📄 sdm_utils.c
字号:
//--------------------------------------------------------------------//----- $Header: /home/cvsroot/sebek/mon/sdm_utils.c,v 1.3 2002/09/09 00:09:59 cvs Exp $//--------------------------------------------------------------------/* * Copyright (C) 2001/2002 The Honeynet Project. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by The Honeynet Project. * 4. The name "The Honeynet Project" may not be used to endorse or promote * products derived from this software without specific prior written * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */#include <sdm_utils.h>//----- mac addrs still suck//------------------------------------------------------------------------------//----- GLOBALS//------------------------------------------------------------------------------PV pv;const char * filename = "/dev/sebek";const u_int32_t netmasks[33] = {0x0, 0x80000000, 0xC0000000, 0xE0000000, 0xF0000000, 0xF8000000, 0xFC000000, 0xFE000000, 0xFF000000, 0xFF800000, 0xFFC00000, 0xFFE00000, 0xFFF00000, 0xFFF80000, 0xFFFC0000, 0xFFFE0000, 0xFFFF0000, 0xFFFF8000, 0xFFFFC000, 0xFFFFE000, 0xFFFFF000, 0xFFFFF800, 0xFFFFFC00, 0xFFFFFE00, 0xFFFFFF00, 0xFFFFFF80, 0xFFFFFFC0, 0xFFFFFFE0, 0xFFFFFFF0, 0xFFFFFFF8, 0xFFFFFFFC, 0xFFFFFFFE, 0xFFFFFFFF};u_int get_id(){ int fd, retval, buflen; struct ifconf data; char * ptr; char * buffer; struct ifreq *record; u_int32_t ip; //---- sure stevens talks about having the while //---- do the sizing, but I am lazy and we only need //---- the first non-loopback IP addr. buflen = 1024 * sizeof(struct ifreq); buffer = (char *)calloc(buflen,1); if(buffer == NULL){ return 0; } //----- for more info on the goofy world of IOCTL see //----- section 16.6 in Steven's Unix Network Programming data.ifc_len = buflen; data.ifc_buf = buffer; fd = socket(AF_INET,SOCK_DGRAM,0); if(fd < 0){ free(buffer); return 0; } retval = ioctl(fd,SIOCGIFCONF,&data); if(retval < 0){ free(buffer); return 0; } //----- cycle through results. for(ptr = buffer; ptr < buffer + data.ifc_len; ){ record = (struct ifreq*)ptr; //---- is it an IP address? if(record->ifr_addr.sa_family == AF_INET){ ip = htonl(((struct sockaddr_in *)&record->ifr_addr)->sin_addr.s_addr); //----- is it not the Loopback address? if(ip != INADDR_LOOPBACK){ free(buffer); return ip; } } ptr += sizeof(record->ifr_name) + sizeof(struct sockaddr); } free(buffer); return 0;}int open_socket(){ int socket; socket = libnet_open_raw_sock(IPPROTO_RAW); if (socket == -1) { libnet_error(LIBNET_ERR_FATAL, "Cannot open network.\n"); exit(-1); } return socket;}void create_udp(const u_char *payload, int paysize, struct libnet_link_int *write2net, u_char *libnet_dev,int type){ int pktsize; int confirm; u_char *packet; u_int32_t sip; u_int32_t stmp; u_int32_t dip; u_int32_t dtmp; u_int16_t sport; u_int16_t dport; u_char smac[6]; u_char dmac[6]; char libnet_err[LIBNET_ERRBUF_SIZE]; int num = 0; u_char ivec[16]; u_char new_load[IBUF +1]; //----- range check if(paysize > IBUF){ if(pv.verbose)printf("warning paysize too large\n"); return; } //----- set IP source and destination //----- still need to check for bcast or netid sip = (libnet_get_prand(PRu32) & ~pv.src_mask) | (pv.src_ip & pv.src_mask); dip = (libnet_get_prand(PRu32) & ~pv.dst_mask) | (pv.dst_ip & pv.dst_mask); //----- set the MAC source and destination //----- rotate 2 bits to the left. stmp = (((sip & 0xc0000000) >> 30) | sip << 2); dtmp = (((dip & 0xc0000000) >> 30) | dip << 2); smac[0] = 0x00; smac[1] = 0x02; smac[2] = 0xb3; smac[3] = (stmp & 0x00ff0000) >> 16; smac[4] = (stmp & 0x0000ff00) >> 8; smac[5] = stmp & 0x000000ff; dmac[0] = 0x00; dmac[1] = 0x02; dmac[2] = 0xb3; dmac[3] = (dtmp & 0x00ff0000) >> 16; dmac[4] = (dtmp & 0x0000ff00) >> 8; dmac[5] = dtmp & 0x000000ff; //----- Set the source and destination ports if(pv.dst_port ){ dport = pv.dst_port; if(pv.magic){ sport = dport + pv.magic; }else{ //----- fixed dest and random source port sport = ((u_int16_t)libnet_get_prand(PRu16)) % 5000; } }else{ if(pv.magic ){ //----- use magic number sport = ((u_int16_t)libnet_get_prand(PRu16)) % (pv.magic -1); if(sport == 0)sport++; dport = pv.magic - sport; }else{ //----- this shouldnt happen sport = ((u_int16_t)libnet_get_prand(PRu16)) % (pv.magic -1); dport = ((u_int16_t)libnet_get_prand(PRu16)) % (pv.magic -1); } } if(paysize < 18){ //------- need to investigate this, noticed some odd things in ssl when < 18 paysize = 18; if(pv.verbose)printf("warning: short string may cause problems: %s\n",payload); } //----- Encrypt the payload memset(ivec,0,sizeof(ivec)); BF_cfb64_encrypt(payload,new_load,paysize,&(pv.key),ivec,&num,BF_ENCRYPT); //----- Calculate packet size pktsize = LIBNET_ETH_H + LIBNET_IP_H + LIBNET_UDP_H + paysize; if ((libnet_init_packet(pktsize, &packet)) == -1) FatalError("unable to open interface: %s\n",libnet_err); //----- Build the Ethernet Frame libnet_build_ethernet(dmac, smac, ETHERTYPE_IP, NULL, 0, packet); //----- Build the IP Packet libnet_build_ip(LIBNET_UDP_H + paysize, 0, 242, 0, 64, IPPROTO_UDP, htonl(sip), htonl(dip), new_load, paysize, packet + LIBNET_ETH_H); //----- Build the UDP datagram //----- why does using htonl botch this? libnet_build_udp(sport,dport,new_load, paysize, packet+LIBNET_IP_H+LIBNET_ETH_H); //----- Checksum the UDP if (libnet_do_checksum(packet + ETH_H, IPPROTO_UDP, LIBNET_UDP_H + paysize) == -1) FatalError("Cannot compute UDP checksum.\n"); //----- Checksum the IP if (libnet_do_checksum(packet + ETH_H, IPPROTO_IP, LIBNET_IP_H) == -1) FatalError("Cannot compute IP checksum \n"); //----- Transmit the packet confirm = libnet_write_link_layer(write2net, libnet_dev, packet, pktsize); //----- free the memory used by the pkt libnet_destroy_packet(&packet); //----- Check to seee if all went well if (confirm < pktsize) FatalError("libnet_write_link_layer only wrote 0x%x of 0x%x bytes .\n", confirm, pktsize); }/* * Function: FatalError(const char *, ...) * * Purpose: When a fatal error occurs, this function prints the error message * and cleanly shuts down the program * * Arguments: format => the formatted error string to print out * ... => format commands/fillers * * Returns: void function */void FatalError(const char *format,...){ va_list ap; va_start(ap, format); vfprintf(stderr, format, ap); fprintf(stderr,"Fatal Error, Quitting..\n"); exit(1);}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -