From cd3c6b198518aefb01ca1ea59a159e5e8dcfc665 Mon Sep 17 00:00:00 2001 From: tuibuilder_pel7x64builder0 Date: Fri, 13 Aug 2021 10:13:41 +0200 Subject: [PATCH] dsniff package update Signed-off-by: tuibuilder_pel7x64builder0 --- SOURCES/dsniff-2.4-amd64_fix.patch | 219 +++++ SOURCES/dsniff-2.4-arpa_inet_header.patch | 63 ++ SOURCES/dsniff-2.4-arpspoof_hwaddr.patch | 218 +++++ SOURCES/dsniff-2.4-arpspoof_multiple.patch | 186 ++++ SOURCES/dsniff-2.4-arpspoof_reverse.patch | 142 +++ SOURCES/dsniff-2.4-checksum.patch | 27 + SOURCES/dsniff-2.4-checksum_libnids.patch | 96 +++ SOURCES/dsniff-2.4-fedora_dirs.patch | 60 ++ SOURCES/dsniff-2.4-glib2.patch | 14 + SOURCES/dsniff-2.4-libnet_11.patch | 904 ++++++++++++++++++++ SOURCES/dsniff-2.4-libnet_name2addr4.patch | 140 +++ SOURCES/dsniff-2.4-libtirpc.patch | 51 ++ SOURCES/dsniff-2.4-link_layer_offset.patch | 73 ++ SOURCES/dsniff-2.4-mailsnarf_corrupt.patch | 15 + SOURCES/dsniff-2.4-modernize_pop.patch | 122 +++ SOURCES/dsniff-2.4-msgsnarf_segfault.patch | 13 + SOURCES/dsniff-2.4-multiple_intf.patch | 54 ++ SOURCES/dsniff-2.4-obsolete_time.patch | 34 + SOURCES/dsniff-2.4-openssl_098.patch | 13 + SOURCES/dsniff-2.4-openssl_110.patch | 243 ++++++ SOURCES/dsniff-2.4-pcap_init.patch | 61 ++ SOURCES/dsniff-2.4-pcap_read_dump.patch | 531 ++++++++++++ SOURCES/dsniff-2.4-pntohl_shift.patch | 15 + SOURCES/dsniff-2.4-pop_with_version.patch | 28 + SOURCES/dsniff-2.4-remote_typo.patch | 14 + SOURCES/dsniff-2.4-rpc_segfault.patch | 17 + SOURCES/dsniff-2.4-smp_mflags.patch | 70 ++ SOURCES/dsniff-2.4-sshcrypto.patch | 14 + SOURCES/dsniff-2.4-string_header.patch | 164 ++++ SOURCES/dsniff-2.4-sysconf_clocks.patch | 26 + SOURCES/dsniff-2.4-tds_decoder.patch | 19 + SOURCES/dsniff-2.4-time_h.patch | 24 + SOURCES/dsniff-2.4-urlsnarf_escape.patch | 86 ++ SOURCES/dsniff-2.4-urlsnarf_timestamp.patch | 80 ++ SOURCES/dsniff-2.4-urlsnarf_zeropad.patch | 15 + SPECS/dsniff.spec | 280 ++++++ 36 files changed, 4131 insertions(+) create mode 100644 SOURCES/dsniff-2.4-amd64_fix.patch create mode 100644 SOURCES/dsniff-2.4-arpa_inet_header.patch create mode 100644 SOURCES/dsniff-2.4-arpspoof_hwaddr.patch create mode 100644 SOURCES/dsniff-2.4-arpspoof_multiple.patch create mode 100644 SOURCES/dsniff-2.4-arpspoof_reverse.patch create mode 100644 SOURCES/dsniff-2.4-checksum.patch create mode 100644 SOURCES/dsniff-2.4-checksum_libnids.patch create mode 100644 SOURCES/dsniff-2.4-fedora_dirs.patch create mode 100644 SOURCES/dsniff-2.4-glib2.patch create mode 100644 SOURCES/dsniff-2.4-libnet_11.patch create mode 100644 SOURCES/dsniff-2.4-libnet_name2addr4.patch create mode 100644 SOURCES/dsniff-2.4-libtirpc.patch create mode 100644 SOURCES/dsniff-2.4-link_layer_offset.patch create mode 100644 SOURCES/dsniff-2.4-mailsnarf_corrupt.patch create mode 100644 SOURCES/dsniff-2.4-modernize_pop.patch create mode 100644 SOURCES/dsniff-2.4-msgsnarf_segfault.patch create mode 100644 SOURCES/dsniff-2.4-multiple_intf.patch create mode 100644 SOURCES/dsniff-2.4-obsolete_time.patch create mode 100644 SOURCES/dsniff-2.4-openssl_098.patch create mode 100644 SOURCES/dsniff-2.4-openssl_110.patch create mode 100644 SOURCES/dsniff-2.4-pcap_init.patch create mode 100644 SOURCES/dsniff-2.4-pcap_read_dump.patch create mode 100644 SOURCES/dsniff-2.4-pntohl_shift.patch create mode 100644 SOURCES/dsniff-2.4-pop_with_version.patch create mode 100644 SOURCES/dsniff-2.4-remote_typo.patch create mode 100644 SOURCES/dsniff-2.4-rpc_segfault.patch create mode 100644 SOURCES/dsniff-2.4-smp_mflags.patch create mode 100644 SOURCES/dsniff-2.4-sshcrypto.patch create mode 100644 SOURCES/dsniff-2.4-string_header.patch create mode 100644 SOURCES/dsniff-2.4-sysconf_clocks.patch create mode 100644 SOURCES/dsniff-2.4-tds_decoder.patch create mode 100644 SOURCES/dsniff-2.4-time_h.patch create mode 100644 SOURCES/dsniff-2.4-urlsnarf_escape.patch create mode 100644 SOURCES/dsniff-2.4-urlsnarf_timestamp.patch create mode 100644 SOURCES/dsniff-2.4-urlsnarf_zeropad.patch create mode 100644 SPECS/dsniff.spec diff --git a/SOURCES/dsniff-2.4-amd64_fix.patch b/SOURCES/dsniff-2.4-amd64_fix.patch new file mode 100644 index 0000000..bd2986c --- /dev/null +++ b/SOURCES/dsniff-2.4-amd64_fix.patch @@ -0,0 +1,219 @@ +Patch by Steve Kemp for dsniff >= 2.4b1, which fixes the +compiling under AMD64 respectively x86_64. For further information, please +have a look to Debian bug ID #254002. + +--- dsniff-2.4b1/configure 2005-06-23 03:30:37.000000000 +0000 ++++ dsniff-2.4b1/configure.amd64_fix 2005-06-23 04:15:59.000000000 +0000 +@@ -2667,15 +2667,62 @@ + echo "$ac_t""no" 1>&6 + fi + ++echo $ac_n "checking for __dn_expand in -lresolv""... $ac_c" 1>&6 ++echo "configure:2672: checking for __dn_expand in -lresolv" >&5 ++ac_lib_var=`echo resolv'_'__dn_expand | sed 'y%./+-%__p_%'` ++if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++else ++ ac_save_LIBS="$LIBS" ++LIBS="-lresolv $LIBS" ++cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_lib_$ac_lib_var=yes" ++else ++ echo "configure: failed program was:" >&5 ++ cat conftest.$ac_ext >&5 ++ rm -rf conftest* ++ eval "ac_cv_lib_$ac_lib_var=no" ++fi ++rm -f conftest* ++LIBS="$ac_save_LIBS" ++ ++fi ++if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then ++ echo "$ac_t""yes" 1>&6 ++ ac_tr_lib=HAVE_LIB`echo resolv | sed -e 's/[^a-zA-Z0-9_]/_/g' \ ++ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` ++ cat >> confdefs.h <&6 ++fi ++ + for ac_func in dirname strlcpy strlcat strsep + do + echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +-echo "configure:2674: checking for $ac_func" >&5 ++echo "configure:2721: checking for $ac_func" >&5 + if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:2749: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" + else +@@ -2728,12 +2775,12 @@ + for ac_func in MD5Update + do + echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +-echo "configure:2732: checking for $ac_func" >&5 ++echo "configure:2779: checking for $ac_func" >&5 + if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:2807: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" + else +@@ -2788,12 +2835,12 @@ + for ac_func in warnx + do + echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +-echo "configure:2792: checking for $ac_func" >&5 ++echo "configure:2839: checking for $ac_func" >&5 + if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:2867: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" + else +@@ -2848,12 +2895,12 @@ + for ac_func in ether_ntoa + do + echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +-echo "configure:2852: checking for $ac_func" >&5 ++echo "configure:2899: checking for $ac_func" >&5 + if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:2927: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" + else +@@ -2912,7 +2959,7 @@ + fi + + echo $ac_n "checking for Berkeley DB with 1.85 compatibility""... $ac_c" 1>&6 +-echo "configure:2916: checking for Berkeley DB with 1.85 compatibility" >&5 ++echo "configure:2963: checking for Berkeley DB with 1.85 compatibility" >&5 + # Check whether --with-db or --without-db was given. + if test "${with_db+set}" = set; then + withval="$with_db" +@@ -3015,7 +3062,7 @@ + + + echo $ac_n "checking for libpcap""... $ac_c" 1>&6 +-echo "configure:3019: checking for libpcap" >&5 ++echo "configure:3066: checking for libpcap" >&5 + # Check whether --with-libpcap or --without-libpcap was given. + if test "${with_libpcap+set}" = set; then + withval="$with_libpcap" +@@ -3063,7 +3110,7 @@ + + + echo $ac_n "checking for libnet""... $ac_c" 1>&6 +-echo "configure:3067: checking for libnet" >&5 ++echo "configure:3114: checking for libnet" >&5 + # Check whether --with-libnet or --without-libnet was given. + if test "${with_libnet+set}" = set; then + withval="$with_libnet" +@@ -3110,7 +3157,7 @@ + + + echo $ac_n "checking for libnids""... $ac_c" 1>&6 +-echo "configure:3114: checking for libnids" >&5 ++echo "configure:3161: checking for libnids" >&5 + # Check whether --with-libnids or --without-libnids was given. + if test "${with_libnids+set}" = set; then + withval="$with_libnids" +@@ -3152,9 +3199,9 @@ + save_cppflags="$CPPFLAGS" + CPPFLAGS="$NIDSINC" + echo $ac_n "checking whether libnids version is good""... $ac_c" 1>&6 +-echo "configure:3156: checking whether libnids version is good" >&5 ++echo "configure:3203: checking whether libnids version is good" >&5 + cat > conftest.$ac_ext < + EOF +@@ -3173,7 +3220,7 @@ + + + echo $ac_n "checking for OpenSSL""... $ac_c" 1>&6 +-echo "configure:3177: checking for OpenSSL" >&5 ++echo "configure:3224: checking for OpenSSL" >&5 + # Check whether --with-openssl or --without-openssl was given. + if test "${with_openssl+set}" = set; then + withval="$with_openssl" +--- dsniff-2.4b1/configure.in 2005-06-23 03:30:37.000000000 +0000 ++++ dsniff-2.4b1/configure.in.amd64_fix 2005-06-23 04:16:01.000000000 +0000 +@@ -57,6 +57,7 @@ + AC_CHECK_LIB(nsl, gethostbyname) + dnl XXX - feh, everything except OpenBSD sux. + AC_CHECK_LIB(resolv, dn_expand) ++AC_CHECK_LIB(resolv, __dn_expand) + AC_REPLACE_FUNCS(dirname strlcpy strlcat strsep) + needmd5=no + AC_CHECK_FUNCS(MD5Update, , [needmd5=yes]) diff --git a/SOURCES/dsniff-2.4-arpa_inet_header.patch b/SOURCES/dsniff-2.4-arpa_inet_header.patch new file mode 100644 index 0000000..4182de6 --- /dev/null +++ b/SOURCES/dsniff-2.4-arpa_inet_header.patch @@ -0,0 +1,63 @@ +Patch by Luciano Bello for dsniff >= 2.4b1, which +adds the missing includes of arpa/inet. + +--- dsniff-2.4b1/decode_aim.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_aim.c.inet 2007-06-17 16:26:46.000000000 -0300 +@@ -14,6 +14,7 @@ + + #include + #include ++#include + + #include "hex.h" + #include "buf.h" +--- dsniff-2.4b1/decode_mmxp.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_mmxp.c.inet 2007-06-17 16:26:46.000000000 -0300 +@@ -21,6 +21,7 @@ + + #include + #include ++#include + + #include "buf.h" + #include "decode.h" +--- dsniff-2.4b1/decode_pptp.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_pptp.c.inet 2007-06-17 16:26:46.000000000 -0300 +@@ -16,6 +16,7 @@ + + #include + #include ++#include + + #include "buf.h" + #include "decode.h" +--- dsniff-2.4b1/decode_tds.c 2007-06-17 16:26:46.000000000 -0300 ++++ dsniff-2.4b1/decode_tds.c.inet 2007-06-17 16:26:46.000000000 -0300 +@@ -19,6 +19,7 @@ + #include + #include + #include ++#include + + #include "decode.h" + +--- dsniff-2.4b1/decode_vrrp.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_vrrp.c.inet 2007-06-17 16:26:46.000000000 -0300 +@@ -15,6 +15,7 @@ + + #include + #include ++#include + + #include "buf.h" + #include "decode.h" +--- dsniff-2.4b1/ssh.c 2007-06-17 16:26:46.000000000 -0300 ++++ dsniff-2.4b1/ssh.c.inet 2007-06-17 16:26:46.000000000 -0300 +@@ -23,6 +23,7 @@ + #include + #include + #include ++#include + #include + + #include "hex.h" diff --git a/SOURCES/dsniff-2.4-arpspoof_hwaddr.patch b/SOURCES/dsniff-2.4-arpspoof_hwaddr.patch new file mode 100644 index 0000000..9d03533 --- /dev/null +++ b/SOURCES/dsniff-2.4-arpspoof_hwaddr.patch @@ -0,0 +1,218 @@ +Patch by Stefan Tomanek for dsniff >= 2.4b1 to allow the +selection of source hw address. + +In certain networks, sending with the wrong hardware source address can jeopardize +the network connection of the host running arpspoof. This patch makes it possible +to specify whether arpspoof should use the own hardware address or the one of the +real host when resetting the arp table of the target systems; it is also possible +to use both. + +For some more information, please have a look to Debian bug ID #650752. + +--- dsniff-2.4/arpspoof.8 2013-12-20 20:54:25.000000000 +0100 ++++ dsniff-2.4/arpspoof.8.arpspoof_hwaddr 2013-12-20 20:55:19.000000000 +0100 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR ++\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-c \fIown|host|both\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR + .SH DESCRIPTION + .ad + .fi +@@ -23,6 +23,13 @@ + .SH OPTIONS + .IP "\fB-i \fIinterface\fR" + Specify the interface to use. ++.IP "\fB-c \fIown|host|both\fR" ++Specify which hardware address t use when restoring the arp configuration; ++while cleaning up, packets can be send with the own address as well as with ++the address of the host. Sending packets with a fake hw address can disrupt ++connectivity with certain switch/ap/bridge configurations, however it works ++more reliably than using the own address, which is the default way arpspoof ++cleans up afterwards. + .IP "\fB-t \fItarget\fR" + Specify a particular host to ARP poison (if not specified, all hosts + on the LAN). Repeat to specify multiple hosts. +--- dsniff-2.4/arpspoof.c 2013-12-20 20:54:25.000000000 +0100 ++++ dsniff-2.4/arpspoof.c.arpspoof_hwaddr 2013-12-20 21:02:10.000000000 +0100 +@@ -40,37 +40,36 @@ + static char *intf; + static int poison_reverse; + ++static uint8_t *my_ha = NULL; ++static uint8_t *brd_ha = "\xff\xff\xff\xff\xff\xff"; ++ ++static int cleanup_src_own = 1; ++static int cleanup_src_host = 0; ++ + static void + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: arpspoof [-i interface] [-t target] [-r] host\n"); ++ "Usage: arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host\n"); + exit(1); + } + + static int +-arp_send(libnet_t *l, int op, u_int8_t *sha, +- in_addr_t spa, u_int8_t *tha, in_addr_t tpa) ++arp_send(libnet_t *l, int op, ++ u_int8_t *sha, in_addr_t spa, ++ u_int8_t *tha, in_addr_t tpa, ++ u_int8_t *me) + { + int retval; + +- if (sha == NULL && +- (sha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { +- return (-1); +- } +- if (spa == 0) { +- if ((spa = libnet_get_ipaddr4(l)) == -1) +- return (-1); +- } +- if (tha == NULL) +- tha = "\xff\xff\xff\xff\xff\xff"; ++ if (!me) me = sha; + + libnet_autobuild_arp(op, sha, (u_int8_t *)&spa, + tha, (u_int8_t *)&tpa, l); +- libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, l, 0); ++ libnet_build_ethernet(tha, me, ETHERTYPE_ARP, NULL, 0, l, 0); + + fprintf(stderr, "%s ", +- ether_ntoa((struct ether_addr *)sha)); ++ ether_ntoa((struct ether_addr *)me)); + + if (op == ARPOP_REQUEST) { + fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n", +@@ -129,7 +128,7 @@ + /* XXX - force the kernel to arp. feh. */ + arp_force(ip); + #else +- arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip); ++ arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip, NULL); + #endif + sleep(1); + } +@@ -156,17 +155,22 @@ + int fw = arp_find(spoof.ip, &spoof.mac); + int bw = poison_reverse && targets[0].ip && arp_find_all(); + int i; ++ int rounds = (cleanup_src_own*5 + cleanup_src_host*5); + + fprintf(stderr, "Cleaning up and re-arping targets...