result file_logger() {
result r;
const std::string filename = "file_logger.log";
std::remove(filename.c_str());
mlog::file_logger log(filename);
mlog::manager->set_log(log);
mlog::manager->set_default_settings();
r.normal = single_thread_test();
mlog::manager->set_default_settings();
mlog::manager->use_thread_id(true);
r.with_thread_id = single_thread_test();
mlog::manager->set_default_settings();
mlog::manager->use_time(true);
r.with_time = single_thread_test();
mlog::manager->set_default_settings();
mlog::manager->use_position(true);
r.with_pos = single_thread_test();
std::remove(filename.c_str());
mlog::file_logger_thread_safe log_ts(filename);
mlog::manager->set_log(log_ts);
mlog::manager->set_default_settings();
r.thread_safe = single_thread_test();
std::remove(filename.c_str());
mlog::async_logger<mlog::file_logger> log_async(filename);
mlog::manager->set_log(log_async);
mlog::manager->set_default_settings();
r.async = single_thread_test();
log_async.flush();
std::cout << "file tests:" << std::endl;
std::cout << "\t"
<< "mlog::file_logger => " << r.normal << "ms" << std::endl;
std::cout << "\t"
<< "mlog::thread_safe<mlog::file_logger> => " << r.thread_safe
<< "ms" << std::endl;
std::cout << "\t"
<< "mlog::async_logger<mlog::file_logger> => " << r.async
<< "ms" << std::endl;
std::cout << "\t\twith thread id:\t\t"
<< ((r.with_thread_id - r.normal) > 0 ? "+" : "")
<< r.with_thread_id - r.normal << "ms" << std::endl;
std::cout << "\t\twith time:\t\t"
<< ((r.with_time - r.normal) > 0 ? "+" : "")
<< r.with_time - r.normal << "ms" << std::endl;
std::cout << "\t\twith code position:\t"
<< ((r.with_pos - r.normal) > 0 ? "+" : "")
<< r.with_pos - r.normal << "ms" << std::endl;
std::remove(filename.c_str());
return r;
}
void zz_dissect_packet(zz_handler *zz, const struct pcap_pkthdr *packet_header,
const uint8_t *packet) {
struct ieee80211_radiotap_header *radiotap_header;
struct ieee80211_mac_header *mac_header;
struct ieee8022_llc_snap_header *llc_snap_header;
struct ieee8021x_authentication_header *authentication_header;
char bssid_str[ZZ_MAC_ADDR_STRING_SIZE];
char source_str[ZZ_MAC_ADDR_STRING_SIZE];
char destination_str[ZZ_MAC_ADDR_STRING_SIZE];
char station_str[ZZ_MAC_ADDR_STRING_SIZE];
zz_mac_addr bssid, source, destination, station;
const uint8_t *cursor;
uint32_t safe_size;
int is_beacon;
int is_eapol;
zz_bss *bss;
zz_packet_outcome outcome;
const char *extra_info;
/* save the timestamp of the first packet as a reference */
if (!zz->epoch) {
zz->epoch = TV_TO_SEC(packet_header->ts);
}
/* check size */
safe_size = sizeof(struct ieee80211_radiotap_header);
if (packet_header->caplen < safe_size) {
log_ts("Skipping too short packet %u bytes", packet_header->caplen);
return;
}
cursor = packet;
/* get radiotap header */
radiotap_header = (struct ieee80211_radiotap_header *)cursor;
cursor += le16toh(radiotap_header->length); /* variable length */
/* check size */
safe_size = (cursor - packet) + sizeof(struct ieee80211_mac_header);
if (packet_header->caplen < safe_size) {
log_ts("Skipping too short packet %u bytes", packet_header->caplen);
return;
}
/* get mac header */
mac_header = (struct ieee80211_mac_header *)cursor;
cursor += sizeof(struct ieee80211_mac_header) +
(cursor[0] == ZZ_FCF_QOS_DATA ? 2 : 0); /* 2 bytes more for QoS */
/* possible beacon frame */
is_beacon = 0;
if (!mac_header->from_ds && !mac_header->to_ds) {
/* check if beacon */
if (((uint8_t *)mac_header)[0] != ZZ_FCF_BEACON) {
return;
}
is_beacon = 1;
destination = zz_mac_addr_from_array(mac_header->address_1);
source = zz_mac_addr_from_array(mac_header->address_2);
bssid = zz_mac_addr_from_array(mac_header->address_3);
station = 0; /* n.a. */
}
/* access point to station */
else if (mac_header->from_ds && !mac_header->to_ds) {
destination = zz_mac_addr_from_array(mac_header->address_1);
bssid = zz_mac_addr_from_array(mac_header->address_2);
source = zz_mac_addr_from_array(mac_header->address_3);
station = destination;
}
/* station to access point */
else if (mac_header->to_ds && !mac_header->from_ds){
bssid = zz_mac_addr_from_array(mac_header->address_1);
source = zz_mac_addr_from_array(mac_header->address_2);
destination = zz_mac_addr_from_array(mac_header->address_3);
station = source;
} else {
log_ts("Skipping packet due to frame direction");
return;
}
/* prepare address representations */
