--- /dev/null
+CFLAGS= -std=gnu99
+DEPS = endian.h
+LIBS=$(LDFLAGS) -L. -lpcap -lcurl -ljson-c -lssl -lorcon2 `pkg-config --libs libnl-3.0 libnl-genl-3.0`
+OBJ = sohosigint-wifi.o radiotap.o
+
+%.o: %.c $(DEPS)
+ $(CC) -c -o $@ $<
+
+soho-sigint-wifi: $(OBJ)
+ $(CC) -o $@ $^ $(CFLAGS) $(LIBS)
+
+clean:
+ rm -rf *.o
+ rm -rf sohosigint-wifi
--- /dev/null
+#include <stddef.h>
+#include <errno.h>
+#ifndef _BSD_SOURCE
+#define _BSD_SOURCE
+#endif
+#ifdef __FreeBSD__
+ #include <sys/endian.h>
+#else
+ #include <endian.h>
+#endif
+
+#define le16_to_cpu le16toh
+#define le32_to_cpu le32toh
+#define get_unaligned(p) \
+({ \
+ struct packed_dummy_struct { \
+ typeof(*(p)) __val; \
+ } __attribute__((packed)) *__ptr = (void *) (p); \
+ \
+ __ptr->__val; \
+})
+#define get_unaligned_le16(p) le16_to_cpu(get_unaligned((uint16_t *)(p)))
+#define get_unaligned_le32(p) le32_to_cpu(get_unaligned((uint32_t *)(p)))
--- /dev/null
+/*
+ * Radiotap parser
+ *
+ * Copyright 2007 Andy Green <andy@warmcat.com>
+ * Copyright 2009 Johannes Berg <johannes@sipsolutions.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * Alternatively, this software may be distributed under the terms of BSD
+ * license.
+ *
+ * See COPYING for more details.
+ */
+#include "radiotap_iter.h"
+#include "platform.h"
+#if defined(ANDROID) || defined(__ANDROID__)
+ #include "../byteorder.h"
+#endif
+
+/* function prototypes and related defs are in radiotap_iter.h */
+
+static const struct radiotap_align_size rtap_namespace_sizes[] = {
+ [IEEE80211_RADIOTAP_TSFT] = { .align = 8, .size = 8, },
+ [IEEE80211_RADIOTAP_FLAGS] = { .align = 1, .size = 1, },
+ [IEEE80211_RADIOTAP_RATE] = { .align = 1, .size = 1, },
+ [IEEE80211_RADIOTAP_CHANNEL] = { .align = 2, .size = 4, },
+ [IEEE80211_RADIOTAP_FHSS] = { .align = 2, .size = 2, },
+ [IEEE80211_RADIOTAP_DBM_ANTSIGNAL] = { .align = 1, .size = 1, },
+ [IEEE80211_RADIOTAP_DBM_ANTNOISE] = { .align = 1, .size = 1, },
+ [IEEE80211_RADIOTAP_LOCK_QUALITY] = { .align = 2, .size = 2, },
+ [IEEE80211_RADIOTAP_TX_ATTENUATION] = { .align = 2, .size = 2, },
+ [IEEE80211_RADIOTAP_DB_TX_ATTENUATION] = { .align = 2, .size = 2, },
+ [IEEE80211_RADIOTAP_DBM_TX_POWER] = { .align = 1, .size = 1, },
+ [IEEE80211_RADIOTAP_ANTENNA] = { .align = 1, .size = 1, },
+ [IEEE80211_RADIOTAP_DB_ANTSIGNAL] = { .align = 1, .size = 1, },
+ [IEEE80211_RADIOTAP_DB_ANTNOISE] = { .align = 1, .size = 1, },
+ [IEEE80211_RADIOTAP_RX_FLAGS] = { .align = 2, .size = 2, },
+ [IEEE80211_RADIOTAP_TX_FLAGS] = { .align = 2, .size = 2, },
+ [IEEE80211_RADIOTAP_RTS_RETRIES] = { .align = 1, .size = 1, },
+ [IEEE80211_RADIOTAP_DATA_RETRIES] = { .align = 1, .size = 1, },
+ [IEEE80211_RADIOTAP_MCS] = { .align = 1, .size = 3, },
+ [IEEE80211_RADIOTAP_AMPDU_STATUS] = { .align = 4, .size = 8, },
+ /*
+ * add more here as they are defined in radiotap.h
+ */
+};
+
+static const struct ieee80211_radiotap_namespace radiotap_ns = {
+ .n_bits = sizeof(rtap_namespace_sizes) / sizeof(rtap_namespace_sizes[0]),
+ .align_size = rtap_namespace_sizes,
+};
+
+/**
+ * ieee80211_radiotap_iterator_init - radiotap parser iterator initialization
+ * @iterator: radiotap_iterator to initialize
+ * @radiotap_header: radiotap header to parse
+ * @max_length: total length we can parse into (eg, whole packet length)
+ *
+ * Returns: 0 or a negative error code if there is a problem.
+ *
+ * This function initializes an opaque iterator struct which can then
+ * be passed to ieee80211_radiotap_iterator_next() to visit every radiotap
+ * argument which is present in the header. It knows about extended
+ * present headers and handles them.
+ *
+ * How to use:
+ * call __ieee80211_radiotap_iterator_init() to init a semi-opaque iterator
+ * struct ieee80211_radiotap_iterator (no need to init the struct beforehand)
+ * checking for a good 0 return code. Then loop calling
+ * __ieee80211_radiotap_iterator_next()... it returns either 0,
+ * -ENOENT if there are no more args to parse, or -EINVAL if there is a problem.
+ * The iterator's @this_arg member points to the start of the argument
+ * associated with the current argument index that is present, which can be
+ * found in the iterator's @this_arg_index member. This arg index corresponds
+ * to the IEEE80211_RADIOTAP_... defines.
+ *
+ * Radiotap header length:
+ * You can find the CPU-endian total radiotap header length in
+ * iterator->max_length after executing ieee80211_radiotap_iterator_init()
+ * successfully.
+ *
+ * Alignment Gotcha:
+ * You must take care when dereferencing iterator.this_arg
+ * for multibyte types... the pointer is not aligned. Use
+ * get_unaligned((type *)iterator.this_arg) to dereference
+ * iterator.this_arg for type "type" safely on all arches.
