/* This file is part of Lorcon
lorcon is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
lorcon is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with lorcon; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Copyright (c) 2005 dragorn and Joshua Wright
*/
#include <stdlib.h>
#include <errno.h>
#include <string.h>
#include <stdio.h>
#include <ctype.h>
#include <stdint.h>
#include <time.h>
#include <pcap.h>
#include <signal.h>
#include <tx80211.h>
#include <lorcon_forge.h>
#include "l2ping80211.h"
#include "ieee80211.h"
/* Globals */
struct tx80211 tx;
pcap_t *p = NULL;
unsigned char *packet;
struct pcap_pkthdr *h;
char pcaperrbuf[PCAP_ERRBUF_SIZE];
int offset; /* Offset to the beginning of the 802.11 header */
int exitval=1;
void sigexit()
{
tx80211_close(&tx);
if (p != NULL) {
pcap_close(p);
}
exit(exitval);
}
void usage() {
struct tx80211_cardlist *cardlist = NULL;
int i;
cardlist = tx80211_getcardlist();
printf("l2ping80211\n"
"Usage : l2ping80211 [options] -i interface [-d driver] "
"-T targetmac -C testcase\n"
" [-S sourcemac -B bssidmac -D destmac -t usectimer"
" -n count -c channel -V]\n");
printf("\nSupported test cases:\n");
i=0;
while(testcases[i].testname != NULL) {
printf("\t%d\t%s\n", testcases[i].testnum,
testcases[i].testname);
i++;
}
if (cardlist == NULL) {
fprintf(stderr, "Error accessing supported cardlist\n");
} else {
printf("\nSupported drivers: ");
for (i = 1; i < cardlist->num_cards; i++) {
printf("%s ", cardlist->cardnames[i]);
}
printf("\n");
}
tx80211_freecardlist(cardlist);
}
/* Converts a string to uppercase */
void to_upper (char *s)
{
char *p, offset;
offset = 'A' - 'a';
for(p=s;*p != '\0';p++) {
if(islower(*p)) {
*p += offset;
}
}
}
/* Determine radiotap data length (including header) and return offset for the
beginning of the 802.11 header */
int radiotap_offset(pcap_t *p, struct pcap_pkthdr *h)
{
struct tx80211_radiotap_header *rtaphdr;
int rtaphdrlen=0;
/* Grab a packet to examine radiotap header */
if (pcap_next_ex(p, &h, (const u_char **) &packet) > -1) {
rtaphdr = (struct tx80211_radiotap_header *) packet;
rtaphdrlen = tx80211_le16(rtaphdr->it_len); /* rtap is LE */
/* Sanity check on header length */
if (rtaphdrlen > (h->len - 10)) {
return -2; /* Bad radiotap data */
}
return rtaphdrlen;
}
return -1;
}
void lamont_hdump(unsigned char *bp, unsigned int length) {
/* stolen from tcpdump, then kludged extensively */
static const char asciify[] = "................................ !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~.................................................................................................................................";
const unsigned short *sp;
const unsigned char *ap;
unsigned int i, j;
int nshorts, nshorts2;
int padding;
printf("\n\t");
padding = 0;
sp = (unsigned short *)bp;
ap = (unsigned char *)bp;
nshorts = (unsigned int) length / sizeof(unsigned short);
nshorts2 = (unsigned int) length / sizeof(unsigned short);
i = 0;
j = 0;
while(1) {
while (--nshorts >= 0) {
printf(" %04x", tx80211_ntoh16(*sp));
sp++;
if ((++i % 8) == 0)
break;
}
if (nshorts < 0) {
if ((length & 1) && (((i-1) % 8) != 0)) {
printf(" %02x ", *(unsigned char *)sp);
