diff --git a/examples/arpspoofing.cpp b/examples/arpspoofing.cpp index 8c2f4f1..696f23d 100644 --- a/examples/arpspoofing.cpp +++ b/examples/arpspoofing.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, Nasel + * Copyright (c) 2012, Matias Fontanini * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -62,18 +62,18 @@ void do_arp_spoofing(NetworkInterface iface, IPv4Address gw, IPv4Address victim, /* We tell the gateway that the victim is at out hw address, * and tell the victim that the gateway is at out hw address */ - ARP *gw_arp = new ARP(gw, victim, gw_hw, info.hw_addr), - *victim_arp = new ARP(victim, gw, victim_hw, info.hw_addr); + ARP gw_arp(gw, victim, gw_hw, info.hw_addr), + victim_arp(victim, gw, victim_hw, info.hw_addr); // We are "replying" ARP requests - gw_arp->opcode(ARP::REPLY); - victim_arp->opcode(ARP::REPLY); + gw_arp.opcode(ARP::REPLY); + victim_arp.opcode(ARP::REPLY); /* The packet we'll send to the gateway and victim. * We include our hw address as the source address * in ethernet layer, to avoid possible packet dropping * performed by any routers. */ - EthernetII to_gw(gw_hw, info.hw_addr, gw_arp); - EthernetII to_victim(victim_hw, info.hw_addr, victim_arp); + EthernetII to_gw = EthernetII(gw_hw, info.hw_addr) / gw_arp; + EthernetII to_victim = EthernetII(victim_hw, info.hw_addr) / victim_arp; while(true) { // Just send them once every 5 seconds. sender.send(to_gw, iface); diff --git a/examples/beacon_display.cpp b/examples/beacon_display.cpp index 399eb7c..dd9d782 100644 --- a/examples/beacon_display.cpp +++ b/examples/beacon_display.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, Nasel + * Copyright (c) 2012, Matias Fontanini * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -53,11 +53,11 @@ void BeaconSniffer::run(const std::string &iface) { bool BeaconSniffer::callback(PDU &pdu) { // Get the Dot11 layer - Dot11Beacon *beacon = pdu.find_pdu(); + const Dot11Beacon &beacon = pdu.rfind_pdu(); // All beacons must have from_ds == to_ds == 0 - if(beacon && !beacon->from_ds() && !beacon->to_ds()) { + if(!beacon.from_ds() && !beacon.to_ds()) { // Get the AP address - address_type addr = beacon->addr2(); + address_type addr = beacon.addr2(); // Look it up in our set ssids_type::iterator it = ssids.find(addr); if(it == ssids.end()) { @@ -66,7 +66,7 @@ bool BeaconSniffer::callback(PDU &pdu) { /* If no ssid option is set, then Dot11::ssid will throw * a std::runtime_error. */ - std::string ssid = beacon->ssid(); + std::string ssid = beacon.ssid(); // Save it so we don't show it again. ssids.insert(addr); // Display the tuple "address - ssid". diff --git a/examples/portscan.cpp b/examples/portscan.cpp index 615e5fb..d30e2a5 100644 --- a/examples/portscan.cpp +++ b/examples/portscan.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, Nasel + * Copyright (c) 2012, Matias Fontanini * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -54,19 +54,17 @@ typedef std::pair sniffer_data; * the scanned port's status. */ bool handler(PDU &pdu) { - TCP *tcp = pdu.find_pdu(); - if(tcp) { - // Ok, it's a TCP PDU. Is RST flag on? Then port is closed. - if(tcp->get_flag(TCP::RST)) { - // This indicates we should stop sniffing. - if(tcp->get_flag(TCP::SYN)) - return false; - cout << "Port: " << setw(5) << tcp->sport() << " closed\n"; - } - // Is SYN flag on? Then port is open! - else if(tcp->get_flag(TCP::SYN) && tcp->get_flag(TCP::ACK)) - cout << "Port: " << setw(5) << tcp->sport() << " open\n"; + TCP &tcp = pdu.rfind_pdu(); + // Ok, it's a TCP PDU. Is RST flag on? Then port is closed. + if(tcp.get_flag(TCP::RST)) { + // This indicates we should stop sniffing. + if(tcp.get_flag(TCP::SYN)) + return false; + cout << "Port: " << setw(5) << tcp.sport() << " closed\n"; } + // Is SYN flag on? Then port is open! + else if(tcp.get_flag(TCP::SYN) && tcp.get_flag(TCP::ACK)) + cout << "Port: " << setw(5) << tcp.sport() << " open\n"; return true; } @@ -75,17 +73,18 @@ void send_syns(const NetworkInterface &iface, IPv4Address dest_ip, const vector< // Retrieve the addresses. NetworkInterface::Info info = iface.addresses(); PacketSender sender; - TCP *tcp = new TCP(); // Allocate the IP PDU - IP ip(dest_ip, info.ip_addr, tcp); + IP ip = IP(dest_ip, info.ip_addr) / TCP(); + // Get the reference to the TCP PDU + TCP &tcp = ip.rfind_pdu(); // Set the SYN flag on. - tcp->set_flag(TCP::SYN, 1); + tcp.set_flag(TCP::SYN, 1); // Just some arbitrary port. - tcp->sport(1337); + tcp.sport(1337); cout << "Sending SYNs..." << endl; for(vector::const_iterator it = ips.begin(); it != ips.end(); ++it) { // Set the new port and send the packet! - tcp->dport(atoi(it->c_str())); + tcp.dport(atoi(it->c_str())); sender.send(ip); } // Wait 1 second. @@ -93,11 +92,11 @@ void send_syns(const NetworkInterface &iface, IPv4Address dest_ip, const vector< /* Special packet to indicate that we're done. This will be sniffed * by our function, which will in turn return false. */ - tcp->set_flag(TCP::RST, 1); + tcp.set_flag(TCP::RST, 1); // Pretend we're the scanned host... ip.src_addr(dest_ip); // We use an ethernet pdu, otherwise the kernel will drop it. - EthernetII eth(info.hw_addr, info.hw_addr, ip.clone()); + EthernetII eth = EthernetII(info.hw_addr, info.hw_addr) / ip; sender.send(eth, iface); } diff --git a/examples/traceroute.cpp b/examples/traceroute.cpp index 8331523..7743367 100644 --- a/examples/traceroute.cpp +++ b/examples/traceroute.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, Nasel + * Copyright (c) 2012, Matias Fontanini * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -74,7 +74,7 @@ private: void send_packets(PacketSender &sender) { // ICMPs are icmp-requests by default - IP ip(addr, iface.addresses().ip_addr, new ICMP()); + IP ip = IP(addr, iface.addresses().ip_addr) / ICMP(); // We'll find at most 10 hops. for(auto i = 1; i <= 10; ++i) { @@ -98,30 +98,20 @@ private: } bool sniff_callback(PDU &pdu) { - IP *ip = pdu.find_pdu(); - RawPDU *raw = pdu.find_pdu(); - if(ip && raw) { - ttl_map::const_iterator iter; - IP inner_ip; - // This will fail if its a corrupted packet - try { - // Fetch the IP PDU attached to the ICMP response - inner_ip = IP(&raw->payload()[0], raw->payload_size()); - } - catch(std::runtime_error &ex) { - return running; - } - // Critical section - { - std::lock_guard _(lock); - iter = ttls.find(inner_ip.id()); - } + IP &ip = pdu.rfind_pdu(); + ttl_map::const_iterator iter; + // Fetch the IP PDU attached to the ICMP response + IP inner_ip = pdu.rfind_pdu().to(); + // Critical section + { + std::lock_guard _(lock); + iter = ttls.find(inner_ip.id()); + } - // It's an actual response - if(iter != ttls.end()) { - // Store it - results[inner_ip.id()] = ip->src_addr(); - } + // It's an actual response + if(iter != ttls.end()) { + // Store it + results[inner_ip.id()] = ip.src_addr(); } return running; }