📄 ec_inet_macosx.c
字号:
#if defined(BIOCGHDRCMPLT) && defined(BIOCSHDRCMPLT) u_int spoof_eth_src = 1;#endif if (bpf_in_use != 0) { DEBUG_MSG("Inet_OpenRawSock %s", iface); DEBUG_MSG("Inet_OpenRawSock \t bpf_in_use = %d ", bpf_in_use); return bpf_in_use; } Inet_GetIfaceInfo(iface, NULL, MyMAC, NULL, NULL); insns[1].k = htons(*(short *)MyMAC); // put MyMac in the filter... insns[3].k = htons(*(short *)(MyMAC+2)); insns[5].k = htons(*(short *)(MyMAC+4)); DEBUG_MSG("Inet_OpenRawSock %s", iface); do // find an available bpf device { sprintf(device, "/dev/bpf%d", i++); fd = open(device, O_RDWR); } while (fd < 0 && errno == EBUSY); if (fd < 0) Error_msg("ec_inet_macosx:%d no /dev/bpf* available (tried to open %d) | ERRNO : %d | %s", __LINE__, i, errno, strerror(errno)); DEBUG_MSG("Inet_OpenRawSock \t fd = %d -- /dev/bpf%d ", fd, i-1); if (ioctl(fd, BIOCVERSION, (caddr_t)&bv) < 0) // get bpf version ERROR_MSG(" ioctl(BIOCVERSION)"); if (bv.bv_major != BPF_MAJOR_VERSION || bv.bv_minor < BPF_MINOR_VERSION) Error_msg(" Kernel bpf filter out of date "); for (size = 32768; size != 0; size >>= 1) { ioctl(fd, BIOCSBLEN, (caddr_t)&size); strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name)); // attach the iface to the bpf if (ioctl(fd, BIOCSETIF, (caddr_t)&ifr) >= 0) break; /* that size worked; we're done */ if (errno != ENOBUFS) ERROR_MSG(" ioctl(BIOCSETIF)"); } if (size == 0) Error_msg("BIOCSBLEN: No buffer size worked"); if (ioctl(fd, BIOCGBLEN, (caddr_t)&size) < 0) ERROR_MSG(" ioctl(BIOCGBLEN)"); if (ioctl(fd, BIOCGDLT, (caddr_t)&type) == -1) // Get the data link layer type. ERROR_MSG(" ioctl(BIOCGDLT)"); if (type != DLT_EN10MB) Error_msg("%s : Interface not supported ( only DLT_EN10MB) | %d", iface, type);#if defined(BIOCGHDRCMPLT) && defined(BIOCSHDRCMPLT) // auto fill the source mac address now set OFF if (ioctl(fd, BIOCSHDRCMPLT, &spoof_eth_src) == -1) ERROR_MSG(" ioctl(BIOCSHDRCMPLT)");#endif i = 1; if (ioctl(fd, BIOCIMMEDIATE, &i) < 0) // Set immediate mode so packets are processed as they arrive. ERROR_MSG(" ioctl(BIOCIMMEDIATE)"); if (ioctl(fd, BIOCSETF, (caddr_t)&filter) < 0) // Set filter program. ERROR_MSG(" ioctl(BIOCSETF)"); bpf_in_use = fd; return fd;}int Inet_GetRawPacket(int sock, char *buffer, int MTU, short *type){ int len = 0, pktlen = 0; u_char *buf, *bp, *ep; static char MyMAC[6]={0x65,0x74,0x74,0x65,0x72,0x63}; if (SocketBuffer == -1) // only the first time SocketBuffer = Buffer_Create(1.0e5); // 100 K buffer Buffer_Get(SocketBuffer, &pktlen, sizeof(u_int)); len = Buffer_Get(SocketBuffer, buffer, pktlen ); if (type != NULL) { if (!strncmp(MyMAC,"etterc",6)) // only the first time... Inet_GetIfaceInfo(Options.netiface, NULL, MyMAC, NULL, NULL); if (!memcmp(MyMAC,buffer,6)) *type = 0; // PACKET_HOST else *type = 1; // !PACKET_HOST } if (len > 0) return len; // there was pending fata. buf = (char *)calloc(size, sizeof(char)); // size is global and set by BIOCGBLEN len = read(sock, buf, size);#define bhp ((struct bpf_hdr *)bp) // Loop through the packet(s) bp = buf; ep = bp + len; while (bp < ep) { u_int caplen, hdrlen; caplen = bhp->bh_caplen; hdrlen = bhp->bh_hdrlen;// // bp + hdrlen is my packet// // caplen is the length if (caplen > MTU + ETH_HEADER) caplen = MTU + ETH_HEADER; // evil workaround for the 1518 size packet with FCS Buffer_Put(SocketBuffer, &caplen, sizeof(u_int) ); Buffer_Put(SocketBuffer, bp + hdrlen, caplen ); bp += BPF_WORDALIGN(hdrlen + caplen); }#undef bhp Buffer_Get(SocketBuffer, &pktlen, sizeof(u_int)); len = Buffer_Get(SocketBuffer, buffer, pktlen ); if (type != NULL) { if (!memcmp(MyMAC,buffer,6)) *type = 0; // PACKET_HOST else *type = 1; // !PACKET_HOST } free(buf); return len;}int Inet_SendRawPacket(int sock, char *buffer, int len){ int sent; sent = write(sock, buffer, len); if (sent < len) { while (errno == ENOBUFS) { usleep(5000); sent = write(sock, buffer, len); if (sent == len) return (sent); } Error_msg("ec_inet_macosx:%d write() %d(%d) | ERRNO : %d | %s \n", __LINE__, len, sent, errno, strerror(errno)); } return (sent);}int Inet_SetPromisc(char *iface){ DEBUG_MSG("Inet_SetPromisc %s %d", iface, bpf_in_use); if ( ioctl(bpf_in_use, BIOCPROMISC, NULL) < 0 ) ERROR_MSG("ioctl(BIOCPROMISC)"); return 0;}void Inet_Restore_ifr(void){ // this function is not needed !! // when a bpf is closed, the interface is restored}void Inet_DisableForwarding(void){ int mib[4]; // for sysctl() int val = 0; // for sysctl() disable size_t len; mib[0] = CTL_NET; mib[1] = PF_INET; mib[2] = IPPROTO_IP; mib[3] = IPCTL_FORWARDING; len = sizeof(IpForward_status); if( (sysctl(mib, 4, &IpForward_status, &len, &val, sizeof(val))) == -1) ERROR_MSG("sysctl() | net.inet.ip.forwarding"); DEBUG_MSG("Inet_DisableForwarding | net.inet.ip.forwarding = %d old_value = %d\n", val, IpForward_status); atexit(Inet_RestoreForwarding);}void Inet_RestoreForwarding(void){ int mib[4]; // for sysctl() mib[0] = CTL_NET; mib[1] = PF_INET; mib[2] = IPPROTO_IP; mib[3] = IPCTL_FORWARDING; if (strcmp(ECThread_getname(pthread_self()), PROGRAM)) return; if( (sysctl(mib, 4, NULL, NULL, &IpForward_status, sizeof(IpForward_status))) == -1) ERROR_MSG("sysctl()"); DEBUG_MSG("Inet_RestoreForwarding | net.inet.ip.forwarding = %d\n", IpForward_status);}char *Inet_MacFromIP(unsigned long ip){ int mib[6]; size_t len; char *buf, *next, *end; struct rt_msghdr *rtm; struct sockaddr_inarp *sin; struct sockaddr_dl *sdl; static char ETH_BROADCAST[6] = {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}; DEBUG_MSG("Inet_MacFromIP"); mib[0] = CTL_NET; mib[1] = AF_ROUTE; mib[2] = 0; mib[3] = AF_INET; mib[4] = NET_RT_FLAGS; mib[5] = RTF_LLINFO; if (sysctl(mib, 6, NULL, &len, NULL, 0) < 0) ERROR_MSG("sysctl()"); if ((buf = (char *)malloc(len)) == NULL) ERROR_MSG("malloc()"); if (sysctl(mib, 6, buf, &len, NULL, 0) < 0) { free(buf); ERROR_MSG("sysctl()"); } end = buf + len; for (next = buf ; next < end ; next += rtm->rtm_msglen) { rtm = (struct rt_msghdr *)next; sin = (struct sockaddr_inarp *)(rtm + 1); sdl = (struct sockaddr_dl *)(sin + 1); if (sin->sin_addr.s_addr == ip && sdl->sdl_alen) { free(buf); return LLADDR(sdl); } else // not in cache... try to find it... { struct recv_packet recvpck; char MyMAC[6]; u_long MyIP; int MTU, sock; TIME_DECLARE; DEBUG_MSG("Inet_MacFromIP -- try to find it"); sock = Inet_OpenRawSock(Options.netiface); Inet_GetIfaceInfo(Options.netiface, &MTU, MyMAC, &MyIP, NULL); if (ip == MyIP) { DEBUG_MSG("Inet_MacFromIP -- try to find me... ;)"); memcpy(LLADDR(sdl), MyMAC, ETHER_ADDR_LEN); Inet_CloseRawSock(sock); return (char *) LLADDR(sdl); } recvpck.buf = Inet_Forge_packet( MTU + ALIGN_ETH_TO_WORD ); recvpck.aligned = recvpck.buf + ALIGN_ETH_TO_WORD; Inet_Forge_ethernet( recvpck.aligned, MyMAC, ETH_BROADCAST, ETH_P_ARP ); Inet_Forge_arp( recvpck.aligned + ETH_HEADER, ARPOP_REQUEST, MyMAC, MyIP, ARP_BROADCAST, ip ); Inet_SendRawPacket(sock, buf, ETH_HEADER + ARP_HEADER); memset(recvpck.aligned, 0, MTU); fcntl(sock, F_SETFL, O_NONBLOCK); TIME_START; do { int len; short pkttype; ETH_header *ethpkt; ARP_header *arppkt; len = Inet_GetRawPacket(sock, recvpck.aligned, MTU, &pkttype); ethpkt = (ETH_header *)recvpck.aligned; arppkt = (ARP_header *)(recvpck.aligned + ETH_HEADER); TIME_FINISH; if (len > 0 && pkttype == PACKET_HOST && ethpkt->type == htons(ETH_P_ARP) && arppkt->opcode == htons(ARPOP_REPLY)) { if ( *(unsigned long *)arppkt->source_ip == ip ) { memcpy(LLADDR(sdl), &arppkt->source_add, ETHER_ADDR_LEN); free(buf); Inet_Forge_packet_destroy( recvpck.buf ); Inet_CloseRawSock(sock); return (char *) LLADDR(sdl); } } } while ( TIME_ELAPSED < 0.5 ); Inet_Forge_packet_destroy( recvpck.buf ); Inet_CloseRawSock(sock); } } free(buf); return ETH_BROADCAST; // workaround for non local ip}/* EOF */// vim:ts=3:expandtab⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -