tuibuilder_pel7x64builder0
3 years ago
36 changed files with 4131 additions and 0 deletions
@ -0,0 +1,219 @@ |
|||||||
|
Patch by Steve Kemp <skx@debian.org> for dsniff >= 2.4b1, which fixes the |
||||||
|
compiling under AMD64 respectively x86_64. For further information, please |
||||||
|
have a look to Debian bug ID #254002. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/configure 2005-06-23 03:30:37.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/configure.amd64_fix 2005-06-23 04:15:59.000000000 +0000 |
||||||
|
@@ -2667,15 +2667,62 @@ |
||||||
|
echo "$ac_t""no" 1>&6 |
||||||
|
fi |
||||||
|
|
||||||
|
+echo $ac_n "checking for __dn_expand in -lresolv""... $ac_c" 1>&6 |
||||||
|
+echo "configure:2672: checking for __dn_expand in -lresolv" >&5 |
||||||
|
+ac_lib_var=`echo resolv'_'__dn_expand | sed 'y%./+-%__p_%'` |
||||||
|
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then |
||||||
|
+ echo $ac_n "(cached) $ac_c" 1>&6 |
||||||
|
+else |
||||||
|
+ ac_save_LIBS="$LIBS" |
||||||
|
+LIBS="-lresolv $LIBS" |
||||||
|
+cat > conftest.$ac_ext <<EOF |
||||||
|
+#line 2680 "configure" |
||||||
|
+#include "confdefs.h" |
||||||
|
+/* Override any gcc2 internal prototype to avoid an error. */ |
||||||
|
+/* We use char because int might match the return type of a gcc2 |
||||||
|
+ builtin and then its argument prototype would still apply. */ |
||||||
|
+char __dn_expand(); |
||||||
|
+ |
||||||
|
+int main() { |
||||||
|
+__dn_expand() |
||||||
|
+; return 0; } |
||||||
|
+EOF |
||||||
|
+if { (eval echo configure:2691: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||||
|
+ rm -rf conftest* |
||||||
|
+ eval "ac_cv_lib_$ac_lib_var=yes" |
||||||
|
+else |
||||||
|
+ echo "configure: failed program was:" >&5 |
||||||
|
+ cat conftest.$ac_ext >&5 |
||||||
|
+ rm -rf conftest* |
||||||
|
+ eval "ac_cv_lib_$ac_lib_var=no" |
||||||
|
+fi |
||||||
|
+rm -f conftest* |
||||||
|
+LIBS="$ac_save_LIBS" |
||||||
|
+ |
||||||
|
+fi |
||||||
|
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then |
||||||
|
+ echo "$ac_t""yes" 1>&6 |
||||||
|
+ ac_tr_lib=HAVE_LIB`echo resolv | sed -e 's/[^a-zA-Z0-9_]/_/g' \ |
||||||
|
+ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` |
||||||
|
+ cat >> confdefs.h <<EOF |
||||||
|
+#define $ac_tr_lib 1 |
||||||
|
+EOF |
||||||
|
+ |
||||||
|
+ LIBS="-lresolv $LIBS" |
||||||
|
+ |
||||||
|
+else |
||||||
|
+ echo "$ac_t""no" 1>&6 |
||||||
|
+fi |
||||||
|
+ |
||||||
|
for ac_func in dirname strlcpy strlcat strsep |
||||||
|
do |
||||||
|
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 |
||||||
|
-echo "configure:2674: checking for $ac_func" >&5 |
||||||
|
+echo "configure:2721: checking for $ac_func" >&5 |
||||||
|
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then |
||||||
|
echo $ac_n "(cached) $ac_c" 1>&6 |
||||||
|
else |
||||||
|
cat > conftest.$ac_ext <<EOF |
||||||
|
-#line 2679 "configure" |
||||||
|
+#line 2726 "configure" |
||||||
|
#include "confdefs.h" |
||||||
|
/* System header to define __stub macros and hopefully few prototypes, |
||||||
|
which can conflict with char $ac_func(); below. */ |
||||||
|
@@ -2698,7 +2745,7 @@ |
||||||
|
|
||||||
|
; return 0; } |
||||||
|
EOF |
||||||
|
-if { (eval echo configure:2702: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||||
|
+if { (eval echo configure:2749: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||||
|
rm -rf conftest* |
||||||
|
eval "ac_cv_func_$ac_func=yes" |
||||||
|
else |
||||||
|
@@ -2728,12 +2775,12 @@ |
||||||
|
for ac_func in MD5Update |
||||||
|
do |
||||||
|
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 |
||||||
|
-echo "configure:2732: checking for $ac_func" >&5 |
||||||
|
+echo "configure:2779: checking for $ac_func" >&5 |
||||||
|
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then |
||||||
|
echo $ac_n "(cached) $ac_c" 1>&6 |
||||||
|
else |
||||||
|
cat > conftest.$ac_ext <<EOF |
||||||
|
-#line 2737 "configure" |
||||||
|
+#line 2784 "configure" |
||||||
|
#include "confdefs.h" |
||||||
|
/* System header to define __stub macros and hopefully few prototypes, |
||||||
|
which can conflict with char $ac_func(); below. */ |
||||||
|
@@ -2756,7 +2803,7 @@ |
||||||
|
|
||||||
|
; return 0; } |
||||||
|
EOF |
||||||
|
-if { (eval echo configure:2760: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||||
|
+if { (eval echo configure:2807: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||||
|
rm -rf conftest* |
||||||
|
eval "ac_cv_func_$ac_func=yes" |
||||||
|
else |
||||||
|
@@ -2788,12 +2835,12 @@ |
||||||
|
for ac_func in warnx |
||||||
|
do |
||||||
|
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 |
||||||
|
-echo "configure:2792: checking for $ac_func" >&5 |
||||||
|
+echo "configure:2839: checking for $ac_func" >&5 |
||||||
|
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then |
||||||
|
echo $ac_n "(cached) $ac_c" 1>&6 |
||||||
|
else |
||||||
|
cat > conftest.$ac_ext <<EOF |
||||||
|
-#line 2797 "configure" |
||||||
|
+#line 2844 "configure" |
||||||
|
#include "confdefs.h" |
||||||
|
/* System header to define __stub macros and hopefully few prototypes, |
||||||
|
which can conflict with char $ac_func(); below. */ |
||||||
|
@@ -2816,7 +2863,7 @@ |
||||||
|
|
||||||
|
; return 0; } |
||||||
|
EOF |
||||||
|
-if { (eval echo configure:2820: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||||
|
+if { (eval echo configure:2867: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||||
|
rm -rf conftest* |
||||||
|
eval "ac_cv_func_$ac_func=yes" |
||||||
|
else |
||||||
|
@@ -2848,12 +2895,12 @@ |
||||||
|
for ac_func in ether_ntoa |
||||||
|
do |
||||||
|
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 |
||||||
|
-echo "configure:2852: checking for $ac_func" >&5 |
||||||
|
+echo "configure:2899: checking for $ac_func" >&5 |
||||||
|
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then |
||||||
|
echo $ac_n "(cached) $ac_c" 1>&6 |
||||||
|
else |
||||||
|
cat > conftest.$ac_ext <<EOF |
||||||
|
-#line 2857 "configure" |
||||||
|
+#line 2904 "configure" |
||||||
|
#include "confdefs.h" |
||||||
|
/* System header to define __stub macros and hopefully few prototypes, |
||||||
|
which can conflict with char $ac_func(); below. */ |
||||||
|
@@ -2876,7 +2923,7 @@ |
||||||
|
|
||||||
|
; return 0; } |
||||||
|
EOF |
||||||
|
-if { (eval echo configure:2880: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||||
|
+if { (eval echo configure:2927: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then |
||||||
|
rm -rf conftest* |
||||||
|
eval "ac_cv_func_$ac_func=yes" |
||||||
|
else |
||||||
|
@@ -2912,7 +2959,7 @@ |
||||||
|
fi |
||||||
|
|
||||||
|
echo $ac_n "checking for Berkeley DB with 1.85 compatibility""... $ac_c" 1>&6 |
||||||
|
-echo "configure:2916: checking for Berkeley DB with 1.85 compatibility" >&5 |
||||||
|
+echo "configure:2963: checking for Berkeley DB with 1.85 compatibility" >&5 |
||||||
|
# Check whether --with-db or --without-db was given. |
||||||
|
if test "${with_db+set}" = set; then |
||||||
|
withval="$with_db" |
||||||
|
@@ -3015,7 +3062,7 @@ |
||||||
|
|
||||||
|
|
||||||
|
echo $ac_n "checking for libpcap""... $ac_c" 1>&6 |
||||||
|
-echo "configure:3019: checking for libpcap" >&5 |
||||||
|
+echo "configure:3066: checking for libpcap" >&5 |
||||||
|
# Check whether --with-libpcap or --without-libpcap was given. |
||||||
|
if test "${with_libpcap+set}" = set; then |
||||||
|
withval="$with_libpcap" |
||||||
|
@@ -3063,7 +3110,7 @@ |
||||||
|
|
||||||
|
|
||||||
|
echo $ac_n "checking for libnet""... $ac_c" 1>&6 |
||||||
|
-echo "configure:3067: checking for libnet" >&5 |
||||||
|
+echo "configure:3114: checking for libnet" >&5 |
||||||
|
# Check whether --with-libnet or --without-libnet was given. |
||||||
|
if test "${with_libnet+set}" = set; then |
||||||
|
withval="$with_libnet" |
||||||
|
@@ -3110,7 +3157,7 @@ |
||||||
|
|
||||||
|
|
||||||
|
echo $ac_n "checking for libnids""... $ac_c" 1>&6 |
||||||
|
-echo "configure:3114: checking for libnids" >&5 |
||||||
|
+echo "configure:3161: checking for libnids" >&5 |
||||||
|
# Check whether --with-libnids or --without-libnids was given. |
||||||
|
if test "${with_libnids+set}" = set; then |
||||||
|
withval="$with_libnids" |
||||||
|
@@ -3152,9 +3199,9 @@ |
||||||
|
save_cppflags="$CPPFLAGS" |
||||||
|
CPPFLAGS="$NIDSINC" |
||||||
|
echo $ac_n "checking whether libnids version is good""... $ac_c" 1>&6 |
||||||
|
-echo "configure:3156: checking whether libnids version is good" >&5 |
||||||
|
+echo "configure:3203: checking whether libnids version is good" >&5 |
||||||
|
cat > conftest.$ac_ext <<EOF |
||||||
|
-#line 3158 "configure" |
||||||
|
+#line 3205 "configure" |
||||||
|
#include "confdefs.h" |
||||||
|
#include <nids.h> |
||||||
|
EOF |
||||||
|
@@ -3173,7 +3220,7 @@ |
||||||
|
|
||||||
|
|
||||||
|
echo $ac_n "checking for OpenSSL""... $ac_c" 1>&6 |
||||||
|
-echo "configure:3177: checking for OpenSSL" >&5 |
||||||
|
+echo "configure:3224: checking for OpenSSL" >&5 |
||||||
|
# Check whether --with-openssl or --without-openssl was given. |
||||||
|
if test "${with_openssl+set}" = set; then |
||||||
|
withval="$with_openssl" |
||||||
|
--- dsniff-2.4b1/configure.in 2005-06-23 03:30:37.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/configure.in.amd64_fix 2005-06-23 04:16:01.000000000 +0000 |
||||||
|
@@ -57,6 +57,7 @@ |
||||||
|
AC_CHECK_LIB(nsl, gethostbyname) |
||||||
|
dnl XXX - feh, everything except OpenBSD sux. |
||||||
|
AC_CHECK_LIB(resolv, dn_expand) |
||||||
|
+AC_CHECK_LIB(resolv, __dn_expand) |
||||||
|
AC_REPLACE_FUNCS(dirname strlcpy strlcat strsep) |
||||||
|
needmd5=no |
||||||
|
AC_CHECK_FUNCS(MD5Update, , [needmd5=yes]) |
@ -0,0 +1,63 @@ |
|||||||
|
Patch by Luciano Bello <luciano@linux.org.ar> for dsniff >= 2.4b1, which |
||||||
|
adds the missing includes of arpa/inet. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/decode_aim.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_aim.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||||
|
@@ -14,6 +14,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <arpa/inet.h> |
||||||
|
|
||||||
|
#include "hex.h" |
||||||
|
#include "buf.h" |
||||||
|
--- dsniff-2.4b1/decode_mmxp.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_mmxp.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||||
|
@@ -21,6 +21,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <arpa/inet.h> |
||||||
|
|
||||||
|
#include "buf.h" |
||||||
|
#include "decode.h" |
||||||
|
--- dsniff-2.4b1/decode_pptp.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_pptp.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||||
|
@@ -16,6 +16,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <arpa/inet.h> |
||||||
|
|
||||||
|
#include "buf.h" |
||||||
|
#include "decode.h" |
||||||
|
--- dsniff-2.4b1/decode_tds.c 2007-06-17 16:26:46.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_tds.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||||
|
@@ -19,6 +19,7 @@ |
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
#include <strlcat.h> |
||||||
|
+#include <arpa/inet.h> |
||||||
|
|
||||||
|
#include "decode.h" |
||||||
|
|
||||||
|
--- dsniff-2.4b1/decode_vrrp.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_vrrp.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||||
|
@@ -15,6 +15,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <arpa/inet.h> |
||||||
|
|
||||||
|
#include "buf.h" |
||||||
|
#include "decode.h" |
||||||
|
--- dsniff-2.4b1/ssh.c 2007-06-17 16:26:46.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/ssh.c.inet 2007-06-17 16:26:46.000000000 -0300 |
||||||
|
@@ -23,6 +23,7 @@ |
||||||
|
#include <stdio.h> |
||||||
|
#include <stdlib.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <arpa/inet.h> |
||||||
|
#include <unistd.h> |
||||||
|
|
||||||
|
#include "hex.h" |
@ -0,0 +1,218 @@ |
|||||||
|
Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to allow the |
||||||
|
selection of source hw address. |
||||||
|
|
||||||
|
In certain networks, sending with the wrong hardware source address can jeopardize |
||||||
|
the network connection of the host running arpspoof. This patch makes it possible |
||||||
|
to specify whether arpspoof should use the own hardware address or the one of the |
||||||
|
real host when resetting the arp table of the target systems; it is also possible |
||||||
|
to use both. |
||||||
|
|
||||||
|
For some more information, please have a look to Debian bug ID #650752. |
||||||
|
|
||||||
|
--- dsniff-2.4/arpspoof.8 2013-12-20 20:54:25.000000000 +0100 |
||||||
|
+++ dsniff-2.4/arpspoof.8.arpspoof_hwaddr 2013-12-20 20:55:19.000000000 +0100 |
||||||
|
@@ -9,7 +9,7 @@ |
||||||
|
.na |
||||||
|
.nf |
||||||
|
.fi |
||||||
|
-\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR |
||||||
|
+\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-c \fIown|host|both\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR |
||||||
|
.SH DESCRIPTION |
||||||
|
.ad |
||||||
|
.fi |
||||||
|
@@ -23,6 +23,13 @@ |
||||||
|
.SH OPTIONS |
||||||
|
.IP "\fB-i \fIinterface\fR" |
||||||
|
Specify the interface to use. |
||||||
|
+.IP "\fB-c \fIown|host|both\fR" |
||||||
|
+Specify which hardware address t use when restoring the arp configuration; |
||||||
|
+while cleaning up, packets can be send with the own address as well as with |
||||||
|
+the address of the host. Sending packets with a fake hw address can disrupt |
||||||
|
+connectivity with certain switch/ap/bridge configurations, however it works |
||||||
|
+more reliably than using the own address, which is the default way arpspoof |
||||||
|
+cleans up afterwards. |
||||||
|
.IP "\fB-t \fItarget\fR" |
||||||
|
Specify a particular host to ARP poison (if not specified, all hosts |
||||||
|
on the LAN). Repeat to specify multiple hosts. |
||||||
|
--- dsniff-2.4/arpspoof.c 2013-12-20 20:54:25.000000000 +0100 |
||||||
|
+++ dsniff-2.4/arpspoof.c.arpspoof_hwaddr 2013-12-20 21:02:10.000000000 +0100 |
||||||
|
@@ -40,37 +40,36 @@ |
||||||
|
static char *intf; |
||||||
|
static int poison_reverse; |
||||||
|
|
||||||
|
+static uint8_t *my_ha = NULL; |
||||||
|
+static uint8_t *brd_ha = "\xff\xff\xff\xff\xff\xff"; |
||||||
|
+ |
||||||
|
+static int cleanup_src_own = 1; |
||||||
|
+static int cleanup_src_host = 0; |
||||||
|
+ |
||||||
|
static void |
||||||
|
usage(void) |
||||||
|
{ |
||||||
|
fprintf(stderr, "Version: " VERSION "\n" |
||||||
|
- "Usage: arpspoof [-i interface] [-t target] [-r] host\n"); |
||||||
|
+ "Usage: arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host\n"); |
||||||
|
exit(1); |
||||||
|
} |
||||||
|
|
||||||
|
static int |
||||||
|
-arp_send(libnet_t *l, int op, u_int8_t *sha, |
||||||
|
- in_addr_t spa, u_int8_t *tha, in_addr_t tpa) |
||||||
|
+arp_send(libnet_t *l, int op, |
||||||
|
+ u_int8_t *sha, in_addr_t spa, |
||||||
|
+ u_int8_t *tha, in_addr_t tpa, |
||||||
|
+ u_int8_t *me) |
||||||
|
{ |
||||||
|
int retval; |
||||||
|
|
||||||
|
- if (sha == NULL && |
||||||
|
- (sha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { |
||||||
|
- return (-1); |
||||||
|
- } |
||||||
|
- if (spa == 0) { |
||||||
|
- if ((spa = libnet_get_ipaddr4(l)) == -1) |
||||||
|
- return (-1); |
||||||
|
- } |
||||||
|
- if (tha == NULL) |
||||||
|
- tha = "\xff\xff\xff\xff\xff\xff"; |
||||||
|
+ if (!me) me = sha; |
||||||
|
|
||||||
|
libnet_autobuild_arp(op, sha, (u_int8_t *)&spa, |
||||||
|
tha, (u_int8_t *)&tpa, l); |
||||||
|
- libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, l, 0); |
||||||
|
+ libnet_build_ethernet(tha, me, ETHERTYPE_ARP, NULL, 0, l, 0); |
||||||
|
|
||||||
|
fprintf(stderr, "%s ", |
||||||
|
- ether_ntoa((struct ether_addr *)sha)); |
||||||
|
+ ether_ntoa((struct ether_addr *)me)); |
||||||
|
|
||||||
|
if (op == ARPOP_REQUEST) { |
||||||
|
fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n", |
||||||
|
@@ -129,7 +128,7 @@ |
||||||
|
/* XXX - force the kernel to arp. feh. */ |
||||||
|
arp_force(ip); |
||||||
|
#else |
||||||
|
- arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip); |
||||||
|
+ arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip, NULL); |
||||||
|
#endif |
||||||
|
sleep(1); |
||||||
|
} |
||||||
|
@@ -156,17 +155,22 @@ |
||||||
|
int fw = arp_find(spoof.ip, &spoof.mac); |
||||||
|
int bw = poison_reverse && targets[0].ip && arp_find_all(); |
||||||
|
int i; |
||||||
|
+ int rounds = (cleanup_src_own*5 + cleanup_src_host*5); |
||||||
|
|
||||||
|
fprintf(stderr, "Cleaning up and re-arping targets...\n"); |
||||||
|
- for (i = 0; i < 5; i++) { |
||||||
|
+ for (i = 0; i < rounds; i++) { |
||||||
|
struct host *target = targets; |
||||||
|
while(target->ip) { |
||||||
|
+ uint8_t *src_ha = NULL; |
||||||
|
+ if (cleanup_src_own && (i%2 || !cleanup_src_host)) { |
||||||
|
+ src_ha = my_ha; |
||||||
|
+ } |
||||||
|
/* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||||
|
if (fw) { |
||||||
|
arp_send(l, ARPOP_REPLY, |
||||||
|
(u_int8_t *)&spoof.mac, spoof.ip, |
||||||
|
- (target->ip ? (u_int8_t *)&target->mac : NULL), |
||||||
|
- target->ip); |
||||||
|
+ (target->ip ? (u_int8_t *)&target->mac : brd_ha), |
||||||
|
+ target->ip, src_ha); |
||||||
|
/* we have to wait a moment before sending the next packet */ |
||||||
|
sleep(1); |
||||||
|
} |
||||||
|
@@ -174,7 +178,7 @@ |
||||||
|
arp_send(l, ARPOP_REPLY, |
||||||
|
(u_int8_t *)&target->mac, target->ip, |
||||||
|
(u_int8_t *)&spoof.mac, |
||||||
|
- spoof.ip); |
||||||
|
+ spoof.ip, src_ha); |
||||||
|
sleep(1); |
||||||
|
} |
||||||
|
target++; |
||||||
|
@@ -193,6 +197,7 @@ |
||||||
|
char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
int c; |
||||||
|
int n_targets; |
||||||
|
+ char *cleanup_src = NULL; |
||||||
|
|
||||||
|
spoof.ip = 0; |
||||||
|
intf = NULL; |
||||||
|
@@ -202,7 +207,7 @@ |
||||||
|
/* allocate enough memory for target list */ |
||||||
|
targets = calloc( argc+1, sizeof(struct host) ); |
||||||
|
|
||||||
|
- while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) { |
||||||
|
+ while ((c = getopt(argc, argv, "ri:t:c:h?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'i': |
||||||
|
intf = optarg; |
||||||
|
@@ -214,6 +219,9 @@ |
||||||
|
case 'r': |
||||||
|
poison_reverse = 1; |
||||||
|
break; |
||||||
|
+ case 'c': |
||||||
|
+ cleanup_src = optarg; |
||||||
|
+ break; |
||||||
|
default: |
||||||
|
usage(); |
||||||
|
} |
||||||
|
@@ -229,6 +237,29 @@ |
||||||
|
usage(); |
||||||
|
} |
||||||
|
|
||||||
|
+ if (!cleanup_src || strcmp(cleanup_src, "own") == 0) { /* default! */ |
||||||
|
+ /* only use our own hw address when cleaning up, |
||||||
|
+ * not jeopardizing any bridges on the way to our |
||||||
|
+ * target |
||||||
|
+ */ |
||||||
|
+ cleanup_src_own = 1; |
||||||
|
+ cleanup_src_host = 0; |
||||||
|
+ } else if (strcmp(cleanup_src, "host") == 0) { |
||||||
|
+ /* only use the target hw address when cleaning up; |
||||||
|
+ * this can screw up some bridges and scramble access |
||||||
|
+ * for our own host, however it resets the arp table |
||||||
|
+ * more reliably |
||||||
|
+ */ |
||||||
|
+ cleanup_src_own = 0; |
||||||
|
+ cleanup_src_host = 1; |
||||||
|
+ } else if (strcmp(cleanup_src, "both") == 0) { |
||||||
|
+ cleanup_src_own = 1; |
||||||
|
+ cleanup_src_host = 1; |
||||||
|
+ } else { |
||||||
|
+ errx(1, "Invalid parameter to -c: use 'own' (default), 'host' or 'both'."); |
||||||
|
+ usage(); |
||||||
|
+ } |
||||||
|
+ |
||||||
|
if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
@@ -253,6 +284,10 @@ |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
+ if ((my_ha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { |
||||||
|
+ errx(1, "Unable to determine own mac address"); |
||||||
|
+ } |
||||||
|
+ |
||||||
|
signal(SIGHUP, cleanup); |
||||||
|
signal(SIGINT, cleanup); |
||||||
|
signal(SIGTERM, cleanup); |
||||||
|
@@ -260,11 +295,11 @@ |
||||||
|
for (;;) { |
||||||
|
struct host *target = targets; |
||||||
|
while(target->ip) { |
||||||
|
- arp_send(l, ARPOP_REPLY, NULL, spoof.ip, |
||||||
|
- (target->ip ? (u_int8_t *)&target->mac : NULL), |
