📄 airodump-ng.c
字号:
fprintf( f_csv_out, "%02X:%02X:%02X:%02X:%02X:%02X, ",
ap_cur->bssid[0], ap_cur->bssid[1],
ap_cur->bssid[2], ap_cur->bssid[3],
ap_cur->bssid[4], ap_cur->bssid[5] );
ltime = localtime( &ap_cur->tinit );
fprintf( f_csv_out, "%04d-%02d-%02d %02d:%02d:%02d, ",
1900 + ltime->tm_year, 1 + ltime->tm_mon,
ltime->tm_mday, ltime->tm_hour,
ltime->tm_min, ltime->tm_sec );
ltime = localtime( &ap_cur->tlast );
fprintf( f_csv_out, "%04d-%02d-%02d %02d:%02d:%02d, ",
1900 + ltime->tm_year, 1 + ltime->tm_mon,
ltime->tm_mday, ltime->tm_hour,
ltime->tm_min, ltime->tm_sec );
fprintf( f_csv_out, "%2d, %3d, ",
ap_cur->chanl,
ap_cur->speed );
switch( ap_cur->crypt )
{
case 0: fprintf( f_csv_out, "OPN " ); break;
case 1: fprintf( f_csv_out, "WEP?" ); break;
case 2: fprintf( f_csv_out, "WEP " ); break;
case 3: fprintf( f_csv_out, "WPA " ); break;
default: fprintf( f_csv_out, " " ); break;
}
fprintf( f_csv_out, ", %3d, %8ld, %8ld, ",
ap_cur->power,
ap_cur->nb_bcn,
ap_cur->nb_data );
fprintf( f_csv_out, "%3d.%3d.%3d.%3d, ",
ap_cur->lanip[0], ap_cur->lanip[1],
ap_cur->lanip[2], ap_cur->lanip[2] );
fprintf( f_csv_out, "%-32s\r\n", ap_cur->essid );
ap_cur = ap_cur->next;
}
fprintf( f_csv_out,
"\r\nStation MAC, First time seen, Last time seen, "
"Power, # packets, BSSID, ESSID\r\n" );
st_cur = st_1st;
while( st_cur != NULL )
{
ap_cur = st_cur->base;
if( ap_cur->nb_pkt < 2 )
{
st_cur = st_cur->next;
continue;
}
fprintf( f_csv_out, "%02X:%02X:%02X:%02X:%02X:%02X, ",
st_cur->stmac[0], st_cur->stmac[1],
st_cur->stmac[2], st_cur->stmac[3],
st_cur->stmac[4], st_cur->stmac[5] );
ltime = localtime( &st_cur->tinit );
fprintf( f_csv_out, "%04d-%02d-%02d %02d:%02d:%02d, ",
1900 + ltime->tm_year, 1 + ltime->tm_mon,
ltime->tm_mday, ltime->tm_hour,
ltime->tm_min, ltime->tm_sec );
ltime = localtime( &st_cur->tlast );
fprintf( f_csv_out, "%04d-%02d-%02d %02d:%02d:%02d, ",
1900 + ltime->tm_year, 1 + ltime->tm_mon,
ltime->tm_mday, ltime->tm_hour,
ltime->tm_min, ltime->tm_sec );
fprintf( f_csv_out, "%3d, %8ld, ",
st_cur->power,
st_cur->nb_pkt );
fprintf( f_csv_out, "%02X:%02X:%02X:%02X:%02X:%02X, ",
ap_cur->bssid[0], ap_cur->bssid[1],
ap_cur->bssid[2], ap_cur->bssid[3],
ap_cur->bssid[4], ap_cur->bssid[5] );
fprintf( f_csv_out, "%-32s\r\n", ap_cur->essid );
st_cur = st_cur->next;
}
fprintf( f_csv_out, "\r\n" );
fflush( f_csv_out );
}struct arguments
{
int card_index;
int card_model;
int channels[16];
char *oprefix;
int ivs_only;
}
arg;
int rawlen;
unsigned char rawbuf[65536];
unsigned char buffer[65536];
HANDLE semPacket1;
HANDLE semPacket2;
int prompt_exit( int retval )
{
int i;
printf( "\n Press Ctrl-C to exit.\n" );
scanf( "%d", &i );
exit( retval );
}
