3rd-party/libtins
1
0
Fork 0
mirror of https://github.com/mfontanini/libtins synced 2026-01-23 02:35:57 +01:00
Code Issues Releases Wiki Activity

Code cleanup and use same syntax on the entire project

Browse Source 
Initial code cleanup

More code cleanup

Cleanup more code

Cleanup Dot11 code

Fix OSX build issue

Cleanup examples

Fix ref and pointer declaration syntax

Fix braces
This commit is contained in:
Matias Fontanini
2016-01-02 08:17:59 -08:00
parent f5a82b1a17
commit d84f10cf08
177 changed files with 13203 additions and 12272 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
examples/arpmonitor.cpp
View File

@@ -32,21 +32,25 @@
#include <iostream>
#include <functional>
using std::cout;
using std::endl;
using std::map;
using std::bind;
using namespace Tins;
class arp_monitor {
public:
void run(Sniffer &sniffer);
void run(Sniffer& sniffer);
private:
bool callback(const PDU &pdu);
bool callback(const PDU& pdu);
std::map<IPv4Address, HWAddress<6>> addresses;
map<IPv4Address, HWAddress<6>> addresses;
};
void arp_monitor::run(Sniffer &sniffer)
{
void arp_monitor::run(Sniffer& sniffer) {
sniffer.sniff_loop(
std::bind(
bind(
&arp_monitor::callback,
this,
std::placeholders::_1
@@ -54,36 +58,34 @@ void arp_monitor::run(Sniffer &sniffer)
);
}
bool arp_monitor::callback(const PDU &pdu)
{
bool arp_monitor::callback(const PDU& pdu) {
// Retrieve the ARP layer
const ARP &arp = pdu.rfind_pdu<ARP>();
const ARP& arp = pdu.rfind_pdu<ARP>();
// Is it an ARP reply?
if(arp.opcode() == ARP::REPLY) {
if (arp.opcode() == ARP::REPLY) {
// Let's check if there's already an entry for this address
auto iter = addresses.find(arp.sender_ip_addr());
if(iter == addresses.end()) {
if (iter == addresses.end()) {
// We haven't seen this address. Save it.
addresses.insert({ arp.sender_ip_addr(), arp.sender_hw_addr()});
std::cout << "[INFO] " << arp.sender_ip_addr() << " is at "
<< arp.sender_hw_addr() << std::endl;
cout << "[INFO] " << arp.sender_ip_addr() << " is at "
<< arp.sender_hw_addr() << std::endl;
}
else {
// We've seen this address. If it's not the same HW address, inform it
if(arp.sender_hw_addr() != iter->second) {
std::cout << "[WARNING] " << arp.sender_ip_addr() << " is at "
<< iter->second << " but also at " << arp.sender_hw_addr()
<< std::endl;
if (arp.sender_hw_addr() != iter->second) {
cout << "[WARNING] " << arp.sender_ip_addr() << " is at "
<< iter->second << " but also at " << arp.sender_hw_addr()
<< endl;
}
}
}
return true;
}
int main(int argc, char *argv[])
{
int main(int argc, char* argv[]) {
if(argc != 2) {
std::cout << "Usage: " << *argv << " <interface>\n";
cout << "Usage: " <<* argv << " <interface>" << endl;
return 1;
}
arp_monitor monitor;

28
examples/arpspoofing.cpp
View File

@@ -44,13 +44,17 @@
#include <tins/ethernetII.h>
#include <tins/packet_sender.h>
using namespace std;
using std::cout;
using std::runtime_error;
using std::endl;
using namespace Tins;
void do_arp_spoofing(NetworkInterface iface, IPv4Address gw, IPv4Address victim,
const NetworkInterface::Info &info)
{
void do_arp_spoofing(NetworkInterface iface,
IPv4Address gw,
IPv4Address victim,
const NetworkInterface::Info& info) {
PacketSender sender;
EthernetII::address_type gw_hw, victim_hw;
@@ -79,7 +83,7 @@ void do_arp_spoofing(NetworkInterface iface, IPv4Address gw, IPv4Address victim,
* performed by any routers. */
EthernetII to_gw = EthernetII(gw_hw, info.hw_addr) / gw_arp;
EthernetII to_victim = EthernetII(victim_hw, info.hw_addr) / victim_arp;
while(true) {
while (true) {
// Just send them once every 5 seconds.
sender.send(to_gw, iface);
sender.send(to_victim, iface);
@@ -91,9 +95,11 @@ void do_arp_spoofing(NetworkInterface iface, IPv4Address gw, IPv4Address victim,
}
}
int main(int argc, char *argv[]) {
if(argc != 3 && cout << "Usage: " << *argv << " <Gateway> <Victim>\n")
int main(int argc, char* argv[]) {
if (argc != 3) {
cout << "Usage: " <<* argv << " <Gateway> <Victim>" << endl;
return 1;
}
IPv4Address gw, victim;
EthernetII::address_type own_hw;
try {
@@ -101,7 +107,7 @@ int main(int argc, char *argv[]) {
gw = argv[1];
victim = argv[2];
}
catch(...) {
catch (...) {
cout << "Invalid ip found...\n";
return 2;
}
@@ -115,15 +121,15 @@ int main(int argc, char *argv[]) {
// Find the interface hardware and ip address.
info = iface.addresses();
}
catch(std::runtime_error &ex) {
catch (runtime_error& ex) {
cout << ex.what() << endl;
return 3;
}
try {
do_arp_spoofing(iface, gw, victim, info);
}
catch(std::runtime_error &ex) {
std::cout << "Runtime error: " << ex.what() << std::endl;
catch (runtime_error& ex) {
cout << "Runtime error: " << ex.what() << endl;
return 7;
}
}