||||||
|
- target->ip); |
||||||
|
+ arp_send(l, ARPOP_REPLY, my_ha, spoof.ip, |
||||||
|
+ (target->ip ? (u_int8_t *)&target->mac : brd_ha), |
||||||
|
+ target->ip, my_ha); |
||||||
|
if (poison_reverse) { |
||||||
|
- arp_send(l, ARPOP_REPLY, NULL, target->ip, (uint8_t *)&spoof.mac, spoof.ip); |
||||||
|
+ arp_send(l, ARPOP_REPLY, my_ha, target->ip, (uint8_t *)&spoof.mac, spoof.ip, my_ha); |
||||||
|
} |
||||||
|
target++; |
||||||
|
} |
@ -0,0 +1,186 @@ |
|||||||
|
Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to allow the use |
||||||
|
of of multiple targets. For some more information, please have a look to Debian bug |
||||||
|
ID #650751. |
||||||
|
|
||||||
|
--- dsniff-2.4/arpspoof.8 2013-12-20 20:40:36.000000000 +0100 |
||||||
|
+++ dsniff-2.4/arpspoof.8.arpspoof_multiple 2013-12-20 20:41:45.000000000 +0100 |
||||||
|
@@ -25,7 +25,7 @@ |
||||||
|
Specify the interface to use. |
||||||
|
.IP "\fB-t \fItarget\fR" |
||||||
|
Specify a particular host to ARP poison (if not specified, all hosts |
||||||
|
-on the LAN). |
||||||
|
+on the LAN). Repeat to specify multiple hosts. |
||||||
|
.IP "\fB\-r\fR" |
||||||
|
Poison both hosts (host and target) to capture traffic in both directions. |
||||||
|
(only valid in conjuntion with \-t) |
||||||
|
--- dsniff-2.4/arpspoof.c 2013-12-20 20:40:36.000000000 +0100 |
||||||
|
+++ dsniff-2.4/arpspoof.c.arpspoof_multiple 2013-12-20 20:50:34.000000000 +0100 |
||||||
|
@@ -27,11 +27,16 @@ |
||||||
|
#include "arp.h" |
||||||
|
#include "version.h" |
||||||
|
|
||||||
|
+struct host { |
||||||
|
+ in_addr_t ip; |
||||||
|
+ struct ether_addr mac; |
||||||
|
+}; |
||||||
|
+ |
||||||
|
extern char *ether_ntoa(struct ether_addr *); |
||||||
|
|
||||||
|
static libnet_t *l; |
||||||
|
-static struct ether_addr spoof_mac, target_mac; |
||||||
|
-static in_addr_t spoof_ip, target_ip; |
||||||
|
+static struct host spoof = {0}; |
||||||
|
+static struct host *targets; |
||||||
|
static char *intf; |
||||||
|
static int poison_reverse; |
||||||
|
|
||||||
|
@@ -133,30 +138,46 @@ |
||||||
|
return (0); |
||||||
|
} |
||||||
|
|
||||||
|
+static int arp_find_all() { |
||||||
|
+ struct host *target = targets; |
||||||
|
+ while(target->ip) { |
||||||
|
+ if (arp_find(target->ip, &target->mac)) { |
||||||
|
+ return 1; |
||||||
|
+ } |
||||||
|
+ target++; |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ return 0; |
||||||
|
+} |
||||||
|
+ |
||||||
|
static void |
||||||
|
cleanup(int sig) |
||||||
|
{ |
||||||
|
- int fw = arp_find(spoof_ip, &spoof_mac); |
||||||
|
- int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac); |
||||||
|
+ int fw = arp_find(spoof.ip, &spoof.mac); |
||||||
|
+ int bw = poison_reverse && targets[0].ip && arp_find_all(); |
||||||
|
int i; |
||||||
|
|
||||||
|
fprintf(stderr, "Cleaning up and re-arping targets...\n"); |
||||||
|
for (i = 0; i < 5; i++) { |
||||||
|
- /* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||||
|
- if (fw) { |
||||||
|
- arp_send(l, ARPOP_REPLY, |
||||||
|
- (u_int8_t *)&spoof_mac, spoof_ip, |
||||||
|
- (target_ip ? (u_int8_t *)&target_mac : NULL), |
||||||
|
- target_ip); |
||||||
|
- /* we have to wait a moment before sending the next packet */ |
||||||
|
- sleep(1); |
||||||
|
- } |
||||||
|
- if (bw) { |
||||||
|
- arp_send(l, ARPOP_REPLY, |
||||||
|
- (u_int8_t *)&target_mac, target_ip, |
||||||
|
- (u_int8_t *)&spoof_mac, |
||||||
|
- spoof_ip); |
||||||
|
- sleep(1); |
||||||
|
+ struct host *target = targets; |
||||||
|
+ while(target->ip) { |
||||||
|
+ /* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||||
|
+ if (fw) { |
||||||
|
+ arp_send(l, ARPOP_REPLY, |
||||||
|
+ (u_int8_t *)&spoof.mac, spoof.ip, |
||||||
|
+ (target->ip ? (u_int8_t *)&target->mac : NULL), |
||||||
|
+ target->ip); |
||||||
|
+ /* we have to wait a moment before sending the next packet */ |
||||||
|
+ sleep(1); |
||||||
|
+ } |
||||||
|
+ if (bw) { |
||||||
|
+ arp_send(l, ARPOP_REPLY, |
||||||
|
+ (u_int8_t *)&target->mac, target->ip, |
||||||
|
+ (u_int8_t *)&spoof.mac, |
||||||
|
+ spoof.ip); |
||||||
|
+ sleep(1); |
||||||
|
+ } |
||||||
|
+ target++; |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
@@ -171,10 +192,15 @@ |
||||||
|
char pcap_ebuf[PCAP_ERRBUF_SIZE]; |
||||||
|
char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
int c; |
||||||
|
+ int n_targets; |
||||||
|
|
||||||
|
+ spoof.ip = 0; |
||||||
|
intf = NULL; |
||||||
|
- spoof_ip = target_ip = 0; |
||||||
|
poison_reverse = 0; |
||||||
|
+ n_targets = 0; |
||||||
|
+ |
||||||
|
+ /* allocate enough memory for target list */ |
||||||
|
+ targets = calloc( argc+1, sizeof(struct host) ); |
||||||
|
|
||||||
|
while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
@@ -182,7 +208,7 @@ |
||||||
|
intf = optarg; |
||||||
|
break; |
||||||
|
case 't': |
||||||
|
- if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) |
||||||
|
+ if ((targets[n_targets++].ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) |
||||||
|
usage(); |
||||||
|
break; |
||||||
|
case 'r': |
||||||
|
@@ -198,12 +224,12 @@ |
||||||
|
if (argc != 1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
- if (poison_reverse && !target_ip) { |
||||||
|
+ if (poison_reverse && !n_targets) { |
||||||
|
errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t)."); |
||||||
|
usage(); |
||||||
|
} |
||||||
|
|
||||||
|
- if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
+ if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL) |
||||||
|
@@ -212,14 +238,18 @@ |
||||||
|
if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL) |
||||||
|
errx(1, "%s", libnet_ebuf); |
||||||
|
|
||||||
|
- if (target_ip != 0 && !arp_find(target_ip, &target_mac)) |
||||||
|
- errx(1, "couldn't arp for host %s", |
||||||
|
- libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); |
||||||
|
+ struct host *target = targets; |
||||||
|
+ while(target->ip) { |
||||||
|
+ if (target->ip != 0 && !arp_find(target->ip, &target->mac)) |
||||||
|
+ errx(1, "couldn't arp for host %s", |
||||||
|
+ libnet_addr2name4(target->ip, LIBNET_DONT_RESOLVE)); |
||||||
|
+ target++; |
||||||
|
+ } |
||||||
|
|
||||||
|
if (poison_reverse) { |
||||||
|
- if (!arp_find(spoof_ip, &spoof_mac)) { |
||||||
|
+ if (!arp_find(spoof.ip, &spoof.mac)) { |
||||||
|
errx(1, "couldn't arp for spoof host %s", |
||||||
|
- libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE)); |
||||||
|
+ libnet_addr2name4(spoof.ip, LIBNET_DONT_RESOLVE)); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
@@ -228,11 +258,15 @@ |
||||||
|
signal(SIGTERM, cleanup); |
||||||
|
|
||||||
|
for (;;) { |
||||||
|
- arp_send(l, ARPOP_REPLY, NULL, spoof_ip, |
||||||
|
- (target_ip ? (u_int8_t *)&target_mac : NULL), |
||||||
|
- target_ip); |
||||||
|
- if (poison_reverse) { |
||||||
|
- arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip); |
||||||
|
+ struct host *target = targets; |
||||||
|
+ while(target->ip) { |
||||||
|
+ arp_send(l, ARPOP_REPLY, NULL, spoof.ip, |
||||||
|
+ (target->ip ? (u_int8_t *)&target->mac : NULL), |
||||||
|
+ target->ip); |
||||||
|
+ if (poison_reverse) { |
||||||
|
+ arp_send(l, ARPOP_REPLY, NULL, target->ip, (uint8_t *)&spoof.mac, spoof.ip); |
||||||
|
+ } |
||||||
|
+ target++; |
||||||
|
} |
||||||
|
sleep(2); |
||||||
|
} |
@ -0,0 +1,142 @@ |
|||||||
|
Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to add add -r |
||||||
|
switch to poison both directions. For some more information, please have a look to |
||||||
|
Debian bug ID #650749. |
||||||
|
|
||||||
|
--- dsniff-2.4/arpspoof.8 2000-11-28 08:43:43.000000000 +0100 |
||||||
|
+++ dsniff-2.4/arpspoof.8.arpspoof_reverse 2013-12-20 20:27:49.000000000 +0100 |
||||||
|
@@ -9,7 +9,7 @@ |
||||||
|
.na |
||||||
|
.nf |
||||||
|
.fi |
||||||
|
-\fBarpspoof\fR [\fB-i \fIinterface\fR] [\fB-t \fItarget\fR] \fIhost\fR |
||||||
|
+\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR |
||||||
|
.SH DESCRIPTION |
||||||
|
.ad |
||||||
|
.fi |
||||||
|
@@ -26,6 +26,9 @@ |
||||||
|
.IP "\fB-t \fItarget\fR" |
||||||
|
Specify a particular host to ARP poison (if not specified, all hosts |
||||||
|
on the LAN). |
||||||
|
+.IP "\fB\-r\fR" |
||||||
|
+Poison both hosts (host and target) to capture traffic in both directions. |
||||||
|
+(only valid in conjuntion with \-t) |
||||||
|
.IP \fIhost\fR |
||||||
|
Specify the host you wish to intercept packets for (usually the local |
||||||
|
gateway). |
||||||
|
--- dsniff-2.4/arpspoof.c 2013-12-20 20:25:04.000000000 +0100 |
||||||
|
+++ dsniff-2.4/arpspoof.c.arpspoof_reverse 2013-12-20 20:34:31.000000000 +0100 |
||||||
|
@@ -7,6 +7,8 @@ |
||||||
|
* Copyright (c) 1999 Dug Song <dugsong@monkey.org> |
||||||
|
* |
||||||
|
* $Id: arpspoof.c,v 1.5 2001/03/15 08:32:58 dugsong Exp $ |
||||||
|
+ * |
||||||
|
+ * Improved 2011 by Stefan Tomanek <stefa@pico.ruhr.de> |
||||||
|
*/ |
||||||
|
|
||||||
|
#include "config.h" |
||||||
|
@@ -31,12 +33,13 @@ |
||||||
|
static struct ether_addr spoof_mac, target_mac; |
||||||
|
static in_addr_t spoof_ip, target_ip; |
||||||
|
static char *intf; |
||||||
|
+static int poison_reverse; |
||||||
|
|
||||||
|
static void |
||||||
|
usage(void) |
||||||
|
{ |
||||||
|
fprintf(stderr, "Version: " VERSION "\n" |
||||||
|
- "Usage: arpspoof [-i interface] [-t target] host\n"); |
||||||
|
+ "Usage: arpspoof [-i interface] [-t target] [-r] host\n"); |
||||||
|
exit(1); |
||||||
|
} |
||||||
|
|
||||||
|
@@ -133,18 +136,30 @@ |
||||||
|
static void |
||||||
|
cleanup(int sig) |
||||||
|
{ |
||||||
|
+ int fw = arp_find(spoof_ip, &spoof_mac); |
||||||
|
+ int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac); |
||||||
|
int i; |
||||||
|
|
||||||
|
- if (arp_find(spoof_ip, &spoof_mac)) { |
||||||
|
- for (i = 0; i < 3; i++) { |
||||||
|
- /* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||||
|
+ fprintf(stderr, "Cleaning up and re-arping targets...\n"); |
||||||
|
+ for (i = 0; i < 5; i++) { |
||||||
|
+ /* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||||
|
+ if (fw) { |
||||||
|
arp_send(l, ARPOP_REPLY, |
||||||
|
(u_int8_t *)&spoof_mac, spoof_ip, |
||||||
|
(target_ip ? (u_int8_t *)&target_mac : NULL), |
||||||
|
target_ip); |
||||||
|
+ /* we have to wait a moment before sending the next packet */ |
||||||
|
+ sleep(1); |
||||||
|
+ } |
||||||
|
+ if (bw) { |
||||||
|
+ arp_send(l, ARPOP_REPLY, |
||||||
|
+ (u_int8_t *)&target_mac, target_ip, |
||||||
|
+ (u_int8_t *)&spoof_mac, |
||||||
|
+ spoof_ip); |
||||||
|
sleep(1); |
||||||
|
} |
||||||
|
} |
||||||
|
+ |
||||||
|
exit(0); |
||||||
|
} |
||||||
|
|
||||||
|
@@ -159,8 +174,9 @@ |
||||||
|
|
||||||
|
intf = NULL; |
||||||
|
spoof_ip = target_ip = 0; |
||||||
|
+ poison_reverse = 0; |
||||||
|
|
||||||
|
- while ((c = getopt(argc, argv, "i:t:h?V")) != -1) { |
||||||
|
+ while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'i': |
||||||
|
intf = optarg; |
||||||
|
@@ -169,6 +185,9 @@ |
||||||
|
if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) |
||||||
|
usage(); |
||||||
|
break; |
||||||
|
+ case 'r': |
||||||
|
+ poison_reverse = 1; |
||||||
|
+ break; |
||||||
|
default: |
||||||
|
usage(); |
||||||
|
} |
||||||
|
@@ -179,6 +198,11 @@ |
||||||
|
if (argc != 1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
+ if (poison_reverse && !target_ip) { |
||||||
|
+ errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t)."); |
||||||
|
+ usage(); |
||||||
|
+ } |
||||||
|
+ |
||||||
|
if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
@@ -192,6 +216,13 @@ |
||||||
|
errx(1, "couldn't arp for host %s", |
||||||
|
libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); |
||||||
|
|
||||||
|
+ if (poison_reverse) { |
||||||
|
+ if (!arp_find(spoof_ip, &spoof_mac)) { |
||||||
|
+ errx(1, "couldn't arp for spoof host %s", |
||||||
|
+ libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE)); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ |
||||||
|
signal(SIGHUP, cleanup); |
||||||
|
signal(SIGINT, cleanup); |
||||||
|
signal(SIGTERM, cleanup); |
||||||
|
@@ -200,6 +231,9 @@ |
||||||
|
arp_send(l, ARPOP_REPLY, NULL, spoof_ip, |
||||||
|
(target_ip ? (u_int8_t *)&target_mac : NULL), |
||||||
|
target_ip); |
||||||
|
+ if (poison_reverse) { |
||||||
|
+ arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip); |
||||||
|
+ } |
||||||
|
sleep(2); |
||||||
|
} |
||||||
|
/* NOTREACHED */ |
@ -0,0 +1,27 @@ |
|||||||
|
Patch by iotr Engelking <inkerman42@gmail.com> for dsniff >= 2.4b1, which |
||||||
|
disables the filtering packets with incorrect checksum. And for any further |
||||||
|
information, please have a look to Debian bug ID #372536. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/urlsnarf.c 2006-09-21 01:50:01.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/urlsnarf.c.checksum 2006-09-21 01:51:13.000000000 +0200 |
||||||
|
@@ -200,6 +200,7 @@ |
||||||
|
extern char *optarg; |
||||||
|
extern int optind; |
||||||
|
int c; |
||||||
|
+ struct nids_chksum_ctl chksum_ctl; |
||||||
|
|
||||||
|
while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
@@ -260,6 +261,12 @@ |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
+ chksum_ctl.netaddr = 0; |
||||||
|
+ chksum_ctl.mask = 0; |
||||||
|
+ chksum_ctl.action = NIDS_DONT_CHKSUM; |
||||||
|
+ |
||||||
|
+ nids_register_chksum_ctl(&chksum_ctl, 1); |
||||||
|
+ |
||||||
|
nids_run(); |
||||||
|
|
||||||
|
/* NOTREACHED */ |
@ -0,0 +1,96 @@ |
|||||||
|
Patch by Gleb Paharenko <gpaharenko@gmail.com> for dsniff >= 2.4b1, which |
||||||
|
adds checksum for libnids. For further information, please have a look to |
||||||
|
Debian bug ID #420129. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/dsniff.c 2007-08-11 01:37:33.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/dsniff.c.checksum 2007-08-11 01:38:55.000000000 -0300 |
||||||
|
@@ -70,6 +70,80 @@ |
||||||
|
{ |
||||||
|
} |
||||||
|
|
||||||
|
+ |
||||||
|
+static int get_all_ifaces(struct ifreq **, int *); |
||||||
|
+static unsigned int get_addr_from_ifreq(struct ifreq *); |
||||||
|
+ |
||||||
|
+int all_local_ipaddrs_chksum_disable() |
||||||
|
+{ |
||||||
|
+ struct ifreq *ifaces; |
||||||
|
+ int ifaces_count; |
||||||
|
+ int i, ind = 0; |
||||||
|
+ struct nids_chksum_ctl *ctlp; |
||||||
|
+ unsigned int tmp; |
||||||
|
+ |
||||||
|
+ if (!get_all_ifaces(&ifaces, &ifaces_count)) |
||||||
|
+ return -1; |
||||||
|
+ ctlp = |
||||||
|
+ (struct nids_chksum_ctl *) malloc(ifaces_count * |
||||||
|
+ sizeof(struct |
||||||
|
+ nids_chksum_ctl)); |
||||||
|
+ if (!ctlp) |
||||||
|
+ return -1; |
||||||
|
+ for (i = 0; i < ifaces_count; i++) { |
||||||
|
+ tmp = get_addr_from_ifreq(ifaces + i); |
||||||
|
+ if (tmp) { |
||||||
|
+ ctlp[ind].netaddr = tmp; |
||||||
|
+ ctlp[ind].mask = inet_addr("255.255.255.255"); |
||||||
|
+ ctlp[ind].action = NIDS_DONT_CHKSUM; |
||||||
|
+ ind++; |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ free(ifaces); |
||||||
|
+ nids_register_chksum_ctl(ctlp, ind); |
||||||
|
+} |
||||||
|
+ |
||||||
|
+/* helper functions for Example 2 */ |
||||||
|
+unsigned int get_addr_from_ifreq(struct ifreq *iface) |
||||||
|
+{ |
||||||
|
+ if (iface->ifr_addr.sa_family == AF_INET) |
||||||
|
+ return ((struct sockaddr_in *) &(iface->ifr_addr))-> |
||||||
|
+ sin_addr.s_addr; |
||||||
|
+ return 0; |
||||||
|
+} |
||||||
|
+ |
||||||
|
+static int get_all_ifaces(struct ifreq **ifaces, int *count) |
||||||
|
+{ |
||||||
|
+ int ifaces_size = 8 * sizeof(struct ifreq); |
||||||
|
+ struct ifconf param; |
||||||
|
+ int sock; |
||||||
|
+ unsigned int i; |
||||||
|
+ |
||||||
|
+ *ifaces = malloc(ifaces_size); |
||||||
|
+ sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); |
||||||
|
+ if (sock <= 0) |
||||||
|
+ return 0; |
||||||
|
+ for (;;) { |
||||||
|
+ param.ifc_len = ifaces_size; |
||||||
|
+ param.ifc_req = *ifaces; |
||||||
|
+ if (ioctl(sock, SIOCGIFCONF, ¶m)) |
||||||
|
+ goto err; |
||||||
|
+ if (param.ifc_len < ifaces_size) |
||||||
|
+ break; |
||||||
|
+ free(*ifaces); |
||||||
|
+ ifaces_size *= 2; |
||||||
|
+ ifaces = malloc(ifaces_size); |
||||||
|
+ } |
||||||
|
+ *count = param.ifc_len / sizeof(struct ifreq); |
||||||
|
+ close(sock); |
||||||
|
+ return 1; |
||||||
|
+ err: |
||||||
|
+ close(sock); |
||||||
|
+ return 0; |
||||||
|
+} |
||||||
|
+ |
||||||
|
+ |
||||||
|
+ |
||||||
|
int |
||||||
|
main(int argc, char *argv[]) |
||||||
|
{ |
||||||
|
@@ -189,6 +263,8 @@ |
||||||
|
warnx("using %s", nids_params.filename); |
||||||
|
} |
||||||
|
} |
||||||
|
+ |
||||||
|
+ all_local_ipaddrs_chksum_disable(); |
||||||
|
|
||||||
|
nids_run(); |
||||||
|
|
@ -0,0 +1,60 @@ |
|||||||
|
Patch by Steve Kemp <skx@debian.org> for dsniff >= 2.4b1, which changes |
||||||
|
various paths for the Fedora directory structure. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/Makefile.in 2005-06-23 03:30:37.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/Makefile.in.fedora 2005-06-23 04:17:14.000000000 +0000 |
||||||
|
@@ -11,7 +11,7 @@ |
||||||
|
install_prefix = |
||||||
|
prefix = @prefix@ |
||||||
|
exec_prefix = @exec_prefix@ |
||||||
|
-libdir = @libdir@ |
||||||
|
+libdir = @sysconfdir@/dsniff |
||||||
|
sbindir = @sbindir@ |
||||||
|
mandir = @mandir@ |
||||||
|
|
||||||
|
@@ -37,8 +37,7 @@ |
||||||
|
X11INC = @X_CFLAGS@ |
||||||
|
X11LIB = @X_LIBS@ @X_PRE_LIBS@ -lXmu -lX11 @X_EXTRA_LIBS@ |
||||||
|
|
||||||
|
-INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \ |
||||||
|
- -I$(srcdir)/missing |
||||||
|
+INCS = -I. $(X11INC) $(SSLINC) -I$(srcdir)/missing |
||||||
|
LIBS = @LIBS@ -L$(srcdir) -lmissing |
||||||
|
|
||||||
|
INSTALL = @INSTALL@ |
||||||
|
--- dsniff-2.4b1/dnsspoof.8 2005-06-23 03:30:37.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/dnsspoof.8.fedora 2005-06-23 04:17:37.000000000 +0000 |
||||||
|
@@ -31,7 +31,7 @@ |
||||||
|
address queries on the LAN with an answer of the local machine's IP |
||||||
|
address. |
||||||
|
.SH FILES |
||||||
|
-.IP \fI/usr/local/lib/dnsspoof.hosts\fR |
||||||
|
+.IP \fI/etc/dsniff/dnsspoof.hosts\fR |
||||||
|
Sample hosts file. |
||||||
|
.SH "SEE ALSO" |
||||||
|
dsniff(8), hosts(5) |
||||||
|
--- dsniff-2.4b1/dsniff.8 2005-06-23 04:17:06.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/dsniff.8.fedora 2005-06-23 04:18:21.000000000 +0000 |
||||||
|
@@ -68,9 +68,9 @@ |
||||||
|
On a hangup signal \fBdsniff\fR will dump its current trigger table to |
||||||
|
\fIdsniff.services\fR. |
||||||
|
.SH FILES |
||||||
|
-.IP \fI/usr/local/lib/dsniff.services\fR |
||||||
|
+.IP \fI/etc/dsniff/dsniff.services\fR |
||||||
|
Default trigger table |
||||||
|
-.IP \fI/usr/local/lib/dsniff.magic\fR |
||||||
|
+.IP \fI/etc/dsniff/dsniff.magic\fR |
||||||
|
Network protocol magic |
||||||
|
.SH "SEE ALSO" |
||||||
|
arpspoof(8), libnids(3), services(5), magic(5) |
||||||
|
--- dsniff-2.4b1/pathnames.h 2005-06-23 03:30:37.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/pathnames.h.fedora 2005-06-23 04:17:25.000000000 +0000 |
||||||
|
@@ -12,7 +12,7 @@ |
||||||
|
#define PATHNAMES_H |
||||||
|
|
||||||
|
#ifndef DSNIFF_LIBDIR |
||||||
|
-#define DSNIFF_LIBDIR "/usr/local/lib/" |
||||||
|
+#define DSNIFF_LIBDIR "/etc/dsniff/" |
||||||
|
#endif |
||||||
|
|
||||||
|
#define DSNIFF_SERVICES "dsniff.services" |
@ -0,0 +1,14 @@ |
|||||||
|
Patch by Robert Scheck <robert@fedoraproject.org> for dsniff >= 2.4b1, that |
||||||
|
adds some missing linkages to glib2. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/Makefile.in 2007-11-24 13:56:47.000000000 +0100 |
||||||
|
+++ dsniff-2.4b1/Makefile.in.glib2 2007-11-24 15:40:55.000000000 +0100 |
||||||
|
@@ -26,7 +26,7 @@ |
||||||
|
LNETLIB = @LNETLIB@ |
||||||
|
|
||||||
|
NIDSINC = @NIDSINC@ |
||||||
|
-NIDSLIB = @NIDSLIB@ |
||||||
|
+NIDSLIB = @NIDSLIB@ -lglib-2.0 -lgthread-2.0 -lpthread |
||||||
|
|
||||||
|
DBINC = @DBINC@ |
||||||
|
DBLIB = @DBLIB@ |
@ -0,0 +1,904 @@ |
|||||||
|
Patch for dsniff >= 2.4b1, which adds support for libnet >= 1.1 having a |
||||||
|
completely rewritten API. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/arpspoof.c 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
