analyse.c File Reference

#include <include.h>
#include <src/analyse.h>
#include <src/interface.h>
#include <src/crt_io.h>
#include <src/conversion.h>
#include <src/manuf.h>
#include <src/airjack.h>
#include <src/functions.h>

Include dependency graph for analyse.c:

Go to the source code of this file.

Defines

#define WPA_OUI   "\x00\x50\xF2"
#define RSN_OUI   "\x00\x0F\xAC"
#define WME_OUI   "\x00\x50\xF2"
#define HISTO_SIGNAL_SIZE   32
#define HISTO_SIGNAL_CHAN   14

Enumerations

enum  CRYPT_TYPE {
  CRYPT_TYPE_CLEAR = 0, CRYPT_TYPE_WEP, CRYPT_TYPE_WPA, CRYPT_TYPE_TKIP,
  CRYPT_TYPE_CCMP, CRYPT_TYPE_PSK1, CRYPT_TYPE_PSK2
}

Functions

void LogPutSSID_byAddMAc (UINT8 AddMac[WLAN_ADDR_LEN], char *SSID)
void LogPutSSID_byBSSID (UINT8 BSSID[WLAN_ADDR_LEN], char *SSID)
void CalculCoef (UINT32 X[4], UINT32 Y[4], float *a, float *b)
char DetermineCryptType (UINT8 hasWep, UINT8 hasWPA, UINT8 hasTKIP, UINT8 hasCCMP, UINT8 hasWPAPSK, UINT8 hasWPA2PSK)
UINT8 CompareAddMac (UINT8 AddMac1[WLAN_ADDR_LEN], UINT8 AddMac2[WLAN_ADDR_LEN])
UINT8 AddMacIsBroadcast (UINT8 AddMac1[WLAN_ADDR_LEN])
UINT8 AddMacIsNULL (UINT8 AddMac1[WLAN_ADDR_LEN])
void ResetAllDetectedClient (void)
void LogPutSN (UINT8 AddMac[WLAN_ADDR_LEN], UINT32 SN)
void LogPutRate (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 Rate)
void LogPutMaxSpeed (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 Rate)
void LogDetectedClient (UINT8 AddMac[WLAN_ADDR_LEN])
void LogPutBSSID (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 BSSID[WLAN_ADDR_LEN])
void LogPutDS (UINT8 AddMac[WLAN_ADDR_LEN])
void LogPutWep (UINT8 BSSID[WLAN_ADDR_LEN], UINT8 hasWep, UINT8 hasWPA)
void LogPutChannel_byAddMac (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 Channel)
void LogPutChannel_byBSSID (UINT8 BSSID[WLAN_ADDR_LEN], UINT8 Channel)
void LogPutChannel (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 BSSID[WLAN_ADDR_LEN], UINT8 Channel)
void LogPutSSID_byAddMac (UINT8 AddMac[WLAN_ADDR_LEN], char *SSID)
void LogPutSSID (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 BSSID[WLAN_ADDR_LEN], char *SSID)
void LogPutIsAP (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 hasWep, UINT8 hasWPA, UINT16 bcn_int)
void LogPutIsP2P (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 hasWep, UINT16 bcn_int)
void LogPutOtherInformation (UINT8 AddMac[WLAN_ADDR_LEN], char *OtherInformation)
void LogPutTimestamp (UINT8 AddMac[WLAN_ADDR_LEN], UINT64 TimeStamp)
void LogPutSeqNum (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 AddMacDst[WLAN_ADDR_LEN], UINT16 SeqNum)
void LogPutLastIV (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 IV[4])
void Send_To_All_BSSID_A_Deauth (void)
void LogWriteReport (void)
void LogWriteDOT (FILE *filename)
void LogWriteHisto (void)
void ClearPanel (void)
void WritePanel (UINT8 GoodPacket)
void DoSummary (void)
UINT8 IDS_BcnInt (void)
UINT8 IDS_TimeStamp (void)
UINT8 IDS_Var_SeqNum (void)
UINT8 IDS_Detect_FakeAP (void)
UINT8 IDS (void)
void AnalyseTAG221 (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 *varBits, int tagLen)

Variables

const char svnid [] = "@(#) $Id: analyse.c 178 2007-08-11 16:57:24Z poggij $"
UINT16 NumberOfDetectedClient = 0
ClientInfo_t ClientInfo [8192]
WINDOW * Panel_WND
WINDOW * RealTime_WND
ScanResult_t Res
Statistics_t Stats
UINT8 ids_warning
ConfigStruct config
pthread_mutex_t screen_mutex
 MUTEX for lock screen, so only one func write to it at the same time.
const UINT8 BroadcastMAC [WLAN_ADDR_LEN]
const char CryptTypeASCII []


Define Documentation

#define WPA_OUI   "\x00\x50\xF2"

Definition at line 84 of file analyse.c.

Referenced by AnalyseTAG221().

#define RSN_OUI   "\x00\x0F\xAC"

Definition at line 85 of file analyse.c.

Referenced by AnalyseTAG221().

#define WME_OUI   "\x00\x50\xF2"

Definition at line 86 of file analyse.c.

Referenced by AnalyseTAG221().

#define HISTO_SIGNAL_SIZE   32

Referenced by LogWriteHisto().

#define HISTO_SIGNAL_CHAN   14

Referenced by LogWriteHisto().


Enumeration Type Documentation

enum CRYPT_TYPE

Enumerator:
CRYPT_TYPE_CLEAR 
CRYPT_TYPE_WEP 
CRYPT_TYPE_WPA 
CRYPT_TYPE_TKIP 
CRYPT_TYPE_CCMP 
CRYPT_TYPE_PSK1 
CRYPT_TYPE_PSK2 

Definition at line 64 of file analyse.c.

00064                 {
00065   CRYPT_TYPE_CLEAR = 0,
00066   CRYPT_TYPE_WEP,
00067   CRYPT_TYPE_WPA,
00068   CRYPT_TYPE_TKIP,
00069   CRYPT_TYPE_CCMP,
00070   CRYPT_TYPE_PSK1,
00071   CRYPT_TYPE_PSK2
00072 };


Function Documentation

void LogPutSSID_byAddMAc ( UINT8  AddMac[WLAN_ADDR_LEN],
char *  SSID 
)

void LogPutSSID_byBSSID ( UINT8  BSSID[WLAN_ADDR_LEN],
char *  SSID 
)

Definition at line 352 of file analyse.c.

References CompareAddMac(), NumberOfDetectedClient, safe_strncpy(), and WLAN_SSID_MAXLEN.

Referenced by LogPutSSID().

00353 {
00354   register UINT16 i;
00355 
00356 /*  warning (">>2 SSID '%s' (%02X:%02X:%02X:%02X:%02X:%02X)\n",
00357      SSID, BSSID[0], BSSID[1], BSSID[2], BSSID[3], BSSID[4], BSSID[5]); /// XXX
00358 */
00359   for (i = 0; i < NumberOfDetectedClient; i++) {
00360     if (CompareAddMac(ClientInfo[i].BSSID, BSSID)) {
00361       if ((strlen(ClientInfo[i].SSID) == 0)
00362           || ((strncmp(SSID, "<Hidden SSID>", WLAN_SSID_MAXLEN))
00363               &&
00364               (strncmp
00365                (SSID, "<Hidden SSID of known length>",
00366                 WLAN_SSID_MAXLEN)))) {
00367         safe_strncpy(ClientInfo[i].SSID, SSID, WLAN_SSID_MAXLEN + 1);
00368       }
00369     }
00370   }
00371 }

void CalculCoef ( UINT32  X[4],
UINT32  Y[4],
float *  a,
float *  b 
)

Function : CalculCoef Resolve equation Y = a.X + b

Definition at line 978 of file analyse.c.

