--- /dev/null
+#include <pcap.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/socket.h>
+//#include <netinet/in.h>
+//#include <arpa/inet.h>
+//#include <netinet/if_ether.h>
+//#include <net/ethernet.h>
+//#include <netinet/ether.h>
+//#include <netinet/ip.h>
+//#include <linux/if.h>
+//#include <linux/wireless.h>
+#include <ctype.h>
+#include <unistd.h>
+#include "radiotap.h"
+#include "radiotap_iter.h"
+#include <curl/curl.h>
+#include <json-c/json.h>
+#include <stdbool.h>
+
+const struct pcap_pkthdr* callback_header;
+
+time_t start = 0;
+char *ssid_buf[34][2] = { NULL, NULL };
+char *probe_resp_buf[34][3] = { NULL, NULL };
+char *probe_buf[34][2] = { NULL, NULL };
+
+//char post_url[255] = "http://intranet.spangdorfia.com/butler/sohoinput.php";
+char *post_url = NULL;
+
+static uint8_t insecure = 0;
+
+static const struct radiotap_align_size align_size_000000_00[] = {
+ [0] = { .align = 1, .size = 4, },
+ [52] = { .align = 1, .size = 4, },
+};
+
+typedef struct {
+ u_int8_t it_version;
+ u_int8_t it_pad;
+ u_int16_t it_len;
+ u_int32_t it_present;
+
+ u_int32_t pad;
+ u_int8_t flags;
+ u_int8_t rate;
+ u_int16_t wr_chan_freq;
+ int8_t ant_sig;
+ int8_t lock_quality;
+ u_int8_t ant;
+
+} __attribute__((__packed__)) ieee80211_radiotap;
+
+struct json_object *obj1, *obj2, *array, *tmp1, *tmp2;
+
+void send_data(json_object *array) {
+
+ CURL *curl;
+ CURLcode res;
+
+ struct curl_slist *headers = NULL;
+
+ headers = curl_slist_append(headers, "Accept: application/json");
+ headers = curl_slist_append(headers, "Content-Type: application/json");
+
+ //json_object *obj1 = json_object_new_object();
+ //json_object *jvs = json_object_new_string("1");
+ //json_object *japmac = json_object_new_string(ap_mac);
+ //json_object *jlat = json_object_new_double(lat);
+ //json_object *jlng = json_object_new_double(lng);
+
+ //json_object_object_add(obj1,"v", jvs);
+ //json_object_object_add(obj1,"ap_mac", japmac);
+ //json_object_object_add(obj1,"data", array);
+ //json_object_object_add(obj1,"lat", jlat);
+ //json_object_object_add(obj1,"lng", jlng);
+
+ curl = curl_easy_init();
+
+ if(curl) {
+
+ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, NULL);
+ curl_easy_setopt(curl, CURLOPT_URL, post_url);
+ curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
+ curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
+ curl_easy_setopt(curl, CURLOPT_USERAGENT, "SoHoSIGINT");
+ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, json_object_to_json_string(array));
+
+ if (insecure) {
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
+ }
+
+ //printf("Sending this: %s\n",json_object_to_json_string(array));
+
+ //openlog(SYSLOG_NAME, LOG_PID|LOG_CONS, LOG_USER);
+ res = curl_easy_perform(curl);
+
+ if(res != CURLE_OK) {
+ printf("There was a problem sending to %s\n", post_url);
+ //syslog (LOG_INFO, "couldn't send JSON.");
+ } else {
+ //printf("sent JSON to %s\n", post_url);
+ }
+ //closelog ();
+ curl_easy_cleanup(curl);
+ curl_slist_free_all(headers);
+ //json_object_put(obj1);
+ }
+
+ curl_global_cleanup();
+
+}
+
+