+++ dsniff-2.4b1/arpspoof.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -27,7 +27,7 @@ |
||||||
|
|
||||||
|
extern char *ether_ntoa(struct ether_addr *); |
||||||
|
|
||||||
|
-static struct libnet_link_int *llif; |
||||||
|
+static libnet_t *l; |
||||||
|
static struct ether_addr spoof_mac, target_mac; |
||||||
|
static in_addr_t spoof_ip, target_ip; |
||||||
|
static char *intf; |
||||||
|
@@ -41,47 +41,49 @@ |
||||||
|
} |
||||||
|
|
||||||
|
static int |
||||||
|
-arp_send(struct libnet_link_int *llif, char *dev, |
||||||
|
- int op, u_char *sha, in_addr_t spa, u_char *tha, in_addr_t tpa) |
||||||
|
+arp_send(libnet_t *l, int op, u_int8_t *sha, |
||||||
|
+ in_addr_t spa, u_int8_t *tha, in_addr_t tpa) |
||||||
|
{ |
||||||
|
- char ebuf[128]; |
||||||
|
- u_char pkt[60]; |
||||||
|
- |
||||||
|
+ int retval; |
||||||
|
+ |
||||||
|
if (sha == NULL && |
||||||
|
- (sha = (u_char *)libnet_get_hwaddr(llif, dev, ebuf)) == NULL) { |
||||||
|
+ (sha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { |
||||||
|
return (-1); |
||||||
|
} |
||||||
|
if (spa == 0) { |
||||||
|
- if ((spa = libnet_get_ipaddr(llif, dev, ebuf)) == 0) |
||||||
|
+ if ((spa = libnet_get_ipaddr4(l)) == -1) |
||||||
|
return (-1); |
||||||
|
- spa = htonl(spa); /* XXX */ |
||||||
|
} |
||||||
|
if (tha == NULL) |
||||||
|
tha = "\xff\xff\xff\xff\xff\xff"; |
||||||
|
|
||||||
|
- libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, pkt); |
||||||
|
+ libnet_autobuild_arp(op, sha, (u_int8_t *)&spa, |
||||||
|
+ tha, (u_int8_t *)&tpa, l); |
||||||
|
+ libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, l, 0); |
||||||
|
|
||||||
|
- libnet_build_arp(ARPHRD_ETHER, ETHERTYPE_IP, ETHER_ADDR_LEN, 4, |
||||||
|
- op, sha, (u_char *)&spa, tha, (u_char *)&tpa, |
||||||
|
- NULL, 0, pkt + ETH_H); |
||||||
|
- |
||||||
|
fprintf(stderr, "%s ", |
||||||
|
ether_ntoa((struct ether_addr *)sha)); |
||||||
|
|
||||||
|
if (op == ARPOP_REQUEST) { |
||||||
|
fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n", |
||||||
|
ether_ntoa((struct ether_addr *)tha), |
||||||
|
- libnet_host_lookup(tpa, 0), |
||||||
|
- libnet_host_lookup(spa, 0)); |
||||||
|
+ libnet_addr2name4(tpa, LIBNET_DONT_RESOLVE), |
||||||
|
+ libnet_addr2name4(spa, LIBNET_DONT_RESOLVE)); |
||||||
|
} |
||||||
|
else { |
||||||
|
fprintf(stderr, "%s 0806 42: arp reply %s is-at ", |
||||||
|
ether_ntoa((struct ether_addr *)tha), |
||||||
|
- libnet_host_lookup(spa, 0)); |
||||||
|
+ libnet_addr2name4(spa, LIBNET_DONT_RESOLVE)); |
||||||
|
fprintf(stderr, "%s\n", |
||||||
|
ether_ntoa((struct ether_addr *)sha)); |
||||||
|
} |
||||||
|
- return (libnet_write_link_layer(llif, dev, pkt, sizeof(pkt)) == sizeof(pkt)); |
||||||
|
+ retval = libnet_write(l); |
||||||
|
+ if (retval) |
||||||
|
+ fprintf(stderr, "%s", libnet_geterror(l)); |
||||||
|
+ |
||||||
|
+ libnet_clear_packet(l); |
||||||
|
+ |
||||||
|
+ return retval; |
||||||
|
} |
||||||
|
|
||||||
|
#ifdef __linux__ |
||||||
|
@@ -119,7 +121,7 @@ |
||||||
|
/* XXX - force the kernel to arp. feh. */ |
||||||
|
arp_force(ip); |
||||||
|
#else |
||||||
|
- arp_send(llif, intf, ARPOP_REQUEST, NULL, 0, NULL, ip); |
||||||
|
+ arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip); |
||||||
|
#endif |
||||||
|
sleep(1); |
||||||
|
} |
||||||
|
@@ -136,9 +138,9 @@ |
||||||
|
if (arp_find(spoof_ip, &spoof_mac)) { |
||||||
|
for (i = 0; i < 3; i++) { |
||||||
|
/* XXX - on BSD, requires ETHERSPOOF kernel. */ |
||||||
|
- arp_send(llif, intf, ARPOP_REPLY, |
||||||
|
- (u_char *)&spoof_mac, spoof_ip, |
||||||
|
- (target_ip ? (u_char *)&target_mac : NULL), |
||||||
|
+ arp_send(l, ARPOP_REPLY, |
||||||
|
+ (u_int8_t *)&spoof_mac, spoof_ip, |
||||||
|
+ (target_ip ? (u_int8_t *)&target_mac : NULL), |
||||||
|
target_ip); |
||||||
|
sleep(1); |
||||||
|
} |
||||||
|
@@ -151,7 +153,8 @@ |
||||||
|
{ |
||||||
|
extern char *optarg; |
||||||
|
extern int optind; |
||||||
|
- char ebuf[PCAP_ERRBUF_SIZE]; |
||||||
|
+ char pcap_ebuf[PCAP_ERRBUF_SIZE]; |
||||||
|
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
int c; |
||||||
|
|
||||||
|
intf = NULL; |
||||||
|
@@ -163,7 +166,7 @@ |
||||||
|
intf = optarg; |
||||||
|
break; |
||||||
|
case 't': |
||||||
|
- if ((target_ip = libnet_name_resolve(optarg, 1)) == -1) |
||||||
|
+ if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) |
||||||
|
usage(); |
||||||
|
break; |
||||||
|
default: |
||||||
|
@@ -176,26 +179,26 @@ |
||||||
|
if (argc != 1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
- if ((spoof_ip = libnet_name_resolve(argv[0], 1)) == -1) |
||||||
|
+ if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
- if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) |
||||||
|
- errx(1, "%s", ebuf); |
||||||
|
+ if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL) |
||||||
|
+ errx(1, "%s", pcap_ebuf); |
||||||
|
|
||||||
|
- if ((llif = libnet_open_link_interface(intf, ebuf)) == 0) |
||||||
|
- errx(1, "%s", ebuf); |
||||||
|
+ if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL) |
||||||
|
+ errx(1, "%s", libnet_ebuf); |
||||||
|
|
||||||
|
if (target_ip != 0 && !arp_find(target_ip, &target_mac)) |
||||||
|
errx(1, "couldn't arp for host %s", |
||||||
|
- libnet_host_lookup(target_ip, 0)); |
||||||
|
+ libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); |
||||||
|
|
||||||
|
signal(SIGHUP, cleanup); |
||||||
|
signal(SIGINT, cleanup); |
||||||
|
signal(SIGTERM, cleanup); |
||||||
|
|
||||||
|
for (;;) { |
||||||
|
- arp_send(llif, intf, ARPOP_REPLY, NULL, spoof_ip, |
||||||
|
- (target_ip ? (u_char *)&target_mac : NULL), |
||||||
|
+ arp_send(l, ARPOP_REPLY, NULL, spoof_ip, |
||||||
|
+ (target_ip ? (u_int8_t *)&target_mac : NULL), |
||||||
|
target_ip); |
||||||
|
sleep(2); |
||||||
|
} |
||||||
|
--- dsniff-2.4b1/dnsspoof.c 2001-03-15 10:33:03.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/dnsspoof.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -38,7 +38,7 @@ |
||||||
|
|
||||||
|
pcap_t *pcap_pd = NULL; |
||||||
|
int pcap_off = -1; |
||||||
|
-int lnet_sock = -1; |
||||||
|
+libnet_t *l; |
||||||
|
u_long lnet_ip = -1; |
||||||
|
|
||||||
|
static void |
||||||
|
@@ -90,19 +90,18 @@ |
||||||
|
dns_init(char *dev, char *filename) |
||||||
|
{ |
||||||
|
FILE *f; |
||||||
|
- struct libnet_link_int *llif; |
||||||
|
+ libnet_t *l; |
||||||
|
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
struct dnsent *de; |
||||||
|
char *ip, *name, buf[1024]; |
||||||
|
|
||||||
|
- if ((llif = libnet_open_link_interface(dev, buf)) == NULL) |
||||||
|
- errx(1, "%s", buf); |
||||||
|
+ if ((l = libnet_init(LIBNET_LINK, dev, libnet_ebuf)) == NULL) |
||||||
|
+ errx(1, "%s", libnet_ebuf); |
||||||
|
|
||||||
|
- if ((lnet_ip = libnet_get_ipaddr(llif, dev, buf)) == -1) |
||||||
|
- errx(1, "%s", buf); |
||||||
|
+ if ((lnet_ip = libnet_get_ipaddr4(l)) == -1) |
||||||
|
+ errx(1, "%s", libnet_geterror(l)); |
||||||
|
|
||||||
|
- lnet_ip = htonl(lnet_ip); |
||||||
|
- |
||||||
|
- libnet_close_link_interface(llif); |
||||||
|
+ libnet_destroy(l); |
||||||
|
|
||||||
|
SLIST_INIT(&dns_entries); |
||||||
|
|
||||||
|
@@ -180,7 +179,7 @@ |
||||||
|
static void |
||||||
|
dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, const u_char *pkt) |
||||||
|
{ |
||||||
|
- struct libnet_ip_hdr *ip; |
||||||
|
+ struct libnet_ipv4_hdr *ip; |
||||||
|
struct libnet_udp_hdr *udp; |
||||||
|
HEADER *dns; |
||||||
|
char name[MAXHOSTNAMELEN]; |
||||||
|
@@ -189,7 +188,7 @@ |
||||||
|
in_addr_t dst; |
||||||
|
u_short type, class; |
||||||
|
|
||||||
|
- ip = (struct libnet_ip_hdr *)(pkt + pcap_off); |
||||||
|
+ ip = (struct libnet_ipv4_hdr *)(pkt + pcap_off); |
||||||
|
udp = (struct libnet_udp_hdr *)(pkt + pcap_off + (ip->ip_hl * 4)); |
||||||
|
dns = (HEADER *)(udp + 1); |
||||||
|
p = (u_char *)(dns + 1); |
||||||
|
@@ -212,7 +211,7 @@ |
||||||
|
if (class != C_IN) |
||||||
|
return; |
||||||
|
|
||||||
|
- p = buf + IP_H + UDP_H + dnslen; |
||||||
|
+ p = buf + dnslen; |
||||||
|
|
||||||
|
if (type == T_A) { |
||||||
|
if ((dst = dns_lookup_a(name)) == -1) |
||||||
|
@@ -234,38 +233,38 @@ |
||||||
|
anslen += 12; |
||||||
|
} |
||||||
|
else return; |
||||||
|
- |
||||||
|
- libnet_build_ip(UDP_H + dnslen + anslen, 0, libnet_get_prand(PRu16), |
||||||
|
- 0, 64, IPPROTO_UDP, ip->ip_dst.s_addr, |
||||||
|
- ip->ip_src.s_addr, NULL, 0, buf); |
||||||
|
- |
||||||
|
- libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport), |
||||||
|
- NULL, dnslen + anslen, buf + IP_H); |
||||||
|
|
||||||
|
- memcpy(buf + IP_H + UDP_H, (u_char *)dns, dnslen); |
||||||
|
+ memcpy(buf, (u_char *)dns, dnslen); |
||||||
|
|
||||||
|
- dns = (HEADER *)(buf + IP_H + UDP_H); |
||||||
|
+ dns = (HEADER *)buf; |
||||||
|
dns->qr = dns->ra = 1; |
||||||
|
if (type == T_PTR) dns->aa = 1; |
||||||
|
dns->ancount = htons(1); |
||||||
|
|
||||||
|
dnslen += anslen; |
||||||
|
+ |
||||||
|
+ libnet_clear_packet(l); |
||||||
|
+ libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport), |
||||||
|
+ LIBNET_UDP_H + dnslen, 0, |
||||||
|
+ (u_int8_t *)buf, dnslen, l, 0); |
||||||
|
+ |
||||||
|
+ libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_UDP_H + dnslen, 0, |
||||||
|
+ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_UDP, 0, |
||||||
|
+ ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, l, 0); |
||||||
|
|
||||||
|
- libnet_do_checksum(buf, IPPROTO_UDP, UDP_H + dnslen); |
||||||
|
- |
||||||
|
- if (libnet_write_ip(lnet_sock, buf, IP_H + UDP_H + dnslen) < 0) |
||||||
|
+ if (libnet_write(l) < 0) |
||||||
|
warn("write"); |
||||||
|
|
||||||
|
fprintf(stderr, "%s.%d > %s.%d: %d+ %s? %s\n", |
||||||
|
- libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport), |
||||||
|
- libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport), |
||||||
|
+ libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport), |
||||||
|
+ libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport), |
||||||
|
ntohs(dns->id), type == T_A ? "A" : "PTR", name); |
||||||
|
} |
||||||
|
|
||||||
|
static void |
||||||
|
cleanup(int sig) |
||||||
|
{ |
||||||
|
- libnet_close_raw_sock(lnet_sock); |
||||||
|
+ libnet_destroy(l); |
||||||
|
pcap_close(pcap_pd); |
||||||
|
exit(0); |
||||||
|
} |
||||||
|
@@ -276,6 +275,7 @@ |
||||||
|
extern char *optarg; |
||||||
|
extern int optind; |
||||||
|
char *p, *dev, *hosts, buf[1024]; |
||||||
|
+ char ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
int i; |
||||||
|
|
||||||
|
dev = hosts = NULL; |
||||||
|
@@ -306,7 +306,7 @@ |
||||||
|
strlcpy(buf, p, sizeof(buf)); |
||||||
|
} |
||||||
|
else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s", |
||||||
|
- libnet_host_lookup(lnet_ip, 0)); |
||||||
|
+ libnet_addr2name4(lnet_ip, LIBNET_DONT_RESOLVE)); |
||||||
|
|
||||||
|
if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL) |
||||||
|
errx(1, "couldn't initialize sniffing"); |
||||||
|
@@ -314,10 +314,10 @@ |
||||||
|
if ((pcap_off = pcap_dloff(pcap_pd)) < 0) |
||||||
|
errx(1, "couldn't determine link layer offset"); |
||||||
|
|
||||||
|
- if ((lnet_sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) |
||||||
|
+ if ((l = libnet_init(LIBNET_RAW4, dev, ebuf)) == NULL) |
||||||
|
errx(1, "couldn't initialize sending"); |
||||||
|
|
||||||
|
- libnet_seed_prand(); |
||||||
|
+ libnet_seed_prand(l); |
||||||
|
|
||||||
|
signal(SIGHUP, cleanup); |
||||||
|
signal(SIGINT, cleanup); |
||||||
|
--- dsniff-2.4b1/filesnarf.c 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
+++ dsniff-2.4b1/filesnarf.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -134,8 +134,8 @@ |
||||||
|
int fd; |
||||||
|
|
||||||
|
warnx("%s.%d > %s.%d: %s (%d@%d)", |
||||||
|
- libnet_host_lookup(addr->daddr, 0), addr->dest, |
||||||
|
- libnet_host_lookup(addr->saddr, 0), addr->source, |
||||||
|
+ libnet_addr2name4(addr->daddr, LIBNET_DONT_RESOLVE), addr->dest, |
||||||
|
+ libnet_addr2name4(addr->saddr, LIBNET_DONT_RESOLVE), addr->source, |
||||||
|
ma->filename, len, ma->offset); |
||||||
|
|
||||||
|
if ((fd = open(ma->filename, O_WRONLY|O_CREAT, 0644)) >= 0) { |
||||||
|
@@ -353,7 +353,7 @@ |
||||||
|
} |
||||||
|
|
||||||
|
static void |
||||||
|
-decode_udp_nfs(struct libnet_ip_hdr *ip) |
||||||
|
+decode_udp_nfs(struct libnet_ipv4_hdr *ip) |
||||||
|
{ |
||||||
|
static struct tuple4 addr; |
||||||
|
struct libnet_udp_hdr *udp; |
||||||
|
--- dsniff-2.4b1/macof.c 2001-03-15 10:33:04.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/macof.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -48,8 +48,8 @@ |
||||||
|
static void |
||||||
|
gen_mac(u_char *mac) |
||||||
|
{ |
||||||
|
- *((in_addr_t *)mac) = libnet_get_prand(PRu32); |
||||||
|
- *((u_short *)(mac + 4)) = libnet_get_prand(PRu16); |
||||||
|
+ *((in_addr_t *)mac) = libnet_get_prand(LIBNET_PRu32); |
||||||
|
+ *((u_short *)(mac + 4)) = libnet_get_prand(LIBNET_PRu16); |
||||||
|
} |
||||||
|
|
||||||
|
int |
||||||
|
@@ -59,22 +59,23 @@ |
||||||
|
extern int optind; |
||||||
|
int c, i; |
||||||
|
struct libnet_link_int *llif; |
||||||
|
- char ebuf[PCAP_ERRBUF_SIZE]; |
||||||
|
+ char pcap_ebuf[PCAP_ERRBUF_SIZE]; |
||||||
|
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
u_char sha[ETHER_ADDR_LEN], tha[ETHER_ADDR_LEN]; |
||||||
|
in_addr_t src, dst; |
||||||
|
u_short sport, dport; |
||||||
|
u_int32_t seq; |
||||||
|
- u_char pkt[ETH_H + IP_H + TCP_H]; |
||||||
|
+ libnet_t *l; |
||||||
|
|
||||||
|
while ((c = getopt(argc, argv, "vs:d:e:x:y:i:n:h?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'v': |
||||||
|
break; |
||||||
|
case 's': |
||||||
|
- Src = libnet_name_resolve(optarg, 0); |
||||||
|
+ Src = libnet_name2addr4(l, optarg, 0); |
||||||
|
break; |
||||||
|
case 'd': |
||||||
|
- Dst = libnet_name_resolve(optarg, 0); |
||||||
|
+ Dst = libnet_name2addr4(l, optarg, 0); |
||||||
|
break; |
||||||
|
case 'e': |
||||||
|
Tha = (u_char *)ether_aton(optarg); |
||||||
|
@@ -101,13 +102,13 @@ |
||||||
|
if (argc != 0) |
||||||
|
usage(); |
||||||
|
|
||||||
|
- if (!Intf && (Intf = pcap_lookupdev(ebuf)) == NULL) |
||||||
|
- errx(1, "%s", ebuf); |
||||||
|
+ if (!Intf && (Intf = pcap_lookupdev(pcap_ebuf)) == NULL) |
||||||
|
+ errx(1, "%s", pcap_ebuf); |
||||||
|
|
||||||
|
- if ((llif = libnet_open_link_interface(Intf, ebuf)) == 0) |
||||||
|
- errx(1, "%s", ebuf); |
||||||
|
+ if ((l = libnet_init(LIBNET_LINK, Intf, libnet_ebuf)) == NULL) |
||||||
|
+ errx(1, "%s", libnet_ebuf); |
||||||
|
|
||||||
|
- libnet_seed_prand(); |
||||||
|
+ libnet_seed_prand(l); |
||||||
|
|
||||||
|
for (i = 0; i != Repeat; i++) { |
||||||
|
|
||||||
|
@@ -117,39 +118,39 @@ |
||||||
|
else memcpy(tha, Tha, sizeof(tha)); |
||||||
|
|
||||||
|
if (Src != 0) src = Src; |
||||||
|
- else src = libnet_get_prand(PRu32); |
||||||
|
+ else src = libnet_get_prand(LIBNET_PRu32); |
||||||
|
|
||||||
|
if (Dst != 0) dst = Dst; |
||||||
|
- else dst = libnet_get_prand(PRu32); |
||||||
|
+ else dst = libnet_get_prand(LIBNET_PRu32); |
||||||
|
|
||||||
|
if (Sport != 0) sport = Sport; |
||||||
|
- else sport = libnet_get_prand(PRu16); |
||||||
|
+ else sport = libnet_get_prand(LIBNET_PRu16); |
||||||
|
|
||||||
|
if (Dport != 0) dport = Dport; |
||||||
|
- else dport = libnet_get_prand(PRu16); |
||||||
|
+ else dport = libnet_get_prand(LIBNET_PRu16); |
||||||
|
|
||||||
|
- seq = libnet_get_prand(PRu32); |
||||||
|
- |
||||||
|
- libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, pkt); |
||||||
|
- |
||||||
|
- libnet_build_ip(TCP_H, 0, libnet_get_prand(PRu16), 0, 64, |
||||||
|
- IPPROTO_TCP, src, dst, NULL, 0, pkt + ETH_H); |
||||||
|
+ seq = libnet_get_prand(LIBNET_PRu32); |
||||||
|
|
||||||
|
libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512, |
||||||
|
- 0, NULL, 0, pkt + ETH_H + IP_H); |
||||||
|
+ 0, 0, LIBNET_TCP_H, NULL, 0, l, 0); |
||||||
|
|
||||||
|
- libnet_do_checksum(pkt + ETH_H, IPPROTO_IP, IP_H); |
||||||
|
- libnet_do_checksum(pkt + ETH_H, IPPROTO_TCP, TCP_H); |
||||||
|
+ libnet_build_ipv4(LIBNET_TCP_H, 0, |
||||||
|
+ libnet_get_prand(LIBNET_PRu16), 0, 64, |
||||||
|
+ IPPROTO_TCP, 0, src, dst, NULL, 0, l, 0); |
||||||
|
|
||||||
|
- if (libnet_write_link_layer(llif, Intf, pkt, sizeof(pkt)) < 0) |
||||||
|
+ libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, l, 0); |
||||||
|
+ |
||||||
|
+ if (libnet_write(l) < 0) |
||||||
|
errx(1, "write"); |
||||||
|
|
||||||
|
+ libnet_clear_packet(l); |
||||||
|
+ |
||||||
|
fprintf(stderr, "%s ", |
||||||
|
ether_ntoa((struct ether_addr *)sha)); |
||||||
|
fprintf(stderr, "%s %s.%d > %s.%d: S %u:%u(0) win 512\n", |
||||||
|
ether_ntoa((struct ether_addr *)tha), |
||||||
|
- libnet_host_lookup(Src, 0), sport, |
||||||
|
- libnet_host_lookup(Dst, 0), dport, seq, seq); |
||||||
|
+ libnet_addr2name4(Src, 0), sport, |
||||||
|
+ libnet_addr2name4(Dst, 0), dport, seq, seq); |
||||||
|
} |
||||||
|
exit(0); |
||||||
|
} |
||||||
|
--- dsniff-2.4b1/record.c 2001-03-15 10:33:04.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/record.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -65,8 +65,8 @@ |
||||||
|
tm = localtime(&rec->time); |
||||||
|
strftime(tstr, sizeof(tstr), "%x %X", tm); |
||||||
|
|
||||||
|
- srcp = libnet_host_lookup(rec->src, Opt_dns); |
||||||
|
- dstp = libnet_host_lookup(rec->dst, Opt_dns); |
||||||
|
+ srcp = libnet_addr2name4(rec->src, Opt_dns); |
||||||
|
+ dstp = libnet_addr2name4(rec->dst, Opt_dns); |
||||||
|
|
||||||
|
if ((pr = getprotobynumber(rec->proto)) == NULL) |
||||||
|
protop = "unknown"; |
||||||
|
--- dsniff-2.4b1/sshmitm.c 2001-03-15 10:33:04.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/sshmitm.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -389,7 +389,7 @@ |
||||||
|
if (argc < 1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
- if ((ip = libnet_name_resolve(argv[0], 1)) == -1) |
||||||
|
+ if ((ip = libnet_name2addr4(NULL, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
if (argc == 2 && (rport = atoi(argv[1])) == 0) |
||||||
|
--- dsniff-2.4b1/tcpkill.c 2001-03-17 10:10:43.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/tcpkill.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -39,17 +39,18 @@ |
||||||
|
static void |
||||||
|
tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) |
||||||
|
{ |
||||||
|
- struct libnet_ip_hdr *ip; |
||||||
|
+ struct libnet_ipv4_hdr *ip; |
||||||
|
struct libnet_tcp_hdr *tcp; |
||||||
|
- u_char ctext[64], buf[IP_H + TCP_H]; |
||||||
|
+ u_char ctext[64]; |
||||||
|
u_int32_t seq, win; |
||||||
|
- int i, *sock, len; |
||||||
|
+ int i, len; |
||||||
|
+ libnet_t *l; |
||||||
|
|
||||||
|
- sock = (int *)user; |
||||||
|
+ l = (libnet_t *)user; |
||||||
|
pkt += pcap_off; |
||||||
|
len = pcap->caplen - pcap_off; |
||||||
|
|
||||||
|
- ip = (struct libnet_ip_hdr *)pkt; |
||||||
|
+ ip = (struct libnet_ipv4_hdr *)pkt; |
||||||
|
if (ip->ip_p != IPPROTO_TCP) |
||||||
|
return; |
||||||
|
|
||||||
|
@@ -57,34 +58,31 @@ |
||||||
|
if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST)) |
||||||
|
return; |
||||||
|
|
||||||
|
- libnet_build_ip(TCP_H, 0, 0, 0, 64, IPPROTO_TCP, |
||||||
|
- ip->ip_dst.s_addr, ip->ip_src.s_addr, |
||||||
|
- NULL, 0, buf); |
||||||
|
- |
||||||
|
- libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), |
||||||
|
- 0, 0, TH_RST, 0, 0, NULL, 0, buf + IP_H); |
||||||
|
- |
||||||
|
seq = ntohl(tcp->th_ack); |
||||||
|
win = ntohs(tcp->th_win); |
||||||
|
|
||||||
|
snprintf(ctext, sizeof(ctext), "%s:%d > %s:%d:", |
||||||
|
- libnet_host_lookup(ip->ip_src.s_addr, 0), |
||||||
|
+ libnet_addr2name4(ip->ip_src.s_addr, LIBNET_DONT_RESOLVE), |
||||||
|
ntohs(tcp->th_sport), |
||||||
|
- libnet_host_lookup(ip->ip_dst.s_addr, 0), |
||||||
|
+ libnet_addr2name4(ip->ip_dst.s_addr, LIBNET_DONT_RESOLVE), |
||||||
|
ntohs(tcp->th_dport)); |
||||||
|
|
||||||
|
- ip = (struct libnet_ip_hdr *)buf; |
||||||
|
- tcp = (struct libnet_tcp_hdr *)(ip + 1); |
||||||
|
- |
||||||
|
for (i = 0; i < Opt_severity; i++) { |
||||||
|
- ip->ip_id = libnet_get_prand(PRu16); |
||||||
|
seq += (i * win); |
||||||
|
- tcp->th_seq = htonl(seq); |
