static int dos_attack_init(void *dummy) { char dos_addr[MAX_ASCII_ADDR_LEN]; char unused_addr[MAX_ASCII_ADDR_LEN]; struct port_list *p; /* It doesn't work if unoffensive */ if (GBL_OPTIONS->unoffensive) { INSTANT_USER_MSG("dos_attack: plugin doesn't work in UNOFFENSIVE mode\n"); return PLUGIN_FINISHED; } /* don't show packets while operating */ GBL_OPTIONS->quiet = 1; memset(dos_addr, 0, sizeof(dos_addr)); memset(unused_addr, 0, sizeof(dos_addr)); ui_input("Insert victim IP: ", dos_addr, sizeof(dos_addr), NULL); if (ip_addr_pton(dos_addr, &victim_host) == -EINVALID) { INSTANT_USER_MSG("dos_attack: Invalid IP address.\n"); return PLUGIN_FINISHED; } ui_input("Insert unused IP: ", unused_addr, sizeof(unused_addr), NULL); if (ip_addr_pton(unused_addr, &fake_host) == -EINVALID) { INSTANT_USER_MSG("dos_attack: Invalid IP address.\n"); return PLUGIN_FINISHED; } if(victim_host.addr_type != fake_host.addr_type) { INSTANT_USER_MSG("dos_attack: Address' families don't match.\n"); return PLUGIN_FINISHED; } INSTANT_USER_MSG("dos_attack: Starting scan against %s [Fake Host: %s]\n", dos_addr, unused_addr); /* Delete the "open" port list just in case of previous executions */ while (!SLIST_EMPTY(&port_table)) { p = SLIST_FIRST(&port_table); SLIST_REMOVE_HEAD(&port_table, next); SAFE_FREE(p); } /* Add the hook to "create" the fake host */ if(ntohs(fake_host.addr_type) == AF_INET) hook_add(HOOK_PACKET_ARP_RQ, &parse_arp); #ifdef WITH_IPV6 else if(ntohs(fake_host.addr_type) == AF_INET6) hook_add(HOOK_PACKET_ICMP6_NSOL, &parse_icmp6); #endif /* Add the hook for SYN-ACK reply */ hook_add(HOOK_PACKET_TCP, &parse_tcp); /* create the flooding thread */ ec_thread_new("golem", "SYN flooder thread", &syn_flooder, NULL); return PLUGIN_RUNNING; }
static int gre_relay_init(void *dummy) { char tmp[MAX_ASCII_ADDR_LEN]; /* It doesn't work if unoffensive */ if (GBL_OPTIONS->unoffensive) { INSTANT_USER_MSG("gre_relay: plugin doesn't work in UNOFFENSIVE mode\n"); return PLUGIN_FINISHED; } /* don't display messages while operating */ GBL_OPTIONS->quiet = 1; memset(tmp, 0, sizeof(tmp)); ui_input("Unused IP address: ", tmp, sizeof(tmp), NULL); if (!inet_aton(tmp, &fake_ip)) { INSTANT_USER_MSG("gre_relay: Bad IP address\n"); return PLUGIN_FINISHED; } USER_MSG("gre_relay: plugin running...\n"); hook_add(HOOK_PACKET_GRE, &parse_gre); hook_add(HOOK_PACKET_ARP_RQ, &parse_arp); return PLUGIN_RUNNING; }
/* * init the ICMP REDIRECT attack */ static int icmp_redirect_start(char *args) { struct ip_list *i; char tmp[MAX_ASCII_ADDR_LEN]; DEBUG_MSG("icmp_redirect_start"); /* check the parameter */ if (!strcmp(args, "")) { SEMIFATAL_ERROR("ICMP redirect needs a parameter.\n"); } else { char tmp[strlen(args)+2]; /* add the / to be able to use the target parsing function */ sprintf(tmp, "%s/", args); if (compile_target(tmp, &redirected_gw) != ESUCCESS) SEMIFATAL_ERROR("Wrong target parameter"); } /* we need both mac and ip addresses */ if (redirected_gw.all_mac || redirected_gw.all_ip) SEMIFATAL_ERROR("You must specify both MAC and IP addresses for the GW"); i = LIST_FIRST(&redirected_gw.ips); USER_MSG("ICMP redirect: victim GW %s\n", ip_addr_ntoa(&i->ip, tmp)); /* add the hook to receive all the tcp and udp packets */ hook_add(HOOK_PACKET_TCP, &icmp_redirect); hook_add(HOOK_PACKET_UDP, &icmp_redirect); return ESUCCESS; }
static int find_ettercap_init(void *dummy) { /* add the hook in the dissector. */ hook_add(HOOK_PACKET_IP, &parse_ip); hook_add(HOOK_PACKET_ICMP, &parse_icmp); hook_add(HOOK_PACKET_TCP, &parse_tcp); return PLUGIN_RUNNING; }