00980 {
00981   float aa[HISTORY_SIZE], bb[HISTORY_SIZE];
00982   UINT8 NbData, i;
00983 
00984   // in case of ...
00985 #if (HISTORY_SIZE < 2)
00986 #error "STOP ?! HISTORY_SIZE MUST be greater than 1. Change it on include.h"
00987 #endif
00988 
00989   // Find number of data to analyse
00990   NbData = 0;
00991   for (i = 0; i < HISTORY_SIZE; i++) {
00992     if ((X[i] != 0) && (Y[i] != 0))
00993       NbData++;
00994   }
00995 
00996   // Calculate all aa and all bb
00997   for (i = 0; i < (NbData - 1); i++) {
00998     aa[i] = (Y[i] - Y[i + 1]) / (X[i] - X[i + 1]);
00999     bb[i] = Y[i] / (aa[i] * X[i]);
01000   }
01001 
01002   *a = *b = 0;
01003   for (i = 0; i < NbData; i++) {
01004     *a = *a + aa[i];
01005     *b = *b + bb[i];
01006   }
01007   *a = *a / NbData;
01008   *b = *b / NbData;
01009 }

char DetermineCryptType ( UINT8  hasWep,
UINT8  hasWPA,
UINT8  hasTKIP,
UINT8  hasCCMP,
UINT8  hasWPAPSK,
UINT8  hasWPA2PSK 
)

Definition at line 916 of file analyse.c.

References CRYPT_TYPE_CCMP, CRYPT_TYPE_CLEAR, CRYPT_TYPE_PSK1, CRYPT_TYPE_PSK2, CRYPT_TYPE_TKIP, CRYPT_TYPE_WEP, CRYPT_TYPE_WPA, and CryptTypeASCII.

Referenced by WritePanel().

00918 {
00919   UINT8 CryptType = 0;
00920 
00921   if (hasWPA) {
00922     if (hasTKIP) {
00923       if (hasWPAPSK)
00924         CryptType = CRYPT_TYPE_PSK1;
00925       else
00926         CryptType = CRYPT_TYPE_TKIP;
00927     } else {
00928       if (hasCCMP) {
00929         if (hasWPA2PSK)
00930           CryptType = CRYPT_TYPE_PSK2;
00931         else
00932           CryptType = CRYPT_TYPE_CCMP;
00933       } else
00934         CryptType = CRYPT_TYPE_WPA;
00935     }
00936   } else {
00937     if (hasWep)
00938       CryptType = CRYPT_TYPE_WEP;
00939     else
00940       CryptType = CRYPT_TYPE_CLEAR;
00941   }
00942   return CryptTypeASCII[CryptType];
00943 }

UINT8 CompareAddMac ( UINT8  AddMac1[WLAN_ADDR_LEN],
UINT8  AddMac2[WLAN_ADDR_LEN] 
)

Definition at line 95 of file analyse.c.

Referenced by AnalyseTAG221(), LogDetectedClient(), LogPutBSSID(), LogPutChannel_byAddMac(), LogPutChannel_byBSSID(), LogPutDS(), LogPutIsAP(), LogPutIsP2P(), LogPutLastIV(), LogPutMaxSpeed(), LogPutOtherInformation(), LogPutRate(), LogPutSeqNum(), LogPutSN(), LogPutSSID_byAddMac(), LogPutSSID_byBSSID(), LogPutTimestamp(), and LogPutWep().

00096 {
00097   return (((UINT8) AddMac1[0] == (UINT8) AddMac2[0]) &&
00098           ((UINT8) AddMac1[1] == (UINT8) AddMac2[1]) &&
00099           ((UINT8) AddMac1[2] == (UINT8) AddMac2[2]) &&
00100           ((UINT8) AddMac1[3] == (UINT8) AddMac2[3]) &&
00101           ((UINT8) AddMac1[4] == (UINT8) AddMac2[4]) &&
00102           ((UINT8) AddMac1[5] == (UINT8) AddMac2[5]));
00103 }

UINT8 AddMacIsBroadcast ( UINT8  AddMac1[WLAN_ADDR_LEN]  ) 

Definition at line 108 of file analyse.c.

Referenced by LogDetectedClient(), LogPutBSSID(), LogPutChannel(), LogPutSeqNum(), and LogPutSSID().

00109 {
00110   return (((UINT8) AddMac1[0] == 0xFF) &&
00111           ((UINT8) AddMac1[1] == 0xFF) &&
00112           ((UINT8) AddMac1[2] == 0xFF) &&
00113           ((UINT8) AddMac1[3] == 0xFF) &&
00114           ((UINT8) AddMac1[4] == 0xFF) && ((UINT8) AddMac1[5] == 0xFF));
00115 }

UINT8 AddMacIsNULL ( UINT8  AddMac1[WLAN_ADDR_LEN]  ) 

Compare a MAC add with NULL Add

Definition at line 118 of file analyse.c.

Referenced by Send_To_All_BSSID_A_Deauth().

00119 {
00120   return (((UINT8) AddMac1[0] == 0x00) &&
00121           ((UINT8) AddMac1[1] == 0x00) &&
00122           ((UINT8) AddMac1[2] == 0x00) &&
00123           ((UINT8) AddMac1[3] == 0x00) &&
00124           ((UINT8) AddMac1[4] == 0x00) && ((UINT8) AddMac1[5] == 0x00));
00125 }

void ResetAllDetectedClient ( void   ) 

Definition at line 130 of file analyse.c.

References NumberOfDetectedClient.

Referenced by parse_keystring().

00131 {
00132   register UINT16 i;
00133 
00134   for (i = 0; i < NumberOfDetectedClient; i++) {
00135     memset(&ClientInfo[i], 0, sizeof(ClientInfo_t));
00136   }
00137   NumberOfDetectedClient = 0;
00138 }

void LogPutSN ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT32  SN 
)

Definition at line 146 of file analyse.c.

References CompareAddMac(), HISTORY_SIZE, NumberOfDetectedClient, ClientInfo_t::SN, ClientInfo_t::SNMax, ClientInfo_t::SNMed, and ClientInfo_t::SNMin.

Referenced by analyseBeacon(), analyseData(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), analysePSPOLL(), and analyseRTS().

00147 {
00148   register UINT16 i, j;
00149 
00150   for (i = 0; i < NumberOfDetectedClient; i++) {
00151     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00152       // shift all value
00153       for (j = (HISTORY_SIZE - 1); j != 0; j--) {
00154         ClientInfo[i].SN[j] = ClientInfo[i].SN[j - 1];
00155       }
00156       // Put value
00157       ClientInfo[i].SN[0] = SN;
00158 
00159       // Put the Max value and the Min Value
00160       if (ClientInfo[i].SNMax < SN) {
00161         ClientInfo[i].SNMax = SN;
00162       } else if ((ClientInfo[i].SNMin > SN)
00163                  || (ClientInfo[i].SNMin == 0)) {
00164         ClientInfo[i].SNMin = SN;
00165       }
00166       // Calulate the medium value
00167       UINT32 summe = 0;
00168       for (j = 0; j < 4; j++) {
00169         summe += ClientInfo[i].SN[j];
00170       }
00171       ClientInfo[i].SNMed = (summe / HISTORY_SIZE);
00172 
00173       // we have finish our work, so exit loop
00174       break;
00175     }
00176   }
00177 }

void LogPutRate ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8  Rate 
)

Definition at line 182 of file analyse.c.

References CompareAddMac(), NumberOfDetectedClient, ClientInfo_t::RateMax, and ClientInfo_t::RateMin.

Referenced by analyseBeacon(), analyseData(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), analysePSPOLL(), and analyseRTS().

00183 {
00184   register UINT16 i;
00185 
00186   for (i = 0; i < NumberOfDetectedClient; i++) {
00187     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00188       if (ClientInfo[i].RateMax < Rate)
00189         ClientInfo[i].RateMax = Rate;
00190       else if ((ClientInfo[i].RateMin > Rate)
00191                || (ClientInfo[i].RateMin == 0))
00192         ClientInfo[i].RateMin = Rate;
00193       break;
00194     }
00195   }
00196 }

void LogPutMaxSpeed ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8  Rate 
)

Definition at line 201 of file analyse.c.

References CompareAddMac(), ClientInfo_t::MaxSpeed, and NumberOfDetectedClient.

Referenced by ProcessTagBits().

00202 {
00203   register UINT16 i;
00204 
00205   for (i = 0; i < NumberOfDetectedClient; i++) {
00206     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00207       ClientInfo[i].MaxSpeed = Rate;
00208     }
00209   }
00210 }

void LogDetectedClient ( UINT8  AddMac[WLAN_ADDR_LEN]  ) 

Definition at line 212 of file analyse.c.