\n"); +- for (i = 0; i < 5; i++) { ++ for (i = 0; i < rounds; i++) { + struct host *target = targets; + while(target->ip) { ++ uint8_t *src_ha = NULL; ++ if (cleanup_src_own && (i%2 || !cleanup_src_host)) { ++ src_ha = my_ha; ++ } + /* XXX - on BSD, requires ETHERSPOOF kernel. */ + if (fw) { + arp_send(l, ARPOP_REPLY, + (u_int8_t *)&spoof.mac, spoof.ip, +- (target->ip ? (u_int8_t *)&target->mac : NULL), +- target->ip); ++ (target->ip ? (u_int8_t *)&target->mac : brd_ha), ++ target->ip, src_ha); + /* we have to wait a moment before sending the next packet */ + sleep(1); + } +@@ -174,7 +178,7 @@ + arp_send(l, ARPOP_REPLY, + (u_int8_t *)&target->mac, target->ip, + (u_int8_t *)&spoof.mac, +- spoof.ip); ++ spoof.ip, src_ha); + sleep(1); + } + target++; +@@ -193,6 +197,7 @@ + char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + int c; + int n_targets; ++ char *cleanup_src = NULL; + + spoof.ip = 0; + intf = NULL; +@@ -202,7 +207,7 @@ + /* allocate enough memory for target list */ + targets = calloc( argc+1, sizeof(struct host) ); + +- while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) { ++ while ((c = getopt(argc, argv, "ri:t:c:h?V")) != -1) { + switch (c) { + case 'i': + intf = optarg; +@@ -214,6 +219,9 @@ + case 'r': + poison_reverse = 1; + break; ++ case 'c': ++ cleanup_src = optarg; ++ break; + default: + usage(); + } +@@ -229,6 +237,29 @@ + usage(); + } + ++ if (!cleanup_src || strcmp(cleanup_src, "own") == 0) { /* default! */ ++ /* only use our own hw address when cleaning up, ++ * not jeopardizing any bridges on the way to our ++ * target ++ */ ++ cleanup_src_own = 1; ++ cleanup_src_host = 0; ++ } else if (strcmp(cleanup_src, "host") == 0) { ++ /* only use the target hw address when cleaning up; ++ * this can screw up some bridges and scramble access ++ * for our own host, however it resets the arp table ++ * more reliably ++ */ ++ cleanup_src_own = 0; ++ cleanup_src_host = 1; ++ } else if (strcmp(cleanup_src, "both") == 0) { ++ cleanup_src_own = 1; ++ cleanup_src_host = 1; ++ } else { ++ errx(1, "Invalid parameter to -c: use 'own' (default), 'host' or 'both'."); ++ usage(); ++ } ++ + if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) + usage(); + +@@ -253,6 +284,10 @@ + } + } + ++ if ((my_ha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { ++ errx(1, "Unable to determine own mac address"); ++ } ++ + signal(SIGHUP, cleanup); + signal(SIGINT, cleanup); + signal(SIGTERM, cleanup); +@@ -260,11 +295,11 @@ + for (;;) { + struct host *target = targets; + while(target->ip) { +- arp_send(l, ARPOP_REPLY, NULL, spoof.ip, +- (target->ip ? (u_int8_t *)&target->mac : NULL), +- target->ip); ++ arp_send(l, ARPOP_REPLY, my_ha, spoof.ip, ++ (target->ip ? (u_int8_t *)&target->mac : brd_ha), ++ target->ip, my_ha); + if (poison_reverse) { +- arp_send(l, ARPOP_REPLY, NULL, target->ip, (uint8_t *)&spoof.mac, spoof.ip); ++ arp_send(l, ARPOP_REPLY, my_ha, target->ip, (uint8_t *)&spoof.mac, spoof.ip, my_ha); + } + target++; + } diff --git a/SOURCES/dsniff-2.4-arpspoof_multiple.patch b/SOURCES/dsniff-2.4-arpspoof_multiple.patch new file mode 100644 index 0000000..fced529 --- /dev/null +++ b/SOURCES/dsniff-2.4-arpspoof_multiple.patch @@ -0,0 +1,186 @@ +Patch by Stefan Tomanek for dsniff >= 2.4b1 to allow the use +of of multiple targets. For some more information, please have a look to Debian bug +ID #650751. + +--- dsniff-2.4/arpspoof.8 2013-12-20 20:40:36.000000000 +0100 ++++ dsniff-2.4/arpspoof.8.arpspoof_multiple 2013-12-20 20:41:45.000000000 +0100 +@@ -25,7 +25,7 @@ + Specify the interface to use. + .IP "\fB-t \fItarget\fR" + Specify a particular host to ARP poison (if not specified, all hosts +-on the LAN). ++on the LAN). Repeat to specify multiple hosts. + .IP "\fB\-r\fR" + Poison both hosts (host and target) to capture traffic in both directions. + (only valid in conjuntion with \-t) +--- dsniff-2.4/arpspoof.c 2013-12-20 20:40:36.000000000 +0100 ++++ dsniff-2.4/arpspoof.c.arpspoof_multiple 2013-12-20 20:50:34.000000000 +0100 +@@ -27,11 +27,16 @@ + #include "arp.h" + #include "version.h" + ++struct host { ++ in_addr_t ip; ++ struct ether_addr mac; ++}; ++ + extern char *ether_ntoa(struct ether_addr *); + + static libnet_t *l; +-static struct ether_addr spoof_mac, target_mac; +-static in_addr_t spoof_ip, target_ip; ++static struct host spoof = {0}; ++static struct host *targets; + static char *intf; + static int poison_reverse; + +@@ -133,30 +138,46 @@ + return (0); + } + ++static int arp_find_all() { ++ struct host *target = targets; ++ while(target->ip) { ++ if (arp_find(target->ip, &target->mac)) { ++ return 1; ++ } ++ target++; ++ } ++ ++ return 0; ++} ++ + static void + cleanup(int sig) + { +- int fw = arp_find(spoof_ip, &spoof_mac); +- int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac); ++ int fw = arp_find(spoof.ip, &spoof.mac); ++ int bw = poison_reverse && targets[0].ip && arp_find_all(); + int i; + + fprintf(stderr, "Cleaning up and re-arping targets...\n"); + for (i = 0; i < 5; i++) { +- /* XXX - on BSD, requires ETHERSPOOF kernel. */ +- if (fw) { +- arp_send(l, ARPOP_REPLY, +- (u_int8_t *)&spoof_mac, spoof_ip, +- (target_ip ? (u_int8_t *)&target_mac : NULL), +- target_ip); +- /* we have to wait a moment before sending the next packet */ +- sleep(1); +- } +- if (bw) { +- arp_send(l, ARPOP_REPLY, +- (u_int8_t *)&target_mac, target_ip, +- (u_int8_t *)&spoof_mac, +- spoof_ip); +- sleep(1); ++ struct host *target = targets; ++ while(target->ip) { ++ /* XXX - on BSD, requires ETHERSPOOF kernel. */ ++ if (fw) { ++ arp_send(l, ARPOP_REPLY, ++ (u_int8_t *)&spoof.mac, spoof.ip, ++ (target->ip ? (u_int8_t *)&target->mac : NULL), ++ target->ip); ++ /* we have to wait a moment before sending the next packet */ ++ sleep(1); ++ } ++ if (bw) { ++ arp_send(l, ARPOP_REPLY, ++ (u_int8_t *)&target->mac, target->ip, ++ (u_int8_t *)&spoof.mac, ++ spoof.ip); ++ sleep(1); ++ } ++ target++; + } + } + +@@ -171,10 +192,15 @@ + char pcap_ebuf[PCAP_ERRBUF_SIZE]; + char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + int c; ++ int n_targets; + ++ spoof.ip = 0; + intf = NULL; +- spoof_ip = target_ip = 0; + poison_reverse = 0; ++ n_targets = 0; ++ ++ /* allocate enough memory for target list */ ++ targets = calloc( argc+1, sizeof(struct host) ); + + while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) { + switch (c) { +@@ -182,7 +208,7 @@ + intf = optarg; + break; + case 't': +- if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) ++ if ((targets[n_targets++].ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) + usage(); + break; + case 'r': +@@ -198,12 +224,12 @@ + if (argc != 1) + usage(); + +- if (poison_reverse && !target_ip) { ++ if (poison_reverse && !n_targets) { + errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t)."); + usage(); + } + +- if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) ++ if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) + usage(); + + if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL) +@@ -212,14 +238,18 @@ + if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL) + errx(1, "%s", libnet_ebuf); + +- if (target_ip != 0 && !arp_find(target_ip, &target_mac)) +- errx(1, "couldn't arp for host %s", +- libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); ++ struct host *target = targets; ++ while(target->ip) { ++ if (target->ip != 0 && !arp_find(target->ip, &target->mac)) ++ errx(1, "couldn't arp for host %s", ++ libnet_addr2name4(target->ip, LIBNET_DONT_RESOLVE)); ++ target++; ++ } + + if (poison_reverse) { +- if (!arp_find(spoof_ip, &spoof_mac)) { ++ if (!arp_find(spoof.ip, &spoof.mac)) { + errx(1, "couldn't arp for spoof host %s", +- libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE)); ++ libnet_addr2name4(spoof.ip, LIBNET_DONT_RESOLVE)); + } + } + +@@ -228,11 +258,15 @@ + signal(SIGTERM, cleanup); + + for (;;) { +- arp_send(l, ARPOP_REPLY, NULL, spoof_ip, +- (target_ip ? (u_int8_t *)&target_mac : NULL), +- target_ip); +- if (poison_reverse) { +- arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip); ++ struct host *target = targets; ++ while(target->ip) { ++ arp_send(l, ARPOP_REPLY, NULL, spoof.ip, ++ (target->ip ? (u_int8_t *)&target->mac : NULL), ++ target->ip); ++ if (poison_reverse) { ++ arp_send(l, ARPOP_REPLY, NULL, target->ip, (uint8_t *)&spoof.mac, spoof.ip); ++ } ++ target++; + } + sleep(2); + } diff --git a/SOURCES/dsniff-2.4-arpspoof_reverse.patch b/SOURCES/dsniff-2.4-arpspoof_reverse.patch new file mode 100644 index 0000000..7087937 --- /dev/null +++ b/SOURCES/dsniff-2.4-arpspoof_reverse.patch @@ -0,0 +1,142 @@ +Patch by Stefan Tomanek for dsniff >= 2.4b1 to add add -r +switch to poison both directions. For some more information, please have a look to +Debian bug ID #650749. + +--- dsniff-2.4/arpspoof.8 2000-11-28 08:43:43.000000000 +0100 ++++ dsniff-2.4/arpspoof.8.arpspoof_reverse 2013-12-20 20:27:49.000000000 +0100 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBarpspoof\fR [\fB-i \fIinterface\fR] [\fB-t \fItarget\fR] \fIhost\fR ++\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR + .SH DESCRIPTION + .ad + .fi +@@ -26,6 +26,9 @@ + .IP "\fB-t \fItarget\fR" + Specify a particular host to ARP poison (if not specified, all hosts + on the LAN). ++.IP "\fB\-r\fR" ++Poison both hosts (host and target) to capture traffic in both directions. ++(only valid in conjuntion with \-t) + .IP \fIhost\fR + Specify the host you wish to intercept packets for (usually the local + gateway). +--- dsniff-2.4/arpspoof.c 2013-12-20 20:25:04.000000000 +0100 ++++ dsniff-2.4/arpspoof.c.arpspoof_reverse 2013-12-20 20:34:31.000000000 +0100 +@@ -7,6 +7,8 @@ + * Copyright (c) 1999 Dug Song + * + * $Id: arpspoof.c,v 1.5 2001/03/15 08:32:58 dugsong Exp $ ++ * ++ * Improved 2011 by Stefan Tomanek + */ + + #include "config.h" +@@ -31,12 +33,13 @@ + static struct ether_addr spoof_mac, target_mac; + static in_addr_t spoof_ip, target_ip; + static char *intf; ++static int poison_reverse; + + static void + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: arpspoof [-i interface] [-t target] host\n"); ++ "Usage: arpspoof [-i interface] [-t target] [-r] host\n"); + exit(1); + } + +@@ -133,18 +136,30 @@ + static void + cleanup(int sig) + { ++ int fw = arp_find(spoof_ip, &spoof_mac); ++ int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac); + int i; + +- if (arp_find(spoof_ip, &spoof_mac)) { +- for (i = 0; i < 3; i++) { +- /* XXX - on BSD, requires ETHERSPOOF kernel. */ ++ fprintf(stderr, "Cleaning up and re-arping targets...\n"); ++ for (i = 0; i < 5; i++) { ++ /* XXX - on BSD, requires ETHERSPOOF kernel. */ ++ if (fw) { + arp_send(l, ARPOP_REPLY, + (u_int8_t *)&spoof_mac, spoof_ip, + (target_ip ? (u_int8_t *)&target_mac : NULL), + target_ip); ++ /* we have to wait a moment before sending the next packet */ ++ sleep(1); ++ } ++ if (bw) { ++ arp_send(l, ARPOP_REPLY, ++ (u_int8_t *)&target_mac, target_ip, ++ (u_int8_t *)&spoof_mac, ++ spoof_ip); + sleep(1); + } + } ++ + exit(0); + } + +@@ -159,8 +174,9 @@ + + intf = NULL; + spoof_ip = target_ip = 0; ++ poison_reverse = 0; + +- while ((c = getopt(argc, argv, "i:t:h?V")) != -1) { ++ while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) { + switch (c) { + case 'i': + intf = optarg; +@@ -169,6 +185,9 @@ + if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) + usage(); + break; ++ case 'r': ++ poison_reverse = 1; ++ break; + default: + usage(); + } +@@ -179,6 +198,11 @@ + if (argc != 1) + usage(); + ++ if (poison_reverse && !target_ip) { ++ errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t)."); ++ usage(); ++ } ++ + if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) + usage(); + +@@ -192,6 +216,13 @@ + errx(1, "couldn't arp for host %s", + libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); + ++ if (poison_reverse) { ++ if (!arp_find(spoof_ip, &spoof_mac)) { ++ errx(1, "couldn't arp for spoof host %s", ++ libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE)); ++ } ++ } ++ + signal(SIGHUP, cleanup); + signal(SIGINT, cleanup); + signal(SIGTERM, cleanup); +@@ -200,6 +231,9 @@ + arp_send(l, ARPOP_REPLY, NULL, spoof_ip, + (target_ip ? (u_int8_t *)&target_mac : NULL), + target_ip); ++ if (poison_reverse) { ++ arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip); ++ } + sleep(2); + } + /* NOTREACHED */ diff --git a/SOURCES/dsniff-2.4-checksum.patch b/SOURCES/dsniff-2.4-checksum.patch new file mode 100644 index 0000000..ccdcd2f --- /dev/null +++ b/SOURCES/dsniff-2.4-checksum.patch @@ -0,0 +1,27 @@ +Patch by iotr Engelking for dsniff >= 2.4b1, which +disables the filtering packets with incorrect checksum. And for any further +information, please have a look to Debian bug ID #372536. + +--- dsniff-2.4b1/urlsnarf.c 2006-09-21 01:50:01.000000000 +0200 ++++ dsniff-2.4b1/urlsnarf.c.checksum 2006-09-21 01:51:13.000000000 +0200 +@@ -200,6 +200,7 @@ + extern char *optarg; + extern int optind; + int c; ++ struct nids_chksum_ctl chksum_ctl; + + while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) { + switch (c) { +@@ -260,6 +261,12 @@ + } + } + ++ chksum_ctl.netaddr = 0; ++ chksum_ctl.mask = 0; ++ chksum_ctl.action = NIDS_DONT_CHKSUM; ++ ++ nids_register_chksum_ctl(&chksum_ctl, 1); ++ + nids_run(); + + /* NOTREACHED */ diff --git a/SOURCES/dsniff-2.4-checksum_libnids.patch b/SOURCES/dsniff-2.4-checksum_libnids.patch new file mode 100644 index 0000000..027e9e1 --- /dev/null +++ b/SOURCES/dsniff-2.4-checksum_libnids.patch @@ -0,0 +1,96 @@ +Patch by Gleb Paharenko for dsniff >= 2.4b1, which +adds checksum for libnids. For further information, please have a look to +Debian bug ID #420129. + +--- dsniff-2.4b1/dsniff.c 2007-08-11 01:37:33.000000000 -0300 ++++ dsniff-2.4b1/dsniff.c.checksum 2007-08-11 01:38:55.000000000 -0300 +@@ -70,6 +70,80 @@ + { + } + ++ ++static int get_all_ifaces(struct ifreq **, int *); ++static unsigned int get_addr_from_ifreq(struct ifreq *); ++ ++int all_local_ipaddrs_chksum_disable() ++{ ++ struct ifreq *ifaces; ++ int ifaces_count; ++ int i, ind = 0; ++ struct nids_chksum_ctl *ctlp; ++ unsigned int tmp; ++ ++ if (!get_all_ifaces(&ifaces, &ifaces_count)) ++ return -1; ++ ctlp = ++ (struct nids_chksum_ctl *) malloc(ifaces_count * ++ sizeof(struct ++ nids_chksum_ctl)); ++ if (!ctlp) ++ return -1; ++ for (i = 0; i < ifaces_count; i++) { ++ tmp = get_addr_from_ifreq(ifaces + i); ++ if (tmp) { ++ ctlp[ind].netaddr = tmp; ++ ctlp[ind].mask = inet_addr("255.255.255.255"); ++ ctlp[ind].action = NIDS_DONT_CHKSUM; ++ ind++; ++ } ++ } ++ free(ifaces); ++ nids_register_chksum_ctl(ctlp, ind); ++} ++ ++/* helper functions for Example 2 */ ++unsigned int get_addr_from_ifreq(struct ifreq *iface) ++{ ++ if (iface->ifr_addr.sa_family == AF_INET) ++ return ((struct sockaddr_in *) &(iface->ifr_addr))-> ++ sin_addr.s_addr; ++ return 0; ++} ++ ++static int get_all_ifaces(struct ifreq **ifaces, int *count) ++{ ++ int ifaces_size = 8 * sizeof(struct ifreq); ++ struct ifconf param; ++ int sock; ++ unsigned int i; ++ ++ *ifaces = malloc(ifaces_size); ++ sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); ++ if (sock <= 0) ++ return 0; ++ for (;;) { ++ param.ifc_len = ifaces_size; ++ param.ifc_req = *ifaces; ++ if (ioctl(sock, SIOCGIFCONF, ¶m)) ++ goto err; ++ if (param.ifc_len < ifaces_size) ++ break; ++ free(*ifaces); ++ ifaces_size *= 2; ++ ifaces = malloc(ifaces_size); ++ } ++ *count = param.ifc_len / sizeof(struct ifreq); ++ close(sock); ++ return 1; ++ err: ++ close(sock); ++ return 0; ++} ++ ++ ++ + int + main(int argc, char *argv[]) + { +@@ -189,6 +263,8 @@ + warnx("using %s", nids_params.filename); + } + } ++ ++ all_local_ipaddrs_chksum_disable(); + + nids_run(); + diff --git a/SOURCES/dsniff-2.4-fedora_dirs.patch b/SOURCES/dsniff-2.4-fedora_dirs.patch new file mode 100644 index 0000000..781d074 --- /dev/null +++ b/SOURCES/dsniff-2.4-fedora_dirs.patch @@ -0,0 +1,60 @@ +Patch by Steve Kemp for dsniff >= 2.4b1, which changes +various paths for the Fedora directory structure. + +--- dsniff-2.4b1/Makefile.in 2005-06-23 03:30:37.000000000 +0000 ++++ dsniff-2.4b1/Makefile.in.fedora 2005-06-23 04:17:14.000000000 +0000 +@@ -11,7 +11,7 @@ + install_prefix = + prefix = @prefix@ + exec_prefix = @exec_prefix@ +-libdir = @libdir@ ++libdir = @sysconfdir@/dsniff + sbindir = @sbindir@ + mandir = @mandir@ + +@@ -37,8 +37,7 @@ + X11INC = @X_CFLAGS@ + X11LIB = @X_LIBS@ @X_PRE_LIBS@ -lXmu -lX11 @X_EXTRA_LIBS@ + +-INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \ +- -I$(srcdir)/missing ++INCS = -I. $(X11INC) $(SSLINC) -I$(srcdir)/missing + LIBS = @LIBS@ -L$(srcdir) -lmissing + + INSTALL = @INSTALL@ +--- dsniff-2.4b1/dnsspoof.8 2005-06-23 03:30:37.000000000 +0000 ++++ dsniff-2.4b1/dnsspoof.8.fedora 2005-06-23 04:17:37.000000000 +0000 +@@ -31,7 +31,7 @@ + address queries on the LAN with an answer of the local machine's IP + address. + .SH FILES +-.IP \fI/usr/local/lib/dnsspoof.hosts\fR ++.IP \fI/etc/dsniff/dnsspoof.hosts\fR + Sample hosts file. + .SH "SEE ALSO" + dsniff(8), hosts(5) +--- dsniff-2.4b1/dsniff.8 2005-06-23 04:17:06.000000000 +0000 ++++ dsniff-2.4b1/dsniff.8.fedora 2005-06-23 04:18:21.000000000 +0000 +@@ -68,9 +68,9 @@ + On a hangup signal \fBdsniff\fR will dump its current trigger table to + \fIdsniff.services\fR. + .SH FILES +-.IP \fI/usr/local/lib/dsniff.services\fR ++.IP \fI/etc/dsniff/dsniff.services\fR + Default trigger table +-.IP \fI/usr/local/lib/dsniff.magic\fR ++.IP \fI/etc/dsniff/dsniff.magic\fR + Network protocol magic + .SH "SEE ALSO" + arpspoof(8), libnids(3), services(5), magic(5) +--- dsniff-2.4b1/pathnames.h 2005-06-23 03:30:37.000000000 +0000 ++++ dsniff-2.4b1/pathnames.h.fedora 2005-06-23 04:17:25.000000000 +0000 +@@ -12,7 +12,7 @@ + #define PATHNAMES_H + + #ifndef DSNIFF_LIBDIR +-#define DSNIFF_LIBDIR "/usr/local/lib/" ++#define DSNIFF_LIBDIR "/etc/dsniff/" + #endif + + #define DSNIFF_SERVICES "dsniff.services" diff --git a/SOURCES/dsniff-2.4-glib2.patch b/SOURCES/dsniff-2.4-glib2.patch new file mode 100644 index 0000000..f7f54e0 --- /dev/null +++ b/SOURCES/dsniff-2.4-glib2.patch @@ -0,0 +1,14 @@ +Patch by Robert Scheck for dsniff >= 2.4b1, that +adds some missing linkages to glib2. + +--- dsniff-2.4b1/Makefile.in 2007-11-24 13:56:47.000000000 +0100 ++++ dsniff-2.4b1/Makefile.in.glib2 2007-11-24 15:40:55.000000000 +0100 +@@ -26,7 +26,7 @@ + LNETLIB = @LNETLIB@ + + NIDSINC = @NIDSINC@ +-NIDSLIB = @NIDSLIB@ ++NIDSLIB = @NIDSLIB@ -lglib-2.0 -lgthread-2.0 -lpthread + + DBINC = @DBINC@ + DBLIB = @DBLIB@ diff --git a/SOURCES/dsniff-2.4-libnet_11.patch b/SOURCES/dsniff-2.4-libnet_11.patch new file mode 100644 index 0000000..814cfa6 --- /dev/null +++ b/SOURCES/dsniff-2.4-libnet_11.patch @@ -0,0 +1,904 @@ +Patch for dsniff >= 2.4b1, which adds support for libnet >= 1.1 having a +completely rewritten API. + +--- dsniff-2.4b1/arpspoof.c 2006-06-09 13:35:29.000000000 +0300 ++++ dsniff-2.4b1/arpspoof.