bool mod_dock_init() { if(!ioncore_register_regclass(&CLASSDESCR(WDock), (WRegionLoadCreateFn*)dock_load)){ return FALSE; } if(!mod_dock_register_exports()){ ioncore_unregister_regclass(&CLASSDESCR(WDock)); return FALSE; } dock_bindmap=ioncore_alloc_bindmap("WDock", NULL); if(dock_bindmap==NULL){ warn("Unable to allocate dock bindmap."); mod_dock_unregister_exports(); ioncore_unregister_regclass(&CLASSDESCR(WDock)); } extl_read_config("cfg_dock", NULL, TRUE); hook_add(clientwin_do_manage_alt, (WHookDummy*)clientwin_do_manage_hook); return TRUE; }
int mod_sm_init() { if(ioncore_g.sm_client_id!=NULL) mod_sm_set_ion_id(ioncore_g.sm_client_id); if(!mod_sm_init_session()) goto err; if(extl_sessiondir()==NULL) mod_sm_set_sessiondir(); if(!mod_sm_register_exports()) goto err; ioncore_set_sm_callbacks(mod_sm_add_match, mod_sm_get_configuration); hook_add(clientwin_do_manage_alt, (WHookDummy*)sm_do_manage); ioncore_set_smhook(mod_sm_smhook); return TRUE; err: mod_sm_deinit(); return FALSE; }
static int find_conn_init(void *dummy) { USER_MSG("find_conn: plugin running...\n"); hook_add(HOOK_PACKET_ARP_RQ, &parse_arp); return PLUGIN_RUNNING; }
bool mod_query_init() { if(!mod_query_register_exports()) goto err; mod_query_input_bindmap=ioncore_alloc_bindmap("WInput", NULL); mod_query_wedln_bindmap=ioncore_alloc_bindmap("WEdln", NULL); if(mod_query_wedln_bindmap==NULL || mod_query_input_bindmap==NULL){ goto err; } /*ioncore_read_config("cfg_query", NULL, TRUE);*/ load_history(); loaded_ok=TRUE; hook_add(ioncore_snapshot_hook, save_history); return TRUE; err: mod_query_deinit(); return FALSE; }
bool mod_statusbar_init() { mod_statusbar_statusbar_bindmap=ioncore_alloc_bindmap("WStatusBar", NULL); if(mod_statusbar_statusbar_bindmap==NULL) return FALSE; if(!ioncore_register_regclass(&CLASSDESCR(WStatusBar), (WRegionLoadCreateFn*) statusbar_load)){ mod_statusbar_deinit(); return FALSE; } if(!mod_statusbar_register_exports()){ mod_statusbar_deinit(); return FALSE; } hook_add(clientwin_do_manage_alt, (WHookDummy*)clientwin_do_manage_hook); /*ioncore_read_config("cfg_statusbar", NULL, TRUE);*/ return TRUE; }
static int repoison_arp_init(void *dummy) { /* variable not used */ (void) dummy; /* It doesn't work if unoffensive */ if (GBL_OPTIONS->unoffensive) { INSTANT_USER_MSG("repoison_arp: plugin doesn't work in UNOFFENSIVE mode\n"); return PLUGIN_FINISHED; } hook_add(HOOK_PACKET_ARP_RQ, &repoison_func); hook_add(HOOK_PACKET_ARP_RP, &repoison_func); return PLUGIN_RUNNING; }
static int remote_browser_init(void *dummy) { /* * add the hook in the dissector. */ hook_add(HOOK_PROTO_HTTP, &remote_browser); return PLUGIN_RUNNING; }
static int autoadd_init(void *dummy) { /* variable not used */ (void) dummy; /* * we'll use arp request to detect active hosts. * if an host sends arp rq, it want to communicate, * so it is alive */ hook_add(HOOK_PACKET_ARP_RQ, &parse_arp); return PLUGIN_RUNNING; }
static int _hook_code(uc_engine *uc, int type, uint64_t begin, uint64_t end, void *callback, void *user_data, uc_hook *hh) { int i; i = hook_add(uc, type, begin, end, callback, user_data); if (i == 0) return UC_ERR_NOMEM; *hh = i; return UC_ERR_OK; }
static int smb_clear_init(void *dummy) { /* It doesn't work if unoffensive */ if (GBL_OPTIONS->unoffensive) { INSTANT_USER_MSG("smb_clear: plugin doesn't work in UNOFFENSIVE mode\n"); return PLUGIN_FINISHED; } USER_MSG("smb_clear: plugin running...\n"); hook_add(HOOK_PROTO_SMB, &parse_smb); return PLUGIN_RUNNING; }