+ *
+ * Example code: parse.c
+ */
+
+int ieee80211_radiotap_iterator_init(
+ struct ieee80211_radiotap_iterator *iterator,
+ struct ieee80211_radiotap_header *radiotap_header,
+ int max_length, const struct ieee80211_radiotap_vendor_namespaces *vns)
+{
+ /* must at least have the radiotap header */
+ if (max_length < (int)sizeof(struct ieee80211_radiotap_header))
+ return -EINVAL;
+
+ /* Linux only supports version 0 radiotap format */
+ if (radiotap_header->it_version)
+ return -EINVAL;
+
+ /* sanity check for allowed length and radiotap length field */
+ if (max_length < get_unaligned_le16(&radiotap_header->it_len))
+ return -EINVAL;
+
+ iterator->_rtheader = radiotap_header;
+ iterator->_max_length = get_unaligned_le16(&radiotap_header->it_len);
+ iterator->_arg_index = 0;
+ iterator->_bitmap_shifter = get_unaligned_le32(&radiotap_header->it_present);
+ iterator->_arg = (uint8_t *)radiotap_header + sizeof(*radiotap_header);
+ iterator->_reset_on_ext = 0;
+ iterator->_next_bitmap = &radiotap_header->it_present;
+ iterator->_next_bitmap++;
+ iterator->_vns = vns;
+ iterator->current_namespace = &radiotap_ns;
+ iterator->is_radiotap_ns = 1;
+#ifdef RADIOTAP_SUPPORT_OVERRIDES
+ iterator->n_overrides = 0;
+ iterator->overrides = NULL;
+#endif
+
+ /* find payload start allowing for extended bitmap(s) */
+
+ if (iterator->_bitmap_shifter & (1<<IEEE80211_RADIOTAP_EXT)) {
+ if ((unsigned long)iterator->_arg -
+ (unsigned long)iterator->_rtheader + sizeof(uint32_t) >
+ (unsigned long)iterator->_max_length)
+ return -EINVAL;
+ while (get_unaligned_le32(iterator->_arg) &
+ (1 << IEEE80211_RADIOTAP_EXT)) {
+ iterator->_arg += sizeof(uint32_t);
+
+ /*
+ * check for insanity where the present bitmaps
+ * keep claiming to extend up to or even beyond the
+ * stated radiotap header length
+ */
+
+ if ((unsigned long)iterator->_arg -
+ (unsigned long)iterator->_rtheader +
+ sizeof(uint32_t) >
+ (unsigned long)iterator->_max_length)
+ return -EINVAL;
+ }
+
+ iterator->_arg += sizeof(uint32_t);
+
+ /*
+ * no need to check again for blowing past stated radiotap
+ * header length, because ieee80211_radiotap_iterator_next
+ * checks it before it is dereferenced
+ */
+ }
+
+ iterator->this_arg = iterator->_arg;
+
+ /* we are all initialized happily */
+
+ return 0;
+}
+
+static void find_ns(struct ieee80211_radiotap_iterator *iterator,
+ uint32_t oui, uint8_t subns)
+{
+ int i;
+
+ iterator->current_namespace = NULL;
+
+ if (!iterator->_vns)
+ return;
+
+ for (i = 0; i < iterator->_vns->n_ns; i++) {
+ if (iterator->_vns->ns[i].oui != oui)
+ continue;
+ if (iterator->_vns->ns[i].subns != subns)
+ continue;
+
+ iterator->current_namespace = &iterator->_vns->ns[i];
+ break;
+ }
+}
+
+#ifdef RADIOTAP_SUPPORT_OVERRIDES
+static int find_override(struct ieee80211_radiotap_iterator *iterator,
+ int *align, int *size)
+{
+ int i;
+
+ if (!iterator->overrides)
+ return 0;
+
+ for (i = 0; i < iterator->n_overrides; i++) {
+ if (iterator->_arg_index == iterator->overrides[i].field) {
+ *align = iterator->overrides[i].align;
+ *size = iterator->overrides[i].size;
+ if (!*align) /* erroneous override */
+ return 0;
+ return 1;
+ }
+ }
+
+ return 0;
+}
+#endif
+
+
+/**
+ * ieee80211_radiotap_iterator_next - return next radiotap parser iterator arg
+ * @iterator: radiotap_iterator to move to next arg (if any)
+ *
+ * Returns: 0 if there is an argument to handle,
+ * -ENOENT if there are no more args or -EINVAL
+ * if there is something else wrong.
+ *
+ * This function provides the next radiotap arg index (IEEE80211_RADIOTAP_*)
+ * in @this_arg_index and sets @this_arg to point to the
+ * payload for the field. It takes care of alignment handling and extended
+ * present fields. @this_arg can be changed by the caller (eg,
+ * incremented to move inside a compound argument like
+ * IEEE80211_RADIOTAP_CHANNEL). The args pointed to are in
+ * little-endian format whatever the endianess of your CPU.
+ *
+ * Alignment Gotcha:
+ * You must take care when dereferencing iterator.this_arg
+ * for multibyte types... the pointer is not aligned. Use
+ * get_unaligned((type *)iterator.this_arg) to dereference
+ * iterator.this_arg for type "type" safely on all arches.
+ */
+
+int ieee80211_radiotap_iterator_next(
+ struct ieee80211_radiotap_iterator *iterator)
+{
+ while (1) {
+ int hit = 0;
+ int pad, align, size, subns;
+ uint32_t oui;
+
+ /* if no more EXT bits, that's it */
+ if ((iterator->_arg_index % 32) == IEEE80211_RADIOTAP_EXT &&
+ !(iterator->_bitmap_shifter & 1))
+ return -ENOENT;
+
+ if (!(iterator->_bitmap_shifter & 1))
+ goto next_entry; /* arg not present */
+
+ /* get alignment/size of data */
+ switch (iterator->_arg_index % 32) {
+ case IEEE80211_RADIOTAP_RADIOTAP_NAMESPACE:
+ case IEEE80211_RADIOTAP_EXT:
+ align = 1;
+ size = 0;
+ break;
+ case IEEE80211_RADIOTAP_VENDOR_NAMESPACE:
+ align = 2;
+ size = 6;
+ break;
+ default:
+#ifdef RADIOTAP_SUPPORT_OVERRIDES
+ if (find_override(iterator, &align, &size)) {
+ /* all set */
+ } else
+#endif
+ if (!iterator->current_namespace ||
+ iterator->_arg_index >= iterator->current_namespace->n_bits) {
+ if (iterator->current_namespace == &radiotap_ns)
+ return -ENOENT;
+ align = 0;
+ } else {
+ align = iterator->current_namespace->align_size[iterator->_arg_index].align;
+ size = iterator->current_namespace->align_size[iterator->_arg_index].size;
+ }
+ if (!align) {
+ /* skip all subsequent data */
+ iterator->_arg = iterator->_next_ns_data;
+ /* give up on this namespace */
+ iterator->current_namespace = NULL;
+ goto next_entry;
+ }
+ break;
+ }
+
+ /*
+ * arg is present, account for alignment padding
+ *
+ * Note that these alignments are relative to the start
+ * of the radiotap header. There is no guarantee
+ * that the radiotap header itself is aligned on any
+ * kind of boundary.
+ *
+ * The above is why get_unaligned() is used to dereference
+ * multibyte elements from the radiotap area.
