Esempio n. 1
0
void receive_probe_requests(NetworkInterface iface) {
	SnifferConfiguration config;
	config.set_rfmon(true);
	config.set_filter("type mgt subtype probe-req || type data subtype null");
	Sniffer sniffer(iface.name(), config);
	while(true) process(sniffer.next_packet());
}
Esempio n. 2
0
 result_type trace() {
     SnifferConfiguration config;
     config.set_promisc_mode(false);
     // ICMPs that aren't sent from us.
     config.set_filter(
         "ip proto \\icmp and not src host " + iface.addresses().ip_addr.to_string());
     Sniffer sniffer(iface.name(), config);
     
     PacketSender sender;
     // Create our handler
     auto handler = bind(
         &Traceroute::sniff_callback, 
         this, 
         std::placeholders::_1
     );
     // We're running
     running = true;
     // Start the sniff thread
     thread sniff_thread(
         [&]() {
             sniffer.sniff_loop(handler);
         }
     );
     send_packets(sender);
     sniff_thread.join();
     // If the final hop responded, add its address at the appropriate ttl
     if (lowest_dest_ttl != numeric_limits<int>::max()) {
         results[lowest_dest_ttl] = addr;
     }
     // Clear our results and return what we've found
     return move(results);
 }
Esempio n. 3
0
Sniffer::Sniffer(const string& device, 
                 promisc_type promisc,
                 const string& filter,
                 bool rfmon) {
    SnifferConfiguration configuration;
    configuration.set_promisc_mode(promisc == PROMISC);
    configuration.set_filter(filter);
    configuration.set_rfmon(rfmon);

    char error[PCAP_ERRBUF_SIZE];
    pcap_t* phandle = pcap_create(TINS_PREFIX_INTERFACE(device).c_str(), error);
    if (!phandle) {
        throw runtime_error(error);
    }
    set_pcap_handle(phandle);

    // Set the netmask if we are able to find it.
    bpf_u_int32 ip, if_mask;
    if (pcap_lookupnet(TINS_PREFIX_INTERFACE(device).c_str(), &ip, &if_mask, error) == 0) {
        set_if_mask(if_mask);
    }

    // Configure the sniffer's attributes prior to activation.
    configuration.configure_sniffer_pre_activation(*this);

    // Finally, activate the pcap. In case of error throw runtime_error
    if (pcap_activate(get_pcap_handle()) < 0) {
        throw pcap_error(pcap_geterr(get_pcap_handle()));
    }

    // Configure the sniffer's attributes after activation.
    configuration.configure_sniffer_post_activation(*this);
}
Esempio n. 4
0
int main(int argc, char* argv[]) {
    string iface;
    if (argc == 2) {
        // Use the provided interface
        iface = argv[1];
    }
    else {
        // Use the default interface
        iface = NetworkInterface::default_interface().name();
    }
    try {
        SnifferConfiguration config;
        config.set_promisc_mode(true);
        config.set_filter("udp and port 53");
        Sniffer sniffer(iface, config);
        dns_monitor monitor;
        thread thread(
            [&]() {
                monitor.run(sniffer);
            }
        );
        while (true) {
            auto info = monitor.stats().get_information();
            cout << "\rAverage " << info.average.count() 
                << "ms. Worst: " << info.worst.count() << "ms. Count: "
                << info.count << "   ";
            cout.flush();
            sleep_for(seconds(1));
        }
    }
    catch (exception& ex) {
        cout << "[-] Error: " << ex.what() << endl;
    }
}
int main(int argc, char* argv[]) {
    if (argc != 2) {
        cout << "Usage: " << argv[0] << " <interface>" << endl;
        return 1;
    }

    try {
        // Construct the sniffer configuration object
        SnifferConfiguration config;
        // Only capture TCP traffic sent from/to port 80
        config.set_filter("tcp port 80");
        // Construct the sniffer we'll use
        Sniffer sniffer(argv[1], config);

        cout << "Starting capture on interface " << argv[1] << endl;

        // Now construct the stream follower
        StreamFollower follower;
        // We just need to specify the callback to be executed when a new 
        // stream is captured. In this stream, you should define which callbacks
        // will be executed whenever new data is sent on that stream 
        // (see on_new_connection)
        follower.new_stream_callback(&on_new_connection);
        // Now start capturing. Every time there's a new packet, call 
        // follower.process_packet
        sniffer.sniff_loop([&](Packet& packet) {
            follower.process_packet(packet);
            return true;
        });
    }
    catch (exception& ex) {
        cerr << "Error: " << ex.what() << endl;
        return 1;
    }
}
Esempio n. 6
0
 result_type trace() {
     // ICMPs that aren't sent from us.
     SnifferConfiguration config;
     config.set_snap_len(500);
     config.set_promisc_mode(false);
     config.set_filter(
         "ip proto \\icmp and not src host " + iface.addresses().ip_addr.to_string());
     Sniffer sniffer(iface.name(), config);
     
