analyse.c File Reference
#include <include.h>#include <src/analyse.h>#include <src/interface.h>#include <src/crt_io.h>#include <src/conversion.h>#include <src/manuf.h>#include <src/airjack.h>#include <src/functions.h>
Go to the source code of this file.
Defines | |
| #define | WPA_OUI "\x00\x50\xF2" |
| #define | RSN_OUI "\x00\x0F\xAC" |
| #define | WME_OUI "\x00\x50\xF2" |
| #define | HISTO_SIGNAL_SIZE 32 |
| #define | HISTO_SIGNAL_CHAN 14 |
Enumerations | |
| enum | CRYPT_TYPE { CRYPT_TYPE_CLEAR = 0, CRYPT_TYPE_WEP, CRYPT_TYPE_WPA, CRYPT_TYPE_TKIP, CRYPT_TYPE_CCMP, CRYPT_TYPE_PSK1, CRYPT_TYPE_PSK2 } |
Functions | |
| void | LogPutSSID_byAddMAc (UINT8 AddMac[WLAN_ADDR_LEN], char *SSID) |
| void | LogPutSSID_byBSSID (UINT8 BSSID[WLAN_ADDR_LEN], char *SSID) |
| void | CalculCoef (UINT32 X[4], UINT32 Y[4], float *a, float *b) |
| char | DetermineCryptType (UINT8 hasWep, UINT8 hasWPA, UINT8 hasTKIP, UINT8 hasCCMP, UINT8 hasWPAPSK, UINT8 hasWPA2PSK) |
| UINT8 | CompareAddMac (UINT8 AddMac1[WLAN_ADDR_LEN], UINT8 AddMac2[WLAN_ADDR_LEN]) |
| UINT8 | AddMacIsBroadcast (UINT8 AddMac1[WLAN_ADDR_LEN]) |
| UINT8 | AddMacIsNULL (UINT8 AddMac1[WLAN_ADDR_LEN]) |
| void | ResetAllDetectedClient (void) |
| void | LogPutSN (UINT8 AddMac[WLAN_ADDR_LEN], UINT32 SN) |
| void | LogPutRate (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 Rate) |
| void | LogPutMaxSpeed (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 Rate) |
| void | LogDetectedClient (UINT8 AddMac[WLAN_ADDR_LEN]) |
| void | LogPutBSSID (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 BSSID[WLAN_ADDR_LEN]) |
| void | LogPutDS (UINT8 AddMac[WLAN_ADDR_LEN]) |
| void | LogPutWep (UINT8 BSSID[WLAN_ADDR_LEN], UINT8 hasWep, UINT8 hasWPA) |
| void | LogPutChannel_byAddMac (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 Channel) |
| void | LogPutChannel_byBSSID (UINT8 BSSID[WLAN_ADDR_LEN], UINT8 Channel) |
| void | LogPutChannel (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 BSSID[WLAN_ADDR_LEN], UINT8 Channel) |
| void | LogPutSSID_byAddMac (UINT8 AddMac[WLAN_ADDR_LEN], char *SSID) |
| void | LogPutSSID (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 BSSID[WLAN_ADDR_LEN], char *SSID) |
| void | LogPutIsAP (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 hasWep, UINT8 hasWPA, UINT16 bcn_int) |
| void | LogPutIsP2P (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 hasWep, UINT16 bcn_int) |
| void | LogPutOtherInformation (UINT8 AddMac[WLAN_ADDR_LEN], char *OtherInformation) |
| void | LogPutTimestamp (UINT8 AddMac[WLAN_ADDR_LEN], UINT64 TimeStamp) |
| void | LogPutSeqNum (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 AddMacDst[WLAN_ADDR_LEN], UINT16 SeqNum) |
| void | LogPutLastIV (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 IV[4]) |
| void | Send_To_All_BSSID_A_Deauth (void) |
| void | LogWriteReport (void) |
| void | LogWriteDOT (FILE *filename) |
| void | LogWriteHisto (void) |
| void | ClearPanel (void) |
| void | WritePanel (UINT8 GoodPacket) |
| void | DoSummary (void) |
| UINT8 | IDS_BcnInt (void) |
| UINT8 | IDS_TimeStamp (void) |
| UINT8 | IDS_Var_SeqNum (void) |
| UINT8 | IDS_Detect_FakeAP (void) |
| UINT8 | IDS (void) |
| void | AnalyseTAG221 (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 *varBits, int tagLen) |
Variables | |
| const char | svnid [] = "@(#) $Id: analyse.c 178 2007-08-11 16:57:24Z poggij $" |
| UINT16 | NumberOfDetectedClient = 0 |
| ClientInfo_t | ClientInfo [8192] |
| WINDOW * | Panel_WND |
| WINDOW * | RealTime_WND |
| ScanResult_t | Res |
| Statistics_t | Stats |
| UINT8 | ids_warning |
| ConfigStruct | config |
| pthread_mutex_t | screen_mutex |
| MUTEX for lock screen, so only one func write to it at the same time. | |
| const UINT8 | BroadcastMAC [WLAN_ADDR_LEN] |
| const char | CryptTypeASCII [] |
Define Documentation
| #define WPA_OUI "\x00\x50\xF2" |
| #define RSN_OUI "\x00\x0F\xAC" |
| #define WME_OUI "\x00\x50\xF2" |
| #define HISTO_SIGNAL_SIZE 32 |
Referenced by LogWriteHisto().
| #define HISTO_SIGNAL_CHAN 14 |
Referenced by LogWriteHisto().
Enumeration Type Documentation
| enum CRYPT_TYPE |
- Enumerator:
-
CRYPT_TYPE_CLEAR CRYPT_TYPE_WEP CRYPT_TYPE_WPA CRYPT_TYPE_TKIP CRYPT_TYPE_CCMP CRYPT_TYPE_PSK1 CRYPT_TYPE_PSK2
Definition at line 64 of file analyse.c.
00064 { 00065 CRYPT_TYPE_CLEAR = 0, 00066 CRYPT_TYPE_WEP, 00067 CRYPT_TYPE_WPA, 00068 CRYPT_TYPE_TKIP, 00069 CRYPT_TYPE_CCMP, 00070 CRYPT_TYPE_PSK1, 00071 CRYPT_TYPE_PSK2 00072 };
Function Documentation
| void LogPutSSID_byAddMAc | ( | UINT8 | AddMac[WLAN_ADDR_LEN], | |
| char * | SSID | |||
| ) |
| void LogPutSSID_byBSSID | ( | UINT8 | BSSID[WLAN_ADDR_LEN], | |
| char * | SSID | |||
| ) |
Definition at line 352 of file analyse.c.
References CompareAddMac(), NumberOfDetectedClient, safe_strncpy(), and WLAN_SSID_MAXLEN.
Referenced by LogPutSSID().
00353 { 00354 register UINT16 i; 00355 00356 /* warning (">>2 SSID '%s' (%02X:%02X:%02X:%02X:%02X:%02X)\n", 00357 SSID, BSSID[0], BSSID[1], BSSID[2], BSSID[3], BSSID[4], BSSID[5]); /// XXX 00358 */ 00359 for (i = 0; i < NumberOfDetectedClient; i++) { 00360 if (CompareAddMac(ClientInfo[i].BSSID, BSSID)) { 00361 if ((strlen(ClientInfo[i].SSID) == 0) 00362 || ((strncmp(SSID, "<Hidden SSID>", WLAN_SSID_MAXLEN)) 00363 && 00364 (strncmp 00365 (SSID, "<Hidden SSID of known length>", 00366 WLAN_SSID_MAXLEN)))) { 00367 safe_strncpy(ClientInfo[i].SSID, SSID, WLAN_SSID_MAXLEN + 1); 00368 } 00369 } 00370 } 00371 }
Function : CalculCoef Resolve equation Y = a.X + b
Definition at line 978 of file analyse.c.