+void my_callback(u_char *args,const struct pcap_pkthdr* pkthdr,const u_char* packet) {
+
+ int err, radiotap_header_len, ssid_len, i;
+ int8_t rssi, rate, flags, fcsfail;
+ u_int16_t channel;
+ char client_mac[18];
+ char bssid_mac[18];
+ char *ssid;
+ char tmp_channel[2];
+ char tmp_rssi[1];
+
+
+ int diff;
+ if (start == 0) {
+ start = time(0);
+ }
+
+ time_t t0 = time(0);
+
+ if ( json_object_get_type(array) != json_type_array) {
+ //printf("type of json= %d\n", json_object_get_type(array) == json_type_array);
+ array = json_object_new_array();
+ };
+
+ struct ieee80211_radiotap_iterator iter;
+
+ radiotap_header_len = iter._max_length;
+
+ err = ieee80211_radiotap_iterator_init(&iter, (void*)packet, pkthdr->caplen, NULL);
+ if (err > 0) {
+ }
+
+ radiotap_header_len = iter._max_length;
+
+ fcsfail = 0;
+ while (!(err = ieee80211_radiotap_iterator_next(&iter))) {
+ if (iter.this_arg_index == IEEE80211_RADIOTAP_DBM_ANTSIGNAL) {
+ rssi = (int8_t)iter.this_arg[0];
+ }
+ if (iter.this_arg_index == IEEE80211_RADIOTAP_CHANNEL) {
+ channel = (*(uint16_t *)iter.this_arg);
+ }
+ if (iter.this_arg_index == IEEE80211_RADIOTAP_RATE) {
+ rate = (u_int8_t)iter.this_arg[0];
+ }
+ if (iter.this_arg_index == IEEE80211_RADIOTAP_FLAGS) {
+ flags = (*(u_int8_t *)iter.this_arg);
+ if (flags & IEEE80211_RADIOTAP_F_BADFCS) {
+ //printf("bad fcs\n");
+ fcsfail=1;
+ break;
+ }
+ if (flags & IEEE80211_RADIOTAP_F_FRAG) {
+ printf("frag\n");
+ }
+ if (flags & IEEE80211_RADIOTAP_F_CFP) {
+ printf("cfp\n");
+ }
+ }
+ };
+
+ sprintf(tmp_channel, "%04x", channel);
+ sprintf(tmp_rssi, "%d", rssi);
+
+ if (pkthdr->len >= 24) {
+ u_int8_t hlen;
+ hlen = packet[2]+(packet[3]<<8); //Usually 18 or 13 in some cases
+ switch (packet[hlen]) {
+ case 0x40: //probe request
+ ssid_len=packet[61];
+ memset(ssid, 0, sizeof(ssid));
+ if (ssid_len>0) {
+ for (i=0;i<ssid_len;++i){
+ sprintf(ssid+i, "%c", packet[62+i]);
+ }
+ }
+ memset(client_mac, 0, sizeof(client_mac));
+ sprintf(client_mac, "%02x:%02x:%02x:%02x:%02x:%02x", packet[46], packet[47],packet[48],packet[49],packet[50],packet[51]);
+
+ for (i=0; i<34; i++) {
+ if (probe_buf[i][0] != NULL) {
+ if ((strcoll(probe_buf[i][0], ssid) == 0 && strcoll(probe_buf[i][1], client_mac) == 0)) {
+ break;
+ }
+ }
+ if (probe_buf[i][0] == NULL) {
+ probe_buf[i][0] = strdup(ssid);
+ probe_buf[i][1] = strdup(client_mac);
+ obj2 = json_object_new_object();
+ json_object *type = json_object_new_string("40");
+ json_object *tssid = json_object_new_string(ssid);
+ json_object *tclient_mac = json_object_new_string(client_mac);
+ json_object *tchannel = json_object_new_string(tmp_channel);
+ json_object *jrssi = json_object_new_string(tmp_rssi);
+ json_object_object_add(obj2,"type", type);
+ json_object_object_add(obj2,"ssid", tssid);
+ json_object_object_add(obj2,"client_mac", tclient_mac);
+ json_object_object_add(obj2,"channel", tchannel);
+ json_object_object_add(obj2,"rssi", jrssi);
+ json_object_array_add(array,obj2);
+ break;
+ }
+ }
+
+ break;
+ case 0x50: //probe response
+ ssid_len=packet[73];
+ for (i=0;i<ssid_len;++i){
+ sprintf(ssid+i, "%c", packet[hlen+38+i]);
+ }
+
