Set up

CMakeLists.txt

@@ -0,0 +1,21 @@
+
+cmake_minimum_required(VERSION 2.6)
+project(SNIFFER)
+
+set(RIDDLE_SRCS libRiddle.cpp libRiddle.h Riddle.cpp)
+add_executable(Riddle ${RIDDLE_SRCS})
+
+set(HENDRIX_SRCS Hendrix.cpp)
+add_executable(Hendrix ${HENDRIX_SRCS})
+
+set(CIGARETTE_SRCS libCigarette.cpp libCigarette.h Cigarette.cpp)
+add_executable(Cigarette ${CIGARETTE_SRCS})
+
+set(BOOST_LIBS program_options system)
+find_package(Boost COMPONENTS ${BOOST_LIBS} REQUIRED)
+find_library(LIBPCAP pcap)
+
+target_link_libraries(Riddle ${Boost_LIBRARIES})
+target_link_libraries(Riddle ${LIBPCAP})
+target_link_libraries(Hendrix ${Boost_LIBRARIES})
+target_link_libraries(Cigarette ${Boost_LIBRARIES})

Cigarette.cpp

@@ -0,0 +1,52 @@
+//============================================================================
+// Name        : Riddle
+// Author      : Andrea Bontempi
+// Version     : 0.1
+// Copyright   : GNU GPL3
+// Description : Network Sniffer
+//
+// Special Thanks to fede.tft for the big help :-)
+//
+//============================================================================
+
+#include <iostream>
+#include <cstdio>
+#include <cstdlib>
+#include <string>
+#include <boost/program_options.hpp>
+#include "libCigarette.h"
+
+using namespace std;
+using namespace boost::program_options;
+
+int main(int argc, char **argv) {
+	options_description desc("Cigarette - Network Packet Parser");
+	desc.add_options()
+		("help", "prints this")
+	;
+
+	variables_map vm;
+	store(parse_command_line(argc, argv, desc), vm);
+	notify(vm);
+
+	if(vm.count("help"))
+	{
+	    cout<<desc<<"\n";
+	    return 1;
+	}
+
+	header_ethernet etherhead;
+
+	while(1)
+	{
+		string line;
+		getline(cin,line);
+		if(cin.eof()) break;
+		etherhead = parseEthernet(line,line.length());
+		cout<<"---- Packet ("<<line.length()<<" byte)"<<endl;
+		cout<<"Liv2 "<<etherhead.mac_src<<" --> "<<etherhead.mac_dst<<endl;
+		cout<<endl;
+	}
+
+	return EXIT_SUCCESS;
+}

Hendrix.cpp

@@ -0,0 +1,53 @@
+//============================================================================
+// Name        : Riddle
+// Author      : Andrea Bontempi
+// Version     : 0.1
+// Copyright   : GNU GPL3
+// Description : Network Sniffer
+//
+// Special Thanks to fede.tft for the big help :-)
+//
+//============================================================================
+
+
+#include <iostream>
+#include <cstdio>
+#include <cstdlib>
+#include <string>
+#include <list>
+#include <boost/program_options.hpp>
+
+using namespace std;
+using namespace boost::program_options;
+
+int main(int argc, char **argv) {
+	options_description desc("Hendrix - Network Packet Follower");
+	desc.add_options()
+		("help", "prints this")
+	;
+
+	variables_map vm;
+	store(parse_command_line(argc, argv, desc), vm);
+	notify(vm);
+
+	if(vm.count("help"))
+	{
+	    cout<<desc<<"\n";
+	    return 1;
+	}
+
+	list<string> packets;
+	while(2.0) //Because while(1) looks sooo old fashioned
+	{
+		string line;
+		getline(cin,line);
+		if(cin.eof()) break;
+		packets.push_back(line);		// Lista di pacchetti.
+	}
+
+	for(list<string>::iterator it=packets.begin();it!=packets.end();++it)
+	{
+		cout<<"-->"<<*it<<endl;
+	}
+	return EXIT_SUCCESS;
+}