00980 { 00981 float aa[HISTORY_SIZE], bb[HISTORY_SIZE]; 00982 UINT8 NbData, i; 00983 00984 // in case of ... 00985 #if (HISTORY_SIZE < 2) 00986 #error "STOP ?! HISTORY_SIZE MUST be greater than 1. Change it on include.h" 00987 #endif 00988 00989 // Find number of data to analyse 00990 NbData = 0; 00991 for (i = 0; i < HISTORY_SIZE; i++) { 00992 if ((X[i] != 0) && (Y[i] != 0)) 00993 NbData++; 00994 } 00995 00996 // Calculate all aa and all bb 00997 for (i = 0; i < (NbData - 1); i++) { 00998 aa[i] = (Y[i] - Y[i + 1]) / (X[i] - X[i + 1]); 00999 bb[i] = Y[i] / (aa[i] * X[i]); 01000 } 01001 01002 *a = *b = 0; 01003 for (i = 0; i < NbData; i++) { 01004 *a = *a + aa[i]; 01005 *b = *b + bb[i]; 01006 } 01007 *a = *a / NbData; 01008 *b = *b / NbData; 01009 }
| char DetermineCryptType | ( | UINT8 | hasWep, | |
| UINT8 | hasWPA, | |||
| UINT8 | hasTKIP, | |||
| UINT8 | hasCCMP, | |||
| UINT8 | hasWPAPSK, | |||
| UINT8 | hasWPA2PSK | |||
| ) |
Definition at line 916 of file analyse.c.
References CRYPT_TYPE_CCMP, CRYPT_TYPE_CLEAR, CRYPT_TYPE_PSK1, CRYPT_TYPE_PSK2, CRYPT_TYPE_TKIP, CRYPT_TYPE_WEP, CRYPT_TYPE_WPA, and CryptTypeASCII.
Referenced by WritePanel().
00918 { 00919 UINT8 CryptType = 0; 00920 00921 if (hasWPA) { 00922 if (hasTKIP) { 00923 if (hasWPAPSK) 00924 CryptType = CRYPT_TYPE_PSK1; 00925 else 00926 CryptType = CRYPT_TYPE_TKIP; 00927 } else { 00928 if (hasCCMP) { 00929 if (hasWPA2PSK) 00930 CryptType = CRYPT_TYPE_PSK2; 00931 else 00932 CryptType = CRYPT_TYPE_CCMP; 00933 } else 00934 CryptType = CRYPT_TYPE_WPA; 00935 } 00936 } else { 00937 if (hasWep) 00938 CryptType = CRYPT_TYPE_WEP; 00939 else 00940 CryptType = CRYPT_TYPE_CLEAR; 00941 } 00942 return CryptTypeASCII[CryptType]; 00943 }
Definition at line 95 of file analyse.c.
Referenced by AnalyseTAG221(), LogDetectedClient(), LogPutBSSID(), LogPutChannel_byAddMac(), LogPutChannel_byBSSID(), LogPutDS(), LogPutIsAP(), LogPutIsP2P(), LogPutLastIV(), LogPutMaxSpeed(), LogPutOtherInformation(), LogPutRate(), LogPutSeqNum(), LogPutSN(), LogPutSSID_byAddMac(), LogPutSSID_byBSSID(), LogPutTimestamp(), and LogPutWep().
00096 { 00097 return (((UINT8) AddMac1[0] == (UINT8) AddMac2[0]) && 00098 ((UINT8) AddMac1[1] == (UINT8) AddMac2[1]) && 00099 ((UINT8) AddMac1[2] == (UINT8) AddMac2[2]) && 00100 ((UINT8) AddMac1[3] == (UINT8) AddMac2[3]) && 00101 ((UINT8) AddMac1[4] == (UINT8) AddMac2[4]) && 00102 ((UINT8) AddMac1[5] == (UINT8) AddMac2[5])); 00103 }
Definition at line 108 of file analyse.c.
Referenced by LogDetectedClient(), LogPutBSSID(), LogPutChannel(), LogPutSeqNum(), and LogPutSSID().
00109 { 00110 return (((UINT8) AddMac1[0] == 0xFF) && 00111 ((UINT8) AddMac1[1] == 0xFF) && 00112 ((UINT8) AddMac1[2] == 0xFF) && 00113 ((UINT8) AddMac1[3] == 0xFF) && 00114 ((UINT8) AddMac1[4] == 0xFF) && ((UINT8) AddMac1[5] == 0xFF)); 00115 }
Compare a MAC add with NULL Add
Definition at line 118 of file analyse.c.
Referenced by Send_To_All_BSSID_A_Deauth().
00119 { 00120 return (((UINT8) AddMac1[0] == 0x00) && 00121 ((UINT8) AddMac1[1] == 0x00) && 00122 ((UINT8) AddMac1[2] == 0x00) && 00123 ((UINT8) AddMac1[3] == 0x00) && 00124 ((UINT8) AddMac1[4] == 0x00) && ((UINT8) AddMac1[5] == 0x00)); 00125 }
| void ResetAllDetectedClient | ( | void | ) |
Definition at line 130 of file analyse.c.
References NumberOfDetectedClient.
Referenced by parse_keystring().
00131 { 00132 register UINT16 i; 00133 00134 for (i = 0; i < NumberOfDetectedClient; i++) { 00135 memset(&ClientInfo[i], 0, sizeof(ClientInfo_t)); 00136 } 00137 NumberOfDetectedClient = 0; 00138 }
Definition at line 146 of file analyse.c.
References CompareAddMac(), HISTORY_SIZE, NumberOfDetectedClient, ClientInfo_t::SN, ClientInfo_t::SNMax, ClientInfo_t::SNMed, and ClientInfo_t::SNMin.
Referenced by analyseBeacon(), analyseData(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), analysePSPOLL(), and analyseRTS().
00147 { 00148 register UINT16 i, j; 00149 00150 for (i = 0; i < NumberOfDetectedClient; i++) { 00151 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00152 // shift all value 00153 for (j = (HISTORY_SIZE - 1); j != 0; j--) { 00154 ClientInfo[i].SN[j] = ClientInfo[i].SN[j - 1]; 00155 } 00156 // Put value 00157 ClientInfo[i].SN[0] = SN; 00158 00159 // Put the Max value and the Min Value 00160 if (ClientInfo[i].SNMax < SN) { 00161 ClientInfo[i].SNMax = SN; 00162 } else if ((ClientInfo[i].SNMin > SN) 00163 || (ClientInfo[i].SNMin == 0)) { 00164 ClientInfo[i].SNMin = SN; 00165 } 00166 // Calulate the medium value 00167 UINT32 summe = 0; 00168 for (j = 0; j < 4; j++) { 00169 summe += ClientInfo[i].SN[j]; 00170 } 00171 ClientInfo[i].SNMed = (summe / HISTORY_SIZE); 00172 00173 // we have finish our work, so exit loop 00174 break; 00175 } 00176 } 00177 }
Definition at line 182 of file analyse.c.
References CompareAddMac(), NumberOfDetectedClient, ClientInfo_t::RateMax, and ClientInfo_t::RateMin.
Referenced by analyseBeacon(), analyseData(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), analysePSPOLL(), and analyseRTS().
00183 { 00184 register UINT16 i; 00185 00186 for (i = 0; i < NumberOfDetectedClient; i++) { 00187 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00188 if (ClientInfo[i].RateMax < Rate) 00189 ClientInfo[i].RateMax = Rate; 00190 else if ((ClientInfo[i].RateMin > Rate) 00191 || (ClientInfo[i].RateMin == 0)) 00192 ClientInfo[i].RateMin = Rate; 00193 break; 00194 } 00195 } 00196 }
Definition at line 201 of file analyse.c.
References CompareAddMac(), ClientInfo_t::MaxSpeed, and NumberOfDetectedClient.
Referenced by ProcessTagBits().
00202 { 00203 register UINT16 i; 00204 00205 for (i = 0; i < NumberOfDetectedClient; i++) { 00206 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00207 ClientInfo[i].MaxSpeed = Rate; 00208 } 00209 } 00210 }
| void LogDetectedClient | ( | UINT8 | AddMac[WLAN_ADDR_LEN] | ) |
Definition at line 212 of file analyse.c.
References AddMacIsBroadcast(), AddMacToManufModel(), AddMacToManufName(), CompareAddMac(), debug, MANUF_MAXSTRINGLENGTH, MAX_NUMBER_OF_DETECTED_CLIENT, NumberOfDetectedClient, and warning().
