/**
* @details The list of available packet devices is loaded from the system and
* matched against the command-line supplied device name. Packets are
* captured and hosts extracted.
*/
int IPForensics::load_from_device() {
// load packet capture device list from system
try {
load_devices();
} catch (std::exception const &e) {
std::cout << ipf::kProgramName << ": ";
std::cout << "Could not query system for packet capture devices: ";
std::cout << e.what() << std::endl;
}
// select device to use
Device device = Device(this);
for (Device d : devices_) {
if (device_ == d.name()) {
device = d;
}
}
// exit if invalid device specified
if (!device_.empty() && device_ != device.name()) {
std::cout << ipf::kProgramName << ": ";
std::cout << "Invalid packet capture device \'" << device_ << "\'. ";
std::cout << "Valid device(s):\n";
for (size_t i = 0; i < devices_.size(); ++i) {
std::cout << i+1 << ". " << devices_[i] << '\n';
}
std::cout << std::endl;
return -1;
}
// display run-time parameters
if (verbose_) {
std::cout << "Using \'" << device.name() << "\' with network address ";
std::cout << device.net() << " and network mask " << device.mask();
std::cout << " to capture " << packet_count_ << " packet(s).";
std::cout << std::endl;
}
// capture packets
int packet_count = device.capture(packet_count_);
// display packets captured
if (verbose_) {
for (Packet p : device.packets()) {
std::cout << p << std::endl;
}
}
// extract hosts
load_hosts(device);
return packet_count;
}
void AddressBook::LoadHosts ()
{
std::ifstream f (i2p::util::filesystem::GetFullPath ("hosts.txt").c_str (), std::ofstream::in); // in text mode
if (!f.is_open ())
{
LogPrint ("hosts.txt not found. Try to load...");
if (!m_IsDowloading)
{
m_IsDowloading = true;
std::thread load_hosts(&AddressBook::LoadHostsFromI2P, this);
load_hosts.detach();
}
return;
}
int numAddresses = 0;
std::string s;
while (!f.eof ())
{
getline(f, s);
if (!s.length())
continue; // skip empty line
size_t pos = s.find('=');
if (pos != std::string::npos)
{
std::string name = s.substr(0, pos++);
std::string addr = s.substr(pos);
Identity ident;
if (!ident.FromBase64(addr))
{
LogPrint ("hosts.txt: ignore ", name);
continue;
}
m_Addresses[name] = ident.Hash();
numAddresses++;
}
}
LogPrint (numAddresses, " addresses loaded");
m_IsLoaded = true;
}
/**
* @details Packets are read from the command-line pcap file and hosts are
* extracted from the packets.
*/
int IPForensics::load_from_file() {
// display run-time parameters
if (verbose_) {
std::cout << "Reading ";
if (packet_count_ == 0)
std::cout << "all";
else
std::cout << packet_count_;
std::cout << " packet(s) from " << '\'' << in_file_ << '\'';
std::cout << std::endl;
}
// extract packets and hosts from file
load_hosts(in_file_);
// display packets read
if (verbose_) {
for (Packet p : packets_) {
std::cout << p << std::endl;
}
}
// return number of packets read
return int (packets_.size());
}
bool http_server::create(const char* config_file, const char* mime_types_file)
{
xmlconf conf;
if (!conf.load(config_file)) {
fprintf(stderr, "Couldn't load configuration file (%s:%u).\n", config_file, conf.get_line());
return false;
}
general_conf general_conf;
if (!load_general(conf, general_conf)) {
return false;
}
if (general_conf.logfile) {
if (!logger::instance().create(general_conf.level, general_conf.logdir, general_conf.logfile, general_conf.error_log_max_file_size * 1024L)) {
return false;
}
}
logger::instance().log(logger::LOG_INFO, "Loading hosts...");
if (!load_hosts(conf, general_conf)) {
logger::instance().log(logger::LOG_ERROR, "Couldn't load hosts.");
return false;
}
logger::instance().log(logger::LOG_INFO, "Loading MIME types...");
if (!_M_mime_types.load(mime_types_file)) {
logger::instance().log(logger::LOG_ERROR, "Couldn't load MIME types.");
return false;
}
logger::instance().log(logger::LOG_INFO, "Creating server...");
if (!tcp_server::create(general_conf.address, general_conf.port)) {
logger::instance().log(logger::LOG_ERROR, "Couldn't create server.");
return false;
}
// Create cache of temporary files.
if (general_conf.max_spare_files > _M_size) {
general_conf.max_spare_files = _M_size;
}
if (!_M_tmpfiles.create(general_conf.payload_directory, _M_size, general_conf.max_spare_files)) {
logger::instance().log(logger::LOG_ERROR, "Couldn't create cache of temporary files.");
return false;
}
// Create backends.
