Fixed the examples.

examples/arpspoofing.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Nasel
+ * Copyright (c) 2012, Matias Fontanini
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -62,18 +62,18 @@ void do_arp_spoofing(NetworkInterface iface, IPv4Address gw, IPv4Address victim,
     
     /* We tell the gateway that the victim is at out hw address,
      * and tell the victim that the gateway is at out hw address */
-    ARP *gw_arp     = new ARP(gw, victim, gw_hw, info.hw_addr), 
-        *victim_arp = new ARP(victim, gw, victim_hw, info.hw_addr);
+    ARP gw_arp(gw, victim, gw_hw, info.hw_addr), 
+        victim_arp(victim, gw, victim_hw, info.hw_addr);
     // We are "replying" ARP requests
-    gw_arp->opcode(ARP::REPLY);
-    victim_arp->opcode(ARP::REPLY);
+    gw_arp.opcode(ARP::REPLY);
+    victim_arp.opcode(ARP::REPLY);
     
     /* The packet we'll send to the gateway and victim. 
      * We include our hw address as the source address
      * in ethernet layer, to avoid possible packet dropping
      * performed by any routers. */
-    EthernetII to_gw(gw_hw, info.hw_addr, gw_arp);
-    EthernetII to_victim(victim_hw, info.hw_addr, victim_arp);
+    EthernetII to_gw = EthernetII(gw_hw, info.hw_addr) / gw_arp;
+    EthernetII to_victim = EthernetII(victim_hw, info.hw_addr) / victim_arp;
     while(true) {
         // Just send them once every 5 seconds.
         sender.send(to_gw, iface);

examples/beacon_display.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Nasel
+ * Copyright (c) 2012, Matias Fontanini
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -53,11 +53,11 @@ void BeaconSniffer::run(const std::string &iface) {
  
 bool BeaconSniffer::callback(PDU &pdu) {
     // Get the Dot11 layer
-    Dot11Beacon *beacon = pdu.find_pdu<Dot11Beacon>();
+    const Dot11Beacon &beacon = pdu.rfind_pdu<Dot11Beacon>();
     // All beacons must have from_ds == to_ds == 0
-    if(beacon && !beacon->from_ds() && !beacon->to_ds()) {
+    if(!beacon.from_ds() && !beacon.to_ds()) {
         // Get the AP address
-        address_type addr = beacon->addr2();
+        address_type addr = beacon.addr2();
         // Look it up in our set
         ssids_type::iterator it = ssids.find(addr);
         if(it == ssids.end()) {
@@ -66,7 +66,7 @@ bool BeaconSniffer::callback(PDU &pdu) {
                 /* If no ssid option is set, then Dot11::ssid will throw 
                  * a std::runtime_error.
                  */
-                std::string ssid = beacon->ssid();
+                std::string ssid = beacon.ssid();
                 // Save it so we don't show it again.
                 ssids.insert(addr);
                 // Display the tuple "address - ssid".

examples/portscan.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Nasel
+ * Copyright (c) 2012, Matias Fontanini
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -54,19 +54,17 @@ typedef std::pair<Sniffer*, std::string> sniffer_data;
  * the scanned port's status.
  */
 bool handler(PDU &pdu) {
-    TCP *tcp = pdu.find_pdu<TCP>();
-    if(tcp) {
-        // Ok, it's a TCP PDU. Is RST flag on? Then port is closed.
-        if(tcp->get_flag(TCP::RST)) {
-            // This indicates we should stop sniffing.
-            if(tcp->get_flag(TCP::SYN))
-                return false;
-            cout << "Port: " << setw(5) << tcp->sport() << " closed\n";
-        }
-        // Is SYN flag on? Then port is open!
-        else if(tcp->get_flag(TCP::SYN) && tcp->get_flag(TCP::ACK))
-            cout << "Port: " << setw(5) << tcp->sport() << " open\n";
+    TCP &tcp = pdu.rfind_pdu<TCP>();
+    // Ok, it's a TCP PDU. Is RST flag on? Then port is closed.
+    if(tcp.get_flag(TCP::RST)) {
+        // This indicates we should stop sniffing.
+        if(tcp.get_flag(TCP::SYN))
+            return false;
+        cout << "Port: " << setw(5) << tcp.sport() << " closed\n";
     }
+    // Is SYN flag on? Then port is open!
+    else if(tcp.get_flag(TCP::SYN) && tcp.get_flag(TCP::ACK))
+        cout << "Port: " << setw(5) << tcp.sport() << " open\n";
     return true;
 }
 