References AddMacIsBroadcast(), AddMacToManufModel(), AddMacToManufName(), CompareAddMac(), debug, MANUF_MAXSTRINGLENGTH, MAX_NUMBER_OF_DETECTED_CLIENT, NumberOfDetectedClient, and warning().

Referenced by analyseACK(), analyseBeacon(), analyseCTS(), analyseData(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), analysePSPOLL(), and analyseRTS().

00213 {
00214   register UINT16 i;
00215   UINT8 Founded = 0;
00216 
00217   if (NumberOfDetectedClient >= MAX_NUMBER_OF_DETECTED_CLIENT) {
00218     warning("Maximum of host is detected : %d.\n",
00219             MAX_NUMBER_OF_DETECTED_CLIENT);
00220     return;
00221   }
00222   // ignore broadcast - BUG #557306
00223   if (AddMacIsBroadcast(AddMac)) {
00224     Founded = 2;
00225     // TODO : do a different think for special ADD MAC
00226   }
00227 
00228   for (i = 0; i < NumberOfDetectedClient; i++) {
00229     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00230       Founded = 1;
00231       // It 's not a new host, so bye
00232       break;
00233     }
00234   }
00235   if (!Founded) {
00236     debug(1,
00237           "New client found (%02X:%02X:%02X:%02X:%02X:%02X)\n",
00238           AddMac[0], AddMac[1], AddMac[2], AddMac[3],
00239           AddMac[4], AddMac[5]);
00240     // All memcopy if with a fixed size, so ... no BOF! :-)
00241     memset(&ClientInfo[NumberOfDetectedClient], 0, sizeof(ClientInfo_t));
00242     memcpy(&ClientInfo[NumberOfDetectedClient].AddMac, AddMac,
00243            WLAN_ADDR_LEN);
00244     memcpy(&ClientInfo[NumberOfDetectedClient].Manuf,
00245            AddMacToManufName(ClientInfo[i].AddMac), MANUF_MAXSTRINGLENGTH);
00246     memcpy(&ClientInfo[NumberOfDetectedClient].Model,
00247            AddMacToManufModel(ClientInfo[i].AddMac),
00248            MANUF_MAXSTRINGLENGTH);
00249     NumberOfDetectedClient++;
00250   }
00251 }

void LogPutBSSID ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8  BSSID[WLAN_ADDR_LEN] 
)

Definition at line 256 of file analyse.c.

References AddMacIsBroadcast(), CompareAddMac(), and NumberOfDetectedClient.

Referenced by analyseBeacon(), analyseData(), analyseProbeRep(), and analyseProbeReq().

00257 {
00258   register UINT16 i;
00259 
00260   // ignore broadcast - BUG #557306
00261   if (AddMacIsBroadcast(BSSID) == 0) {
00262     for (i = 0; i < NumberOfDetectedClient; i++) {
00263       if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00264         memcpy(&ClientInfo[i].BSSID, BSSID, WLAN_ADDR_LEN);
00265         break;
00266       }
00267     }
00268   }
00269 }

void LogPutDS ( UINT8  AddMac[WLAN_ADDR_LEN]  ) 

Definition at line 271 of file analyse.c.

References CompareAddMac(), ClientInfo_t::IsDS, and NumberOfDetectedClient.

Referenced by analyseData().

00272 {
00273   register UINT16 i;
00274 
00275   for (i = 0; i < NumberOfDetectedClient; i++) {
00276     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00277       ClientInfo[i].IsDS = 1;
00278       break;
00279     }
00280   }
00281 }

void LogPutWep ( UINT8  BSSID[WLAN_ADDR_LEN],
UINT8  hasWep,
UINT8  hasWPA 
)

Definition at line 286 of file analyse.c.

References CompareAddMac(), ClientInfo_t::hasWep, ClientInfo_t::hasWPA, and NumberOfDetectedClient.

Referenced by LogPutIsAP().

00287 {
00288   register UINT16 i;
00289 
00290   for (i = 0; i < NumberOfDetectedClient; i++) {
00291     if (CompareAddMac(ClientInfo[i].BSSID, BSSID)) {
00292       ClientInfo[i].hasWep = hasWep;
00293       ClientInfo[i].hasWPA = hasWPA;
00294     }
00295   }
00296 }

void LogPutChannel_byAddMac ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8  Channel 
)

Definition at line 298 of file analyse.c.

References ClientInfo_t::Channel, CompareAddMac(), and NumberOfDetectedClient.

Referenced by LogPutChannel().

00299 {
00300   register UINT16 i;
00301 
00302   for (i = 0; i < NumberOfDetectedClient; i++) {
00303     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00304       ClientInfo[i].Channel = Channel;
00305       break;
00306     }
00307   }
00308 }

void LogPutChannel_byBSSID ( UINT8  BSSID[WLAN_ADDR_LEN],
UINT8  Channel 
)

Definition at line 311 of file analyse.c.

References ClientInfo_t::Channel, CompareAddMac(), and NumberOfDetectedClient.

Referenced by LogPutChannel().

00312 {
00313   register UINT16 i;
00314 
00315   for (i = 0; i < NumberOfDetectedClient; i++) {
00316     if (CompareAddMac(ClientInfo[i].BSSID, BSSID)) {
00317       ClientInfo[i].Channel = Channel;
00318     }
00319   }
00320 }

void LogPutChannel ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8  BSSID[WLAN_ADDR_LEN],
UINT8  Channel 
)

Definition at line 323 of file analyse.c.

References AddMacIsBroadcast(), LogPutChannel_byAddMac(), and LogPutChannel_byBSSID().

Referenced by ProcessTagBits().

00325 {
00326   if (AddMacIsBroadcast(BSSID))
00327     LogPutChannel_byAddMac(AddMac, Channel);
00328   else
00329     LogPutChannel_byBSSID(BSSID, Channel);
00330 }

void LogPutSSID_byAddMac ( UINT8  AddMac[WLAN_ADDR_LEN],
char *  SSID 
)

Definition at line 333 of file analyse.c.

References CompareAddMac(), NumberOfDetectedClient, safe_strncpy(), and WLAN_SSID_MAXLEN.

Referenced by LogPutSSID().

00334 {
00335   register UINT16 i;
00336 
00337 /*  warning (">>1 SSID '%s' (%02X:%02X:%02X:%02X:%02X:%02X)\n",
00338      SSID, AddMac[0], AddMac[1], AddMac[2], AddMac[3], AddMac[4], AddMac[5]);
00339 */
00340   for (i = 0; i < NumberOfDetectedClient; i++) {
00341     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00342       //    ClientInfo[i].SSID ""           and SSID not " "
00343       //if ((strlen (ClientInfo[i].SSID) == 0) && (strncmp (SSID, " ", 32))) {  // BUG #557123
00344       safe_strncpy(ClientInfo[i].SSID, SSID, WLAN_SSID_MAXLEN + 1);
00345       //}
00346       break;
00347     }
00348   }
00349 }

void LogPutSSID ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8  BSSID[WLAN_ADDR_LEN],
char *  SSID 
)

Definition at line 374 of file analyse.c.

References AddMacIsBroadcast(), LogPutSSID_byAddMac(), and LogPutSSID_byBSSID().

Referenced by ProcessTagBits().

00376 {
00377   // We don't initialyse SSID if it's blank, BUG #557123
00378   //   SSID not ""         and  SSID not " "
00379   if ((strlen(SSID) != 0) && (strncmp(SSID, " ", 32))) {
00380     if (AddMacIsBroadcast(BSSID))
00381       LogPutSSID_byAddMac(AddMac, SSID);
00382     else
00383       LogPutSSID_byBSSID(BSSID, SSID);
00384   }
00385 }

void LogPutIsAP ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8  hasWep,
UINT8  hasWPA,
UINT16  bcn_int 
)

Definition at line 387 of file analyse.c.

References ClientInfo_t::bcn_int, BroadcastMAC, CompareAddMac(), ClientInfo_t::hasWep, ClientInfo_t::hasWPA, HISTORY_SIZE, ClientInfo_t::IsAP, ConfigStruct::JammingNow, LogPutWep(), NumberOfDetectedClient, sendDeauth(), and TRUE.

Referenced by analyseBeacon(), analyseData(), and analyseProbeRep().