Referenced by analyseACK(), analyseBeacon(), analyseCTS(), analyseData(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), analysePSPOLL(), and analyseRTS().
00213 { 00214 register UINT16 i; 00215 UINT8 Founded = 0; 00216 00217 if (NumberOfDetectedClient >= MAX_NUMBER_OF_DETECTED_CLIENT) { 00218 warning("Maximum of host is detected : %d.\n", 00219 MAX_NUMBER_OF_DETECTED_CLIENT); 00220 return; 00221 } 00222 // ignore broadcast - BUG #557306 00223 if (AddMacIsBroadcast(AddMac)) { 00224 Founded = 2; 00225 // TODO : do a different think for special ADD MAC 00226 } 00227 00228 for (i = 0; i < NumberOfDetectedClient; i++) { 00229 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00230 Founded = 1; 00231 // It 's not a new host, so bye 00232 break; 00233 } 00234 } 00235 if (!Founded) { 00236 debug(1, 00237 "New client found (%02X:%02X:%02X:%02X:%02X:%02X)\n", 00238 AddMac[0], AddMac[1], AddMac[2], AddMac[3], 00239 AddMac[4], AddMac[5]); 00240 // All memcopy if with a fixed size, so ... no BOF! :-) 00241 memset(&ClientInfo[NumberOfDetectedClient], 0, sizeof(ClientInfo_t)); 00242 memcpy(&ClientInfo[NumberOfDetectedClient].AddMac, AddMac, 00243 WLAN_ADDR_LEN); 00244 memcpy(&ClientInfo[NumberOfDetectedClient].Manuf, 00245 AddMacToManufName(ClientInfo[i].AddMac), MANUF_MAXSTRINGLENGTH); 00246 memcpy(&ClientInfo[NumberOfDetectedClient].Model, 00247 AddMacToManufModel(ClientInfo[i].AddMac), 00248 MANUF_MAXSTRINGLENGTH); 00249 NumberOfDetectedClient++; 00250 } 00251 }
Definition at line 256 of file analyse.c.
References AddMacIsBroadcast(), CompareAddMac(), and NumberOfDetectedClient.
Referenced by analyseBeacon(), analyseData(), analyseProbeRep(), and analyseProbeReq().
00257 { 00258 register UINT16 i; 00259 00260 // ignore broadcast - BUG #557306 00261 if (AddMacIsBroadcast(BSSID) == 0) { 00262 for (i = 0; i < NumberOfDetectedClient; i++) { 00263 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00264 memcpy(&ClientInfo[i].BSSID, BSSID, WLAN_ADDR_LEN); 00265 break; 00266 } 00267 } 00268 } 00269 }
| void LogPutDS | ( | UINT8 | AddMac[WLAN_ADDR_LEN] | ) |
Definition at line 271 of file analyse.c.
References CompareAddMac(), ClientInfo_t::IsDS, and NumberOfDetectedClient.
Referenced by analyseData().
00272 { 00273 register UINT16 i; 00274 00275 for (i = 0; i < NumberOfDetectedClient; i++) { 00276 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00277 ClientInfo[i].IsDS = 1; 00278 break; 00279 } 00280 } 00281 }
Definition at line 286 of file analyse.c.
References CompareAddMac(), ClientInfo_t::hasWep, ClientInfo_t::hasWPA, and NumberOfDetectedClient.
Referenced by LogPutIsAP().
00287 { 00288 register UINT16 i; 00289 00290 for (i = 0; i < NumberOfDetectedClient; i++) { 00291 if (CompareAddMac(ClientInfo[i].BSSID, BSSID)) { 00292 ClientInfo[i].hasWep = hasWep; 00293 ClientInfo[i].hasWPA = hasWPA; 00294 } 00295 } 00296 }
Definition at line 298 of file analyse.c.
References ClientInfo_t::Channel, CompareAddMac(), and NumberOfDetectedClient.
Referenced by LogPutChannel().
00299 { 00300 register UINT16 i; 00301 00302 for (i = 0; i < NumberOfDetectedClient; i++) { 00303 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00304 ClientInfo[i].Channel = Channel; 00305 break; 00306 } 00307 } 00308 }
Definition at line 311 of file analyse.c.
References ClientInfo_t::Channel, CompareAddMac(), and NumberOfDetectedClient.
Referenced by LogPutChannel().
00312 { 00313 register UINT16 i; 00314 00315 for (i = 0; i < NumberOfDetectedClient; i++) { 00316 if (CompareAddMac(ClientInfo[i].BSSID, BSSID)) { 00317 ClientInfo[i].Channel = Channel; 00318 } 00319 } 00320 }
Definition at line 323 of file analyse.c.
References AddMacIsBroadcast(), LogPutChannel_byAddMac(), and LogPutChannel_byBSSID().
Referenced by ProcessTagBits().
00325 { 00326 if (AddMacIsBroadcast(BSSID)) 00327 LogPutChannel_byAddMac(AddMac, Channel); 00328 else 00329 LogPutChannel_byBSSID(BSSID, Channel); 00330 }
| void LogPutSSID_byAddMac | ( | UINT8 | AddMac[WLAN_ADDR_LEN], | |
| char * | SSID | |||
| ) |
Definition at line 333 of file analyse.c.
References CompareAddMac(), NumberOfDetectedClient, safe_strncpy(), and WLAN_SSID_MAXLEN.
Referenced by LogPutSSID().
00334 { 00335 register UINT16 i; 00336 00337 /* warning (">>1 SSID '%s' (%02X:%02X:%02X:%02X:%02X:%02X)\n", 00338 SSID, AddMac[0], AddMac[1], AddMac[2], AddMac[3], AddMac[4], AddMac[5]); 00339 */ 00340 for (i = 0; i < NumberOfDetectedClient; i++) { 00341 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00342 // ClientInfo[i].SSID "" and SSID not " " 00343 //if ((strlen (ClientInfo[i].SSID) == 0) && (strncmp (SSID, " ", 32))) { // BUG #557123 00344 safe_strncpy(ClientInfo[i].SSID, SSID, WLAN_SSID_MAXLEN + 1); 00345 //} 00346 break; 00347 } 00348 } 00349 }
Definition at line 374 of file analyse.c.
References AddMacIsBroadcast(), LogPutSSID_byAddMac(), and LogPutSSID_byBSSID().
Referenced by ProcessTagBits().
00376 { 00377 // We don't initialyse SSID if it's blank, BUG #557123 00378 // SSID not "" and SSID not " " 00379 if ((strlen(SSID) != 0) && (strncmp(SSID, " ", 32))) { 00380 if (AddMacIsBroadcast(BSSID)) 00381 LogPutSSID_byAddMac(AddMac, SSID); 00382 else 00383 LogPutSSID_byBSSID(BSSID, SSID); 00384 } 00385 }
Definition at line 387 of file analyse.c.
References ClientInfo_t::bcn_int, BroadcastMAC, CompareAddMac(), ClientInfo_t::hasWep, ClientInfo_t::hasWPA, HISTORY_SIZE, ClientInfo_t::IsAP, ConfigStruct::JammingNow, LogPutWep(), NumberOfDetectedClient, sendDeauth(), and TRUE.
Referenced by analyseBeacon(), analyseData(), and analyseProbeRep().
00389 { 00390 register UINT16 i, j; 00391 UINT8 BSSID[WLAN_ADDR_LEN]; 00392 00393 for (i = 0; i < NumberOfDetectedClient; i++) { 00394 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00395 ClientInfo[i].hasWep = hasWep; 00396 ClientInfo[i].hasWPA = hasWPA; 00397 // A little rotation of Beacon Interval 00398 for (j = (HISTORY_SIZE - 1); j != 0; j--) 00399 ClientInfo[i].bcn_int[j] = ClientInfo[i].bcn_int[j - 1]; 00400 if (bcn_int != 0) 00401 ClientInfo[i].bcn_int[0] = bcn_int; 00402 memcpy(&BSSID, ClientInfo[i].BSSID, WLAN_ADDR_LEN); 00403 //if (!ClientInfo[i].IsP2P) 00404 ClientInfo[i].IsAP = 1; 00405 00406 // Jamming is here :-) 00407 if (config.JammingNow == TRUE) { 00408 sendDeauth(BroadcastMAC, BSSID, 0); 00409 } 00410 break; 00411 } 00412 } 00413 LogPutWep(BSSID, hasWep, hasWPA); 00414 }
Definition at line 416 of file analyse.c.
