--- hunt-1.5.orig/Makefile +++ hunt-1.5/Makefile @@ -1,4 +1,4 @@ -CFLAGS=-Wall -O2 -g -D_REENTRANT +CFLAGS=-Wall -O2 -g -D_REENTRANT -std=gnu89 #CFLAGS+=-DSYNC_FAST #CFLAGS+=-D_WITH_LINUX_KERNEL_HDR --- hunt-1.5.orig/debian/changelog +++ hunt-1.5/debian/changelog @@ -0,0 +1,83 @@ +hunt (1.5-6.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix "ftbfs with GCC-5": apply patch from Nicholas Luedtke: + build with "-std=gnu89". + (Closes: #777907) + + -- gregor herrmann Mon, 20 Jul 2015 19:17:12 +0200 + +hunt (1.5-6) unstable; urgency=low + + * New maintainer. (Closes: #486761) + + -- Angel Ramos Thu, 7 May 2009 2:07:00 +0100 + +hunt (1.5-5) unstable; urgency=low + + * QA upload. + + Set maintainer to Debian QA Group . + * Version debhelper build-dep (>= 5.0.0). + * Add debian/compat and set to 5. + * Add ${misc:Depends}. + * Make clean not ignore errors. + * Clean up debian/copyright. + * Replace dh_installmanpages with dh_installman. + * Move file copies from rules to debian/install. + * Abort gracefully if interface is down. (Closes: #500170). + * Don't affect terminal colors when finished. (Closes: #500485). + + Thanks to José Manuel Santamaría Lema for both fixes. + * Bump Standards Version to 3.8.0. + + -- Barry deFreese Tue, 27 Jan 2009 09:44:34 -0500 + +hunt (1.5-4) unstable; urgency=low + + * copyright location no longer exists (nor is the "new" location + there anymore). Mentioned www.l0t3k.net link (closes: #221279) + * comment out a small part of sparc patch since it breaks on at + least x86 (closes: #173334) + * made comment at start of manpage that by default only telnet + connections are monitored + + -- Adrian Bridgett Tue, 7 Sep 2004 18:29:53 +0100 + +hunt (1.5-3) unstable; urgency=low + + * fix whatis bug in manpage - thanks Andras Bali (closes: #113909) + * Apply patch from Speed Blue + to fix bus errors / segfaults on sparc (Closes: #85593) + + -- Adrian Bridgett Tue, 19 Feb 2002 20:01:44 +0000 + +hunt (1.5-2) unstable; urgency=low + + * fix manpage parsing (closes: #113909) + + -- Adrian Bridgett Sun, 2 Dec 2001 15:32:04 +0000 + +hunt (1.5-1) unstable; urgency=low + + * New upstream. + + -- Adrian Bridgett Thu, 15 Jun 2000 22:59:31 +0100 + +hunt (1.4-1) unstable; urgency=low + + * New upstream (manpage has been integrated). + * FHS + + -- Adrian Bridgett Mon, 18 Oct 1999 22:45:31 +0100 + +hunt (1.3-2) unstable; urgency=low + + * Add manpage kindly written by Jon Marler + It's been forwarded upstream, but a new release hasn't been made yet. + + -- Adrian Bridgett Sun, 11 Jul 1999 22:51:47 +0100 + +hunt (1.3-1) unstable; urgency=low + + * Initial Release. + + -- Adrian Bridgett Wed, 28 Apr 1999 23:45:06 +0100 --- hunt-1.5.orig/debian/compat +++ hunt-1.5/debian/compat @@ -0,0 +1 @@ +5 --- hunt-1.5.orig/debian/control +++ hunt-1.5/debian/control @@ -0,0 +1,17 @@ +Source: hunt +Section: net +Priority: optional +Maintainer: Angel Ramos +Build-Depends: debhelper (>= 5.0.0) +Standards-Version: 3.8.0 + +Package: hunt +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: Advanced packet sniffer and connection intrusion + Hunt is a program for intruding into a connection, watching it and + resetting it. + . + Note that as hunt is operating on Ethernet, it is best used for connections + which can be watched through it. However, it is possible to do something + even for hosts on another segments or hosts