||||||
|
|
||||||
|
- libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); |
||||||
|
+ libnet_clear_packet(l); |
||||||
|
|
||||||
|
- if (libnet_write_ip(*sock, buf, sizeof(buf)) < 0) |
||||||
|
- warn("write_ip"); |
||||||
|
+ libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), |
||||||
|
+ seq, 0, TH_RST, 0, 0, 0, LIBNET_TCP_H, |
||||||
|
+ NULL, 0, l, 0); |
||||||
|
+ |
||||||
|
+ libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H, 0, |
||||||
|
+ libnet_get_prand(LIBNET_PRu16), 0, 64, |
||||||
|
+ IPPROTO_TCP, 0, ip->ip_dst.s_addr, |
||||||
|
+ ip->ip_src.s_addr, NULL, 0, l, 0); |
||||||
|
+ |
||||||
|
+ if (libnet_write(l) < 0) |
||||||
|
+ warn("write"); |
||||||
|
|
||||||
|
fprintf(stderr, "%s R %lu:%lu(0) win 0\n", ctext, seq, seq); |
||||||
|
} |
||||||
|
@@ -95,8 +93,10 @@ |
||||||
|
{ |
||||||
|
extern char *optarg; |
||||||
|
extern int optind; |
||||||
|
- int c, sock; |
||||||
|
+ int c; |
||||||
|
char *p, *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; |
||||||
|
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
+ libnet_t *l; |
||||||
|
pcap_t *pd; |
||||||
|
|
||||||
|
intf = NULL; |
||||||
|
@@ -136,14 +136,14 @@ |
||||||
|
if ((pcap_off = pcap_dloff(pd)) < 0) |
||||||
|
errx(1, "couldn't determine link layer offset"); |
||||||
|
|
||||||
|
- if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) |
||||||
|
+ if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL) |
||||||
|
errx(1, "couldn't initialize sending"); |
||||||
|
|
||||||
|
- libnet_seed_prand(); |
||||||
|
+ libnet_seed_prand(l); |
||||||
|
|
||||||
|
warnx("listening on %s [%s]", intf, filter); |
||||||
|
|
||||||
|
- pcap_loop(pd, -1, tcp_kill_cb, (u_char *)&sock); |
||||||
|
+ pcap_loop(pd, -1, tcp_kill_cb, (u_char *)l); |
||||||
|
|
||||||
|
/* NOTREACHED */ |
||||||
|
|
||||||
|
--- dsniff-2.4b1/tcpnice.c 2001-03-17 09:41:51.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/tcpnice.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -41,107 +41,106 @@ |
||||||
|
} |
||||||
|
|
||||||
|
static void |
||||||
|
-send_tcp_window_advertisement(int sock, struct libnet_ip_hdr *ip, |
||||||
|
+send_tcp_window_advertisement(libnet_t *l, struct libnet_ipv4_hdr *ip, |
||||||
|
struct libnet_tcp_hdr *tcp) |
||||||
|
{ |
||||||
|
int len; |
||||||
|
|
||||||
|
ip->ip_hl = 5; |
||||||
|
- ip->ip_len = htons(IP_H + TCP_H); |
||||||
|
- ip->ip_id = libnet_get_prand(PRu16); |
||||||
|
- memcpy(buf, (u_char *)ip, IP_H); |
||||||
|
+ ip->ip_len = htons(LIBNET_IPV4_H + LIBNET_TCP_H); |
||||||
|
+ ip->ip_id = libnet_get_prand(LIBNET_PRu16); |
||||||
|
+ memcpy(buf, (u_char *)ip, LIBNET_IPV4_H); |
||||||
|
|
||||||
|
tcp->th_off = 5; |
||||||
|
tcp->th_win = htons(MIN_WIN); |
||||||
|
- memcpy(buf + IP_H, (u_char *)tcp, TCP_H); |
||||||
|
+ memcpy(buf + LIBNET_IPV4_H, (u_char *)tcp, LIBNET_TCP_H); |
||||||
|
|
||||||
|
- libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); |
||||||
|
+ libnet_do_checksum(l, buf, IPPROTO_TCP, LIBNET_TCP_H); |
||||||
|
|
||||||
|
- len = IP_H + TCP_H; |
||||||
|
+ len = LIBNET_IPV4_H + LIBNET_TCP_H; |
||||||
|
|
||||||
|
- if (libnet_write_ip(sock, buf, len) != len) |
||||||
|
+ if (libnet_write_raw_ipv4(l, buf, len) != len) |
||||||
|
warn("write"); |
||||||
|
|
||||||
|
fprintf(stderr, "%s:%d > %s:%d: . ack %lu win %d\n", |
||||||
|
- libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), |
||||||
|
- libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), |
||||||
|
+ libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), |
||||||
|
+ libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), |
||||||
|
ntohl(tcp->th_ack), 1); |
||||||
|
} |
||||||
|
|
||||||
|
static void |
||||||
|
-send_icmp_source_quench(int sock, struct libnet_ip_hdr *ip) |
||||||
|
+send_icmp_source_quench(libnet_t *l, struct libnet_ipv4_hdr *ip) |
||||||
|
{ |
||||||
|
- struct libnet_icmp_hdr *icmp; |
||||||
|
+ struct libnet_icmpv4_hdr *icmp; |
||||||
|
int len; |
||||||
|
|
||||||
|
len = (ip->ip_hl * 4) + 8; |
||||||
|
|
||||||
|
- libnet_build_ip(ICMP_ECHO_H + len, 0, libnet_get_prand(PRu16), |
||||||
|
- 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, |
||||||
|
- ip->ip_src.s_addr, NULL, 0, buf); |
||||||
|
- |
||||||
|
- icmp = (struct libnet_icmp_hdr *)(buf + IP_H); |
||||||
|
+ icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H); |
||||||
|
icmp->icmp_type = ICMP_SOURCEQUENCH; |
||||||
|
icmp->icmp_code = 0; |
||||||
|
- memcpy((u_char *)icmp + ICMP_ECHO_H, (u_char *)ip, len); |
||||||
|
+ memcpy((u_char *)icmp + LIBNET_ICMPV4_ECHO_H, (u_char *)ip, len); |
||||||
|
|
||||||
|
- libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_ECHO_H + len); |
||||||
|
+ len += LIBNET_ICMPV4_ECHO_H; |
||||||
|
|
||||||
|
- len += (IP_H + ICMP_ECHO_H); |
||||||
|
+ libnet_build_ipv4(LIBNET_IPV4_H + len, 0, |
||||||
|
+ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP, |
||||||
|
+ 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, |
||||||
|
+ (u_int8_t *) icmp, len, l, 0); |
||||||
|
|
||||||
|
- if (libnet_write_ip(sock, buf, len) != len) |
||||||
|
+ if (libnet_write(l) != len) |
||||||
|
warn("write"); |
||||||
|
|
||||||
|
fprintf(stderr, "%s > %s: icmp: source quench\n", |
||||||
|
- libnet_host_lookup(ip->ip_dst.s_addr, 0), |
||||||
|
- libnet_host_lookup(ip->ip_src.s_addr, 0)); |
||||||
|
+ libnet_addr2name4(ip->ip_dst.s_addr, 0), |
||||||
|
+ libnet_addr2name4(ip->ip_src.s_addr, 0)); |
||||||
|
} |
||||||
|
|
||||||
|
static void |
||||||
|
-send_icmp_frag_needed(int sock, struct libnet_ip_hdr *ip) |
||||||
|
+send_icmp_frag_needed(libnet_t *l, struct libnet_ipv4_hdr *ip) |
||||||
|
{ |
||||||
|
- struct libnet_icmp_hdr *icmp; |
||||||
|
+ struct libnet_icmpv4_hdr *icmp; |
||||||
|
int len; |
||||||
|
|
||||||
|
len = (ip->ip_hl * 4) + 8; |
||||||
|
|
||||||
|
- libnet_build_ip(ICMP_MASK_H + len, 4, libnet_get_prand(PRu16), |
||||||
|
- 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, |
||||||
|
- ip->ip_src.s_addr, NULL, 0, buf); |
||||||
|
- |
||||||
|
- icmp = (struct libnet_icmp_hdr *)(buf + IP_H); |
||||||
|
+ icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H); |
||||||
|
icmp->icmp_type = ICMP_UNREACH; |
||||||
|
icmp->icmp_code = ICMP_UNREACH_NEEDFRAG; |
||||||
|
icmp->hun.frag.pad = 0; |
||||||
|
icmp->hun.frag.mtu = htons(MIN_MTU); |
||||||
|
- memcpy((u_char *)icmp + ICMP_MASK_H, (u_char *)ip, len); |
||||||
|
+ memcpy((u_char *)icmp + LIBNET_ICMPV4_MASK_H, (u_char *)ip, len); |
||||||
|
|
||||||
|
- libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_MASK_H + len); |
||||||
|
- |
||||||
|
- len += (IP_H + ICMP_MASK_H); |
||||||
|
+ len += LIBNET_ICMPV4_MASK_H; |
||||||
|
+ |
||||||
|
+ libnet_build_ipv4(LIBNET_IPV4_H + len, 4, |
||||||
|
+ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP, |
||||||
|
+ 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, |
||||||
|
+ (u_int8_t *) icmp, len, l, 0); |
||||||
|
|
||||||
|
- if (libnet_write_ip(sock, buf, len) != len) |
||||||
|
+ if (libnet_write(l) != len) |
||||||
|
warn("write"); |
||||||
|
|
||||||
|
fprintf(stderr, "%s > %s: icmp: ", |
||||||
|
- libnet_host_lookup(ip->ip_dst.s_addr, 0), |
||||||
|
- libnet_host_lookup(ip->ip_src.s_addr, 0)); |
||||||
|
+ libnet_addr2name4(ip->ip_dst.s_addr, 0), |
||||||
|
+ libnet_addr2name4(ip->ip_src.s_addr, 0)); |
||||||
|
fprintf(stderr, "%s unreachable - need to frag (mtu %d)\n", |
||||||
|
- libnet_host_lookup(ip->ip_src.s_addr, 0), MIN_MTU); |
||||||
|
+ libnet_addr2name4(ip->ip_src.s_addr, 0), MIN_MTU); |
||||||
|
} |
||||||
|
|
||||||
|
static void |
||||||
|
tcp_nice_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) |
||||||
|
{ |
||||||
|
- struct libnet_ip_hdr *ip; |
||||||
|
+ struct libnet_ipv4_hdr *ip; |
||||||
|
struct libnet_tcp_hdr *tcp; |
||||||
|
- int *sock, len; |
||||||
|
+ int len; |
||||||
|
+ libnet_t *l; |
||||||
|
|
||||||
|
- sock = (int *)user; |
||||||
|
+ l = (libnet_t *)user; |
||||||
|
pkt += pcap_off; |
||||||
|
len = pcap->caplen - pcap_off; |
||||||
|
|
||||||
|
- ip = (struct libnet_ip_hdr *)pkt; |
||||||
|
+ ip = (struct libnet_ipv4_hdr *)pkt; |
||||||
|
if (ip->ip_p != IPPROTO_TCP) |
||||||
|
return; |
||||||
|
|
||||||
|
@@ -151,11 +150,11 @@ |
||||||
|
|
||||||
|
if (ntohs(ip->ip_len) > (ip->ip_hl << 2) + (tcp->th_off << 2)) { |
||||||
|
if (Opt_icmp) |
||||||
|
- send_icmp_source_quench(*sock, ip); |
||||||
|
+ send_icmp_source_quench(l, ip); |
||||||
|
if (Opt_win) |
||||||
|
- send_tcp_window_advertisement(*sock, ip, tcp); |
||||||
|
+ send_tcp_window_advertisement(l, ip, tcp); |
||||||
|
if (Opt_pmtu) |
||||||
|
- send_icmp_frag_needed(*sock, ip); |
||||||
|
+ send_icmp_frag_needed(l, ip); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
@@ -164,8 +163,10 @@ |
||||||
|
{ |
||||||
|
extern char *optarg; |
||||||
|
extern int optind; |
||||||
|
- int c, sock; |
||||||
|
+ int c; |
||||||
|
char *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; |
||||||
|
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
+ libnet_t *l; |
||||||
|
pcap_t *pd; |
||||||
|
|
||||||
|
intf = NULL; |
||||||
|
@@ -209,14 +210,14 @@ |
||||||
|
if ((pcap_off = pcap_dloff(pd)) < 0) |
||||||
|
errx(1, "couldn't determine link layer offset"); |
||||||
|
|
||||||
|
- if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) |
||||||
|
+ if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL) |
||||||
|
errx(1, "couldn't initialize sending"); |
||||||
|
|
||||||
|
- libnet_seed_prand(); |
||||||
|
+ libnet_seed_prand(l); |
||||||
|
|
||||||
|
warnx("listening on %s [%s]", intf, filter); |
||||||
|
|
||||||
|
- pcap_loop(pd, -1, tcp_nice_cb, (u_char *)&sock); |
||||||
|
+ pcap_loop(pd, -1, tcp_nice_cb, (u_char *)l); |
||||||
|
|
||||||
|
/* NOTREACHED */ |
||||||
|
|
||||||
|
--- dsniff-2.4b1/tcp_raw.c 2001-03-15 10:33:04.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/tcp_raw.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -119,7 +119,7 @@ |
||||||
|
} |
||||||
|
|
||||||
|
struct iovec * |
||||||
|
-tcp_raw_input(struct libnet_ip_hdr *ip, struct libnet_tcp_hdr *tcp, int len) |
||||||
|
+tcp_raw_input(struct libnet_ipv4_hdr *ip, struct libnet_tcp_hdr *tcp, int len) |
||||||
|
{ |
||||||
|
struct tha tha; |
||||||
|
struct tcp_conn *conn; |
||||||
|
@@ -131,7 +131,7 @@ |
||||||
|
|
||||||
|
/* Verify TCP checksum. */ |
||||||
|
cksum = tcp->th_sum; |
||||||
|
- libnet_do_checksum((u_char *) ip, IPPROTO_TCP, len); |
||||||
|
+ libnet_do_checksum(NULL, (u_char *) ip, IPPROTO_TCP, len); |
||||||
|
|
||||||
|
if (cksum != tcp->th_sum) |
||||||
|
return (NULL); |
||||||
|
--- dsniff-2.4b1/tcp_raw.h 2001-03-15 10:33:06.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/tcp_raw.h.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -15,7 +15,7 @@ |
||||||
|
u_short sport, u_short dport, |
||||||
|
u_char *buf, int len); |
||||||
|
|
||||||
|
-struct iovec *tcp_raw_input(struct libnet_ip_hdr *ip, |
||||||
|
+struct iovec *tcp_raw_input(struct libnet_ipv4_hdr *ip, |
||||||
|
struct libnet_tcp_hdr *tcp, int len); |
||||||
|
|
||||||
|
void tcp_raw_timeout(int timeout, tcp_raw_callback_t callback); |
||||||
|
--- dsniff-2.4b1/trigger.c 2001-03-15 10:33:05.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/trigger.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -276,7 +276,7 @@ |
||||||
|
} |
||||||
|
|
||||||
|
void |
||||||
|
-trigger_ip(struct libnet_ip_hdr *ip) |
||||||
|
+trigger_ip(struct libnet_ipv4_hdr *ip) |
||||||
|
{ |
||||||
|
struct trigger *t, tr; |
||||||
|
u_char *buf; |
||||||
|
@@ -305,7 +305,7 @@ |
||||||
|
|
||||||
|
/* libnids needs a nids_register_udp()... */ |
||||||
|
void |
||||||
|
-trigger_udp(struct libnet_ip_hdr *ip) |
||||||
|
+trigger_udp(struct libnet_ipv4_hdr *ip) |
||||||
|
{ |
||||||
|
struct trigger *t, tr; |
||||||
|
struct libnet_udp_hdr *udp; |
||||||
|
@@ -437,7 +437,7 @@ |
||||||
|
} |
||||||
|
|
||||||
|
void |
||||||
|
-trigger_tcp_raw(struct libnet_ip_hdr *ip) |
||||||
|
+trigger_tcp_raw(struct libnet_ipv4_hdr *ip) |
||||||
|
{ |
||||||
|
struct trigger *t, tr; |
||||||
|
struct libnet_tcp_hdr *tcp; |
||||||
|
--- dsniff-2.4b1/trigger.h 2001-03-15 10:33:06.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/trigger.h.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -24,10 +24,10 @@ |
||||||
|
int trigger_set_tcp(int port, char *name); |
||||||
|
int trigger_set_rpc(int program, char *name); |
||||||
|
|
||||||
|
-void trigger_ip(struct libnet_ip_hdr *ip); |
||||||
|
-void trigger_udp(struct libnet_ip_hdr *ip); |
||||||
|
+void trigger_ip(struct libnet_ipv4_hdr *ip); |
||||||
|
+void trigger_udp(struct libnet_ipv4_hdr *ip); |
||||||
|
void trigger_tcp(struct tcp_stream *ts, void **conn_save); |
||||||
|
-void trigger_tcp_raw(struct libnet_ip_hdr *ip); |
||||||
|
+void trigger_tcp_raw(struct libnet_ipv4_hdr *ip); |
||||||
|
void trigger_tcp_raw_timeout(int signal); |
||||||
|
void trigger_rpc(int program, int proto, int port); |
||||||
|
|
||||||
|
--- dsniff-2.4b1/urlsnarf.c 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
+++ dsniff-2.4b1/urlsnarf.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -145,14 +145,14 @@ |
||||||
|
if (user == NULL) |
||||||
|
user = "-"; |
||||||
|
if (vhost == NULL) |
||||||
|
- vhost = libnet_host_lookup(addr->daddr, Opt_dns); |
||||||
|
+ vhost = libnet_addr2name4(addr->daddr, Opt_dns); |
||||||
|
if (referer == NULL) |
||||||
|
referer = "-"; |
||||||
|
if (agent == NULL) |
||||||
|
agent = "-"; |
||||||
|
|
||||||
|
printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n", |
||||||
|
- libnet_host_lookup(addr->saddr, Opt_dns), |
||||||
|
+ libnet_addr2name4(addr->saddr, Opt_dns), |
||||||
|
user, timestamp(), req, vhost, uri, referer, agent); |
||||||
|
} |
||||||
|
fflush(stdout); |
||||||
|
--- dsniff-2.4b1/webmitm.c 2001-03-17 10:35:05.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/webmitm.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -242,7 +242,7 @@ |
||||||
|
word = buf_tok(&msg, "/", 1); |
||||||
|
vhost = buf_strdup(word); |
||||||
|
} |
||||||
|
- ssin.sin_addr.s_addr = libnet_name_resolve(vhost, 1); |
||||||
|
+ ssin.sin_addr.s_addr = libnet_name2addr4(NULL, vhost, 1); |
||||||
|
free(vhost); |
||||||
|
|
||||||
|
if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) || |
||||||
|
@@ -510,7 +510,7 @@ |
||||||
|
argv += optind; |
||||||
|
|
||||||
|
if (argc == 1) { |
||||||
|
- if ((static_host = libnet_name_resolve(argv[0], 1)) == -1) |
||||||
|
+ if ((static_host = libnet_name2addr4(NULL, argv[0], 1)) == -1) |
||||||
|
usage(); |
||||||
|
} |
||||||
|
else if (argc != 0) usage(); |
||||||
|
--- dsniff-2.4b1/webspy.c 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
+++ dsniff-2.4b1/webspy.c.libnet_11 2006-06-09 13:35:29.000000000 +0300 |
||||||
|
@@ -126,7 +126,7 @@ |
||||||
|
if (auth == NULL) |
||||||
|
auth = ""; |
||||||
|
if (vhost == NULL) |
||||||
|
- vhost = libnet_host_lookup(addr->daddr, 0); |
||||||
|
+ vhost = libnet_addr2name4(addr->daddr, 0); |
||||||
|
|
||||||
|
snprintf(cmd, sizeof(cmd), "openURL(http://%s%s%s%s)", |
||||||
|
auth, *auth ? "@" : "", vhost, uri); |
||||||
|
@@ -205,7 +205,7 @@ |
||||||
|
cmdtab[0] = cmd; |
||||||
|
cmdtab[1] = NULL; |
||||||
|
|
||||||
|
- if ((host = libnet_name_resolve(argv[0], 1)) == -1) |
||||||
|
+ if ((host = libnet_name2addr4(NULL, argv[0], 1)) == -1) |
||||||
|
errx(1, "unknown host"); |
||||||
|
|
||||||
|
if ((dpy = XOpenDisplay(NULL)) == NULL) |
@ -0,0 +1,140 @@ |
|||||||
|
Patch by Robert Scheck <robert@fedoraproject.org> for dsniff >= 2.4b1 which fixes |
||||||
|
possible segmentation faults of arpspoof, sshmitm, webmitm and webspy if any non- |
||||||
|
resolving hostname is passed. Issue was introduced by dsniff-2.4-libnet_11.patch; |
||||||
|
libnet_name_resolve() was replaced by libnet_name2addr4() while there must be the |
||||||
|
structure libnet_t passed additionally. And if that structure is not initialized |
||||||
|
using libnet_init() and the passed name can't be resolved (like "192.168.2."), it |
||||||
|
causes a snprintf() to NULL and thus the segmentation fault. Note that macof isn't |
||||||
|
affected as no resolving was involved here ever. Please also have a look to Red Hat |
||||||
|
Bugzilla ID #1009879 for further information. |
||||||
|
|
||||||
|
--- dsniff-2.4/sshmitm.c 2013-12-20 21:19:58.000000000 +0100 |
||||||
|
+++ dsniff-2.4/sshmitm.c.libnet_name2addr4 2013-12-20 21:29:44.000000000 +0100 |
||||||
|
@@ -45,6 +45,8 @@ |
||||||
|
struct sockaddr_in csin, ssin; |
||||||
|
int sig_pipe[2]; |
||||||
|
|
||||||
|
+static libnet_t *l; |
||||||
|
+ |
||||||
|
static void |
||||||
|
usage(void) |
||||||
|
{ |
||||||
|
@@ -364,6 +366,7 @@ |
||||||
|
u_long ip; |
||||||
|
u_short lport, rport; |
||||||
|
int c; |
||||||
|
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
|
||||||
|
lport = rport = 22; |
||||||
|
|
||||||
|
@@ -390,12 +393,15 @@ |
||||||
|
if (argc < 1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
- if ((ip = libnet_name2addr4(NULL, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
- usage(); |
||||||
|
- |
||||||
|
if (argc == 2 && (rport = atoi(argv[1])) == 0) |
||||||
|
usage(); |
||||||
|
|
||||||
|
+ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) |
||||||
|
+ errx(1, "%s", libnet_ebuf); |
||||||
|
+ |
||||||
|
+ if ((ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
+ usage(); |
||||||
|
+ |
||||||
|
record_init(NULL); |
||||||
|
|
||||||
|
mitm_init(lport, ip, rport); |
||||||
|
--- dsniff-2.4/webmitm.c 2013-12-20 21:19:58.000000000 +0100 |
||||||
|
+++ dsniff-2.4/webmitm.c.libnet_name2addr4 2013-12-20 21:40:09.000000000 +0100 |
||||||
|
@@ -47,6 +47,8 @@ |
||||||
|
int do_ssl, sig_pipe[2]; |
||||||
|
in_addr_t static_host = 0; |
||||||
|
|
||||||
|
+static libnet_t *l; |
||||||
|
+ |
||||||
|
extern int decode_http(char *, int, char *, int); |
||||||
|
|
||||||
|
static void |
||||||
|
@@ -242,7 +244,7 @@ |
||||||
|
word = buf_tok(&msg, "/", 1); |
||||||
|
vhost = buf_strdup(word); |
||||||
|
} |
||||||
|
- ssin.sin_addr.s_addr = libnet_name2addr4(NULL, vhost, 1); |
||||||
|
+ ssin.sin_addr.s_addr = libnet_name2addr4(l, vhost, LIBNET_RESOLVE); |
||||||
|
free(vhost); |
||||||
|
|
||||||
|
if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) || |
||||||
|
@@ -496,6 +498,7 @@ |
||||||
|
extern char *optarg; |
||||||
|
extern int optind; |
||||||
|
int c; |
||||||
|
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
|
||||||
|
while ((c = getopt(argc, argv, "dh?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
@@ -509,8 +512,11 @@ |
||||||
|
argc -= optind; |
||||||
|
argv += optind; |
||||||
|
|
||||||
|
+ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) |
||||||
|
+ errx(1, "%s", libnet_ebuf); |
||||||
|
+ |
||||||
|
if (argc == 1) { |
||||||
|
- if ((static_host = libnet_name2addr4(NULL, argv[0], 1)) == -1) |
||||||
|
+ if ((static_host = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
usage(); |
||||||
|
} |
||||||
|
else if (argc != 0) usage(); |
||||||
|
--- dsniff-2.4/webspy.c 2013-12-20 21:19:58.000000000 +0100 |
||||||
|
+++ dsniff-2.4/webspy.c.libnet_name2addr4 2013-12-20 21:45:57.000000000 +0100 |
||||||
|
@@ -33,6 +33,7 @@ |
||||||
|
extern int mozilla_remote_commands (Display *, Window, char **); |
||||||
|
char *expected_mozilla_version = "4.7"; |
||||||
|
char *progname = "webspy"; |
||||||
|
+static libnet_t *l; |
||||||
|
|
||||||
|
Display *dpy; |
||||||
|
char cmd[2048], *cmdtab[2]; |
||||||
|
@@ -183,6 +184,7 @@ |
||||||
|
extern char *optarg; |
||||||
|
extern int optind; |
||||||
|
int c; |
||||||
|
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE]; |
||||||
|
|
||||||
|
while ((c = getopt(argc, argv, "i:p:h?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
@@ -205,7 +207,10 @@ |
||||||
|
cmdtab[0] = cmd; |
||||||
|
cmdtab[1] = NULL; |
||||||
|
|
||||||
|
- if ((host = libnet_name2addr4(NULL, argv[0], 1)) == -1) |
||||||
|
+ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) |
||||||
|
+ errx(1, "%s", libnet_ebuf); |
||||||
|
+ |
||||||
|
