Permalink
Browse files

supported --gw-mac-addr option.

  • Loading branch information...
1 parent 7f7c862 commit 90a74854679ae7c4d785369afab732cf3d267601 vecna committed Jul 5, 2011
Showing with 76 additions and 35 deletions.
  1. +3 −1 ChangeLog
  2. +15 −4 doc/sniffjoke-autotest.1
  3. +5 −2 doc/sniffjoke.1
  4. +2 −2 doc/sniffjokectl.1
  5. +36 −21 src/service/UserConf.cc
  6. +7 −3 src/service/UserConf.h
  7. +1 −0 src/service/hardcodedDefines.h
  8. +7 −2 src/service/main.cc
View
@@ -1,7 +1,9 @@
-02 Jun 2011: published 0.4.2
+05 Jul 2011: published 0.4.2
- 'generic/' working again as default
- no more hardcoded path
- gentoo package, fixed warnings by 'QA'
+ - support of --gw-mac-addr to avoid some distros issue with arp and
+ parsing
22 May 2011: published 0.4.1
- gpg verified autotest files
View
@@ -1,7 +1,7 @@
.TH sniffjoke-autotest 1
.PP
.SH NAME
-Sniffjoke Autotest Suite 0.4 usage
+Sniffjoke Autotest Suite 0.4.2 usage
.PP
.SH SYNOPSIS
sniffjoke-autotest [OPTION]...
@@ -29,8 +29,19 @@ accept a name for the currently profiling environment [required]
set the number of test replicas [default: 1]
.PP
.PP
-.SH "TRIVIA"
-sniffjoke-autotest is generated by CMake, using the unusable-sj-autotest.sh source script. The installed copy of the file, contains the distribution specific installation path
+.SH "ERRORS, BUGS, ISSUE"
+Sometime sniffjoke-autotest simply exit with the message:
+.B Something in the network is not going well, and will not be a SniffJoke fault
+
+I suggest to copy paste the previously executed sniffjoke command line, adding the option "--foreground" and see by hand which kind of exception is triggered.
+.PP
+.SH "DEPENDENCIES"
+
+ pub 1024D/7D9E677D 2011-05-21
+ Key fingerprint = F37C 2042 5052 27E2 2FD7 D511 947F 574B 7D9E 677D
+ uid SniffJoke project (http://www.delirandom.net/sniffjoke)
+
+sniffjoke-autotest reports some URLs, message and info retrivered from delirandom.net, in order to authenticate these message, in a shell script, is downloaded the public key of the project, because the communications will be accepted only if verified by GnuPG signature. Inside sniffjoke-autotest is hardcoded the fingerprint.
.PP
.SH "AUTHOR"
Claudio Agosti <vecna@delirandom.net>, Giovanni Pellerano <giovanni.pellerano@evilaliv3.org>
@@ -42,6 +53,6 @@ Copyright (GPL) 2008,2009,2010,2011 Claudio Agosti & Giovanni Pellerano.
.br
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
.SH "SEE ALSO"
-Because SniffJoke is a 0.4-rc1 release, we didn't setup correctly a man page, and will be better if you check http://www.delirandom.net/sniffjoke for the usage information you should need.
+http://www.delirandom.net/sniffjoke
.TP
.I sniffjoke(1) sniffjoke-autotest(1)
View
@@ -1,7 +1,7 @@
.TH sniffjoke 1
.PP
.SH NAME
-Sniffjoke 0.4 usage
+Sniffjoke 0.4.2 usage
.PP
.SH SYNOPSIS
sniffjoke [OPTION]...
@@ -25,6 +25,9 @@ specify the base directory where the location resides [default: /usr/local/var/s
.B --user <username>
downgrade priviledge to the specified user [default: nobody]
.PP
+.B --gw-mac-addr <XX:YY:KK:PP:00:RR>
+specify the default gateway mac address. by default is not required, because SniffJoke use some auto detection commands in order to acquire the local network informations. In some distribution, a fatal exception is triggered when tried, in those case this option became mandatory for the correct execution of SniffJoke.
+.PP
.B --group <groupname>
downgrade priviledge to the specified group [default: nogroup]
.PP
@@ -81,6 +84,6 @@ Copyright (GPL) 2008,2009,2010,2011 Claudio Agosti & Giovanni Pellerano.
.br
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
.SH "SEE ALSO"
-Because SniffJoke is a 0.4-rc1 release, we didn't setup correctly a man page, and will be better if you check http://www.delirandom.net/sniffjoke for the usage information you should need.
+http://www.delirandom.net/sniffjoke
.TP
.I sniffjokectl(1) sniffjoke-autotest(1)
View
@@ -1,7 +1,7 @@
.TH sniffjokectl 1
.PP
.SH NAME
-Sniffjoke CTL 0.4 usage
+Sniffjoke CTL 0.4.2 usage
.PP
.SH SYNOPSIS
sniffjokectl [OPTION]... [COMMAND]
@@ -68,7 +68,7 @@ Copyright (GPL) 2008,2009,2010,2011 Claudio Agosti & Giovanni Pellerano.