that are on switched ports. --- hunt-1.5.orig/debian/copyright +++ hunt-1.5/debian/copyright @@ -0,0 +1,13 @@ + +Copyright: Copyright (C) 1998 kra + +License: released under the GPL +(see /usr/share/common-licenses/GPL). + +Packaged by Adrian Bridgett from sources obtained +at http://lin.fsid.cvut.cz/~kra/hunt/ + +This site is no longer available - please contact me if you know of a +better souce. There is a copy available at +http://www.l0t3k.net/tools/Hijacking/hunt-1.5.tgz.gz + --- hunt-1.5.orig/debian/install +++ hunt-1.5/debian/install @@ -0,0 +1,4 @@ +hunt usr/sbin +tpserv/tpserv usr/sbin +tpsetup/transproxy usr/sbin + --- hunt-1.5.orig/debian/rules +++ hunt-1.5/debian/rules @@ -0,0 +1,47 @@ +#!/usr/bin/make -f + +# This script uses debhelper by Joey Hess +export DH_VERBOSE=1 +DEB=debian/tmp + +build: build-stamp + +build-stamp: + dh_testdir + # build package here + $(MAKE) + cd tpserv && make + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp + [ ! -f Makefile ] || $(MAKE) distclean + [ ! -f tpserv/Makefile ] || $(MAKE) -C tpserv distclean + #cd tpserv && make distclean + dh_clean + +binary-indep: build +# is it arch or indep? +binary-arch: build + dh_testdir + dh_testroot + dh_clean + dh_installdocs README TODO README.tp + dh_installman man/hunt.1 + dh_installchangelogs CHANGES + dh_install + dh_strip + dh_compress + dh_fixperms +# dh_suidregister + dh_installdeb + dh_shlibdeps + dh_gencontrol +# dh_makeshlibs + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary --- hunt-1.5.orig/hostup.c +++ hunt-1.5/hostup.c @@ -138,6 +138,8 @@ */ static void perform_arp(struct host_up_info *hui, int count, int *up, unsigned char *fake_mac) { + t_longchar tmp; + int i; int j, idx; unsigned int ip, src_addr; struct arpeth_hdr *arpethh; @@ -171,13 +173,17 @@ src_addr = *(unsigned int *) arpethh->ar_sip; if (memcmp(arpethh->ar_sha, p->p_ethh->h_source, ETH_ALEN) == 0 && memcmp(my_eth_mac, p->p_ethh->h_dest, ETH_ALEN) == 0 && - memcmp(my_eth_mac, arpethh->ar_tha, ETH_ALEN) == 0 && - *(unsigned int *) arpethh->ar_tip == my_eth_ip + memcmp(my_eth_mac, arpethh->ar_tha, ETH_ALEN) == 0 ) { /* sanity check that it was triggered by as */ + for (i = 0; i < 4; i++) + tmp.buff[i] = arpethh->ar_tip[i]; + if (tmp.val == my_eth_ip) + { idx = ntohl(src_addr) - ntohl(hui->start_addr); up[idx] = 1; host_lookup(src_addr, HL_MODE_DEFERRED); } + } packet_free(p); } printf("."); @@ -247,6 +253,12 @@ hui->up_arp = malloc(sizeof(int) * len); hui->promisc_arp = malloc(sizeof(int) * len); hui->up_len = len; + if (!hui->up_ping || !hui->promisc_ping || !hui->up_arp || + !hui->promisc_arp) + { + printf("bad rang\n"); + return; + } memset(hui->up_ping, 0, sizeof(int) * len); memset(hui->promisc_ping, 0, sizeof(int) * len); memset(hui->up_arp, 0, sizeof(int) * len); --- hunt-1.5.orig/hunt.c +++ hunt-1.5/hunt.c @@ -727,6 +727,8 @@ void *hunt(void *arg) { + int i; + char buff[1024]; struct packet *p; struct ethhdr *ethh; struct iphdr *iph; @@ -803,6 +805,9 @@ goto cont; } ALIGNPOINTERS_IP(ethh, iph); + for (i = 0; i < sizeof(struct iphdr); i++) + buff[i] = p->p_raw[sizeof(struct iphdr) + i]; + iph = (struct iphdr *) (void *) buff; p->p_iph = iph; if (in_cksum((unsigned short *) iph, IP_HDR_LENGTH(iph)) == 0) { --- hunt-1.5.orig/hunt.h +++ hunt-1.5/hunt.h @@ -82,6 +82,12 @@ #define MAX_PORTS 16 +typedef union u_longchar +{ + char buff[4]; + unsigned