+ */
+
+ pad = ((unsigned long)iterator->_arg -
+ (unsigned long)iterator->_rtheader) & (align - 1);
+
+ if (pad)
+ iterator->_arg += align - pad;
+
+ if (iterator->_arg_index % 32 == IEEE80211_RADIOTAP_VENDOR_NAMESPACE) {
+ int vnslen;
+
+ if ((unsigned long)iterator->_arg + size -
+ (unsigned long)iterator->_rtheader >
+ (unsigned long)iterator->_max_length)
+ return -EINVAL;
+
+ oui = (*iterator->_arg << 16) |
+ (*(iterator->_arg + 1) << 8) |
+ *(iterator->_arg + 2);
+ subns = *(iterator->_arg + 3);
+
+ find_ns(iterator, oui, subns);
+
+ vnslen = get_unaligned_le16(iterator->_arg + 4);
+ iterator->_next_ns_data = iterator->_arg + size + vnslen;
+ if (!iterator->current_namespace)
+ size += vnslen;
+ }
+
+ /*
+ * this is what we will return to user, but we need to
+ * move on first so next call has something fresh to test
+ */
+ iterator->this_arg_index = iterator->_arg_index;
+ iterator->this_arg = iterator->_arg;
+ iterator->this_arg_size = size;
+
+ /* internally move on the size of this arg */
+ iterator->_arg += size;
+
+ /*
+ * check for insanity where we are given a bitmap that
+ * claims to have more arg content than the length of the
+ * radiotap section. We will normally end up equalling this
+ * max_length on the last arg, never exceeding it.
+ */
+
+ if ((unsigned long)iterator->_arg -
+ (unsigned long)iterator->_rtheader >
+ (unsigned long)iterator->_max_length)
+ return -EINVAL;
+
+ /* these special ones are valid in each bitmap word */
+ switch (iterator->_arg_index % 32) {
+ case IEEE80211_RADIOTAP_VENDOR_NAMESPACE:
+ iterator->_reset_on_ext = 1;
+
+ iterator->is_radiotap_ns = 0;
+ /*
+ * If parser didn't register this vendor
+ * namespace with us, allow it to show it
+ * as 'raw. Do do that, set argument index
+ * to vendor namespace.
+ */
+ iterator->this_arg_index =
+ IEEE80211_RADIOTAP_VENDOR_NAMESPACE;
+ if (!iterator->current_namespace)
+ hit = 1;
+ goto next_entry;
+ case IEEE80211_RADIOTAP_RADIOTAP_NAMESPACE:
+ iterator->_reset_on_ext = 1;
+ iterator->current_namespace = &radiotap_ns;
+ iterator->is_radiotap_ns = 1;
+ goto next_entry;
+ case IEEE80211_RADIOTAP_EXT:
+ /*
+ * bit 31 was set, there is more
+ * -- move to next u32 bitmap
+ */
+ iterator->_bitmap_shifter =
+ get_unaligned_le32(iterator->_next_bitmap);
+ iterator->_next_bitmap++;
+ if (iterator->_reset_on_ext)
+ iterator->_arg_index = 0;
+ else
+ iterator->_arg_index++;
+ iterator->_reset_on_ext = 0;
+ break;
+ default:
+ /* we've got a hit! */
+ hit = 1;
+ next_entry:
+ iterator->_bitmap_shifter >>= 1;
+ iterator->_arg_index++;
+ }
+
+ /* if we found a valid arg earlier, return it now */
+ if (hit)
+ return 0;
+ }
+}
--- /dev/null
+/*-
+ * Copyright (c) 2003, 2004 David Young. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of David Young may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY DAVID YOUNG ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DAVID
+ * YOUNG BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ */
+
+/*
+ * Modifications to fit into the linux IEEE 802.11 stack,
+ * Mike Kershaw (dragorn@kismetwireless.net)
+ */
+
+#ifndef IEEE80211RADIOTAP_H
+#define IEEE80211RADIOTAP_H
+
+#include <stdint.h>
+
+/* Base version of the radiotap packet header data */
+#define PKTHDR_RADIOTAP_VERSION 0
+
+/* A generic radio capture format is desirable. There is one for
+ * Linux, but it is neither rigidly defined (there were not even
+ * units given for some fields) nor easily extensible.
+ *
+ * I suggest the following extensible radio capture format. It is
+ * based on a bitmap indicating which fields are present.
+ *
+ * I am trying to describe precisely what the application programmer
+ * should expect in the following, and for that reason I tell the
+ * units and origin of each measurement (where it applies), or else I
+ * use sufficiently weaselly language ("is a monotonically nondecreasing
+ * function of...") that I cannot set false expectations for lawyerly
+ * readers.
+ */
+
+/* The radio capture header precedes the 802.11 header.
+ * All data in the header is little endian on all platforms.
+ */
+struct ieee80211_radiotap_header {
+ uint8_t it_version; /* Version 0. Only increases
+ * for drastic changes,
+ * introduction of compatible
+ * new fields does not count.
+ */
+ uint8_t it_pad;
+ uint16_t it_len; /* length of the whole
+ * header in bytes, including
+ * it_version, it_pad,
+ * it_len, and data fields.
+ */
+ uint32_t it_present; /* A bitmap telling which
+ * fields are present. Set bit 31
+ * (0x80000000) to extend the
+ * bitmap by another 32 bits.
+ * Additional extensions are made
+ * by setting bit 31.
+ */
+};
+
+/* Name Data type Units
+ * ---- --------- -----
+ *
+ * IEEE80211_RADIOTAP_TSFT __le64 microseconds
+ *
+ * Value in microseconds of the MAC's 64-bit 802.11 Time
+ * Synchronization Function timer when the first bit of the
+ * MPDU arrived at the MAC. For received frames, only.
+ *
+ * IEEE80211_RADIOTAP_CHANNEL 2 x uint16_t MHz, bitmap
+ *
+ * Tx/Rx frequency in MHz, followed by flags (see below).
+ *
+ * IEEE80211_RADIOTAP_FHSS uint16_t see below
+ *
+ * For frequency-hopping radios, the hop set (first byte)
+ * and pattern (second byte).
+ *
+ * IEEE80211_RADIOTAP_RATE u8 500kb/s
+ *
+ * Tx/Rx data rate
+ *
+ * IEEE80211_RADIOTAP_DBM_ANTSIGNAL s8 decibels from
+ * one milliwatt (dBm)
+ *
+ * RF signal power at the antenna, decibel difference from
+ * one milliwatt.
+ *
+ * IEEE80211_RADIOTAP_DBM_ANTNOISE s8 decibels from
+ * one milliwatt (dBm)
+ *
+ * RF noise power at the antenna, decibel difference from one
+ * milliwatt.
