Example #1
0
/*
 * init the ICMP REDIRECT attack
 */
static int icmp_redirect_start(char *args)
{
   struct ip_list *i;
   char tmp[MAX_ASCII_ADDR_LEN];
  
   DEBUG_MSG("icmp_redirect_start");

   /* check the parameter */
   if (!strcmp(args, "")) {
      SEMIFATAL_ERROR("ICMP redirect needs a parameter.\n");
   } else {
      char tmp[strlen(args)+2];

      /* add the / to be able to use the target parsing function */
      sprintf(tmp, "%s/", args);
      
      if (compile_target(tmp, &redirected_gw) != ESUCCESS)
         SEMIFATAL_ERROR("Wrong target parameter");
   }

   /* we need both mac and ip addresses */
   if (redirected_gw.all_mac || redirected_gw.all_ip)
      SEMIFATAL_ERROR("You must specify both MAC and IP addresses for the GW");

   i = LIST_FIRST(&redirected_gw.ips);
   USER_MSG("ICMP redirect: victim GW %s\n", ip_addr_ntoa(&i->ip, tmp));

   /* add the hook to receive all the tcp and udp packets */
   hook_add(HOOK_PACKET_TCP, &icmp_redirect);
   hook_add(HOOK_PACKET_UDP, &icmp_redirect);

   return ESUCCESS;
}
Example #2
0
/*
 * set the encoding to use when converting to UTF-8
 */
int set_utf8_encoding(u_char *fromcode)
{
#ifndef HAVE_UTF8
   USER_MSG("UTF-8 support not compiled in.");
   return ESUCCESS;
#else
   iconv_t cd;

   DEBUG_MSG("set_utf8_encoding: %s", fromcode);
      
   if (fromcode == NULL || strlen(fromcode) < 1)
      return -EINVALID;

   SAFE_FREE(utf8_encoding);

   /* make sure encoding type is supported */
   cd = iconv_open("UTF-8", fromcode);
   
   if (cd == (iconv_t)(-1))
      SEMIFATAL_ERROR("The conversion from %s to UTF-8 is not supported.", fromcode);
   
   iconv_close(cd);

   utf8_encoding = strdup(fromcode);

   return ESUCCESS;
#endif
}
Example #3
0
/*
 * execute the given command
 */
static int func_exec(struct filter_op *fop)
{
   pid_t pid;
   
   DEBUG_MSG("filter engine: func_exec: %s", fop->op.func.string);
   
   /* 
    * the command must be executed by a child.
    * we are forwding packets, and we cannot wait 
    * for the execution of the command 
    */
   pid = fork();
   
   /* check if the fork was successfull */
   if (pid == -1)
      SEMIFATAL_ERROR("filter engine: fork() failed, cannot execute %s", fop->op.func.string);
   
   /* differentiate between the parent and the child */
   if (!pid) {
      char **param = NULL;
      char *q = fop->op.func.string;
      char *p;
      int i = 0;

      /* split the string */
      for (p = strsep(&q, " "); p != NULL; p = strsep(&q, " ")) {
         /* allocate the array */
         SAFE_REALLOC(param, (i + 1) * sizeof(char *));
         
         /* copy the tokens in the array */
         param[i++] = strdup(p); 
      }
      
      /* NULL terminate the array */
      SAFE_REALLOC(param, (i + 1) * sizeof(char *));
      
      param[i] = NULL;
     
      /* 
       * close input, output and error.
       * we don't want to clobber the interface 
       * with output from the child
       */
      close(fileno(stdin));
      close(fileno(stdout));
      close(fileno(stderr));
      
      /* execute the command */
      execve(param[0], param, NULL);

      /* reached on errors */
      exit(-1);
   }
      
   return ESUCCESS;
}
Example #4
0
/*
 * open a file in the appropriate log_fd struct
 *
 * whether or not the log is compressed
 * fd->fd becomes to always be a file descriptor of the opened file
 * and fd->cfd is a non-NULL gzip stream descriptor when the log is to be compressed
 *
 * TODO: it is likely that we dont need 'type' field in 'log_fd' struct
 *       to mark a compressed log; non-NULL 'cfd' field becomes such a flag
 */
int log_open(struct log_fd *fd, char *filename)
{

   fd->fd = open(filename, O_CREAT|O_TRUNC|O_RDWR|O_BINARY, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH);
   if (fd->fd == -1)
      SEMIFATAL_ERROR("Can't create %s: %s", filename, strerror(errno));
   else
   {
      if (EC_GBL_OPTIONS->compress)
      {
         int zerr;
         fd->cfd = gzdopen(fd->fd, "wb9");
         if (fd->cfd == NULL)
            SEMIFATAL_ERROR("%s", gzerror(fd->cfd, &zerr));
      };
   };

   return E_SUCCESS;
}
Example #5
0
/*
 * open a file in the appropriate log_fd struct
 */
int log_open(struct log_fd *fd, char *filename)
{
   int zerr;

   if (fd->type == LOG_COMPRESSED) {
      fd->cfd = gzopen(filename, "wb9");
      if (fd->cfd == NULL)
         SEMIFATAL_ERROR("%s", gzerror(fd->cfd, &zerr));
   } else {
      fd->fd = open(filename, O_CREAT | O_TRUNC | O_RDWR | O_BINARY, S_IRUSR | S_IWUSR);
      if (fd->fd == -1)
         SEMIFATAL_ERROR("Can't create %s: %s", filename, strerror(errno));
   }
   
   /* set the permissions */
   chmod(filename, 0600);

   return ESUCCESS;
}
Example #6
0
/*
 * init the ICMP REDIRECT attack
 */
static int dhcp_spoofing_start(char *args)
{
   struct in_addr ipaddr;
   char *p;
   int i = 1;
  
   DEBUG_MSG("dhcp_spoofing_start");

   if (!strcmp(args, ""))
      SEMIFATAL_ERROR("DHCP spoofing needs a parameter.\n");

   /*
    * Check to see if sniff has started
    */
   if (!GBL_SNIFF->active)
      SEMIFATAL_ERROR("DHCP spoofing requires sniffing to be active.\n");
   
   /* check the parameter:
    *
    * ip_pool/netmask/dns
    */
   for (p = strsep(&args, "/"); p != NULL; p = strsep(&args, "/")) {
      /* first parameter (the ip_pool) */
      if (i == 1) {
         char tmp[strlen(p)+4];

         /* add the / to be able to use the target parsing function */
         snprintf(tmp, strlen(p)+4, "/%s//", p);

         if (compile_target(tmp, &dhcp_ip_pool) != ESUCCESS)
            break;
         
      /* second parameter (the netmask) */
      } else if (i == 2) {
         /* convert from string */
         if (inet_aton(p, &ipaddr) == 0)
            break;
         /* get the netmask */
         ip_addr_init(&dhcp_netmask, AF_INET, (u_char *)&ipaddr);
         
      /* third parameter (the dns server) */
      } else if (i == 3) {
         char tmp[MAX_ASCII_ADDR_LEN];

         /* convert from string */
         if (inet_aton(p, &ipaddr) == 0)
            break;
         /* get the netmask */
         ip_addr_init(&dhcp_dns, AF_INET, (u_char *)&ipaddr);
         
         /* all the parameters were parsed correctly... */
         USER_MSG("DHCP spoofing: using specified ip_pool, netmask %s", ip_addr_ntoa(&dhcp_netmask, tmp));
         USER_MSG(", dns %s\n", ip_addr_ntoa(&dhcp_dns, tmp));
         /* add the hookpoints */
         hook_add(HOOK_PROTO_DHCP_REQUEST, dhcp_spoofing_req);
         hook_add(HOOK_PROTO_DHCP_DISCOVER, dhcp_spoofing_disc);
         /* create the options */
         dhcp_setup_options();

         /* se the pointer to the first ip pool address */
         dhcp_free_ip = LIST_FIRST(&dhcp_ip_pool.ips);
         return ESUCCESS;
      }
      
      i++;
   }

   /* error parsing the parameter */
   SEMIFATAL_ERROR("DHCP spoofing: parameter number %d is incorrect.\n", i);

   return -EFATAL;
}