README

@@ -0,0 +1,21 @@
+Dipendenze:
+
+libboost
+libpcap
+
+Riddle:
+
+Sniffer raw. Restituisce pacchetti ricevuti in hex su standard output. (Uno per linea)
+
+--dump		Scrive in formato umanamente comprensibile (più o meno)
+--limit	<x>	Impone massimo numero di pacchetti ricevibili.
+--iface <x>	Impone sniffing su una interfaccia specifica (se non presente usa standard)
+--help		Ovvio.
+
+Hendrix:
+
+Legge output di Riddle e ricostruisce eventuali flussi. (TODO)
+
+Cigarette:
+
+Legge output di Riddle e restituisce a video informazioni in tempo reale sui pacchetti ricevuti.

Riddle.cpp

@@ -0,0 +1,89 @@
+//============================================================================
+// Name        : Riddle
+// Author      : Andrea Bontempi
+// Version     : 0.1
+// Copyright   : GNU GPL3
+// Description : Network Sniffer
+//
+// Special Thanks to fede.tft for the big help :-)
+//
+//============================================================================
+
+#include <iostream>
+#include <cstdio>
+#include <cstdlib>
+#include <string>
+#include <limits>
+#include <pcap.h>
+#include <boost/program_options.hpp>
+#include "libRiddle.h"
+
+using namespace std;
+using namespace boost::program_options;
+
+int main(int argc, char **argv) {
+	options_description desc("Riddle - Network Sniffer");
+	desc.add_options()
+		("help", "prints this")
+		("dump", "enable dump mode")
+		("iface", value<string>(), "interface to sniff from")
+		("limit", value<int>(), "set max number of packet")
+	;
+
+	variables_map vm;
+	store(parse_command_line(argc, argv, desc), vm);
+	notify(vm);
+
+	if(vm.count("help"))
+	{
+	    cout<<desc<<"\n";
+	    return 1;
+	}
+
+	string pcap_device;
+	char error_buffer[PCAP_ERRBUF_SIZE];
+
+	if(vm.count("iface"))
+	{
+		pcap_device=vm["iface"].as<string>();
+	} else {
+		// Cerca e restituisce interfaccia
+		char *dev=pcap_lookupdev(error_buffer);
+		if(dev!=NULL) pcap_device = dev;
+		else pcap_fatal("pcap_lookupdev", error_buffer);
+	}
+
+	cerr<<"Sniffing on device "<<pcap_device<<endl;
+
+	pcap_t *pcap_handle;
+
+	// Apre il device in modalità promiscua
+	pcap_handle = pcap_open_live(pcap_device.c_str(), 4096, 1, 0, error_buffer);
+	if(pcap_handle == NULL){
+		pcap_fatal("pcap_open_live", error_buffer);
+	}
+
+	int maxpacket = numeric_limits<int>::max();
+
+	if(vm.count("limit"))
+	{
+		maxpacket=vm["limit"].as<int>();
+	}
+
+	void (*dumper)(const unsigned char*,int);
+	if(vm.count("dump")) dumper=hexDump; else dumper=rawDump;
+
+	const u_char *packet;
+	pcap_pkthdr header;
+
+	for(;maxpacket > 0;)
+	{
+		packet = pcap_next(pcap_handle, &header);
+		dumper(packet, header.len);
+		if(maxpacket!=numeric_limits<int>::max()) maxpacket--;
+	}
+
+	pcap_close(pcap_handle);
+
+	return EXIT_SUCCESS;
+}