+ if ((host = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
errx(1, "unknown host"); |
||||||
|
|
||||||
|
if ((dpy = XOpenDisplay(NULL)) == NULL) |
||||||
|
--- dsniff-2.4/arpspoof.c 2013-12-20 22:00:53.000000000 +0100 |
||||||
|
+++ dsniff-2.4/arpspoof.c.libnet_name2addr4 2013-12-20 22:00:38.000000000 +0100 |
||||||
|
@@ -207,6 +207,9 @@ |
||||||
|
/* allocate enough memory for target list */ |
||||||
|
targets = calloc( argc+1, sizeof(struct host) ); |
||||||
|
|
||||||
|
+ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) |
||||||
|
+ errx(1, "%s", libnet_ebuf); |
||||||
|
+ |
||||||
|
while ((c = getopt(argc, argv, "ri:t:c:h?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'i': |
||||||
|
@@ -263,6 +266,8 @@ |
||||||
|
if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) |
||||||
|
usage(); |
||||||
|
|
||||||
|
+ libnet_destroy(l); |
||||||
|
+ |
||||||
|
if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL) |
||||||
|
errx(1, "%s", pcap_ebuf); |
||||||
|
|
@ -0,0 +1,51 @@ |
|||||||
|
Patch by Robert Scheck <robert@fedoraproject.org> for dsniff >= 2.4b1 which |
||||||
|
allows building against libtirpc (as a separate library) given the Sun RPC |
||||||
|
support in glibc has been deprecated for a long time. |
||||||
|
|
||||||
|
--- dsniff-2.4/Makefile.in 2018-05-26 22:04:34.809966900 +0200 |
||||||
|
+++ dsniff-2.4/Makefile.in.libtirpc 2018-05-27 02:56:31.149313503 +0200 |
||||||
|
@@ -16,7 +16,7 @@ |
||||||
|
mandir = @mandir@ |
||||||
|
|
||||||
|
CC = @CC@ |
||||||
|
-CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\" |
||||||
|
+CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\" -I/usr/include/tirpc |
||||||
|
LDFLAGS = @LDFLAGS@ |
||||||
|
|
||||||
|
PCAPINC = @PCAPINC@ |
||||||
|
@@ -93,7 +93,7 @@ |
||||||
|
$(RANLIB) $@ |
||||||
|
|
||||||
|
dsniff: $(HDRS) $(SRCS) $(OBJS) libmissing.a |
||||||
|
- $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) |
||||||
|
+ $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc |
||||||
|
|
||||||
|
arpspoof: arpspoof.o arp.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(LIBS) $(PCAPLIB) $(LNETLIB) |
||||||
|
@@ -102,7 +102,7 @@ |
||||||
|
$(CC) $(LDFLAGS) -o $@ dnsspoof.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o libmissing.a |
||||||
|
- $(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) |
||||||
|
+ $(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) -ltirpc |
||||||
|
|
||||||
|
macof: macof.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ macof.o $(LIBS) $(PCAPLIB) $(LNETLIB) |
||||||
|
@@ -114,7 +114,7 @@ |
||||||
|
$(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o libmissing.a |
||||||
|
- $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) |
||||||
|
+ $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc |
||||||
|
|
||||||
|
sshow: sshow.o pcaputil.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) |
||||||
|
@@ -132,7 +132,7 @@ |
||||||
|
$(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
webmitm: webmitm.o base64.o buf.o decode_http.o record.o libmissing.a |
||||||
|
- $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) |
||||||
|
+ $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc |
||||||
|
|
||||||
|
webspy: webspy.o base64.o buf.o remote.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB) |
@ -0,0 +1,73 @@ |
|||||||
|
Patch by Robert Scheck <robert@fedoraproject.org> for dsniff >= 2.4b1, that |
||||||
|
adds further link layer offsets; inspirated from the original DLT_LINUX_SLL |
||||||
|
patch by Roland Kletzing <devzero@web.de>. This patch supersedes the Debian |
||||||
|
patch by Joerg Dorchain <joerg@dorchain.net> which adds tcpkill support for |
||||||
|
handling PPP interfaces. So for some further information, please also have |
||||||
|
a look to Debian bug ID #572516. |
||||||
|
|
||||||
|
--- dsniff-2.4/pcaputil.c 2001-03-15 09:33:04.000000000 +0100 |
||||||
|
+++ dsniff-2.4/pcaputil.c.ll_offset 2011-10-09 17:13:01.000000000 +0200 |
||||||
|
@@ -46,12 +46,63 @@ |
||||||
|
case DLT_FDDI: |
||||||
|
offset = 21; |
||||||
|
break; |
||||||
|
+#ifdef __amigaos__ |
||||||
|
+ case DLT_MIAMI: |
||||||
|
+ offset = 16; |
||||||
|
+ break; |
||||||
|
+#endif |
||||||
|
+ case DLT_RAW: |
||||||
|
#ifdef DLT_LOOP |
||||||
|
case DLT_LOOP: |
||||||
|
#endif |
||||||
|
case DLT_NULL: |
||||||
|
offset = 4; |
||||||
|
break; |
||||||
|
+ case DLT_SLIP: |
||||||
|
+#ifdef DLT_SLIP_BSDOS |
||||||
|
+ case DLT_SLIP_BSDOS: |
||||||
|
+#endif |
||||||
|
+#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__) |
||||||
|
+ offset = 16; |
||||||
|
+#else |
||||||
|
+ offset = 24; |
||||||
|
+#endif |
||||||
|
+ break; |
||||||
|
+ case DLT_PPP: |
||||||
|
+#ifdef DLT_PPP_BSDOS |
||||||
|
+ case DLT_PPP_BSDOS: |
||||||
|
+#endif |
||||||
|
+#ifdef DLT_PPP_SERIAL |
||||||
|
+ case DLT_PPP_SERIAL: |
||||||
|
+#endif |
||||||
|
+#ifdef DLT_PPP_ETHER |
||||||
|
+ case DLT_PPP_ETHER: |
||||||
|
+#endif |
||||||
|
+#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__) |
||||||
|
+ offset = 4; |
||||||
|
+#else |
||||||
|
+#if defined(sun) || defined(__sun) |
||||||
|
+ offset = 8; |
||||||
|
+#else |
||||||
|
+ offset = 24; |
||||||
|
+#endif |
||||||
|
+#endif |
||||||
|
+ break; |
||||||
|
+#ifdef DLT_ENC |
||||||
|
+ case DLT_ENC: |
||||||
|
+ offset = 12; |
||||||
|
+ break; |
||||||
|
+#endif |
||||||
|
+#ifdef DLT_LINUX_SLL |
||||||
|
+ case DLT_LINUX_SLL: |
||||||
|
+ offset = 16; |
||||||
|
+ break; |
||||||
|
+#endif |
||||||
|
+#ifdef DLT_IPNET |
||||||
|
+ case DLT_IPNET: |
||||||
|
+ offset = 24; |
||||||
|
+ break; |
||||||
|
+#endif |
||||||
|
default: |
||||||
|
warnx("unsupported datalink type"); |
||||||
|
break; |
@ -0,0 +1,15 @@ |
|||||||
|
Patch by Steve Kemp <skx@debian.org> for dsniff >= 2.4b1, which fixes a |
||||||
|
bug in mailsnarf that caused not to parse every mail correctly. For further |
||||||
|
information, please have a look to Debian bug ID #149330. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/mailsnarf.c 2005-06-23 03:30:37.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/mailsnarf.c.mailsnarf 2005-06-23 04:05:16.000000000 +0000 |
||||||
|
@@ -178,7 +178,7 @@ |
||||||
|
if (smtp->state != SMTP_DATA) { |
||||||
|
while ((i = buf_index(&buf, "\r\n", 2)) >= 0) { |
||||||
|
line = buf_tok(&buf, NULL, i + 2); |
||||||
|
- line->base[line->end] = '\0'; |
||||||
|
+ line->base[line->end-1] = '\0'; |
||||||
|
p = buf_ptr(line); |
||||||
|
|
||||||
|
if (strncasecmp(p, "RSET", 4) == 0) { |
@ -0,0 +1,122 @@ |
|||||||
|
Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to rewrite and |
||||||
|
modernize the POP decoder. For some more information, please have a look to Debian |
||||||
|
bug ID #647583. |
||||||
|
|
||||||
|
--- dsniff-2.4/decode_pop.c 2013-12-20 21:06:13.000000000 +0100 |
||||||
|
+++ dsniff-2.4/decode_pop.c.modernize_pop 2013-12-20 21:12:58.000000000 +0100 |
||||||
|
@@ -6,6 +6,8 @@ |
||||||
|
* Copyright (c) 2000 Dug Song <dugsong@monkey.org> |
||||||
|
* |
||||||
|
* $Id: decode_pop.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ |
||||||
|
+ * |
||||||
|
+ * Rewritten by Stefan Tomanek 2011 <stefan@pico.ruhr.de> |
||||||
|
*/ |
||||||
|
|
||||||
|
#include "config.h" |
||||||
|
@@ -45,32 +47,87 @@ |
||||||
|
decode_pop(u_char *buf, int len, u_char *obuf, int olen) |
||||||
|
{ |
||||||
|
char *p; |
||||||
|
+ char *s; |
||||||
|
+ int n; |
||||||
|
int i, j; |
||||||
|
+ char *user; |
||||||
|
+ char *password; |
||||||
|
+ enum { |
||||||
|
+ NONE, |
||||||
|
+ AUTHPLAIN, |
||||||
|
+ AUTHLOGIN, |
||||||
|
+ USERPASS |
||||||
|
+ } mode = NONE; |
||||||
|
|
||||||
|
obuf[0] = '\0'; |
||||||
|
|
||||||
|
for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { |
||||||
|
- if (strncasecmp(p, "AUTH PLAIN", 10) == 0 || |
||||||
|
- strncasecmp(p, "AUTH LOGIN", 10) == 0) { |
||||||
|
- strlcat(obuf, p, olen); |
||||||
|
- strlcat(obuf, "\n", olen); |
||||||
|
- |
||||||
|
- /* Decode SASL auth. */ |
||||||
|
- for (i = 0; i < 2 && (p = strtok(NULL, "\r\n")); i++) { |
||||||
|
- strlcat(obuf, p, olen); |
||||||
|
- j = base64_pton(p, p, strlen(p)); |
||||||
|
- p[j] = '\0'; |
||||||
|
- strlcat(obuf, " [", olen); |
||||||
|
- strlcat(obuf, p, olen); |
||||||
|
- strlcat(obuf, "]\n", olen); |
||||||
|
+ if (mode == NONE) { |
||||||
|
+ user = NULL; |
||||||
|
+ password = NULL; |
||||||
|
+ if (strncasecmp(p, "AUTH PLAIN", 10) == 0) { |
||||||
|
+ mode = AUTHPLAIN; |
||||||
|
+ continue; |
||||||
|
+ } |
||||||
|
+ if (strncasecmp(p, "AUTH LOGIN", 10) == 0) { |
||||||
|
+ mode = AUTHLOGIN; |
||||||
|
+ continue; |
||||||
|
+ } |
||||||
|
+ if (strncasecmp(p, "USER ", 5) == 0) { |
||||||
|
+ mode = USERPASS; |
||||||
|
+ /* the traditional login cuts right to the case, |
||||||
|
+ * so no continue here |
||||||
|
+ */ |
||||||
|
} |
||||||
|
} |
||||||
|
- /* Save regular POP2, POP3 auth info. */ |
||||||
|
- else if (strncasecmp(p, "USER ", 5) == 0 || |
||||||
|
- strncasecmp(p, "PASS ", 5) == 0 || |
||||||
|
- strncasecmp(p, "HELO ", 5) == 0) { |
||||||
|
- strlcat(obuf, p, olen); |
||||||
|
- strlcat(obuf, "\n", olen); |
||||||
|
+ printf("(%d) %s\n", mode, p); |
||||||
|
+ if (mode == USERPASS) { |
||||||
|
+ if (strncasecmp(p, "USER ", 5) == 0) { |
||||||
|
+ user = &p[5]; |
||||||
|
+ } else if (strncasecmp(p, "PASS ", 5) == 0) { |
||||||
|
+ password = &p[5]; |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ if (mode == AUTHPLAIN) { |
||||||
|
+ j = base64_pton(p, p, strlen(p)); |
||||||
|
+ p[j] = '\0'; |
||||||
|
+ n = 0; |
||||||
|
+ s = p; |
||||||
|
+ /* p consists of three parts, divided by \0 */ |
||||||
|
+ while (s <= &p[j] && n<=3) { |
||||||
|
+ if (n == 0) { |
||||||
|
+ /* we do not process this portion yet */ |
||||||
|
+ } else if (n == 1) { |
||||||
|
+ user = s; |
||||||
|
+ } else if (n == 2) { |
||||||
|
+ password = s; |
||||||
|
+ } |
||||||
|
+ n++; |
||||||
|
+ while (*s) s++; |
||||||
|
+ s++; |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ if (mode == AUTHLOGIN) { |
||||||
|
+ j = base64_pton(p, p, strlen(p)); |
||||||
|
+ p[j] = '\0'; |
||||||
|
+ if (!user) { |
||||||
|
+ user = p; |
||||||
|
+ } else { |
||||||
|
+ password = p; |
||||||
|
+ /* got everything we need :-) */ |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ if (user && password) { |
||||||
|
+ strlcat(obuf, "\nusername [", olen); |
||||||
|
+ strlcat(obuf, user, olen); |
||||||
|
+ strlcat(obuf, "] password [", olen); |
||||||
|
+ strlcat(obuf, password, olen); |
||||||
|
+ strlcat(obuf, "]\n", olen); |
||||||
|
+ |
||||||
|
+ mode = NONE; |
||||||
|
} |
||||||
|
} |
||||||
|
return (strlen(obuf)); |
@ -0,0 +1,13 @@ |
|||||||
|
Patch by <bdefreese@debian2.bddebian.com> for dsniff >= 2.4b1, which adds |
||||||
|
a memset to correctly 0 out the C struct. |
||||||
|
|
||||||
|
--- dsniff-2.4/msgsnarf.c 2011-10-09 18:13:49.000000000 +0200 |
||||||
|
+++ dsniff-2.4/msgsnarf.c.segfault 2011-10-09 18:25:26.000000000 +0200 |
||||||
|
@@ -584,6 +584,7 @@ |
||||||
|
if (i == 0) { |
||||||
|
if ((c = malloc(sizeof(*c))) == NULL) |
||||||
|
nids_params.no_mem("sniff_msgs"); |
||||||
|
+ memset(c, 0, sizeof(*c)); |
||||||
|
c->ip = ts->addr.saddr; |
||||||
|
c->nick = strdup("unknown"); |
||||||
|
SLIST_INSERT_HEAD(&client_list, c, next); |
@ -0,0 +1,54 @@ |
|||||||
|
Patch by Steve Kemp <skx@debian.org> for dsniff >= 2.4b1, which adds a fix |
||||||
|
to work with multiple interfaces. For further information, please have a |
||||||
|
look to Debian bug ID #242369. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/arp.c 2005-06-23 03:30:37.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/arp.c.multiple_intf 2005-06-23 04:09:05.000000000 +0000 |
||||||
|
@@ -39,7 +39,7 @@ |
||||||
|
|
||||||
|
#ifdef BSD |
||||||
|
int |
||||||
|
-arp_cache_lookup(in_addr_t ip, struct ether_addr *ether) |
||||||
|
+arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* linf) |
||||||
|
{ |
||||||
|
int mib[6]; |
||||||
|
size_t len; |
||||||
|
@@ -91,7 +91,7 @@ |
||||||
|
#endif |
||||||
|
|
||||||
|
int |
||||||
|
-arp_cache_lookup(in_addr_t ip, struct ether_addr *ether) |
||||||
|
+arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* lif) |
||||||
|
{ |
||||||
|
int sock; |
||||||
|
struct arpreq ar; |
||||||
|
@@ -99,7 +99,7 @@ |
||||||
|
|
||||||
|
memset((char *)&ar, 0, sizeof(ar)); |
||||||
|
#ifdef __linux__ |
||||||
|
- strncpy(ar.arp_dev, "eth0", sizeof(ar.arp_dev)); /* XXX - *sigh* */ |
||||||
|
+ strncpy(ar.arp_dev, lif, strlen(lif)); |
||||||
|
#endif |
||||||
|
sin = (struct sockaddr_in *)&ar.arp_pa; |
||||||
|
sin->sin_family = AF_INET; |
||||||
|
--- dsniff-2.4b1/arp.h 2005-06-23 03:30:37.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/arp.h.multiple_intf 2005-06-23 04:09:07.000000000 +0000 |
||||||
|
@@ -11,6 +11,6 @@ |
||||||
|
#ifndef _ARP_H_ |
||||||
|
#define _ARP_H_ |
||||||
|
|
||||||
|
-int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether); |
||||||
|
+int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* linf); |
||||||
|
|
||||||
|
#endif /* _ARP_H_ */ |
||||||
|
--- dsniff-2.4b1/arpspoof.c 2005-06-23 03:30:37.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/arpspoof.c.mltpl_intf 2005-06-23 04:08:41.000000000 +0000 |
||||||
|
@@ -113,7 +113,7 @@ |
||||||
|
int i = 0; |
||||||
|
|
||||||
|
do { |
||||||
|
- if (arp_cache_lookup(ip, mac) == 0) |
||||||
|
+ if (arp_cache_lookup(ip, mac, intf) == 0) |
||||||
|
return (1); |
||||||
|
#ifdef __linux__ |
||||||
|
/* XXX - force the kernel to arp. feh. */ |
@ -0,0 +1,34 @@ |
|||||||
|
Patch by Luciano Bello <luciano@linux.org.ar> for dsniff >= 2.4b1, which |
||||||
|
changes according to /usr/include/time.h, CLK_TCK is the "obsolete POSIX.1- |
||||||
|
1988 name" for CLOCKS_PER_SEC. For further information, please have a look |
||||||
|
to Debian bug ID #420944. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/sshow.c 2007-06-22 15:48:00.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/sshow.c.obsolete_time 2007-08-10 19:03:30.000000000 -0300 |
||||||
|
@@ -222,7 +222,7 @@ |
||||||
|
if (debug) |
||||||
|
printf("- %s -> %s: DATA (%s bytes, %.2f seconds)\n", |
||||||
|
s_saddr(ts), s_daddr(ts), s_range(plain_range), |
||||||
|
- (float)delay / CLK_TCK); |
||||||
|
+ (float)delay / CLOCKS_PER_SEC); |
||||||
|
if (debug > 1) |
||||||
|
print_data(&ts->server, cipher_size); |
||||||
|
|
||||||
|
@@ -270,7 +270,7 @@ |
||||||
|
if (debug) |
||||||
|
printf("- %s <- %s: DATA (%s bytes, %.2f seconds)\n", |
||||||
|
s_saddr(ts), s_daddr(ts), s_range(plain_range), |
||||||
|
- (float)delay / CLK_TCK); |
||||||
|
+ (float)delay / CLOCKS_PER_SEC); |
||||||
|
if (debug > 1) |
||||||
|
print_data(&ts->client, cipher_size); |
||||||
|
|
||||||
|
@@ -299,7 +299,7 @@ |
||||||
|
|
||||||
|
if (session->state == 1 && |
||||||
|
#ifdef USE_TIMING |
||||||
|
- now - get_history(session, 2)->timestamp >= CLK_TCK && |
||||||
|
+ now - get_history(session, 2)->timestamp >= CLOCKS_PER_SEC && |
||||||
|
#endif |
||||||
|
session->protocol == 1 && |
||||||
|
(session->history.directions & 7) == 5 && |
@ -0,0 +1,13 @@ |
|||||||
|
Patch by <kees@ubuntu.com> for dsniff >= 2.4b1, which includes a missing |
||||||
|
header file to make it building. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/ssh.c 2006-10-12 13:21:57.000000000 -0700 |
||||||
|
+++ dsniff-2.4b1/ssh.c.openssl_098 2006-10-12 13:22:46.441893077 -0700 |
||||||
|
@@ -16,6 +16,7 @@ |
||||||
|
#include <openssl/ssl.h> |
||||||
|
#include <openssl/err.h> |
||||||
|
#include <openssl/rand.h> |
||||||
|
+#include <openssl/md5.h> |
||||||
|
|
||||||
|
#include <err.h> |
||||||
|
#include <errno.h> |
@ -0,0 +1,243 @@ |
|||||||
|
Patch by Christoph Biedl <debian.axhn@manchmal.in-ulm.de> for dsniff >= |
||||||
|
2.4b1, which fixes building with OpenSSL 1.1.0. Adapted for compatibility |
||||||
|
with older OpenSSL versions by Robert Scheck <robert@fedoraproject.org>. |
||||||
|
|
||||||
|
--- dsniff-2.4/ssh.c 2017-02-11 22:31:54.705269813 +0100 |
||||||
|
+++ dsniff-2.4/ssh.c.openssl_110 2017-02-11 22:45:31.193447230 +0100 |
||||||
|
@@ -234,6 +234,10 @@ |
||||||
|
u_char *p, cipher, cookie[8], msg[1024]; |
||||||
|
u_int32_t num; |
||||||
|
int i; |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ const BIGNUM *servkey_e, *servkey_n; |
||||||
|
+ const BIGNUM *hostkey_e, *hostkey_n; |
||||||
|
+#endif |
||||||
|
|
||||||
|
/* Generate anti-spoofing cookie. */ |
||||||
|
RAND_bytes(cookie, sizeof(cookie)); |
||||||
|
@@ -243,11 +247,23 @@ |
||||||
|
*p++ = SSH_SMSG_PUBLIC_KEY; /* type */ |
||||||
|
memcpy(p, cookie, 8); p += 8; /* cookie */ |
||||||
|
num = 768; PUTLONG(num, p); /* servkey bits */ |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL); |
||||||
|
+ put_bn(servkey_e, &p); /* servkey exponent */ |
||||||
|
+ put_bn(servkey_n, &p); /* servkey modulus */ |
||||||
|
+#else |
||||||
|
put_bn(ssh->ctx->servkey->e, &p); /* servkey exponent */ |
||||||
|
put_bn(ssh->ctx->servkey->n, &p); /* servkey modulus */ |
||||||
|
+#endif |
||||||
|
num = 1024; PUTLONG(num, p); /* hostkey bits */ |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL); |
||||||
|
+ put_bn(hostkey_e, &p); /* hostkey exponent */ |
||||||
|
+ put_bn(hostkey_n, &p); /* hostkey modulus */ |
||||||
|
+#else |
||||||
|
put_bn(ssh->ctx->hostkey->e, &p); /* hostkey exponent */ |
||||||
|
put_bn(ssh->ctx->hostkey->n, &p); /* hostkey modulus */ |
||||||
|
+#endif |
||||||
|
num = 0; PUTLONG(num, p); /* protocol flags */ |
||||||
|
num = ssh->ctx->encmask; PUTLONG(num, p); /* ciphers */ |
||||||
|
num = ssh->ctx->authmask; PUTLONG(num, p); /* authmask */ |
||||||
|
@@ -298,7 +314,11 @@ |
||||||
|
SKIP(p, i, 4); |
||||||
|
|
||||||
|
/* Decrypt session key. */ |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ if (BN_cmp(servkey_n, hostkey_n) > 0) { |
||||||
|
+#else |
||||||
|
if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) { |
||||||
|
+#endif |
||||||
|
rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey); |
||||||
|
rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey); |
||||||
|
} |
||||||
|
@@ -318,8 +338,13 @@ |
||||||
|
BN_clear_free(enckey); |
||||||
|
|
||||||
|
/* Derive real session key using session id. */ |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ if ((p = ssh_session_id(cookie, hostkey_n, |
||||||
|
+ servkey_n)) == NULL) { |
||||||
|
+#else |
||||||
|
if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, |
||||||
|
ssh->ctx->servkey->n)) == NULL) { |
||||||
|
+#endif |
||||||
|
warn("ssh_session_id"); |
||||||
|
return (-1); |
||||||
|
} |
||||||
|
@@ -328,10 +353,15 @@ |
||||||
|
} |
||||||
|
/* Set cipher. */ |
||||||
|
if (cipher == SSH_CIPHER_3DES) { |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ warnx("cipher 3des no longer supported"); |
||||||
|
+ return (-1); |
||||||
|
+#else |
||||||
|
ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); |
||||||
|
ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); |
||||||
|
ssh->encrypt = des3_encrypt; |
||||||
|
ssh->decrypt = des3_decrypt; |
||||||
|
+#endif |
||||||
|
} |
||||||
|
else if (cipher == SSH_CIPHER_BLOWFISH) { |
||||||
|
ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); |
||||||
|
@@ -357,6 +387,10 @@ |
||||||
|
u_char *p, cipher, cookie[8], msg[1024]; |
||||||
|
u_int32_t num; |
||||||
|
int i; |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ BIGNUM *servkey_n, *servkey_e; |
||||||
|
+ BIGNUM *hostkey_n, *hostkey_e; |
||||||
|
+#endif |
||||||
|
|
||||||
|
/* Get public key. */ |
||||||
|
if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { |
||||||
|
@@ -379,21 +413,43 @@ |
||||||
|
|
||||||
|
/* Get servkey. */ |
||||||
|
ssh->ctx->servkey = RSA_new(); |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ servkey_n = BN_new(); |
||||||
|
+ servkey_e = BN_new(); |
||||||
|
+ RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL); |
||||||
|
+#else |
||||||
|
ssh->ctx->servkey->n = BN_new(); |
||||||
|
ssh->ctx->servkey->e = BN_new(); |
||||||
|
+#endif |
||||||
|
|
||||||
|
SKIP(p, i, 4); |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ get_bn(servkey_e, &p, &i); |