37
examples/beacon_display.cpp
View File

@@ -32,21 +32,27 @@
#include <string>
#include <tins/tins.h>
using std::set;
using std::cout;
using std::endl;
using std::string;
using std::runtime_error;
using namespace Tins;
class BeaconSniffer {
public:
void run(const std::string &iface);
void run(const string& iface);
private:
typedef Dot11::address_type address_type;
typedef std::set<address_type> ssids_type;
typedef set<address_type> ssids_type;
bool callback(PDU &pdu);
bool callback(PDU& pdu);
ssids_type ssids;
};
void BeaconSniffer::run(const std::string &iface) {
void BeaconSniffer::run(const std::string& iface) {
SnifferConfiguration config;
config.set_promisc_mode(true);
config.set_filter("type mgt subtype beacon");
@@ -55,28 +61,28 @@ void BeaconSniffer::run(const std::string &iface) {
sniffer.sniff_loop(make_sniffer_handler(this, &BeaconSniffer::callback));
}
bool BeaconSniffer::callback(PDU &pdu) {
bool BeaconSniffer::callback(PDU& pdu) {
// Get the Dot11 layer
const Dot11Beacon &beacon = pdu.rfind_pdu<Dot11Beacon>();
const Dot11Beacon& beacon = pdu.rfind_pdu<Dot11Beacon>();
// All beacons must have from_ds == to_ds == 0
if(!beacon.from_ds() && !beacon.to_ds()) {
if (!beacon.from_ds() && !beacon.to_ds()) {
// Get the AP address
address_type addr = beacon.addr2();
// Look it up in our set
ssids_type::iterator it = ssids.find(addr);
if(it == ssids.end()) {
if (it == ssids.end()) {
// First time we encounter this BSSID.
try {
/* If no ssid option is set, then Dot11::ssid will throw
* a std::runtime_error.
*/
std::string ssid = beacon.ssid();
string ssid = beacon.ssid();
// Save it so we don't show it again.
ssids.insert(addr);
// Display the tuple "address - ssid".
std::cout << addr << " - " << ssid << std::endl;
cout << addr << " - " << ssid << endl;
}
catch(std::runtime_error&) {
catch (runtime_error&) {
// No ssid, just ignore it.
}
}
@@ -85,10 +91,11 @@ bool BeaconSniffer::callback(PDU &pdu) {
}
int main(int argc, char* argv[]) {
// By default, sniff wlan0
std::string interface = "wlan0";
if(argc == 2)
interface = argv[1];
if (argc != 2) {
cout << "Usage: " <<* argv << " <interface>" << endl;
return 1;
}
string interface = argv[1];
BeaconSniffer sniffer;
sniffer.run(interface);
}

16
examples/dns_queries.cpp
View File

@@ -30,10 +30,12 @@
#include <tins/tins.h>
#include <iostream>
using std::cout;
using std::endl;
using namespace Tins;
bool callback(const PDU &pdu)
{
bool callback(const PDU& pdu) {
// The packet probably looks like this:
//
// EthernetII / IP / UDP / RawPDU
@@ -43,15 +45,15 @@ bool callback(const PDU &pdu)
DNS dns = pdu.rfind_pdu<RawPDU>().to<DNS>();
// Retrieve the queries and print the domain name:
for(const auto &query : dns.queries())
std::cout << query.dname() << std::endl;
for (const auto& query : dns.queries()) {
cout << query.dname() << std::endl;
}
return true;
}
int main(int argc, char *argv[])
{
int main(int argc, char* argv[]) {
if(argc != 2) {
std::cout << "Usage: " << *argv << " <interface>" << std::endl;
cout << "Usage: " <<* argv << " <interface>" << endl;
return 1;
}
// Sniff on the provided interface in promiscuos mode