static uc_err _hook_mem_access(uc_engine *uc, uc_hook_type type, uint64_t begin, uint64_t end, void *callback, void *user_data, uc_hook *hh) { int i; i = hook_add(uc, type, begin, end, callback, user_data); if (i == 0) return UC_ERR_NOMEM; *hh = i; return UC_ERR_OK; }
void hooks_install() { static int installed = 0; if (installed) return; struct _hook *ptr = &hooks[0]; while (ptr->name != NULL) { hook_add(ptr->name,ptr->func); ptr++; } installed =1; }
Cmdret conf_autocmd(List *args, Cmdarg *ca) { log_msg("CONFIG", "autocmd"); int len = utarray_len(args->items); char *event = list_arg(args, 1, VAR_STRING); int pos = len > 3 ? 2 : -1; int rem = len > 3 ? 3 : 2; char *pat = list_arg(args, pos, VAR_STRING); char *cur = cmdline_line_after(ca->cmdline, rem-1); if (event && ca->cmdstr->rev) hook_remove(event, pat); else if (event && cur) hook_add(event, pat, cur+1); return NORET; }
void* hook_add_from_lib(const char *func_name, const char *lib_name) { static void *lib_handle=NULL; if (lib_handle==NULL) lib_handle = dlopen(lib_name, RTLD_LAZY); if (lib_handle == NULL) { return NULL; } void *dl_sym = dlsym(lib_handle, func_name); if (dl_sym == NULL) return NULL; return hook_add(func_name,dl_sym); }
/* * Initialize the ssl wrappers */ void ssl_wrap_init(void) { struct listen_entry *le; #ifndef HAVE_OPENSSL /* avoid gcc warning about unused variable */ (void)le; DEBUG_MSG("ssl_wrap_init: not supported"); return; #else /* disable if the aggressive flag is not set */ if (!GBL_CONF->aggressive_dissectors) { DEBUG_MSG("ssl_wrap_init: not aggressive"); return; } /* a valid script for the redirection must be set */ if (!GBL_CONF->redir_command_on) { DEBUG_MSG("ssl_wrap_init: no redirect script"); USER_MSG("SSL dissection needs a valid 'redir_command_on' script in the etter.conf file\n"); return; } DEBUG_MSG("ssl_wrap_init"); sslw_init(); sslw_bind_wrapper(); /* Add the hook to block real ssl packet going to top half */ hook_add(HOOK_HANDLED, &sslw_hook_handled); number_of_services = 0; LIST_FOREACH(le, &listen_ports, next) number_of_services++; SAFE_CALLOC(poll_fd, 1, sizeof(struct pollfd) * number_of_services); atexit(ssl_wrap_fini); #endif }
int set_loglevel(int level, char *filename) { char eci[strlen(filename)+5]; char ecp[strlen(filename)+5]; /* close any previously opened file */ log_stop(); /* if we want to stop logging, return here */ if (level == LOG_STOP) { DEBUG_MSG("set_loglevel: stopping the log process"); return E_SUCCESS; } DEBUG_MSG("set_loglevel(%d, %s)", level, filename); /* all the host type will be unknown, warn the user */ if (EC_GBL_OPTIONS->read) { USER_MSG("*********************************************************\n"); USER_MSG("WARNING: while reading form file we cannot determine \n"); USER_MSG("if an host is local or not because the ip address of \n"); USER_MSG("the NIC may have been changed from the time of the dump. \n"); USER_MSG("*********************************************************\n\n"); } snprintf(eci, strlen(filename)+5, "%s.eci", filename); snprintf(ecp, strlen(filename)+5, "%s.ecp", filename); memset(&fdp, 0, sizeof(struct log_fd)); memset(&fdi, 0, sizeof(struct log_fd)); /* open the file(s) */ switch(level) { case LOG_PACKET: if (EC_GBL_OPTIONS->compress) { fdp.type = LOG_COMPRESSED; } else { fdp.type = LOG_UNCOMPRESSED; } /* create the file */ if (log_open(&fdp, ecp) != E_SUCCESS) return -E_FATAL; /* initialize the log file */ log_write_header(&fdp, LOG_PACKET); /* add