References ClientInfo_t::bcn_int, CompareAddMac(), debug, ClientInfo_t::hasWep, HISTORY_SIZE, ClientInfo_t::IsAP, ClientInfo_t::IsP2P, and NumberOfDetectedClient.
Referenced by analyseBeacon(), and analyseProbeRep().
00417 { 00418 register UINT16 i, j; 00419 00420 for (i = 0; i < NumberOfDetectedClient; i++) { 00421 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00422 ClientInfo[i].hasWep = hasWep; 00423 // A little rotation of Beacon Interval 00424 for (j = (HISTORY_SIZE - 1); j != 0; j--) 00425 ClientInfo[i].bcn_int[j] = ClientInfo[i].bcn_int[j - 1]; 00426 if (bcn_int != 0) 00427 ClientInfo[i].bcn_int[0] = bcn_int; 00428 ClientInfo[i].IsP2P = 1; 00429 ClientInfo[i].IsAP = 0; 00430 debug(1, "IsP2P > %s\n", ClientInfo[i].AddMac); 00431 break; 00432 } 00433 } 00434 }
| void LogPutOtherInformation | ( | UINT8 | AddMac[WLAN_ADDR_LEN], | |
| char * | OtherInformation | |||
| ) |
Definition at line 437 of file analyse.c.
References CompareAddMac(), MAXSIZE_OTHERINFORMATION, NumberOfDetectedClient, and safe_strncpy().
Referenced by ProcessTagBits().
00438 { 00439 register UINT16 i; 00440 00441 for (i = 0; i < NumberOfDetectedClient; i++) { 00442 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00443 safe_strncpy(ClientInfo[i].OtherInformation, 00444 OtherInformation, MAXSIZE_OTHERINFORMATION); 00445 break; 00446 } 00447 } 00448 }
Get a timestamp of a BSSID and put it in the fifo of TS
- Todo:
- TODO Save System Timestamp
Definition at line 451 of file analyse.c.
References CompareAddMac(), debug, HISTORY_SIZE, NumberOfDetectedClient, and ClientInfo_t::TimeStamp.
Referenced by analyseBeacon(), and analyseProbeRep().
00452 { 00453 register UINT16 i; 00454 UINT8 j; 00455 00456 for (i = 0; i < NumberOfDetectedClient; i++) { 00457 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00458 for (j = (HISTORY_SIZE - 1); j != 0; j--) { 00459 ClientInfo[i].TimeStamp[j] = ClientInfo[i].TimeStamp[j - 1]; 00460 } 00461 ClientInfo[i].TimeStamp[0] = TimeStamp; 00462 debug(3, "TS : %016llX %016llX %016llX %016llX\n", 00463 ClientInfo[i].TimeStamp[0], 00464 ClientInfo[i].TimeStamp[1], 00465 ClientInfo[i].TimeStamp[2], ClientInfo[i].TimeStamp[3]); 00467 break; 00468 } 00469 } 00470 }
Get a Sequence Number of a BSSID and put it in the fifo of SeqNum
TODO : Analyse also when it's not a broadcast packet ad a new array (Mac@ cli, SeqNum)
Definition at line 474 of file analyse.c.
References AddMacIsBroadcast(), CompareAddMac(), HISTORY_SIZE, NumberOfDetectedClient, ClientInfo_t::SeqNum, and WLAN_GET_SEQ_SEQNUM.
Referenced by analyseBeacon(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), and analysePSPOLL().
00476 { 00477 register UINT16 i, j; 00478 00481 if (AddMacIsBroadcast(AddMacDst)) { 00482 for (i = 0; i < NumberOfDetectedClient; i++) { 00483 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00484 for (j = (HISTORY_SIZE - 1); j != 0; j--) { 00485 ClientInfo[i].SeqNum[j] = ClientInfo[i].SeqNum[j - 1]; 00486 } 00487 ClientInfo[i].SeqNum[0] = WLAN_GET_SEQ_SEQNUM(SeqNum); 00488 break; 00489 } 00490 } 00491 } 00492 }
Put the last IV find in packets
Definition at line 495 of file analyse.c.
References CompareAddMac(), ClientInfo_t::LastIV, and NumberOfDetectedClient.
00496 { 00497 register UINT16 i; 00498 00499 for (i = 0; i < NumberOfDetectedClient; i++) { 00500 if (CompareAddMac(ClientInfo[i].AddMac, AddMac)) { 00501 ClientInfo[i].LastIV[0] = IV[0]; 00502 ClientInfo[i].LastIV[1] = IV[1]; 00503 ClientInfo[i].LastIV[2] = IV[2]; 00504 ClientInfo[i].LastIV[3] = IV[3]; 00505 break; 00506 } 00507 } 00508 }
| void Send_To_All_BSSID_A_Deauth | ( | void | ) |
Definition at line 510 of file analyse.c.
References AddMacIsNULL(), BroadcastMAC, NumberOfDetectedClient, sendDeauth(), and WLAN_ADDR_LEN.
Referenced by parse_keystring().
00511 { 00512 UINT8 bssid[WLAN_ADDR_LEN]; 00513 UINT8 dest[WLAN_ADDR_LEN]; 00514 register UINT16 i; 00515 00516 for (i = 0; i < NumberOfDetectedClient; i++) { 00517 if (!AddMacIsNULL(ClientInfo[i].AddMac) 00518 && !AddMacIsNULL(ClientInfo[i].BSSID)) { 00519 memcpy(bssid, &ClientInfo[i].BSSID, WLAN_ADDR_LEN); 00520 memcpy(dest, &ClientInfo[i].AddMac, WLAN_ADDR_LEN); 00521 sendDeauth(dest, bssid, ClientInfo[i].Channel); 00522 sendDeauth(BroadcastMAC, bssid, ClientInfo[i].Channel); 00523 } 00524 } 00525 }
| void LogWriteReport | ( | void | ) |
Write the final report
Definition at line 532 of file analyse.c.
References AddMacToManufModel(), AddMacToManufName(), NumberOfDetectedClient, and RateToString().
Referenced by main().