24
examples/dns_spoof.cpp
View File

@@ -30,11 +30,14 @@
#include <tins/tins.h>
#include <iostream>
using std::cout;
using std::endl;
using namespace Tins;
PacketSender sender;
bool callback(const PDU &pdu)
bool callback(const PDU& pdu)
{
// The packet probably looks like this:
//
@@ -48,10 +51,10 @@ bool callback(const PDU &pdu)
DNS dns = udp.rfind_pdu<RawPDU>().to<DNS>();
// Is it a DNS query?
if(dns.type() == DNS::QUERY) {
if (dns.type() == DNS::QUERY) {
// Let's see if there's any query for an "A" record.
for(const auto &query : dns.queries()) {
if(query.type() == DNS::A) {
for (const auto& query : dns.queries()) {
if (query.type() == DNS::A) {
// Here's one! Let's add an answer.
dns.add_answer(
DNS::Resource(
@@ -66,16 +69,16 @@ bool callback(const PDU &pdu)
}
}
// Have we added some answers?
if(dns.answers_count() > 0) {
if (dns.answers_count() > 0) {
// It's a response now
dns.type(DNS::RESPONSE);
// Recursion is available(just in case)
dns.recursion_available(1);
// Build our packet
auto pkt = EthernetII(eth.src_addr(), eth.dst_addr()) /
IP(ip.src_addr(), ip.dst_addr()) /
UDP(udp.sport(), udp.dport()) /
dns;
IP(ip.src_addr(), ip.dst_addr()) /
UDP(udp.sport(), udp.dport()) /
dns;
// Send it!
sender.send(pkt);
}
@@ -83,10 +86,9 @@ bool callback(const PDU &pdu)
return true;
}
int main(int argc, char *argv[])
{
int main(int argc, char* argv[]) {
if(argc != 2) {
std::cout << "Usage: " << *argv << " <interface>" << std::endl;
cout << "Usage: " <<* argv << " <interface>" << endl;
return 1;
}
// Sniff on the provided interface in promiscuos mode

