(l, ip); |
||||
if (Opt_win) |
||||
- send_tcp_window_advertisement(*sock, ip, tcp); |
||||
+ send_tcp_window_advertisement(l, ip, tcp); |
||||
if (Opt_pmtu) |
||||
- send_icmp_frag_needed(*sock, ip); |
||||
+ send_icmp_frag_needed(l, ip); |
||||
} |
||||
} |
||||
|
||||
@@ -164,8 +163,10 @@ |
||||
{ |
||||
extern char *optarg; |
||||
extern int optind; |
||||
- int c, sock; |
||||
+ int c; |
||||
char *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; |
||||
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||
+ libnet_t *l; |
||||
pcap_t *pd; |
||||
|
||||
intf = NULL; |
||||
@@ -209,14 +210,14 @@ |
||||
if ((pcap_off = pcap_dloff(pd)) < 0) |
||||
errx(1, "couldn't determine link layer offset"); |
||||
|
||||
- if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) |
||||
+ if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL) |
||||
errx(1, "couldn't initialize sending"); |
||||
|
||||
- libnet_seed_prand(); |
||||
+ libnet_seed_prand(l); |
||||
|
||||
warnx("listening on %s [%s]", intf, filter); |
||||
|
||||
- pcap_loop(pd, -1, tcp_nice_cb, (u_char *)&sock); |
||||
+ pcap_loop(pd, -1, tcp_nice_cb, (u_char *)l); |
||||
|
||||
/* NOTREACHED */ |
||||
|
||||
--- dsniff-2.4b1/tcp_raw.c 2001-03-15 10:33:04.000000000 +0200 |
||||
+++ dsniff-2.4b1/tcp_raw.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||
@@ -119,7 +119,7 @@ |
||||
} |
||||
|
||||
struct iovec * |
||||
-tcp_raw_input(struct libnet_ip_hdr *ip, struct libnet_tcp_hdr *tcp, int len) |
||||
+tcp_raw_input(struct libnet_ipv4_hdr *ip, struct libnet_tcp_hdr *tcp, int len) |
||||