+ *
+ * IEEE80211_RADIOTAP_DB_ANTSIGNAL u8 decibel (dB)
+ *
+ * RF signal power at the antenna, decibel difference from an
+ * arbitrary, fixed reference.
+ *
+ * IEEE80211_RADIOTAP_DB_ANTNOISE u8 decibel (dB)
+ *
+ * RF noise power at the antenna, decibel difference from an
+ * arbitrary, fixed reference point.
+ *
+ * IEEE80211_RADIOTAP_LOCK_QUALITY uint16_t unitless
+ *
+ * Quality of Barker code lock. Unitless. Monotonically
+ * nondecreasing with "better" lock strength. Called "Signal
+ * Quality" in datasheets. (Is there a standard way to measure
+ * this?)
+ *
+ * IEEE80211_RADIOTAP_TX_ATTENUATION uint16_t unitless
+ *
+ * Transmit power expressed as unitless distance from max
+ * power set at factory calibration. 0 is max power.
+ * Monotonically nondecreasing with lower power levels.
+ *
+ * IEEE80211_RADIOTAP_DB_TX_ATTENUATION uint16_t decibels (dB)
+ *
+ * Transmit power expressed as decibel distance from max power
+ * set at factory calibration. 0 is max power. Monotonically
+ * nondecreasing with lower power levels.
+ *
+ * IEEE80211_RADIOTAP_DBM_TX_POWER s8 decibels from
+ * one milliwatt (dBm)
+ *
+ * Transmit power expressed as dBm (decibels from a 1 milliwatt
+ * reference). This is the absolute power level measured at
+ * the antenna port.
+ *
+ * IEEE80211_RADIOTAP_FLAGS u8 bitmap
+ *
+ * Properties of transmitted and received frames. See flags
+ * defined below.
+ *
+ * IEEE80211_RADIOTAP_ANTENNA u8 antenna index
+ *
+ * Unitless indication of the Rx/Tx antenna for this packet.
+ * The first antenna is antenna 0.
+ *
+ * IEEE80211_RADIOTAP_RX_FLAGS uint16_t bitmap
+ *
+ * Properties of received frames. See flags defined below.
+ *
+ * IEEE80211_RADIOTAP_TX_FLAGS uint16_t bitmap
+ *
+ * Properties of transmitted frames. See flags defined below.
+ *
+ * IEEE80211_RADIOTAP_RTS_RETRIES u8 data
+ *
+ * Number of rts retries a transmitted frame used.
+ *
+ * IEEE80211_RADIOTAP_DATA_RETRIES u8 data
+ *
+ * Number of unicast retries a transmitted frame used.
+ *
+ * IEEE80211_RADIOTAP_MCS u8, u8, u8 unitless
+ *
+ * Contains a bitmap of known fields/flags, the flags, and
+ * the MCS index.
+ *
+ * IEEE80211_RADIOTAP_AMPDU_STATUS u32, u16, u8, u8 unitlesss
+ *
+ * Contains the AMPDU information for the subframe.
+ */
+enum ieee80211_radiotap_type {
+ IEEE80211_RADIOTAP_TSFT = 0,
+ IEEE80211_RADIOTAP_FLAGS = 1,
+ IEEE80211_RADIOTAP_RATE = 2,
+ IEEE80211_RADIOTAP_CHANNEL = 3,
+ IEEE80211_RADIOTAP_FHSS = 4,
+ IEEE80211_RADIOTAP_DBM_ANTSIGNAL = 5,
+ IEEE80211_RADIOTAP_DBM_ANTNOISE = 6,
+ IEEE80211_RADIOTAP_LOCK_QUALITY = 7,
+ IEEE80211_RADIOTAP_TX_ATTENUATION = 8,
+ IEEE80211_RADIOTAP_DB_TX_ATTENUATION = 9,
+ IEEE80211_RADIOTAP_DBM_TX_POWER = 10,
+ IEEE80211_RADIOTAP_ANTENNA = 11,
+ IEEE80211_RADIOTAP_DB_ANTSIGNAL = 12,
+ IEEE80211_RADIOTAP_DB_ANTNOISE = 13,
+ IEEE80211_RADIOTAP_RX_FLAGS = 14,
+ IEEE80211_RADIOTAP_TX_FLAGS = 15,
+ IEEE80211_RADIOTAP_RTS_RETRIES = 16,
+ IEEE80211_RADIOTAP_DATA_RETRIES = 17,
+
+ IEEE80211_RADIOTAP_MCS = 19,
+ IEEE80211_RADIOTAP_AMPDU_STATUS = 20,
+
+ /* valid in every it_present bitmap, even vendor namespaces */
+ IEEE80211_RADIOTAP_RADIOTAP_NAMESPACE = 29,
+ IEEE80211_RADIOTAP_VENDOR_NAMESPACE = 30,
+ IEEE80211_RADIOTAP_EXT = 31
+};
+
+/* Channel flags. */
+#define IEEE80211_CHAN_TURBO 0x0010 /* Turbo channel */
+#define IEEE80211_CHAN_CCK 0x0020 /* CCK channel */
+#define IEEE80211_CHAN_OFDM 0x0040 /* OFDM channel */
+#define IEEE80211_CHAN_2GHZ 0x0080 /* 2 GHz spectrum channel. */
+#define IEEE80211_CHAN_5GHZ 0x0100 /* 5 GHz spectrum channel */
+#define IEEE80211_CHAN_PASSIVE 0x0200 /* Only passive scan allowed */
+#define IEEE80211_CHAN_DYN 0x0400 /* Dynamic CCK-OFDM channel */
+#define IEEE80211_CHAN_GFSK 0x0800 /* GFSK channel (FHSS PHY) */
+
+/* For IEEE80211_RADIOTAP_FLAGS */
+#define IEEE80211_RADIOTAP_F_CFP 0x01 /* sent/received
+ * during CFP
+ */
+#define IEEE80211_RADIOTAP_F_SHORTPRE 0x02 /* sent/received
+ * with short
+ * preamble
+ */
+#define IEEE80211_RADIOTAP_F_WEP 0x04 /* sent/received
+ * with WEP encryption
+ */
+#define IEEE80211_RADIOTAP_F_FRAG 0x08 /* sent/received
+ * with fragmentation
+ */