00533 { 00534 int i; 00535 UINT8 j; 00536 00537 printf("\n\n"); 00538 printf("Now a summary of the detection :\n"); 00539 printf("--------------------------------\n"); 00540 00541 if (NumberOfDetectedClient == 0) { 00542 printf("No 802.11b information has been catched\n\n"); 00543 } 00544 00545 for (i = 0; i < NumberOfDetectedClient; i++) { 00546 printf("Station (%02X:%02X:%02X:%02X:%02X:%02X) - ", 00547 ClientInfo[i].AddMac[0], ClientInfo[i].AddMac[1], 00548 ClientInfo[i].AddMac[2], ClientInfo[i].AddMac[3], 00549 ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]); 00550 printf("BSSID=%02X:%02X:%02X:%02X:%02X:%02X - ", 00551 ClientInfo[i].BSSID[0], ClientInfo[i].BSSID[1], 00552 ClientInfo[i].BSSID[2], ClientInfo[i].BSSID[3], 00553 ClientInfo[i].BSSID[4], ClientInfo[i].BSSID[5]); 00554 00555 if ((strlen(ClientInfo[i].SSID) == 0) 00556 || ((strlen(ClientInfo[i].SSID) == 1) 00557 && (*ClientInfo[i].SSID == 0x20))) 00558 printf("SSID is not broadcasted\n"); 00559 else { 00560 //printf ("SSID='%s'\n", ClientInfo[i].SSID); 00561 printf("SSID='"); 00562 for (j = 0; j < strlen(ClientInfo[i].SSID); j++) { 00563 if (isprint(ClientInfo[i].SSID[j])) 00564 printf("%c", ClientInfo[i].SSID[j]); 00565 else 00566 printf("/0x%02X", ClientInfo[i].SSID[j]); 00567 } 00568 printf("'\n"); 00569 } 00570 00571 printf(" Manufacturer/Model : %s / %s\n", 00572 AddMacToManufName(ClientInfo[i].AddMac), 00573 AddMacToManufModel(ClientInfo[i].AddMac)); 00574 00575 if (ClientInfo[i].SNMax != ClientInfo[i].SNMin) 00576 printf(" Signal is between %u and %u", 00577 ClientInfo[i].SNMin, ClientInfo[i].SNMax); 00578 else 00579 printf(" Signal is stable at %u", ClientInfo[i].SNMax); 00580 00581 if (ClientInfo[i].RateMax != ClientInfo[i].RateMin) 00582 printf(" and Data rate is between %s and %s\n", 00583 RateToString(ClientInfo[i].RateMin), 00584 RateToString(ClientInfo[i].RateMax)); 00585 else 00586 printf(" and Data rate is %s\n", 00587 RateToString(ClientInfo[i].RateMax)); 00588 00589 if (ClientInfo[i].MaxSpeed != 0) 00590 printf(" Max speed available is %s\n", 00591 RateToString(ClientInfo[i].MaxSpeed)); 00592 00593 if (ClientInfo[i].hasWep) 00594 if (ClientInfo[i].hasWPA) 00595 printf(" Channel %d with WPA\n", ClientInfo[i].Channel); 00596 else 00597 printf(" Channel %d with Wep\n", ClientInfo[i].Channel); 00598 else 00599 printf(" Channel %d with no Wep\n", ClientInfo[i].Channel); 00600 00601 if (ClientInfo[i].bcn_int[0] != 0) 00602 printf(" 1 beacon every %d ms is sent\n", ClientInfo[i].bcn_int[0]); 00603 00604 if (ClientInfo[i].IsDS) { 00605 if (ClientInfo[i].IsAP) { // #568053 00606 printf 00607 (" This is an AP that do some NAT or is a router (because it's also a DS)\n"); 00608 } else { 00609 printf 00610 (" This station is in the Wired network (DS) of the BSSID\n"); 00611 } 00612 } else { 00613 if (ClientInfo[i].IsAP) 00614 printf(" This is an AP\n"); 00615 else if (ClientInfo[i].IsP2P) 00616 printf(" This an Ad-HOC client\n"); 00617 else 00618 printf(" This is a client\n"); 00619 } 00620 00621 if (ClientInfo[i].OtherInformation == NULL) { 00622 printf(" Other information discovered:\n"); 00623 printf(" > \"%s\"\n", ClientInfo[i].OtherInformation); 00624 } 00625 00626 printf("-------------\n"); 00627 } 00628 }
| void LogWriteDOT | ( | FILE * | filename | ) |
Write the .dot file with all informations we have
Definition at line 633 of file analyse.c.
References NumberOfDetectedClient.
Referenced by main().
00634 { 00635 int i; 00636 00637 if (NumberOfDetectedClient == 0) { 00638 printf("No 802.11b information has catched\n"); 00639 printf("So no .dot file is created\n\n"); 00640 } else { 00641 printf("802.11b information has catched so I make my .dot file "); 00642 } 00643 00644 fprintf(filename, 00645 "digraph xyz {\n ratio=compress;\n size=\"8,8\";\n" 00646 " rankdir=LR;\n node [shape=box,fontsize=8];\n"); 00647 00648 for (i = 0; i < NumberOfDetectedClient; i++) { 00649 printf("."); 00650 fprintf(filename, "\"%02X:%02X:%02X:%02X:%02X:%02X\" -> ", 00651 ClientInfo[i].AddMac[0], ClientInfo[i].AddMac[1], 00652 ClientInfo[i].AddMac[2], ClientInfo[i].AddMac[3], 00653 ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]); 00654 fprintf(filename, "\"%02X:%02X:%02X:%02X:%02X:%02X\";\n", 00655 ClientInfo[i].BSSID[0], ClientInfo[i].BSSID[1], 00656 ClientInfo[i].BSSID[2], ClientInfo[i].BSSID[3], 00657 ClientInfo[i].BSSID[4], ClientInfo[i].BSSID[5]); 00658 if (ClientInfo[i].IsDS) 00659 fprintf(filename, 00660 "\"%02X:%02X:%02X:%02X:%02X:%02X\" [shape=diamond];\n", 00661 ClientInfo[i].AddMac[0], 00662 ClientInfo[i].AddMac[1], 00663 ClientInfo[i].AddMac[2], 00664 ClientInfo[i].AddMac[3], 00665 ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]); 00666 else { 00667 if (ClientInfo[i].IsAP) { 00668 fprintf(filename, 00669 "\"%02X:%02X:%02X:%02X:%02X:%02X\" [shape=circle,label=\"", 00670 ClientInfo[i].AddMac[0], 00671 ClientInfo[i].AddMac[1], 00672 ClientInfo[i].AddMac[2], 00673 ClientInfo[i].AddMac[3], 00674 ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]); 00675 fprintf(filename, 00676 "%02X:%02X:%02X:%02X:%02X:%02X\\nSSID='%s'\"];\n", 00677 ClientInfo[i].AddMac[0], 00678 ClientInfo[i].AddMac[1], 00679 ClientInfo[i].AddMac[2], 00680 ClientInfo[i].AddMac[3], 00681 ClientInfo[i].AddMac[4], 00682 ClientInfo[i].AddMac[5], ClientInfo[i].SSID); 00683 } 00684 } 00685 } 00686 fprintf(filename, "}\n"); 00687 printf("Done!\n\n"); 00688 }
| void LogWriteHisto | ( | void | ) |
Definition at line 690 of file analyse.c.
References debug, HISTO_SIGNAL_CHAN, HISTO_SIGNAL_SIZE, Statistics_t::MaxSignal, and NumberOfDetectedClient.
Referenced by main().
00691 { 00692 #define HISTO_SIGNAL_SIZE 32 00693 #define HISTO_SIGNAL_CHAN 14 00694 00695 UINT8 i, Max = 0, Min=0xFF; 00696 float divid = 0; 00697 int j; 00698 char histo[HISTO_SIGNAL_SIZE][HISTO_SIGNAL_CHAN]; 00699 00700 if (NumberOfDetectedClient != 0) { 00701 00702 printf("\n Spectral repartition :\n-----------------------\n\n"); 00703 00704 // Find the Max and the Min 00705 debug(3, " "); 00706 for (i = 0; i < HISTO_SIGNAL_CHAN; i++) { 00707 debug(3, "%02X,", Stats.MaxSignal[i]); 00708 if (Stats.MaxSignal[i] > Max) 00709 Max = Stats.MaxSignal[i]; 00710 if (Stats.MaxSignal[i] < Min) 00711 Min = Stats.MaxSignal[i]; 00712 } 00713 00714 // So we get the scale 00715 divid = (float) (Max + 1 - Min) / (float) HISTO_SIGNAL_SIZE; 00716 debug(3, "divid=%f ", divid); 00717 debug(3, "Min=%02X Max=%02X\n", Min, Max); 00718 00719 // Clear the histogramm 00720 for (i = 0; i < HISTO_SIGNAL_CHAN; i++) { 00721 for (j = 0; j < HISTO_SIGNAL_SIZE; j++) 00722 histo[j][i] = '-'; // Clear histo 00723 } 00724 00725 // And now fill it ! 00726 for (i = 0; i < HISTO_SIGNAL_CHAN; i++) { 00727 for (j = 0; j < ((Stats.MaxSignal[i] - Min) / divid); j++) { 00728 histo[j][i] = '*'; // Fill histo 00729 } 00730 } 00731 00732 printf(" 01 02 03 04 05 06 07 08 09 10 11 12 13 14\n"); 00733 for (j = HISTO_SIGNAL_SIZE; j != 0; j--) { 00734 printf("%3d ", (UINT8) ((j * divid) + Min)); 00735 for (i = 0; i < HISTO_SIGNAL_CHAN; i++) { 00736 if (i == (HISTO_SIGNAL_CHAN - 1)) 00737 printf(" "); // separation between channel 13 and 14 00738 printf("%c%c ", histo[j - 1][i], histo[j - 1][i]); 00739 } 00740 printf("\n"); 00741 } 00742 printf(" 01 02 03 04 05 06 07 08 09 10 11 12 13 14\n\n"); 00743 } 00744 }
| void ClearPanel | ( | void | ) |
Definition at line 746 of file analyse.c.
References Panel_WND, and screen_mutex.
Referenced by parse_keystring().