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -27,7 +27,7 @@ + + extern char *ether_ntoa(struct ether_addr *); + +-static struct libnet_link_int *llif; ++static libnet_t *l; + static struct ether_addr spoof_mac, target_mac; + static in_addr_t spoof_ip, target_ip; + static char *intf; +@@ -41,47 +41,49 @@ + } + + static int +-arp_send(struct libnet_link_int *llif, char *dev, +- int op, u_char *sha, in_addr_t spa, u_char *tha, in_addr_t tpa) ++arp_send(libnet_t *l, int op, u_int8_t *sha, ++ in_addr_t spa, u_int8_t *tha, in_addr_t tpa) + { +- char ebuf[128]; +- u_char pkt[60]; +- ++ int retval; ++ + if (sha == NULL && +- (sha = (u_char *)libnet_get_hwaddr(llif, dev, ebuf)) == NULL) { ++ (sha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { + return (-1); + } + if (spa == 0) { +- if ((spa = libnet_get_ipaddr(llif, dev, ebuf)) == 0) ++ if ((spa = libnet_get_ipaddr4(l)) == -1) + return (-1); +- spa = htonl(spa); /* XXX */ + } + if (tha == NULL) + tha = "\xff\xff\xff\xff\xff\xff"; + +- libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, pkt); ++ libnet_autobuild_arp(op, sha, (u_int8_t *)&spa, ++ tha, (u_int8_t *)&tpa, l); ++ libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, l, 0); + +- libnet_build_arp(ARPHRD_ETHER, ETHERTYPE_IP, ETHER_ADDR_LEN, 4, +- op, sha, (u_char *)&spa, tha, (u_char *)&tpa, +- NULL, 0, pkt + ETH_H); +- + fprintf(stderr, "%s ", + ether_ntoa((struct ether_addr *)sha)); + + if (op == ARPOP_REQUEST) { + fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n", + ether_ntoa((struct ether_addr *)tha), +- libnet_host_lookup(tpa, 0), +- libnet_host_lookup(spa, 0)); ++ libnet_addr2name4(tpa, LIBNET_DONT_RESOLVE), ++ libnet_addr2name4(spa, LIBNET_DONT_RESOLVE)); + } + else { + fprintf(stderr, "%s 0806 42: arp reply %s is-at ", + ether_ntoa((struct ether_addr *)tha), +- libnet_host_lookup(spa, 0)); ++ libnet_addr2name4(spa, LIBNET_DONT_RESOLVE)); + fprintf(stderr, "%s\n", + ether_ntoa((struct ether_addr *)sha)); + } +- return (libnet_write_link_layer(llif, dev, pkt, sizeof(pkt)) == sizeof(pkt)); ++ retval = libnet_write(l); ++ if (retval) ++ fprintf(stderr, "%s", libnet_geterror(l)); ++ ++ libnet_clear_packet(l); ++ ++ return retval; + } + + #ifdef __linux__ +@@ -119,7 +121,7 @@ + /* XXX - force the kernel to arp. feh. */ + arp_force(ip); + #else +- arp_send(llif, intf, ARPOP_REQUEST, NULL, 0, NULL, ip); ++ arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip); + #endif + sleep(1); + } +@@ -136,9 +138,9 @@ + if (arp_find(spoof_ip, &spoof_mac)) { + for (i = 0; i < 3; i++) { + /* XXX - on BSD, requires ETHERSPOOF kernel. */ +- arp_send(llif, intf, ARPOP_REPLY, +- (u_char *)&spoof_mac, spoof_ip, +- (target_ip ? (u_char *)&target_mac : NULL), ++ arp_send(l, ARPOP_REPLY, ++ (u_int8_t *)&spoof_mac, spoof_ip, ++ (target_ip ? (u_int8_t *)&target_mac : NULL), + target_ip); + sleep(1); + } +@@ -151,7 +153,8 @@ + { + extern char *optarg; + extern int optind; +- char ebuf[PCAP_ERRBUF_SIZE]; ++ char pcap_ebuf[PCAP_ERRBUF_SIZE]; ++ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + int c; + + intf = NULL; +@@ -163,7 +166,7 @@ + intf = optarg; + break; + case 't': +- if ((target_ip = libnet_name_resolve(optarg, 1)) == -1) ++ if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) + usage(); + break; + default: +@@ -176,26 +179,26 @@ + if (argc != 1) + usage(); + +- if ((spoof_ip = libnet_name_resolve(argv[0], 1)) == -1) ++ if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) + usage(); + +- if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) +- errx(1, "%s", ebuf); ++ if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL) ++ errx(1, "%s", pcap_ebuf); + +- if ((llif = libnet_open_link_interface(intf, ebuf)) == 0) +- errx(1, "%s", ebuf); ++ if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL) ++ errx(1, "%s", libnet_ebuf); + + if (target_ip != 0 && !arp_find(target_ip, &target_mac)) + errx(1, "couldn't arp for host %s", +- libnet_host_lookup(target_ip, 0)); ++ libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); + + signal(SIGHUP, cleanup); + signal(SIGINT, cleanup); + signal(SIGTERM, cleanup); + + for (;;) { +- arp_send(llif, intf, ARPOP_REPLY, NULL, spoof_ip, +- (target_ip ? (u_char *)&target_mac : NULL), ++ arp_send(l, ARPOP_REPLY, NULL, spoof_ip, ++ (target_ip ? (u_int8_t *)&target_mac : NULL), + target_ip); + sleep(2); + } +--- dsniff-2.4b1/dnsspoof.c 2001-03-15 10:33:03.000000000 +0200 ++++ dsniff-2.4b1/dnsspoof.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -38,7 +38,7 @@ + + pcap_t *pcap_pd = NULL; + int pcap_off = -1; +-int lnet_sock = -1; ++libnet_t *l; + u_long lnet_ip = -1; + + static void +@@ -90,19 +90,18 @@ + dns_init(char *dev, char *filename) + { + FILE *f; +- struct libnet_link_int *llif; ++ libnet_t *l; ++ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + struct dnsent *de; + char *ip, *name, buf[1024]; + +- if ((llif = libnet_open_link_interface(dev, buf)) == NULL) +- errx(1, "%s", buf); ++ if ((l = libnet_init(LIBNET_LINK, dev, libnet_ebuf)) == NULL) ++ errx(1, "%s", libnet_ebuf); + +- if ((lnet_ip = libnet_get_ipaddr(llif, dev, buf)) == -1) +- errx(1, "%s", buf); ++ if ((lnet_ip = libnet_get_ipaddr4(l)) == -1) ++ errx(1, "%s", libnet_geterror(l)); + +- lnet_ip = htonl(lnet_ip); +- +- libnet_close_link_interface(llif); ++ libnet_destroy(l); + + SLIST_INIT(&dns_entries); + +@@ -180,7 +179,7 @@ + static void + dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, const u_char *pkt) + { +- struct libnet_ip_hdr *ip; ++ struct libnet_ipv4_hdr *ip; + struct libnet_udp_hdr *udp; + HEADER *dns; + char name[MAXHOSTNAMELEN]; +@@ -189,7 +188,7 @@ + in_addr_t dst; + u_short type, class; + +- ip = (struct libnet_ip_hdr *)(pkt + pcap_off); ++ ip = (struct libnet_ipv4_hdr *)(pkt + pcap_off); + udp = (struct libnet_udp_hdr *)(pkt + pcap_off + (ip->ip_hl * 4)); + dns = (HEADER *)(udp + 1); + p = (u_char *)(dns + 1); +@@ -212,7 +211,7 @@ + if (class != C_IN) + return; + +- p = buf + IP_H + UDP_H + dnslen; ++ p = buf + dnslen; + + if (type == T_A) { + if ((dst = dns_lookup_a(name)) == -1) +@@ -234,38 +233,38 @@ + anslen += 12; + } + else return; +- +- libnet_build_ip(UDP_H + dnslen + anslen, 0, libnet_get_prand(PRu16), +- 0, 64, IPPROTO_UDP, ip->ip_dst.s_addr, +- ip->ip_src.s_addr, NULL, 0, buf); +- +- libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport), +- NULL, dnslen + anslen, buf + IP_H); + +- memcpy(buf + IP_H + UDP_H, (u_char *)dns, dnslen); ++ memcpy(buf, (u_char *)dns, dnslen); + +- dns = (HEADER *)(buf + IP_H + UDP_H); ++ dns = (HEADER *)buf; + dns->qr = dns->ra = 1; + if (type == T_PTR) dns->aa = 1; + dns->ancount = htons(1); + + dnslen += anslen; ++ ++ libnet_clear_packet(l); ++ libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport), ++ LIBNET_UDP_H + dnslen, 0, ++ (u_int8_t *)buf, dnslen, l, 0); ++ ++ libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_UDP_H + dnslen, 0, ++ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_UDP, 0, ++ ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, l, 0); + +- libnet_do_checksum(buf, IPPROTO_UDP, UDP_H + dnslen); +- +- if (libnet_write_ip(lnet_sock, buf, IP_H + UDP_H + dnslen) < 0) ++ if (libnet_write(l) < 0) + warn("write"); + + fprintf(stderr, "%s.%d > %s.%d: %d+ %s? %s\n", +- libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport), +- libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport), ++ libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport), ++ libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport), + ntohs(dns->id), type == T_A ? "A" : "PTR", name); + } + + static void + cleanup(int sig) + { +- libnet_close_raw_sock(lnet_sock); ++ libnet_destroy(l); + pcap_close(pcap_pd); + exit(0); + } +@@ -276,6 +275,7 @@ + extern char *optarg; + extern int optind; + char *p, *dev, *hosts, buf[1024]; ++ char ebuf[LIBNET_ERRBUF_SIZE]; + int i; + + dev = hosts = NULL; +@@ -306,7 +306,7 @@ + strlcpy(buf, p, sizeof(buf)); + } + else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s", +- libnet_host_lookup(lnet_ip, 0)); ++ libnet_addr2name4(lnet_ip, LIBNET_DONT_RESOLVE)); + + if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL) + errx(1, "couldn't initialize sniffing"); +@@ -314,10 +314,10 @@ + if ((pcap_off = pcap_dloff(pcap_pd)) < 0) + errx(1, "couldn't determine link layer offset"); + +- if ((lnet_sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) ++ if ((l = libnet_init(LIBNET_RAW4, dev, ebuf)) == NULL) + errx(1, "couldn't initialize sending"); + +- libnet_seed_prand(); ++ libnet_seed_prand(l); + + signal(SIGHUP, cleanup); + signal(SIGINT, cleanup); +--- dsniff-2.4b1/filesnarf.c 2006-06-09 13:35:29.000000000 +0300 ++++ dsniff-2.4b1/filesnarf.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -134,8 +134,8 @@ + int fd; + + warnx("%s.%d > %s.%d: %s (%d@%d)", +- libnet_host_lookup(addr->daddr, 0), addr->dest, +- libnet_host_lookup(addr->saddr, 0), addr->source, ++ libnet_addr2name4(addr->daddr, LIBNET_DONT_RESOLVE), addr->dest, ++ libnet_addr2name4(addr->saddr, LIBNET_DONT_RESOLVE), addr->source, + ma->filename, len, ma->offset); + + if ((fd = open(ma->filename, O_WRONLY|O_CREAT, 0644)) >= 0) { +@@ -353,7 +353,7 @@ + } + + static void +-decode_udp_nfs(struct libnet_ip_hdr *ip) ++decode_udp_nfs(struct libnet_ipv4_hdr *ip) + { + static struct tuple4 addr; + struct libnet_udp_hdr *udp; +--- dsniff-2.4b1/macof.c 2001-03-15 10:33:04.000000000 +0200 ++++ dsniff-2.4b1/macof.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -48,8 +48,8 @@ + static void + gen_mac(u_char *mac) + { +- *((in_addr_t *)mac) = libnet_get_prand(PRu32); +- *((u_short *)(mac + 4)) = libnet_get_prand(PRu16); ++ *((in_addr_t *)mac) = libnet_get_prand(LIBNET_PRu32); ++ *((u_short *)(mac + 4)) = libnet_get_prand(LIBNET_PRu16); + } + + int +@@ -59,22 +59,23 @@ + extern int optind; + int c, i; + struct libnet_link_int *llif; +- char ebuf[PCAP_ERRBUF_SIZE]; ++ char pcap_ebuf[PCAP_ERRBUF_SIZE]; ++ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + u_char sha[ETHER_ADDR_LEN], tha[ETHER_ADDR_LEN]; + in_addr_t src, dst; + u_short sport, dport; + u_int32_t seq; +- u_char pkt[ETH_H + IP_H + TCP_H]; ++ libnet_t *l; + + while ((c = getopt(argc, argv, "vs:d:e:x:y:i:n:h?V")) != -1) { + switch (c) { + case 'v': + break; + case 's': +- Src = libnet_name_resolve(optarg, 0); ++ Src = libnet_name2addr4(l, optarg, 0); + break; + case 'd': +- Dst = libnet_name_resolve(optarg, 0); ++ Dst = libnet_name2addr4(l, optarg, 0); + break; + case 'e': + Tha = (u_char *)ether_aton(optarg); +@@ -101,13 +102,13 @@ + if (argc != 0) + usage(); + +- if (!Intf && (Intf = pcap_lookupdev(ebuf)) == NULL) +- errx(1, "%s", ebuf); ++ if (!Intf && (Intf = pcap_lookupdev(pcap_ebuf)) == NULL) ++ errx(1, "%s", pcap_ebuf); + +- if ((llif = libnet_open_link_interface(Intf, ebuf)) == 0) +- errx(1, "%s", ebuf); ++ if ((l = libnet_init(LIBNET_LINK, Intf, libnet_ebuf)) == NULL) ++ errx(1, "%s", libnet_ebuf); + +- libnet_seed_prand(); ++ libnet_seed_prand(l); + + for (i = 0; i != Repeat; i++) { + +@@ -117,39 +118,39 @@ + else memcpy(tha, Tha, sizeof(tha)); + + if (Src != 0) src = Src; +- else src = libnet_get_prand(PRu32); ++ else src = libnet_get_prand(LIBNET_PRu32); + + if (Dst != 0) dst = Dst; +- else dst = libnet_get_prand(PRu32); ++ else dst = libnet_get_prand(LIBNET_PRu32); + + if (Sport != 0) sport = Sport; +- else sport = libnet_get_prand(PRu16); ++ else sport = libnet_get_prand(LIBNET_PRu16); + + if (Dport != 0) dport = Dport; +- else dport = libnet_get_prand(PRu16); ++ else dport = libnet_get_prand(LIBNET_PRu16); + +- seq = libnet_get_prand(PRu32); +- +- libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, pkt); +- +- libnet_build_ip(TCP_H, 0, libnet_get_prand(PRu16), 0, 64, +- IPPROTO_TCP, src, dst, NULL, 0, pkt + ETH_H); ++ seq = libnet_get_prand(LIBNET_PRu32); + + libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512, +- 0, NULL, 0, pkt + ETH_H + IP_H); ++ 0, 0, LIBNET_TCP_H, NULL, 0, l, 0); + +- libnet_do_checksum(pkt + ETH_H, IPPROTO_IP, IP_H); +- libnet_do_checksum(pkt + ETH_H, IPPROTO_TCP, TCP_H); ++ libnet_build_ipv4(LIBNET_TCP_H, 0, ++ libnet_get_prand(LIBNET_PRu16), 0, 64, ++ IPPROTO_TCP, 0, src, dst, NULL, 0, l, 0); + +- if (libnet_write_link_layer(llif, Intf, pkt, sizeof(pkt)) < 0) ++ libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, l, 0); ++ ++ if (libnet_write(l) < 0) + errx(1, "write"); + ++ libnet_clear_packet(l); ++ + fprintf(stderr, "%s ", + ether_ntoa((struct ether_addr *)sha)); + fprintf(stderr, "%s %s.%d > %s.%d: S %u:%u(0) win 512\n", + ether_ntoa((struct ether_addr *)tha), +- libnet_host_lookup(Src, 0), sport, +- libnet_host_lookup(Dst, 0), dport, seq, seq); ++ libnet_addr2name4(Src, 0), sport, ++ libnet_addr2name4(Dst, 0), dport, seq, seq); + } + exit(0); + } +--- dsniff-2.4b1/record.c 2001-03-15 10:33:04.000000000 +0200 ++++ dsniff-2.4b1/record.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -65,8 +65,8 @@ + tm = localtime(&rec->time); + strftime(tstr, sizeof(tstr), "%x %X", tm); + +- srcp = libnet_host_lookup(rec->src, Opt_dns); +- dstp = libnet_host_lookup(rec->dst, Opt_dns); ++ srcp = libnet_addr2name4(rec->src, Opt_dns); ++ dstp = libnet_addr2name4(rec->dst, Opt_dns); + + if ((pr = getprotobynumber(rec->proto)) == NULL) + protop = "unknown"; +--- dsniff-2.4b1/sshmitm.c 2001-03-15 10:33:04.000000000 +0200 ++++ dsniff-2.4b1/sshmitm.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -389,7 +389,7 @@ + if (argc < 1) + usage(); + +- if ((ip = libnet_name_resolve(argv[0], 1)) == -1) ++ if ((ip = libnet_name2addr4(NULL, argv[0], LIBNET_RESOLVE)) == -1) + usage(); + + if (argc == 2 && (rport = atoi(argv[1])) == 0) +--- dsniff-2.4b1/tcpkill.c 2001-03-17 10:10:43.000000000 +0200 ++++ dsniff-2.4b1/tcpkill.