.br
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
.SH "SEE ALSO"
-Because SniffJoke is a 0.4-rc1 release, we didn't setup correctly a man page, and will be better if you check http://www.delirandom.net/sniffjoke for the usage information you should need.
+http://www.delirandom.net/sniffjoke
.TP
.I sniffjoke(1) sniffjoke-autotest(1)
View
@@ -3,8 +3,8 @@
* developed with the aim to improve digital privacy in communications and
* to show and test some securiy weakness in traffic analysis software.
*
- * Copyright (C) 2010 vecna <vecna@delirandom.net>
- * evilaliv3 <giovanni.pellerano@evilaliv3.org>
+ * Copyright (C) 2011, 2010 vecna <vecna@delirandom.net>
+ * evilaliv3 <giovanni.pellerano@evilaliv3.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -219,44 +219,52 @@ void UserConf::autodetectGWIPAddress(void)
}
}
+void UserConf::importMacAddr(const char *cmd_out)
+{
+ uint32_t mac[6];
+ uint32_t i;
+
+ for (i = 0; i < strlen(cmd_out) && (isxdigit(cmd_out[i])) || (cmd_out[i] == ':'); ++i)
+ runcfg.gw_mac_str[i] = cmd_out[i];
+
+ if (i != 17)
+ RUNTIME_EXCEPTION("invalid mac address format: [%s] is not long 17 bytes", cmd_out);
+
+ LOG_ALL("acquired gateway mac address from the arp table: %s", runcfg.gw_mac_str);
+ sscanf(runcfg.gw_mac_str, "%2x:%2x:%2x:%2x:%2x:%2x", &mac[0], &mac[1], &mac[2], &mac[3], &mac[4], &mac[5]);
+ for (i = 0; i < ETH_ALEN; ++i)
+ runcfg.gw_mac_addr[i] = mac[i];
+}
+
void UserConf::autodetectGWMACAddress(void)
{
char cmd[MEDIUMBUF];
- string imp_str;
- uint32_t i;
+ string cmdout_str;
snprintf(cmd, MEDIUMBUF, "arp -ni %s %s | grep %s | awk '{print $3}'",
runcfg.net_iface_name, runcfg.gw_ip_addr, runcfg.gw_ip_addr);
LOG_ALL("detecting mac address of gateway with [%s]", cmd);
- imp_str = execOSCmd(cmd);
-
- for (i = 0; i < strlen(imp_str.c_str()) && (isxdigit((imp_str.c_str())[i]) || (imp_str.c_str())[i] == ':'); ++i)
- runcfg.gw_mac_str[i] = (imp_str.c_str())[i];
-
- if (i != 17)
- RUNTIME_EXCEPTION("unable to autodetect gateway mac address");
- else
- {
- LOG_ALL("acquired gateway mac address from the arp table: %s", runcfg.gw_mac_str);
- uint32_t mac[6];
- sscanf(runcfg.gw_mac_str, "%2x:%2x:%2x:%2x:%2x:%2x", &mac[0], &mac[1], &mac[2], &mac[3], &mac[4], &mac[5]);
- for (i = 0; i < 6; ++i)
- runcfg.gw_mac_addr[i] = mac[i];
- }
+ cmdout_str = execOSCmd(cmd);
+ LOG_VERBOSE("received output to detect gateway mac address: %s", cmdout_str.c_str() );
+ importMacAddr( cmdout_str.c_str() );
}
/* this method is called by SniffJoke.cc */
void UserConf::networkSetup(void)
{
LOG_DEBUG("initializing network for service/child: %d", getpid());
- /* autodetect is always used, we should not trust the preloaded configuration */
+ /* autodetect is always used, but will be override by --options, for this reason is checked
+ * the presence of previously assignments */
+
autodetectLocalInterface();
autodetectLocalInterfaceIPAddress();
autodetectGWIPAddress();
- autodetectGWMACAddress();
+
+ if(!strlen(runcfg.gw_mac_str))
+ autodetectGWMACAddress();
LOG_VERBOSE("* system local interface: %s, %s address", runcfg.net_iface_name, runcfg.net_iface_ip);
LOG_VERBOSE("* default gateway mac address: %s", runcfg.gw_mac_str);
@@ -408,6 +416,7 @@ bool UserConf::loadDiskConfiguration(void)
parseMatch(runcfg.debug_level, "debug", loadstream, cmdline_opts.debug_level, DEFAULT_DEBUG_LEVEL);
parseMatch(runcfg.onlyplugin, "only-plugin", loadstream, cmdline_opts.onlyplugin, DEFAULT_ONLYPLUGIN);
parseMatch(runcfg.max_ttl_probe, "max-ttl-probe", loadstream, cmdline_opts.max_ttl_probe, DEFAULT_MAX_TTLPROBE);
+ parseMatch(runcfg.gw_mac_str, "gw-mac-addr", loadstream, cmdline_opts.gw_mac_str, DEFAULT_GW_MAC_ADDR);
/* loading of IP lists, in future also the source IP address should be useful */
if (runcfg.use_blacklist)
@@ -417,6 +426,12 @@ bool UserConf::loadDiskConfiguration(void)
RUNTIME_EXCEPTION("requested blacklist but blacklist file not found or empty");
}
+ /* if the network details are passed by options, complete the acquisition */
+ if (strlen(runcfg.gw_mac_str))
+ {
+ importMacAddr(runcfg.gw_mac_str);
+ }
+
if (runcfg.use_whitelist)
{
runcfg.whitelist = new IPListMap(FILE_IPWHITELIST);
View
@@ -3,8 +3,8 @@
* developed with the aim to improve digital privacy in communications and
* to show and test some securiy weakness in traffic analysis software.