00389 {
00390   register UINT16 i, j;
00391   UINT8 BSSID[WLAN_ADDR_LEN];
00392 
00393   for (i = 0; i < NumberOfDetectedClient; i++) {
00394     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00395       ClientInfo[i].hasWep = hasWep;
00396       ClientInfo[i].hasWPA = hasWPA;
00397       // A little rotation of Beacon Interval
00398       for (j = (HISTORY_SIZE - 1); j != 0; j--)
00399         ClientInfo[i].bcn_int[j] = ClientInfo[i].bcn_int[j - 1];
00400       if (bcn_int != 0)
00401         ClientInfo[i].bcn_int[0] = bcn_int;
00402       memcpy(&BSSID, ClientInfo[i].BSSID, WLAN_ADDR_LEN);
00403       //if (!ClientInfo[i].IsP2P)
00404       ClientInfo[i].IsAP = 1;
00405 
00406       // Jamming is here :-)
00407       if (config.JammingNow == TRUE) {
00408         sendDeauth(BroadcastMAC, BSSID, 0);
00409       }
00410       break;
00411     }
00412   }
00413   LogPutWep(BSSID, hasWep, hasWPA);
00414 }

void LogPutIsP2P ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8  hasWep,
UINT16  bcn_int 
)

Definition at line 416 of file analyse.c.

References ClientInfo_t::bcn_int, CompareAddMac(), debug, ClientInfo_t::hasWep, HISTORY_SIZE, ClientInfo_t::IsAP, ClientInfo_t::IsP2P, and NumberOfDetectedClient.

Referenced by analyseBeacon(), and analyseProbeRep().

00417 {
00418   register UINT16 i, j;
00419 
00420   for (i = 0; i < NumberOfDetectedClient; i++) {
00421     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00422       ClientInfo[i].hasWep = hasWep;
00423       // A little rotation of Beacon Interval
00424       for (j = (HISTORY_SIZE - 1); j != 0; j--)
00425         ClientInfo[i].bcn_int[j] = ClientInfo[i].bcn_int[j - 1];
00426       if (bcn_int != 0)
00427         ClientInfo[i].bcn_int[0] = bcn_int;
00428       ClientInfo[i].IsP2P = 1;
00429       ClientInfo[i].IsAP = 0;
00430       debug(1, "IsP2P > %s\n", ClientInfo[i].AddMac);
00431       break;
00432     }
00433   }
00434 }

void LogPutOtherInformation ( UINT8  AddMac[WLAN_ADDR_LEN],
char *  OtherInformation 
)

Definition at line 437 of file analyse.c.

References CompareAddMac(), MAXSIZE_OTHERINFORMATION, NumberOfDetectedClient, and safe_strncpy().

Referenced by ProcessTagBits().

00438 {
00439   register UINT16 i;
00440 
00441   for (i = 0; i < NumberOfDetectedClient; i++) {
00442     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00443       safe_strncpy(ClientInfo[i].OtherInformation,
00444                    OtherInformation, MAXSIZE_OTHERINFORMATION);
00445       break;
00446     }
00447   }
00448 }

void LogPutTimestamp ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT64  TimeStamp 
)

Get a timestamp of a BSSID and put it in the fifo of TS

Todo:
TODO Save System Timestamp

Definition at line 451 of file analyse.c.

References CompareAddMac(), debug, HISTORY_SIZE, NumberOfDetectedClient, and ClientInfo_t::TimeStamp.

Referenced by analyseBeacon(), and analyseProbeRep().

00452 {
00453   register UINT16 i;
00454   UINT8 j;
00455 
00456   for (i = 0; i < NumberOfDetectedClient; i++) {
00457     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00458       for (j = (HISTORY_SIZE - 1); j != 0; j--) {
00459         ClientInfo[i].TimeStamp[j] = ClientInfo[i].TimeStamp[j - 1];
00460       }
00461       ClientInfo[i].TimeStamp[0] = TimeStamp;
00462       debug(3, "TS : %016llX %016llX %016llX %016llX\n",
00463             ClientInfo[i].TimeStamp[0],
00464             ClientInfo[i].TimeStamp[1],
00465             ClientInfo[i].TimeStamp[2], ClientInfo[i].TimeStamp[3]);
00467       break;
00468     }
00469   }
00470 }

void LogPutSeqNum ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8  AddMacDst[WLAN_ADDR_LEN],
UINT16  SeqNum 
)

Get a Sequence Number of a BSSID and put it in the fifo of SeqNum

TODO : Analyse also when it's not a broadcast packet ad a new array (Mac@ cli, SeqNum)

Definition at line 474 of file analyse.c.

References AddMacIsBroadcast(), CompareAddMac(), HISTORY_SIZE, NumberOfDetectedClient, ClientInfo_t::SeqNum, and WLAN_GET_SEQ_SEQNUM.

Referenced by analyseBeacon(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), and analysePSPOLL().

00476 {
00477   register UINT16 i, j;
00478 
00481   if (AddMacIsBroadcast(AddMacDst)) {
00482     for (i = 0; i < NumberOfDetectedClient; i++) {
00483       if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00484         for (j = (HISTORY_SIZE - 1); j != 0; j--) {
00485           ClientInfo[i].SeqNum[j] = ClientInfo[i].SeqNum[j - 1];
00486         }
00487         ClientInfo[i].SeqNum[0] = WLAN_GET_SEQ_SEQNUM(SeqNum);
00488         break;
00489       }
00490     }
00491   }
00492 }

void LogPutLastIV ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8  IV[4] 
)

Put the last IV find in packets

Definition at line 495 of file analyse.c.

References CompareAddMac(), ClientInfo_t::LastIV, and NumberOfDetectedClient.

00496 {
00497   register UINT16 i;
00498 
00499   for (i = 0; i < NumberOfDetectedClient; i++) {
00500     if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) {
00501       ClientInfo[i].LastIV[0] = IV[0];
00502       ClientInfo[i].LastIV[1] = IV[1];
00503       ClientInfo[i].LastIV[2] = IV[2];
00504       ClientInfo[i].LastIV[3] = IV[3];
00505       break;
00506     }
00507   }
00508 }

void Send_To_All_BSSID_A_Deauth ( void   ) 

Definition at line 510 of file analyse.c.

References AddMacIsNULL(), BroadcastMAC, NumberOfDetectedClient, sendDeauth(), and WLAN_ADDR_LEN.

Referenced by parse_keystring().

00511 {
00512   UINT8 bssid[WLAN_ADDR_LEN];
00513   UINT8 dest[WLAN_ADDR_LEN];
00514   register UINT16 i;
00515 
00516   for (i = 0; i < NumberOfDetectedClient; i++) {
00517     if (!AddMacIsNULL(ClientInfo[i].AddMac)
00518         && !AddMacIsNULL(ClientInfo[i].BSSID)) {
00519       memcpy(bssid, &ClientInfo[i].BSSID, WLAN_ADDR_LEN);
00520       memcpy(dest, &ClientInfo[i].AddMac, WLAN_ADDR_LEN);
00521       sendDeauth(dest, bssid, ClientInfo[i].Channel);
00522       sendDeauth(BroadcastMAC, bssid, ClientInfo[i].Channel);
00523     }
00524   }
00525 }

void LogWriteReport ( void   ) 

Write the final report

Definition at line 532 of file analyse.c.

References AddMacToManufModel(), AddMacToManufName(), NumberOfDetectedClient, and RateToString().

Referenced by main().