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -39,17 +39,18 @@ + static void + tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) + { +- struct libnet_ip_hdr *ip; ++ struct libnet_ipv4_hdr *ip; + struct libnet_tcp_hdr *tcp; +- u_char ctext[64], buf[IP_H + TCP_H]; ++ u_char ctext[64]; + u_int32_t seq, win; +- int i, *sock, len; ++ int i, len; ++ libnet_t *l; + +- sock = (int *)user; ++ l = (libnet_t *)user; + pkt += pcap_off; + len = pcap->caplen - pcap_off; + +- ip = (struct libnet_ip_hdr *)pkt; ++ ip = (struct libnet_ipv4_hdr *)pkt; + if (ip->ip_p != IPPROTO_TCP) + return; + +@@ -57,34 +58,31 @@ + if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST)) + return; + +- libnet_build_ip(TCP_H, 0, 0, 0, 64, IPPROTO_TCP, +- ip->ip_dst.s_addr, ip->ip_src.s_addr, +- NULL, 0, buf); +- +- libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), +- 0, 0, TH_RST, 0, 0, NULL, 0, buf + IP_H); +- + seq = ntohl(tcp->th_ack); + win = ntohs(tcp->th_win); + + snprintf(ctext, sizeof(ctext), "%s:%d > %s:%d:", +- libnet_host_lookup(ip->ip_src.s_addr, 0), ++ libnet_addr2name4(ip->ip_src.s_addr, LIBNET_DONT_RESOLVE), + ntohs(tcp->th_sport), +- libnet_host_lookup(ip->ip_dst.s_addr, 0), ++ libnet_addr2name4(ip->ip_dst.s_addr, LIBNET_DONT_RESOLVE), + ntohs(tcp->th_dport)); + +- ip = (struct libnet_ip_hdr *)buf; +- tcp = (struct libnet_tcp_hdr *)(ip + 1); +- + for (i = 0; i < Opt_severity; i++) { +- ip->ip_id = libnet_get_prand(PRu16); + seq += (i * win); +- tcp->th_seq = htonl(seq); + +- libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); ++ libnet_clear_packet(l); + +- if (libnet_write_ip(*sock, buf, sizeof(buf)) < 0) +- warn("write_ip"); ++ libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), ++ seq, 0, TH_RST, 0, 0, 0, LIBNET_TCP_H, ++ NULL, 0, l, 0); ++ ++ libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H, 0, ++ libnet_get_prand(LIBNET_PRu16), 0, 64, ++ IPPROTO_TCP, 0, ip->ip_dst.s_addr, ++ ip->ip_src.s_addr, NULL, 0, l, 0); ++ ++ if (libnet_write(l) < 0) ++ warn("write"); + + fprintf(stderr, "%s R %lu:%lu(0) win 0\n", ctext, seq, seq); + } +@@ -95,8 +93,10 @@ + { + extern char *optarg; + extern int optind; +- int c, sock; ++ int c; + char *p, *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; ++ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; ++ libnet_t *l; + pcap_t *pd; + + intf = NULL; +@@ -136,14 +136,14 @@ + if ((pcap_off = pcap_dloff(pd)) < 0) + errx(1, "couldn't determine link layer offset"); + +- if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) ++ if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL) + errx(1, "couldn't initialize sending"); + +- libnet_seed_prand(); ++ libnet_seed_prand(l); + + warnx("listening on %s [%s]", intf, filter); + +- pcap_loop(pd, -1, tcp_kill_cb, (u_char *)&sock); ++ pcap_loop(pd, -1, tcp_kill_cb, (u_char *)l); + + /* NOTREACHED */ + +--- dsniff-2.4b1/tcpnice.c 2001-03-17 09:41:51.000000000 +0200 ++++ dsniff-2.4b1/tcpnice.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -41,107 +41,106 @@ + } + + static void +-send_tcp_window_advertisement(int sock, struct libnet_ip_hdr *ip, ++send_tcp_window_advertisement(libnet_t *l, struct libnet_ipv4_hdr *ip, + struct libnet_tcp_hdr *tcp) + { + int len; + + ip->ip_hl = 5; +- ip->ip_len = htons(IP_H + TCP_H); +- ip->ip_id = libnet_get_prand(PRu16); +- memcpy(buf, (u_char *)ip, IP_H); ++ ip->ip_len = htons(LIBNET_IPV4_H + LIBNET_TCP_H); ++ ip->ip_id = libnet_get_prand(LIBNET_PRu16); ++ memcpy(buf, (u_char *)ip, LIBNET_IPV4_H); + + tcp->th_off = 5; + tcp->th_win = htons(MIN_WIN); +- memcpy(buf + IP_H, (u_char *)tcp, TCP_H); ++ memcpy(buf + LIBNET_IPV4_H, (u_char *)tcp, LIBNET_TCP_H); + +- libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); ++ libnet_do_checksum(l, buf, IPPROTO_TCP, LIBNET_TCP_H); + +- len = IP_H + TCP_H; ++ len = LIBNET_IPV4_H + LIBNET_TCP_H; + +- if (libnet_write_ip(sock, buf, len) != len) ++ if (libnet_write_raw_ipv4(l, buf, len) != len) + warn("write"); + + fprintf(stderr, "%s:%d > %s:%d: . ack %lu win %d\n", +- libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), +- libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), ++ libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), ++ libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), + ntohl(tcp->th_ack), 1); + } + + static void +-send_icmp_source_quench(int sock, struct libnet_ip_hdr *ip) ++send_icmp_source_quench(libnet_t *l, struct libnet_ipv4_hdr *ip) + { +- struct libnet_icmp_hdr *icmp; ++ struct libnet_icmpv4_hdr *icmp; + int len; + + len = (ip->ip_hl * 4) + 8; + +- libnet_build_ip(ICMP_ECHO_H + len, 0, libnet_get_prand(PRu16), +- 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, +- ip->ip_src.s_addr, NULL, 0, buf); +- +- icmp = (struct libnet_icmp_hdr *)(buf + IP_H); ++ icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H); + icmp->icmp_type = ICMP_SOURCEQUENCH; + icmp->icmp_code = 0; +- memcpy((u_char *)icmp + ICMP_ECHO_H, (u_char *)ip, len); ++ memcpy((u_char *)icmp + LIBNET_ICMPV4_ECHO_H, (u_char *)ip, len); + +- libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_ECHO_H + len); ++ len += LIBNET_ICMPV4_ECHO_H; + +- len += (IP_H + ICMP_ECHO_H); ++ libnet_build_ipv4(LIBNET_IPV4_H + len, 0, ++ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP, ++ 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, ++ (u_int8_t *) icmp, len, l, 0); + +- if (libnet_write_ip(sock, buf, len) != len) ++ if (libnet_write(l) != len) + warn("write"); + + fprintf(stderr, "%s > %s: icmp: source quench\n", +- libnet_host_lookup(ip->ip_dst.s_addr, 0), +- libnet_host_lookup(ip->ip_src.s_addr, 0)); ++ libnet_addr2name4(ip->ip_dst.s_addr, 0), ++ libnet_addr2name4(ip->ip_src.s_addr, 0)); + } + + static void +-send_icmp_frag_needed(int sock, struct libnet_ip_hdr *ip) ++send_icmp_frag_needed(libnet_t *l, struct libnet_ipv4_hdr *ip) + { +- struct libnet_icmp_hdr *icmp; ++ struct libnet_icmpv4_hdr *icmp; + int len; + + len = (ip->ip_hl * 4) + 8; + +- libnet_build_ip(ICMP_MASK_H + len, 4, libnet_get_prand(PRu16), +- 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, +- ip->ip_src.s_addr, NULL, 0, buf); +- +- icmp = (struct libnet_icmp_hdr *)(buf + IP_H); ++ icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H); + icmp->icmp_type = ICMP_UNREACH; + icmp->icmp_code = ICMP_UNREACH_NEEDFRAG; + icmp->hun.frag.pad = 0; + icmp->hun.frag.mtu = htons(MIN_MTU); +- memcpy((u_char *)icmp + ICMP_MASK_H, (u_char *)ip, len); ++ memcpy((u_char *)icmp + LIBNET_ICMPV4_MASK_H, (u_char *)ip, len); + +- libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_MASK_H + len); +- +- len += (IP_H + ICMP_MASK_H); ++ len += LIBNET_ICMPV4_MASK_H; ++ ++ libnet_build_ipv4(LIBNET_IPV4_H + len, 4, ++ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP, ++ 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, ++ (u_int8_t *) icmp, len, l, 0); + +- if (libnet_write_ip(sock, buf, len) != len) ++ if (libnet_write(l) != len) + warn("write"); + + fprintf(stderr, "%s > %s: icmp: ", +- libnet_host_lookup(ip->ip_dst.s_addr, 0), +- libnet_host_lookup(ip->ip_src.s_addr, 0)); ++ libnet_addr2name4(ip->ip_dst.s_addr, 0), ++ libnet_addr2name4(ip->ip_src.s_addr, 0)); + fprintf(stderr, "%s unreachable - need to frag (mtu %d)\n", +- libnet_host_lookup(ip->ip_src.s_addr, 0), MIN_MTU); ++ libnet_addr2name4(ip->ip_src.s_addr, 0), MIN_MTU); + } + + static void + tcp_nice_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) + { +- struct libnet_ip_hdr *ip; ++ struct libnet_ipv4_hdr *ip; + struct libnet_tcp_hdr *tcp; +- int *sock, len; ++ int len; ++ libnet_t *l; + +- sock = (int *)user; ++ l = (libnet_t *)user; + pkt += pcap_off; + len = pcap->caplen - pcap_off; + +- ip = (struct libnet_ip_hdr *)pkt; ++ ip = (struct libnet_ipv4_hdr *)pkt; + if (ip->ip_p != IPPROTO_TCP) + return; + +@@ -151,11 +150,11 @@ + + if (ntohs(ip->ip_len) > (ip->ip_hl << 2) + (tcp->th_off << 2)) { + if (Opt_icmp) +- send_icmp_source_quench(*sock, ip); ++ send_icmp_source_quench(l, ip); + if (Opt_win) +- send_tcp_window_advertisement(*sock, ip, tcp); ++ send_tcp_window_advertisement(l, ip, tcp); + if (Opt_pmtu) +- send_icmp_frag_needed(*sock, ip); ++ send_icmp_frag_needed(l, ip); + } + } + +@@ -164,8 +163,10 @@ + { + extern char *optarg; + extern int optind; +- int c, sock; ++ int c; + char *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; ++ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; ++ libnet_t *l; + pcap_t *pd; + + intf = NULL; +@@ -209,14 +210,14 @@ + if ((pcap_off = pcap_dloff(pd)) < 0) + errx(1, "couldn't determine link layer offset"); + +- if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) ++ if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL) + errx(1, "couldn't initialize sending"); + +- libnet_seed_prand(); ++ libnet_seed_prand(l); + + warnx("listening on %s [%s]", intf, filter); + +- pcap_loop(pd, -1, tcp_nice_cb, (u_char *)&sock); ++ pcap_loop(pd, -1, tcp_nice_cb, (u_char *)l); + + /* NOTREACHED */ + +--- dsniff-2.4b1/tcp_raw.c 2001-03-15 10:33:04.000000000 +0200 ++++ dsniff-2.4b1/tcp_raw.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -119,7 +119,7 @@ + } + + struct iovec * +-tcp_raw_input(struct libnet_ip_hdr *ip, struct libnet_tcp_hdr *tcp, int len) ++tcp_raw_input(struct libnet_ipv4_hdr *ip, struct libnet_tcp_hdr *tcp, int len) + { + struct tha tha; + struct tcp_conn *conn; +@@ -131,7 +131,7 @@ + + /* Verify TCP checksum. */ + cksum = tcp->th_sum; +- libnet_do_checksum((u_char *) ip, IPPROTO_TCP, len); ++ libnet_do_checksum(NULL, (u_char *) ip, IPPROTO_TCP, len); + + if (cksum != tcp->th_sum) + return (NULL); +--- dsniff-2.4b1/tcp_raw.h 2001-03-15 10:33:06.000000000 +0200 ++++ dsniff-2.4b1/tcp_raw.h.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -15,7 +15,7 @@ + u_short sport, u_short dport, + u_char *buf, int len); + +-struct iovec *tcp_raw_input(struct libnet_ip_hdr *ip, ++struct iovec *tcp_raw_input(struct libnet_ipv4_hdr *ip, + struct libnet_tcp_hdr *tcp, int len); + + void tcp_raw_timeout(int timeout, tcp_raw_callback_t callback); +--- dsniff-2.4b1/trigger.c 2001-03-15 10:33:05.000000000 +0200 ++++ dsniff-2.4b1/trigger.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -276,7 +276,7 @@ + } + + void +-trigger_ip(struct libnet_ip_hdr *ip) ++trigger_ip(struct libnet_ipv4_hdr *ip) + { + struct trigger *t, tr; + u_char *buf; +@@ -305,7 +305,7 @@ + + /* libnids needs a nids_register_udp()... */ + void +-trigger_udp(struct libnet_ip_hdr *ip) ++trigger_udp(struct libnet_ipv4_hdr *ip) + { + struct trigger *t, tr; + struct libnet_udp_hdr *udp; +@@ -437,7 +437,7 @@ + } + + void +-trigger_tcp_raw(struct libnet_ip_hdr *ip) ++trigger_tcp_raw(struct libnet_ipv4_hdr *ip) + { + struct trigger *t, tr; + struct libnet_tcp_hdr *tcp; +--- dsniff-2.4b1/trigger.h 2001-03-15 10:33:06.000000000 +0200 ++++ dsniff-2.4b1/trigger.h.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -24,10 +24,10 @@ + int trigger_set_tcp(int port, char *name); + int trigger_set_rpc(int program, char *name); + +-void trigger_ip(struct libnet_ip_hdr *ip); +-void trigger_udp(struct libnet_ip_hdr *ip); ++void trigger_ip(struct libnet_ipv4_hdr *ip); ++void trigger_udp(struct libnet_ipv4_hdr *ip); + void trigger_tcp(struct tcp_stream *ts, void **conn_save); +-void trigger_tcp_raw(struct libnet_ip_hdr *ip); ++void trigger_tcp_raw(struct libnet_ipv4_hdr *ip); + void trigger_tcp_raw_timeout(int signal); + void trigger_rpc(int program, int proto, int port); + +--- dsniff-2.4b1/urlsnarf.c 2006-06-09 13:35:29.000000000 +0300 ++++ dsniff-2.4b1/urlsnarf.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -145,14 +145,14 @@ + if (user == NULL) + user = "-"; + if (vhost == NULL) +- vhost = libnet_host_lookup(addr->daddr, Opt_dns); ++ vhost = libnet_addr2name4(addr->daddr, Opt_dns); + if (referer == NULL) + referer = "-"; + if (agent == NULL) + agent = "-"; + + printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n", +- libnet_host_lookup(addr->saddr, Opt_dns), ++ libnet_addr2name4(addr->saddr, Opt_dns), + user, timestamp(), req, vhost, uri, referer, agent); + } + fflush(stdout); +--- dsniff-2.4b1/webmitm.c 2001-03-17 10:35:05.000000000 +0200 ++++ dsniff-2.4b1/webmitm.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -242,7 +242,7 @@ + word = buf_tok(&msg, "/", 1); + vhost = buf_strdup(word); + } +- ssin.sin_addr.s_addr = libnet_name_resolve(vhost, 1); ++ ssin.sin_addr.s_addr = libnet_name2addr4(NULL, vhost, 1); + free(vhost); + + if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) || +@@ -510,7 +510,7 @@ + argv += optind; + + if (argc == 1) { +- if ((static_host = libnet_name_resolve(argv[0], 1)) == -1) ++ if ((static_host = libnet_name2addr4(NULL, argv[0], 1)) == -1) + usage(); + } + else if (argc != 0) usage(); +--- dsniff-2.4b1/webspy.c 2006-06-09 13:35:29.000000000 +0300 ++++ dsniff-2.4b1/webspy.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 +@@ -126,7 +126,7 @@ + if (auth == NULL) + auth = ""; + if (vhost == NULL) +- vhost = libnet_host_lookup(addr->daddr, 0); ++ vhost = libnet_addr2name4(addr->daddr, 0); + + snprintf(cmd, sizeof(cmd), "openURL(http://%s%s%s%s)", + auth, *auth ? "@" : "", vhost, uri); +@@ -205,7 +205,7 @@ + cmdtab[0] = cmd; + cmdtab[1] = NULL; + +- if ((host = libnet_name_resolve(argv[0], 1)) == -1) ++ if ((host = libnet_name2addr4(NULL, argv[0], 1)) == -1) + errx(1, "unknown host"); + + if ((dpy = XOpenDisplay(NULL)) == NULL) diff --git a/SOURCES/dsniff-2.4-libnet_name2addr4.patch b/SOURCES/dsniff-2.4-libnet_name2addr4.patch new file mode 100644 index 0000000..b5c9749 --- /dev/null +++ b/SOURCES/dsniff-2.4-libnet_name2addr4.patch @@ -0,0 +1,140 @@ +Patch by Robert Scheck for dsniff >= 2.4b1 which fixes +possible segmentation faults of arpspoof, sshmitm, webmitm and webspy if any non- +resolving hostname is passed. Issue was introduced by dsniff-2.4-libnet_11.patch; +libnet_name_resolve() was replaced by libnet_name2addr4() while there must be the +structure libnet_t passed additionally. And if that structure is not initialized +using libnet_init() and the passed name can't be resolved (like "192.168.2."), it +causes a snprintf() to NULL and thus the segmentation fault. Note that macof isn't +affected as no resolving was involved here ever. Please also have a look to Red Hat +Bugzilla ID #1009879 for further information. + +--- dsniff-2.4/sshmitm.c 2013-12-20 21:19:58.000000000 +0100 ++++ dsniff-2.4/sshmitm.c.libnet_name2addr4 2013-12-20 21:29:44.000000000 +0100 +@@ -45,6 +45,8 @@ + struct sockaddr_in csin, ssin; + int sig_pipe[2]; + ++static libnet_t *l; ++ + static void + usage(void) + { +@@ -364,6 +366,7 @@ + u_long ip; + u_short lport, rport; + int c; ++ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + + lport = rport = 22; + +@@ -390,12 +393,15 @@ + if (argc < 1) + usage(); + +- if ((ip = libnet_name2addr4(NULL, argv[0], LIBNET_RESOLVE)) == -1) +- usage(); +- + if (argc == 2 && (rport = atoi(argv[1])) == 0) + usage(); + ++ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) ++ errx(1, "%s", libnet_ebuf); ++ ++ if ((ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) ++ usage(); ++ + record_init(NULL); + + mitm_init(lport, ip, rport); +--- dsniff-2.4/webmitm.c 2013-12-20 21:19:58.000000000 +0100 ++++ dsniff-2.4/webmitm.c.libnet_name2addr4 2013-12-20 21:40:09.000000000 +0100 +@@ -47,6 +47,8 @@ + int do_ssl, sig_pipe[2]; + in_addr_t static_host = 0; + ++static libnet_t *l; ++ + extern int decode_http(char *, int, char *, int); + + static void +@@ -242,7 +244,7 @@ + word = buf_tok(&msg, "/", 1); + vhost = buf_strdup(word); + } +- ssin.sin_addr.s_addr = libnet_name2addr4(NULL, vhost, 1); ++ ssin.sin_addr.s_addr = libnet_name2addr4(l, vhost, LIBNET_RESOLVE); + free(vhost); + + if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) || +@@ -496,6 +498,7 @@ + extern char *optarg; + extern