+#define IEEE80211_RADIOTAP_F_FCS 0x10 /* frame includes FCS */
+#define IEEE80211_RADIOTAP_F_DATAPAD 0x20 /* frame has padding between
+ * 802.11 header and payload
+ * (to 32-bit boundary)
+ */
+#define IEEE80211_RADIOTAP_F_BADFCS 0x40 /* frame failed FCS check */
+
+/* For IEEE80211_RADIOTAP_RX_FLAGS */
+#define IEEE80211_RADIOTAP_F_RX_BADPLCP 0x0002 /* bad PLCP */
+
+/* For IEEE80211_RADIOTAP_TX_FLAGS */
+#define IEEE80211_RADIOTAP_F_TX_FAIL 0x0001 /* failed due to excessive
+ * retries */
+#define IEEE80211_RADIOTAP_F_TX_CTS 0x0002 /* used cts 'protection' */
+#define IEEE80211_RADIOTAP_F_TX_RTS 0x0004 /* used rts/cts handshake */
+
+/* For IEEE80211_RADIOTAP_AMPDU_STATUS */
+#define IEEE80211_RADIOTAP_AMPDU_REPORT_ZEROLEN 0x0001
+#define IEEE80211_RADIOTAP_AMPDU_IS_ZEROLEN 0x0002
+#define IEEE80211_RADIOTAP_AMPDU_LAST_KNOWN 0x0004
+#define IEEE80211_RADIOTAP_AMPDU_IS_LAST 0x0008
+#define IEEE80211_RADIOTAP_AMPDU_DELIM_CRC_ERR 0x0010
+#define IEEE80211_RADIOTAP_AMPDU_DELIM_CRC_KNOWN 0x0020
+
+/* For IEEE80211_RADIOTAP_MCS */
+#define IEEE80211_RADIOTAP_MCS_HAVE_BW 0x01
+#define IEEE80211_RADIOTAP_MCS_HAVE_MCS 0x02
+#define IEEE80211_RADIOTAP_MCS_HAVE_GI 0x04
+#define IEEE80211_RADIOTAP_MCS_HAVE_FMT 0x08
+#define IEEE80211_RADIOTAP_MCS_HAVE_FEC 0x10
+#define IEEE80211_RADIOTAP_MCS_HAVE_STBC 0x20
+#define IEEE80211_RADIOTAP_MCS_HAVE_NESS 0x40
+#define IEEE80211_RADIOTAP_MCS_NESS_BIT1 0x80
+
+
+#define IEEE80211_RADIOTAP_MCS_BW_MASK 0x03
+#define IEEE80211_RADIOTAP_MCS_BW_20 0
+#define IEEE80211_RADIOTAP_MCS_BW_40 1
+#define IEEE80211_RADIOTAP_MCS_BW_20L 2
+#define IEEE80211_RADIOTAP_MCS_BW_20U 3
+#define IEEE80211_RADIOTAP_MCS_SGI 0x04
+#define IEEE80211_RADIOTAP_MCS_FMT_GF 0x08
+#define IEEE80211_RADIOTAP_MCS_FEC_LDPC 0x10
+#define IEEE80211_RADIOTAP_MCS_STBC_MASK 0x60
+#define IEEE80211_RADIOTAP_MCS_STBC_SHIFT 5
+#define IEEE80211_RADIOTAP_MCS_STBC_1 1
+#define IEEE80211_RADIOTAP_MCS_STBC_2 2
+#define IEEE80211_RADIOTAP_MCS_STBC_3 3
+#define IEEE80211_RADIOTAP_MCS_NESS_BIT0 0x80
+
+#endif /* IEEE80211_RADIOTAP_H */
--- /dev/null
+#ifndef __RADIOTAP_ITER_H
+#define __RADIOTAP_ITER_H
+
+#include <stdint.h>
+#include "radiotap.h"
+
+/* Radiotap header iteration
+ * implemented in radiotap.c
+ */
+
+struct radiotap_override {
+ uint8_t field;
+ uint8_t align:4, size:4;
+};
+
+struct radiotap_align_size {
+ uint8_t align:4, size:4;
+};
+
+struct ieee80211_radiotap_namespace {
+ const struct radiotap_align_size *align_size;
+ int n_bits;
+ uint32_t oui;
+ uint8_t subns;
+};
+
+struct ieee80211_radiotap_vendor_namespaces {
+ const struct ieee80211_radiotap_namespace *ns;
+ int n_ns;
+};
+
+/**
+ * struct ieee80211_radiotap_iterator - tracks walk thru present radiotap args
+ * @this_arg_index: index of current arg, valid after each successful call
+ * to ieee80211_radiotap_iterator_next()
+ * @this_arg: pointer to current radiotap arg; it is valid after each
+ * call to ieee80211_radiotap_iterator_next() but also after
+ * ieee80211_radiotap_iterator_init() where it will point to
+ * the beginning of the actual data portion
+ * @this_arg_size: length of the current arg, for convenience
+ * @current_namespace: pointer to the current namespace definition
+ * (or internally %NULL if the current namespace is unknown)
+ * @is_radiotap_ns: indicates whether the current namespace is the default
+ * radiotap namespace or not
+ *
+ * @overrides: override standard radiotap fields
+ * @n_overrides: number of overrides
+ *
+ * @_rtheader: pointer to the radiotap header we are walking through
+ * @_max_length: length of radiotap header in cpu byte ordering
+ * @_arg_index: next argument index
+ * @_arg: next argument pointer
+ * @_next_bitmap: internal pointer to next present u32
+ * @_bitmap_shifter: internal shifter for curr u32 bitmap, b0 set == arg present
+ * @_vns: vendor namespace definitions
+ * @_next_ns_data: beginning of the next namespace's data
+ * @_reset_on_ext: internal; reset the arg index to 0 when going to the
+ * next bitmap word
+ *
+ * Describes the radiotap parser state. Fields prefixed with an underscore
+ * must not be used by users of the parser, only by the parser internally.
