void parse_options(int argc, char **argv)
{
int c;
struct in_addr ip;
static struct option long_options[] = {
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, 'v' },
{ "binary", no_argument, NULL, 'B' },
{ "hex", no_argument, NULL, 'X' },
{ "ascii", no_argument, NULL, 'A' },
{ "text", no_argument, NULL, 'T' },
{ "ebcdic", no_argument, NULL, 'E' },
{ "html", no_argument, NULL, 'H' },
{ "utf8", required_argument, NULL, 'U' },
{ "zero", no_argument, NULL, 'Z' },
{ "xml", no_argument, NULL, 'x' },
{ "analyze", no_argument, NULL, 'a' },
{ "connections", no_argument, NULL, 'c' },
{ "filter", required_argument, NULL, 'f' },
{ "filcon", required_argument, NULL, 'F' },
{ "no-headers", no_argument, NULL, 'n' },
{ "only-source", no_argument, NULL, 's' },
{ "only-dest", no_argument, NULL, 'd' },
{ "show-mac", no_argument, NULL, 'm' },
{ "show-client", no_argument, NULL, 'i' },
{ "color", no_argument, NULL, 'k' },
{ "reverse", no_argument, NULL, 'r' },
{ "proto", required_argument, NULL, 't' },
{ "only-local", required_argument, NULL, 'l' },
{ "only-remote", required_argument, NULL, 'L' },
{ "outfile", required_argument, NULL, 'o' },
{ "concat", no_argument, NULL, 'C' },
{ "decode", no_argument, NULL, 'D' },
{ "user", required_argument, NULL, 'u' },
{ "regex", required_argument, NULL, 'e' },
{ "passwords", no_argument, NULL, 'p' },
{ "client", required_argument, NULL, 'I' },
{ 0 , 0 , 0 , 0}
};
optind = 0;
while ((c = getopt_long (argc, argv, "AaBCcDdEe:F:f:HhiI:kLlmno:prsTt:U:u:vXxZ", long_options, (int *)0)) != EOF) {
switch (c) {
case 'a':
GBL.analyze = 1;
break;
case 'c':
GBL.connections = 1;
break;
case 'D':
GBL.connections = 1;
GBL.decode = 1;
NOT_IMPLEMENTED();
break;
case 'f':
target_compile(optarg);
break;
case 'F':
filcon_compile(optarg);
break;
case 's':
GBL.only_source = 1;
break;
case 'd':
GBL.only_dest = 1;
break;
case 'k':
GBL.color = 1;
break;
case 'r':
GBL.reverse = 1;
break;
case 't':
GBL_TARGET->proto = strdup(optarg);
break;
case 'n':
GBL.no_headers = 1;
break;
case 'm':
GBL.showmac = 1;
break;
case 'i':
GBL.showclient = 1;
break;
case 'I':
if (inet_aton(optarg, &ip) == 0) {
FATAL_ERROR("Invalid client ip address");
return;
}
ip_addr_init(&GBL.client, AF_INET, (u_char *)&ip);
break;
case 'l':
GBL.only_local = 1;
break;
case 'L':
GBL.only_remote = 1;
break;
case 'u':
GBL.user = strdup(optarg);
break;
case 'p':
GBL.passwords = 1;
break;
case 'e':
set_display_regex(optarg);
break;
case 'o':
GBL_LOGFILE = strdup(optarg);
break;
case 'C':
GBL.concat = 1;
break;
case 'B':
GBL.format = &bin_format;
break;
case 'X':
GBL.format = &hex_format;
break;
case 'A':
GBL.format = &ascii_format;
break;
case 'T':
GBL.format = &text_format;
break;
case 'E':
GBL.format = &ebcdic_format;
break;
case 'H':
GBL.format = &html_format;
break;
case 'U':
set_utf8_encoding((u_char*)optarg);
GBL.format = &utf8_format;
break;
case 'Z':
GBL.format = &zero_format;
break;
case 'x':
GBL.xml = 1;
break;
case 'h':
el_usage();
break;
case 'v':
printf("%s %s\n", GBL_PROGRAM, EC_VERSION);
exit(0);
break;
case ':': // missing parameter
fprintf(stdout, "\nTry `%s --help' for more options.\n\n", GBL_PROGRAM);
exit(0);
break;
case '?': // unknown option
fprintf(stdout, "\nTry `%s --help' for more options.\n\n", GBL_PROGRAM);
exit(0);
break;
}
}
/* file concatenation */
if (GBL.concat) {
if (argv[optind] == NULL)
FATAL_ERROR("You MUST specify at least one logfile");
/* this function does not return */
concatenate(optind, argv);
}
/* normal file operation */
if (argv[optind])
open_log(argv[optind]);
else
FATAL_ERROR("You MUST specify a logfile\n");
/* default to ASCII view */
if (GBL.format == NULL)
GBL.format = &ascii_format;
return;
}
int main(int argc, char *argv[])
{
/*
* Alloc the global structures
* We can access these structs via the macro in ec_globals.h
*/
globals_alloc();
GBL_PROGRAM = strdup(EC_PROGRAM);
GBL_VERSION = strdup(EC_VERSION);
SAFE_CALLOC(GBL_DEBUG_FILE, strlen(EC_PROGRAM) + strlen("-") + strlen(EC_VERSION) + strlen("_debug.log") + 1, sizeof(char));
sprintf(GBL_DEBUG_FILE, "%s-%s_debug.log", GBL_PROGRAM, EC_VERSION);