int optind; + int c; ++ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + + while ((c = getopt(argc, argv, "dh?V")) != -1) { + switch (c) { +@@ -509,8 +512,11 @@ + argc -= optind; + argv += optind; + ++ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) ++ errx(1, "%s", libnet_ebuf); ++ + if (argc == 1) { +- if ((static_host = libnet_name2addr4(NULL, argv[0], 1)) == -1) ++ if ((static_host = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) + usage(); + } + else if (argc != 0) usage(); +--- dsniff-2.4/webspy.c 2013-12-20 21:19:58.000000000 +0100 ++++ dsniff-2.4/webspy.c.libnet_name2addr4 2013-12-20 21:45:57.000000000 +0100 +@@ -33,6 +33,7 @@ + extern int mozilla_remote_commands (Display *, Window, char **); + char *expected_mozilla_version = "4.7"; + char *progname = "webspy"; ++static libnet_t *l; + + Display *dpy; + char cmd[2048], *cmdtab[2]; +@@ -183,6 +184,7 @@ + extern char *optarg; + extern int optind; + int c; ++ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + + while ((c = getopt(argc, argv, "i:p:h?V")) != -1) { + switch (c) { +@@ -205,7 +207,10 @@ + cmdtab[0] = cmd; + cmdtab[1] = NULL; + +- if ((host = libnet_name2addr4(NULL, argv[0], 1)) == -1) ++ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) ++ errx(1, "%s", libnet_ebuf); ++ ++ if ((host = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) + errx(1, "unknown host"); + + if ((dpy = XOpenDisplay(NULL)) == NULL) +--- dsniff-2.4/arpspoof.c 2013-12-20 22:00:53.000000000 +0100 ++++ dsniff-2.4/arpspoof.c.libnet_name2addr4 2013-12-20 22:00:38.000000000 +0100 +@@ -207,6 +207,9 @@ + /* allocate enough memory for target list */ + targets = calloc( argc+1, sizeof(struct host) ); + ++ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) ++ errx(1, "%s", libnet_ebuf); ++ + while ((c = getopt(argc, argv, "ri:t:c:h?V")) != -1) { + switch (c) { + case 'i': +@@ -263,6 +266,8 @@ + if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) + usage(); + ++ libnet_destroy(l); ++ + if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL) + errx(1, "%s", pcap_ebuf); + diff --git a/SOURCES/dsniff-2.4-libtirpc.patch b/SOURCES/dsniff-2.4-libtirpc.patch new file mode 100644 index 0000000..7835a6f --- /dev/null +++ b/SOURCES/dsniff-2.4-libtirpc.patch @@ -0,0 +1,51 @@ +Patch by Robert Scheck for dsniff >= 2.4b1 which +allows building against libtirpc (as a separate library) given the Sun RPC +support in glibc has been deprecated for a long time. + +--- dsniff-2.4/Makefile.in 2018-05-26 22:04:34.809966900 +0200 ++++ dsniff-2.4/Makefile.in.libtirpc 2018-05-27 02:56:31.149313503 +0200 +@@ -16,7 +16,7 @@ + mandir = @mandir@ + + CC = @CC@ +-CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\" ++CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\" -I/usr/include/tirpc + LDFLAGS = @LDFLAGS@ + + PCAPINC = @PCAPINC@ +@@ -93,7 +93,7 @@ + $(RANLIB) $@ + + dsniff: $(HDRS) $(SRCS) $(OBJS) libmissing.a +- $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) ++ $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc + + arpspoof: arpspoof.o arp.o libmissing.a + $(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(LIBS) $(PCAPLIB) $(LNETLIB) +@@ -102,7 +102,7 @@ + $(CC) $(LDFLAGS) -o $@ dnsspoof.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) + + filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o libmissing.a +- $(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) ++ $(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) -ltirpc + + macof: macof.o libmissing.a + $(CC) $(LDFLAGS) -o $@ macof.o $(LIBS) $(PCAPLIB) $(LNETLIB) +@@ -114,7 +114,7 @@ + $(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) + + sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o libmissing.a +- $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) ++ $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc + + sshow: sshow.o pcaputil.o libmissing.a + $(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) +@@ -132,7 +132,7 @@ + $(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) + + webmitm: webmitm.o base64.o buf.o decode_http.o record.o libmissing.a +- $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) ++ $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc + + webspy: webspy.o base64.o buf.o remote.o libmissing.a + $(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB) diff --git a/SOURCES/dsniff-2.4-link_layer_offset.patch b/SOURCES/dsniff-2.4-link_layer_offset.patch new file mode 100644 index 0000000..13c3760 --- /dev/null +++ b/SOURCES/dsniff-2.4-link_layer_offset.patch @@ -0,0 +1,73 @@ +Patch by Robert Scheck for dsniff >= 2.4b1, that +adds further link layer offsets; inspirated from the original DLT_LINUX_SLL +patch by Roland Kletzing . This patch supersedes the Debian +patch by Joerg Dorchain which adds tcpkill support for +handling PPP interfaces. So for some further information, please also have +a look to Debian bug ID #572516. + +--- dsniff-2.4/pcaputil.c 2001-03-15 09:33:04.000000000 +0100 ++++ dsniff-2.4/pcaputil.c.ll_offset 2011-10-09 17:13:01.000000000 +0200 +@@ -46,12 +46,63 @@ + case DLT_FDDI: + offset = 21; + break; ++#ifdef __amigaos__ ++ case DLT_MIAMI: ++ offset = 16; ++ break; ++#endif ++ case DLT_RAW: + #ifdef DLT_LOOP + case DLT_LOOP: + #endif + case DLT_NULL: + offset = 4; + break; ++ case DLT_SLIP: ++#ifdef DLT_SLIP_BSDOS ++ case DLT_SLIP_BSDOS: ++#endif ++#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__) ++ offset = 16; ++#else ++ offset = 24; ++#endif ++ break; ++ case DLT_PPP: ++#ifdef DLT_PPP_BSDOS ++ case DLT_PPP_BSDOS: ++#endif ++#ifdef DLT_PPP_SERIAL ++ case DLT_PPP_SERIAL: ++#endif ++#ifdef DLT_PPP_ETHER ++ case DLT_PPP_ETHER: ++#endif ++#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__) ++ offset = 4; ++#else ++#if defined(sun) || defined(__sun) ++ offset = 8; ++#else ++ offset = 24; ++#endif ++#endif ++ break; ++#ifdef DLT_ENC ++ case DLT_ENC: ++ offset = 12; ++ break; ++#endif ++#ifdef DLT_LINUX_SLL ++ case DLT_LINUX_SLL: ++ offset = 16; ++ break; ++#endif ++#ifdef DLT_IPNET ++ case DLT_IPNET: ++ offset = 24; ++ break; ++#endif + default: + warnx("unsupported datalink type"); + break; diff --git a/SOURCES/dsniff-2.4-mailsnarf_corrupt.patch b/SOURCES/dsniff-2.4-mailsnarf_corrupt.patch new file mode 100644 index 0000000..5ebc043 --- /dev/null +++ b/SOURCES/dsniff-2.4-mailsnarf_corrupt.patch @@ -0,0 +1,15 @@ +Patch by Steve Kemp for dsniff >= 2.4b1, which fixes a +bug in mailsnarf that caused not to parse every mail correctly. For further +information, please have a look to Debian bug ID #149330. + +--- dsniff-2.4b1/mailsnarf.c 2005-06-23 03:30:37.000000000 +0000 ++++ dsniff-2.4b1/mailsnarf.c.mailsnarf 2005-06-23 04:05:16.000000000 +0000 +@@ -178,7 +178,7 @@ + if (smtp->state != SMTP_DATA) { + while ((i = buf_index(&buf, "\r\n", 2)) >= 0) { + line = buf_tok(&buf, NULL, i + 2); +- line->base[line->end] = '\0'; ++ line->base[line->end-1] = '\0'; + p = buf_ptr(line); + + if (strncasecmp(p, "RSET", 4) == 0) { diff --git a/SOURCES/dsniff-2.4-modernize_pop.patch b/SOURCES/dsniff-2.4-modernize_pop.patch new file mode 100644 index 0000000..479cfd2 --- /dev/null +++ b/SOURCES/dsniff-2.4-modernize_pop.patch @@ -0,0 +1,122 @@ +Patch by Stefan Tomanek for dsniff >= 2.4b1 to rewrite and +modernize the POP decoder. For some more information, please have a look to Debian +bug ID #647583. + +--- dsniff-2.4/decode_pop.c 2013-12-20 21:06:13.000000000 +0100 ++++ dsniff-2.4/decode_pop.c.modernize_pop 2013-12-20 21:12:58.000000000 +0100 +@@ -6,6 +6,8 @@ + * Copyright (c) 2000 Dug Song + * + * $Id: decode_pop.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ ++ * ++ * Rewritten by Stefan Tomanek 2011 + */ + + #include "config.h" +@@ -45,32 +47,87 @@ + decode_pop(u_char *buf, int len, u_char *obuf, int olen) + { + char *p; ++ char *s; ++ int n; + int i, j; ++ char *user; ++ char *password; ++ enum { ++ NONE, ++ AUTHPLAIN, ++ AUTHLOGIN, ++ USERPASS ++ } mode = NONE; + + obuf[0] = '\0'; + + for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { +- if (strncasecmp(p, "AUTH PLAIN", 10) == 0 || +- strncasecmp(p, "AUTH LOGIN", 10) == 0) { +- strlcat(obuf, p, olen); +- strlcat(obuf, "\n", olen); +- +- /* Decode SASL auth. */ +- for (i = 0; i < 2 && (p = strtok(NULL, "\r\n")); i++) { +- strlcat(obuf, p, olen); +- j = base64_pton(p, p, strlen(p)); +- p[j] = '\0'; +- strlcat(obuf, " [", olen); +- strlcat(obuf, p, olen); +- strlcat(obuf, "]\n", olen); ++ if (mode == NONE) { ++ user = NULL; ++ password = NULL; ++ if (strncasecmp(p, "AUTH PLAIN", 10) == 0) { ++ mode = AUTHPLAIN; ++ continue; ++ } ++ if (strncasecmp(p, "AUTH LOGIN", 10) == 0) { ++ mode = AUTHLOGIN; ++ continue; ++ } ++ if (strncasecmp(p, "USER ", 5) == 0) { ++ mode = USERPASS; ++ /* the traditional login cuts right to the case, ++ * so no continue here ++ */ + } + } +- /* Save regular POP2, POP3 auth info. */ +- else if (strncasecmp(p, "USER ", 5) == 0 || +- strncasecmp(p, "PASS ", 5) == 0 || +- strncasecmp(p, "HELO ", 5) == 0) { +- strlcat(obuf, p, olen); +- strlcat(obuf, "\n", olen); ++ printf("(%d) %s\n", mode, p); ++ if (mode == USERPASS) { ++ if (strncasecmp(p, "USER ", 5) == 0) { ++ user = &p[5]; ++ } else if (strncasecmp(p, "PASS ", 5) == 0) { ++ password = &p[5]; ++ } ++ } ++ ++ if (mode == AUTHPLAIN) { ++ j = base64_pton(p, p, strlen(p)); ++ p[j] = '\0'; ++ n = 0; ++ s = p; ++ /* p consists of three parts, divided by \0 */ ++ while (s <= &p[j] && n<=3) { ++ if (n == 0) { ++ /* we do not process this portion yet */ ++ } else if (n == 1) { ++ user = s; ++ } else if (n == 2) { ++ password = s; ++ } ++ n++; ++ while (*s) s++; ++ s++; ++ } ++ } ++ ++ if (mode == AUTHLOGIN) { ++ j = base64_pton(p, p, strlen(p)); ++ p[j] = '\0'; ++ if (!user) { ++ user = p; ++ } else { ++ password = p; ++ /* got everything we need :-) */ ++ } ++ } ++ ++ if (user && password) { ++ strlcat(obuf, "\nusername [", olen); ++ strlcat(obuf, user, olen); ++ strlcat(obuf, "] password [", olen); ++ strlcat(obuf, password, olen); ++ strlcat(obuf, "]\n", olen); ++ ++ mode = NONE; + } + } + return (strlen(obuf)); diff --git a/SOURCES/dsniff-2.4-msgsnarf_segfault.patch b/SOURCES/dsniff-2.4-msgsnarf_segfault.patch new file mode 100644 index 0000000..f459638 --- /dev/null +++ b/SOURCES/dsniff-2.4-msgsnarf_segfault.patch @@ -0,0 +1,13 @@ +Patch by for dsniff >= 2.4b1, which adds +a memset to correctly 0 out the C struct. + +--- dsniff-2.4/msgsnarf.c 2011-10-09 18:13:49.000000000 +0200 ++++ dsniff-2.4/msgsnarf.c.segfault 2011-10-09 18:25:26.000000000 +0200 +@@ -584,6 +584,7 @@ + if (i == 0) { + if ((c = malloc(sizeof(*c))) == NULL) + nids_params.no_mem("sniff_msgs"); ++ memset(c, 0, sizeof(*c)); + c->ip = ts->addr.saddr; + c->nick = strdup("unknown"); + SLIST_INSERT_HEAD(&client_list, c, next); diff --git a/SOURCES/dsniff-2.4-multiple_intf.patch b/SOURCES/dsniff-2.4-multiple_intf.patch new file mode 100644 index 0000000..b4b0b2e --- /dev/null +++ b/SOURCES/dsniff-2.4-multiple_intf.patch @@ -0,0 +1,54 @@ +Patch by Steve Kemp for dsniff >= 2.4b1, which adds a fix +to work with multiple interfaces. For further information, please have a +look to Debian bug ID #242369. + +--- dsniff-2.4b1/arp.c 2005-06-23 03:30:37.000000000 +0000 ++++ dsniff-2.4b1/arp.c.multiple_intf 2005-06-23 04:09:05.000000000 +0000 +@@ -39,7 +39,7 @@ + + #ifdef BSD + int +-arp_cache_lookup(in_addr_t ip, struct ether_addr *ether) ++arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* linf) + { + int mib[6]; + size_t len; +@@ -91,7 +91,7 @@ + #endif + + int +-arp_cache_lookup(in_addr_t ip, struct ether_addr *ether) ++arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* lif) + { + int sock; + struct arpreq ar; +@@ -99,7 +99,7 @@ + + memset((char *)&ar, 0, sizeof(ar)); + #ifdef __linux__ +- strncpy(ar.arp_dev, "eth0", sizeof(ar.arp_dev)); /* XXX - *sigh* */ ++ strncpy(ar.arp_dev, lif, strlen(lif)); + #endif + sin = (struct sockaddr_in *)&ar.arp_pa; + sin->sin_family = AF_INET; +--- dsniff-2.4b1/arp.h 2005-06-23 03:30:37.000000000 +0000 ++++ dsniff-2.4b1/arp.h.multiple_intf 2005-06-23 04:09:07.000000000 +0000 +@@ -11,6 +11,6 @@ + #ifndef _ARP_H_ + #define _ARP_H_ + +-int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether); ++int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* linf); + + #endif /* _ARP_H_ */ +--- dsniff-2.4b1/arpspoof.c 2005-06-23 03:30:37.000000000 +0000 ++++ dsniff-2.4b1/arpspoof.c.mltpl_intf 2005-06-23 04:08:41.000000000 +0000 +@@ -113,7 +113,7 @@ + int i = 0; + + do { +- if (arp_cache_lookup(ip, mac) == 0) ++ if (arp_cache_lookup(ip, mac, intf) == 0) + return (1); + #ifdef __linux__ + /* XXX - force the kernel to arp. feh. */ diff --git a/SOURCES/dsniff-2.4-obsolete_time.patch b/SOURCES/dsniff-2.4-obsolete_time.patch new file mode 100644 index 0000000..0879d25 --- /dev/null +++ b/SOURCES/dsniff-2.4-obsolete_time.patch @@ -0,0 +1,34 @@ +Patch by Luciano Bello for dsniff >= 2.4b1, which +changes according to /usr/include/time.h, CLK_TCK is the "obsolete POSIX.1- +1988 name" for CLOCKS_PER_SEC. For further information, please have a look +to Debian bug ID #420944. + +--- dsniff-2.4b1/sshow.c 2007-06-22 15:48:00.000000000 -0300 ++++ dsniff-2.4b1/sshow.c.obsolete_time 2007-08-10 19:03:30.000000000 -0300 +@@ -222,7 +222,7 @@ + if (debug) + printf("- %s -> %s: DATA (%s bytes, %.2f seconds)\n", + s_saddr(ts), s_daddr(ts), s_range(plain_range), +- (float)delay / CLK_TCK); ++ (float)delay / CLOCKS_PER_SEC); + if (debug > 1) + print_data(&ts->server, cipher_size); + +@@ -270,7 +270,7 @@ + if (debug) + printf("- %s <- %s: DATA (%s bytes, %.2f seconds)\n", + s_saddr(ts), s_daddr(ts), s_range(plain_range), +- (float)delay / CLK_TCK); ++ (float)delay / CLOCKS_PER_SEC); + if (debug > 1) + print_data(&ts->client, cipher_size); + +@@ -299,7 +299,7 @@ + + if (session->state == 1 && + #ifdef USE_TIMING +- now - get_history(session, 2)->timestamp >= CLK_TCK && ++ now - get_history(session, 2)->timestamp >= CLOCKS_PER_SEC && + #endif + session->protocol == 1 && + (session->history.directions & 7) == 5 && diff --git a/SOURCES/dsniff-2.4-openssl_098.patch b/SOURCES/dsniff-2.4-openssl_098.patch new file mode 100644 index 0000000..14c74c1 --- /dev/null +++ b/SOURCES/dsniff-2.4-openssl_098.patch @@ -0,0 +1,13 @@ +Patch by for dsniff >= 2.4b1, which includes a missing +header file to make it building. + +--- dsniff-2.4b1/ssh.c 2006-10-12 13:21:57.000000000 -0700 ++++ dsniff-2.4b1/ssh.c.openssl_098 2006-10-12 13:22:46.441893077 -0700 +@@ -16,6 +16,7 @@ + #include + #include + #include ++#include + + #include + #include diff --git a/SOURCES/dsniff-2.4-openssl_110.patch b/SOURCES/dsniff-2.4-openssl_110.patch new file mode 100644 index 0000000..62f9ae3 --- /dev/null +++ b/SOURCES/dsniff-2.4-openssl_110.patch @@ -0,0 +1,243 @@ +Patch by Christoph Biedl for dsniff >= +2.4b1, which fixes building with OpenSSL 1.1.0. Adapted for compatibility +with older OpenSSL versions by Robert Scheck . + +--- dsniff-2.4/ssh.c 2017-02-11 22:31:54.705269813 +0100 ++++ dsniff-2.4/ssh.c.openssl_110 2017-02-11 22:45:31.193447230 +0100 +@@ -234,6 +234,10 @@ + u_char *p, cipher, cookie[8], msg[1024]; + u_int32_t num; + int i; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ const BIGNUM *servkey_e, *servkey_n; ++ const BIGNUM *hostkey_e, *hostkey_n; ++#endif + + /* Generate anti-spoofing cookie. */ + RAND_bytes(cookie, sizeof(cookie)); +@@ -243,11 +247,23 @@ + *p++ = SSH_SMSG_PUBLIC_KEY; /* type */ + memcpy(p, cookie, 8); p += 8; /* cookie */ + num = 768; PUTLONG(num, p); /* servkey bits */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL); ++ put_bn(servkey_e, &p); /* servkey exponent */ ++ put_bn(servkey_n, &p); /* servkey modulus */ ++#else + put_bn(ssh->ctx->servkey->e, &p); /* servkey exponent */ + put_bn(ssh->ctx->servkey->n, &p); /* servkey