     PacketSender sender;
     // Create our handler
     auto handler = std::bind(
         &Traceroute::sniff_callback, 
         this, 
         std::placeholders::_1
     );
     // We're running
     running = true;
     // Start the sniff thread
     std::thread sniff_thread(
         &Sniffer::sniff_loop<decltype(handler)>, 
         &sniffer, 
         handler,
         0
     );
     send_packets(sender);
     sniff_thread.join();
     // Clear our results and return what we've found
     return std::move(results);
 }
Esempio n. 7
0
void BeaconSniffer::run(const std::string& iface) {
    SnifferConfiguration config;
    config.set_promisc_mode(true);
    config.set_filter("type mgt subtype beacon");
    config.set_rfmon(true);
    Sniffer sniffer(iface, config);
    sniffer.sniff_loop(make_sniffer_handler(this, &BeaconSniffer::callback));
}
Esempio n. 8
0
void InfoWriter::process() {
    SnifferConfiguration config;
    config.set_promisc_mode(true);
    try {
        config.set_filter(filter.toLower().toStdString());
        sniffer = new Sniffer(NetworkInterface::default_interface().name(),config);
        sniffer->sniff_loop(std::tr1::bind(&InfoWriter::callback, this, std::placeholders::_1));
    } catch (std::exception e) {
        emit error(QString::fromStdString(e.what()));
    }
}
Esempio n. 9
0
int main(int argc, char *argv[]) {
    if(argc != 2) {
        std::cout << "Usage: " << *argv << " <DEVICE>\n";
        return 1;
    }
    // Only sniff beacons
    SnifferConfiguration config;
    config.set_snap_len(2000);
    config.set_promisc_mode(true);
    config.set_filter("wlan type mgt subtype beacon");
    Sniffer sniffer(argv[1], config);
    sniffer.sniff_loop(handler);
}
Esempio n. 10
0
FileSniffer::FileSniffer(const string& file_name, const string& filter) {
    SnifferConfiguration config;
    config.set_filter(filter);

    char error[PCAP_ERRBUF_SIZE];
    pcap_t* phandle = pcap_open_offline(file_name.c_str(), error);
    if (!phandle) {
        throw pcap_error(error);
    }
    set_pcap_handle(phandle);

    // Configure the sniffer
    config.configure_sniffer_pre_activation(*this);
}
Esempio n. 11
0
int main(int argc, char *argv[]) 
{
    if(argc != 2) {
        std::cout << "Usage: " << *argv << " <interface>\n";
        return 1;
    }
    arp_monitor monitor;
    // Sniffer configuration
    SnifferConfiguration config;
    config.set_promisc_mode(true);
    config.set_filter("arp");

    // Sniff on the provided interface in promiscuous mode
    Sniffer sniffer(argv[1], config);
    
    // Only capture arp packets
    monitor.run(sniffer);
}
Esempio n. 12
0
int main(int argc, char* argv[]) {
    if(argc != 2) {
        cout << "Usage: " <<* argv << " <interface>" << endl;
        return 1;
    }
    arp_monitor monitor;
    // Sniffer configuration
    SnifferConfiguration config;
    config.set_promisc_mode(true);
    config.set_filter("arp");

    try {
        // Sniff on the provided interface in promiscuous mode
        Sniffer sniffer(argv[1], config);
        
        // Only capture arp packets
        monitor.run(sniffer);
    }
    catch (std::exception& ex) {
        std::cerr << "Error: " << ex.what() << std::endl;
    }
}
int main(int argc, char *argv[])
{
	pcap_if_t *alldevs;
	pcap_if_t *d;
	int inum;
	int i = 0;
	char errbuf[PCAP_ERRBUF_SIZE];

	/* Retrieve the device list */
	if (pcap_findalldevs(&alldevs, errbuf) == -1)
	{
		fprintf(stderr, "Error in pcap_findalldevs: %s\n", errbuf);
		exit(1);
	}

	/* Print the list */
	for (d = alldevs; d; d = d->next)
	{
		printf("%d. %s", ++i, d->name);
		if (d->description)
			printf(" (%s)\n", d->description);
		else
			printf(" (No description available)\n");
	}

	if (i == 0)
	{
		printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
		return -1;
	}

	printf("Enter the interface number (1-%d):", i);
	scanf_s("%d", &inum);

	if (inum < 1 || inum > i)
	{
		printf("\nInterface number out of range.\n");
		/* Free the device list */
		pcap_freealldevs(alldevs);
		return -1;
	}

	/* Jump to the selected adapter */
	for (d = alldevs, i = 0; i< inum - 1; d = d->next, i++);

	arp_monitor monitor;
	// Sniffer configuration
	SnifferConfiguration config;
	config.set_promisc_mode(true);
	config.set_filter("arp");

	try {
		// Sniff on the provided interface in promiscuous mode
		std::string str_interface = std::string(d->name);
		std::string str_begin = "\\Device\\NPF_";

		// kill \Device\NPF_
		if (str_interface.find_first_of(str_begin) != std::string::npos){
			str_interface = &str_interface[0] + str_begin.length();
		}
		Sniffer sniffer(str_interface, config);

		// Only capture arp packets
		monitor.run(sniffer);
	}
	catch (std::exception& ex) {
		std::cerr << "Error: " << ex.what() << std::endl;
	}
	system("pause");
}