DEBUG_INIT();
DEBUG_MSG("main -- here we go !!");
/* initialize the filter mutex */
filter_init_mutex();
/* register the main thread as "init" */
ec_thread_register(EC_PTHREAD_SELF, "init", "initialization phase");
/* activate the signal handler */
signal_handler();
/* ettercap copyright */
fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n",
GBL_PROGRAM, GBL_VERSION, EC_COPYRIGHT, EC_AUTHORS);
/* getopt related parsing... */
parse_options(argc, argv);
/* check the date */
time_check();
/* load the configuration file */
load_conf();
/*
* get the list of available interfaces
*
* this function will not return if the -I option was
* specified on command line. it will instead print the
* list and exit
*/
capture_getifs();
/* initialize the user interface */
ui_init();
/* initialize the network subsystem */
network_init();
/*
* always disable the kernel ip forwarding (except when reading from file).
* the forwarding will be done by ettercap.
*/
if(!GBL_OPTIONS->read && !GBL_OPTIONS->unoffensive && !GBL_OPTIONS->only_mitm) {
disable_ip_forward();
#ifdef OS_LINUX
if (!GBL_OPTIONS->read)
disable_interface_offload();
#endif
/* binds ports and set redirect for ssl wrapper */
if(GBL_SNIFF->type == SM_UNIFIED && GBL_OPTIONS->ssl_mitm)
ssl_wrap_init();
}
/*
* drop root privileges
* we have already opened the sockets with high privileges
* we don't need anymore root privs.
*/
drop_privs();
/***** !! NO PRIVS AFTER THIS POINT !! *****/
/* load all the plugins */
plugin_load_all();
/* print how many dissectors were loaded */
conf_dissectors();
/* load the mac-fingerprints */
manuf_init();
/* load the tcp-fingerprints */
fingerprint_init();
/* load the services names */
services_init();
/* load http known fileds for user/pass */
http_fields_init();
#ifdef HAVE_EC_LUA
/* Initialize lua */
ec_lua_init();
#endif
/* set the encoding for the UTF-8 visualization */
set_utf8_encoding((u_char*)GBL_CONF->utf8_encoding);
/* print all the buffered messages */
if (GBL_UI->type == UI_TEXT)
USER_MSG("\n");
ui_msg_flush(MSG_ALL);
/**** INITIALIZATION PHASE TERMINATED ****/
/*
* we are interested only in the mitm attack i
* if entered, this function will not return...
*/
if (GBL_OPTIONS->only_mitm)
only_mitm();
/* create the dispatcher thread */
ec_thread_new("top_half", "dispatching module", &top_half, NULL);
/* this thread becomes the UI then displays it */
ec_thread_register(EC_PTHREAD_SELF, GBL_PROGRAM, "the user interface");
ui_start();
/********************************************
* reached only when the UI is shutted down
********************************************/
/* Call all the proper stop methods to ensure
* that no matter what UI was selected, everything is
* turned off gracefully */
clean_exit(0);
return 0; //Never reaches here
}
/*
* change the visualization method
*/
void gtkui_vis_method(void)
{
GtkWidget *dialog, *button, *prev, *vbox;
GSList *curr = NULL;
gint active = 0, response = 0;
GList *lang_list = NULL;
GtkWidget *hbox, *lang_combo, *label;
char encoding[50], *local_lang, def_lang[75];
DEBUG_MSG("gtk_vis_method");
dialog = gtk_dialog_new_with_buttons("Visualization method...", GTK_WINDOW (window),
GTK_DIALOG_MODAL | GTK_DIALOG_DESTROY_WITH_PARENT,
GTK_STOCK_OK, GTK_RESPONSE_OK,
GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL, NULL);
gtk_container_set_border_width(GTK_CONTAINER(dialog), 10);
vbox = GTK_DIALOG (dialog)->vbox;
button = gtk_radio_button_new_with_label(NULL,
"hex Print the packets in hex format.");
gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), button, FALSE, FALSE, 0);
if(strcmp(vmethod, "hex") == 0)
gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON (button), TRUE);
prev = button;
button = gtk_radio_button_new_with_label_from_widget(GTK_RADIO_BUTTON (prev),
"ascii Print only \"printable\" characters, the others are displayed as dots '.'");
gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), button, FALSE, FALSE, 0);
if(strcmp(vmethod, "ascii") == 0)
gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON (button), TRUE);