+ */
+
+struct ieee80211_radiotap_iterator {
+ struct ieee80211_radiotap_header *_rtheader;
+ const struct ieee80211_radiotap_vendor_namespaces *_vns;
+ const struct ieee80211_radiotap_namespace *current_namespace;
+
+ unsigned char *_arg, *_next_ns_data;
+ uint32_t *_next_bitmap;
+
+ unsigned char *this_arg;
+#ifdef RADIOTAP_SUPPORT_OVERRIDES
+ const struct radiotap_override *overrides;
+ int n_overrides;
+#endif
+ int this_arg_index;
+ int this_arg_size;
+
+ int is_radiotap_ns;
+
+ int _max_length;
+ int _arg_index;
+ uint32_t _bitmap_shifter;
+ int _reset_on_ext;
+};
+
+extern int ieee80211_radiotap_iterator_init(
+ struct ieee80211_radiotap_iterator *iterator,
+ struct ieee80211_radiotap_header *radiotap_header,
+ int max_length, const struct ieee80211_radiotap_vendor_namespaces *vns);
+
+extern int ieee80211_radiotap_iterator_next(
+ struct ieee80211_radiotap_iterator *iterator);
+
+#endif /* __RADIOTAP_ITER_H */
--- /dev/null
+#include <pcap.h>
+#include <pcap.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/socket.h>
+#include <ctype.h>
+#include <unistd.h>
+#include "radiotap.h"
+#include "radiotap_iter.h"
+#include <curl/curl.h>
+#include <json-c/json.h>
+#include <stdbool.h>
+#include <lorcon2/lorcon.h>
+
+const struct pcap_pkthdr* callback_header;
+
+time_t start = 0;
+int element = -1;
+int changechan=1;
+char *ssid_buf[50][2] = { NULL, NULL };
+char *probe_resp_buf[50][3] = { NULL, NULL };
+char *probe_buf[50][2] = { NULL, NULL };
+
+lorcon_t *context;
+int lchannel = 1;
+
+//char post_url[255] = "http://intranet.spangdorfia.com/butler/sohoinput.php";
+char *post_url = NULL;
+
+static uint8_t insecure = 0;
+
+static const struct radiotap_align_size align_size_000000_00[] = {
+ [0] = { .align = 1, .size = 4, },
+ [52] = { .align = 1, .size = 4, },
+};
+
+typedef struct {
+ u_int8_t it_version;
+ u_int8_t it_pad;
+ u_int16_t it_len;
+ u_int32_t it_present;
+
+ u_int32_t pad;
+ u_int8_t flags;
+ u_int8_t rate;
+ u_int16_t wr_chan_freq;
+ int8_t ant_sig;
+ int8_t lock_quality;
+ u_int8_t ant;
+
+} __attribute__((__packed__)) ieee80211_radiotap;
+
+struct json_object *obj1, *obj2, *array, *tmp1, *tmp2;
+
+/*
+int change_chan(context) {
+ if (changechan==1) {
+ int gchannel=0;
+ changechan=0;
+ gchannel=lorcon_get_channel(context);
+ printf("got channel %d", gchannel);
+ lchannel=gchannel+1;
+ if (lchannel == 14) {
+ lchannel=1;
+ }
+ printf("Setting channel %d\n", lchannel);
+ lorcon_set_channel(context, lchannel);
+ changechan=1;
+ }
+}
+*/
+
+void send_data(json_object *array) {
+
+ //printf("curl start\n");
+ CURL *curl;
+ CURLcode res;
+
+ struct curl_slist *headers = NULL;
+
+ headers = curl_slist_append(headers, "Accept: application/json");
+ headers = curl_slist_append(headers, "Content-Type: application/json");
+
+ //json_object *obj1 = json_object_new_object();
+ //json_object *jvs = json_object_new_string("1");
+ //json_object *japmac = json_object_new_string(ap_mac);
+ //json_object *jlat = json_object_new_double(lat);
+ //json_object *jlng = json_object_new_double(lng);
+
+ //json_object_object_add(obj1,"v", jvs);
+ //json_object_object_add(obj1,"ap_mac", japmac);
+ //json_object_object_add(obj1,"data", array);
+ //json_object_object_add(obj1,"lat", jlat);
+ //json_object_object_add(obj1,"lng", jlng);
+
+ curl = curl_easy_init();
+
+ if(curl) {
+
+ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, NULL);
+ curl_easy_setopt(curl, CURLOPT_URL, post_url);
+ curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
+ curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
+ curl_easy_setopt(curl, CURLOPT_USERAGENT, "SoHoSIGINT");
+ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, json_object_to_json_string(array));
+
+ if (insecure) {
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
+ }
+
+ //printf("Sending this: %s\n",json_object_to_json_string(array));
+
+ //openlog(SYSLOG_NAME, LOG_PID|LOG_CONS, LOG_USER);
+ res = curl_easy_perform(curl);
+
+ if(res != CURLE_OK) {
+ printf("There was a problem sending to %s\n", post_url);
+ //syslog (LOG_INFO, "couldn't send JSON.");
+ } else {
+ //printf("sent JSON to %s\n", post_url);
+ }
+ //closelog ();
+ curl_easy_cleanup(curl);
+ curl_slist_free_all(headers);
+ //json_object_put(obj1);
+ }
+
+ curl_global_cleanup();
+ //printf("curl end\n");
+}
+
+
+void my_callback(u_char *args,const struct pcap_pkthdr* pkthdr,const u_char* packet) {
+
+ int err, radiotap_header_len, ssid_len, i;
+ int8_t rssi, rate, flags, fcsfail;
+ u_int16_t channel;
+ char client_mac[18];
+ char bssid_mac[18];
+ char ssid[32];
+ char tmp_channel[2];
+ char tmp_rssi[1];
+
+ int diff;
+
+ if (start == 0) {
+ start = time(0);
+ }
+
+ time_t t0 = time(0);
+
+ if ( json_object_get_type(array) != json_type_array) {
+ //printf("type of json= %d\n", json_object_get_type(array) == json_type_array);
+ array = json_object_new_array();
+ };
+
+ struct ieee80211_radiotap_iterator iter;
+
+ radiotap_header_len = iter._max_length;
+
+ err = ieee80211_radiotap_iterator_init(&iter, (void*)packet, pkthdr->caplen, NULL);
+ if (err > 0) {
+ }
+
+ radiotap_header_len = iter._max_length;
+
+ fcsfail = 0;
+ while (!(err = ieee80211_radiotap_iterator_next(&iter))) {
+ if (iter.this_arg_index == IEEE80211_RADIOTAP_DBM_ANTSIGNAL) {
+ rssi = (int8_t)iter.this_arg[0];
+ }
+ if (iter.this_arg_index == IEEE80211_RADIOTAP_CHANNEL) {
+ channel = (*(uint16_t *)iter.this_arg);