@@ -75,17 +73,18 @@ void send_syns(const NetworkInterface &iface, IPv4Address dest_ip, const vector<
     // Retrieve the addresses.
     NetworkInterface::Info info = iface.addresses();
     PacketSender sender;
-    TCP *tcp = new TCP();
     // Allocate the IP PDU
-    IP ip(dest_ip, info.ip_addr, tcp);
+    IP ip = IP(dest_ip, info.ip_addr) / TCP();
+    // Get the reference to the TCP PDU
+    TCP &tcp = ip.rfind_pdu<TCP>();
     // Set the SYN flag on.
-    tcp->set_flag(TCP::SYN, 1);
+    tcp.set_flag(TCP::SYN, 1);
     // Just some arbitrary port. 
-    tcp->sport(1337);
+    tcp.sport(1337);
     cout << "Sending SYNs..." << endl;
     for(vector<string>::const_iterator it = ips.begin(); it != ips.end(); ++it) {
         // Set the new port and send the packet!
-        tcp->dport(atoi(it->c_str()));
+        tcp.dport(atoi(it->c_str()));
         sender.send(ip);
     }
     // Wait 1 second.
@@ -93,11 +92,11 @@ void send_syns(const NetworkInterface &iface, IPv4Address dest_ip, const vector<
     /* Special packet to indicate that we're done. This will be sniffed
      * by our function, which will in turn return false.  
      */
-    tcp->set_flag(TCP::RST, 1);
+    tcp.set_flag(TCP::RST, 1);
     // Pretend we're the scanned host...
     ip.src_addr(dest_ip);
     // We use an ethernet pdu, otherwise the kernel will drop it.
-    EthernetII eth(info.hw_addr, info.hw_addr, ip.clone());
+    EthernetII eth = EthernetII(info.hw_addr, info.hw_addr) / ip;
     sender.send(eth, iface);
 }
 

examples/traceroute.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Nasel
+ * Copyright (c) 2012, Matias Fontanini
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -74,7 +74,7 @@ private:
 
     void send_packets(PacketSender &sender) {
         // ICMPs are icmp-requests by default
-        IP ip(addr, iface.addresses().ip_addr, new ICMP());
+        IP ip = IP(addr, iface.addresses().ip_addr) / ICMP();
         // We'll find at most 10 hops.
         
         for(auto i = 1; i <= 10; ++i) {
@@ -98,30 +98,20 @@ private:
     }
 
     bool sniff_callback(PDU &pdu) {
-        IP *ip = pdu.find_pdu<IP>();
-        RawPDU *raw = pdu.find_pdu<RawPDU>();
-        if(ip && raw) {
-            ttl_map::const_iterator iter;
-            IP inner_ip;
-            // This will fail if its a corrupted packet
-            try {
-                // Fetch the IP PDU attached to the ICMP response
-                inner_ip = IP(&raw->payload()[0], raw->payload_size());
-            }
-            catch(std::runtime_error &ex) {
-                return running;
-            }
-            // Critical section
-            {
-                std::lock_guard<std::mutex> _(lock);
-                iter = ttls.find(inner_ip.id());
-            } 
+        IP &ip = pdu.rfind_pdu<IP>();
+        ttl_map::const_iterator iter;
+        // Fetch the IP PDU attached to the ICMP response
+        IP inner_ip = pdu.rfind_pdu<RawPDU>().to<IP>();
+        // Critical section
+        {
+            std::lock_guard<std::mutex> _(lock);
+            iter = ttls.find(inner_ip.id());
+        } 
 
-            // It's an actual response
-            if(iter != ttls.end()) {
-                // Store it
-                results[inner_ip.id()] = ip->src_addr();
-            }
+        // It's an actual response
+        if(iter != ttls.end()) {
+            // Store it
+            results[inner_ip.id()] = ip.src_addr();
         }
         return running;
     }