86
examples/dns_stats.cpp
View File

@@ -39,6 +39,25 @@
#include <algorithm>
#include <tins/tins.h>
using std::cout;
using std::endl;
using std::thread;
using std::string;
using std::bind;
using std::map;
using std::mutex;
using std::max;
using std::min;
using std::exception;
using std::lock_guard;
using std::tuple;
using std::make_tuple;
using std::this_thread::sleep_for;
using std::chrono::seconds;
using std::chrono::milliseconds;
using std::chrono::duration_cast;
using std::chrono::system_clock;
using namespace Tins;
// Holds the DNS response time statistics. The response time is
@@ -47,7 +66,7 @@ template<typename Duration>
class statistics {
public:
using duration_type = Duration;
using locker_type = std::lock_guard<std::mutex>;
using locker_type = lock_guard<mutex>;
struct information {
duration_type average, worst;
@@ -55,42 +74,41 @@ public:
};
statistics()
: m_duration(), m_worst(duration_type::min()), m_count()
{
: m_duration(), m_worst(duration_type::min()), m_count() {
}
void add_response_time(const duration_type& duration)
{
void add_response_time(const duration_type& duration) {
locker_type _(m_lock);
m_duration += duration;
m_count++;
m_worst = std::max(m_worst, duration);
m_worst = max(m_worst, duration);
}
information get_information() const
{
information get_information() const {
locker_type _(m_lock);
if(m_count == 0)
if(m_count == 0) {
return { };
else
}
else {
return { m_duration / m_count, m_worst, m_count };
}
};
private:
duration_type m_duration, m_worst;
size_t m_count;
mutable std::mutex m_lock;
mutable mutex m_lock;
};
// Sniffs and tracks DNS queries. When a matching DNS response is found,
// the response time is added to a statistics object.
//
// This class performs *no cleanup* on data associated with queries that
// This class performs* no cleanup* on data associated with queries that
// weren't answered.
class dns_monitor {
public:
// The response times are measured in milliseconds
using duration_type = std::chrono::milliseconds;
using duration_type = milliseconds;
// The statistics type used.
using statistics_type = statistics<duration_type>;
@@ -99,21 +117,21 @@ public:
return m_stats;
}
private:
using packet_info = std::tuple<IPv4Address, IPv4Address, uint16_t>;
using clock_type = std::chrono::system_clock;
using packet_info = tuple<IPv4Address, IPv4Address, uint16_t>;
using clock_type = system_clock;
using time_point_type = clock_type::time_point;
bool callback(const PDU& pdu);
static packet_info make_packet_info(const PDU& pdu, const DNS& dns);
statistics_type m_stats;
std::map<packet_info, time_point_type> m_packet_info;
map<packet_info, time_point_type> m_packet_info;
};
void dns_monitor::run(BaseSniffer& sniffer)
{
sniffer.sniff_loop(
std::bind(
bind(
&dns_monitor::callback,
this,
std::placeholders::_1
@@ -127,7 +145,7 @@ bool dns_monitor::callback(const PDU& pdu)
auto dns = pdu.rfind_pdu<RawPDU>().to<DNS>();
auto info = make_packet_info(pdu, dns);
// If it's a query, add the sniff time to our map.
if(dns.type() == DNS::QUERY) {
if (dns.type() == DNS::QUERY) {
m_packet_info.insert(
std::make_pair(info, now)
);
@@ -135,11 +153,11 @@ bool dns_monitor::callback(const PDU& pdu)
else {
// It's a response, we need to find the query in our map.
auto iter = m_packet_info.find(info);
if(iter != m_packet_info.end()) {
if (iter != m_packet_info.end()) {
// We found the query, let's add the response time to the
// statistics object.
m_stats.add_response_time(
std::chrono::duration_cast<duration_type>(now - iter->second)
duration_cast<duration_type>(now - iter->second)
);
// Forget about the query.
m_packet_info.erase(iter);
@@ -155,17 +173,17 @@ bool dns_monitor::callback(const PDU& pdu)
auto dns_monitor::make_packet_info(const PDU& pdu, const DNS& dns) -> packet_info
{
const auto& ip = pdu.rfind_pdu<IP>();
return std::make_tuple(
return make_tuple(
// smallest address first
std::min(ip.src_addr(), ip.dst_addr()),
min(ip.src_addr(), ip.dst_addr()),
// largest address second
std::max(ip.src_addr(), ip.dst_addr()),
max(ip.src_addr(), ip.dst_addr()),
dns.id()
);
}
int main(int argc, char *argv[]) {
std::string iface;
int main(int argc, char* argv[]) {
string iface;
if (argc == 2) {
// Use the provided interface
iface = argv[1];
@@ -180,21 +198,21 @@ int main(int argc, char *argv[]) {
config.set_filter("udp and port 53");
Sniffer sniffer(iface, config);
dns_monitor monitor;
std::thread thread(
thread thread(
[&]() {
monitor.run(sniffer);
}
);
while(true) {
while (true) {
auto info = monitor.stats().get_information();
std::cout << "\rAverage " << info.average.count()
<< "ms. Worst: " << info.worst.count() << "ms. Count: "
<< info.count;
std::cout.flush();
std::this_thread::sleep_for(std::chrono::seconds(1));
cout << "\rAverage " << info.average.count()
<< "ms. Worst: " << info.worst.count() << "ms. Count: "
<< info.count;
cout.flush();
sleep_for(seconds(1));
}
}
catch(std::exception& ex) {
std::cout << "[-] Error: " << ex.what() << std::endl;
catch (exception& ex) {
cout << "[-] Error: " << ex.what() << endl;
}
}

