void receive_probe_requests(NetworkInterface iface) {
SnifferConfiguration config;
config.set_rfmon(true);
config.set_filter("type mgt subtype probe-req || type data subtype null");
Sniffer sniffer(iface.name(), config);
while(true) process(sniffer.next_packet());
}
result_type trace() {
SnifferConfiguration config;
config.set_promisc_mode(false);
// ICMPs that aren't sent from us.
config.set_filter(
"ip proto \\icmp and not src host " + iface.addresses().ip_addr.to_string());
Sniffer sniffer(iface.name(), config);
PacketSender sender;
// Create our handler
auto handler = bind(
&Traceroute::sniff_callback,
this,
std::placeholders::_1
);
// We're running
running = true;
// Start the sniff thread
thread sniff_thread(
[&]() {
sniffer.sniff_loop(handler);
}
);
send_packets(sender);
sniff_thread.join();
// If the final hop responded, add its address at the appropriate ttl
if (lowest_dest_ttl != numeric_limits<int>::max()) {
results[lowest_dest_ttl] = addr;
}
// Clear our results and return what we've found
return move(results);
}
Sniffer::Sniffer(const string& device,
promisc_type promisc,
const string& filter,
bool rfmon) {
SnifferConfiguration configuration;
configuration.set_promisc_mode(promisc == PROMISC);
configuration.set_filter(filter);
configuration.set_rfmon(rfmon);
char error[PCAP_ERRBUF_SIZE];
pcap_t* phandle = pcap_create(TINS_PREFIX_INTERFACE(device).c_str(), error);
if (!phandle) {
throw runtime_error(error);
}
set_pcap_handle(phandle);
// Set the netmask if we are able to find it.
bpf_u_int32 ip, if_mask;
if (pcap_lookupnet(TINS_PREFIX_INTERFACE(device).c_str(), &ip, &if_mask, error) == 0) {
set_if_mask(if_mask);
}
// Configure the sniffer's attributes prior to activation.
configuration.configure_sniffer_pre_activation(*this);
// Finally, activate the pcap. In case of error throw runtime_error
if (pcap_activate(get_pcap_handle()) < 0) {
throw pcap_error(pcap_geterr(get_pcap_handle()));
}
// Configure the sniffer's attributes after activation.
configuration.configure_sniffer_post_activation(*this);
}
int main(int argc, char* argv[]) {
string iface;
if (argc == 2) {
// Use the provided interface
iface = argv[1];
}
else {
// Use the default interface
iface = NetworkInterface::default_interface().name();
}
try {
SnifferConfiguration config;
config.set_promisc_mode(true);
config.set_filter("udp and port 53");
Sniffer sniffer(iface, config);
dns_monitor monitor;
thread thread(
[&]() {
monitor.run(sniffer);
}
);
while (true) {
auto info = monitor.stats().get_information();
cout << "\rAverage " << info.average.count()
<< "ms. Worst: " << info.worst.count() << "ms. Count: "
<< info.count << " ";
cout.flush();
sleep_for(seconds(1));
}
}
catch (exception& ex) {
cout << "[-] Error: " << ex.what() << endl;
}
}
int main(int argc, char* argv[]) {
if (argc != 2) {
cout << "Usage: " << argv[0] << " <interface>" << endl;
return 1;
}
try {
// Construct the sniffer configuration object
SnifferConfiguration config;
// Only capture TCP traffic sent from/to port 80
config.set_filter("tcp port 80");
// Construct the sniffer we'll use
Sniffer sniffer(argv[1], config);
cout << "Starting capture on interface " << argv[1] << endl;
// Now construct the stream follower
StreamFollower follower;
// We just need to specify the callback to be executed when a new
// stream is captured. In this stream, you should define which callbacks
// will be executed whenever new data is sent on that stream
// (see on_new_connection)
follower.new_stream_callback(&on_new_connection);
// Now start capturing. Every time there's a new packet, call
// follower.process_packet
sniffer.sniff_loop([&](Packet& packet) {
follower.process_packet(packet);
return true;
});
}
catch (exception& ex) {
cerr << "Error: " << ex.what() << endl;
return 1;
}
}
result_type trace() {
// ICMPs that aren't sent from us.