+ }
+ if (iter.this_arg_index == IEEE80211_RADIOTAP_RATE) {
+ rate = (u_int8_t)iter.this_arg[0];
+ }
+ if (iter.this_arg_index == IEEE80211_RADIOTAP_FLAGS) {
+ flags = (*(u_int8_t *)iter.this_arg);
+ if (flags & IEEE80211_RADIOTAP_F_BADFCS) {
+ printf("bad fcs\n");
+ fcsfail=1;
+ break;
+ }
+ if (flags & IEEE80211_RADIOTAP_F_FRAG) {
+ printf("frag\n");
+ }
+ if (flags & IEEE80211_RADIOTAP_F_CFP) {
+ printf("cfp\n");
+ }
+ }
+ };
+
+ sprintf(tmp_channel, "%04x", channel);
+ sprintf(tmp_rssi, "%d", rssi);
+
+ int counter=0;
+
+ if (pkthdr->len >= 24) {
+ u_int8_t hlen;
+ //hlen = packet[2]+(packet[3]<<8); //Usually 18 or 13 in some cases
+ hlen=36+2;
+ //hlen=38;
+ switch (packet[hlen]) {
+ case 0x40: //probe request
+ printf("probe request\n");
+
+ //while (counter<pkthdr->len) {
+ // printf("%02x",packet[counter]);
+ // counter++;
+ //}
+ //printf("\n");
+
+ ssid_len=packet[61+2];
+
+ memset(ssid, 0, sizeof(ssid));
+
+ if (ssid_len>0) {
+ for (i=0;i<ssid_len;++i){
+ sprintf(ssid+i, "%c", packet[64+i]);
+ }
+ //printf("dongs %s size %d\n", ssid, sizeof(ssid));
+ } else {
+ sprintf(ssid,"[HIDDEN]");
+ }
+
+ memset(client_mac, 0, sizeof(client_mac));
+ sprintf(client_mac, "%02x:%02x:%02x:%02x:%02x:%02x", packet[46+2], packet[47+2],packet[48+2],packet[49+2],packet[50+2],packet[51+2]);
+
+ for (i=0; i<50; i++) {
+ if (probe_buf[i][0] != NULL) {
+ if ((strcoll(probe_buf[i][0], ssid) == 0 && strcoll(probe_buf[i][1], client_mac) == 0)) {
+ break;
+ }
+ }
+ if (probe_buf[i][0] == NULL) {
+ if (element < i) {
+ element=i;
+ }
+ //printf("probe element: %d\n", element);
+ probe_buf[i][0] = strdup(ssid);
+ probe_buf[i][1] = strdup(client_mac);
+ obj2 = json_object_new_object();
+ json_object *type = json_object_new_string("40");
+ json_object *tssid = json_object_new_string(ssid);
+ json_object *tclient_mac = json_object_new_string(client_mac);
+ json_object *tchannel = json_object_new_string(tmp_channel);
+ json_object *jrssi = json_object_new_string(tmp_rssi);
+ json_object_object_add(obj2,"type", type);
+ json_object_object_add(obj2,"ssid", tssid);
+ json_object_object_add(obj2,"client_mac", tclient_mac);
+ json_object_object_add(obj2,"channel", tchannel);
+ json_object_object_add(obj2,"rssi", jrssi);
+ json_object_array_add(array,obj2);
+ break;
+ }
+ }
+ break;
+ case 0x50: //probe response
+ printf("probe response\n");
+
+ //while (counter<pkthdr->len) {
+ //printf("%02x",packet[counter]);
+ //counter++;
+ //}
+ //printf("\n");
+
+ ssid_len=packet[75];
+
+ memset(ssid, 0, sizeof(ssid));
+
+ if (ssid_len>0) {
+ for (i=0;i<ssid_len;++i){
+ sprintf(ssid+i, "%c", packet[76+i]);
+ }
+ } else {
+ sprintf(ssid,"[HIDDEN]");
+ }
+
+ //was 39-44
+ sprintf(client_mac, "%02x:%02x:%02x:%02x:%02x:%02x", packet[40+2], packet[41+2],packet[42+2],packet[43+2],packet[44+2],packet[45+2]);
+ sprintf(bssid_mac, "%02x:%02x:%02x:%02x:%02x:%02x", packet[52+2], packet[53+2],packet[54+2],packet[55+2],packet[56+2],packet[57+2]);
+
+ for (i=0; i<50; i++) {
+ if (probe_resp_buf[i][0] != NULL) {
+ if ((strcoll(probe_resp_buf[i][0], ssid) == 0 && strcoll(probe_resp_buf[i][1], client_mac) == 0)) {
+ break;
+ }
+ }
+ if (probe_resp_buf[i][0] == NULL) {
+ if (element < i) {
+ element=i;
+ }
+ //printf("probe response element: %d\n", element);
+ probe_resp_buf[i][0] = strdup(ssid);
+ probe_resp_buf[i][1] = strdup(client_mac);
+ probe_resp_buf[i][2] = strdup(bssid_mac);
+ obj2 = json_object_new_object();
+ json_object *type = json_object_new_string("50");
+ json_object *tssid = json_object_new_string(ssid);
+ json_object *tclient_mac = json_object_new_string(client_mac);
+ json_object *tbssid_mac = json_object_new_string(bssid_mac);
+ json_object *tchannel = json_object_new_string(tmp_channel);
+ json_object *jrssi = json_object_new_string(tmp_rssi);
+ json_object_object_add(obj2,"type", type);
+ json_object_object_add(obj2,"ssid", tssid);
+ json_object_object_add(obj2,"client_mac", tclient_mac);
+ json_object_object_add(obj2,"bssid_mac", tbssid_mac);
+ json_object_object_add(obj2,"channel", tchannel);
+ json_object_object_add(obj2,"rssi", jrssi);
+ json_object_array_add(array,obj2);
+ break;
+ }
+ }
+ break;
+ case 0x80: //beacon
+ //printf("beacon\n");
+ ssid_len=packet[73+2];
+ //printf("length %d\n", ssid_len);
+ //int counter=0;
+ //while (counter<pkthdr->len) {
+ // printf("%02x",packet[counter]);
+ // counter++;
+ //}
+ //printf("\n");
+
+ memset(ssid, 0, sizeof(ssid));
+
+ if (ssid_len>0) {
+ for (i=0;i<ssid_len;++i){
+ sprintf(ssid+i, "%c", packet[76+i]);
+ //sprintf(ssid[i], "%c", packet[76+i]);
+ }
+ } else {
+ sprintf(ssid,"[HIDDEN]");
+ }
+
+ if (ssid_len == 15 && strlen(ssid) == 0) {
+ sprintf(ssid,"[truncated]");
+ }
+ //printf("debug ssid: %s fieldlen: %d strlen: %d\n", ssid, ssid_len, strlen(ssid));
+ sprintf(client_mac, "%02x:%02x:%02x:%02x:%02x:%02x", packet[52+2], packet[53+2],packet[54+2],packet[55+2],packet[56+2],packet[57+2]);
+
+ for (i=0; i<50; i++) {
+ if (ssid_buf[i][0] != NULL) {
+ if ((strcoll(ssid_buf[i][0], ssid) == 0 && strcoll(ssid_buf[i][1], client_mac) == 0)) {
+ break;
+ }
+ }
+ if (ssid_buf[i][0] == NULL) {
+ if (element < i) {
+ element=i;
+ }
+ //printf("ssid element: %d\n", element);
+ ssid_buf[i][0] = strdup(ssid);
+ ssid_buf[i][1] = strdup(client_mac);
+ obj2 = json_object_new_object();
+ json_object *type = json_object_new_string("80");
+ json_object *tssid = json_object_new_string(ssid);