||||||
|
+ get_bn(servkey_n, &p, &i); |
||||||
|
+#else |
||||||
|
get_bn(ssh->ctx->servkey->e, &p, &i); |
||||||
|
get_bn(ssh->ctx->servkey->n, &p, &i); |
||||||
|
+#endif |
||||||
|
|
||||||
|
/* Get hostkey. */ |
||||||
|
ssh->ctx->hostkey = RSA_new(); |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ hostkey_n = BN_new(); |
||||||
|
+ hostkey_e = BN_new(); |
||||||
|
+ RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL); |
||||||
|
+#else |
||||||
|
ssh->ctx->hostkey->n = BN_new(); |
||||||
|
ssh->ctx->hostkey->e = BN_new(); |
||||||
|
+#endif |
||||||
|
|
||||||
|
SKIP(p, i, 4); |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ get_bn(hostkey_e, &p, &i); |
||||||
|
+ get_bn(hostkey_n, &p, &i); |
||||||
|
+#else |
||||||
|
get_bn(ssh->ctx->hostkey->e, &p, &i); |
||||||
|
get_bn(ssh->ctx->hostkey->n, &p, &i); |
||||||
|
+#endif |
||||||
|
|
||||||
|
/* Get cipher, auth masks. */ |
||||||
|
SKIP(p, i, 4); |
||||||
|
@@ -405,8 +461,13 @@ |
||||||
|
RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey)); |
||||||
|
|
||||||
|
/* Obfuscate with session id. */ |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ if ((p = ssh_session_id(cookie, hostkey_n, |
||||||
|
+ servkey_n)) == NULL) { |
||||||
|
+#else |
||||||
|
if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, |
||||||
|
ssh->ctx->servkey->n)) == NULL) { |
||||||
|
+#endif |
||||||
|
warn("ssh_session_id"); |
||||||
|
return (-1); |
||||||
|
} |
||||||
|
@@ -422,7 +483,11 @@ |
||||||
|
else BN_add_word(bn, ssh->sesskey[i]); |
||||||
|
} |
||||||
|
/* Encrypt session key. */ |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ if (BN_cmp(servkey_n, hostkey_n) < 0) { |
||||||
|
+#else |
||||||
|
if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) { |
||||||
|
+#endif |
||||||
|
rsa_public_encrypt(bn, bn, ssh->ctx->servkey); |
||||||
|
rsa_public_encrypt(bn, bn, ssh->ctx->hostkey); |
||||||
|
} |
||||||
|
@@ -470,10 +535,15 @@ |
||||||
|
ssh->decrypt = blowfish_decrypt; |
||||||
|
} |
||||||
|
else if (cipher == SSH_CIPHER_3DES) { |
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ warnx("cipher 3des no longer supported"); |
||||||
|
+ return (-1); |
||||||
|
+#else |
||||||
|
ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); |
||||||
|
ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); |
||||||
|
ssh->encrypt = des3_encrypt; |
||||||
|
ssh->decrypt = des3_decrypt; |
||||||
|
+#endif |
||||||
|
} |
||||||
|
/* Get server response. */ |
||||||
|
if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { |
||||||
|
--- dsniff-2.4/sshcrypto.c 2017-02-11 22:31:54.688270184 +0100 |
||||||
|
+++ dsniff-2.4/sshcrypto.c.openssl_110 2017-02-11 22:35:30.594555807 +0100 |
||||||
|
@@ -28,10 +28,12 @@ |
||||||
|
u_char iv[8]; |
||||||
|
}; |
||||||
|
|
||||||
|
+#if OPENSSL_VERSION_NUMBER < 0x10100000L |
||||||
|
struct des3_state { |
||||||
|
des_key_schedule k1, k2, k3; |
||||||
|
des_cblock iv1, iv2, iv3; |
||||||
|
}; |
||||||
|
+#endif |
||||||
|
|
||||||
|
void |
||||||
|
rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) |
||||||
|
@@ -39,10 +41,20 @@ |
||||||
|
u_char *inbuf, *outbuf; |
||||||
|
int len, ilen, olen; |
||||||
|
|
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ const BIGNUM *n, *e; |
||||||
|
+ RSA_get0_key(key, &n, &e, NULL); |
||||||
|
+ if (BN_num_bits(e) < 2 || !BN_is_odd(e)) |
||||||
|
+#else |
||||||
|
if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) |
||||||
|
+#endif |
||||||
|
errx(1, "rsa_public_encrypt() exponent too small or not odd"); |
||||||
|
|
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ olen = BN_num_bytes(n); |
||||||
|
+#else |
||||||
|
olen = BN_num_bytes(key->n); |
||||||
|
+#endif |
||||||
|
outbuf = malloc(olen); |
||||||
|
|
||||||
|
ilen = BN_num_bytes(in); |
||||||
|
@@ -71,7 +83,13 @@ |
||||||
|
u_char *inbuf, *outbuf; |
||||||
|
int len, ilen, olen; |
||||||
|
|
||||||
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
||||||
|
+ const BIGNUM *n; |
||||||
|
+ RSA_get0_key(key, &n, NULL, NULL); |
||||||
|
+ olen = BN_num_bytes(n); |
||||||
|
+#else |
||||||
|
olen = BN_num_bytes(key->n); |
||||||
|
+#endif |
||||||
|
outbuf = malloc(olen); |
||||||
|
|
||||||
|
ilen = BN_num_bytes(in); |
||||||
|
@@ -146,6 +164,7 @@ |
||||||
|
swap_bytes(dst, dst, len); |
||||||
|
} |
||||||
|
|
||||||
|
+#if OPENSSL_VERSION_NUMBER < 0x10100000L |
||||||
|
/* XXX - SSH1's weirdo 3DES... */ |
||||||
|
void * |
||||||
|
des3_init(u_char *sesskey, int len) |
||||||
|
@@ -194,3 +213,4 @@ |
||||||
|
des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT); |
||||||
|
des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT); |
||||||
|
} |
||||||
|
+#endif |
@ -0,0 +1,61 @@ |
|||||||
|
Patch by Dennis Filder <d.filder@web.de> for dsniff >= 2.4b1 to resolve naming |
||||||
|
collision due to libpcap API changes. Dsniff was written with a function named |
||||||
|
pcap_init() that predates the one in libpcap and is entirely different. This patch |
||||||
|
renames it out of the way. For some more information, please have a look to Debian |
||||||
|
bug ID #980588. |
||||||
|
|
||||||
|
--- dsniff-2.4/dnsspoof.c 2021-07-25 01:00:08.445636429 +0200 |
||||||
|
+++ dsniff-2.4/dnsspoof.c.pcap_init 2021-07-25 01:00:53.540928897 +0200 |
||||||
|
@@ -309,7 +309,7 @@ |
||||||
|
else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s", |
||||||
|
libnet_addr2name4(lnet_ip, LIBNET_DONT_RESOLVE)); |
||||||
|
|
||||||
|
- if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL) |
||||||
|
+ if ((pcap_pd = pcap_init_dsniff(dev, buf, 128)) == NULL) |
||||||
|
errx(1, "couldn't initialize sniffing"); |
||||||
|
|
||||||
|
if ((pcap_off = pcap_dloff(pcap_pd)) < 0) |
||||||
|
--- dsniff-2.4/pcaputil.c 2021-07-25 01:00:08.469636585 +0200 |
||||||
|
+++ dsniff-2.4/pcaputil.c.pcap_init 2021-07-25 01:00:59.816969598 +0200 |
||||||
|
@@ -111,7 +111,7 @@ |
||||||
|
} |
||||||
|
|
||||||
|
pcap_t * |
||||||
|
-pcap_init(char *intf, char *filter, int snaplen) |
||||||
|
+pcap_init_dsniff(char *intf, char *filter, int snaplen) |
||||||
|
{ |
||||||
|
pcap_t *pd; |
||||||
|
u_int net, mask; |
||||||
|
--- dsniff-2.4/pcaputil.h 2001-03-15 09:33:06.000000000 +0100 |
||||||
|
+++ dsniff-2.4/pcaputil.h.pcap_init 2021-07-25 01:07:46.246603851 +0200 |
||||||
|
@@ -11,7 +11,7 @@ |
||||||
|
#ifndef PCAPUTIL_H |
||||||
|
#define PCAPUTIL_H |
||||||
|
|
||||||
|
-pcap_t *pcap_init(char *intf, char *filter, int snaplen); |
||||||
|
+pcap_t *pcap_init_dsniff(char *intf, char *filter, int snaplen); |
||||||
|
|
||||||
|
int pcap_dloff(pcap_t *pd); |
||||||
|
|
||||||
|
--- dsniff-2.4/tcpkill.c 2021-07-25 01:00:08.426636306 +0200 |
||||||
|
+++ dsniff-2.4/tcpkill.c.pcap_init 2021-07-25 01:01:06.728014416 +0200 |
||||||
|
@@ -130,7 +130,7 @@ |
||||||
|
|
||||||
|
filter = copy_argv(argv); |
||||||
|
|
||||||
|
- if ((pd = pcap_init(intf, filter, 64)) == NULL) |
||||||
|
+ if ((pd = pcap_init_dsniff(intf, filter, 64)) == NULL) |
||||||
|
errx(1, "couldn't initialize sniffing"); |
||||||
|
|
||||||
|
if ((pcap_off = pcap_dloff(pd)) < 0) |
||||||
|
--- dsniff-2.4/tcpnice.c 2021-07-25 01:00:08.426636306 +0200 |
||||||
|
+++ dsniff-2.4/tcpnice.c.pcap_init 2021-07-25 01:01:13.816060381 +0200 |
||||||
|
@@ -204,7 +204,7 @@ |
||||||
|
|
||||||
|
filter = copy_argv(argv); |
||||||
|
|
||||||
|
- if ((pd = pcap_init(intf, filter, 128)) == NULL) |
||||||
|
+ if ((pd = pcap_init_dsniff(intf, filter, 128)) == NULL) |
||||||
|
errx(1, "couldn't initialize sniffing"); |
||||||
|
|
||||||
|
if ((pcap_off = pcap_dloff(pd)) < 0) |
@ -0,0 +1,531 @@ |
|||||||
|
Patch by Joseph Battaglia <sephail@sephail.net> and Joshua Krage |
||||||
|
<jkrage@guisarme.us> for dsniff >= 2.4b1, which allows the reading of |
||||||
|
saved PCAP capture files. For further information, please have a look |
||||||
|
to Debian bug ID #153462 and #298604. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/dsniff.8 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/dsniff.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -10,7 +10,7 @@ |
||||||
|
.nf |
||||||
|
.fi |
||||||
|
\fBdsniff\fR [\fB-c\fR] [\fB-d\fR] [\fB-m\fR] [\fB-n\fR] [\fB-i |
||||||
|
-\fIinterface\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] |
||||||
|
+\fIinterface\fR | \fB-p \fIpcapfile\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] |
||||||
|
[\fB-t \fItrigger[,...]\fR]] |
||||||
|
[\fB-r\fR|\fB-w\fR \fIsavefile\fR] [\fIexpression\fR] |
||||||
|
.SH DESCRIPTION |
||||||
|
@@ -45,6 +45,9 @@ |
||||||
|
Do not resolve IP addresses to hostnames. |
||||||
|
.IP "\fB-i \fIinterface\fR" |
||||||
|
Specify the interface to listen on. |
||||||
|
+.IP "\fB-p \fIpcapfile\fR" |
||||||
|
+Rather than processing the contents of packets observed upon the network |
||||||
|
+process the given PCAP capture file. |
||||||
|
.IP "\fB-s \fIsnaplen\fR" |
||||||
|
Analyze at most the first \fIsnaplen\fR bytes of each TCP connection, |
||||||
|
rather than the default of 1024. |
||||||
|
--- dsniff-2.4b1/dsniff.c 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/dsniff.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -46,8 +46,9 @@ |
||||||
|
usage(void) |
||||||
|
{ |
||||||
|
fprintf(stderr, "Version: " VERSION "\n" |
||||||
|
- "Usage: dsniff [-cdmn] [-i interface] [-s snaplen] [-f services]\n" |
||||||
|
- " [-t trigger[,...]] [-r|-w savefile] [expression]\n"); |
||||||
|
+ "Usage: dsniff [-cdmn] [-i interface | -p pcapfile] [-s snaplen]\n" |
||||||
|
+ " [-f services] [-t trigger[,...]] [-r|-w savefile]\n" |
||||||
|
+ " [expression]\n"); |
||||||
|
exit(1); |
||||||
|
} |
||||||
|
|
||||||
|
@@ -79,7 +80,7 @@ |
||||||
|
|
||||||
|
services = savefile = triggers = NULL; |
||||||
|
|
||||||
|
- while ((c = getopt(argc, argv, "cdf:i:mnr:s:t:w:h?V")) != -1) { |
||||||
|
+ while ((c = getopt(argc, argv, "cdf:i:mnp:r:s:t:w:h?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'c': |
||||||
|
Opt_client = 1; |
||||||
|
@@ -99,6 +100,9 @@ |
||||||
|
case 'n': |
||||||
|
Opt_dns = 0; |
||||||
|
break; |
||||||
|
+ case 'p': |
||||||
|
+ nids_params.filename = optarg; |
||||||
|
+ break; |
||||||
|
case 'r': |
||||||
|
Opt_read = 1; |
||||||
|
savefile = optarg; |
||||||
|
@@ -168,10 +172,23 @@ |
||||||
|
else nids_register_tcp(trigger_tcp); |
||||||
|
|
||||||
|
if (nids_params.pcap_filter != NULL) { |
||||||
|
- warnx("listening on %s [%s]", nids_params.device, |
||||||
|
- nids_params.pcap_filter); |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s [%s]", nids_params.device, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s [%s]", nids_params.filename, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s", nids_params.device); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s", nids_params.filename); |
||||||
|
+ } |
||||||
|
} |
||||||
|
- else warnx("listening on %s", nids_params.device); |
||||||
|
|
||||||
|
nids_run(); |
||||||
|
|
||||||
|
--- dsniff-2.4b1/filesnarf.8 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/filesnarf.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -9,7 +9,7 @@ |
||||||
|
.na |
||||||
|
.nf |
||||||
|
.fi |
||||||
|
-\fBfilesnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] |
||||||
|
+\fBfilesnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] |
||||||
|
.SH DESCRIPTION |
||||||
|
.ad |
||||||
|
.fi |
||||||
|
@@ -18,6 +18,8 @@ |
||||||
|
.SH OPTIONS |
||||||
|
.IP "\fB-i \fIinterface\fR" |
||||||
|
Specify the interface to listen on. |
||||||
|
+.IP "\fB-p \fIpcapfile\fR" |
||||||
|
+Process packets from the specified PCAP capture file instead of the network. |
||||||
|
.IP \fB-v\fR |
||||||
|
"Versus" mode. Invert the sense of matching, to select non-matching |
||||||
|
files. |
||||||
|
--- dsniff-2.4b1/filesnarf.c 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/filesnarf.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -51,7 +51,7 @@ |
||||||
|
usage(void) |
||||||
|
{ |
||||||
|
fprintf(stderr, "Version: " VERSION "\n" |
||||||
|
- "Usage: filesnarf [-i interface] [[-v] pattern [expression]]\n"); |
||||||
|
+ "Usage: filesnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); |
||||||
|
exit(1); |
||||||
|
} |
||||||
|
|
||||||
|
@@ -464,11 +464,14 @@ |
||||||
|
extern int optind; |
||||||
|
int c; |
||||||
|
|
||||||
|
- while ((c = getopt(argc, argv, "i:vh?V")) != -1) { |
||||||
|
+ while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'i': |
||||||
|
nids_params.device = optarg; |
||||||
|
break; |
||||||
|
+ case 'p': |
||||||
|
+ nids_params.filename = optarg; |
||||||
|
+ break; |
||||||
|
case 'v': |
||||||
|
Opt_invert = 1; |
||||||
|
break; |
||||||
|
@@ -498,11 +501,24 @@ |
||||||
|
nids_register_ip(decode_udp_nfs); |
||||||
|
nids_register_tcp(decode_tcp_nfs); |
||||||
|
|
||||||
|
- if (nids_params.pcap_filter != NULL) { |
||||||
|
- warnx("listening on %s [%s]", nids_params.device, |
||||||
|
- nids_params.pcap_filter); |
||||||
|
- } |
||||||
|
- else warnx("listening on %s", nids_params.device); |
||||||
|
+ if (nids_params.pcap_filter != NULL) { |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s [%s]", nids_params.device, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s [%s]", nids_params.filename, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s", nids_params.device); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s", nids_params.filename); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
|
||||||
|
nids_run(); |
||||||
|
|
||||||
|
--- dsniff-2.4b1/mailsnarf.8 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/mailsnarf.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -9,7 +9,7 @@ |
||||||
|
.na |
||||||
|
.nf |
||||||
|
.fi |
||||||
|
-\fBmailsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] |
||||||
|
+\fBmailsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] |
||||||
|
.SH DESCRIPTION |
||||||
|
.ad |
||||||
|
.fi |
||||||
|
@@ -19,6 +19,8 @@ |
||||||
|
.SH OPTIONS |
||||||
|
.IP "\fB-i \fIinterface\fR" |
||||||
|
Specify the interface to listen on. |
||||||
|
+.IP "\fB-p \fIpcapfile\fR" |
||||||
|
+Process packets from the specified PCAP capture file instead of the network. |
||||||
|
.IP \fB-v\fR |
||||||
|
"Versus" mode. Invert the sense of matching, to select non-matching |
||||||
|
messages. |
||||||
|
--- dsniff-2.4b1/mailsnarf.c 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/mailsnarf.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -59,7 +59,7 @@ |
||||||
|
usage(void) |
||||||
|
{ |
||||||
|
fprintf(stderr, "Version: " VERSION "\n" |
||||||
|
- "Usage: mailsnarf [-i interface] [[-v] pattern [expression]]\n"); |
||||||
|
+ "Usage: mailsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); |
||||||
|
exit(1); |
||||||
|
} |
||||||
|
|
||||||
|
@@ -344,11 +344,14 @@ |
||||||
|
extern int optind; |
||||||
|
int c; |
||||||
|
|
||||||
|
- while ((c = getopt(argc, argv, "i:vh?V")) != -1) { |
||||||
|
+ while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'i': |
||||||
|
nids_params.device = optarg; |
||||||
|
break; |
||||||
|
+ case 'p': |
||||||
|
+ nids_params.filename = optarg; |
||||||
|
+ break; |
||||||
|
case 'v': |
||||||
|
Opt_invert = 1; |
||||||
|
break; |
||||||
|
@@ -378,10 +381,23 @@ |
||||||
|
nids_register_tcp(sniff_pop_session); |
||||||
|
|
||||||
|
if (nids_params.pcap_filter != NULL) { |
||||||
|
- warnx("listening on %s [%s]", nids_params.device, |
||||||
|
- nids_params.pcap_filter); |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s [%s]", nids_params.device, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s [%s]", nids_params.filename, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
} |
||||||
|
- else warnx("listening on %s", nids_params.device); |
||||||
|
+ else { |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s", nids_params.device); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s", nids_params.filename); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
|
||||||
|
nids_run(); |
||||||
|
|
||||||
|
--- dsniff-2.4b1/msgsnarf.8 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/msgsnarf.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -9,7 +9,7 @@ |
||||||
|
.na |
||||||
|
.nf |
||||||
|
.fi |
||||||
|
-\fBmsgsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] |
||||||
|
+\fBmsgsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] |
||||||
|
.SH DESCRIPTION |
||||||
|
.ad |
||||||
|
.fi |
||||||
|
@@ -19,6 +19,8 @@ |
||||||
|
.SH OPTIONS |
||||||
|
.IP "\fB-i \fIinterface\fR" |
||||||
|
Specify the interface to listen on. |
||||||
|
+.IP "\fB-p \fIpcapfile\fR" |
||||||
|
+Process packets from the specified PCAP capture file instead of the network. |
||||||
|
.IP \fB-v\fR |
||||||
|
"Versus" mode. Invert the sense of matching, to select non-matching |
||||||
|
messages. |
||||||
|
--- dsniff-2.4b1/msgsnarf.c 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/msgsnarf.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -45,7 +45,7 @@ |
||||||
|
usage(void) |
||||||
|
{ |
||||||
|
fprintf(stderr, "Version: " VERSION "\n" |
||||||
|
- "Usage: msgsnarf [-i interface] [[-v] pattern [expression]]\n"); |
||||||
|
+ "Usage: msgsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); |
||||||
|
exit(1); |
||||||
|
} |
||||||
|
|
||||||
|
@@ -633,11 +633,14 @@ |
||||||
|
extern int optind; |
||||||
|
int c; |
||||||
|
|
||||||
|
- while ((c = getopt(argc, argv, "i:hv?V")) != -1) { |
||||||
|
+ while ((c = getopt(argc, argv, "i:p:hv?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'i': |
||||||
|
nids_params.device = optarg; |
||||||
|
break; |
||||||
|
+ case 'p': |
||||||
|
+ nids_params.filename = optarg; |
||||||
|
+ break; |
||||||
|
case 'v': |
||||||
|
Opt_invert = 1; |
||||||
|
break; |
||||||
|
@@ -666,11 +669,24 @@ |
||||||
|
|
||||||
|
nids_register_tcp(sniff_msgs); |
||||||
|
|
||||||
|
- if (nids_params.pcap_filter != NULL) { |
||||||
|
- warnx("listening on %s [%s]", nids_params.device, |
||||||
|
- nids_params.pcap_filter); |
||||||
|
- } |
||||||
|
- else warnx("listening on %s", nids_params.device); |
||||||
|
+ if (nids_params.pcap_filter != NULL) { |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s [%s]", nids_params.device, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s [%s]", nids_params.filename, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s", nids_params.device); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s", nids_params.filename); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
|
||||||
|
nids_run(); |
||||||
|
|
||||||
|
--- dsniff-2.4b1/sshow.8 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/sshow.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -9,7 +9,7 @@ |
||||||
|
.na |
||||||
|
.nf |
||||||
|
.fi |
||||||
|
-\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR] [\fIexpression\fR] |
||||||
|
+\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [\fIexpression\fR] |
||||||
|
.SH DESCRIPTION |
||||||
|
.ad |
||||||
|
.fi |
||||||
|
@@ -28,6 +28,8 @@ |
||||||
|
Enable verbose debugging output. |
||||||
|
.IP "\fB-i \fIinterface\fR" |
||||||
|
Specify the interface to listen on. |
||||||
|
+.IP "\fB-p \fIpcapfile\fR" |
||||||
|
+Process packets from the specified PCAP capture file instead of the network. |
||||||
|
.IP "\fIexpression\fR" |
||||||
|
Specify a tcpdump(8) filter expression to select traffic to sniff. |
||||||
|
.SH "SEE ALSO" |
||||||
|
--- dsniff-2.4b1/sshow.c 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/sshow.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -82,7 +82,7 @@ |
||||||
|
static void |
||||||
|
usage(void) |
||||||
|
{ |
||||||
|
- fprintf(stderr, "Usage: sshow [-d] [-i interface]\n"); |
||||||
|
+ fprintf(stderr, "Usage: sshow [-d] [-i interface | -p pcapfile]\n"); |
||||||
|
exit(1); |
||||||
|
} |
||||||
|
|
||||||
|
@@ -616,7 +616,7 @@ |
||||||
|
extern int optind; |
||||||
|
int c; |
||||||
|
|
||||||
|
- while ((c = getopt(argc, argv, "di:h?")) != -1) { |
||||||
|
+ while ((c = getopt(argc, argv, "di:p:h?")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'd': |
||||||
|
debug++; |
||||||
|