00747 { 00748 #ifdef WITH_THREAD 00749 pthread_mutex_lock(&screen_mutex); 00750 #endif 00751 wclear(Panel_WND); 00752 box(Panel_WND, '|', '-'); 00753 wrefresh(Panel_WND); 00754 #ifdef WITH_THREAD 00755 pthread_mutex_unlock(&screen_mutex); 00756 #endif 00757 }
| void WritePanel | ( | UINT8 | GoodPacket | ) |
Definition at line 762 of file analyse.c.
References Statistics_t::AP, COL_WND_PANEL, debug, DetermineCryptType(), ConfigStruct::DoNotDisplay, ConfigStruct::FirstNIC, HISTOSIZE, IS_DISPLAY_STATION, ClientInfo_t::IsAP, ClientInfo_t::Manuf, NumberOfDetectedClient, Panel_WND, POS_CHANNEL, POS_CRYPT, POS_HISTO, POS_MAC, POS_SSID, Posit, ROW_WND_PANEL, safe_strncpy(), screen_mutex, ScanResult_t::Signal, ClientInfo_t::SNMax, ClientInfo_t::SNMed, ScanResult_t::SrcMac, and TRUE.
Referenced by main().
00763 : Old Code must be rewrite with MACRO and better function 00764 { 00765 UINT8 i; 00766 char Line[256]; 00767 char Histo[HISTOSIZE + 2]; 00768 char MAC[20]; 00769 char TYPE[4]; 00770 UINT8 SNMax = 0; 00771 static UINT8 MaxFromAll = 1; 00772 UINT16 HistoSize = 0, HostDisplayed; 00773 UINT16 MinAff, MaxAff, Posit = 1, SizeOfWin; 00774 UINT16 NumberOfDetectedClientToDisplay = 0; 00775 00776 // calculate the windows Size 00777 SizeOfWin = (ROW_WND_PANEL - 2); 00778 if (IS_DISPLAY_STATION(config.DoNotDisplay)) { 00779 NumberOfDetectedClientToDisplay = Stats.AP; 00780 } else { 00781 NumberOfDetectedClientToDisplay = NumberOfDetectedClient; 00782 } 00783 00784 if (config.FirstNIC == 0) { 00785 if (NumberOfDetectedClientToDisplay > SizeOfWin) 00786 MinAff = NumberOfDetectedClientToDisplay - SizeOfWin; 00787 else 00788 MinAff = 0; 00789 MaxAff = NumberOfDetectedClientToDisplay; 00790 } else { 00791 if (config.FirstNIC < (NumberOfDetectedClientToDisplay - SizeOfWin)) { 00792 MinAff = config.FirstNIC; 00793 if (config.FirstNIC + SizeOfWin > NumberOfDetectedClientToDisplay) 00794 MaxAff = NumberOfDetectedClientToDisplay - 1; 00795 else 00796 MaxAff = config.FirstNIC + SizeOfWin; 00797 } else { 00798 config.FirstNIC = 0; 00799 MinAff = NumberOfDetectedClientToDisplay - SizeOfWin - 1; 00800 } 00801 } 00802 //debug (3, "#### NumberOfDetectedClientToDisplay = %02u, MinAff = %02u, MaxAff= %02u\n",NumberOfDetectedClientToDisplay,MinAff,MaxAff); 00803 00804 #ifdef WITH_THREAD 00805 pthread_mutex_lock(&screen_mutex); 00806 #endif 00807 00808 //for (i = MinAff; i < MaxAff; i++) { 00809 HostDisplayed = 0; 00810 i = MinAff; 00811 while ((HostDisplayed < SizeOfWin) || (i < NumberOfDetectedClient)) { 00812 // If we don't need to display this AP/STA, we skip it 00813 if (IS_DISPLAY_STATION(config.DoNotDisplay) && (!ClientInfo[i].IsAP)) { 00814 i++; 00815 if (i >= NumberOfDetectedClient) 00816 break; 00817 } else { 00818 if (i >= NumberOfDetectedClient) 00819 break; 00820 snprintf(MAC, 20, "%02X:%02X:%02X:%02X:%02X:%02X", 00821 ClientInfo[i].AddMac[0], ClientInfo[i].AddMac[1], 00822 ClientInfo[i].AddMac[2], ClientInfo[i].AddMac[3], 00823 ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]); 00824 safe_strncpy(Histo, 00825 "|________________________________________________", 00826 HISTOSIZE + 2); 00827 00828 if ((ClientInfo[i].SNMax > MaxFromAll) 00829 || (Res.Signal > MaxFromAll)) { 00830 if (Res.Signal > MaxFromAll) 00831 MaxFromAll = Res.Signal; 00832 else 00833 MaxFromAll = ClientInfo[i].SNMax; 00834 } 00835 00836 //if (GoodPacket == TRUE) { 00837 HistoSize = 00838 (UINT16) ((ClientInfo[i].SNMed * HISTOSIZE) / MaxFromAll); 00839 if (!strncmp(MAC, Res.SrcMac, 20)) { 00840 strncpy(Histo, 00841 "|=======================================================", 00842 HistoSize + 1); 00843 mvwprintw(Panel_WND, Posit, 1, ">"); 00844 } else { 00845 strncpy(Histo, 00846 "|.......................................................", 00847 HistoSize + 1); 00848 mvwprintw(Panel_WND, Posit, 1, " "); 00849 } 00850 //} 00851 00852 /* if SN/2 > 64 then SNMax = 64 else SNMax = SN/2 */ 00853 SNMax = (ClientInfo[i].SNMax * HISTOSIZE) / MaxFromAll; 00854 if (SNMax <= HISTOSIZE) { 00855 Histo[SNMax - 1] = '|'; 00856 //Histo[HISTOSIZE] = ' '; 00857 } 00858 Histo[HISTOSIZE + 1] = 0; 00859 snprintf(Line, COL_WND_PANEL - POS_HISTO - 1, 00860 "%s (%d,%d,%d) %s ", Histo, 00861 (((GoodPacket == TRUE) 00862 && !strncmp(MAC, Res.SrcMac, 00863 20)) ? Res.Signal : 0), 00864 (int) ClientInfo[i].SNMed, 00865 (int) ClientInfo[i].SNMax, ClientInfo[i].Manuf); 00866 00867 if (ClientInfo[i].IsP2P) 00868 snprintf(TYPE, 4, "ADH"); 00869 else if (ClientInfo[i].IsAP) 00870 snprintf(TYPE, 4, "AP "); 00871 else 00872 if (ClientInfo[i].IsDS) 00873 snprintf(TYPE, 4, "sta"); 00874 else 00875 snprintf(TYPE, 4, "STA"); 00876 00877 // We Write now 00878 mvwprintw(Panel_WND, Posit, 2, "%s", TYPE); 00879 mvwprintw(Panel_WND, Posit, POS_MAC, "%s", MAC); 00880 mvwprintw(Panel_WND, Posit, POS_SSID, 00881 "\"%s\" ", ClientInfo[i].SSID); 00882 mvwprintw(Panel_WND, Posit, POS_CHANNEL, "%X", 00883 ClientInfo[i].Channel); 00884 00885 00886 mvwprintw(Panel_WND, Posit, POS_CRYPT, "%c", 00887 DetermineCryptType(ClientInfo[i].hasWep, 00888 ClientInfo[i].hasWPA, 00889 ClientInfo[i].hasTKIP, 00890 ClientInfo[i].hasCCMP, 00891 ClientInfo[i].hasWPAPSK, 00892 ClientInfo[i].hasWPA2PSK)); 00893 mvwprintw(Panel_WND, Posit, POS_HISTO, "%s", Line); 00894 Posit++; 00895 HostDisplayed++; 00896 i++; 00897 } 00898 } 00899 00900 wrefresh(Panel_WND); 00901 #ifdef WITH_THREAD 00902 pthread_mutex_unlock(&screen_mutex); 00903 #endif 00904 debug(3, "WritePanel Line #%d\n", __LINE__); 00905 }
| void DoSummary | ( | void | ) |
Function to calculate some stats
Definition at line 946 of file analyse.c.
References Statistics_t::AP, ClientInfo_t::Channel, Statistics_t::Channel, NumberOfDetectedClient, and Statistics_t::STA.