libCigarette.cpp

@@ -0,0 +1,47 @@
+//============================================================================
+// Name        : Riddle
+// Author      : Andrea Bontempi
+// Version     : 0.1
+// Copyright   : GNU GPL3
+// Description : Network Sniffer
+//
+// Special Thanks to fede.tft for the big help :-)
+//
+//============================================================================
+
+#include <cstdio>
+#include <iostream>
+#include <cstdlib>
+#include <sstream>
+#include <stdexcept>
+#include "libCigarette.h"
+
+header_ethernet parseEthernet(std::string start, int len)
+{
+	header_ethernet etherhead;
+
+	int i;
+
+	etherhead.mac_dst.reserve(17);
+	etherhead.mac_src.reserve(17);
+	etherhead.mac_dst.reserve(4);
+
+	for(i=0;i<=11;i++)	// MAC Dest
+	{
+		etherhead.mac_dst += start[i];
+		if(i%2 != 0 && i != 11) etherhead.mac_dst += ':';
+	}
+
+	for(i=12;i<=23;i++)	// MAC Sorg
+	{
+		etherhead.mac_src += start[i];
+		if(i%2 != 0 && i != 23) etherhead.mac_src += ':';
+	}
+	
+	for(i=24;i<=27;i++)	// Next Protocol
+	{
+		etherhead.next_protocol += start[i];
+	}
+
+	return etherhead;
+}

libCigarette.h

@@ -0,0 +1,24 @@
+//============================================================================
+// Name        : Riddle
+// Author      : Andrea Bontempi
+// Version     : 0.1
+// Copyright   : GNU GPL3
+// Description : Network Sniffer
+//
+// Special Thanks to fede.tft for the big help :-)
+//
+//============================================================================
+
+#ifndef LIBCIGARETTE_H
+#define LIBCIGARETTE_H
+
+struct header_ethernet
+{
+	std::string mac_dst;
+	std::string mac_src;
+	std::string next_protocol;
+};
+
+header_ethernet parseEthernet(std::string start, int len);
+
+#endif //LIBCIGARETTE_H

libRiddle.cpp

@@ -0,0 +1,61 @@
+//============================================================================
+// Name        : Riddle
+// Author      : Andrea Bontempi
+// Version     : 0.1
+// Copyright   : GNU GPL3
+// Description : Network Sniffer
+//
+// Special Thanks to fede.tft for the big help :-)
+//
+//============================================================================
+
+#include <cstdio>
+#include <iostream>
+#include <cstdlib>
+#include <sstream>
+#include <stdexcept>
+#include "libRiddle.h"
+
+// Non mettere using namespace generali in header file.
+
+void pcap_fatal(const char *error_in, const char *error_buffer)
+{
+	std::stringstream ss;
+	ss<<"Fatal Error in "<<error_in<<": "<<error_buffer;
+	throw(std::runtime_error(ss.str()));
+}
+
+static void memPrint(const unsigned char *start, char len, int index)
+{
+	printf("0x%08x | ",index);
+	int i;
+	for(i=0;i<len;i++) printf("%02x ",start[i]);
+	for(i=0;i<(16-len);i++) printf("   ");
+	printf("| ");
+	for(i=0;i<len;i++)
+	{
+		if((start[i]>32)&&(start[i]<128)) printf("%c",start[i]);
+		else printf(".");
+	}
+	printf("\n");
+}
+
+void hexDump(const unsigned char *start, int len)
+{
+	std::cout<<std::endl<<"Received "<<len<<" byte:"<<std::endl;
+	int index=0;
+	while(len>16)
+	{
+		memPrint(start,16,index);
+		len-=16;
+		start+=16;
+		index+=16;
+	}
+	if(len>0) memPrint(start,len,index);
+}
+
+void rawDump(const unsigned char *start, int len)
+{
+	for(int i=0;i<len;i++) printf("%02x",start[i]);
+	printf("\n");
+}

libRiddle.h

@@ -0,0 +1,19 @@
+//============================================================================
+// Name        : Riddle
+// Author      : Andrea Bontempi
+// Version     : 0.1
+// Copyright   : GNU GPL3
+// Description : Network Sniffer
+//
+// Special Thanks to fede.tft for the big help :-)
+//
+//============================================================================
+
+#ifndef LIBRIDDLE_H
+#define LIBRIDDLE_H
+
+void pcap_fatal(const char *error_in, const char *error_buffer);
+void hexDump(const unsigned char *start, int len);
+void rawDump(const unsigned char *start, int len);
+
+#endif //LIBRIDDLE_H