/* * creates the threads for capturing */ void start_unified_sniff(void) { DEBUG_MSG("start_unified_sniff"); if (GBL_SNIFF->active == 1) { USER_MSG("Unified sniffing already started...\n"); return; } USER_MSG("Starting Unified sniffing...\n\n"); /* create the timeouter thread */ if (!GBL_OPTIONS->read) { pthread_t pid; pid = ec_thread_getpid("timer"); if (pthread_equal(pid, EC_PTHREAD_NULL)) ec_thread_new("timer", "conntrack timeouter", &conntrack_timeouter, NULL); } /* create the thread for packet capture */ ec_thread_new("capture", "pcap handler and packet decoder", &capture, GBL_OPTIONS->iface); /* start ssl_wrapper thread */ if (!GBL_OPTIONS->read && !GBL_OPTIONS->unoffensive && !GBL_OPTIONS->only_mitm && GBL_OPTIONS->ssl_mitm) ec_thread_new("sslwrap", "wrapper for ssl connections", &sslw_start, NULL); GBL_SNIFF->active = 1; }
void capture_start(struct iface_env *iface) { char thread_name[64]; snprintf(thread_name, sizeof(thread_name), "capture[%s]", iface->name); ec_thread_new(thread_name, "pcap handler and packet decoder", &capture, iface); }
static int dos_attack_init(void *dummy) { char dos_addr[MAX_ASCII_ADDR_LEN]; char unused_addr[MAX_ASCII_ADDR_LEN]; struct port_list *p; /* It doesn't work if unoffensive */ if (GBL_OPTIONS->unoffensive) { INSTANT_USER_MSG("dos_attack: plugin doesn't work in UNOFFENSIVE mode\n"); return PLUGIN_FINISHED; } /* don't show packets while operating */ GBL_OPTIONS->quiet = 1; memset(dos_addr, 0, sizeof(dos_addr)); memset(unused_addr, 0, sizeof(dos_addr)); ui_input("Insert victim IP: ", dos_addr, sizeof(dos_addr), NULL); if (ip_addr_pton(dos_addr, &victim_host) == -EINVALID) { INSTANT_USER_MSG("dos_attack: Invalid IP address.\n"); return PLUGIN_FINISHED; } ui_input("Insert unused IP: ", unused_addr, sizeof(unused_addr), NULL); if (ip_addr_pton(unused_addr, &fake_host) == -EINVALID) { INSTANT_USER_MSG("dos_attack: Invalid IP address.\n"); return PLUGIN_FINISHED; } if(victim_host.addr_type != fake_host.addr_type) { INSTANT_USER_MSG("dos_attack: Address' families don't match.\n"); return PLUGIN_FINISHED; } INSTANT_USER_MSG("dos_attack: Starting scan against %s [Fake Host: %s]\n", dos_addr, unused_addr); /* Delete the "open" port list just in case of previous executions */ while (!SLIST_EMPTY(&port_table)) { p = SLIST_FIRST(&port_table); SLIST_REMOVE_HEAD(&port_table, next); SAFE_FREE(p); } /* Add the hook to "create" the fake host */ if(ntohs(fake_host.addr_type) == AF_INET) hook_add(HOOK_PACKET_ARP_RQ, &parse_arp); #ifdef WITH_IPV6 else if(ntohs(fake_host.addr_type) == AF_INET6) hook_add(HOOK_PACKET_ICMP6_NSOL, &parse_icmp6); #endif /* Add the hook for SYN-ACK reply */ hook_add(HOOK_PACKET_TCP, &parse_tcp); /* create the flooding thread */ ec_thread_new("golem", "SYN flooder thread", &syn_flooder, NULL); return PLUGIN_RUNNING; }
int main(int argc, char *argv[]) { /* * Alloc the global structures * We can access these structs via the macro in ec_globals.h */ globals_alloc(); GBL_PROGRAM = strdup(EC_PROGRAM); GBL_VERSION = strdup(EC_VERSION); SAFE_CALLOC(GBL_DEBUG_FILE, strlen(EC_PROGRAM) + strlen("-") + strlen(EC_VERSION) + strlen("_debug.log") + 1, sizeof(char)); sprintf(GBL_DEBUG_FILE, "%s-%s_debug.log", GBL_PROGRAM, EC_VERSION); DEBUG_INIT(); DEBUG_MSG("main -- here we go !!"); /* initialize the filter mutex */ filter_init_mutex(); /* register the main thread as "init" */ ec_thread_register(EC_PTHREAD_SELF, "init", "initialization phase"); /* activate the signal handler */ signal_handler(); /* ettercap copyright */ fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n", GBL_PROGRAM, GBL_VERSION, EC_COPYRIGHT, EC_AUTHORS); /* getopt related parsing... */ parse_options(argc, argv); /* check the date */ time_check(); /* load the configuration file */ load_conf(); /* * get the list of available interfaces * * this function will not return if the -I option was * specified on command line. it will instead print the * list and exit */ capture_getifs(); /* initialize the user interface */ ui_init(); /* initialize the network subsystem */ network_init(); /* * always disable the kernel ip forwarding (except when reading from file). * the forwarding will be done by ettercap. */ if(!GBL_OPTIONS->read && !GBL_OPTIONS->unoffensive && !GBL_OPTIONS->only_mitm) { disable_ip_forward(); #ifdef OS_LINUX if (!GBL_OPTIONS->read) disable_interface_offload(); #endif /* binds ports and set redirect for ssl wrapper */ if(GBL_SNIFF->type == SM_UNIFIED && GBL_OPTIONS->ssl_mitm) ssl_wrap_init(); } /* * drop root privileges * we have already opened the sockets with high privileges * we don't need anymore root privs. */ drop_privs(); /***** !! NO PRIVS AFTER THIS POINT !! *****/ /* load all the plugins */ plugin_load_all(); /* print how many dissectors were loaded */ conf_dissectors(); /* load the mac-fingerprints */ manuf_init(); /* load the tcp-fingerprints */ fingerprint_init(); /* load the services names */ services_init(); /* load http known fileds for user/pass */ http_fields_init(); #ifdef HAVE_EC_LUA /* Initialize lua */ ec_lua_init(); #endif /* set the encoding for the UTF-8 visualization */ set_utf8_encoding((u_char*)GBL_CONF->utf8_encoding); /* print all the buffered messages */ if (GBL_UI->type == UI_TEXT) USER_MSG("\n"); ui_msg_flush(MSG_ALL); /**** INITIALIZATION PHASE TERMINATED ****/ /* * we are interested only in the mitm attack i * if entered, this function will not return... */ if (GBL_OPTIONS->only_mitm) only_mitm(); /* create the dispatcher thread */ ec_thread_new("top_half", "dispatching module", &top_half, NULL); /* this thread becomes the UI then displays it */ ec_thread_register(EC_PTHREAD_SELF, GBL_PROGRAM, "the user interface"); ui_start(); /******************************************** * reached only when the UI is shutted down ********************************************/ /* Call all the proper stop methods to ensure * that no matter what UI was selected, everything is * turned off gracefully */ clean_exit(0); return 0; //Never reaches here }