Referenced by WriteSummary().
00947 { 00948 UINT8 i; 00949 UINT8 ChanTab[14] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; 00950 00951 Stats.AP = 0; 00952 Stats.STA = 0; 00953 Stats.Channel = 0; 00954 00955 for (i = 0; i < NumberOfDetectedClient; i++) { 00956 ChanTab[ClientInfo[i].Channel] = 1; 00957 00958 if (ClientInfo[i].IsAP) 00959 Stats.AP++; 00960 else 00961 Stats.STA++; 00962 } 00963 00964 for (i = 0; i < 14; i++) { 00965 if (ChanTab[i] != 0) 00966 Stats.Channel++; 00967 } 00968 }
| UINT8 IDS_BcnInt | ( | void | ) |
IDS module : Analysis of Beacons Intervals
Beacon interval history is suspect
Definition at line 1013 of file analyse.c.
References ClientInfo_t::bcn_int, HISTORY_SIZE, NumberOfDetectedClient, and Send_IDS_Warning().
Referenced by IDS().
01014 { 01015 register UINT16 i; 01016 UINT8 ret = 0, j; 01017 char MAC[20]; 01018 char Message[1024]; 01019 01020 for (i = 0; i < NumberOfDetectedClient; i++) { 01021 for (j = 0; j < (HISTORY_SIZE - 1); j++) { 01022 if (((ClientInfo[i].bcn_int[j] != 0) 01023 && (ClientInfo[i].bcn_int[j + 1] != 0)) 01024 && (ClientInfo[i].bcn_int[j] != ClientInfo[i].bcn_int[j + 1])) { 01025 snprintf(MAC, 20, 01026 "%02X:%02X:%02X:%02X:%02X:%02X", 01027 ClientInfo[i].AddMac[0], 01028 ClientInfo[i].AddMac[1], 01029 ClientInfo[i].AddMac[2], 01030 ClientInfo[i].AddMac[3], 01031 ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]); 01032 snprintf(Message, 1024, 01033 "IDS WARNING - beacon interval is changing for %s from %dms to %dms\n", 01034 MAC, ClientInfo[i].bcn_int[j + 1], 01035 ClientInfo[i].bcn_int[j]); 01036 Send_IDS_Warning(Message); 01037 ret = 0x01; 01038 break; 01039 } 01040 } 01041 } 01042 return ret; 01043 }
| UINT8 IDS_TimeStamp | ( | void | ) |
TS history is suspect
Definition at line 1045 of file analyse.c.
References HISTORY_SIZE, NumberOfDetectedClient, Send_IDS_Warning(), and ClientInfo_t::TimeStamp.
Referenced by IDS().
01046 { 01047 register UINT16 i; 01048 UINT8 ret = 0, j; 01049 char MAC[20]; 01050 char Message[1024]; 01051 01052 // Analysis of Time Stamps 01053 for (i = 0; i < NumberOfDetectedClient; i++) { 01054 for (j = 0; j < (HISTORY_SIZE - 1); j++) { 01055 if (((ClientInfo[i].TimeStamp[j] != 0) 01056 && (ClientInfo[i].TimeStamp[j + 1] != 0)) 01057 && (ClientInfo[i].TimeStamp[j] < ClientInfo[i].TimeStamp[j + 1])) { 01058 snprintf(MAC, 20, "%02X:%02X:%02X:%02X:%02X:%02X", 01059 ClientInfo[i].AddMac[0], ClientInfo[i].AddMac[1], 01060 ClientInfo[i].AddMac[2], ClientInfo[i].AddMac[3], 01061 ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]); 01062 snprintf(Message, 1024, 01063 "IDS WARNING - Time Stamp is not correct for %s\n", MAC); 01064 Send_IDS_Warning(Message); 01065 snprintf(Message, 1024, 01066 " Difference between two catched packets is : %lluµs %llums\n", 01067 ClientInfo[i].TimeStamp[j + 1] - 01068 ClientInfo[i].TimeStamp[j], 01069 (ClientInfo[i].TimeStamp[j + 1] - 01070 ClientInfo[i].TimeStamp[j]) * 100); 01071 Send_IDS_Warning(Message); 01072 /* snprintf(Message, 1024, "Timestamps = (0x%016llX,0x%016llX)\n", 01073 ClientInfo[i].TimeStamp[j], 01074 ClientInfo[i].TimeStamp[j + 1]); 01075 Send_IDS_Warning(Message); */ 01076 ret = 0x02; 01077 break; 01078 } 01079 } 01080 } 01081 return ret; 01082 }
| UINT8 IDS_Var_SeqNum | ( | void | ) |
Analyse SeqNumber variation to determine if a problem is occur, like an usurpation of MAC ADD
SeqNum history is suspect
Definition at line 1088 of file analyse.c.
References debug, HISTORY_SIZE, NumberOfDetectedClient, Send_IDS_Warning(), and ClientInfo_t::SeqNum.
Referenced by IDS().
01089 { 01090 register UINT16 i; 01091 UINT8 ret = 0, j; 01092 char MAC[20]; 01093 char Message[1024]; 01094 01095 // Analysis of variation of Seqnum 01096 for (i = 0; i < NumberOfDetectedClient; i++) { 01097 for (j = 0; j < (HISTORY_SIZE - 1); j++) { 01098 if (((ClientInfo[i].SeqNum[j] != 0) 01099 && (ClientInfo[i].SeqNum[j + 1] != 0)) 01100 && (ClientInfo[i].SeqNum[j] < ClientInfo[i].SeqNum[j + 1])) { 01101 snprintf(MAC, 20, 01102 "%02X:%02X:%02X:%02X:%02X:%02X", 01103 ClientInfo[i].AddMac[0], 01104 ClientInfo[i].AddMac[1], 01105 ClientInfo[i].AddMac[2], 01106 ClientInfo[i].AddMac[3], 01107 ClientInfo[i].AddMac[4], ClientInfo[i].AddMac[5]); 01108 snprintf(Message, 1024, 01109 "IDS WARNING - Sequence Number is not correct for %s\n", 01110 MAC); 01111 Send_IDS_Warning(Message); 01112 debug(1, "SeqNum = (0x%04X,0x%04X)\n", ClientInfo[i].SeqNum[j], 01113 ClientInfo[i].SeqNum[j + 1]); 01114 ret = 0x04; 01115 break; 01116 } 01117 } 01118 } 01119 return ret; 01120 }
| UINT8 IDS_Detect_FakeAP | ( | void | ) |
| UINT8 IDS | ( | void | ) |
Function to analyse data and try to determine an Intrusion or a DOS Try also to determine a jammer like FakeAP
ret == 0x01; Beacon interval history is suspect ret == 0x02; TS history is suspect ret == 0x04; SeqNum history is suspect
Definition at line 1133 of file analyse.c.
References IDS_BcnInt(), IDS_Detect_FakeAP(), IDS_TimeStamp(), and IDS_Var_SeqNum().
Referenced by main().
01134 { 01139 UINT8 ret = 0; 01140 01141 ret += IDS_BcnInt(); 01142 ret += IDS_TimeStamp(); 01143 ret += IDS_Var_SeqNum(); 01144 ret += IDS_Detect_FakeAP(); 01145 01146 return (ret); 01147 }
Function to Analyse the tag 221 used for WPA and WME named as "Vendor Specific IE" In this packet we can determine a lot of think : w: WEP, W: WPA without any more information, T: WPA enterprise with TKIP C: WPA2 enterprise with CCMP, p: for WPA PSK (TKIP) P: for WPA2 PSK (CCMP), ...
Definition at line 1161 of file analyse.c.
References CompareAddMac(), debug, ClientInfo_t::hasCCMP, ClientInfo_t::hasTKIP, ClientInfo_t::hasWep, ClientInfo_t::hasWPA, ClientInfo_t::hasWPA2PSK, ClientInfo_t::hasWPAPSK, NumberOfDetectedClient, RSN_OUI, warning(), WME_OUI, and WPA_OUI.
Referenced by ProcessTagBits().