+ json_object *tclient_mac = json_object_new_string(client_mac);
+ json_object *tchannel = json_object_new_string(tmp_channel);
+ json_object *jrssi = json_object_new_string(tmp_rssi);
+ json_object_object_add(obj2,"type", type);
+ json_object_object_add(obj2,"ssid", tssid);
+ json_object_object_add(obj2,"bssid", tclient_mac);
+ json_object_object_add(obj2,"channel", tchannel);
+ json_object_object_add(obj2,"rssi", jrssi);
+ json_object_array_add(array,obj2);
+ break;
+ }
+ }
+ break;
+ //default:
+ //printf("Got something different: %02x\n", packet[hlen]);
+ //printf("hlen: %d\n", hlen);
+ //break;
+ }
+ };
+
+ diff = (t0 - start);
+
+ if ((diff >= 5) || (element == 25)) {
+ printf("time to barf!\n");
+ //printf("size: %d\n", element);
+ //change_chan(context);
+ int gchannel=0;
+ gchannel=lorcon_get_channel(context);
+ //printf("got channel %d", gchannel);
+ lchannel=gchannel+1;
+ if (lchannel == 14) {
+ lchannel=1;
+ }
+ //printf("Setting channel %d\n", lchannel);
+ lorcon_set_channel(context, lchannel);
+
+ lorcon_set_channel(context, lchannel);
+ /*
+ for (i=0; i<34; i++) {
+ printf("barf beacons: buffer %d, ssid: %s \t\t mac: %s channel: %s rssi: %s\n", i, ssid_buf[i][0], ssid_buf[i][1], ssid_buf[i][2], ssid_buf[i][3]);
+ }
+ for (i=0; i<34; i++) {
+ printf("barf probe reponses: buffer %d, ssid: %s \t mac: %s mac: %s channel: %s rssi: %s\n", i, probe_resp_buf[i][0], probe_resp_buf[i][1], probe_resp_buf[i][2], probe_resp_buf[i][3], probe_resp_buf[i][4]);
+ }
+ for (i=0; i<34; i++) {
+ printf("barf probes: buffer %d, ssid: %s \t mac: %s channel: %s rssi: %s\n", i, probe_buf[i][0], probe_buf[i][1], probe_buf[i][2], probe_buf[i][3]);
+ }
+ */
+
+ if (element >= 0) {
+ //printf("barfing\n");
+ send_data(array);
+ //printf ("The json object created: %s\n",json_object_to_json_string(array));
+ json_object_put(array);
+
+ memset(ssid_buf, 0, sizeof(ssid_buf));
+ memset(probe_resp_buf, 0, sizeof(probe_resp_buf));
+ memset(probe_buf, 0, sizeof(probe_buf));
+ element=-1;
+ }
+ start = time(0);
+ }
+ //printf("rate: %d channel: %04x rssi: %d\n", rate, channel, rssi);
+}
+
+int main(int argc,char **argv)
+{
+ int c;
+ char *dev = NULL;
+ char *interface = NULL;
+ lorcon_driver_t *drvlist, *driver;
+ //lorcon_t *context;
+ char errbuf[PCAP_ERRBUF_SIZE];
+ pcap_t* pcap;
+ struct bpf_program fp; /* hold compiled program */
+ bpf_u_int32 maskp; /* subnet mask */
+ bpf_u_int32 netp; /* ip */
+ u_char* args = NULL;
+ char filter_exp[] = "";
+ char *totpacket = NULL;
+
+ while ((c = getopt (argc, argv, "ha:i:p:")) != -1)
+ switch (c) {
+ case 'a':
+ totpacket = optarg;
+ break;
+ case 'i':
+ interface = optarg;
+ break;
+ case 'p':
+ post_url = optarg;
+ break;
+ case 'h':
+ printf("./disect -a -i\n\t-a : number of packets to sniff. (default 10)\n\t-i : wlan interface.\n\t-p : URL for your collector.\n");
+ exit(0);
+ default:
+ return 0;
+ }
+
+ if (totpacket == NULL) {
+ totpacket="-1";
+ printf("-a not specified... looping forever.\n");
+ }
+
+ if (interface == NULL) {
+ printf("You forgot -i\n");
+ exit(0);
+ }
+
+ if (post_url == NULL) {
+ printf("You forgot -p\n");
+ exit(0);
+ }
+
+ //printf ("%s %s\n", totpacket, dev);
+
+ //if(interface == NULL) {
+ // printf("%s\n",errbuf);
+ // exit(1);
+ //}
+
+ if ( (driver = lorcon_auto_driver(interface)) == NULL) {
+ printf("[!] Could not determine the driver for %s\n",interface);
+ return -1;
+ } else {
+ printf("[+]\t Driver: %s\n",driver->name);
+ }
+
+ // Create LORCON context
+ if ((context = lorcon_create(interface, driver)) == NULL) {
+ printf("[!]\t Failed to create context");
+ return -1;
+ }
+
+ // Create Monitor Mode Interface
+ if (lorcon_open_monitor(context) < 0) {
+ printf("[!]\t Could not create Monitor Mode interface!\n");
+ return -1;
+ } else {
+ printf("[+]\t Monitor Mode VAP: %s\n",lorcon_get_vap(context));
+ lorcon_free_driver_list(driver);
+ }
+
+ // Set the channel we'll be injecting on
+ lorcon_set_channel(context, lchannel);
+
+ dev=lorcon_get_vap(context);
+
+ /* ask pcap for the network address and mask of the device */
+ pcap_lookupnet(dev,&netp,&maskp,errbuf);
+
+ /* open device for reading. NOTE: defaulting to
+ * promiscuous mode*/
+ pcap = pcap_open_live(dev,2346,1,1000,errbuf);
+ pcap_set_promisc(pcap, 1);
+
+ if(pcap == NULL) {
+ printf("pcap_open_live(): %s\n",errbuf);
+ exit(1);
+ }
+
+ pcap_set_datalink(pcap, DLT_IEEE802_11);
+ pcap_set_datalink(pcap, DLT_IEEE802_11_RADIO_AVS);
+ pcap_set_datalink(pcap, DLT_IEEE802_11_RADIO);
+
+ //pcap_setnonblock(pcap, 1, errbuf);
+
+ int link_layer_type = pcap_datalink(pcap);
+
+ //printf("type: %d\n", link_layer_type);
+
+ if (link_layer_type == DLT_PRISM_HEADER ||
+ link_layer_type == DLT_IEEE802_11_RADIO ||
+ link_layer_type == DLT_IEEE802_11_RADIO_AVS ||
+ link_layer_type == DLT_IEEE802_11 ||
+ link_layer_type == DLT_PPI ||
+ link_layer_type == 127 ) {
+ if (pcap_compile(pcap, &fp, filter_exp, 0, netp) == -1) {
+ fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp, pcap_geterr(pcap));
+ exit(EXIT_FAILURE);
+ }
+ if (pcap_setfilter(pcap, &fp) == -1) {
+ fprintf(stderr, "Couldn't install filter %s: %s\n",
+ filter_exp, pcap_geterr(pcap));
+ exit(EXIT_FAILURE);
+ }
+ printf("starting\n");
+
+ pcap_loop(pcap,atoi(totpacket),my_callback,NULL);
+ } else {
+ fprintf(stderr, "Not using the Wi-Fi interface, are you testing something?\n");
+ }
+ fprintf(stdout,"\nfinished\n");
+ return 0;
+}
+
+