long val; +} t_longchar; + struct packet { char p_raw[ETH_FRAME_LEN]; /* 1514 */ int p_raw_len; --- hunt-1.5.orig/main.c +++ hunt-1.5/main.c @@ -14,6 +14,11 @@ #include #include +#include +#include +#include +#include +#include void logo(void) { @@ -436,7 +441,7 @@ void main_reset(void) { tap(eth_device, 0); - set_tty_color(COLOR_LIGHTGRAY); + fprintf(stdout, "\033[0;0;0m"); printf("\ndone\n"); } @@ -458,6 +463,9 @@ struct sigaction sac; int run_it; int c; + int skfd; + struct ifreq my_ifreq; + int r; if (geteuid() || getuid()) { fprintf(stderr, "UID or EUID of 0 needed\n"); @@ -480,6 +488,31 @@ exit(1); } } + + //Checks if the network interface is up and have an IP address. + skfd = socket(AF_INET,SOCK_DGRAM,0); + if (skfd == -1){ + fprintf(stderr, "IPv4 not supported\n"); + exit(1); + } + memset(&my_ifreq, 0, sizeof(my_ifreq)); + strncpy(my_ifreq.ifr_name, eth_device, IFNAMSIZ); + #ifdef SIOCGIFFLAGS + r = ioctl(skfd, SIOCGIFFLAGS, &my_ifreq); + if ((r != -1) && !((my_ifreq.ifr_flags & IFF_UP) == IFF_UP)){ + fprintf(stderr, "Network interface %s is down\n", eth_device); + exit(1); + } + #endif + #ifdef SIOCGIFADDR + if (ioctl(skfd, SIOCGIFADDR, &my_ifreq)==-1){ + fprintf(stderr, "Network interface %s does not have "\ + "an ip address\n", eth_device); + exit(1); + } + #endif + close(skfd); + sigemptyset(&intr_mask); sigaddset(&intr_mask, SIGINT); --- hunt-1.5.orig/man/hunt.1 +++ hunt-1.5/man/hunt.1 @@ -1,7 +1,7 @@ .TH HUNT 1 .\" .\" -.SH HUNT +.SH NAME hunt \- Network security auditing tool. .SH SYNOPSIS .B hunt @@ -17,7 +17,9 @@ .SH READ FIRST Please make sure you KNOW what you are doing before using hunt. It is recommended that you should test how it behaves on some test -connections and then use it wisely. +connections and then use it wisely. You may want to select "options" +and then "add conn policy entry" as by default only telnet connections +are monitored. .SH OVERVIEW Hunt is a program for intruding into a connection, watching it and resetting it. It has several features, which I didn't find in any product like --- hunt-1.5.orig/net.c +++ hunt-1.5/net.c @@ -113,9 +113,9 @@ memcpy(eth->h_source, is->src_mac, ETH_ALEN); eth->h_proto = htons(ETH_P_IP); - ip = (struct iphdr *) (eth + 1); - icmp = (struct icmphdr *) (ip + 1); - data = (char *) (icmp + 1); + ip = (struct iphdr *) (eth + sizeof(struct ethhdr)); + icmp = (struct icmphdr *) (ip + sizeof(struct iphdr)); + data = (char *) (icmp + sizeof(struct icmphdr)); memset(ip, 0, sizeof(struct iphdr)); memset(icmp, 0, sizeof(struct icmphdr)); if (!is->data_len) { @@ -208,6 +208,8 @@ int send_arp_packet(struct arp_spec *as) { + t_longchar tmp; + int i; char buf[512]; int retval, data_len; struct msghdr msg; @@ -232,9 +234,13 @@ arpeth = (struct arpeth_hdr *)(arp + 1); memcpy(arpeth->ar_sha, as->sender_mac, ETH_ALEN); - *(unsigned long *)arpeth->ar_sip = as->sender_addr; + tmp.val = as->sender_addr; + for (i = 0; i < 4; i++) + arpeth->ar_sip[i] = tmp.buff[i]; memcpy(arpeth->ar_tha, as->target_mac, ETH_ALEN); - *(unsigned long *)arpeth->ar_tip = as->target_addr; + tmp.val = as->target_addr; + for (i = 0; i < 4; i++) + arpeth->ar_tip[i] = tmp.buff[i]; memset(&spkt, 0, sizeof(spkt)); strncpy(spkt.sa_data, eth_device, sizeof(spkt.sa_data)); --- hunt-1.5.orig/tpserv/Makefile +++ hunt-1.5/tpserv/Makefile @@ -1,4 +1,3 @@ -CC=egcs CFLAGS=-Wall -O2 -g all: tpserv