SnifferConfiguration config;
config.set_snap_len(500);
config.set_promisc_mode(false);
config.set_filter(
"ip proto \\icmp and not src host " + iface.addresses().ip_addr.to_string());
Sniffer sniffer(iface.name(), config);
PacketSender sender;
// Create our handler
auto handler = std::bind(
&Traceroute::sniff_callback,
this,
std::placeholders::_1
);
// We're running
running = true;
// Start the sniff thread
std::thread sniff_thread(
&Sniffer::sniff_loop<decltype(handler)>,
&sniffer,
handler,
0
);
send_packets(sender);
sniff_thread.join();
// Clear our results and return what we've found
return std::move(results);
}
void BeaconSniffer::run(const std::string& iface) {
SnifferConfiguration config;
config.set_promisc_mode(true);
config.set_filter("type mgt subtype beacon");
config.set_rfmon(true);
Sniffer sniffer(iface, config);
sniffer.sniff_loop(make_sniffer_handler(this, &BeaconSniffer::callback));
}
void InfoWriter::process() {
SnifferConfiguration config;
config.set_promisc_mode(true);
try {
config.set_filter(filter.toLower().toStdString());
sniffer = new Sniffer(NetworkInterface::default_interface().name(),config);
sniffer->sniff_loop(std::tr1::bind(&InfoWriter::callback, this, std::placeholders::_1));
} catch (std::exception e) {
emit error(QString::fromStdString(e.what()));
}
}
int main(int argc, char *argv[]) {
if(argc != 2) {
std::cout << "Usage: " << *argv << " <DEVICE>\n";
return 1;
}
// Only sniff beacons
SnifferConfiguration config;
config.set_snap_len(2000);
config.set_promisc_mode(true);
config.set_filter("wlan type mgt subtype beacon");
Sniffer sniffer(argv[1], config);
sniffer.sniff_loop(handler);
}
FileSniffer::FileSniffer(const string& file_name, const string& filter) {
SnifferConfiguration config;
config.set_filter(filter);
char error[PCAP_ERRBUF_SIZE];
pcap_t* phandle = pcap_open_offline(file_name.c_str(), error);
if (!phandle) {
throw pcap_error(error);
}
set_pcap_handle(phandle);
// Configure the sniffer
config.configure_sniffer_pre_activation(*this);
}
int main(int argc, char *argv[])
{
if(argc != 2) {
std::cout << "Usage: " << *argv << " <interface>\n";
return 1;
}
arp_monitor monitor;
// Sniffer configuration
SnifferConfiguration config;
config.set_promisc_mode(true);
config.set_filter("arp");
// Sniff on the provided interface in promiscuous mode
Sniffer sniffer(argv[1], config);
// Only capture arp packets
monitor.run(sniffer);
}
int main(int argc, char* argv[]) {
if(argc != 2) {
cout << "Usage: " <<* argv << " <interface>" << endl;
return 1;
}
arp_monitor monitor;
// Sniffer configuration
SnifferConfiguration config;
config.set_promisc_mode(true);
config.set_filter("arp");
try {
// Sniff on the provided interface in promiscuous mode
Sniffer sniffer(argv[1], config);
// Only capture arp packets
monitor.run(sniffer);
}
catch (std::exception& ex) {
std::cerr << "Error: " << ex.what() << std::endl;
}
}
int main(int argc, char *argv[])
{
pcap_if_t *alldevs;
pcap_if_t *d;
int inum;
int i = 0;
char errbuf[PCAP_ERRBUF_SIZE];
/* Retrieve the device list */
if (pcap_findalldevs(&alldevs, errbuf) == -1)
{
fprintf(stderr, "Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
/* Print the list */
for (d = alldevs; d; d = d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if (i == 0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
printf("Enter the interface number (1-%d):", i);
scanf_s("%d", &inum);
if (inum < 1 || inum > i)
{
printf("\nInterface number out of range.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Jump to the selected adapter */
for (d = alldevs, i = 0; i< inum - 1; d = d->next, i++);
arp_monitor monitor;
// Sniffer configuration
SnifferConfiguration config;
config.set_promisc_mode(true);
config.set_filter("arp");
try {
// Sniff on the provided interface in promiscuous mode
std::string str_interface = std::string(d->name);
std::string str_begin = "\\Device\\NPF_";
// kill \Device\NPF_
if (str_interface.find_first_of(str_begin) != std::string::npos){
str_interface = &str_interface[0] + str_begin.length();
}
Sniffer sniffer(str_interface, config);
// Only capture arp packets
monitor.run(sniffer);
}
catch (std::exception& ex) {
std::cerr << "Error: " << ex.what() << std::endl;
}
system("pause");
}