int bg_chans[] = { 1, 5, 10, 2, 6, 11, 3, 7, 12, 4, 8, 13, 9, 0 };
int parse_channels( char *s )
{
int i = 0, j, n;
while( sscanf( s, "%d", &n ) == 1 )
{
if( n == 0 )
{
for( j = 0; j < 14; j++ )
arg.channels[j] = bg_chans[j];
return( 0 );
}
if( n < 1 || n > 14 )
return( 1 );
arg.channels[i] = n; i++;
arg.channels[i] = 0;
if( i == 14 ) break;
while( isdigit( *s ) != 0 )
s++;
while( isdigit( *s ) == 0 )
{
if( *s == '\0' )
return( 0 );
s++;
}
}
return( i == 0 );
}
void ask_parameters( void )
{
int nbcards;
char strbuf[512];
nbcards = show_cards();
if( nbcards == 0 )
{
fprintf( stderr, " No adapters have been detected - make sure"
" peek5.sys is present and your card is plugged in.\n" );
prompt_exit( 1 );
}
ask_arg1:
printf( " Network interface index number -> " );
scanf( "%s", strbuf );
arg.card_index = atoi( strbuf );
if( open_adapter( arg.card_index ) != 0 )
goto ask_arg1;
printf( "\n Interface types: 'o' = HermesI/Realtek\n"
" 'a' = Aironet/Atheros\n" );
ask_arg2:
printf( "\n Network interface type (o/a) -> " );
scanf( "%s", strbuf );
arg.card_model = strbuf[0] & 0xDF;
if( arg.card_model != 'O' &&
arg.card_model != 'A' )
goto ask_arg2;
ask_arg3:
printf( "\n Channel(s): 1 to 14, 0 = all -> " );
scanf( "%s", strbuf );
if( parse_channels( strbuf ) != 0 )
goto ask_arg3;
printf( "\n (note: if you specify the same output prefix, " \
"airodump will resume\n the capture session by " \
"appending data to the existing capture file)\n" );
ask_arg4:
printf( "\n Output filename prefix -> " );
scanf( "%s", strbuf );
if( strbuf[0] == '\0' )
goto ask_arg4;
arg.oprefix = malloc( strlen( strbuf ) );
memcpy( arg.oprefix, strbuf, strlen( strbuf ) + 1 );
printf( "\n (note: to save space and only store the captured " \
"WEP IVs, press y.\n The resulting capture file " \
"will only be useful for WEP cracking)\n" );
ask_arg5:
printf( "\n Only write WEP IVs (y/n) -> " );
scanf( "%s", strbuf );
if( ( strbuf[0] & 0xDF ) != 'Y' &&
( strbuf[0] & 0xDF ) != 'N' )
goto ask_arg5;
arg.ivs_only = ( ( strbuf[0] & 0xDF ) == 'Y' ) ? 1 : 0;
printf( "\n" );
}
int WINAPI capture_thread( unsigned char *data, int len, int caplen,
__int64 timestamp, int flags, int arg7 )
{
if( ( flags & 1 ) == 0 )
{
rawlen = len;
memcpy( rawbuf, data, rawlen );
ReleaseSemaphore( semPacket1, 1, NULL );
WaitForSingleObject( semPacket2, INFINITE );
}
return( 1 );
}
int do_exit = 0;
int WINAPI sighandler( int signum )
{
stop_monitor();
do_exit = 1;
return( TRUE );
}
int main( int argc, char *argv[] )
{
unsigned char *h80211;
unsigned long tick_prev;
int caplen, chan_index;
int ws_row, ws_col;
time_t tt;
set_console_icon( " airodump-ng 0.6.2 " );
set_console_size( 45, 90 );
printf( "\n\n\n\t\t\t" );