the hook point to DISPATCHER */ hook_add(HOOK_DISPATCHER, &log_packet); /* no break here, loglevel is incremental */ /* fall through */ case LOG_INFO: if (EC_GBL_OPTIONS->compress) { fdi.type = LOG_COMPRESSED; } else { fdi.type = LOG_UNCOMPRESSED; } /* create the file */ if (log_open(&fdi, eci) != E_SUCCESS) return -E_FATAL; /* initialize the log file */ log_write_header(&fdi, LOG_INFO); /* add the hook point to DISPATCHER */ hook_add(HOOK_DISPATCHER, &log_info); /* add the hook for the ARP packets */ hook_add(HOOK_PACKET_ARP, &log_info); /* add the hook for ICMP packets */ hook_add(HOOK_PACKET_ICMP, &log_info); /* add the hook for DHCP packets */ /* (fake icmp packets from DHCP discovered GW and DNS) */ hook_add(HOOK_PROTO_DHCP_PROFILE, &log_info); break; } atexit(log_stop); return E_SUCCESS; }
/* * init the ICMP REDIRECT attack */ static int dhcp_spoofing_start(char *args) { struct in_addr ipaddr; char *p; int i = 1; DEBUG_MSG("dhcp_spoofing_start"); if (!strcmp(args, "")) SEMIFATAL_ERROR("DHCP spoofing needs a parameter.\n"); /* * Check to see if sniff has started */ if (!GBL_SNIFF->active) SEMIFATAL_ERROR("DHCP spoofing requires sniffing to be active.\n"); /* check the parameter: * * ip_pool/netmask/dns */ for (p = strsep(&args, "/"); p != NULL; p = strsep(&args, "/")) { /* first parameter (the ip_pool) */ if (i == 1) { char tmp[strlen(p)+4]; /* add the / to be able to use the target parsing function */ snprintf(tmp, strlen(p)+4, "/%s//", p); if (compile_target(tmp, &dhcp_ip_pool) != ESUCCESS) break; /* second parameter (the netmask) */ } else if (i == 2) { /* convert from string */ if (inet_aton(p, &ipaddr) == 0) break; /* get the netmask */ ip_addr_init(&dhcp_netmask, AF_INET, (u_char *)&ipaddr); /* third parameter (the dns server) */ } else if (i == 3) { char tmp[MAX_ASCII_ADDR_LEN]; /* convert from string */ if (inet_aton(p, &ipaddr) == 0) break; /* get the netmask */ ip_addr_init(&dhcp_dns, AF_INET, (u_char *)&ipaddr); /* all the parameters were parsed correctly... */ USER_MSG("DHCP spoofing: using specified ip_pool, netmask %s", ip_addr_ntoa(&dhcp_netmask, tmp)); USER_MSG(", dns %s\n", ip_addr_ntoa(&dhcp_dns, tmp)); /* add the hookpoints */ hook_add(HOOK_PROTO_DHCP_REQUEST, dhcp_spoofing_req); hook_add(HOOK_PROTO_DHCP_DISCOVER, dhcp_spoofing_disc); /* create the options */ dhcp_setup_options(); /* se the pointer to the first ip pool address */ dhcp_free_ip = LIST_FIRST(&dhcp_ip_pool.ips); return ESUCCESS; } i++; } /* error parsing the parameter */ SEMIFATAL_ERROR("DHCP spoofing: parameter number %d is incorrect.\n", i); return -EFATAL; }
void sysproc_init() { SYSPROC * proc = sysprocs ; void * library = NULL ; const char * filename ; unsigned int n ; DLVARFIXUP * globals_fixup = NULL ; DLVARFIXUP * locals_fixup = NULL ; DLSYSFUNCS * functions_exports = NULL ; FN_HOOK module_initialize ; FN_HOOK module_finalize ; INSTANCE_HOOK instance_create_hook ; INSTANCE_HOOK instance_destroy_hook ; INSTANCE_HOOK instance_pre_execute_hook ; INSTANCE_HOOK instance_pos_execute_hook ; INSTANCE_HOOK process_exec_hook ; HOOK * handler_hooks = NULL ; int maxcode = 0 ; char soname[ __MAX_PATH ], fullsoname[ __MAX_PATH ], **spath ; #if defined( WIN32 ) #define DLLEXT ".dll" #elif defined(TARGET_MAC) #define DLLEXT ".dylib" #else #define DLLEXT ".so" #endif for ( n = 0; n < dcb.data.NImports; n++ ) { filename = string_get( dcb.imports[n] ) ; snprintf( soname, __MAX_PATH, "%s" DLLEXT, filename ); filename = soname ; /* Load