00533 {
00534   int i;
00535   UINT8 j;
00536 
00537   printf("\n\n");
00538   printf("Now a summary of the detection :\n");
00539   printf("--------------------------------\n");
00540 
00541   if (NumberOfDetectedClient == 0) {
00542     printf("No 802.11b information has been catched\n\n");
00543   }
00544 
00545   for (i = 0; i < NumberOfDetectedClient; i++) {
00546     printf("Station (%02X:%02X:%02X:%02X:%02X:%02X)  -  ",
00547            ClientInfo[i].AddMac[0], ClientInfo[i].AddMac[1],
00548            ClientInfo[i].AddMac[2], ClientInfo[i].AddMac[3],
00549            ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]);
00550     printf("BSSID=%02X:%02X:%02X:%02X:%02X:%02X  -  ",
00551            ClientInfo[i].BSSID[0], ClientInfo[i].BSSID[1],
00552            ClientInfo[i].BSSID[2], ClientInfo[i].BSSID[3],
00553            ClientInfo[i].BSSID[4], ClientInfo[i].BSSID[5]);
00554 
00555     if ((strlen(ClientInfo[i].SSID) == 0)
00556         || ((strlen(ClientInfo[i].SSID) == 1)
00557             && (*ClientInfo[i].SSID == 0x20)))
00558       printf("SSID is not broadcasted\n");
00559     else {
00560       //printf ("SSID='%s'\n", ClientInfo[i].SSID);
00561       printf("SSID='");
00562       for (j = 0; j < strlen(ClientInfo[i].SSID); j++) {
00563         if (isprint(ClientInfo[i].SSID[j]))
00564           printf("%c", ClientInfo[i].SSID[j]);
00565         else
00566           printf("/0x%02X", ClientInfo[i].SSID[j]);
00567       }
00568       printf("'\n");
00569     }
00570 
00571     printf("  Manufacturer/Model : %s / %s\n",
00572            AddMacToManufName(ClientInfo[i].AddMac),
00573            AddMacToManufModel(ClientInfo[i].AddMac));
00574 
00575     if (ClientInfo[i].SNMax != ClientInfo[i].SNMin)
00576       printf("  Signal is between %u and %u",
00577              ClientInfo[i].SNMin, ClientInfo[i].SNMax);
00578     else
00579       printf("  Signal is stable at %u", ClientInfo[i].SNMax);
00580 
00581     if (ClientInfo[i].RateMax != ClientInfo[i].RateMin)
00582       printf(" and Data rate is between %s and %s\n",
00583              RateToString(ClientInfo[i].RateMin),
00584              RateToString(ClientInfo[i].RateMax));
00585     else
00586       printf(" and Data rate is %s\n",
00587              RateToString(ClientInfo[i].RateMax));
00588 
00589     if (ClientInfo[i].MaxSpeed != 0)
00590       printf("  Max speed available is %s\n",
00591              RateToString(ClientInfo[i].MaxSpeed));
00592 
00593     if (ClientInfo[i].hasWep)
00594       if (ClientInfo[i].hasWPA)
00595         printf("  Channel %d with WPA\n", ClientInfo[i].Channel);
00596       else
00597         printf("  Channel %d with Wep\n", ClientInfo[i].Channel);
00598     else
00599       printf("  Channel %d with no Wep\n", ClientInfo[i].Channel);
00600 
00601     if (ClientInfo[i].bcn_int[0] != 0)
00602       printf("  1 beacon every %d ms is sent\n", ClientInfo[i].bcn_int[0]);
00603 
00604     if (ClientInfo[i].IsDS) {
00605       if (ClientInfo[i].IsAP) { // #568053
00606         printf
00607             ("  This is an AP that do some NAT or is a router (because it's also a DS)\n");
00608       } else {
00609         printf
00610             ("  This station is in the Wired network (DS) of the BSSID\n");
00611       }
00612     } else {
00613       if (ClientInfo[i].IsAP)
00614         printf("  This is an AP\n");
00615       else if (ClientInfo[i].IsP2P)
00616         printf("  This an Ad-HOC client\n");
00617       else
00618         printf("  This is a client\n");
00619     }
00620 
00621     if (ClientInfo[i].OtherInformation == NULL) {
00622       printf("  Other information discovered:\n");
00623       printf("   > \"%s\"\n", ClientInfo[i].OtherInformation);
00624     }
00625 
00626     printf("-------------\n");
00627   }
00628 }

void LogWriteDOT ( FILE *  filename  ) 

Write the .dot file with all informations we have

Definition at line 633 of file analyse.c.

References NumberOfDetectedClient.

Referenced by main().

00634 {
00635   int i;
00636 
00637   if (NumberOfDetectedClient == 0) {
00638     printf("No 802.11b information has catched\n");
00639     printf("So no .dot file is created\n\n");
00640   } else {
00641     printf("802.11b information has catched so I make my .dot file ");
00642   }
00643 
00644   fprintf(filename,
00645           "digraph xyz {\n  ratio=compress;\n  size=\"8,8\";\n"
00646           "  rankdir=LR;\n  node [shape=box,fontsize=8];\n");
00647 
00648   for (i = 0; i < NumberOfDetectedClient; i++) {
00649     printf(".");
00650     fprintf(filename, "\"%02X:%02X:%02X:%02X:%02X:%02X\" -> ",
00651             ClientInfo[i].AddMac[0], ClientInfo[i].AddMac[1],
00652             ClientInfo[i].AddMac[2], ClientInfo[i].AddMac[3],
00653             ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]);
00654     fprintf(filename, "\"%02X:%02X:%02X:%02X:%02X:%02X\";\n",
00655             ClientInfo[i].BSSID[0], ClientInfo[i].BSSID[1],
00656             ClientInfo[i].BSSID[2], ClientInfo[i].BSSID[3],
00657             ClientInfo[i].BSSID[4], ClientInfo[i].BSSID[5]);
00658     if (ClientInfo[i].IsDS)
00659       fprintf(filename,
00660               "\"%02X:%02X:%02X:%02X:%02X:%02X\" [shape=diamond];\n",
00661               ClientInfo[i].AddMac[0],
00662               ClientInfo[i].AddMac[1],
00663               ClientInfo[i].AddMac[2],
00664               ClientInfo[i].AddMac[3],
00665               ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]);
00666     else {
00667       if (ClientInfo[i].IsAP) {
00668         fprintf(filename,
00669                 "\"%02X:%02X:%02X:%02X:%02X:%02X\" [shape=circle,label=\"",
00670                 ClientInfo[i].AddMac[0],
00671                 ClientInfo[i].AddMac[1],
00672                 ClientInfo[i].AddMac[2],
00673                 ClientInfo[i].AddMac[3],
00674                 ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]);
00675         fprintf(filename,
00676                 "%02X:%02X:%02X:%02X:%02X:%02X\\nSSID='%s'\"];\n",
00677                 ClientInfo[i].AddMac[0],
00678                 ClientInfo[i].AddMac[1],
00679                 ClientInfo[i].AddMac[2],
00680                 ClientInfo[i].AddMac[3],
00681                 ClientInfo[i].AddMac[4],
00682                 ClientInfo[i].AddMac[5], ClientInfo[i].SSID);
00683       }
00684     }
00685   }
00686   fprintf(filename, "}\n");
00687   printf("Done!\n\n");
00688 }

void LogWriteHisto ( void   ) 

Definition at line 690 of file analyse.c.

References debug, HISTO_SIGNAL_CHAN, HISTO_SIGNAL_SIZE, Statistics_t::MaxSignal, and NumberOfDetectedClient.

Referenced by main().

00691 {
00692 #define HISTO_SIGNAL_SIZE 32
00693 #define HISTO_SIGNAL_CHAN 14
00694 
00695   UINT8 i, Max = 0, Min=0xFF;
00696   float divid = 0;
00697   int j;
00698   char histo[HISTO_SIGNAL_SIZE][HISTO_SIGNAL_CHAN];
00699 
00700   if (NumberOfDetectedClient != 0) {
00701 
00702     printf("\n Spectral repartition :\n-----------------------\n\n");
00703 
00704     // Find the Max and the Min
00705     debug(3, "    ");
00706     for (i = 0; i < HISTO_SIGNAL_CHAN; i++) {
00707       debug(3, "%02X,", Stats.MaxSignal[i]);
00708       if (Stats.MaxSignal[i] > Max)
00709         Max = Stats.MaxSignal[i];
00710       if (Stats.MaxSignal[i] < Min)
00711   Min = Stats.MaxSignal[i];
00712     }
00713 
00714     // So we get the scale
00715     divid = (float) (Max + 1 - Min) / (float) HISTO_SIGNAL_SIZE;
00716     debug(3, "divid=%f ", divid);
00717     debug(3, "Min=%02X Max=%02X\n", Min, Max);
00718 
00719     // Clear the histogramm
00720     for (i = 0; i < HISTO_SIGNAL_CHAN; i++) {
00721       for (j = 0; j < HISTO_SIGNAL_SIZE; j++)
00722         histo[j][i] = '-';      // Clear histo
00723     }
00724 
00725     // And now fill it !
00726     for (i = 0; i < HISTO_SIGNAL_CHAN; i++) {
00727       for (j = 0; j < ((Stats.MaxSignal[i] - Min) / divid); j++) {
00728         histo[j][i] = '*';      // Fill histo
00729       }
00730     }
00731 
00732     printf("    01 02 03 04 05 06 07 08 09 10 11 12 13     14\n");
00733     for (j = HISTO_SIGNAL_SIZE; j != 0; j--) {
00734       printf("%3d ", (UINT8) ((j * divid) + Min));
00735       for (i = 0; i < HISTO_SIGNAL_CHAN; i++) {
00736         if (i == (HISTO_SIGNAL_CHAN - 1))
00737           printf("    ");       // separation between channel 13 and 14
00738         printf("%c%c ", histo[j - 1][i], histo[j - 1][i]);
00739       }
00740       printf("\n");
00741     }
00742     printf("    01 02 03 04 05 06 07 08 09 10 11 12 13     14\n\n");
00743   }
00744 }

void ClearPanel ( void   ) 

Definition at line 746 of file analyse.c.