prev = button;
button = gtk_radio_button_new_with_label_from_widget(GTK_RADIO_BUTTON (prev),
"text Print only the \"printable\" characters and skip the others.");
gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), button, FALSE, FALSE, 0);
if(strcmp(vmethod, "text") == 0)
gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON (button), TRUE);
prev = button;
button = gtk_radio_button_new_with_label_from_widget(GTK_RADIO_BUTTON (prev),
"ebcdic Convert an EBCDIC text to ASCII.");
gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), button, FALSE, FALSE, 0);
if(strcmp(vmethod, "ebcdic") == 0)
gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON (button), TRUE);
prev = button;
button = gtk_radio_button_new_with_label_from_widget(GTK_RADIO_BUTTON (prev),
"html Strip all the html tags from the text. A tag is every string between < and >.");
gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), button, FALSE, FALSE, 0);
if(strcmp(vmethod, "html") == 0)
gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON (button), TRUE);
prev = button;
/* start UTF8 */
button = gtk_radio_button_new_with_label_from_widget(GTK_RADIO_BUTTON (prev),
"utf8 Convert the data from the encoding specified below to UTF8 before displaying it.");
gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), button, FALSE, FALSE, 0);
if(strcmp(vmethod, "utf8") == 0)
gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON (button), TRUE);
prev = button;
hbox = gtk_hbox_new (FALSE, 6);
gtk_box_pack_start (GTK_BOX (GTK_DIALOG (dialog)->vbox), hbox, FALSE, FALSE, 0);
label = gtk_label_new ("Character encoding : ");
gtk_box_pack_start (GTK_BOX (hbox), label, FALSE, FALSE, 0);
/* get the system's default encoding, and if it's not UTF8, add it to the list */
if(!g_get_charset(&local_lang)) {
snprintf(def_lang, 75, "%s (System Default)", local_lang);
lang_list = g_list_append(lang_list, def_lang);
}
/* some other common encodings */
lang_list = g_list_append(lang_list, "UTF-8");
lang_list = g_list_append(lang_list, "EBCDIC-US (IBM)");
lang_list = g_list_append(lang_list, "ISO-8859-15 (Western Europe)");
lang_list = g_list_append(lang_list, "ISO-8859-2 (Central Europe)");
lang_list = g_list_append(lang_list, "ISO-8859-7 (Greek)");
lang_list = g_list_append(lang_list, "ISO-8859-8 (Hebrew)");
lang_list = g_list_append(lang_list, "ISO-8859-9 (Turkish)");
lang_list = g_list_append(lang_list, "ISO-2022-JP (Japanese)");
lang_list = g_list_append(lang_list, "SJIS (Japanese)");
lang_list = g_list_append(lang_list, "CP949 (Korean)");
lang_list = g_list_append(lang_list, "CP1251 (Cyrillic)");
lang_list = g_list_append(lang_list, "CP1256 (Arabic)");
lang_list = g_list_append(lang_list, "GB18030 (Chinese)");
/* make a drop down box and assign the list to it */
lang_combo = gtk_combo_new();
gtk_combo_set_popdown_strings (GTK_COMBO (lang_combo), lang_list);
gtk_box_pack_start (GTK_BOX (hbox), lang_combo, TRUE, TRUE, 0);
/* list is stored in the widget, can safely free this copy */
g_list_free(lang_list);
/* end UTF8 */
gtk_widget_show_all(GTK_DIALOG(dialog)->vbox);
response = gtk_dialog_run(GTK_DIALOG (dialog));
if(response == GTK_RESPONSE_OK) {
gtk_widget_hide(dialog);
/* see which button was clicked */
active = 0;
for(curr = gtk_radio_button_get_group(GTK_RADIO_BUTTON (button)); curr; curr = curr->next) {
active++;
if(gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON (curr->data)))
break;
}
/* set vmethod string */
int i=0;
switch(active) {
case 6: strncpy(vmethod, "hex", 3); break;
case 5: strncpy(vmethod, "ascii", 5); break;
case 4: strncpy(vmethod, "text", 4); break;
case 3: strncpy(vmethod, "ebcdic", 6); break;
case 2: strncpy(vmethod, "html", 4); break;
case 1: /* utf8 */
/* copy first word from encoding choice */
i=sscanf(gtk_entry_get_text(GTK_ENTRY (GTK_COMBO (lang_combo)->entry)),
"%[^ ]", encoding);
BUG_IF(i!=1);
if(strlen(encoding) > 0) {
strncpy(vmethod, "utf8", 4);
set_utf8_encoding(encoding);
break;
}
default: strncpy(vmethod, "ascii", 5);
}
set_format(vmethod);
}
gtk_widget_destroy(dialog);
}