@@ -624,6 +624,9 @@ |
||||||
|
case 'i': |
||||||
|
nids_params.device = optarg; |
||||||
|
break; |
||||||
|
+ case 'p': |
||||||
|
+ nids_params.filename = optarg; |
||||||
|
+ break; |
||||||
|
default: |
||||||
|
usage(); |
||||||
|
break; |
||||||
|
@@ -652,11 +655,24 @@ |
||||||
|
|
||||||
|
nids_register_tcp(process_event); |
||||||
|
|
||||||
|
- if (nids_params.pcap_filter != NULL) { |
||||||
|
- warnx("listening on %s [%s]", nids_params.device, |
||||||
|
- nids_params.pcap_filter); |
||||||
|
- } |
||||||
|
- else warnx("listening on %s", nids_params.device); |
||||||
|
+ if (nids_params.pcap_filter != NULL) { |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s [%s]", nids_params.device, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s [%s]", nids_params.filename, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s", nids_params.device); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s", nids_params.filename); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
|
||||||
|
nids_run(); |
||||||
|
|
||||||
|
--- dsniff-2.4b1/urlsnarf.8 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/urlsnarf.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -9,7 +9,7 @@ |
||||||
|
.na |
||||||
|
.nf |
||||||
|
.fi |
||||||
|
-\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] |
||||||
|
+\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] |
||||||
|
.SH DESCRIPTION |
||||||
|
.ad |
||||||
|
.fi |
||||||
|
@@ -21,6 +21,9 @@ |
||||||
|
.IP \fB-n\fR |
||||||
|
Do not resolve IP addresses to hostnames. |
||||||
|
.IP "\fB-i \fIinterface\fR" |
||||||
|
+Specify the interface to listen on. |
||||||
|
+.IP "\fB-p \fIpcapfile\fR" |
||||||
|
+Process packets from the specified PCAP capture file instead of the network. |
||||||
|
.IP \fB-v\fR |
||||||
|
"Versus" mode. Invert the sense of matching, to select non-matching |
||||||
|
URLs. |
||||||
|
--- dsniff-2.4b1/urlsnarf.c 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/urlsnarf.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -41,7 +41,7 @@ |
||||||
|
usage(void) |
||||||
|
{ |
||||||
|
fprintf(stderr, "Version: " VERSION "\n" |
||||||
|
- "Usage: urlsnarf [-n] [-i interface] [[-v] pattern [expression]]\n"); |
||||||
|
+ "Usage: urlsnarf [-n] [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); |
||||||
|
exit(1); |
||||||
|
} |
||||||
|
|
||||||
|
@@ -201,11 +201,14 @@ |
||||||
|
extern int optind; |
||||||
|
int c; |
||||||
|
|
||||||
|
- while ((c = getopt(argc, argv, "i:nvh?V")) != -1) { |
||||||
|
+ while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'i': |
||||||
|
nids_params.device = optarg; |
||||||
|
break; |
||||||
|
+ case 'p': |
||||||
|
+ nids_params.filename = optarg; |
||||||
|
+ break; |
||||||
|
case 'n': |
||||||
|
Opt_dns = 0; |
||||||
|
break; |
||||||
|
@@ -238,8 +241,24 @@ |
||||||
|
|
||||||
|
nids_register_tcp(sniff_http_client); |
||||||
|
|
||||||
|
- warnx("listening on %s [%s]", nids_params.device, |
||||||
|
- nids_params.pcap_filter); |
||||||
|
+ if (nids_params.pcap_filter != NULL) { |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s [%s]", nids_params.device, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s [%s]", nids_params.filename, |
||||||
|
+ nids_params.pcap_filter); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s", nids_params.device); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s", nids_params.filename); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
|
||||||
|
nids_run(); |
||||||
|
|
||||||
|
--- dsniff-2.4b1/webspy.8 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/webspy.8.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -9,7 +9,7 @@ |
||||||
|
.na |
||||||
|
.nf |
||||||
|
.fi |
||||||
|
-\fBwebspy\fR [\fB-i \fIinterface\fR] \fIhost\fR |
||||||
|
+\fBwebspy\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] \fIhost\fR |
||||||
|
.SH DESCRIPTION |
||||||
|
.ad |
||||||
|
.fi |
||||||
|
@@ -20,6 +20,8 @@ |
||||||
|
.SH OPTIONS |
||||||
|
.IP "\fB-i \fIinterface\fR" |
||||||
|
Specify the interface to listen on. |
||||||
|
+.IP "\fB-p \fIpcapfile\fR" |
||||||
|
+Process packets from the specified PCAP capture file instead of the network. |
||||||
|
.IP \fIhost\fR |
||||||
|
Specify the web client to spy on. |
||||||
|
.SH "SEE ALSO" |
||||||
|
--- dsniff-2.4b1/webspy.c 2005-07-11 20:41:14.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/webspy.c.pcap_dump 2005-07-11 20:41:18.000000000 +0000 |
||||||
|
@@ -42,7 +42,7 @@ |
||||||
|
usage(void) |
||||||
|
{ |
||||||
|
fprintf(stderr, "Version: " VERSION "\n" |
||||||
|
- "Usage: %s [-i interface] host\n", progname); |
||||||
|
+ "Usage: %s [-i interface | -p pcapfile] host\n", progname); |
||||||
|
exit(1); |
||||||
|
} |
||||||
|
|
||||||
|
@@ -184,11 +184,14 @@ |
||||||
|
extern int optind; |
||||||
|
int c; |
||||||
|
|
||||||
|
- while ((c = getopt(argc, argv, "i:h?V")) != -1) { |
||||||
|
+ while ((c = getopt(argc, argv, "i:p:h?V")) != -1) { |
||||||
|
switch (c) { |
||||||
|
case 'i': |
||||||
|
nids_params.device = optarg; |
||||||
|
break; |
||||||
|
+ case 'p': |
||||||
|
+ nids_params.filename = optarg; |
||||||
|
+ break; |
||||||
|
default: |
||||||
|
usage(); |
||||||
|
} |
||||||
|
@@ -216,7 +219,13 @@ |
||||||
|
|
||||||
|
nids_register_tcp(sniff_http_client); |
||||||
|
|
||||||
|
- warnx("listening on %s", nids_params.device); |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ warnx("listening on %s", nids_params.device); |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ warnx("using %s", nids_params.filename); |
||||||
|
+ } |
||||||
|
+ |
||||||
|
|
||||||
|
nids_run(); |
||||||
|
|
@ -0,0 +1,15 @@ |
|||||||
|
Patch by Matthew Boyle <mlb@decisionsoft.co.uk> for dsniff >= 2.4b1 which corrects |
||||||
|
the incorrect bit-shift in pntohl(), the left-shift should be 8 bits, not 18. For |
||||||
|
further information please have a look to Red Hat Bugzilla ID #714958 and #850496. |
||||||
|
|
||||||
|
--- dsniff-2.4/decode.h 2001-03-15 09:33:06.000000000 +0100 |
||||||
|
+++ dsniff-2.4/decode.h.pntohl_shift 2013-12-20 22:16:52.000000000 +0100 |
||||||
|
@@ -35,7 +35,7 @@ |
||||||
|
(u_short)*((u_char *)p+0)<<8)) |
||||||
|
|
||||||
|
#define pntohl(p) ((u_int32_t)*((u_char *)p+3)<<0| \ |
||||||
|
- (u_int32_t)*((u_char *)p+2)<<18| \ |
||||||
|
+ (u_int32_t)*((u_char *)p+2)<<8| \ |
||||||
|
(u_int32_t)*((u_char *)p+1)<<16| \ |
||||||
|
(u_int32_t)*((u_char *)p+0)<<24) |
||||||
|
|
@ -0,0 +1,28 @@ |
|||||||
|
Patch by Luciano Bello <luciano@linux.org.ar> for dsniff >= 2.4b1, which |
||||||
|
allows to distinguish between different POP versions. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/decode.c 2007-08-11 18:43:41.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode.c.pop_version 2007-08-11 19:01:08.000000000 -0300 |
||||||
|
@@ -63,7 +63,8 @@ |
||||||
|
{ "http", decode_http }, |
||||||
|
{ "ospf", decode_ospf }, |
||||||
|
{ "poppass", decode_poppass }, |
||||||
|
- { "pop", decode_pop }, |
||||||
|
+ { "pop2", decode_pop }, |
||||||
|
+ { "pop3", decode_pop }, |
||||||
|
{ "nntp", decode_nntp }, |
||||||
|
{ "smb", decode_smb }, |
||||||
|
{ "imap", decode_imap }, |
||||||
|
--- dsniff-2.4b1/dsniff.services 2007-08-11 18:43:41.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/dsniff.services.pop 2007-08-11 19:00:21.000000000 -0300 |
||||||
|
@@ -10,8 +10,8 @@ |
||||||
|
ospf 89/ip |
||||||
|
http 98/tcp |
||||||
|
poppass 106/tcp |
||||||
|
-pop 109/tcp |
||||||
|
-pop 110/tcp |
||||||
|
+pop2 109/tcp |
||||||
|
+pop3 110/tcp |
||||||
|
portmap 111/tcp |
||||||
|
portmap -111/tcp |
||||||
|
portmap 111/udp |
@ -0,0 +1,14 @@ |
|||||||
|
Patch by Marcos Fouces <mfouces@yahoo.es> for dsniff >= 2.4b1, which fixes |
||||||
|
a minor spelling error in source code. |
||||||
|
|
||||||
|
--- dsniff-2.4/remote.c 2000-11-14 16:51:04.000000000 +0100 |
||||||
|
+++ dsniff-2.4/remote.c.remote_typo 2017-02-11 23:03:25.420064992 +0100 |
||||||
|
@@ -652,7 +652,7 @@ |
||||||
|
if (remote_command_count > 0) |
||||||
|
{ |
||||||
|
fprintf (stderr, |
||||||
|
- "%s: the `-id' option must preceed all `-remote' options.\n", |
||||||
|
+ "%s: the `-id' option must precede all `-remote' options.\n", |
||||||
|
progname); |
||||||
|
usage (); |
||||||
|
exit (-1); |
@ -0,0 +1,17 @@ |
|||||||
|
Patch based on suggestion by Matthew Boyle <mlb@decisionsoft.co.uk> for dsniff >= |
||||||
|
2.4b1 which avoids xdrs being used without being initialised first. Without this |
||||||
|
patch dsniff segfaults when decoding RPC packets on x86_64. For further information |
||||||
|
please also have a look to Red Hat Bugzilla ID #715042 and #850494. |
||||||
|
|
||||||
|
--- dsniff-2.4/rpc.c 2001-03-15 09:33:04.000000000 +0100 |
||||||
|
+++ dsniff-2.4/rpc.c.rpc_segfault 2013-12-20 22:49:34.000000000 +0100 |
||||||
|
@@ -125,6 +125,9 @@ |
||||||
|
return (0); |
||||||
|
} |
||||||
|
} |
||||||
|
+ else |
||||||
|
+ return (0); |
||||||
|
+ |
||||||
|
stat = xdr_getpos(&xdrs); |
||||||
|
xdr_destroy(&xdrs); |
||||||
|
|
@ -0,0 +1,70 @@ |
|||||||
|
Patch by Robert Scheck <robert@fedoraproject.org> for dsniff >= 2.4b1 which |
||||||
|
ensures when building using %{?_smp_mflags} that libmissing.a is built when |
||||||
|
its being used for linking. |
||||||
|
|
||||||
|
--- dsniff-2.4/Makefile.in 2018-07-14 02:54:20.405095355 +0200 |
||||||
|
+++ dsniff-2.4/Makefile.in.smp_mflags 2018-07-14 02:54:44.973245128 +0200 |
||||||
|
@@ -92,49 +92,49 @@ |
||||||
|
ar -cr $@ $(LIBOBJS) |
||||||
|
$(RANLIB) $@ |
||||||
|
|
||||||
|
-dsniff: $(HDRS) $(SRCS) $(OBJS) |
||||||
|
+dsniff: $(HDRS) $(SRCS) $(OBJS) libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) |
||||||
|
|
||||||
|
-arpspoof: arpspoof.o arp.o |
||||||
|
+arpspoof: arpspoof.o arp.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(LIBS) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
-dnsspoof: dnsspoof.o pcaputil.o |
||||||
|
+dnsspoof: dnsspoof.o pcaputil.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ dnsspoof.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
-filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o |
||||||
|
+filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
-macof: macof.o |
||||||
|
+macof: macof.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ macof.o $(LIBS) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
-mailsnarf: mailsnarf.o buf.o pcaputil.o |
||||||
|
+mailsnarf: mailsnarf.o buf.o pcaputil.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ mailsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
-msgsnarf: msgsnarf.o buf.o pcaputil.o |
||||||
|
+msgsnarf: msgsnarf.o buf.o pcaputil.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
-sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o |
||||||
|
+sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) |
||||||
|
|
||||||
|
-sshow: sshow.o pcaputil.o |
||||||
|
+sshow: sshow.o pcaputil.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
-tcpkill: tcpkill.o pcaputil.o |
||||||
|
+tcpkill: tcpkill.o pcaputil.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ tcpkill.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
-tcpnice: tcpnice.o pcaputil.o |
||||||
|
+tcpnice: tcpnice.o pcaputil.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ tcpnice.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
tcphijack: tcphijack.o pcaputil.o |
||||||
|
$(CC) $(LDFLAGS) -o $@ tcphijack.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
-urlsnarf: urlsnarf.o base64.o buf.o pcaputil.o |
||||||
|
+urlsnarf: urlsnarf.o base64.o buf.o pcaputil.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) |
||||||
|
|
||||||
|
-webmitm: webmitm.o base64.o buf.o decode_http.o record.o |
||||||
|
+webmitm: webmitm.o base64.o buf.o decode_http.o record.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) |
||||||
|
|
||||||
|
-webspy: webspy.o base64.o buf.o remote.o |
||||||
|
+webspy: webspy.o base64.o buf.o remote.o libmissing.a |
||||||
|
$(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB) |
||||||
|
|
||||||
|
install: |
@ -0,0 +1,14 @@ |
|||||||
|
Patch by Steve Kemp <skx@debian.org> for dsniff >= 2.4b1, which adds the |
||||||
|
missing OpenSSL includes for header files. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/sshcrypto.c 2006-11-02 23:41:11.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/sshcrypto.c.sshcrypto 2006-11-02 23:41:55.000000000 -0300 |
||||||
|
@@ -14,6 +14,8 @@ |
||||||
|
|
||||||
|
#include <sys/types.h> |
||||||
|
#include <openssl/ssl.h> |
||||||
|
+#include <openssl/blowfish.h> |
||||||
|
+#include <openssl/des.h> |
||||||
|
|
||||||
|
#include <err.h> |
||||||
|
#include <stdio.h> |
@ -0,0 +1,164 @@ |
|||||||
|
Patch by Luciano Bello <luciano@linux.org.ar> for dsniff >= 2.4b1, which |
||||||
|
adds missing includes of the string header file. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/arp.c 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/arp.c.string_header 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -34,6 +34,7 @@ |
||||||
|
#include <stdio.h> |
||||||
|
#include <stdlib.h> |
||||||
|
#include <unistd.h> |
||||||
|
+#include <string.h> |
||||||
|
|
||||||
|
#include "arp.h" |
||||||
|
|
||||||
|
--- dsniff-2.4b1/buf.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/buf.c.string_header 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -17,6 +17,7 @@ |
||||||
|
#include <unistd.h> |
||||||
|
#include <ctype.h> |
||||||
|
#include <err.h> |
||||||
|
+#include <string.h> |
||||||
|
|
||||||
|
#include "buf.h" |
||||||
|
|
||||||
|
--- dsniff-2.4b1/decode_nntp.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_nntp.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -15,6 +15,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcat.h> |
||||||
|
|
||||||
|
#include "base64.h" |
||||||
|
#include "decode.h" |
||||||
|
--- dsniff-2.4b1/decode_pop.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_pop.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -14,6 +14,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcat.h> |
||||||
|
|
||||||
|
#include "base64.h" |
||||||
|
#include "options.h" |
||||||
|
--- dsniff-2.4b1/decode_rlogin.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_rlogin.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -14,6 +14,8 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcpy.h> |
||||||
|
+#include <strlcat.h> |
||||||
|
|
||||||
|
#include "options.h" |
||||||
|
#include "decode.h" |
||||||
|
--- dsniff-2.4b1/decode_smb.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_smb.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -15,6 +15,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcat.h> |
||||||
|
|
||||||
|
#include "decode.h" |
||||||
|
|
||||||
|
--- dsniff-2.4b1/decode_smtp.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_smtp.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -14,6 +14,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcat.h> |
||||||
|
|
||||||
|
#include "base64.h" |
||||||
|
#include "options.h" |
||||||
|
--- dsniff-2.4b1/decode_sniffer.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_sniffer.c.str 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -15,6 +15,8 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcat.h> |
||||||
|
+#include <strlcpy.h> |
||||||
|
|
||||||
|
#include "base64.h" |
||||||
|
#include "decode.h" |
||||||
|
--- dsniff-2.4b1/decode_socks.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_socks.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -14,6 +14,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcat.h> |
||||||
|
|
||||||
|
#include "decode.h" |
||||||
|
|
||||||
|
--- dsniff-2.4b1/decode_tds.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_tds.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -18,6 +18,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcat.h> |
||||||
|
|
||||||
|
#include "decode.h" |
||||||
|
|
||||||
|
--- dsniff-2.4b1/decode_telnet.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_telnet.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -14,6 +14,7 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcpy.h> |
||||||
|
|
||||||
|
#include "options.h" |
||||||
|
#include "decode.h" |
||||||
|
--- dsniff-2.4b1/decode_x11.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/decode_x11.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -14,6 +14,8 @@ |
||||||
|
|
||||||
|
#include <stdio.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcat.h> |
||||||
|
+#include <strlcpy.h> |
||||||
|
|
||||||
|
#include "decode.h" |
||||||
|
|
||||||
|
--- dsniff-2.4b1/dnsspoof.c 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/dnsspoof.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -20,6 +20,7 @@ |
||||||
|
#include <stdlib.h> |
||||||
|
#include <signal.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcpy.h> |
||||||
|
#include <resolv.h> |
||||||
|
#include <err.h> |
||||||
|
#include <libnet.h> |
||||||
|
--- dsniff-2.4b1/magic.c 2007-06-17 16:22:39.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/magic.c.string_header 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -36,6 +36,7 @@ |
||||||
|
#include <stdio.h> |
||||||
|
#include <stdlib.h> |
||||||
|
#include <string.h> |
||||||
|
+#include <strlcpy.h> |
||||||
|
#include <ctype.h> |
||||||
|
#include <time.h> |
||||||
|
#include <err.h> |
||||||
|
--- dsniff-2.4b1/sshmitm.c 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/sshmitm.c.string 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -24,6 +24,7 @@ |
||||||
|
#include <stdio.h> |
||||||
|
#include <stdlib.h> |
||||||
|
#include <unistd.h> |
||||||
|
+#include <strlcat.h> |
||||||
|
|
||||||
|
#include "buf.h" |
||||||
|
#include "record.h" |
||||||
|
--- dsniff-2.4b1/missing/strlcat.h 1969-12-31 21:00:00.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/missing/strlcat.h.str 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -0,0 +1 @@ |
||||||
|
+size_t strlcat(char *dst, const char *src, size_t siz); |
||||||
|
--- dsniff-2.4b1/missing/strlcpy.h 1969-12-31 21:00:00.000000000 -0300 |
||||||
|
+++ dsniff-2.4b1/missing/strlcpy.h.str 2007-06-17 16:22:49.000000000 -0300 |
||||||
|
@@ -0,0 +1 @@ |
||||||
|
+size_t strlcpy(char *dst, const char *src, size_t siz); |
@ -0,0 +1,26 @@ |
|||||||
|
Patch by <kees@ubuntu.com> for dsniff >= 2.4b1, which adds a clock fix. It |
||||||
|
was improved by Robert Scheck <robert@fedoraproject.org> to work with older |
||||||
|
Linux kernel versions, too. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/sshow.c 2007-12-03 23:50:12.000000000 +0100 |
||||||
|
+++ dsniff-2.4b1/sshow.c.sysconf_clocks 2007-12-03 23:53:12.000000000 +0100 |
||||||
|
@@ -217,6 +217,9 @@ |
||||||
|
{ |
||||||
|
clock_t delay; |
||||||
|
int payload; |
||||||
|
+#if defined(_SC_CLK_TCK) |
||||||
|
+ long CLK_TCK = sysconf(_SC_CLK_TCK); |
||||||
|
+#endif |
||||||
|
|
||||||
|
delay = add_history(session, 0, cipher_size, plain_range); |
||||||
|
|
||||||
|
@@ -265,6 +268,9 @@ |
||||||
|
clock_t delay; |
||||||
|
int skip; |
||||||
|
range string_range; |
||||||
|
+#if defined(_SC_CLK_TCK) |
||||||
|
+ long CLK_TCK = sysconf(_SC_CLK_TCK); |
||||||
|
+#endif |
||||||
|
|
||||||
|
delay = add_history(session, 1, cipher_size, plain_range); |
||||||
|
|
@ -0,0 +1,19 @@ |
|||||||
|
Patch by Hilko Bengen <bengen@debian.org> for dsniff >= 2.4b1, to avoid a |
||||||
|
possible DoS opportunity in the Tabular Data Stream protocol handler. For |
||||||
|
further information, please have a look to the Debian bug ID #609988 and |
||||||
|
#712648. |
||||||
|
|
||||||
|
--- dsniff-2.4/decode_tds.c 2013-12-19 23:36:26.000000000 +0100 |
||||||
|
+++ dsniff-2.4/decode_tds.c.tds_decoder 2013-12-19 23:38:01.000000000 +0100 |
||||||
|
@@ -144,6 +144,11 @@ |
||||||
|
len > sizeof(*th) && len >= ntohs(th->size); |
||||||
|
buf += ntohs(th->size), len -= ntohs(th->size)) { |
||||||
|
|
||||||
|
+ if (th->size != 8) { |
||||||
|
+ /* wrong header length */ |
||||||
|
+ break; |
||||||
|
+ } |
||||||
|
+ |
||||||
|
if (th->type == 2) { |
||||||
|