References Panel_WND, and screen_mutex.

Referenced by parse_keystring().

00747 {
00748 #ifdef WITH_THREAD
00749   pthread_mutex_lock(&screen_mutex);
00750 #endif
00751   wclear(Panel_WND);
00752   box(Panel_WND, '|', '-');
00753   wrefresh(Panel_WND);
00754 #ifdef WITH_THREAD
00755   pthread_mutex_unlock(&screen_mutex);
00756 #endif
00757 }

void WritePanel ( UINT8  GoodPacket  ) 

Definition at line 762 of file analyse.c.

References Statistics_t::AP, COL_WND_PANEL, debug, DetermineCryptType(), ConfigStruct::DoNotDisplay, ConfigStruct::FirstNIC, HISTOSIZE, IS_DISPLAY_STATION, ClientInfo_t::IsAP, ClientInfo_t::Manuf, NumberOfDetectedClient, Panel_WND, POS_CHANNEL, POS_CRYPT, POS_HISTO, POS_MAC, POS_SSID, Posit, ROW_WND_PANEL, safe_strncpy(), screen_mutex, ScanResult_t::Signal, ClientInfo_t::SNMax, ClientInfo_t::SNMed, ScanResult_t::SrcMac, and TRUE.

Referenced by main().

00763         : Old Code must be rewrite with MACRO and better function
00764 {
00765   UINT8 i;
00766   char Line[256];
00767   char Histo[HISTOSIZE + 2];
00768   char MAC[20];
00769   char TYPE[4];
00770   UINT8 SNMax = 0;
00771   static UINT8 MaxFromAll = 1;
00772   UINT16 HistoSize = 0, HostDisplayed;
00773   UINT16 MinAff, MaxAff, Posit = 1, SizeOfWin;
00774   UINT16 NumberOfDetectedClientToDisplay = 0;
00775 
00776   // calculate the windows Size
00777   SizeOfWin = (ROW_WND_PANEL - 2);
00778   if (IS_DISPLAY_STATION(config.DoNotDisplay)) {
00779     NumberOfDetectedClientToDisplay = Stats.AP;
00780   } else {
00781     NumberOfDetectedClientToDisplay = NumberOfDetectedClient;
00782   }
00783 
00784   if (config.FirstNIC == 0) {
00785     if (NumberOfDetectedClientToDisplay > SizeOfWin)
00786       MinAff = NumberOfDetectedClientToDisplay - SizeOfWin;
00787     else
00788       MinAff = 0;
00789     MaxAff = NumberOfDetectedClientToDisplay;
00790   } else {
00791     if (config.FirstNIC < (NumberOfDetectedClientToDisplay - SizeOfWin)) {
00792       MinAff = config.FirstNIC;
00793       if (config.FirstNIC + SizeOfWin > NumberOfDetectedClientToDisplay)
00794         MaxAff = NumberOfDetectedClientToDisplay - 1;
00795       else
00796         MaxAff = config.FirstNIC + SizeOfWin;
00797     } else {
00798       config.FirstNIC = 0;
00799       MinAff = NumberOfDetectedClientToDisplay - SizeOfWin - 1;
00800     }
00801   }
00802   //debug (3, "#### NumberOfDetectedClientToDisplay = %02u, MinAff = %02u, MaxAff= %02u\n",NumberOfDetectedClientToDisplay,MinAff,MaxAff);
00803 
00804 #ifdef WITH_THREAD
00805   pthread_mutex_lock(&screen_mutex);
00806 #endif
00807 
00808   //for (i = MinAff; i < MaxAff; i++) {
00809   HostDisplayed = 0;
00810   i = MinAff;
00811   while ((HostDisplayed < SizeOfWin) || (i < NumberOfDetectedClient)) {
00812     // If we don't need to display this AP/STA, we skip it
00813     if (IS_DISPLAY_STATION(config.DoNotDisplay) && (!ClientInfo[i].IsAP)) {
00814       i++;
00815       if (i >= NumberOfDetectedClient)
00816         break;
00817     } else {
00818       if (i >= NumberOfDetectedClient)
00819         break;
00820       snprintf(MAC, 20, "%02X:%02X:%02X:%02X:%02X:%02X",
00821                ClientInfo[i].AddMac[0], ClientInfo[i].AddMac[1],
00822                ClientInfo[i].AddMac[2], ClientInfo[i].AddMac[3],
00823                ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]);
00824       safe_strncpy(Histo,
00825                    "|________________________________________________",
00826                    HISTOSIZE + 2);
00827 
00828       if ((ClientInfo[i].SNMax > MaxFromAll)
00829           || (Res.Signal > MaxFromAll)) {
00830         if (Res.Signal > MaxFromAll)
00831           MaxFromAll = Res.Signal;
00832         else
00833           MaxFromAll = ClientInfo[i].SNMax;
00834       }
00835 
00836       //if (GoodPacket == TRUE) {
00837         HistoSize =
00838             (UINT16) ((ClientInfo[i].SNMed * HISTOSIZE) / MaxFromAll);
00839         if (!strncmp(MAC, Res.SrcMac, 20)) {
00840           strncpy(Histo,
00841                   "|=======================================================",
00842                   HistoSize + 1);
00843           mvwprintw(Panel_WND, Posit, 1, ">");
00844         } else {
00845           strncpy(Histo,
00846                   "|.......................................................",
00847                   HistoSize + 1);
00848           mvwprintw(Panel_WND, Posit, 1, " ");
00849         }
00850       //}
00851 
00852       /* if SN/2 > 64 then SNMax = 64 else SNMax = SN/2 */
00853       SNMax = (ClientInfo[i].SNMax * HISTOSIZE) / MaxFromAll;
00854       if (SNMax <= HISTOSIZE) {
00855         Histo[SNMax - 1] = '|';
00856         //Histo[HISTOSIZE] = ' ';
00857       }
00858       Histo[HISTOSIZE + 1] = 0;
00859       snprintf(Line, COL_WND_PANEL - POS_HISTO - 1,
00860                "%s (%d,%d,%d) %s  ", Histo,
00861                (((GoodPacket == TRUE)
00862                  && !strncmp(MAC, Res.SrcMac,
00863                              20)) ? Res.Signal : 0),
00864                (int) ClientInfo[i].SNMed,
00865                (int) ClientInfo[i].SNMax, ClientInfo[i].Manuf);
00866 
00867       if (ClientInfo[i].IsP2P)
00868         snprintf(TYPE, 4, "ADH");
00869       else if (ClientInfo[i].IsAP)
00870         snprintf(TYPE, 4, "AP ");
00871       else
00872   if (ClientInfo[i].IsDS)
00873     snprintf(TYPE, 4, "sta");
00874   else
00875     snprintf(TYPE, 4, "STA");
00876 
00877       // We Write now
00878       mvwprintw(Panel_WND, Posit, 2, "%s", TYPE);
00879       mvwprintw(Panel_WND, Posit, POS_MAC, "%s", MAC);
00880       mvwprintw(Panel_WND, Posit, POS_SSID,
00881                 "\"%s\"                                 ", ClientInfo[i].SSID);
00882       mvwprintw(Panel_WND, Posit, POS_CHANNEL, "%X",
00883                 ClientInfo[i].Channel);
00884 
00885 
00886       mvwprintw(Panel_WND, Posit, POS_CRYPT, "%c",
00887                 DetermineCryptType(ClientInfo[i].hasWep,
00888                                    ClientInfo[i].hasWPA,
00889                                    ClientInfo[i].hasTKIP,
00890                                    ClientInfo[i].hasCCMP,
00891                                    ClientInfo[i].hasWPAPSK,
00892                                    ClientInfo[i].hasWPA2PSK));
00893       mvwprintw(Panel_WND, Posit, POS_HISTO, "%s", Line);
00894       Posit++;
00895       HostDisplayed++;
00896       i++;
00897     }
00898   }
00899 
00900   wrefresh(Panel_WND);
00901 #ifdef WITH_THREAD
00902   pthread_mutex_unlock(&screen_mutex);
00903 #endif
00904   debug(3, "WritePanel Line #%d\n", __LINE__);
00905 }

void DoSummary ( void   ) 

Function to calculate some stats

Definition at line 946 of file analyse.c.