zz_mac_addr_sprint(bssid_str, bssid);
zz_mac_addr_sprint(source_str, source);
zz_mac_addr_sprint(destination_str, destination);
zz_mac_addr_sprint(station_str, station);
/* lookup or create a descriptor for this bss */
if (zz_bsss_lookup(&zz->bsss, bssid, &bss)) {
/* check if this bssid is filtered out just once */
bss->is_allowed = (zz_members_is_empty(&zz->setup.allowed_bssids) ||
zz_members_get(&zz->setup.allowed_bssids, bssid));
}
/* skip unwanted access points */
if (!bss->is_allowed) {
if (!is_beacon) {
log_ts("%s @ %s - Skipping unwanted BSSID", station_str, bssid_str);
}
return;
}
/* save a beacon (just once per bss) */
if (is_beacon) {
if (!bss->has_beacon) {
int ssid_length;
const char *ssid;
/* dump the packet if requested */
if (zz->dumper) {
pcap_dump((u_char *)zz->dumper, packet_header, packet);
}
/* fetch and save the ssid */
get_ssid(cursor + ZZ_BEACON_SSID_PARAMS_OFFSET,
packet_header->caplen - (cursor - packet),
&ssid, &ssid_length);
memcpy(bss->ssid, ssid, ssid_length);
bss->has_beacon = 1;
zz_out("SSID discovered '%s' (%s)", bss->ssid, bssid_str);
}
/* anyway beacon processing stops here */
return;
}
/* skip blacklisted stations */
if (zz_members_get(&zz->setup.banned_stations, station)) {
log_ts("%s @ %s - Skipping banned station", station_str, bssid_str);
return;
}
/* detect broad/multicast traffic */
if (destination == ZZ_MAC_ADDR_BCAST ||
destination & ZZ_MAC_ADDR_MCAST_MASK) {
/* for "handshaked" networks only, if explicitly requested */
if (zz->setup.dump_group_traffic && bss->n_handshakes > 0) {
bss->n_data_packets++;
if (zz->dumper) {
pcap_dump((u_char *)zz->dumper, packet_header, packet);
}
}
return; /* anyway the processing stops here */
}
/* get llc+snap header (required by eapol) */
llc_snap_header = (struct ieee8022_llc_snap_header *)cursor;
cursor += sizeof(struct ieee8022_llc_snap_header);
/* check actual snap and eapol presence */
safe_size = (cursor - packet) + sizeof(struct ieee8021x_authentication_header);
is_eapol = (packet_header->caplen >= safe_size &&
llc_snap_header->dsap == ZZ_DSAP_SNAP &&
llc_snap_header->ssap == ZZ_SSAP_SNAP &&
llc_snap_header->control == ZZ_CONTROL_SNAP &&
llc_snap_header->type == htobe16(ZZ_EAPOL_ETHERTYPE));
/* get eapol header (if any) */
if (is_eapol) {
authentication_header = (struct ieee8021x_authentication_header *)cursor;
} else {
authentication_header = NULL;
}
/* advance the state machine and perform the needed actions */
outcome = zz_process_packet(zz, station, bssid, packet_header,
authentication_header);
if (outcome.ignore) {
switch (outcome.ignore_reason) {
case ZZ_IGNORE_REASON_RETRANSMISSION:
log_ts("%s @ %s - Handshake message #%d (retransmission)",
station_str, bssid_str, outcome.handshake_info);
break;
case ZZ_IGNORE_REASON_INVALID_EAPOL:
log_ts("%s @ %s - Ignoring invalid key flags",
station_str, bssid_str);
break;
case ZZ_IGNORE_REASON_INVALID_COUNTER:
log_ts("%s @ %s - Ignoring invalid replay counter",
station_str, bssid_str);
break;
}
return;
}
if (outcome.dump_packet) {
if (!authentication_header) {
bss->n_data_packets++;
}
if (zz->dumper) {
pcap_dump((u_char *)zz->dumper, packet_header, packet);
}
}
if (outcome.new_client || outcome.track_client) {
if (zz->setup.is_live) {
/* (re)start deauthenticating this client */
zz_killer_post_message(&zz->killer, station, bssid, outcome);
}
}
extra_info = "";
if (outcome.track_client) {
switch (outcome.track_reason) {
case ZZ_TRACK_REASON_ALIVE:
log_ts("%s @ %s - Activity detected again",
station_str, bssid_str);
break;
case ZZ_TRACK_REASON_FIRST_HANDSHAKE:
extra_info = " (first attempt detected)";
break;
case ZZ_TRACK_REASON_EXPIRATION:
extra_info = " (causes restart due to expiration)";
break;
case ZZ_TRACK_REASON_INVALIDATION:
extra_info = " (caused restart due to invalidation)";
break;
}
}
if (outcome.handshake_info) {
log_ts("%s @ %s - Handshake message #%d%s",
station_str, bssid_str, outcome.handshake_info, extra_info);
}
if (outcome.new_client) {
zz_out("New client %s @ %s", station_str, bssid_str);
}
if (outcome.got_handshake) {
zz_out("^_^ Full handshake for %s @ %s", station_str, bssid_str);
/* stop deauthenticating this client */
if (zz->setup.is_live) {
zz_killer_post_message(&zz->killer, station, bssid, outcome);
}
/* update stats */
bss->n_handshakes++;
zz_members_add(&bss->stations, station);
}
}