164
examples/icmp_responses.cpp
View File

@@ -33,7 +33,13 @@
#include <functional>
#include <tins/tins.h>
using namespace std;
using std::cout;
using std::endl;
using std::bind;
using std::string;
using std::runtime_error;
using std::exception;
using namespace Tins;
// This class captured packets on an interface, using the specified filter
@@ -42,93 +48,93 @@ using namespace Tins;
// has swapped HW and IP addresses (dst as src, src as dst).
class ICMPResponder {
public:
// Use the given interface and ICMP type/code on responses
ICMPResponder(string iface, int type, int code)
: m_iface(iface), m_sender(iface), m_type(type), m_code(code) {
// Use the given interface and ICMP type/code on responses
ICMPResponder(string iface, int type, int code)
: m_iface(iface), m_sender(iface), m_type(type), m_code(code) {
}
}
// Run using the given filter
void run(const string& filter) {
// Initialize the configuration
SnifferConfiguration config;
// Use promiscuous mode
config.set_promisc_mode(true);
// Use this packet filter
config.set_filter(filter);
// Use immediate mode (we don't want to buffer packets, we want the mright away).
config.set_immediate_mode(true);
// Run using the given filter
void run(const string& filter) {
// Initialize the configuration
SnifferConfiguration config;
// Use promiscuous mode
config.set_promisc_mode(true);
// Use this packet filter
config.set_filter(filter);
// Use immediate mode (we don't want to buffer packets, we want the mright away).
config.set_immediate_mode(true);
// Now create the Sniffer
Sniffer sniffer(m_iface, config);
if (sniffer.link_type() != DLT_EN10MB) {
throw runtime_error("Ethernet interfaces only supported");
}
// Start the sniffing! For each packet, ICMPReponder::callback will be called
sniffer.sniff_loop(bind(&ICMPResponder::callback, this, placeholders::_1));
}
// Now create the Sniffer
Sniffer sniffer(m_iface, config);
if (sniffer.link_type() != DLT_EN10MB) {
throw runtime_error("Ethernet interfaces only supported");
}
// Start the sniffing! For each packet, ICMPReponder::callback will be called
sniffer.sniff_loop(bind(&ICMPResponder::callback, this, std::placeholders::_1));
}
private:
// Extracts the payload to be used over the ICMP layer in the response.
// This will be the entire IP header + 8 bytes of the next header.
RawPDU extract_icmp_payload(IP& pdu) {
PDU::serialization_type buffer = pdu.serialize();
// Use whole IP + 8 bytes of next header.
size_t end_index = pdu.header_size() + 8;
return RawPDU(buffer.begin(), buffer.begin() + end_index);
}
// Extracts the payload to be used over the ICMP layer in the response.
// This will be the entire IP header + 8 bytes of the next header.
RawPDU extract_icmp_payload(IP& pdu) {
PDU::serialization_type buffer = pdu.serialize();
// Use whole IP + 8 bytes of next header.
size_t end_index = pdu.header_size() + 8;
return RawPDU(buffer.begin(), buffer.begin() + end_index);
}
// Generates an ICMP response given a packet.
EthernetII generate_response(PDU& pdu) {
// Find Ethernet and IP headers.
EthernetII& received_eth = pdu.rfind_pdu<EthernetII>();
IP& received_ip = pdu.rfind_pdu<IP>();
// Generates an ICMP response given a packet.
EthernetII generate_response(PDU& pdu) {
// Find Ethernet and IP headers.
EthernetII& received_eth = pdu.rfind_pdu<EthernetII>();
IP& received_ip = pdu.rfind_pdu<IP>();
// Create an Ethernet response, flipping the addresses
EthernetII output(received_eth.src_addr(), received_eth.dst_addr());
// Append an IP PDU, again flipping addresses.
//output /= IP(received_ip.src_addr(), received_ip.dst_addr());
output /= IP(received_ip.src_addr(), "8.8.8.8");
// Create an Ethernet response, flipping the addresses
EthernetII output(received_eth.src_addr(), received_eth.dst_addr());
// Append an IP PDU, again flipping addresses.
//output /= IP(received_ip.src_addr(), received_ip.dst_addr());
output /= IP(received_ip.src_addr(), "8.8.8.8");
// Now generate the ICMP layer using the type and code provided.
ICMP icmp;
icmp.type(static_cast<ICMP::Flags>(m_type));
icmp.code(m_code);
// Append the ICMP layer to our packet
output /= icmp;
// Extract the payload to be used over ICMP.
output /= extract_icmp_payload(received_ip);
return output;
}
// Now generate the ICMP layer using the type and code provided.
ICMP icmp;
icmp.type(static_cast<ICMP::Flags>(m_type));
icmp.code(m_code);
// Append the ICMP layer to our packet
output /= icmp;
// Extract the payload to be used over ICMP.
output /= extract_icmp_payload(received_ip);
return output;
}
// Packet capture callback
bool callback(PDU& pdu) {
// Generate a response for this packet
EthernetII response = generate_response(pdu);
// Send this packet!
m_sender.send(response);
return true;
}
// Packet capture callback
bool callback(PDU& pdu) {
// Generate a response for this packet
EthernetII response = generate_response(pdu);
// Send this packet!
m_sender.send(response);
return true;
}
string m_iface;
PacketSender m_sender;
int m_type;
int m_code;
string m_iface;
PacketSender m_sender;
int m_type;
int m_code;
};
int main(int argc, char *argv[]) {
const int type = 3;
const int code = 0;
if (argc < 3) {
cout << "Usage: " << argv[0] << " <interface> <pcap_filter>" << endl;
return 1;
}
string iface = argv[1];
string filter = argv[2];
try {
ICMPResponder responder(iface, type, code);
responder.run(filter);
}
catch (exception& ex) {
cout << "Error: " << ex.what() << endl;
}
int main(int argc, char* argv[]) {
const int type = 3;
const int code = 0;
if (argc < 3) {
cout << "Usage: " << argv[0] << " <interface> <pcap_filter>" << endl;
return 1;
}
string iface = argv[1];
string filter = argv[2];
try {
ICMPResponder responder(iface, type, code);
responder.run(filter);
}
catch (exception& ex) {
cout << "Error: " << ex.what() << endl;
}
}