virtual_hosts::vhost* vhost;
for (size_t i = 0; (vhost = _M_vhosts.get_host(i)) != NULL; i++) {
rulelist::rule* rules;
for (size_t j = 0; (rules = vhost->rules->get(j)) != NULL; j++) {
if (!rules->backends.create(_M_size)) {
logger::instance().log(logger::LOG_ERROR, "Couldn't create backends.");
return false;
}
}
}
http_error::set_port(general_conf.port);
logger::instance().log(logger::LOG_INFO, "Server started.");
return true;
}
void AddressBookSubscription::CheckSubscription ()
{
std::thread load_hosts(&AddressBookSubscription::Request, this);
load_hosts.detach(); // TODO: use join
}
void parse_options(int argc, char **argv)
{
int c;
static struct option long_options[] = {
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, 'v' },
{ "iface", required_argument, NULL, 'i' },
{ "lifaces", no_argument, NULL, 'I' },
{ "netmask", required_argument, NULL, 'n' },
{ "address", required_argument, NULL, 'A' },
{ "write", required_argument, NULL, 'w' },
{ "read", required_argument, NULL, 'r' },
{ "pcapfilter", required_argument, NULL, 'f' },
{ "reversed", no_argument, NULL, 'R' },
{ "proto", required_argument, NULL, 't' },
{ "plugin", required_argument, NULL, 'P' },
{ "filter", required_argument, NULL, 'F' },
#ifdef HAVE_EC_LUA
{ "lua-script", required_argument, NULL, 0 },
{ "lua-args", required_argument, NULL, 0 },
#endif
{ "superquiet", no_argument, NULL, 'Q' },
{ "quiet", no_argument, NULL, 'q' },
{ "script", required_argument, NULL, 's' },
{ "silent", no_argument, NULL, 'z' },
#ifdef WITH_IPV6
{ "ip6scan", no_argument, NULL, '6' },
#endif
{ "unoffensive", no_argument, NULL, 'u' },
{ "nosslmitm", no_argument, NULL, 'S' },
{ "load-hosts", required_argument, NULL, 'j' },
{ "save-hosts", required_argument, NULL, 'k' },
{ "wifi-key", required_argument, NULL, 'W' },
{ "config", required_argument, NULL, 'a' },
{ "dns", no_argument, NULL, 'd' },
{ "regex", required_argument, NULL, 'e' },
{ "visual", required_argument, NULL, 'V' },
{ "ext-headers", no_argument, NULL, 'E' },
{ "log", required_argument, NULL, 'L' },
{ "log-info", required_argument, NULL, 'l' },
{ "log-msg", required_argument, NULL, 'm' },
{ "compress", no_argument, NULL, 'c' },
{ "text", no_argument, NULL, 'T' },
{ "curses", no_argument, NULL, 'C' },
{ "daemon", no_argument, NULL, 'D' },
{ "gtk", no_argument, NULL, 'G' },
{ "mitm", required_argument, NULL, 'M' },
{ "only-mitm", no_argument, NULL, 'o' },
{ "bridge", required_argument, NULL, 'B' },
{ "broadcast", required_argument, NULL, 'b' },
{ "promisc", no_argument, NULL, 'p' },
{ "gateway", required_argument, NULL, 'Y' },
{ "certificate", required_argument, NULL, 0 },
{ "private-key", required_argument, NULL, 0 },
{ 0 , 0 , 0 , 0}
};
for (c = 0; c < argc; c++)
DEBUG_MSG("parse_options -- [%d] [%s]", c, argv[c]);
/* OPTIONS INITIALIZATION */
GBL_PCAP->promisc = 1;
GBL_FORMAT = &ascii_format;
GBL_OPTIONS->ssl_mitm = 1;
GBL_OPTIONS->broadcast = 0;
GBL_OPTIONS->ssl_cert = NULL;
GBL_OPTIONS->ssl_pkey = NULL;
/* OPTIONS INITIALIZED */
optind = 0;
int option_index = 0;
while ((c = getopt_long (argc, argv, "A:a:bB:CchDdEe:F:f:GhIi:j:k:L:l:M:m:n:oP:pQqiRr:s:STt:uV:vW:w:Y:z6", long_options, &option_index)) != EOF) {
/* used for parsing arguments */
char *opt_end = optarg;
while (opt_end && *opt_end) opt_end++;
/* enable a loaded filter script? */
switch (c) {
case 'M':
set_mitm(optarg);
break;
case 'o':
set_onlymitm();
//select_text_interface();
break;
case 'b':
set_broadcast();
break;
case 'B':
set_iface_bridge(optarg);
break;
case 'p':
set_promisc();
break;
#ifndef JUST_LIBRARY
case 'T':
select_text_interface();
break;
case 'C':
select_curses_interface();
break;
case 'G':
select_gtk_interface();
break;
case 'D':
select_daemon_interface();
break;
#endif
case 'R':
set_reversed();
break;
case 't':
set_proto(optarg);
break;
case 'P':
set_plugin(optarg);
break;
case 'i':
set_iface(optarg);
break;
case 'I':
/* this option is only useful in the text interface */
set_lifaces();
