/*
* creates the threads for capturing
*/
void start_unified_sniff(void)
{
DEBUG_MSG("start_unified_sniff");
if (GBL_SNIFF->active == 1) {
USER_MSG("Unified sniffing already started...\n");
return;
}
USER_MSG("Starting Unified sniffing...\n\n");
/* create the timeouter thread */
if (!GBL_OPTIONS->read) {
pthread_t pid;
pid = ec_thread_getpid("timer");
if (pthread_equal(pid, EC_PTHREAD_NULL))
ec_thread_new("timer", "conntrack timeouter", &conntrack_timeouter, NULL);
}
/* create the thread for packet capture */
ec_thread_new("capture", "pcap handler and packet decoder", &capture, GBL_OPTIONS->iface);
/* start ssl_wrapper thread */
if (!GBL_OPTIONS->read && !GBL_OPTIONS->unoffensive && !GBL_OPTIONS->only_mitm && GBL_OPTIONS->ssl_mitm)
ec_thread_new("sslwrap", "wrapper for ssl connections", &sslw_start, NULL);
GBL_SNIFF->active = 1;
}
void capture_start(struct iface_env *iface)
{
char thread_name[64];
snprintf(thread_name, sizeof(thread_name), "capture[%s]", iface->name);
ec_thread_new(thread_name, "pcap handler and packet decoder", &capture, iface);
}
static int dos_attack_init(void *dummy)
{
char dos_addr[MAX_ASCII_ADDR_LEN];
char unused_addr[MAX_ASCII_ADDR_LEN];
struct port_list *p;
/* It doesn't work if unoffensive */
if (GBL_OPTIONS->unoffensive) {
INSTANT_USER_MSG("dos_attack: plugin doesn't work in UNOFFENSIVE mode\n");
return PLUGIN_FINISHED;
}
/* don't show packets while operating */
GBL_OPTIONS->quiet = 1;
memset(dos_addr, 0, sizeof(dos_addr));
memset(unused_addr, 0, sizeof(dos_addr));
ui_input("Insert victim IP: ", dos_addr, sizeof(dos_addr), NULL);
if (ip_addr_pton(dos_addr, &victim_host) == -EINVALID) {
INSTANT_USER_MSG("dos_attack: Invalid IP address.\n");
return PLUGIN_FINISHED;
}
ui_input("Insert unused IP: ", unused_addr, sizeof(unused_addr), NULL);
if (ip_addr_pton(unused_addr, &fake_host) == -EINVALID) {
INSTANT_USER_MSG("dos_attack: Invalid IP address.\n");
return PLUGIN_FINISHED;
}
if(victim_host.addr_type != fake_host.addr_type) {
INSTANT_USER_MSG("dos_attack: Address' families don't match.\n");
return PLUGIN_FINISHED;
}
INSTANT_USER_MSG("dos_attack: Starting scan against %s [Fake Host: %s]\n", dos_addr, unused_addr);
/* Delete the "open" port list just in case of previous executions */
while (!SLIST_EMPTY(&port_table)) {
p = SLIST_FIRST(&port_table);
SLIST_REMOVE_HEAD(&port_table, next);
SAFE_FREE(p);
}
/* Add the hook to "create" the fake host */
if(ntohs(fake_host.addr_type) == AF_INET)
hook_add(HOOK_PACKET_ARP_RQ, &parse_arp);
#ifdef WITH_IPV6
else if(ntohs(fake_host.addr_type) == AF_INET6)
hook_add(HOOK_PACKET_ICMP6_NSOL, &parse_icmp6);
#endif
/* Add the hook for SYN-ACK reply */
hook_add(HOOK_PACKET_TCP, &parse_tcp);
/* create the flooding thread */
ec_thread_new("golem", "SYN flooder thread", &syn_flooder, NULL);
return PLUGIN_RUNNING;
}
int main(int argc, char *argv[])
{
/*
* Alloc the global structures
* We can access these structs via the macro in ec_globals.h
*/
globals_alloc();
GBL_PROGRAM = strdup(EC_PROGRAM);
GBL_VERSION = strdup(EC_VERSION);
SAFE_CALLOC(GBL_DEBUG_FILE, strlen(EC_PROGRAM) + strlen("-") + strlen(EC_VERSION) + strlen("_debug.log") + 1, sizeof(char));
sprintf(GBL_DEBUG_FILE, "%s-%s_debug.log", GBL_PROGRAM, EC_VERSION);
DEBUG_INIT();
DEBUG_MSG("main -- here we go !!");
/* initialize the filter mutex */
filter_init_mutex();
/* register the main thread as "init" */
ec_thread_register(EC_PTHREAD_SELF, "init", "initialization phase");
/* activate the signal handler */
signal_handler();
/* ettercap copyright */
fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n",
GBL_PROGRAM, GBL_VERSION, EC_COPYRIGHT, EC_AUTHORS);
/* getopt related parsing... */
parse_options(argc, argv);
/* check the date */
time_check();
/* load the configuration file */
load_conf();
/*
* get the list of available interfaces
*
* this function will not return if the -I option was
* specified on command line. it will instead print the
* list and exit
*/
capture_getifs();
/* initialize the user interface */
ui_init();
/* initialize the network subsystem */
network_init();
/*
* always disable the kernel ip forwarding (except when reading from file).
* the forwarding will be done by ettercap.
*/
if(!GBL_OPTIONS->read && !GBL_OPTIONS->unoffensive && !GBL_OPTIONS->only_mitm) {
disable_ip_forward();
#ifdef OS_LINUX
if (!GBL_OPTIONS->read)
disable_interface_offload();
#endif
/* binds ports and set redirect for ssl wrapper */
if(GBL_SNIFF->type == SM_UNIFIED && GBL_OPTIONS->ssl_mitm)
ssl_wrap_init();
}
/*
* drop root privileges
* we have already opened the sockets with high privileges
* we don't need anymore root privs.
*/
drop_privs();
/***** !! NO PRIVS AFTER THIS POINT !! *****/
/* load all the plugins */
plugin_load_all();
/* print how many dissectors were loaded */
conf_dissectors();
/* load the mac-fingerprints */
manuf_init();
/* load the tcp-fingerprints */
fingerprint_init();
/* load the services names */
services_init();
/* load http known fileds for user/pass */
http_fields_init();
#ifdef HAVE_EC_LUA
/* Initialize lua */
ec_lua_init();
#endif
/* set the encoding for the UTF-8 visualization */
set_utf8_encoding((u_char*)GBL_CONF->utf8_encoding);
/* print all the buffered messages */
if (GBL_UI->type == UI_TEXT)
USER_MSG("\n");
ui_msg_flush(MSG_ALL);
/**** INITIALIZATION PHASE TERMINATED ****/
/*
* we are interested only in the mitm attack i
* if entered, this function will not return...
*/
if (GBL_OPTIONS->only_mitm)
only_mitm();
/* create the dispatcher thread */
ec_thread_new("top_half", "dispatching module", &top_half, NULL);
/* this thread becomes the UI then displays it */
ec_thread_register(EC_PTHREAD_SELF, GBL_PROGRAM, "the user interface");
ui_start();
/********************************************
* reached only when the UI is shutted down
********************************************/
/* Call all the proper stop methods to ensure
* that no matter what UI was selected, everything is
* turned off gracefully */
clean_exit(0);
return 0; //Never reaches here
}