References Statistics_t::AP, ClientInfo_t::Channel, Statistics_t::Channel, NumberOfDetectedClient, and Statistics_t::STA.

Referenced by WriteSummary().

00947 {
00948   UINT8 i;
00949   UINT8 ChanTab[14] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
00950 
00951   Stats.AP = 0;
00952   Stats.STA = 0;
00953   Stats.Channel = 0;
00954 
00955   for (i = 0; i < NumberOfDetectedClient; i++) {
00956     ChanTab[ClientInfo[i].Channel] = 1;
00957 
00958     if (ClientInfo[i].IsAP)
00959       Stats.AP++;
00960     else
00961       Stats.STA++;
00962   }
00963 
00964   for (i = 0; i < 14; i++) {
00965     if (ChanTab[i] != 0)
00966       Stats.Channel++;
00967   }
00968 }

UINT8 IDS_BcnInt ( void   ) 

IDS module : Analysis of Beacons Intervals

Beacon interval history is suspect

Definition at line 1013 of file analyse.c.

References ClientInfo_t::bcn_int, HISTORY_SIZE, NumberOfDetectedClient, and Send_IDS_Warning().

Referenced by IDS().

01014 {
01015   register UINT16 i;
01016   UINT8 ret = 0, j;
01017   char MAC[20];
01018   char Message[1024];
01019 
01020   for (i = 0; i < NumberOfDetectedClient; i++) {
01021     for (j = 0; j < (HISTORY_SIZE - 1); j++) {
01022       if (((ClientInfo[i].bcn_int[j] != 0)
01023            && (ClientInfo[i].bcn_int[j + 1] != 0))
01024           && (ClientInfo[i].bcn_int[j] != ClientInfo[i].bcn_int[j + 1])) {
01025         snprintf(MAC, 20,
01026                  "%02X:%02X:%02X:%02X:%02X:%02X",
01027                  ClientInfo[i].AddMac[0],
01028                  ClientInfo[i].AddMac[1],
01029                  ClientInfo[i].AddMac[2],
01030                  ClientInfo[i].AddMac[3],
01031                  ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]);
01032         snprintf(Message, 1024,
01033                  "IDS WARNING - beacon interval is changing for %s from %dms to %dms\n",
01034                  MAC, ClientInfo[i].bcn_int[j + 1],
01035                  ClientInfo[i].bcn_int[j]);
01036         Send_IDS_Warning(Message);
01037         ret = 0x01;             
01038         break;
01039       }
01040     }
01041   }
01042   return ret;
01043 }

UINT8 IDS_TimeStamp ( void   ) 

TS history is suspect

Definition at line 1045 of file analyse.c.

References HISTORY_SIZE, NumberOfDetectedClient, Send_IDS_Warning(), and ClientInfo_t::TimeStamp.

Referenced by IDS().

01046 {
01047   register UINT16 i;
01048   UINT8 ret = 0, j;
01049   char MAC[20];
01050   char Message[1024];
01051 
01052   // Analysis of Time Stamps
01053   for (i = 0; i < NumberOfDetectedClient; i++) {
01054     for (j = 0; j < (HISTORY_SIZE - 1); j++) {
01055       if (((ClientInfo[i].TimeStamp[j] != 0)
01056            && (ClientInfo[i].TimeStamp[j + 1] != 0))
01057           && (ClientInfo[i].TimeStamp[j] < ClientInfo[i].TimeStamp[j + 1])) {
01058         snprintf(MAC, 20, "%02X:%02X:%02X:%02X:%02X:%02X",
01059                  ClientInfo[i].AddMac[0], ClientInfo[i].AddMac[1],
01060                  ClientInfo[i].AddMac[2], ClientInfo[i].AddMac[3],
01061                  ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]);
01062         snprintf(Message, 1024,
01063                  "IDS WARNING - Time Stamp is not correct for %s\n", MAC);
01064         Send_IDS_Warning(Message);
01065         snprintf(Message, 1024,
01066                  " Difference between two catched packets is : %lluÁs %llums\n",
01067                  ClientInfo[i].TimeStamp[j + 1] -
01068                  ClientInfo[i].TimeStamp[j],
01069                  (ClientInfo[i].TimeStamp[j + 1] -
01070                   ClientInfo[i].TimeStamp[j]) * 100);
01071         Send_IDS_Warning(Message);
01072 /*        snprintf(Message, 1024, "Timestamps = (0x%016llX,0x%016llX)\n",
01073                  ClientInfo[i].TimeStamp[j],
01074                  ClientInfo[i].TimeStamp[j + 1]);
01075         Send_IDS_Warning(Message); */
01076         ret = 0x02;             
01077         break;
01078       }
01079     }
01080   }
01081   return ret;
01082 }

UINT8 IDS_Var_SeqNum ( void   ) 

Analyse SeqNumber variation to determine if a problem is occur, like an usurpation of MAC ADD

SeqNum history is suspect

Definition at line 1088 of file analyse.c.

References debug, HISTORY_SIZE, NumberOfDetectedClient, Send_IDS_Warning(), and ClientInfo_t::SeqNum.

Referenced by IDS().

01089 {
01090   register UINT16 i;
01091   UINT8 ret = 0, j;
01092   char MAC[20];
01093   char Message[1024];
01094 
01095   // Analysis of variation of Seqnum
01096   for (i = 0; i < NumberOfDetectedClient; i++) {
01097     for (j = 0; j < (HISTORY_SIZE - 1); j++) {
01098       if (((ClientInfo[i].SeqNum[j] != 0)
01099            && (ClientInfo[i].SeqNum[j + 1] != 0))
01100           && (ClientInfo[i].SeqNum[j] < ClientInfo[i].SeqNum[j + 1])) {
01101         snprintf(MAC, 20,
01102                  "%02X:%02X:%02X:%02X:%02X:%02X",
01103                  ClientInfo[i].AddMac[0],
01104                  ClientInfo[i].AddMac[1],
01105                  ClientInfo[i].AddMac[2],
01106                  ClientInfo[i].AddMac[3],
01107                  ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]);
01108         snprintf(Message, 1024,
01109                  "IDS WARNING - Sequence Number is not correct for %s\n",
01110                  MAC);
01111         Send_IDS_Warning(Message);
01112         debug(1, "SeqNum = (0x%04X,0x%04X)\n", ClientInfo[i].SeqNum[j],
01113               ClientInfo[i].SeqNum[j + 1]);
01114         ret = 0x04;             
01115         break;
01116       }
01117     }
01118   }
01119   return ret;
01120 }

UINT8 IDS_Detect_FakeAP ( void   ) 

Definition at line 1122 of file analyse.c.

Referenced by IDS().

01123 {
01124   // TODO
01125   //  must use CalcCoef ...
01126   return 0;
01127 }

UINT8 IDS ( void   ) 

Function to analyse data and try to determine an Intrusion or a DOS Try also to determine a jammer like FakeAP

ret == 0x01; Beacon interval history is suspect ret == 0x02; TS history is suspect ret == 0x04; SeqNum history is suspect

Definition at line 1133 of file analyse.c.

References IDS_BcnInt(), IDS_Detect_FakeAP(), IDS_TimeStamp(), and IDS_Var_SeqNum().

Referenced by main().