modulus */ ++#endif + num = 1024; PUTLONG(num, p); /* hostkey bits */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL); ++ put_bn(hostkey_e, &p); /* hostkey exponent */ ++ put_bn(hostkey_n, &p); /* hostkey modulus */ ++#else + put_bn(ssh->ctx->hostkey->e, &p); /* hostkey exponent */ + put_bn(ssh->ctx->hostkey->n, &p); /* hostkey modulus */ ++#endif + num = 0; PUTLONG(num, p); /* protocol flags */ + num = ssh->ctx->encmask; PUTLONG(num, p); /* ciphers */ + num = ssh->ctx->authmask; PUTLONG(num, p); /* authmask */ +@@ -298,7 +314,11 @@ + SKIP(p, i, 4); + + /* Decrypt session key. */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if (BN_cmp(servkey_n, hostkey_n) > 0) { ++#else + if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) { ++#endif + rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey); + rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey); + } +@@ -318,8 +338,13 @@ + BN_clear_free(enckey); + + /* Derive real session key using session id. */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if ((p = ssh_session_id(cookie, hostkey_n, ++ servkey_n)) == NULL) { ++#else + if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, + ssh->ctx->servkey->n)) == NULL) { ++#endif + warn("ssh_session_id"); + return (-1); + } +@@ -328,10 +353,15 @@ + } + /* Set cipher. */ + if (cipher == SSH_CIPHER_3DES) { ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ warnx("cipher 3des no longer supported"); ++ return (-1); ++#else + ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); + ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); + ssh->encrypt = des3_encrypt; + ssh->decrypt = des3_decrypt; ++#endif + } + else if (cipher == SSH_CIPHER_BLOWFISH) { + ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); +@@ -357,6 +387,10 @@ + u_char *p, cipher, cookie[8], msg[1024]; + u_int32_t num; + int i; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ BIGNUM *servkey_n, *servkey_e; ++ BIGNUM *hostkey_n, *hostkey_e; ++#endif + + /* Get public key. */ + if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { +@@ -379,21 +413,43 @@ + + /* Get servkey. */ + ssh->ctx->servkey = RSA_new(); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ servkey_n = BN_new(); ++ servkey_e = BN_new(); ++ RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL); ++#else + ssh->ctx->servkey->n = BN_new(); + ssh->ctx->servkey->e = BN_new(); ++#endif + + SKIP(p, i, 4); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ get_bn(servkey_e, &p, &i); ++ get_bn(servkey_n, &p, &i); ++#else + get_bn(ssh->ctx->servkey->e, &p, &i); + get_bn(ssh->ctx->servkey->n, &p, &i); ++#endif + + /* Get hostkey. */ + ssh->ctx->hostkey = RSA_new(); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ hostkey_n = BN_new(); ++ hostkey_e = BN_new(); ++ RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL); ++#else + ssh->ctx->hostkey->n = BN_new(); + ssh->ctx->hostkey->e = BN_new(); ++#endif + + SKIP(p, i, 4); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ get_bn(hostkey_e, &p, &i); ++ get_bn(hostkey_n, &p, &i); ++#else + get_bn(ssh->ctx->hostkey->e, &p, &i); + get_bn(ssh->ctx->hostkey->n, &p, &i); ++#endif + + /* Get cipher, auth masks. */ + SKIP(p, i, 4); +@@ -405,8 +461,13 @@ + RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey)); + + /* Obfuscate with session id. */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if ((p = ssh_session_id(cookie, hostkey_n, ++ servkey_n)) == NULL) { ++#else + if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, + ssh->ctx->servkey->n)) == NULL) { ++#endif + warn("ssh_session_id"); + return (-1); + } +@@ -422,7 +483,11 @@ + else BN_add_word(bn, ssh->sesskey[i]); + } + /* Encrypt session key. */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if (BN_cmp(servkey_n, hostkey_n) < 0) { ++#else + if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) { ++#endif + rsa_public_encrypt(bn, bn, ssh->ctx->servkey); + rsa_public_encrypt(bn, bn, ssh->ctx->hostkey); + } +@@ -470,10 +535,15 @@ + ssh->decrypt = blowfish_decrypt; + } + else if (cipher == SSH_CIPHER_3DES) { ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ warnx("cipher 3des no longer supported"); ++ return (-1); ++#else + ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); + ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); + ssh->encrypt = des3_encrypt; + ssh->decrypt = des3_decrypt; ++#endif + } + /* Get server response. */ + if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { +--- dsniff-2.4/sshcrypto.c 2017-02-11 22:31:54.688270184 +0100 ++++ dsniff-2.4/sshcrypto.c.openssl_110 2017-02-11 22:35:30.594555807 +0100 +@@ -28,10 +28,12 @@ + u_char iv[8]; + }; + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + struct des3_state { + des_key_schedule k1, k2, k3; + des_cblock iv1, iv2, iv3; + }; ++#endif + + void + rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) +@@ -39,10 +41,20 @@ + u_char *inbuf, *outbuf; + int len, ilen, olen; + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ const BIGNUM *n, *e; ++ RSA_get0_key(key, &n, &e, NULL); ++ if (BN_num_bits(e) < 2 || !BN_is_odd(e)) ++#else + if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) ++#endif + errx(1, "rsa_public_encrypt() exponent too small or not odd"); + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ olen = BN_num_bytes(n); ++#else + olen = BN_num_bytes(key->n); ++#endif + outbuf = malloc(olen); + + ilen = BN_num_bytes(in); +@@ -71,7 +83,13 @@ + u_char *inbuf, *outbuf; + int len, ilen, olen; + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ const BIGNUM *n; ++ RSA_get0_key(key, &n, NULL, NULL); ++ olen = BN_num_bytes(n); ++#else + olen = BN_num_bytes(key->n); ++#endif + outbuf = malloc(olen); + + ilen = BN_num_bytes(in); +@@ -146,6 +164,7 @@ + swap_bytes(dst, dst, len); + } + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + /* XXX - SSH1's weirdo 3DES... */ + void * + des3_init(u_char *sesskey, int len) +@@ -194,3 +213,4 @@ + des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT); + des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT); + } ++#endif diff --git a/SOURCES/dsniff-2.4-pcap_init.patch b/SOURCES/dsniff-2.4-pcap_init.patch new file mode 100644 index 0000000..8f89010 --- /dev/null +++ b/SOURCES/dsniff-2.4-pcap_init.patch @@ -0,0 +1,61 @@ +Patch by Dennis Filder for dsniff >= 2.4b1 to resolve naming +collision due to libpcap API changes. Dsniff was written with a function named +pcap_init() that predates the one in libpcap and is entirely different. This patch +renames it out of the way. For some more information, please have a look to Debian +bug ID #980588. + +--- dsniff-2.4/dnsspoof.c 2021-07-25 01:00:08.445636429 +0200 ++++ dsniff-2.4/dnsspoof.c.pcap_init 2021-07-25 01:00:53.540928897 +0200 +@@ -309,7 +309,7 @@ + else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s", + libnet_addr2name4(lnet_ip, LIBNET_DONT_RESOLVE)); + +- if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL) ++ if ((pcap_pd = pcap_init_dsniff(dev, buf, 128)) == NULL) + errx(1, "couldn't initialize sniffing"); + + if ((pcap_off = pcap_dloff(pcap_pd)) < 0) +--- dsniff-2.4/pcaputil.c 2021-07-25 01:00:08.469636585 +0200 ++++ dsniff-2.4/pcaputil.c.pcap_init 2021-07-25 01:00:59.816969598 +0200 +@@ -111,7 +111,7 @@ + } + + pcap_t * +-pcap_init(char *intf, char *filter, int snaplen) ++pcap_init_dsniff(char *intf, char *filter, int snaplen) + { + pcap_t *pd; + u_int net, mask; +--- dsniff-2.4/pcaputil.h 2001-03-15 09:33:06.000000000 +0100 ++++ dsniff-2.4/pcaputil.h.pcap_init 2021-07-25 01:07:46.246603851 +0200 +@@ -11,7 +11,7 @@ + #ifndef PCAPUTIL_H + #define PCAPUTIL_H + +-pcap_t *pcap_init(char *intf, char *filter, int snaplen); ++pcap_t *pcap_init_dsniff(char *intf, char *filter, int snaplen); + + int pcap_dloff(pcap_t *pd); + +--- dsniff-2.4/tcpkill.c 2021-07-25 01:00:08.426636306 +0200 ++++ dsniff-2.4/tcpkill.c.pcap_init 2021-07-25 01:01:06.728014416 +0200 +@@ -130,7 +130,7 @@ + + filter = copy_argv(argv); + +- if ((pd = pcap_init(intf, filter, 64)) == NULL) ++ if ((pd = pcap_init_dsniff(intf, filter, 64)) == NULL) + errx(1, "couldn't initialize sniffing"); + + if ((pcap_off = pcap_dloff(pd)) < 0) +--- dsniff-2.4/tcpnice.c 2021-07-25 01:00:08.426636306 +0200 ++++ dsniff-2.4/tcpnice.c.pcap_init 2021-07-25 01:01:13.816060381 +0200 +@@ -204,7 +204,7 @@ + + filter = copy_argv(argv); + +- if ((pd = pcap_init(intf, filter, 128)) == NULL) ++ if ((pd = pcap_init_dsniff(intf, filter, 128)) == NULL) + errx(1, "couldn't initialize sniffing"); + + if ((pcap_off = pcap_dloff(pd)) < 0) diff --git a/SOURCES/dsniff-2.4-pcap_read_dump.patch b/SOURCES/dsniff-2.4-pcap_read_dump.patch new file mode 100644 index 0000000..ec57d04 --- /dev/null +++ b/SOURCES/dsniff-2.4-pcap_read_dump.patch @@ -0,0 +1,531 @@ +Patch by Joseph Battaglia and Joshua Krage + for dsniff >= 2.4b1, which allows the reading of +saved PCAP capture files. For further information, please have a look +to Debian bug ID #153462 and #298604. + +--- dsniff-2.4b1/dsniff.8 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/dsniff.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -10,7 +10,7 @@ + .nf + .fi + \fBdsniff\fR [\fB-c\fR] [\fB-d\fR] [\fB-m\fR] [\fB-n\fR] [\fB-i +-\fIinterface\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] ++\fIinterface\fR | \fB-p \fIpcapfile\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] + [\fB-t \fItrigger[,...]\fR]] + [\fB-r\fR|\fB-w\fR \fIsavefile\fR] [\fIexpression\fR] + .SH DESCRIPTION +@@ -45,6 +45,9 @@ + Do not resolve IP addresses to hostnames. + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Rather than processing the contents of packets observed upon the network ++process the given PCAP capture file. + .IP "\fB-s \fIsnaplen\fR" + Analyze at most the first \fIsnaplen\fR bytes of each TCP connection, + rather than the default of 1024. +--- dsniff-2.4b1/dsniff.c 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/dsniff.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -46,8 +46,9 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: dsniff [-cdmn] [-i interface] [-s snaplen] [-f services]\n" +- " [-t trigger[,...]] [-r|-w savefile] [expression]\n"); ++ "Usage: dsniff [-cdmn] [-i interface | -p pcapfile] [-s snaplen]\n" ++ " [-f services] [-t trigger[,...]] [-r|-w savefile]\n" ++ " [expression]\n"); + exit(1); + } + +@@ -79,7 +80,7 @@ + + services = savefile = triggers = NULL; + +- while ((c = getopt(argc, argv, "cdf:i:mnr:s:t:w:h?V")) != -1) { ++ while ((c = getopt(argc, argv, "cdf:i:mnp:r:s:t:w:h?V")) != -1) { + switch (c) { + case 'c': + Opt_client = 1; +@@ -99,6 +100,9 @@ + case 'n': + Opt_dns = 0; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + case 'r': + Opt_read = 1; + savefile = optarg; +@@ -168,10 +172,23 @@ + else nids_register_tcp(trigger_tcp); + + if (nids_params.pcap_filter != NULL) { +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } + } +- else warnx("listening on %s", nids_params.device); + + nids_run(); + +--- dsniff-2.4b1/filesnarf.8 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/filesnarf.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBfilesnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] ++\fBfilesnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] + .SH DESCRIPTION + .ad + .fi +@@ -18,6 +18,8 @@ + .SH OPTIONS + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP \fB-v\fR + "Versus" mode. Invert the sense of matching, to select non-matching + files. +--- dsniff-2.4b1/filesnarf.c 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/filesnarf.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -51,7 +51,7 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: filesnarf [-i interface] [[-v] pattern [expression]]\n"); ++ "Usage: filesnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); + exit(1); + } + +@@ -464,11 +464,14 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "i:vh?V")) != -1) { ++ while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + case 'v': + Opt_invert = 1; + break; +@@ -498,11 +501,24 @@ + nids_register_ip(decode_udp_nfs); + nids_register_tcp(decode_tcp_nfs); + +- if (nids_params.pcap_filter != NULL) { +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); +- } +- else warnx("listening on %s", nids_params.device); ++ if (nids_params.pcap_filter != NULL) { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ } + + nids_run(); + +--- dsniff-2.4b1/mailsnarf.8 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/mailsnarf.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBmailsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] ++\fBmailsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] + .SH DESCRIPTION + .ad + .fi +@@ -19,6 +19,8 @@ + .SH OPTIONS + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP \fB-v\fR + "Versus" mode. Invert the sense of matching, to select non-matching + messages. +--- dsniff-2.4b1/mailsnarf.c 2005-07-11 20:41:18.000000000 +0000 ++++ dsniff-2.4b1/mailsnarf.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -59,7 +59,7 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: mailsnarf [-i interface] [[-v] pattern [expression]]\n"); ++ "Usage: mailsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); + exit(1); + } + +@@ -344,11 +344,14 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "i:vh?V")) != -1) { ++ while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + case 'v': + Opt_invert = 1; + break; +@@ -378,10 +381,23 @@ + nids_register_tcp(sniff_pop_session); + + if (nids_params.pcap_filter != NULL) { +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } + } +- else warnx("listening on %s", nids_params.device); ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ } + + nids_run(); + +--- dsniff-2.4b1/msgsnarf.8 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/msgsnarf.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBmsgsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] ++\fBmsgsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] + .SH DESCRIPTION + .ad + .fi +@@ -19,6 +19,8 @@ + .SH OPTIONS + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP \fB-v\fR + "Versus" mode. Invert the sense of matching, to select non-matching + messages. +--- dsniff-2.4b1/msgsnarf.c 2005-07-11 20:41:18.000000000 +0000 ++++ dsniff-2.4b1/msgsnarf.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -45,7 +45,7 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: msgsnarf [-i interface] [[-v] pattern [expression]]\n"); ++ "Usage: msgsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); + exit(1); + } + +@@ -633,11 +633,14 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "i:hv?V")) != -1) { ++ while ((c = getopt(argc, argv, "i:p:hv?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + case 'v': + Opt_invert = 1; + break; +@@ -666,11 +669,24 @@ + + nids_register_tcp(sniff_msgs); + +- if (nids_params.pcap_filter != NULL) { +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); +- } +- else warnx("listening on %s", nids_params.device); ++ if (nids_params.pcap_filter != NULL) { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ } + + nids_run(); + +--- dsniff-2.4b1/sshow.8 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/sshow.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR] [\fIexpression\fR] ++\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [\fIexpression\fR] + .SH DESCRIPTION + .ad + .fi +@@ -28,6 +28,8 @@ + Enable verbose debugging output. + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP "\fIexpression\fR" + Specify a tcpdump(8) filter expression to select traffic to sniff. + .SH "SEE ALSO" +--- dsniff-2.4b1/sshow.c 2005-07-11 20:41:18.000000000 +0000 ++++ dsniff-2.4b1/sshow.