Merge pull request #4 from lnicosia/lumenthi

🚸 ✨ Changing default behavior to be more user friendly, -s --sniff implementation
lnicosia · Dec 8, 2022 · e014d4e · e014d4e
2 parents 68bafd9 + 4fffeaa
commit e014d4e
Show file tree

Hide file tree

Showing 13 changed files with 682 additions and 446 deletions.
diff --git a/Makefile b/Makefile
@@ -6,15 +6,15 @@
 #    By: lumenthi <[email protected]>          +#+  +:+       +#+         #
 #                                                 +#+#+#+#+#+   +#+            #
 #    Created: 2017/12/22 14:06:43 by lumenthi          #+#    #+#              #
-#    Updated: 2022/12/05 10:59:03 by lumenthi         ###   ########.fr        #
+#    Updated: 2022/12/08 16:19:58 by lumenthi         ###   ########.fr        #
 #                                                                              #
 # **************************************************************************** #
 
 NAME = ft_malcolm
 
 CC = gcc
 FLAGS = -Wall -Werror -Wextra -g
-LDFLAGS =
+LDFLAGS = -lpthread
 
 GREEN = '\033[4;32m'
 RED = '\033[4;31m'
@@ -63,7 +63,7 @@ SRCS =	main.c \
 		proxy.c \
 		interface.c \
 		malcolm.c \
-		resolve_hostname.c \
+		analysis.c
 
 SOURCES = $(addprefix $(SRCDIR)/, $(SRCS))
 
@@ -157,4 +157,8 @@ run:
 	@ $(MAKE) all
 	@ sudo ./$(NAME) 172.17.0.1 66:66:66:66:66:66 172.17.0.2 02:42:ac:11:00:02
 
-.PHONY: all clean fclean re todo run
+copy:
+	@ $(MAKE) all
+	@ sudo docker cp ./$(NAME) malcolm5:/
+
+.PHONY: all clean fclean re todo run copy
diff --git a/ascii/2.ascii b/ascii/2.ascii
diff --git a/headers/malcolm.h b/headers/malcolm.h
@@ -13,6 +13,7 @@
 #include <unistd.h>
 #include <time.h>
 #include <signal.h>
+#include <pthread.h>
 
 /* ASCII ART */
 #define DB_PATH "ascii/"
@@ -21,7 +22,7 @@
 #define ASCII1 DB_PATH ONE_FILENAME
 /* ******* */
 /* TODO: Set 2.ascii once the snd art finished */
-#define TWO_FILENAME "1.ascii"
+#define TWO_FILENAME "2.ascii"
 #define ASCII2 DB_PATH TWO_FILENAME
 
 #define IP_ADDR_LEN		4	/* in bytes */
@@ -91,6 +92,8 @@ typedef struct	s_data
 
 	int			sockfd;
 	char		*interface;
+	uint8_t		if_mac[ETH_ADDR_LEN];
+	uint8_t		if_ip[IP_ADDR_LEN];
 
 	uint32_t	frequency; /* In seconds */
 	uint32_t	duration; /* In seconds */
@@ -119,11 +122,15 @@ int			ft_malcolm(void);
 /* interface.c */
 int			interface_index(char *name);
 int			interface_mac(char *name, uint8_t *ret);
+int			interface_brdcst(char *name, uint8_t *ret);
 int			interface_ip(char *name, uint8_t *ret);
 
 /* help.c */
 void		print_help();
 void		print_usage(FILE *f);
+void		print_dusage(FILE *f);
+void		print_musage(FILE *f);
+void		print_busage(FILE *f);
 void		print_version(void);
 
 /* parse_option_line.c */
@@ -132,8 +139,7 @@ int			parse_option_line(int ac, char **av);
 /* proxy.c */
 int			ft_proxy(uint8_t *source_ip, uint8_t *target_ip);
 
-/* resolve_hostname.c */
-
-int			resolve_hostname(char *hostname, uint8_t *dest_ip);
+/* analysis.c */
+int			launch_thread(pthread_t *thread);
 
 #endif
diff --git a/headers/options.h b/headers/options.h
@@ -4,11 +4,13 @@
 #include <getopt.h>
 
 # define OPT_VERBOSE		(1UL << 0)
-# define OPT_PROXY			(1UL << 1)
-# define OPT_PERSISTENT		(1UL << 2)
+# define OPT_MANUAL			(1UL << 1)
+# define OPT_NO_PERSISTENCY	(1UL << 2)
 # define OPT_NUMERIC		(1UL << 3)
 # define OPT_DURATION		(1UL << 4)
 # define OPT_FREQUENCY		(1UL << 5)
-# define OPT_INTERFACE		(1UL << 6)
+# define OPT_SNIFF			(1UL << 6)
+# define OPT_BROADCAST		(1UL << 7)
+# define OPT_DENY			(1UL << 8)
 
 #endif
diff --git a/notes/arpspoof.txt b/notes/arpspoof.txt
diff --git a/notes/notes.txt b/notes/notes.txt
@@ -29,6 +29,12 @@ netcat 172.17.0.1 4444
 # TCP dump listen for netcat communication
 tcpdump -s 0 -U -n -w - -i eth0
 
+# Disable kernel redirect
+sysctl -w net.ipv4.ip_forward=0
+
+# Privileged
+sudo docker run --privileged -it --name malcolm5 jgoerzen/debian-base-minimal /bin/sh
+
 # Check arp cache
 $ ip neighbor
 
@@ -40,22 +46,27 @@ while true; do ip n | grep "66:66"; done
 
 # Docker needed installs
 apt-get update
-apt-get install tcpdump iputils-ping iproute2 net-tools arping curl wget zsh git -y
+apt-get install tcpdump iputils-ping iproute2 net-tools arping curl wget zsh git make gcc dsniff -y
 sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" -
 
 # ==== TODO ====
-- Host resolution
+- NUMERIC OPTION ONCE DEFENSE DONE
+
+# ==== BONUSES ====
+- Persistency
+- Frequency
+- Duration
+- Passive forwarding
+- Restore after spoof
 - Verbose
+- Help menu
+- Auto ARP resolution for default mode
+- Interface selection
+- Awesome rotative insane art menu created by insane devs
+- Sniffing activity in another thread
 
 # ==== IDEAS ====
 (After validation)
-- Proxy mode by default
-- Spoof the whole network on broadcast -b --broadcast
-	- sudo ./ft_malcolm [source IP] -i [interface] --broadcast
-		- This command redirect all the traffic for the whole network to [source IP] on our machine
-		- -d --deny Service denial ? redirect all the packets to a dummy mac address
-- -m --manual: Subject's behavior with persistency mode activated
+- Finish active proxy
 - Packet analysis in another thread ?
 - WIFI support
-- Restore for manual persistent mode ?
-- Update version and help menu once done