/* Version 4.x, 5.0 */ |
||||||
|
if (len < sizeof(*th) + sizeof(*tl)) |
@ -0,0 +1,24 @@ |
|||||||
|
Patch by Steve Kemp <skx@debian.org> for dsniff >= 2.4b1, which adds an |
||||||
|
include of <time.h> to fix a segfault on some architectures. For further |
||||||
|
information, please have a look to Debian bug ID #315969. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/msgsnarf.c 2001-03-15 08:33:04.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/msgsnarf.c.time_h 2005-07-11 20:15:50.000000000 +0000 |
||||||
|
@@ -23,6 +23,7 @@ |
||||||
|
#include <nids.h> |
||||||
|
#include <pcap.h> |
||||||
|
#include <pcaputil.h> |
||||||
|
+#include <time.h> |
||||||
|
|
||||||
|
#include "buf.h" |
||||||
|
#include "decode.h" |
||||||
|
--- dsniff-2.4b1/sshow.c 2005-07-11 20:14:19.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/sshow.c.time_h 2005-07-11 20:15:26.000000000 +0000 |
||||||
|
@@ -15,6 +15,7 @@ |
||||||
|
|
||||||
|
#include <sys/types.h> |
||||||
|
#include <sys/times.h> |
||||||
|
+#include <time.h> |
||||||
|
|
||||||
|
#include <netinet/in_systm.h> |
||||||
|
#include <netinet/in.h> |
@ -0,0 +1,86 @@ |
|||||||
|
Patch by Hilko Bengen <bengen@debian.org> for dsniff >= 2.4b1, which adds |
||||||
|
escaping for user, vhost, uri, referrer and agent strings in the log. For |
||||||
|
further information, please have a look to Debian bug ID #372536. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/urlsnarf.c 2008-08-30 15:34:21.000000000 +0200 |
||||||
|
+++ dsniff-2.4b1/urlsnarf.c.escape 2008-08-30 15:38:46.000000000 +0200 |
||||||
|
@@ -84,6 +84,43 @@ |
||||||
|
return (tstr); |
||||||
|
} |
||||||
|
|
||||||
|
+static char * |
||||||
|
+escape_log_entry(char *string) |
||||||
|
+{ |
||||||
|
+ char *out; |
||||||
|
+ unsigned char *c, *o; |
||||||
|
+ size_t len; |
||||||
|
+ |
||||||
|
+ if (!string) |
||||||
|
+ return NULL; |
||||||
|
+ |
||||||
|
+ /* Determine needed length */ |
||||||
|
+ for (c = string, len = 0; *c; c++) { |
||||||
|
+ if ((*c < 32) || (*c >= 128)) |
||||||
|
+ len += 4; |
||||||
|
+ else if ((*c == '"') || (*c =='\\')) |
||||||
|
+ len += 2; |
||||||
|
+ else |
||||||
|
+ len++; |
||||||
|
+ } |
||||||
|
+ out = malloc(len+1); |
||||||
|
+ if (!out) |
||||||
|
+ return NULL; |
||||||
|
+ for (c = string, o = out; *c; c++, o++) { |
||||||
|
+ if ((*c < 32) || (*c >= 128)) { |
||||||
|
+ snprintf(o, 5, "\\x%02x", *c); |
||||||
|
+ o += 3; |
||||||
|
+ } else if ((*c == '"') || ((*c =='\\'))) { |
||||||
|
+ *(o++) = '\\'; |
||||||
|
+ *o = *c; |
||||||
|
+ } else { |
||||||
|
+ *o = *c; |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ out[len]='\0'; |
||||||
|
+ return out; |
||||||
|
+} |
||||||
|
+ |
||||||
|
static int |
||||||
|
process_http_request(struct tuple4 *addr, u_char *data, int len) |
||||||
|
{ |
||||||
|
@@ -142,18 +179,26 @@ |
||||||
|
buf_tok(NULL, NULL, i); |
||||||
|
} |
||||||
|
} |
||||||
|
- if (user == NULL) |
||||||
|
- user = "-"; |
||||||
|
- if (vhost == NULL) |
||||||
|
- vhost = libnet_addr2name4(addr->daddr, Opt_dns); |
||||||
|
- if (referer == NULL) |
||||||
|
- referer = "-"; |
||||||
|
- if (agent == NULL) |
||||||
|
- agent = "-"; |
||||||
|
+ user = escape_log_entry(user); |
||||||
|
+ vhost = escape_log_entry(vhost); |
||||||
|
+ uri = escape_log_entry(uri); |
||||||
|
+ referer = escape_log_entry(referer); |
||||||
|
+ agent = escape_log_entry(agent); |
||||||
|
|
||||||
|
printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n", |
||||||
|
libnet_addr2name4(addr->saddr, Opt_dns), |
||||||
|
- user, timestamp(), req, vhost, uri, referer, agent); |
||||||
|
+ (user?user:"-"), |
||||||
|
+ timestamp(), req, |
||||||
|
+ (vhost?vhost:libnet_addr2name4(addr->daddr, Opt_dns)), |
||||||
|
+ uri, |
||||||
|
+ (referer?referer:"-"), |
||||||
|
+ (agent?agent:"-")); |
||||||
|
+ |
||||||
|
+ free(user); |
||||||
|
+ free(vhost); |
||||||
|
+ free(uri); |
||||||
|
+ free(referer); |
||||||
|
+ free(agent); |
||||||
|
} |
||||||
|
fflush(stdout); |
||||||
|
|
@ -0,0 +1,80 @@ |
|||||||
|
Patch by Hilko Bengen <bengen@debian.org> for dsniff >= 2.4b1, which adds |
||||||
|
the usage of timestamps from pcap file if available to urlsnarf. For some |
||||||
|
more information, please have a look to Debian bug ID #573365. |
||||||
|
|
||||||
|
--- dsniff-2.4/urlsnarf.c 2011-10-09 18:13:49.000000000 +0200 |
||||||
|
+++ dsniff-2.4/urlsnarf.c.timestamp 2011-10-09 18:37:33.000000000 +0200 |
||||||
|
@@ -36,6 +36,7 @@ |
||||||
|
u_short Opt_dns = 1; |
||||||
|
int Opt_invert = 0; |
||||||
|
regex_t *pregex = NULL; |
||||||
|
+time_t tt = 0; |
||||||
|
|
||||||
|
static void |
||||||
|
usage(void) |
||||||
|
@@ -57,9 +58,12 @@ |
||||||
|
{ |
||||||
|
static char tstr[32], sign; |
||||||
|
struct tm *t, gmt; |
||||||
|
- time_t tt = time(NULL); |
||||||
|
int days, hours, tz, len; |
||||||
|
|
||||||
|
+ if (!nids_params.filename) { |
||||||
|
+ tt = time(NULL); |
||||||
|
+ } |
||||||
|
+ |
||||||
|
gmt = *gmtime(&tt); |
||||||
|
t = localtime(&tt); |
||||||
|
|
||||||
|
@@ -312,9 +316,48 @@ |
||||||
|
|
||||||
|
nids_register_chksum_ctl(&chksum_ctl, 1); |
||||||
|
|
||||||
|
- nids_run(); |
||||||
|
- |
||||||
|
- /* NOTREACHED */ |
||||||
|
+ pcap_t *p; |
||||||
|
+ char pcap_errbuf[PCAP_ERRBUF_SIZE]; |
||||||
|
+ if (nids_params.filename == NULL) { |
||||||
|
+ /* adapted from libnids.c:open_live() */ |
||||||
|
+ if (strcmp(nids_params.device, "all") == 0) |
||||||
|
+ nids_params.device = "any"; |
||||||
|
+ p = pcap_open_live(nids_params.device, 16384, |
||||||
|
+ (nids_params.promisc != 0), |
||||||
|
+ 0, pcap_errbuf); |
||||||
|
+ if (!p) { |
||||||
|
+ fprintf(stderr, "pcap_open_live(): %s\n", |
||||||
|
+ pcap_errbuf); |
||||||
|
+ exit(1); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ else { |
||||||
|
+ p = pcap_open_offline(nids_params.filename, |
||||||
|
+ pcap_errbuf); |
||||||
|
+ if (!p) { |
||||||
|
+ fprintf(stderr, "pcap_open_offline(%s): %s\n", |
||||||
|
+ nids_params.filename, pcap_errbuf); |
||||||
|
+ } |
||||||
|
+ } |
||||||
|
+ |
||||||
|
+ struct pcap_pkthdr *h; |
||||||
|
+ u_char *d; |
||||||
|
+ int rc; |
||||||
|
+ while ((rc = pcap_next_ex(p, &h, &d)) == 1) { |
||||||
|
+ tt = h->ts.tv_sec; |
||||||
|
+ nids_pcap_handler(NULL, h, d); |
||||||
|
+ } |
||||||
|
+ switch (rc) { |
||||||
|
+ case(-2): /* end of pcap file */ |
||||||
|
+ case(0): /* timeout on live capture */ |
||||||
|
+ break; |
||||||
|
+ case(-1): |
||||||
|
+ default: |
||||||
|
+ fprintf(stderr, "rc = %i\n", rc); |
||||||
|
+ pcap_perror(p, "pcap_read_ex()"); |
||||||
|
+ exit(1); |
||||||
|
+ break; |
||||||
|
+ } |
||||||
|
|
||||||
|
exit(0); |
||||||
|
} |
@ -0,0 +1,15 @@ |
|||||||
|
Patch by Steve Kemp <skx@debian.org> for dsniff >= 2.4b1, which fixes the |
||||||
|
zero-pad date. For further information, please have a look to Debian bug ID |
||||||
|
#298605. |
||||||
|
|
||||||
|
--- dsniff-2.4b1/urlsnarf.c 2005-06-23 03:30:37.000000000 +0000 |
||||||
|
+++ dsniff-2.4b1/urlsnarf.c.zeropad 2005-06-23 04:04:07.000000000 +0000 |
||||||
|
@@ -68,7 +68,7 @@ |
||||||
|
t->tm_hour - gmt.tm_hour); |
||||||
|
tz = hours * 60 + t->tm_min - gmt.tm_min; |
||||||
|
|
||||||
|
- len = strftime(tstr, sizeof(tstr), "%e/%b/%Y:%X", t); |
||||||
|
+ len = strftime(tstr, sizeof(tstr), "%d/%b/%Y:%X", t); |
||||||
|
if (len < 0 || len > sizeof(tstr) - 5) |
||||||
|
return (NULL); |
||||||
|
|
@ -0,0 +1,280 @@ |
|||||||
|
Summary: Tools for network auditing and penetration testing |
||||||
|
Name: dsniff |
||||||
|
Version: 2.4 |
||||||
|
Release: 0.36.b1%{?dist} |
||||||
|
License: BSD |
||||||
|
URL: https://www.monkey.org/~dugsong/%{name}/ |
||||||
|
Source0: https://www.monkey.org/~dugsong/%{name}/beta/%{name}-%{version}b1.tar.gz |
||||||
|
Patch0: dsniff-2.4-time_h.patch |
||||||
|
Patch1: dsniff-2.4-mailsnarf_corrupt.patch |
||||||
|
Patch2: dsniff-2.4-pcap_read_dump.patch |
||||||
|
Patch3: dsniff-2.4-multiple_intf.patch |
||||||
|
Patch4: dsniff-2.4-amd64_fix.patch |
||||||
|
Patch5: dsniff-2.4-urlsnarf_zeropad.patch |
||||||
|
Patch6: dsniff-2.4-libnet_11.patch |
||||||
|
Patch7: dsniff-2.4-checksum.patch |
||||||
|
Patch8: dsniff-2.4-openssl_098.patch |
||||||
|
Patch9: dsniff-2.4-sshcrypto.patch |
||||||
|
Patch10: dsniff-2.4-sysconf_clocks.patch |
||||||
|
Patch11: dsniff-2.4-urlsnarf_escape.patch |
||||||
|
Patch12: dsniff-2.4-string_header.patch |
||||||
|
Patch13: dsniff-2.4-arpa_inet_header.patch |
||||||
|
Patch14: dsniff-2.4-pop_with_version.patch |
||||||
|
Patch15: dsniff-2.4-obsolete_time.patch |
||||||
|
Patch16: dsniff-2.4-checksum_libnids.patch |
||||||
|
Patch17: dsniff-2.4-fedora_dirs.patch |
||||||
|
Patch18: dsniff-2.4-glib2.patch |
||||||
|
Patch19: dsniff-2.4-link_layer_offset.patch |
||||||
|
Patch20: dsniff-2.4-tds_decoder.patch |
||||||
|
Patch21: dsniff-2.4-msgsnarf_segfault.patch |
||||||
|
Patch22: dsniff-2.4-urlsnarf_timestamp.patch |
||||||
|
Patch23: dsniff-2.4-arpspoof_reverse.patch |
||||||
|
Patch24: dsniff-2.4-arpspoof_multiple.patch |
||||||
|
Patch25: dsniff-2.4-arpspoof_hwaddr.patch |
||||||
|
Patch26: dsniff-2.4-modernize_pop.patch |
||||||
|
Patch27: dsniff-2.4-libnet_name2addr4.patch |
||||||
|
Patch28: dsniff-2.4-pntohl_shift.patch |
||||||
|
Patch29: dsniff-2.4-rpc_segfault.patch |
||||||
|
Patch30: dsniff-2.4-openssl_110.patch |
||||||
|
Patch31: dsniff-2.4-remote_typo.patch |
||||||
|
Patch32: dsniff-2.4-smp_mflags.patch |
||||||
|
Patch33: dsniff-2.4-libtirpc.patch |
||||||
|
Patch34: dsniff-2.4-pcap_init.patch |
||||||
|
BuildRequires: gcc |
||||||
|
BuildRequires: libnet-devel |
||||||
|
%if 0%{?fedora} || 0%{?rhel} >= 8 |
||||||
|
BuildRequires: openssl-devel |
||||||
|
%else |
||||||
|
BuildRequires: openssl11-devel |
||||||
|
%endif |
||||||
|
BuildRequires: libnids-devel |
||||||
|
BuildRequires: glib2-devel |
||||||
|
BuildRequires: libpcap-devel |
||||||
|
BuildRequires: libdb-devel |
||||||
|
BuildRequires: libXmu-devel |
||||||
|
%if 0%{?fedora} || 0%{?rhel} >= 8 |
||||||
|
BuildRequires: rpcgen |
||||||
|
BuildRequires: libtirpc-devel |
||||||
|
BuildRequires: libnsl2-devel |
||||||
|
%endif |
||||||
|
BuildRequires: make |
||||||
|
|
||||||
|
%description |
||||||
|
A collection of tools for network auditing and penetration testing. Dsniff, |
||||||
|
filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy allow to passively monitor |
||||||
|
a network for interesting data (passwords, e-mail, files). Arpspoof, dnsspoof |
||||||
|
and macof facilitate the interception of network traffic normally unavailable |
||||||
|
to an attacker (e.g, due to layer-2 switching). Sshmitm and webmitm implement |
||||||
|
active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions |
||||||
|
by exploiting weak bindings in ad-hoc PKI. |
||||||
|
|
||||||
|
%prep |
||||||
|
%setup -q |
||||||
|
%patch0 -p1 -b .time_h |
||||||
|
%patch1 -p1 -b .mailsnarf |
||||||
|
%patch2 -p1 -b .pcap_dump |
||||||
|
%patch3 -p1 -b .multiple_intf |
||||||
|
%patch4 -p1 -b .amd64_fix |
||||||
|
%patch5 -p1 -b .urlsnarf_zeropad |
||||||
|
%patch6 -p1 -b .libnet_11 |
||||||
|
%patch7 -p1 -b .checksum |
||||||
|
%patch8 -p1 -b .openssl_098 |
||||||
|
%patch9 -p1 -b .sshcrypto |
||||||
|
%patch10 -p1 -b .sysconf_clocks |
||||||
|
%patch11 -p1 -b .urlsnarf_escape |
||||||
|
%patch12 -p1 -b .string_header |
||||||
|
%patch13 -p1 -b .arpa_inet_header |
||||||
|
%patch14 -p1 -b .pop_with_version |
||||||
|
%patch15 -p1 -b .obsolete_time |
||||||
|
%patch16 -p1 -b .checksum_libnids |
||||||
|
%patch17 -p1 -b .fedora_dirs |
||||||
|
%patch18 -p1 -b .glib2 |
||||||
|
%patch19 -p1 -b .link_layer_offset |
||||||
|
%patch20 -p1 -b .tds_decoder |
||||||
|
%patch21 -p1 -b .msgsnarf_segfault |
||||||
|
%patch22 -p1 -b .urlsnarf_timestamp |
||||||
|
%patch23 -p1 -b .arpspoof_reverse |
||||||
|
%patch24 -p1 -b .arpspoof_multiple |
||||||
|
%patch25 -p1 -b .arpspoof_hwaddr |
||||||
|
%patch26 -p1 -b .modernize_pop |
||||||
|
%patch27 -p1 -b .libnet_name2addr4 |
||||||
|
%patch28 -p1 -b .pntohl_shift |
||||||
|
%patch29 -p1 -b .rpc_segfault |
||||||
|
%patch30 -p1 -b .openssl_110 |
||||||
|
%patch31 -p1 -b .remote_typo |
||||||
|
%patch32 -p1 -b .smp_mflags |
||||||
|
%if 0%{?fedora} || 0%{?rhel} >= 8 |
||||||
|
%patch33 -p1 -b .libtirpc |
||||||
|
%endif |
||||||
|
%patch34 -p1 -b .pcap_init |
||||||
|
|
||||||
|
%build |
||||||
|
%if 0%{?rhel} == 7 |
||||||
|
sed \ |
||||||
|
-e 's|include/openssl/|include/openssl11/openssl/|g' \ |
||||||
|
-e 's|\(SSLINC="\)-I${prefix}/include|\1$(pkg-config --cflags openssl11)|g' \ |
||||||
|
-e 's|\(SSLLIB="\)-L${prefix}/lib -lssl -lcrypto|\1$(pkg-config --libs openssl11)|g' \ |
||||||
|
-i configure |
||||||
|
%endif |
||||||
|
|
||||||
|
%configure |
||||||
|
%make_build |
||||||
|
|
||||||
|
%install |
||||||
|
%make_install install_prefix=$RPM_BUILD_ROOT |
||||||
|
|
||||||
|
%files |
||||||
|
%license LICENSE |
||||||
|
%doc CHANGES README TODO |
||||||
|
%dir %{_sysconfdir}/%{name}/ |
||||||
|
%config(noreplace) %{_sysconfdir}/%{name}/* |
||||||
|
%{_sbindir}/arpspoof |
||||||
|
%{_sbindir}/dnsspoof |
||||||
|
%{_sbindir}/%{name} |
||||||
|
%{_sbindir}/filesnarf |
||||||
|
%{_sbindir}/macof |
||||||
|
%{_sbindir}/mailsnarf |
||||||
|
%{_sbindir}/msgsnarf |
||||||
|
%{_sbindir}/sshmitm |
||||||
|
%{_sbindir}/sshow |
||||||
|
%{_sbindir}/tcpkill |
||||||
|
%{_sbindir}/tcpnice |
||||||
|
%{_sbindir}/urlsnarf |
||||||
|
%{_sbindir}/webmitm |
||||||
|
%{_sbindir}/webspy |
||||||
|
%{_mandir}/man8/arpspoof.8* |
||||||
|
%{_mandir}/man8/dnsspoof.8* |
||||||
|
%{_mandir}/man8/%{name}.8* |
||||||
|
%{_mandir}/man8/filesnarf.8* |
||||||
|
%{_mandir}/man8/macof.8* |
||||||
|
%{_mandir}/man8/mailsnarf.8* |
||||||
|
%{_mandir}/man8/msgsnarf.8* |
||||||
|
%{_mandir}/man8/sshmitm.8* |
||||||
|
%{_mandir}/man8/sshow.8* |
||||||
|
%{_mandir}/man8/tcpkill.8* |
||||||
|
%{_mandir}/man8/tcpnice.8* |
||||||
|
%{_mandir}/man8/urlsnarf.8* |
||||||
|
%{_mandir}/man8/webmitm.8* |
||||||
|
%{_mandir}/man8/webspy.8* |
||||||
|
|
||||||
|
%changelog |
||||||
|
* Sun Jul 25 2021 Robert Scheck <robert@fedoraproject.org> 2.4-0.36.b1 |
||||||
|
- Added patch to work around pcap_init() API change in libpcap |
||||||
|
|
||||||
|
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.35.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild |
||||||
|
|
||||||
|
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.34.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild |
||||||
|
|
||||||
|
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.33.b1 |
||||||
|
- Second attempt - Rebuilt for |
||||||
|
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild |
||||||
|
|
||||||
|
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.32.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild |
||||||
|
|
||||||
|
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.31.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild |
||||||
|
|
||||||
|
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.30.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild |
||||||
|
|
||||||
|
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.29.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild |
||||||
|
|
||||||
|
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.28.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild |
||||||
|
|
||||||
|
* Sun May 27 2018 Robert Scheck <robert@fedoraproject.org> 2.4-0.27.b1 |
||||||
|
- Added patch to allow building dsniff against libtirpc (#1582770) |
||||||
|
|
||||||
|
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.26.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild |
||||||
|
|
||||||
|
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.25.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild |
||||||
|
|
||||||
|
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.24.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild |
||||||
|
|
||||||
|
* Sat Feb 11 2017 Robert Scheck <robert@fedoraproject.org> 2.4-0.23.b1 |
||||||
|
- Added patch to allow building dsniff with OpenSSL >= 1.1.0 |
||||||
|
- Added patch to correct a typo related to the -remote option |
||||||
|
|
||||||
|
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.22.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild |
||||||
|
|
||||||
|
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.21.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild |
||||||
|
|
||||||
|
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.20.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild |
||||||
|
|
||||||
|
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.19.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild |
||||||
|
|
||||||
|
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.18.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild |
||||||
|
|
||||||
|
* Fri Dec 20 2013 Robert Scheck <robert@fedoraproject.org> 2.4-0.17.b1 |
||||||
|
- Corrected patch which touches tabular data stream protocol handler |
||||||
|
- Added a patch to add both communication partners in arpspoof |
||||||
|
- Added patch to allow multiple targets to be imitated simultaniously |
||||||
|
- Added patch to allow the selection of source hw address in arpspoof |
||||||
|
- Added a patch which fixes and modernizes the POP decoder |
||||||
|
- Fixed segmentation faults related to libnet_name2addr4() (#1009879) |
||||||
|
- Added a patch to fix bit-shift in pntohl() macro (#714958, #850496) |
||||||
|
- Avoid xdrs being used without being initialised (#715042, #850494) |
||||||
|
|
||||||
|
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.16.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild |
||||||
|
|
||||||
|
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.15.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild |
||||||
|
|
||||||
|
* Mon Jul 30 2012 Robert Scheck <robert@fedoraproject.org> 2.4-0.14.b1 |
||||||
|
- Added a patch which adds further link layer offsets |
||||||
|
- Avoid opportunity for DoS in tabular data stream protocol handler |
||||||
|
- Added a memset in msgsnarf to correctly 0 out the C struct |
||||||
|
- Patched urlsnarf to use timestamps from pcap file if available |
||||||
|
|
||||||
|
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.13.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild |
||||||
|
|
||||||
|
* Fri Mar 30 2012 Jon Ciesla <limburgher@gmail.com> - 2.4-0.12.b1 |
||||||
|
- libnet rebuild |
||||||
|
|
||||||
|
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.11.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild |
||||||
|
|
||||||
|
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.10.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild |
||||||
|
|
||||||
|
* Mon Mar 29 2010 Robert Scheck <robert@fedoraproject.org> 2.4-0.9.b1 |
||||||
|
- Rebuild against libnids 1.24 |
||||||
|
|
||||||
|
* Fri Jan 08 2010 Robert Scheck <robert@fedoraproject.org> 2.4-0.8.b1 |
||||||
|
- Added build requirement to libXmu-devel for webspy (#553230) |
||||||
|
|
||||||
|
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 2.4-0.7.b1 |
||||||
|
- rebuilt with new openssl |
||||||
|
|
||||||
|
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.6.b1 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild |
||||||
|
|
||||||
|
* Mon Feb 23 2009 Robert Scheck <robert@fedoraproject.org> 2.4-0.5.b1 |
||||||
|
- Rebuild against gcc 4.4 and rpm 4.6 |
||||||
|
|
||||||
|
* Sat Aug 30 2008 Robert Scheck <robert@fedoraproject.org> 2.4-0.4.b1 |
||||||
|
- Re-diffed dsniff url log escaping patch for no fuzz |
||||||
|
|
||||||
|
* Thu May 29 2008 Robert Scheck <robert@fedoraproject.org> 2.4-0.3.b1 |
||||||
|
- Rebuild against libnids 1.23 |
||||||
|
|
||||||
|
* Sun Feb 10 2008 Robert Scheck <robert@fedoraproject.org> 2.4-0.2.b1 |
||||||
|
- Rebuild against gcc 4.3 |
||||||
|
|
||||||
|
* Thu Nov 29 2007 Robert Scheck <robert@fedoraproject.org> 2.4-0.1.b1 |
||||||
|
- Upgrade to 2.4b1 and added many patches from Debian |
||||||
|
- Initial spec file for Fedora and Red Hat Enterprise Linux |
Loading…
Reference in new issue