break;
case 'Y':
set_secondary(optarg);
break;
case 'n':
set_netmask(optarg);
break;
case 'A':
set_address(optarg);
break;
case 'r':
set_read_pcap(optarg);
break;
case 'w':
set_write_pcap(optarg);
break;
case 'f':
set_pcap_filter(optarg);
break;
case 'F':
load_filter(opt_end, optarg);
break;
case 'L':
set_loglevel_packet(optarg);
case 'l':
set_loglevel_info(optarg);
break;
case 'm':
set_loglevel_true(optarg);
break;
case 'c':
set_compress();
break;
case 'e':
opt_set_regex(optarg);
break;
case 'Q':
set_superquiet();
/* no break, quiet must be enabled */
case 'q':
set_quiet();
break;
case 's':
set_script(optarg);
break;
case 'z':
set_silent();
break;
#ifdef WITH_IPV6
case '6':
set_ip6scan();
break;
#endif
case 'u':
set_unoffensive();
break;
case 'S':
disable_sslmitm();
break;
case 'd':
set_resolve();
break;
case 'j':
load_hosts(optarg);
break;
case 'k':
save_hosts(optarg);
break;
case 'V':
opt_set_format(optarg);
break;
case 'E':
set_ext_headers();
break;
case 'W':
set_wifi_key(optarg);
break;
case 'a':
set_conf_file(optarg);
break;
case 'h':
ec_usage();
break;
case 'v':
printf("%s %s\n", GBL_PROGRAM, GBL_VERSION);
clean_exit(0);
break;
/* Certificate and private key options */
case 0:
if (!strcmp(long_options[option_index].name, "certificate")) {
GBL_OPTIONS->ssl_cert = strdup(optarg);
} else if (!strcmp(long_options[option_index].name, "private-key")) {
GBL_OPTIONS->ssl_pkey = strdup(optarg);
#ifdef HAVE_EC_LUA
} else if (!strcmp(long_options[option_index].name,"lua-args")) {
ec_lua_cli_add_args(strdup(optarg));
}
else if (!strcmp(long_options[option_index].name,"lua-script")) {
ec_lua_cli_add_script(strdup(optarg));
break;
#endif
} else {
fprintf(stdout, "\nTry `%s --help' for more options.\n\n", GBL_PROGRAM);
clean_exit(-1);
}
break;
case ':': // missing parameter
fprintf(stdout, "\nTry `%s --help' for more options.\n\n", GBL_PROGRAM);
clean_exit(-1);
break;
case '?': // unknown option
fprintf(stdout, "\nTry `%s --help' for more options.\n\n", GBL_PROGRAM);
clean_exit(-1);
break;
}
}
DEBUG_MSG("parse_options: options parsed");
/* TARGET1 and TARGET2 parsing */
if (argv[optind]) {
GBL_OPTIONS->target1 = strdup(argv[optind]);
DEBUG_MSG("TARGET1: %s", GBL_OPTIONS->target1);
if (argv[optind+1]) {
GBL_OPTIONS->target2 = strdup(argv[optind+1]);
DEBUG_MSG("TARGET2: %s", GBL_OPTIONS->target2);
}
}
/* create the list form the TARGET format (MAC/IPrange/PORTrange) */
compile_display_filter();
DEBUG_MSG("parse_options: targets parsed");
/* check for other options */
if (GBL_SNIFF->start == NULL)
set_unified_sniff();
if (GBL_OPTIONS->read && GBL_PCAP->filter)
FATAL_ERROR("Cannot read from file and set a filter on interface");
if (GBL_OPTIONS->read && GBL_SNIFF->type != SM_UNIFIED )
FATAL_ERROR("You can read from a file ONLY in unified sniffing mode !");
if (GBL_OPTIONS->mitm && GBL_SNIFF->type != SM_UNIFIED )
FATAL_ERROR("You can't do mitm attacks in bridged sniffing mode !");
if (GBL_SNIFF->type == SM_BRIDGED && GBL_PCAP->promisc == 0)
FATAL_ERROR("During bridged sniffing the iface must be in promisc mode !");
if (GBL_OPTIONS->quiet && GBL_UI->type != UI_TEXT)
FATAL_ERROR("The quiet option is useful only with text only UI");
if (GBL_OPTIONS->load_hosts && GBL_OPTIONS->save_hosts)
FATAL_ERROR("Cannot load and save at the same time the hosts list...");
if (GBL_OPTIONS->unoffensive && GBL_OPTIONS->mitm)
FATAL_ERROR("Cannot use mitm attacks in unoffensive mode");
if (GBL_OPTIONS->read && GBL_OPTIONS->mitm)
FATAL_ERROR("Cannot use mitm attacks while reading from file");
#ifndef JUST_LIBRARY
if (GBL_UI->init == NULL)
FATAL_ERROR("Please select an User Interface");
#endif
/* force text interface for only mitm attack */
/* Do not select text interface for only MiTM mode
if (GBL_OPTIONS->only_mitm) {
if (GBL_OPTIONS->mitm)
select_text_interface();
else
FATAL_ERROR("Only mitm requires at least one mitm method");
} */
DEBUG_MSG("parse_options: options combination looks good");
return;
}