01134 {
01139   UINT8 ret = 0;
01140 
01141   ret += IDS_BcnInt();
01142   ret += IDS_TimeStamp();
01143   ret += IDS_Var_SeqNum();
01144   ret += IDS_Detect_FakeAP();
01145 
01146   return (ret);
01147 }

void AnalyseTAG221 ( UINT8  AddMac[WLAN_ADDR_LEN],
UINT8 varBits,
int  tagLen 
)

Function to Analyse the tag 221 used for WPA and WME named as "Vendor Specific IE" In this packet we can determine a lot of think : w: WEP, W: WPA without any more information, T: WPA enterprise with TKIP C: WPA2 enterprise with CCMP, p: for WPA PSK (TKIP) P: for WPA2 PSK (CCMP), ...

Definition at line 1161 of file analyse.c.

References CompareAddMac(), debug, ClientInfo_t::hasCCMP, ClientInfo_t::hasTKIP, ClientInfo_t::hasWep, ClientInfo_t::hasWPA, ClientInfo_t::hasWPA2PSK, ClientInfo_t::hasWPAPSK, NumberOfDetectedClient, RSN_OUI, warning(), WME_OUI, and WPA_OUI.

Referenced by ProcessTagBits().

01163 {
01164   register UINT16 i;
01165   UINT8 hasWep = 0;
01166   UINT8 hasWPA = 0;
01167   UINT8 hasTKIP = 0;
01168   UINT8 hasCCMP = 0;
01169   UINT8 hasWPAPSK = 0;
01170   UINT8 hasWPA2PSK = 0;
01171   int offset = 0;
01172   int nb_UnicastCipherSuite = 0;
01173   int nb_AuthKeyMgmntSuite = 0;
01174   UINT8 Byte1, Byte2;
01175 
01176 
01177   if (tagLen - 6 >= offset && !memcmp(varBits, WPA_OUI "\x01", 4)) {
01178     debug(3, "Analyse of tag 221 : %02X%02X%02X%02X\n", varBits[0],
01179           varBits[1], varBits[2], varBits[3]);
01180     // At least 6 octets can be read and it's some WPA DATA
01181     hasWPA = 1;
01182     offset += 6;
01183     if (tagLen - 4 >= offset) {
01184       /* multicast cipher suite */
01185       if (!memcmp(&varBits[offset], WPA_OUI, 3)) {
01186         debug(2, "Multicast cipher suite : %02X%02X%02X\n",
01187               varBits[0 + offset], varBits[1 + offset],
01188               varBits[2 + offset]);
01189         offset += 3;
01190         switch (varBits[0 + offset]) {
01191         case 0:
01192           hasWPA = 0;           // Cypher NULL
01193           break;
01194         case 1:
01195           hasWPA = 0;
01196           hasWep = 1;           // WEP 40 bits
01197           break;
01198         case 2:
01199           hasTKIP = 1;          // TKIP
01200           break;
01201         case 3:                // AES (OCB) or WRAP
01202         case 4:
01203           hasCCMP = 1;          // AES (CCM)
01204           break;
01205         case 5:
01206           hasWPA = 0;
01207           hasWep = 1;           // WEP 104 bits;
01208           break;
01209         default:
01210           warning("WPA IE is with an unknowed cypher suite");
01211         }
01212         offset += 1;
01213         if (offset + 2 <= tagLen) {
01214           /* unicast cipher suites */
01215           // We Skip them
01216           // TODO : Analyse them !
01217           hasWPA = 1;
01218           Byte1 = (UINT8) varBits[offset + 0];
01219           Byte2 = (UINT8) varBits[offset + 1];
01220           nb_UnicastCipherSuite = Byte1 + (Byte2 << 8);
01221           debug(3, "nb_UnicastCipherSuite = %04X\n",
01222                 nb_UnicastCipherSuite);
01223           offset += 2;
01224           debug(2, "Unicast cipher suite : %02X%02X%02X%02X\n",
01225                 varBits[0 + offset], varBits[1 + offset],
01226                 varBits[2 + offset], varBits[3 + offset]);
01227           offset += (4 * nb_UnicastCipherSuite);        // Skip it ...
01228           // TODO : if more than One Unicast Cipher Suite ...
01229 
01230           /* authenticated key management suites */
01231           if (offset + 2 <= tagLen) {
01232             Byte1 = (UINT8) varBits[offset + 0];
01233             Byte2 = (UINT8) varBits[offset + 1];
01234             nb_AuthKeyMgmntSuite = Byte1 + (Byte2 << 8);
01235             debug(3, "nb_AuthKeyMgmntSuite = %04X\n",
01236                   nb_AuthKeyMgmntSuite);
01237             offset += 2;
01238             while (offset + 4 <= tagLen) {
01239               offset += 3;
01240               switch (varBits[offset]) {
01241               case 0:
01242                 break;          // NONE
01243               case 1:
01244                 break;          // WPA
01245               case 2:
01246                 if (hasCCMP)
01247                   hasWPA2PSK = 1;
01248                 else
01249                   hasWPAPSK = 1;
01250                 break;
01251               default:
01252                 warning
01253                     ("WPA IE is with an unknowed authenticated key management suites : %02X\n",
01254                      varBits[offset]);
01255               }
01256             }
01257           }
01258         }
01259       }
01260     }
01261   } else if (tagLen - 7 >= offset
01262              && !memcmp(varBits, WME_OUI "\x02\x00", 5)) {
01263     // At least 7 octets can be read and it's some WME DATA
01264   } else if (tagLen - 24 >= offset
01265              && !memcmp(varBits, WME_OUI "\x02\x01", 5)) {
01266     // At least 24 octets can be read and it's some WME DATA
01267   } else if (tagLen - 56 >= offset
01268              && !memcmp(varBits, WME_OUI "\x02\x02", 5)) {
01269     // At least 56 octets can be read and it's some WME DATA
01270   } else if (tagLen - 4 >= offset && !memcmp(varBits, RSN_OUI "\x04", 4)) {
01271     // At least 4 octets can be read and it's some RSN DATA
01272     /* IEEE 802.11i / Key Data Encapsulation / Data Type=4 - PMKID.
01273      * This is only used within EAPOL-Key frame Key Data. */
01274   } else {
01275     1;                          // Unknowed Vendor ID, not interpreted
01276   }
01277 
01278 
01279   // Now save this analyse :-)
01280   for (i = 0; i < NumberOfDetectedClient; i++) {
01281     if (CompareAddMac(ClientInfo[i].BSSID, AddMac)) {
01282       ClientInfo[i].hasWep = hasWep;
01283       ClientInfo[i].hasWPA = hasWPA;
01284       ClientInfo[i].hasTKIP = hasTKIP;
01285       ClientInfo[i].hasCCMP = hasCCMP;
01286       ClientInfo[i].hasWPAPSK = hasWPAPSK;
01287       ClientInfo[i].hasWPA2PSK = hasWPA2PSK;
01288     }
01289   }
01290 }


Variable Documentation

const char svnid[] = "@(#) $Id: analyse.c 178 2007-08-11 16:57:24Z poggij $"

Definition at line 45 of file analyse.c.

Definition at line 48 of file analyse.c.

WINDOW* Panel_WND

WINDOW * RealTime_WND

Definition at line 60 of file scanner.c.

Definition at line 62 of file scanner.c.

Referenced by main().

Definition at line 58 of file scanner.c.

pthread_mutex_t screen_mutex

MUTEX for lock screen, so only one func write to it at the same time.

Definition at line 67 of file scanner.c.

Referenced by check_keys_th(), ClearPanel(), debug(), debugTS(), DumpHexPaquets(), main(), parse_keystring(), PrintScaleChannel(), RefreshAllWND(), RefreshRealTime_WND_th(), stop_signal(), warning(), warning_if_error(), WritePanel(), and WriteSummary().

const UINT8 BroadcastMAC[WLAN_ADDR_LEN]

Initial value:

    { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }

Definition at line 61 of file analyse.c.

const char CryptTypeASCII[]

Initial value:

 {
  [CRYPT_TYPE_CLEAR] = ' ',     
  [CRYPT_TYPE_WEP] = 'w',       
  [CRYPT_TYPE_WPA] = 'W',       
  [CRYPT_TYPE_TKIP] = 'T',      
  [CRYPT_TYPE_CCMP] = 'C',      
  [CRYPT_TYPE_PSK1] = 'p',      
  [CRYPT_TYPE_PSK2] = 'P'       
}

Definition at line 74 of file analyse.c.

Referenced by DetermineCryptType().


Generated on Fri Jul 25 17:10:43 2008 for WifiScanner by  doxygen 1.5.5