+ sprintf(client_mac, "%02x:%02x:%02x:%02x:%02x:%02x", packet[39], packet[40],packet[41],packet[42],packet[43],packet[44]);
+ sprintf(bssid_mac, "%02x:%02x:%02x:%02x:%02x:%02x", packet[52], packet[53],packet[54],packet[55],packet[56],packet[57]);
+
+ for (i=0; i<34; i++) {
+ if (probe_resp_buf[i][0] != NULL) {
+ if ((strcoll(probe_resp_buf[i][0], ssid) == 0 && strcoll(probe_resp_buf[i][1], client_mac) == 0)) {
+ break;
+ }
+ }
+ if (probe_resp_buf[i][0] == NULL) {
+ probe_resp_buf[i][0] = strdup(ssid);
+ probe_resp_buf[i][1] = strdup(client_mac);
+ probe_resp_buf[i][2] = strdup(bssid_mac);
+ obj2 = json_object_new_object();
+ json_object *type = json_object_new_string("50");
+ json_object *tssid = json_object_new_string(ssid);
+ json_object *tclient_mac = json_object_new_string(client_mac);
+ json_object *tbssid_mac = json_object_new_string(bssid_mac);
+ json_object *tchannel = json_object_new_string(tmp_channel);
+ json_object *jrssi = json_object_new_string(tmp_rssi);
+ json_object_object_add(obj2,"type", type);
+ json_object_object_add(obj2,"ssid", tssid);
+ json_object_object_add(obj2,"client_mac", tclient_mac);
+ json_object_object_add(obj2,"bssid_mac", tbssid_mac);
+ json_object_object_add(obj2,"channel", tchannel);
+ json_object_object_add(obj2,"rssi", jrssi);
+ json_object_array_add(array,obj2);
+ break;
+ }
+ }
+ break;
+ case 0x80: //beacon
+ ssid_len=packet[73];
+ if (ssid_len>0) {
+ for (i=0;i<ssid_len;++i){
+ sprintf(ssid+i, "%c", packet[hlen+38+i]);
+ }
+ } else {
+ sprintf(ssid,"[HIDDEN]");
+ }
+
+ if (ssid_len == 15 && strlen(ssid) == 0) {
+ sprintf(ssid,"[truncated]");
+ }
+ //printf("debug ssid: %s fieldlen: %d strlen: %d\n", ssid, ssid_len, strlen(ssid));
+ sprintf(client_mac, "%02x:%02x:%02x:%02x:%02x:%02x", packet[50], packet[51],packet[52],packet[53],packet[54],packet[55]);
+
+ for (i=0; i<34; i++) {
+ if (ssid_buf[i][0] != NULL) {
+ if ((strcoll(ssid_buf[i][0], ssid) == 0 && strcoll(ssid_buf[i][1], client_mac) == 0)) {
+ break;
+ }
+ }
+ if (ssid_buf[i][0] == NULL) {
+ ssid_buf[i][0] = strdup(ssid);
+ ssid_buf[i][1] = strdup(client_mac);
+ obj2 = json_object_new_object();
+ json_object *type = json_object_new_string("80");
+ json_object *tssid = json_object_new_string(ssid);
+ json_object *tclient_mac = json_object_new_string(client_mac);
+ json_object *tchannel = json_object_new_string(tmp_channel);
+ json_object *jrssi = json_object_new_string(tmp_rssi);
+ json_object_object_add(obj2,"type", type);
+ json_object_object_add(obj2,"ssid", tssid);
+ json_object_object_add(obj2,"bssid", tclient_mac);
+ json_object_object_add(obj2,"channel", tchannel);
+ json_object_object_add(obj2,"rssi", jrssi);
+ json_object_array_add(array,obj2);
+ break;
+ }
+ }
+ break;
+ }
+ };
+
+ diff = (t0 - start);
+
+ if (diff >= 5) {
+ //printf("time to barf!\n");
+ //for (i=0; i<34; i++) {
+ // printf("barf beacons: buffer %d, ssid: %s \t\t mac: %s channel: %s rssi: %s\n", i, ssid_buf[i][0], ssid_buf[i][1], ssid_buf[i][2], ssid_buf[i][3]);
+ //}
+ //for (i=0; i<34; i++) {
+ // printf("barf probe reponses: buffer %d, ssid: %s \t mac: %s mac: %s channel: %s rssi: %s\n", i, probe_resp_buf[i][0], probe_resp_buf[i][1], probe_resp_buf[i][2], probe_resp_buf[i][3], probe_resp_buf[i][4]);
+ //}
+ for (i=0; i<34; i++) {
+ //printf("barf probes: buffer %d, ssid: %s \t mac: %s channel: %s rssi: %s\n", i, probe_buf[i][0], probe_buf[i][1], probe_buf[i][2], probe_buf[i][3]);
+ }
+
+ send_data(array);
+ //printf ("The json object created: %s\n",json_object_to_json_string(array));
+ json_object_put(array);
+
+ memset(ssid_buf, 0, sizeof(ssid_buf));
+ memset(probe_resp_buf, 0, sizeof(probe_resp_buf));
+ memset(probe_buf, 0, sizeof(probe_buf));
+ start = time(0);
+ }
+ //printf("rate: %d channel: %04x rssi: %d\n", rate, channel, rssi);
+}
+
+int main(int argc,char **argv)
+{
+ int c;
+ char *dev = NULL;
+ char errbuf[PCAP_ERRBUF_SIZE];
+ pcap_t* pcap;
+ struct bpf_program fp; /* hold compiled program */
+ bpf_u_int32 maskp; /* subnet mask */
+ bpf_u_int32 netp; /* ip */
+ u_char* args = NULL;
+ char filter_exp[] = "";
+ char *totpacket = NULL;
+
+ while ((c = getopt (argc, argv, "ha:i:p:")) != -1)
+ switch (c) {
+ case 'a':
+ totpacket = optarg;
+ break;
+ case 'i':
+ dev = optarg;
+ break;
+ case 'p':
+ post_url = optarg;
+ break;
+ case 'h':
+ printf("./disect -a -i\n\t-a : number of packets to sniff. (default 10)\n\t-i : wlan interface.\n\t-p : URL for your collector.\n");
+ exit(0);
+ default:
+ return 0;
+ }
+
+ if (totpacket == NULL) {
+ totpacket="-1";
+ printf("-a not specified... setting to 10.\n");
+ }
+
+ if (dev == NULL) {
+ printf("You forgot -i\n");
+ exit(0);
+ }
+
+ if (post_url == NULL) {
+ printf("You forgot -p\n");
+ exit(0);
+ }
+
+ printf ("%s %s\n", totpacket, dev);
+
+ if(dev == NULL) {
+ printf("%s\n",errbuf);
+ exit(1);
+ }
+
+ /* ask pcap for the network address and mask of the device */
+ pcap_lookupnet(dev,&netp,&maskp,errbuf);
+
+ /* open device for reading. NOTE: defaulting to
+ * promiscuous mode*/
+ pcap = pcap_open_live(dev,2346,1,1000,errbuf);
+ pcap_set_promisc(pcap, 1);
+
+ if(pcap == NULL) {
+ printf("pcap_open_live(): %s\n",errbuf);
+ exit(1);
+ }
+
+ pcap_set_datalink(pcap, DLT_IEEE802_11);
+ pcap_set_datalink(pcap, DLT_IEEE802_11_RADIO_AVS);
+ pcap_set_datalink(pcap, DLT_IEEE802_11_RADIO);
+
+ //pcap_setnonblock(pcap, 1, errbuf);
+
+ int link_layer_type = pcap_datalink(pcap);
+
+ //printf("type: %d\n", link_layer_type);
+
+ if (link_layer_type == DLT_PRISM_HEADER ||
+ link_layer_type == DLT_IEEE802_11_RADIO ||
+ link_layer_type == DLT_IEEE802_11_RADIO_AVS ||
+ link_layer_type == DLT_IEEE802_11 ||
+ link_layer_type == DLT_PPI ||
+ link_layer_type == 127 ) {
+ if (pcap_compile(pcap, &fp, filter_exp, 0, netp) == -1) {
+ fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp, pcap_geterr(pcap));
+ exit(EXIT_FAILURE);
+ }
+ if (pcap_setfilter(pcap, &fp) == -1) {
+ fprintf(stderr, "Couldn't install filter %s: %s\n",
+ filter_exp, pcap_geterr(pcap));
+ exit(EXIT_FAILURE);
+ }
+ printf("starting\n");
+
+ pcap_loop(pcap,atoi(totpacket),my_callback,NULL);
+ } else {
+ fprintf(stderr, "Not using the Wi-Fi interface, are you testing something?\n");
+ }
+ fprintf(stdout,"\nfinished\n");
+ return 0;
+}
+
+