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -82,7 +82,7 @@ + static void + usage(void) + { +- fprintf(stderr, "Usage: sshow [-d] [-i interface]\n"); ++ fprintf(stderr, "Usage: sshow [-d] [-i interface | -p pcapfile]\n"); + exit(1); + } + +@@ -616,7 +616,7 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "di:h?")) != -1) { ++ while ((c = getopt(argc, argv, "di:p:h?")) != -1) { + switch (c) { + case 'd': + debug++; +@@ -624,6 +624,9 @@ + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + default: + usage(); + break; +@@ -652,11 +655,24 @@ + + nids_register_tcp(process_event); + +- if (nids_params.pcap_filter != NULL) { +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); +- } +- else warnx("listening on %s", nids_params.device); ++ if (nids_params.pcap_filter != NULL) { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ } + + nids_run(); + +--- dsniff-2.4b1/urlsnarf.8 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/urlsnarf.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] ++\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] + .SH DESCRIPTION + .ad + .fi +@@ -21,6 +21,9 @@ + .IP \fB-n\fR + Do not resolve IP addresses to hostnames. + .IP "\fB-i \fIinterface\fR" ++Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP \fB-v\fR + "Versus" mode. Invert the sense of matching, to select non-matching + URLs. +--- dsniff-2.4b1/urlsnarf.c 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/urlsnarf.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -41,7 +41,7 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: urlsnarf [-n] [-i interface] [[-v] pattern [expression]]\n"); ++ "Usage: urlsnarf [-n] [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); + exit(1); + } + +@@ -201,11 +201,14 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "i:nvh?V")) != -1) { ++ while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + case 'n': + Opt_dns = 0; + break; +@@ -238,8 +241,24 @@ + + nids_register_tcp(sniff_http_client); + +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); ++ if (nids_params.pcap_filter != NULL) { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ } + + nids_run(); + +--- dsniff-2.4b1/webspy.8 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/webspy.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBwebspy\fR [\fB-i \fIinterface\fR] \fIhost\fR ++\fBwebspy\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] \fIhost\fR + .SH DESCRIPTION + .ad + .fi +@@ -20,6 +20,8 @@ + .SH OPTIONS + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP \fIhost\fR + Specify the web client to spy on. + .SH "SEE ALSO" +--- dsniff-2.4b1/webspy.c 2005-07-11 20:41:14.000000000 +0000 ++++ dsniff-2.4b1/webspy.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 +@@ -42,7 +42,7 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: %s [-i interface] host\n", progname); ++ "Usage: %s [-i interface | -p pcapfile] host\n", progname); + exit(1); + } + +@@ -184,11 +184,14 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "i:h?V")) != -1) { ++ while ((c = getopt(argc, argv, "i:p:h?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + default: + usage(); + } +@@ -216,7 +219,13 @@ + + nids_register_tcp(sniff_http_client); + +- warnx("listening on %s", nids_params.device); ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ + + nids_run(); + diff --git a/SOURCES/dsniff-2.4-pntohl_shift.patch b/SOURCES/dsniff-2.4-pntohl_shift.patch new file mode 100644 index 0000000..d4c7086 --- /dev/null +++ b/SOURCES/dsniff-2.4-pntohl_shift.patch @@ -0,0 +1,15 @@ +Patch by Matthew Boyle for dsniff >= 2.4b1 which corrects +the incorrect bit-shift in pntohl(), the left-shift should be 8 bits, not 18. For +further information please have a look to Red Hat Bugzilla ID #714958 and #850496. + +--- dsniff-2.4/decode.h 2001-03-15 09:33:06.000000000 +0100 ++++ dsniff-2.4/decode.h.pntohl_shift 2013-12-20 22:16:52.000000000 +0100 +@@ -35,7 +35,7 @@ + (u_short)*((u_char *)p+0)<<8)) + + #define pntohl(p) ((u_int32_t)*((u_char *)p+3)<<0| \ +- (u_int32_t)*((u_char *)p+2)<<18| \ ++ (u_int32_t)*((u_char *)p+2)<<8| \ + (u_int32_t)*((u_char *)p+1)<<16| \ + (u_int32_t)*((u_char *)p+0)<<24) + diff --git a/SOURCES/dsniff-2.4-pop_with_version.patch b/SOURCES/dsniff-2.4-pop_with_version.patch new file mode 100644 index 0000000..7d44861 --- /dev/null +++ b/SOURCES/dsniff-2.4-pop_with_version.patch @@ -0,0 +1,28 @@ +Patch by Luciano Bello for dsniff >= 2.4b1, which +allows to distinguish between different POP versions. + +--- dsniff-2.4b1/decode.c 2007-08-11 18:43:41.000000000 -0300 ++++ dsniff-2.4b1/decode.c.pop_version 2007-08-11 19:01:08.000000000 -0300 +@@ -63,7 +63,8 @@ + { "http", decode_http }, + { "ospf", decode_ospf }, + { "poppass", decode_poppass }, +- { "pop", decode_pop }, ++ { "pop2", decode_pop }, ++ { "pop3", decode_pop }, + { "nntp", decode_nntp }, + { "smb", decode_smb }, + { "imap", decode_imap }, +--- dsniff-2.4b1/dsniff.services 2007-08-11 18:43:41.000000000 -0300 ++++ dsniff-2.4b1/dsniff.services.pop 2007-08-11 19:00:21.000000000 -0300 +@@ -10,8 +10,8 @@ + ospf 89/ip + http 98/tcp + poppass 106/tcp +-pop 109/tcp +-pop 110/tcp ++pop2 109/tcp ++pop3 110/tcp + portmap 111/tcp + portmap -111/tcp + portmap 111/udp diff --git a/SOURCES/dsniff-2.4-remote_typo.patch b/SOURCES/dsniff-2.4-remote_typo.patch new file mode 100644 index 0000000..fbc0a33 --- /dev/null +++ b/SOURCES/dsniff-2.4-remote_typo.patch @@ -0,0 +1,14 @@ +Patch by Marcos Fouces for dsniff >= 2.4b1, which fixes +a minor spelling error in source code. + +--- dsniff-2.4/remote.c 2000-11-14 16:51:04.000000000 +0100 ++++ dsniff-2.4/remote.c.remote_typo 2017-02-11 23:03:25.420064992 +0100 +@@ -652,7 +652,7 @@ + if (remote_command_count > 0) + { + fprintf (stderr, +- "%s: the `-id' option must preceed all `-remote' options.\n", ++ "%s: the `-id' option must precede all `-remote' options.\n", + progname); + usage (); + exit (-1); diff --git a/SOURCES/dsniff-2.4-rpc_segfault.patch b/SOURCES/dsniff-2.4-rpc_segfault.patch new file mode 100644 index 0000000..6db6144 --- /dev/null +++ b/SOURCES/dsniff-2.4-rpc_segfault.patch @@ -0,0 +1,17 @@ +Patch based on suggestion by Matthew Boyle for dsniff >= +2.4b1 which avoids xdrs being used without being initialised first. Without this +patch dsniff segfaults when decoding RPC packets on x86_64. For further information +please also have a look to Red Hat Bugzilla ID #715042 and #850494. + +--- dsniff-2.4/rpc.c 2001-03-15 09:33:04.000000000 +0100 ++++ dsniff-2.4/rpc.c.rpc_segfault 2013-12-20 22:49:34.000000000 +0100 +@@ -125,6 +125,9 @@ + return (0); + } + } ++ else ++ return (0); ++ + stat = xdr_getpos(&xdrs); + xdr_destroy(&xdrs); + diff --git a/SOURCES/dsniff-2.4-smp_mflags.patch b/SOURCES/dsniff-2.4-smp_mflags.patch new file mode 100644 index 0000000..4138717 --- /dev/null +++ b/SOURCES/dsniff-2.4-smp_mflags.patch @@ -0,0 +1,70 @@ +Patch by Robert Scheck for dsniff >= 2.4b1 which +ensures when building using %{?_smp_mflags} that libmissing.a is built when +its being used for linking. + +--- dsniff-2.4/Makefile.in 2018-07-14 02:54:20.405095355 +0200 ++++ dsniff-2.4/Makefile.in.smp_mflags 2018-07-14 02:54:44.973245128 +0200 +@@ -92,49 +92,49 @@ + ar -cr $@ $(LIBOBJS) + $(RANLIB) $@ + +-dsniff: $(HDRS) $(SRCS) $(OBJS) ++dsniff: $(HDRS) $(SRCS) $(OBJS) libmissing.a + $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) + +-arpspoof: arpspoof.o arp.o ++arpspoof: arpspoof.o arp.o libmissing.a + $(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(LIBS) $(PCAPLIB) $(LNETLIB) + +-dnsspoof: dnsspoof.o pcaputil.o ++dnsspoof: dnsspoof.o pcaputil.o libmissing.a + $(CC) $(LDFLAGS) -o $@ dnsspoof.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) + +-filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o ++filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o libmissing.a + $(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) + +-macof: macof.o ++macof: macof.o libmissing.a + $(CC) $(LDFLAGS) -o $@ macof.o $(LIBS) $(PCAPLIB) $(LNETLIB) + +-mailsnarf: mailsnarf.o buf.o pcaputil.o ++mailsnarf: mailsnarf.o buf.o pcaputil.o libmissing.a + $(CC) $(LDFLAGS) -o $@ mailsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) + +-msgsnarf: msgsnarf.o buf.o pcaputil.o ++msgsnarf: msgsnarf.o buf.o pcaputil.o libmissing.a + $(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) + +-sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o ++sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o libmissing.a + $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) + +-sshow: sshow.o pcaputil.o ++sshow: sshow.o pcaputil.o libmissing.a + $(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) + +-tcpkill: tcpkill.o pcaputil.o ++tcpkill: tcpkill.o pcaputil.o libmissing.a + $(CC) $(LDFLAGS) -o $@ tcpkill.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) + +-tcpnice: tcpnice.o pcaputil.o ++tcpnice: tcpnice.o pcaputil.o libmissing.a + $(CC) $(LDFLAGS) -o $@ tcpnice.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) + + tcphijack: tcphijack.o pcaputil.o + $(CC) $(LDFLAGS) -o $@ tcphijack.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) + +-urlsnarf: urlsnarf.o base64.o buf.o pcaputil.o ++urlsnarf: urlsnarf.o base64.o buf.o pcaputil.o libmissing.a + $(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) + +-webmitm: webmitm.o base64.o buf.o decode_http.o record.o ++webmitm: webmitm.o base64.o buf.o decode_http.o record.o libmissing.a + $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) + +-webspy: webspy.o base64.o buf.o remote.o ++webspy: webspy.o base64.o buf.o remote.o libmissing.a + $(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB) + + install: diff --git a/SOURCES/dsniff-2.4-sshcrypto.patch b/SOURCES/dsniff-2.4-sshcrypto.patch new file mode 100644 index 0000000..958ed2a --- /dev/null +++ b/SOURCES/dsniff-2.4-sshcrypto.patch @@ -0,0 +1,14 @@ +Patch by Steve Kemp for dsniff >= 2.4b1, which adds the +missing OpenSSL includes for header files. + +--- dsniff-2.4b1/sshcrypto.c 2006-11-02 23:41:11.000000000 -0300 ++++ dsniff-2.4b1/sshcrypto.c.sshcrypto 2006-11-02 23:41:55.000000000 -0300 +@@ -14,6 +14,8 @@ + + #include + #include ++#include ++#include + + #include + #include diff --git a/SOURCES/dsniff-2.4-string_header.patch b/SOURCES/dsniff-2.4-string_header.patch new file mode 100644 index 0000000..b75e441 --- /dev/null +++ b/SOURCES/dsniff-2.4-string_header.patch @@ -0,0 +1,164 @@ +Patch by Luciano Bello for dsniff >= 2.4b1, which +adds missing includes of the string header file. + +--- dsniff-2.4b1/arp.c 2007-06-17 16:22:49.000000000 -0300 ++++ dsniff-2.4b1/arp.c.string_header 2007-06-17 16:22:49.000000000 -0300 +@@ -34,6 +34,7 @@ + #include + #include + #include ++#include + + #include "arp.h" + +--- dsniff-2.4b1/buf.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/buf.c.string_header 2007-06-17 16:22:49.000000000 -0300 +@@ -17,6 +17,7 @@ + #include + #include + #include ++#include + + #include "buf.h" + +--- dsniff-2.4b1/decode_nntp.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_nntp.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -15,6 +15,7 @@ + + #include + #include ++#include + + #include "base64.h" + #include "decode.h" +--- dsniff-2.4b1/decode_pop.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_pop.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -14,6 +14,7 @@ + + #include + #include ++#include + + #include "base64.h" + #include "options.h" +--- dsniff-2.4b1/decode_rlogin.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_rlogin.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -14,6 +14,8 @@ + + #include + #include ++#include ++#include + + #include "options.h" + #include "decode.h" +--- dsniff-2.4b1/decode_smb.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_smb.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -15,6 +15,7 @@ + + #include + #include ++#include + + #include "decode.h" + +--- dsniff-2.4b1/decode_smtp.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_smtp.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -14,6 +14,7 @@ + + #include + #include ++#include + + #include "base64.h" + #include "options.h" +--- dsniff-2.4b1/decode_sniffer.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_sniffer.c.str 2007-06-17 16:22:49.000000000 -0300 +@@ -15,6 +15,8 @@ + + #include + #include ++#include ++#include + + #include "base64.h" + #include "decode.h" +--- dsniff-2.4b1/decode_socks.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_socks.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -14,6 +14,7 @@ + + #include + #include ++#include + + #include "decode.h" + +--- dsniff-2.4b1/decode_tds.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_tds.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -18,6 +18,7 @@ + + #include + #include ++#include + + #include "decode.h" + +--- dsniff-2.4b1/decode_telnet.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_telnet.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -14,6 +14,7 @@ + + #include + #include ++#include + + #include "options.h" + #include "decode.h" +--- dsniff-2.4b1/decode_x11.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/decode_x11.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -14,6 +14,8 @@ + + #include + #include ++#include ++#include + + #include "decode.h" + +--- dsniff-2.4b1/dnsspoof.c 2007-06-17 16:22:49.000000000 -0300 ++++ dsniff-2.4b1/dnsspoof.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -20,6 +20,7 @@ + #include + #include + #include ++#include + #include + #include + #include +--- dsniff-2.4b1/magic.c 2007-06-17 16:22:39.000000000 -0300 ++++ dsniff-2.4b1/magic.c.string_header 2007-06-17 16:22:49.000000000 -0300 +@@ -36,6 +36,7 @@ + #include + #include + #include ++#include + #include + #include + #include +--- dsniff-2.4b1/sshmitm.c 2007-06-17 16:22:49.000000000 -0300 ++++ dsniff-2.4b1/sshmitm.c.string 2007-06-17 16:22:49.000000000 -0300 +@@ -24,6 +24,7 @@ + #include + #include + #include ++#include + + #include "buf.h" + #include "record.h" +--- dsniff-2.4b1/missing/strlcat.h 1969-12-31 21:00:00.000000000 -0300 ++++ dsniff-2.4b1/missing/strlcat.h.str 2007-06-17 16:22:49.000000000 -0300 +@@ -0,0 +1 @@ ++size_t strlcat(char *dst, const char *src, size_t siz); +--- dsniff-2.4b1/missing/strlcpy.h 1969-12-31 21:00:00.000000000 -0300 ++++ dsniff-2.4b1/missing/strlcpy.h.str 2007-06-17 16:22:49.000000000 -0300 +@@ -0,0 +1 @@ ++size_t strlcpy(char *dst, const char *src, size_t siz); diff --git a/SOURCES/dsniff-2.4-sysconf_clocks.patch b/SOURCES/dsniff-2.4-sysconf_clocks.patch new file mode 100644 index 0000000..7120728 --- /dev/null +++ b/SOURCES/dsniff-2.4-sysconf_clocks.patch @@ -0,0 +1,26 @@ +Patch by for dsniff >= 2.4b1, which adds a clock fix. It +was improved by Robert Scheck to work with older +Linux kernel versions, too. + +--- dsniff-2.4b1/sshow.c 2007-12-03 23:50:12.000000000 +0100 ++++ dsniff-2.4b1/sshow.c.sysconf_clocks 2007-12-03 23:53:12.000000000 +0100 +@@ -217,6 +217,9 @@ + { + clock_t delay; + int payload; ++#if defined(_SC_CLK_TCK) ++ long CLK_TCK = sysconf(_SC_CLK_TCK); ++#endif + + delay = add_history(session, 0, cipher_size, plain_range); + +@@ -265,6 +268,9 @@ + clock_t delay; + int skip; + range string_range; ++#if defined(_SC_CLK_TCK) ++ long CLK_TCK = sysconf(_SC_CLK_TCK); ++#endif + + delay = add_history(session, 1, cipher_size, plain_range); + diff --git a/SOURCES/dsniff-2.4-tds_decoder.patch b/SOURCES/dsniff-2.4-tds_decoder.patch new file mode 100644 index 0000000..3bd18c4 --- /dev/null +++ b/SOURCES/dsniff-2.4-tds_decoder.patch @@ -0,0 +1,19 @@ +Patch by Hilko Bengen for dsniff >= 2.4b1, to avoid a +possible DoS opportunity in the Tabular Data Stream protocol handler. For +further information, please have a look to the Debian bug ID #609988 and +#712648. + +--- dsniff-2.4/decode_tds.c 2013-12-19 