padding++;
}
nshorts = (8 - (nshorts2 - nshorts));
while(--nshorts >= 0) {
printf(" ");
}
if (!padding) printf(" ");
}
printf(" ");
while (--nshorts2 >= 0) {
printf("%c%c", asciify[*ap], asciify[*(ap+1)]);
ap += 2;
if ((++j % 8) == 0) {
printf("\n\t");
break;
}
}
if (nshorts2 < 0) {
if ((length & 1) && (((j-1) % 8) != 0)) {
printf("%c", asciify[*ap]);
}
break;
}
}
if ((length & 1) && (((i-1) % 8) == 0)) {
printf(" %02x", *(unsigned char *)sp);
printf(" %c", asciify[*ap]);
}
printf("\n");
}
/* Converts a MAC address string to a u8 array, returns -1 on error */
int string2mac (char *string, uint8_t *mac_buf)
{
char *ptr, *next;
unsigned long val;
int i;
to_upper(string);
ptr = next = string;
for(i=0;i < 6;i++) {
if((val = strtoul(next, &ptr, 16)) > 255) {
return(-1);
}
mac_buf[i] = (unsigned char)val;
if((next == ptr) && (i != 6 - 1)) {
return(-1);
}
next = ptr + 1;
}
return(0);
}
char *printmac(unsigned char *mac)
{
static char macstring[18];
memset(&macstring, 0, sizeof(macstring));
(void)snprintf(macstring, sizeof(macstring),
"%02x:%02x:%02x:%02x:%02x:%02x",
mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
return (macstring);
}
/* Look for frames matching the specified attributes, returning the delta
* time. */
int watchfor(int type, int subtype, uint8_t *addr1,
uint8_t *addr2, uint8_t *addr3, int flags, int timeout) {
struct ieee80211_hdr *dot11hdr;
struct timeval starttime, now;
gettimeofday(&starttime, NULL);
unsigned int elapsed;
unsigned int finishtime = ((starttime.tv_sec * 1000000) + starttime.tv_usec + timeout);
gettimeofday(&now, NULL);
while ((unsigned int)((now.tv_sec * 1000000) + now.tv_usec) < finishtime) {
if (pcap_next_ex(p, &h, (const u_char **) &packet) != 1) {
return -1;
}
if (h->len < offset)
continue;
gettimeofday(&now, NULL);
dot11hdr = (struct ieee80211_hdr *) &(packet[offset]);
if (dot11hdr->u1.fc.type != type) continue;
if (dot11hdr->u1.fc.subtype != subtype) continue;
if ((dot11hdr->u1.fchdr & tx80211_hton16(0x00ff)) != flags)
continue;
if (addr1 != NULL && (memcmp(addr1, dot11hdr->addr1, 6) != 0))
continue;
if (addr2 != NULL && (memcmp(addr2, dot11hdr->addr2, 6) != 0))
continue;
if (addr3 != NULL && (memcmp(addr3, dot11hdr->addr3, 6) != 0))
continue;
elapsed = ((unsigned int)((now.tv_sec * 1000000) + (now.tv_usec)) - (unsigned int)((starttime.tv_sec * 1000000) + (starttime.tv_usec)));
return elapsed;
}
return 0;
}
/* Send a NULL data frame to the target with a false BSSID, watch for the
* DEAUTH that follows.
*/
void l2ping_test_datainvalidbssiddeauth(tx80211_t *in_tx, int npacks,
uint8_t *targetmac, uint32_t usectimeout)
{
int i, duration;
struct lcpa_metapack *metapack;
tx80211_packet_t txpack;
uint8_t sourcemac[6];
uint8_t bssidmac[6];
metapack = lcpa_init();
tx80211_initpacket(&txpack);
srand(time(NULL));
lcpf_randmac(sourcemac, 1);
lcpf_randmac(bssidmac, 1);
lcpf_80211headers(metapack,
WLAN_FC_TYPE_DATA,
WLAN_FC_SUBTYPE_DATANULL,
0x02, /* fcflags, FromDS */
0x00, /* duration */
targetmac,
bssidmac,
sourcemac,
NULL, /* addr4 */
0, /* Fragment number */
0); /* Sequence number */
lcpa_freeze(metapack, &txpack);
lcpa_free(metapack);
for(i=0; i < npacks; i++) {
if (tx80211_txpacket(in_tx, &txpack) < 0) {