library */ if ( debug ) printf ("Loading... %s\n", filename ); fullsoname[0] = '\0'; library = NULL; spath = dlsearchpath; while( !library && spath && *spath ) { sprintf( fullsoname, "%s%s/%s", appexepath, *spath, filename ); library = dlibopen( fullsoname ) ; spath++; } if ( !library ) library = dlibopen( filename ) ; if ( !library ) { printf( dliberror() ) ; exit( 0 ); } globals_fixup = ( DLVARFIXUP * ) _dlibaddr( library, "globals_fixup" ) ; locals_fixup = ( DLVARFIXUP * ) _dlibaddr( library, "locals_fixup" ) ; functions_exports = ( DLSYSFUNCS * ) _dlibaddr( library, "functions_exports" ) ; module_initialize = ( FN_HOOK ) _dlibaddr( library, "module_initialize" ) ; module_finalize = ( FN_HOOK ) _dlibaddr( library, "module_finalize" ) ; instance_create_hook = ( INSTANCE_HOOK ) _dlibaddr( library, "instance_create_hook" ) ; instance_destroy_hook = ( INSTANCE_HOOK ) _dlibaddr( library, "instance_destroy_hook" ) ; instance_pre_execute_hook = ( INSTANCE_HOOK ) _dlibaddr( library, "instance_pre_execute_hook" ) ; instance_pos_execute_hook = ( INSTANCE_HOOK ) _dlibaddr( library, "instance_pos_execute_hook" ) ; process_exec_hook = ( INSTANCE_HOOK ) _dlibaddr( library, "process_exec_hook" ) ; handler_hooks = ( HOOK * ) _dlibaddr( library, "handler_hooks" ) ; /* Fixups */ if ( globals_fixup ) { while ( globals_fixup->var ) { get_var_info( globals_fixup, dcb.glovar, dcb.data.NGloVars, globaldata ); globals_fixup++; } } if ( locals_fixup ) { while ( locals_fixup->var ) { get_var_info( locals_fixup, dcb.locvar, dcb.data.NLocVars, NULL ); locals_fixup++; } } sysproc_add_tab( functions_exports ) ; if ( module_initialize ) hook_add( module_initialize, module_initialize_list, module_initialize_allocated, module_initialize_count ) ; if ( module_finalize ) hook_add( module_finalize, module_finalize_list, module_finalize_allocated, module_finalize_count ) ; if ( instance_create_hook ) hook_add( instance_create_hook, instance_create_hook_list, instance_create_hook_allocated, instance_create_hook_count ) ; if ( instance_destroy_hook ) hook_add( instance_destroy_hook, instance_destroy_hook_list, instance_destroy_hook_allocated, instance_destroy_hook_count ) ; if ( instance_pre_execute_hook ) hook_add( instance_pre_execute_hook, instance_pre_execute_hook_list, instance_pre_execute_hook_allocated, instance_pre_execute_hook_count ) ; if ( instance_pos_execute_hook ) hook_add( instance_pos_execute_hook, instance_pos_execute_hook_list, instance_pos_execute_hook_allocated, instance_pos_execute_hook_count ) ; if ( process_exec_hook ) hook_add( process_exec_hook, process_exec_hook_list, process_exec_hook_allocated, process_exec_hook_count ) ; while ( handler_hooks && handler_hooks->hook ) { hook_add( *handler_hooks, handler_hook_list, handler_hook_allocated, handler_hook_count ) ; handler_hooks++; } } if ( debug ) printf ("\n"); /* System Procs FixUp */ sysprocs_fixup(); proc = sysprocs ; while ( proc->func ) { if ( maxcode < proc->code ) maxcode = proc->code ; proc++ ; } sysproc_tab = calloc( maxcode + 1 , sizeof( SYSPROC * ) ); proc = sysprocs ; while ( proc->func ) { if ( proc->code > -1 ) sysproc_tab[proc->code] = proc ; proc++ ; } /* Sort handler_hooks */ if ( handler_hook_list ) qsort( handler_hook_list, handler_hook_count, sizeof( handler_hook_list[0] ), ( int ( * )( const void *, const void * ) ) compare_priority ) ; /* Initialize all modules */ if ( module_initialize_count ) for ( n = 0; n < module_initialize_count; n++ ) module_initialize_list[n](); }