23:36:26.000000000 +0100 ++++ dsniff-2.4/decode_tds.c.tds_decoder 2013-12-19 23:38:01.000000000 +0100 +@@ -144,6 +144,11 @@ + len > sizeof(*th) && len >= ntohs(th->size); + buf += ntohs(th->size), len -= ntohs(th->size)) { + ++ if (th->size != 8) { ++ /* wrong header length */ ++ break; ++ } ++ + if (th->type == 2) { + /* Version 4.x, 5.0 */ + if (len < sizeof(*th) + sizeof(*tl)) diff --git a/SOURCES/dsniff-2.4-time_h.patch b/SOURCES/dsniff-2.4-time_h.patch new file mode 100644 index 0000000..570cf88 --- /dev/null +++ b/SOURCES/dsniff-2.4-time_h.patch @@ -0,0 +1,24 @@ +Patch by Steve Kemp for dsniff >= 2.4b1, which adds an +include of to fix a segfault on some architectures. For further +information, please have a look to Debian bug ID #315969. + +--- dsniff-2.4b1/msgsnarf.c 2001-03-15 08:33:04.000000000 +0000 ++++ dsniff-2.4b1/msgsnarf.c.time_h 2005-07-11 20:15:50.000000000 +0000 +@@ -23,6 +23,7 @@ + #include + #include + #include ++#include + + #include "buf.h" + #include "decode.h" +--- dsniff-2.4b1/sshow.c 2005-07-11 20:14:19.000000000 +0000 ++++ dsniff-2.4b1/sshow.c.time_h 2005-07-11 20:15:26.000000000 +0000 +@@ -15,6 +15,7 @@ + + #include + #include ++#include + + #include + #include diff --git a/SOURCES/dsniff-2.4-urlsnarf_escape.patch b/SOURCES/dsniff-2.4-urlsnarf_escape.patch new file mode 100644 index 0000000..4e9dfc0 --- /dev/null +++ b/SOURCES/dsniff-2.4-urlsnarf_escape.patch @@ -0,0 +1,86 @@ +Patch by Hilko Bengen for dsniff >= 2.4b1, which adds +escaping for user, vhost, uri, referrer and agent strings in the log. For +further information, please have a look to Debian bug ID #372536. + +--- dsniff-2.4b1/urlsnarf.c 2008-08-30 15:34:21.000000000 +0200 ++++ dsniff-2.4b1/urlsnarf.c.escape 2008-08-30 15:38:46.000000000 +0200 +@@ -84,6 +84,43 @@ + return (tstr); + } + ++static char * ++escape_log_entry(char *string) ++{ ++ char *out; ++ unsigned char *c, *o; ++ size_t len; ++ ++ if (!string) ++ return NULL; ++ ++ /* Determine needed length */ ++ for (c = string, len = 0; *c; c++) { ++ if ((*c < 32) || (*c >= 128)) ++ len += 4; ++ else if ((*c == '"') || (*c =='\\')) ++ len += 2; ++ else ++ len++; ++ } ++ out = malloc(len+1); ++ if (!out) ++ return NULL; ++ for (c = string, o = out; *c; c++, o++) { ++ if ((*c < 32) || (*c >= 128)) { ++ snprintf(o, 5, "\\x%02x", *c); ++ o += 3; ++ } else if ((*c == '"') || ((*c =='\\'))) { ++ *(o++) = '\\'; ++ *o = *c; ++ } else { ++ *o = *c; ++ } ++ } ++ out[len]='\0'; ++ return out; ++} ++ + static int + process_http_request(struct tuple4 *addr, u_char *data, int len) + { +@@ -142,18 +179,26 @@ + buf_tok(NULL, NULL, i); + } + } +- if (user == NULL) +- user = "-"; +- if (vhost == NULL) +- vhost = libnet_addr2name4(addr->daddr, Opt_dns); +- if (referer == NULL) +- referer = "-"; +- if (agent == NULL) +- agent = "-"; ++ user = escape_log_entry(user); ++ vhost = escape_log_entry(vhost); ++ uri = escape_log_entry(uri); ++ referer = escape_log_entry(referer); ++ agent = escape_log_entry(agent); + + printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n", + libnet_addr2name4(addr->saddr, Opt_dns), +- user, timestamp(), req, vhost, uri, referer, agent); ++ (user?user:"-"), ++ timestamp(), req, ++ (vhost?vhost:libnet_addr2name4(addr->daddr, Opt_dns)), ++ uri, ++ (referer?referer:"-"), ++ (agent?agent:"-")); ++ ++ free(user); ++ free(vhost); ++ free(uri); ++ free(referer); ++ free(agent); + } + fflush(stdout); + diff --git a/SOURCES/dsniff-2.4-urlsnarf_timestamp.patch b/SOURCES/dsniff-2.4-urlsnarf_timestamp.patch new file mode 100644 index 0000000..e50cdc9 --- /dev/null +++ b/SOURCES/dsniff-2.4-urlsnarf_timestamp.patch @@ -0,0 +1,80 @@ +Patch by Hilko Bengen for dsniff >= 2.4b1, which adds +the usage of timestamps from pcap file if available to urlsnarf. For some +more information, please have a look to Debian bug ID #573365. + +--- dsniff-2.4/urlsnarf.c 2011-10-09 18:13:49.000000000 +0200 ++++ dsniff-2.4/urlsnarf.c.timestamp 2011-10-09 18:37:33.000000000 +0200 +@@ -36,6 +36,7 @@ + u_short Opt_dns = 1; + int Opt_invert = 0; + regex_t *pregex = NULL; ++time_t tt = 0; + + static void + usage(void) +@@ -57,9 +58,12 @@ + { + static char tstr[32], sign; + struct tm *t, gmt; +- time_t tt = time(NULL); + int days, hours, tz, len; + ++ if (!nids_params.filename) { ++ tt = time(NULL); ++ } ++ + gmt = *gmtime(&tt); + t = localtime(&tt); + +@@ -312,9 +316,48 @@ + + nids_register_chksum_ctl(&chksum_ctl, 1); + +- nids_run(); +- +- /* NOTREACHED */ ++ pcap_t *p; ++ char pcap_errbuf[PCAP_ERRBUF_SIZE]; ++ if (nids_params.filename == NULL) { ++ /* adapted from libnids.c:open_live() */ ++ if (strcmp(nids_params.device, "all") == 0) ++ nids_params.device = "any"; ++ p = pcap_open_live(nids_params.device, 16384, ++ (nids_params.promisc != 0), ++ 0, pcap_errbuf); ++ if (!p) { ++ fprintf(stderr, "pcap_open_live(): %s\n", ++ pcap_errbuf); ++ exit(1); ++ } ++ } ++ else { ++ p = pcap_open_offline(nids_params.filename, ++ pcap_errbuf); ++ if (!p) { ++ fprintf(stderr, "pcap_open_offline(%s): %s\n", ++ nids_params.filename, pcap_errbuf); ++ } ++ } ++ ++ struct pcap_pkthdr *h; ++ u_char *d; ++ int rc; ++ while ((rc = pcap_next_ex(p, &h, &d)) == 1) { ++ tt = h->ts.tv_sec; ++ nids_pcap_handler(NULL, h, d); ++ } ++ switch (rc) { ++ case(-2): /* end of pcap file */ ++ case(0): /* timeout on live capture */ ++ break; ++ case(-1): ++ default: ++ fprintf(stderr, "rc = %i\n", rc); ++ pcap_perror(p, "pcap_read_ex()"); ++ exit(1); ++ break; ++ } + + exit(0); + } diff --git a/SOURCES/dsniff-2.4-urlsnarf_zeropad.patch b/SOURCES/dsniff-2.4-urlsnarf_zeropad.patch new file mode 100644 index 0000000..e6abf1a --- /dev/null +++ b/SOURCES/dsniff-2.4-urlsnarf_zeropad.patch @@ -0,0 +1,15 @@ +Patch by Steve Kemp for dsniff >= 2.4b1, which fixes the +zero-pad date. For further information, please have a look to Debian bug ID +#298605. + +--- dsniff-2.4b1/urlsnarf.c 2005-06-23 03:30:37.000000000 +0000 ++++ dsniff-2.4b1/urlsnarf.c.zeropad 2005-06-23 04:04:07.000000000 +0000 +@@ -68,7 +68,7 @@ + t->tm_hour - gmt.tm_hour); + tz = hours * 60 + t->tm_min - gmt.tm_min; + +- len = strftime(tstr, sizeof(tstr), "%e/%b/%Y:%X", t); ++ len = strftime(tstr, sizeof(tstr), "%d/%b/%Y:%X", t); + if (len < 0 || len > sizeof(tstr) - 5) + return (NULL); + diff --git a/SPECS/dsniff.spec b/SPECS/dsniff.spec new file mode 100644 index 0000000..59e65dc --- /dev/null +++ b/SPECS/dsniff.spec @@ -0,0 +1,280 @@ +Summary: Tools for network auditing and penetration testing +Name: dsniff +Version: 2.4 +Release: 0.36.b1%{?dist} +License: BSD +URL: https://www.monkey.org/~dugsong/%{name}/ +Source0: https://www.monkey.org/~dugsong/%{name}/beta/%{name}-%{version}b1.tar.gz +Patch0: dsniff-2.4-time_h.patch +Patch1: dsniff-2.4-mailsnarf_corrupt.patch +Patch2: dsniff-2.4-pcap_read_dump.patch +Patch3: dsniff-2.4-multiple_intf.patch +Patch4: dsniff-2.4-amd64_fix.patch +Patch5: dsniff-2.4-urlsnarf_zeropad.patch +Patch6: dsniff-2.4-libnet_11.patch +Patch7: dsniff-2.4-checksum.patch +Patch8: dsniff-2.4-openssl_098.patch +Patch9: dsniff-2.4-sshcrypto.patch +Patch10: dsniff-2.4-sysconf_clocks.patch +Patch11: dsniff-2.4-urlsnarf_escape.patch +Patch12: dsniff-2.4-string_header.patch +Patch13: dsniff-2.4-arpa_inet_header.patch +Patch14: dsniff-2.4-pop_with_version.patch +Patch15: dsniff-2.4-obsolete_time.patch +Patch16: dsniff-2.4-checksum_libnids.patch +Patch17: dsniff-2.4-fedora_dirs.patch +Patch18: dsniff-2.4-glib2.patch +Patch19: dsniff-2.4-link_layer_offset.patch +Patch20: dsniff-2.4-tds_decoder.patch +Patch21: dsniff-2.4-msgsnarf_segfault.patch +Patch22: dsniff-2.4-urlsnarf_timestamp.patch +Patch23: dsniff-2.4-arpspoof_reverse.patch +Patch24: dsniff-2.4-arpspoof_multiple.patch +Patch25: dsniff-2.4-arpspoof_hwaddr.patch +Patch26: dsniff-2.4-modernize_pop.patch +Patch27: dsniff-2.4-libnet_name2addr4.patch +Patch28: dsniff-2.4-pntohl_shift.patch +Patch29: dsniff-2.4-rpc_segfault.patch +Patch30: dsniff-2.4-openssl_110.patch +Patch31: dsniff-2.4-remote_typo.patch +Patch32: dsniff-2.4-smp_mflags.patch +Patch33: dsniff-2.4-libtirpc.patch +Patch34: dsniff-2.4-pcap_init.patch +BuildRequires: gcc +BuildRequires: libnet-devel +%if 0%{?fedora} || 0%{?rhel} >= 8 +BuildRequires: openssl-devel +%else +BuildRequires: openssl11-devel +%endif +BuildRequires: libnids-devel +BuildRequires: glib2-devel +BuildRequires: libpcap-devel +BuildRequires: libdb-devel +BuildRequires: libXmu-devel +%if 0%{?fedora} || 0%{?rhel} >= 8 +BuildRequires: rpcgen +BuildRequires: libtirpc-devel +BuildRequires: libnsl2-devel +%endif +BuildRequires: make + +%description +A collection of tools for network auditing and penetration testing. Dsniff, +filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy allow to passively monitor +a network for interesting data (passwords, e-mail, files). Arpspoof, dnsspoof +and macof facilitate the interception of network traffic normally unavailable +to an attacker (e.g, due to layer-2 switching). Sshmitm and webmitm implement +active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions +by exploiting weak bindings in ad-hoc PKI. + +%prep +%setup -q +%patch0 -p1 -b .time_h +%patch1 -p1 -b .mailsnarf +%patch2 -p1 -b .pcap_dump +%patch3 -p1 -b .multiple_intf +%patch4 -p1 -b .amd64_fix +%patch5 -p1 -b .urlsnarf_zeropad +%patch6 -p1 -b .libnet_11 +%patch7 -p1 -b .checksum +%patch8 -p1 -b .openssl_098 +%patch9 -p1 -b .sshcrypto +%patch10 -p1 -b .sysconf_clocks +%patch11 -p1 -b .urlsnarf_escape +%patch12 -p1 -b .string_header +%patch13 -p1 -b .arpa_inet_header +%patch14 -p1 -b .pop_with_version +%patch15 -p1 -b .obsolete_time +%patch16 -p1 -b .checksum_libnids +%patch17 -p1 -b .fedora_dirs +%patch18 -p1 -b .glib2 +%patch19 -p1 -b .link_layer_offset +%patch20 -p1 -b .tds_decoder +%patch21 -p1 -b .msgsnarf_segfault +%patch22 -p1 -b .urlsnarf_timestamp +%patch23 -p1 -b .arpspoof_reverse +%patch24 -p1 -b .arpspoof_multiple +%patch25 -p1 -b .arpspoof_hwaddr +%patch26 -p1 -b .modernize_pop +%patch27 -p1 -b .libnet_name2addr4 +%patch28 -p1 -b .pntohl_shift +%patch29 -p1 -b .rpc_segfault +%patch30 -p1 -b .openssl_110 +%patch31 -p1 -b .remote_typo +%patch32 -p1 -b .smp_mflags +%if 0%{?fedora} || 0%{?rhel} >= 8 +%patch33 -p1 -b .libtirpc +%endif +%patch34 -p1 -b .pcap_init + +%build +%if 0%{?rhel} == 7 +sed \ + -e 's|include/openssl/|include/openssl11/openssl/|g' \ + -e 's|\(SSLINC="\)-I${prefix}/include|\1$(pkg-config --cflags openssl11)|g' \ + -e 's|\(SSLLIB="\)-L${prefix}/lib -lssl -lcrypto|\1$(pkg-config --libs openssl11)|g' \ + -i configure +%endif + +%configure +%make_build + +%install +%make_install install_prefix=$RPM_BUILD_ROOT + +%files +%license LICENSE +%doc CHANGES README TODO +%dir %{_sysconfdir}/%{name}/ +%config(noreplace) %{_sysconfdir}/%{name}/* +%{_sbindir}/arpspoof +%{_sbindir}/dnsspoof +%{_sbindir}/%{name} +%{_sbindir}/filesnarf +%{_sbindir}/macof +%{_sbindir}/mailsnarf +%{_sbindir}/msgsnarf +%{_sbindir}/sshmitm +%{_sbindir}/sshow +%{_sbindir}/tcpkill +%{_sbindir}/tcpnice +%{_sbindir}/urlsnarf +%{_sbindir}/webmitm +%{_sbindir}/webspy +%{_mandir}/man8/arpspoof.8* +%{_mandir}/man8/dnsspoof.8* +%{_mandir}/man8/%{name}.8* +%{_mandir}/man8/filesnarf.8* +%{_mandir}/man8/macof.8* +%{_mandir}/man8/mailsnarf.8* +%{_mandir}/man8/msgsnarf.8* +%{_mandir}/man8/sshmitm.8* +%{_mandir}/man8/sshow.8* +%{_mandir}/man8/tcpkill.8* +%{_mandir}/man8/tcpnice.8* +%{_mandir}/man8/urlsnarf.8* +%{_mandir}/man8/webmitm.8* +%{_mandir}/man8/webspy.8* + +%changelog +* Sun Jul 25 2021 Robert Scheck 2.4-0.36.b1 +- Added patch to work around pcap_init() API change in libpcap + +* Wed Jul 21 2021 Fedora Release Engineering - 2.4-0.35.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Tue Jan 26 2021 Fedora Release Engineering - 2.4-0.34.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Sat Aug 01 2020 Fedora Release Engineering - 2.4-0.33.b1 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jul 27 2020 Fedora Release Engineering - 2.4-0.32.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jan 28 2020 Fedora Release Engineering - 2.4-0.31.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Wed Jul 24 2019 Fedora Release Engineering - 2.4-0.30.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu Jan 31 2019 Fedora Release Engineering - 2.4-0.29.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Thu Jul 12 2018 Fedora Release Engineering - 2.4-0.28.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Sun May 27 2018 Robert Scheck 2.4-0.27.b1 +- Added patch to allow building dsniff against libtirpc (#1582770) + +* Wed Feb 07 2018 Fedora Release Engineering - 2.4-0.26.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Wed Aug 02 2017 Fedora Release Engineering - 2.4-0.25.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 2.4-0.24.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Robert Scheck 2.4-0.23.b1 +- Added patch to allow building dsniff with OpenSSL >= 1.1.0 +- Added patch to correct a typo related to the -remote option + +* Fri Feb 10 2017 Fedora Release Engineering - 2.4-0.22.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Feb 03 2016 Fedora Release Engineering - 2.4-0.21.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Jun 17 2015 Fedora Release Engineering - 2.4-0.20.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sat Aug 16 2014 Fedora Release Engineering - 2.4-0.19.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 2.4-0.18.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Fri Dec 20 2013 Robert Scheck 2.4-0.17.b1 +- Corrected patch which touches tabular data stream protocol handler +- Added a patch to add both communication partners in arpspoof +- Added patch to allow multiple targets to be imitated simultaniously +- Added patch to allow the selection of source hw address in arpspoof +- Added a patch which fixes and modernizes the POP decoder +- Fixed segmentation faults related to libnet_name2addr4() (#1009879) +- Added a patch to fix bit-shift in pntohl() macro (#714958, #850496) +- Avoid xdrs being used without being initialised (#715042, #850494) + +* Sat Aug 03 2013 Fedora Release Engineering - 2.4-0.16.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Wed Feb 13 2013 Fedora Release Engineering - 2.4-0.15.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Mon Jul 30 2012 Robert Scheck 2.4-0.14.b1 +- Added a patch which adds further link layer offsets +- Avoid opportunity for DoS in tabular data stream protocol handler +- Added a memset in msgsnarf to correctly 0 out the C struct +- Patched urlsnarf to use timestamps from pcap file if available + +* Wed Jul 18 2012 Fedora Release Engineering - 2.4-0.13.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Mar 30 2012 Jon Ciesla - 2.4-0.12.b1 +- libnet rebuild + +* Fri Jan 13 2012 Fedora Release Engineering - 2.4-0.11.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Feb 08 2011 Fedora Release Engineering - 2.4-0.10.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon Mar 29 2010 Robert Scheck 2.4-0.9.b1 +- Rebuild against libnids 1.24 + +* Fri Jan 08 2010 Robert Scheck 2.4-0.8.b1 +- Added build requirement to libXmu-devel for webspy (#553230) + +* Fri Aug 21 2009 Tomas Mraz - 2.4-0.7.b1 +- rebuilt with new openssl + +* Fri Jul 24 2009 Fedora Release Engineering - 2.4-0.6.b1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Mon Feb 23 2009 Robert Scheck 2.4-0.5.b1 +- Rebuild against gcc 4.4 and rpm 4.6 + +* Sat Aug 30 2008 Robert Scheck 2.4-0.4.b1 +- Re-diffed dsniff url log escaping patch for no fuzz + +* Thu May 29 2008 Robert Scheck 2.4-0.3.b1 +- Rebuild against libnids 1.23 + +* Sun Feb 10 2008 Robert Scheck 2.4-0.2.b1 +- Rebuild against gcc 4.3 + +* Thu Nov 29 2007 Robert Scheck 2.4-0.1.b1 +- Upgrade to 2.4b1 and added many patches from Debian +- Initial spec file for Fedora and Red Hat Enterprise Linux