01163 { 01164 register UINT16 i; 01165 UINT8 hasWep = 0; 01166 UINT8 hasWPA = 0; 01167 UINT8 hasTKIP = 0; 01168 UINT8 hasCCMP = 0; 01169 UINT8 hasWPAPSK = 0; 01170 UINT8 hasWPA2PSK = 0; 01171 int offset = 0; 01172 int nb_UnicastCipherSuite = 0; 01173 int nb_AuthKeyMgmntSuite = 0; 01174 UINT8 Byte1, Byte2; 01175 01176 01177 if (tagLen - 6 >= offset && !memcmp(varBits, WPA_OUI "\x01", 4)) { 01178 debug(3, "Analyse of tag 221 : %02X%02X%02X%02X\n", varBits[0], 01179 varBits[1], varBits[2], varBits[3]); 01180 // At least 6 octets can be read and it's some WPA DATA 01181 hasWPA = 1; 01182 offset += 6; 01183 if (tagLen - 4 >= offset) { 01184 /* multicast cipher suite */ 01185 if (!memcmp(&varBits[offset], WPA_OUI, 3)) { 01186 debug(2, "Multicast cipher suite : %02X%02X%02X\n", 01187 varBits[0 + offset], varBits[1 + offset], 01188 varBits[2 + offset]); 01189 offset += 3; 01190 switch (varBits[0 + offset]) { 01191 case 0: 01192 hasWPA = 0; // Cypher NULL 01193 break; 01194 case 1: 01195 hasWPA = 0; 01196 hasWep = 1; // WEP 40 bits 01197 break; 01198 case 2: 01199 hasTKIP = 1; // TKIP 01200 break; 01201 case 3: // AES (OCB) or WRAP 01202 case 4: 01203 hasCCMP = 1; // AES (CCM) 01204 break; 01205 case 5: 01206 hasWPA = 0; 01207 hasWep = 1; // WEP 104 bits; 01208 break; 01209 default: 01210 warning("WPA IE is with an unknowed cypher suite"); 01211 } 01212 offset += 1; 01213 if (offset + 2 <= tagLen) { 01214 /* unicast cipher suites */ 01215 // We Skip them 01216 // TODO : Analyse them ! 01217 hasWPA = 1; 01218 Byte1 = (UINT8) varBits[offset + 0]; 01219 Byte2 = (UINT8) varBits[offset + 1]; 01220 nb_UnicastCipherSuite = Byte1 + (Byte2 << 8); 01221 debug(3, "nb_UnicastCipherSuite = %04X\n", 01222 nb_UnicastCipherSuite); 01223 offset += 2; 01224 debug(2, "Unicast cipher suite : %02X%02X%02X%02X\n", 01225 varBits[0 + offset], varBits[1 + offset], 01226 varBits[2 + offset], varBits[3 + offset]); 01227 offset += (4 * nb_UnicastCipherSuite); // Skip it ... 01228 // TODO : if more than One Unicast Cipher Suite ... 01229 01230 /* authenticated key management suites */ 01231 if (offset + 2 <= tagLen) { 01232 Byte1 = (UINT8) varBits[offset + 0]; 01233 Byte2 = (UINT8) varBits[offset + 1]; 01234 nb_AuthKeyMgmntSuite = Byte1 + (Byte2 << 8); 01235 debug(3, "nb_AuthKeyMgmntSuite = %04X\n", 01236 nb_AuthKeyMgmntSuite); 01237 offset += 2; 01238 while (offset + 4 <= tagLen) { 01239 offset += 3; 01240 switch (varBits[offset]) { 01241 case 0: 01242 break; // NONE 01243 case 1: 01244 break; // WPA 01245 case 2: 01246 if (hasCCMP) 01247 hasWPA2PSK = 1; 01248 else 01249 hasWPAPSK = 1; 01250 break; 01251 default: 01252 warning 01253 ("WPA IE is with an unknowed authenticated key management suites : %02X\n", 01254 varBits[offset]); 01255 } 01256 } 01257 } 01258 } 01259 } 01260 } 01261 } else if (tagLen - 7 >= offset 01262 && !memcmp(varBits, WME_OUI "\x02\x00", 5)) { 01263 // At least 7 octets can be read and it's some WME DATA 01264 } else if (tagLen - 24 >= offset 01265 && !memcmp(varBits, WME_OUI "\x02\x01", 5)) { 01266 // At least 24 octets can be read and it's some WME DATA 01267 } else if (tagLen - 56 >= offset 01268 && !memcmp(varBits, WME_OUI "\x02\x02", 5)) { 01269 // At least 56 octets can be read and it's some WME DATA 01270 } else if (tagLen - 4 >= offset && !memcmp(varBits, RSN_OUI "\x04", 4)) { 01271 // At least 4 octets can be read and it's some RSN DATA 01272 /* IEEE 802.11i / Key Data Encapsulation / Data Type=4 - PMKID. 01273 * This is only used within EAPOL-Key frame Key Data. */ 01274 } else { 01275 1; // Unknowed Vendor ID, not interpreted 01276 } 01277 01278 01279 // Now save this analyse :-) 01280 for (i = 0; i < NumberOfDetectedClient; i++) { 01281 if (CompareAddMac(ClientInfo[i].BSSID, AddMac)) { 01282 ClientInfo[i].hasWep = hasWep; 01283 ClientInfo[i].hasWPA = hasWPA; 01284 ClientInfo[i].hasTKIP = hasTKIP; 01285 ClientInfo[i].hasCCMP = hasCCMP; 01286 ClientInfo[i].hasWPAPSK = hasWPAPSK; 01287 ClientInfo[i].hasWPA2PSK = hasWPA2PSK; 01288 } 01289 } 01290 }
Variable Documentation
| const char svnid[] = "@(#) $Id: analyse.c 178 2007-08-11 16:57:24Z poggij $" |
Definition at line 47 of file analyse.c.
Referenced by AnalyseTAG221(), DoSummary(), IDS_BcnInt(), IDS_TimeStamp(), IDS_Var_SeqNum(), LogDetectedClient(), LogPutBSSID(), LogPutChannel_byAddMac(), LogPutChannel_byBSSID(), LogPutDS(), LogPutIsAP(), LogPutIsP2P(), LogPutLastIV(), LogPutMaxSpeed(), LogPutOtherInformation(), LogPutRate(), LogPutSeqNum(), LogPutSN(), LogPutSSID_byAddMac(), LogPutSSID_byBSSID(), LogPutTimestamp(), LogPutWep(), LogWriteDOT(), LogWriteHisto(), LogWriteReport(), ResetAllDetectedClient(), Send_To_All_BSSID_A_Deauth(), and WritePanel().
| ClientInfo_t ClientInfo[8192] |
| WINDOW* Panel_WND |
Definition at line 61 of file scanner.c.
Referenced by ClearPanel(), InitScreen(), main(), RefreshAllWND(), RefreshRealTime_WND(), RefreshRealTime_WND_th(), and WritePanel().
| WINDOW * RealTime_WND |
Definition at line 61 of file scanner.c.
Referenced by analyseBeacon(), debug(), debugTS(), FillRadioData(), getPacketIPW(), getPacketPCAP(), InitScreen(), main(), RefreshAllWND(), RefreshRealTime_WND(), RefreshRealTime_WND_th(), warning(), and warning_if_error().
Referenced by main().
| pthread_mutex_t screen_mutex |
MUTEX for lock screen, so only one func write to it at the same time.
Definition at line 67 of file scanner.c.
Referenced by check_keys_th(), ClearPanel(), debug(), debugTS(), DumpHexPaquets(), main(), parse_keystring(), PrintScaleChannel(), RefreshAllWND(), RefreshRealTime_WND_th(), stop_signal(), warning(), warning_if_error(), WritePanel(), and WriteSummary().
| const UINT8 BroadcastMAC[WLAN_ADDR_LEN] |
| const char CryptTypeASCII[] |
Initial value:
{
[CRYPT_TYPE_CLEAR] = ' ',
[CRYPT_TYPE_WEP] = 'w',
[CRYPT_TYPE_WPA] = 'W',
[CRYPT_TYPE_TKIP] = 'T',
[CRYPT_TYPE_CCMP] = 'C',
[CRYPT_TYPE_PSK1] = 'p',
[CRYPT_TYPE_PSK2] = 'P'
}
Definition at line 74 of file analyse.c.
Referenced by DetermineCryptType().