*
- * Copyright (C) 2010 vecna <vecna@delirandom.net>
- * evilaliv3 <giovanni.pellerano@evilaliv3.org>
+ * Copyright (C) 2011, 2010 vecna <vecna@delirandom.net>
+ * evilaliv3 <giovanni.pellerano@evilaliv3.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -56,6 +56,7 @@ struct sj_cmdline_opts
uint16_t debug_level;
char onlyplugin[MEDIUMBUF];
uint16_t max_ttl_probe;
+ char gw_mac_str[SMALLBUF];
/* END OF COMMON PART WITH sj_config THAT WILL BE SAVED IN CONF FILE */
bool force_restart;
@@ -89,6 +90,7 @@ struct sj_config
uint16_t debug_level;
char onlyplugin[MEDIUMBUF];
uint16_t max_ttl_probe;
+ char gw_mac_str[SMALLBUF];
/* END OF COMMON PART WITH sj_cmdline_opts THAT WILL BE SAVED IN CONF FILE */
/* mangling policies */
@@ -98,7 +100,6 @@ struct sj_config
/* system informations, autodetected */
char gw_ip_addr[SMALLBUF];
- char gw_mac_str[SMALLBUF];
char gw_mac_addr[ETH_ALEN];
char net_iface_name[SMALLBUF];
/* char tun_iface_name[SMALLBUF] statically know as TUN_IF_NAME */
@@ -120,6 +121,9 @@ class UserConf
void autodetectGWMACAddress(void);
void autodetectFirstAvailableTunnelInterface(void);
+ /* network configuration, autodetect utilities */
+ void importMacAddr(const char*);
+
void parseOnlyParam(const char*);
/* config file load/dump support*/
@@ -52,6 +52,7 @@
#define DEFAULT_ONLYPLUGIN ""
#define DEFAULT_DEBUG_LEVEL 2
#define DEFAULT_MAX_TTLPROBE 35
+#define DEFAULT_GW_MAC_ADDR ""
/* this is not configurabile anyway in some (wrong) local network the
* class 1.0.0.0/8 is used and should be require change this puppet-IP */
View
@@ -3,8 +3,8 @@
* developed with the aim to improve digital privacy in communications and
* to show and test some securiy weakness in traffic analysis software.
*
- * Copyright (C) 2010 vecna <vecna@delirandom.net>
- * evilaliv3 <giovanni.pellerano@evilaliv3.org>
+ * Copyright (C) 2011, 2010 vecna <vecna@delirandom.net>
+ * evilaliv3 <giovanni.pellerano@evilaliv3.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -58,6 +58,7 @@ static void sj_version(const char *pname)
" --foreground\t\trunning in foreground [default:background]\n"\
" --admin <ip>[:port]\tspecify administration IP address [default: %s:%d]\n"\
" --force\t\tforce restart (usable when another sniffjoke service is running)\n"\
+ " --gw-mac-addr\t\tspecify default gateway mac address [default: is autodetected]\n"\
" --version\t\tshow sniffjoke version\n"\
" --help\t\t\tshow this help\n\n"\
"\t\t\thttp://www.delirandom.net/sniffjoke\n"
@@ -129,6 +130,7 @@ int main(int argc, char **argv)
{ "debug", required_argument, NULL, 'd'},
{ "only-plugin", required_argument, NULL, 'p'}, /* not documented in --help */
{ "max-ttl-probe", required_argument, NULL, 'm'}, /* not documented too */
+ { "gw-mac-addr", required_argument, NULL, 'e'},
{ "version", no_argument, NULL, 'v'},
{ "help", no_argument, NULL, 'h'},
{ NULL, 0, NULL, 0}
@@ -199,6 +201,9 @@ int main(int argc, char **argv)
case 'p':
snprintf(useropt.onlyplugin, sizeof (useropt.onlyplugin), "%s", optarg);
break;
+ case 'e':
+ snprintf(useropt.gw_mac_str, sizeof (useropt.gw_mac_str), "%s", optarg);
+ break;
case 'm':
useropt.max_ttl_probe = atoi(optarg);
break;

0 comments on commit 90a7485

Please sign in to comment.