43
examples/interfaces_info.cpp
View File

@@ -31,28 +31,31 @@
#include <iostream>
#include <tins/network_interface.h>
using std::cout;
using std::endl;
using std::string;
using namespace Tins;
using namespace std;
int main() {
// Get all interfaces and iterate over them.
for (const NetworkInterface& iface : NetworkInterface::all()) {
// Get the name of this interface
string name = iface.name();
// Get all interfaces and iterate over them.
for (const NetworkInterface& iface : NetworkInterface::all()) {
// Get the name of this interface
string name = iface.name();
// "stringify" the status of the interface
string status = iface.is_up() ? "up" : "down";
// Get this interface's information (addresses).
NetworkInterface::Info info = iface.info();
// Now print all of this info.
cout << name << ": " << endl;
cout << " HW address: " << info.hw_addr << endl
<< " IP address: " << info.ip_addr << endl
<< " Netmask: " << info.netmask << endl
<< " Broadcast: " << info.bcast_addr << endl
<< " Iface index: " << iface.id() << endl
<< " Status: " << "interface " << status << endl << endl;
}
// "stringify" the status of the interface
string status = iface.is_up() ? "up" : "down";
// Get this interface's information (addresses).
NetworkInterface::Info info = iface.info();
// Now print all of this info.
cout << name << ": " << endl;
cout << " HW address: " << info.hw_addr << endl
<< " IP address: " << info.ip_addr << endl
<< " Netmask: " << info.netmask << endl
<< " Broadcast: " << info.bcast_addr << endl
<< " Iface index: " << iface.id() << endl
<< " Status: " << "interface " << status << endl << endl;
}
}

67
examples/portscan.cpp
View File

@@ -44,22 +44,30 @@
#include <tins/utils.h>
#include <tins/packet_sender.h>
using std::cout;
using std::endl;
using std::vector;
using std::pair;
using std::setw;
using std::string;
using std::set;
using std::runtime_error;
using namespace std;
using namespace Tins;
typedef std::pair<Sniffer*, std::string> sniffer_data;
typedef pair<Sniffer*, string> sniffer_data;
class Scanner {
public:
Scanner(const NetworkInterface& interface, const IPv4Address& address,
const vector<string>& ports);
Scanner(const NetworkInterface& interface,
const IPv4Address& address,
const vector<string>& ports);
void run();
private:
void send_syns(const NetworkInterface &iface, IPv4Address dest_ip);
bool callback(PDU &pdu);
static void *thread_proc(void *param);
void send_syns(const NetworkInterface& iface, IPv4Address dest_ip);
bool callback(PDU& pdu);
static void* thread_proc(void* param);
void launch_sniffer();
NetworkInterface iface;
@@ -68,37 +76,35 @@ private:
Sniffer sniffer;
};
Scanner::Scanner(const NetworkInterface& interface, const IPv4Address& address,
const vector<string>& ports)
: iface(interface), host_to_scan(address), sniffer(interface.name())
{
Scanner::Scanner(const NetworkInterface& interface,
const IPv4Address& address,
const vector<string>& ports)
: iface(interface), host_to_scan(address), sniffer(interface.name()) {
sniffer.set_filter(
"tcp and ip src " + address.to_string() + " and tcp[tcpflags] & (tcp-rst|tcp-syn) != 0"
);
for(size_t i = 0; i < ports.size(); ++i) {
for (size_t i = 0; i < ports.size(); ++i) {
ports_to_scan.insert(atoi(ports[i].c_str()));
}
}
void *Scanner::thread_proc(void *param) {
Scanner *data = (Scanner*)param;
void* Scanner::thread_proc(void* param) {
Scanner* data = (Scanner*)param;
data->launch_sniffer();
return 0;
}
void Scanner::launch_sniffer()
{
void Scanner::launch_sniffer() {
sniffer.sniff_loop(make_sniffer_handler(this, &Scanner::callback));
}
/* Our scan handler. This will receive SYNs and RSTs and inform us
* the scanned port's status.
*/
bool Scanner::callback(PDU &pdu)
{
bool Scanner::callback(PDU& pdu) {
// Find the layers we want.
const IP &ip = pdu.rfind_pdu<IP>();
const TCP &tcp = pdu.rfind_pdu<TCP>();
const IP& ip = pdu.rfind_pdu<IP>();
const TCP& tcp = pdu.rfind_pdu<TCP>();
// Check if the host that we're scanning sent this packet and
// the source port is one of those that we scanned.
if(ip.src_addr() == host_to_scan && ports_to_scan.count(tcp.sport()) == 1) {
@@ -117,8 +123,7 @@ bool Scanner::callback(PDU &pdu)
return true;
}
void Scanner::run()
{
void Scanner::run() {
pthread_t thread;
// Launch our sniff thread.
pthread_create(&thread, 0, &Scanner::thread_proc, this);
@@ -126,25 +131,25 @@ void Scanner::run()
send_syns(iface, host_to_scan);
// Wait for our sniffer.
void *dummy;
void* dummy;
pthread_join(thread, &dummy);
}
// Send syns to the given ip address, using the destination ports provided.
void Scanner::send_syns(const NetworkInterface &iface, IPv4Address dest_ip) {
void Scanner::send_syns(const NetworkInterface& iface, IPv4Address dest_ip) {
// Retrieve the addresses.
NetworkInterface::Info info = iface.addresses();
PacketSender sender;
// Allocate the IP PDU
IP ip = IP(dest_ip, info.ip_addr) / TCP();
// Get the reference to the TCP PDU
TCP &tcp = ip.rfind_pdu<TCP>();
TCP& tcp = ip.rfind_pdu<TCP>();
// Set the SYN flag on.
tcp.set_flag(TCP::SYN, 1);
// Just some random port.
tcp.sport(1337);
cout << "Sending SYNs..." << endl;
for(set<uint16_t>::const_iterator it = ports_to_scan.begin(); it != ports_to_scan.end(); ++it) {
for (set<uint16_t>::const_iterator it = ports_to_scan.begin(); it != ports_to_scan.end(); ++it) {
// Set the new port and send the packet!
tcp.dport(*it);
sender.send(ip);
@@ -163,7 +168,7 @@ void Scanner::send_syns(const NetworkInterface &iface, IPv4Address dest_ip) {
sender.send(eth, iface);
}
void scan(int argc, char *argv[]) {
void scan(int argc, char* argv[]) {
IPv4Address ip(argv[1]);
// Resolve the interface which will be our gateway
NetworkInterface iface(ip);
@@ -176,13 +181,15 @@ void scan(int argc, char *argv[]) {
scanner.run();
}
int main(int argc, char *argv[]) {
if(argc < 3 && cout << "Usage: " << *argv << " <IPADDR> <port1> [port2] [port3]\n")
int main(int argc, char* argv[]) {
if (argc < 3) {
cout << "Usage: " <<* argv << " <IPADDR> <port1> [port2] [port3]" << endl;
return 1;
}
try {
scan(argc, argv);
}
catch(std::runtime_error &ex) {
catch(runtime_error& ex) {
cout << "Error - " << ex.what() << endl;
}
}