set_text_color( BLUE_WHITE );
printf( "airodump-ng 0.6.2 - (C) 2006 Thomas d'Otreppe\n");
printf( "\t\t\t Original work: Christophe Devine" );
set_text_color( TEXTATTR );
printf( "\n\n\n\n usage: airodump-ng <nic index> <nic type> "
"<channel(s)> <output prefix> [ivs only flag]\n\n\n" );
if( argc < 5 || argc > 6 )
{
if( load_peek() != 0 )
prompt_exit( 1 );
ask_parameters();
}
else
{
if( load_peek() != 0 )
prompt_exit( 1 );
arg.card_index = atoi( argv[1] );
if( open_adapter( arg.card_index ) != 0 )
{
fprintf( stderr, " Invalid network card index\n" );
prompt_exit( 1 );
}
arg.card_model = argv[2][0] & 0xDF;
if( arg.card_model != 'O' &&
arg.card_model != 'A' )
{
fprintf( stderr, " Invalid network card type\n" );
prompt_exit( 1 );
}
if( parse_channels( argv[3] ) != 0 )
{
fprintf( stderr, " Invalid wireless channel list\n" );
prompt_exit( 1 );
}
arg.oprefix = argv[4];
if( argc == 6 )
arg.ivs_only = ( ( argv[5][0] & 0xDF ) == 'Y' ) ? 1 : 0;
}
if( dump_initialize( arg.oprefix, arg.ivs_only ) )
prompt_exit( 1 );
semPacket1 = CreateSemaphore( NULL, 0, 1, NULL );
semPacket2 = CreateSemaphore( NULL, 0, 1, NULL );
SetConsoleCtrlHandler( (PHANDLER_ROUTINE) sighandler, TRUE );
if( start_monitor( capture_thread ) != 0 )
prompt_exit( 1 );
tick_prev = GetTickCount();
set_channel( arg.channels[chan_index = 0] );
set_cursor_pos( 0, 0 );
clear_console( NULL, NULL );
tt = time( NULL );
while( 1 )
{
if( do_exit )
break;
if( time( NULL ) - tt >= 20 )
{
tt = time( NULL );
dump_write_csv();
}
if( GetTickCount() - tick_prev >= 300 ||
GetTickCount() < tick_prev )
{
tick_prev = GetTickCount();
if( arg.channels[++chan_index] == 0 )
chan_index = 0;
set_channel( arg.channels[chan_index] );
sprintf( buffer, " Channel : %02d - airodump-ng 0.3 ",
arg.channels[chan_index] );
SetConsoleTitle( buffer );
clear_console( &ws_row, &ws_col );
set_cursor_pos( 0, 0 );
dump_print( ws_row, ws_col );
}
if( WaitForSingleObject( semPacket1, 100 ) == WAIT_TIMEOUT )
continue;
memcpy( buffer, rawbuf, rawlen );
switch( arg.card_model )
{
case 'A':
caplen = rawlen - 12;
h80211 = buffer + 8;
break;
default:
caplen = rawlen - 8;
h80211 = buffer + 4;
break;
}
ReleaseSemaphore( semPacket2, 1, NULL );
if( dump_add_packet( h80211, caplen, buffer[2],
arg.channels[chan_index], 0, 0 ) != 0 )
{
dump_write_csv();
if( f_csv_out != NULL ) fclose( f_csv_out );
if( f_cap_out != NULL ) fclose( f_cap_out );
if( f_ivs_out != NULL ) fclose( f_ivs_out );
stop_monitor();
prompt_exit( 1 );
}
}
dump_write_csv();
if( f_csv_out != NULL ) fclose( f_csv_out );
if( f_cap_out != NULL ) fclose( f_cap_out );
if( f_ivs_out != NULL ) fclose( f_ivs_out );
stop_monitor();
return( 0 );
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -