void chanhop(struct timeval* tv) { unsigned long elapsed = 0; if (gettimeofday(tv, NULL) == -1) die(1, "gettimeofday()"); elapsed = elapsed_ms(tv, &chaninfo.last_hop); // need to chan hop if (elapsed >= hopfreq) { int c; c = chaninfo.chan + 1; if (c > 11) c = 1; set_chan(c); elapsed = hopfreq; } // how much can we sleep? else { elapsed = hopfreq - elapsed; } // ok calculate sleeping time... tv->tv_sec = elapsed/1000; tv->tv_usec = (elapsed - tv->tv_sec*1000)*1000; }
void setup_if(char *dev) { struct ifreq ifr; unsigned int flags; // set chan memset(&chaninfo.ireq, 0, sizeof(chaninfo.ireq)); strcpy(chaninfo.ireq.i_name, dev); chaninfo.ireq.i_type = IEEE80211_IOC_CHANNEL; set_chan(1); // set iface up and promisc memset(&ifr, 0, sizeof(ifr)); strcpy(ifr.ifr_name, dev); if (ioctl(ioctl_s, SIOCGIFFLAGS, &ifr) == -1) die(1, "ioctl(SIOCGIFFLAGS)"); flags = (ifr.ifr_flags & 0xffff) | (ifr.ifr_flagshigh << 16); flags |= IFF_UP | IFF_PPROMISC; memset(&ifr, 0, sizeof(ifr)); strcpy(ifr.ifr_name, dev); ifr.ifr_flags = flags & 0xffff; ifr.ifr_flagshigh = flags >> 16; if (ioctl(ioctl_s, SIOCSIFFLAGS, &ifr) == -1) die(1, "ioctl(SIOCSIFFLAGS)"); }
void user_input() { static char chan[3]; static int pos = 0; int c; c = getch(); switch (c) { case 'w': save_state(); break; case 'q': cleanup(0); break; case 'c': chaninfo.locked = !chaninfo.locked; break; case ERR: die(0, "getch()"); break; case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': case '8': case '9': chan[pos++] = c; if (pos == 2) { int ch = atoi(chan); if (ch <= 11 && ch >= 1) { set_chan(atoi(chan)); chaninfo.locked = 1; } pos = 0; } break; default: pos = 0; break; } }
int main(void) { shell_t shell; const char *disco_addr = DISCO_ADDR; port[0] = (uint8_t)DISCO_PORT; port[1] = (uint8_t)(DISCO_PORT >> 8); ng_ipv6_addr_from_str(&addr, disco_addr); char buf[100]; ng_ipv6_addr_to_str(buf, &addr, 100); printf("got address: %s\n", buf); set_chan(DISCO_CHANNEL); shell_init(&shell, shell_commands, STDIO_RX_BUFSIZE, getchar, putchar); shell_run(&shell); return 0; }
static int get_victim_ssid(struct wstate *ws, struct ieee80211_frame* wh, int len) { unsigned char* ptr; int x; int gots = 0, gotc = 0; if (len <= (int) sizeof(*wh)) { time_print("Warning: short packet in get_victim_ssid()\n"); return 0; } ptr = (unsigned char*)wh + sizeof(*wh); len -= sizeof(*wh); // only wep baby if ( !(IEEE80211_BEACON_CAPABILITY(ptr) & IEEE80211_CAPINFO_PRIVACY)) { return 0; } // we want a specific victim if (ws->ws_victim_mac) { if (memcmp(wh->i_addr3, ws->ws_victim_mac, 6) != 0) return 0; } // beacon header x = 8 + 2 + 2; if (len <= x) { time_print("Warning short.\n"); return 0; } ptr += x; len -= x; // SSID while(len > 2) { int eid, elen; eid = *ptr; ptr++; elen = *ptr; ptr++; len -= 2; if (len < elen) { time_print("Warning short....\n"); return 0; } // ssid if (eid == 0) { if (ws->ws_ssid) free(ws->ws_ssid); ws->ws_ssid = (char*) malloc(elen + 1); if (!ws->ws_ssid) { perror("malloc()"); exit(1); } memcpy(ws->ws_ssid, ptr, elen); ws->ws_ssid[elen] = 0; gots = 1; } // chan else if(eid == 3) { if( elen != 1) { time_print("Warning len of chan not 1\n"); return 0; } ws->ws_apchan = *ptr; gotc = 1; } ptr += elen; len -= elen; } if (gots && gotc) { memcpy(ws->ws_bss, wh->i_addr3, 6); set_chan(ws, ws->ws_apchan); ws->ws_state = FOUND_VICTIM; time_print("Found SSID(%s) BSS=(%s) chan=%d\n", ws->ws_ssid, mac2str(ws->ws_bss), ws->ws_apchan); return 1; } return 0; }