24
examples/route_table.cpp
View File

@@ -32,17 +32,21 @@
#include <vector>
#include <tins/tins.h>
using namespace std;
using std::cout;
using std::endl;
using std::setw;
using std::vector;
using namespace Tins;
int main() {
vector<Utils::RouteEntry> entries = Utils::route_entries();
for (size_t i = 0; i < entries.size(); ++i) {
cout << "Entry " << setw(2) << i << ": " << endl
<< "Interface: " << entries[i].interface << endl
<< "Destination: " << entries[i].destination << endl
<< "Gateway: " << entries[i].gateway << endl
<< "Genmask: " << entries[i].mask << endl
<< "Metric: " << entries[i].metric << endl << endl;
}
vector<Utils::RouteEntry> entries = Utils::route_entries();
for (size_t i = 0; i < entries.size(); ++i) {
cout << "Entry " << setw(2) << i << ": " << endl
<< "Interface: " << entries[i].interface << endl
<< "Destination: " << entries[i].destination << endl
<< "Gateway: " << entries[i].gateway << endl
<< "Genmask: " << entries[i].mask << endl
<< "Metric: " << entries[i].metric << endl << endl;
}
}

74
examples/traceroute.cpp
View File

@@ -43,6 +43,25 @@
#include <mutex>
#include <tins/tins.h>
using std::cout;
using std::endl;
using std::move;
using std::map;
using std::min;
using std::setw;
using std::atomic;
using std::runtime_error;
using std::string;
using std::to_string;
using std::thread;
using std::this_thread::sleep_for;
using std::lock_guard;
using std::mutex;
using std::random_device;
using std::numeric_limits;
using std::bind;
using std::chrono::milliseconds;
using namespace Tins;
class Traceroute {
@@ -50,8 +69,8 @@ public:
typedef std::map<uint16_t, IPv4Address> result_type;
Traceroute(NetworkInterface interface, IPv4Address address)
: iface(interface), addr(address), lowest_dest_ttl(std::numeric_limits<int>::max()) {
sequence = std::random_device()();
: iface(interface), addr(address), lowest_dest_ttl(numeric_limits<int>::max()) {
sequence = random_device()();
}
result_type trace() {
@@ -64,7 +83,7 @@ public:
PacketSender sender;
// Create our handler
auto handler = std::bind(
auto handler = bind(
&Traceroute::sniff_callback,
this,
std::placeholders::_1
@@ -72,7 +91,7 @@ public:
// We're running
running = true;
// Start the sniff thread
std::thread sniff_thread(
thread sniff_thread(
[&]() {
sniffer.sniff_loop(handler);
}
@@ -80,23 +99,23 @@ public:
send_packets(sender);
sniff_thread.join();
// If the final hop responded, add its address at the appropriate ttl
if (lowest_dest_ttl != std::numeric_limits<int>::max()) {
if (lowest_dest_ttl != numeric_limits<int>::max()) {
results[lowest_dest_ttl] = addr;
}
// Clear our results and return what we've found
return std::move(results);
return move(results);
}
private:
typedef std::map<uint16_t, size_t> ttl_map;
typedef map<uint16_t, size_t> ttl_map;
void send_packets(PacketSender &sender) {
void send_packets(PacketSender& sender) {
// ICMPs are icmp-requests by default
IP ip = IP(addr, iface.addresses().ip_addr) / ICMP();
ICMP& icmp = ip.rfind_pdu<ICMP>();
icmp.sequence(sequence);
// We'll find at most 20 hops.
for(auto i = 1; i <= 20; ++i) {
for (auto i = 1; i <= 20; ++i) {
// Set this ICMP id
icmp.id(i);
// Set the time-to-live option
@@ -104,22 +123,22 @@ private:
// Critical section
{
std::lock_guard<std::mutex> _(lock);
lock_guard<mutex> _(lock);
ttls[i] = i;
}
sender.send(ip);
// Give him a little time
std::this_thread::sleep_for(std::chrono::milliseconds(100));
sleep_for(milliseconds(100));
}
running = false;
sender.send(ip);
}
bool sniff_callback(PDU &pdu) {
bool sniff_callback(PDU& pdu) {
// Find IP and ICMP PDUs
const IP &ip = pdu.rfind_pdu<IP>();
const ICMP &icmp = pdu.rfind_pdu<ICMP>();
const IP& ip = pdu.rfind_pdu<IP>();
const ICMP& icmp = pdu.rfind_pdu<ICMP>();
// Check if this is an ICMP TTL exceeded error response
if (icmp.type() == ICMP::TIME_EXCEEDED) {
// Fetch the IP PDU attached to the ICMP response
@@ -147,39 +166,42 @@ private:
else if (icmp.type() == ICMP::ECHO_REPLY && icmp.sequence() == sequence &&
ip.src_addr() == addr) {
// Keep the lowest ttl seen for the destination.
lowest_dest_ttl = std::min(lowest_dest_ttl, static_cast<int>(icmp.id()));
lowest_dest_ttl = min(lowest_dest_ttl, static_cast<int>(icmp.id()));
}
return running;
}
NetworkInterface iface;
IPv4Address addr;
std::atomic<bool> running;
atomic<bool> running;
ttl_map ttls;
result_type results;
std::mutex lock;
mutex lock;
uint16_t sequence;
int lowest_dest_ttl;
};
int main(int argc, char* argv[]) {
if(argc <= 1 && std::cout << "Usage: " << *argv << " <ip_address>\n")
if (argc <= 1) {
cout << "Usage: " <<* argv << " <ip_address>" << endl;
return 1;
}
try {
IPv4Address addr((std::string(argv[1])));
IPv4Address addr = string(argv[1]);
Traceroute tracer(addr, addr);
auto results = tracer.trace();
if(results.empty())
std::cout << "No hops found" << std::endl;
if (results.empty()) {
cout << "No hops found" << endl;
}
else {
std::cout << "Results: " << std::endl;
for(const auto &entry : results) {
std::cout << std::setw(2) << entry.first << " - " << entry.second << std::endl;
cout << "Results: " << endl;
for(const auto& entry : results) {
cout << setw(2) << entry.first << " - " << entry.second << endl;
}
}
}
catch(std::runtime_error &ex) {
std::cout << "Error - " << ex.what() << std::endl;
catch (runtime_error& ex) {
cout << "Error - " << ex.what() << endl;
return 2;
}
}

8
examples/wps_detect.cpp
View File

@@ -41,11 +41,11 @@ std::set<HWAddress<6>> addrs;
const HWAddress<3> expected_oui("00:50:F2");
bool handler(const PDU& pdu) {
const Dot11Beacon &beacon = pdu.rfind_pdu<Dot11Beacon>();
const Dot11Beacon& beacon = pdu.rfind_pdu<Dot11Beacon>();
// Only process it once
if(addrs.insert(beacon.addr3()).second) {
// Iterate the tagged options
for(const auto &opt : beacon.options()) {
for(const auto& opt : beacon.options()) {
// Is this a vendor-specific tag?
if(opt.option() == Dot11::VENDOR_SPECIFIC) {
// Make sure there's enough size for the OUI + identifier
@@ -63,9 +63,9 @@ bool handler(const PDU& pdu) {
return true;
}
int main(int argc, char *argv[]) {
int main(int argc, char* argv[]) {
if(argc != 2) {
std::cout << "Usage: " << *argv << " <DEVICE>\n";
std::cout << "Usage: " <<* argv << " <DEVICE>\n";
return 1;
}
// Only sniff beacons