fprintf(stderr, "Unable to inject packet: %s\n",
tx80211_geterrstr(in_tx));
return;
}
duration = watchfor(WLAN_FC_TYPE_MGMT, WLAN_FC_SUBTYPE_DEAUTH,
bssidmac, targetmac, NULL, 0, usectimeout);
if (duration > 0) {
print_response(targetmac, i+1, h->len, duration);
} else {
print_noresponse(targetmac, i+1, usectimeout);
}
sleep(1);
}
return;
}
/* Send a NU
没有合适的资源?快使用搜索试试~ 我知道了~
liborcon.tar.gz
需积分: 0 5 下载量 93 浏览量
2009-01-14
10:49:33
上传
评论
收藏 340KB GZ 举报
温馨提示
共100个文件
h:28个
c:27个
patch:18个
file2air运行所需的库文件,file2air运行时会调用liborcon-1.0.0.so文件,安装后需要copy至/usr/lib中
资源详情
资源评论
资源推荐
收起资源包目录
liborcon.tar.gz (100个子文件)
linux-wlan-ng-0.2.1-pre26.patch.0.1 7KB
hostap-driver-0.3.7.patch.0.1 7KB
prism54-kernel-2.6.10.patch.0.1 393B
linux-wlan-ng-0.2.1-pre26.patch.0.1-II 7KB
lorcon.3 24KB
BUGS 1KB
l2ping80211.c 21KB
iwcontrol.c 19KB
tx80211.c 17KB
lorcon_forge.c 10KB
ajinject.c 9KB
mwnginject.c 9KB
tx.c 7KB
wginject.c 7KB
airpinject.c 6KB
tuntx.c 6KB
ifcontrol_linux.c 6KB
mwoldinject.c 5KB
madwifing_control.c 5KB
lorcon_decode.c 5KB
lorcon_packasm.c 5KB
wtinject.c 5KB
mac80211inject.c 4KB
zd1211rwinject.c 4KB
nl80211_control.c 3KB
rt2570inject.c 3KB
rt73inject.c 2KB
rt2500inject.c 2KB
bcm43xxinject.c 2KB
rt61inject.c 2KB
p54inject.c 2KB
hapinject.c 2KB
rtlinject.c 2KB
configure 687KB
COPYING 18KB
orcon.def 980B
config.guess 44KB
tx80211.h 15KB
ieee80211.h 8KB
lorcon_packasm.h 6KB
lorcon_forge.h 5KB
l2ping80211.h 5KB
iwcontrol.h 3KB
tx80211_packet.h 3KB
config_win32.h 3KB
ajinject.h 2KB
ifcontrol_linux.h 2KB
mwnginject.h 2KB
wtinject.h 2KB
madwifing_control.h 2KB
wginject.h 2KB
mwoldinject.h 2KB
tx80211_errno.h 2KB
rt2570inject.h 2KB
rt61inject.h 2KB
mac80211inject.h 2KB
zd1211rwinject.h 2KB
rt2500inject.h 2KB
rt73inject.h 2KB
hapinject.h 1KB
p54inject.h 1KB
rtlinject.h 1KB
airpinject.h 1KB
nl80211_control.h 1022B
bcm43xxinject.h 832B
configure.in 7KB
config.h.in 3KB
Makefile.in 3KB
stamp-h.in 0B
install-sh 5KB
Lindent 54B
aclocal.m4 234KB
README.madwifing 1KB
hostap-driver-0.4.7.patch 19KB
hostap-kernel-2.6.16.patch 17KB
linux-wlan-0.2.3.packet.injection.patch 13KB
wlanng-0.2.1-pre26.patch 11KB
hostap-driver-0.3.10.patch 7KB
hostap-driver-0.3.9.patch 6KB
rt2570-cvs-20051008-prismheader.patch 6KB
zd1211rw_inject-2.6.20-gentoo-r4.patch 5KB
rt2500-cvs-20051008-prismheader.patch 5KB
rt2570-cvs-20050824.patch 5KB
madwifiold-cvs-20051025.patch 5KB
rtl8180-0.21.patch 3KB
rt2500-cvs-20050721.patch 2KB
rt2500-cvs-20050724.patch 2KB
madwifi-ng-r1679.patch 1007B
madwifing-svn-r1518.patch 820B
madwifing-svn-r1527.patch 820B
prism54-svn-20050724.patch 459B
README 703B
ltmain.sh 196KB
cygbuild.sh 517B
config.sub 33KB
THANKS 174B
TODO 209B
README.wlanng 651B
README.wlanng-II 202B
README.zd1211rw 39B
共 100 条
- 1
freedom8023
- 粉丝: 4
- 资源: 37
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- Docker容器配置进阶
- tensorflow-gpu-2.7.4-cp37-cp37m-manylinux2010-x86-64.whl
- 多段线、 圆、弧转多段线(仅我可见)
- tensorflow-2.7.2-cp38-cp38-manylinux2010-x86-64.whl
- yeyue-p8Yi4-ve4a83792.apk
- tensorflow-gpu-2.7.3-cp38-cp38-manylinux2010-x86-64.whl
- 五相感应电机矢量控制模型MATLAB
- RGLED (1) (1).circ
- IMG_20240427_215747.jpg
- python下前端WEB学习笔记
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0