dsniff  2.4b2
About: A collection of tools for network auditing
  Fossies Dox: dsniff-2.4b2.tar.gz  ("inofficial" and yet experimental doxygen-generated source code documentation)  

record.c
Go to the documentation of this file.
1 /*
2  * record.c
3  *
4  * Copyright (c) 2000 Dug Song <dugsong@monkey.org>
5  *
6  * $Id: record.c,v 1.10 2001/03/15 08:33:04 dugsong Exp $
7  */
8 
9 #include "config.h"
10 
11 #include <sys/types.h>
12 #include <netinet/in.h>
13 #include <rpc/rpc.h>
14 
15 #include <stdio.h>
16 #include <time.h>
17 #include <md5.h>
18 #ifdef HAVE_DB_185_H
19 #define DB_LIBRARY_COMPATIBILITY_API
20 #include <db_185.h>
21 #elif HAVE_DB_H
22 #include <db.h>
23 #endif
24 #include <libnet.h>
25 
26 #include "options.h"
27 #include "record.h"
28 
29 struct rec {
30  time_t time;
33  u_int proto;
34  u_short sport;
35  u_short dport;
36  struct netobj name;
37  struct netobj data;
38 };
39 
40 static DB *db;
41 
42 static int
43 xdr_rec(XDR *xdrs, struct rec *rec)
44 {
45  if (xdr_u_long(xdrs, (u_long *)&rec->time) &&
46  xdr_u_long(xdrs, (u_long *)&rec->src) &&
47  xdr_u_long(xdrs, (u_long *)&rec->dst) &&
48  xdr_u_int(xdrs, &rec->proto) &&
49  xdr_u_short(xdrs, &rec->sport) &&
50  xdr_u_short(xdrs, &rec->dport) &&
51  xdr_netobj(xdrs, &rec->name) &&
52  xdr_netobj(xdrs, &rec->data)) {
53  return (1);
54  }
55  return (0);
56 }
57 
58 static void
60 {
61  struct tm *tm;
62  char *srcp, *dstp, *protop, tstr[24], spstr[8], dpstr[8];
63  struct protoent *pr;
64 
65  tm = localtime(&rec->time);
66  strftime(tstr, sizeof(tstr), "%x %X", tm);
67 
68  srcp = libnet_addr2name4(rec->src, Opt_dns);
69  dstp = libnet_addr2name4(rec->dst, Opt_dns);
70 
71  if ((pr = getprotobynumber(rec->proto)) == NULL)
72  protop = "unknown";
73  else
74  protop = pr->p_name;
75 
76  snprintf(spstr, sizeof(spstr), "%d", rec->sport);
77  snprintf(dpstr, sizeof(dpstr), "%d", rec->dport);
78 
79  printf("-----------------\n");
80  printf("%s %s %s%s%s -> %s%s%s (%.*s)\n",
81  tstr, protop,
82  srcp, rec->sport ? "." : "", rec->sport ? spstr : "",
83  dstp, rec->dport ? "." : "", rec->dport ? dpstr : "",
84  (int) rec->name.n_len, rec->name.n_bytes);
85 
86  fwrite(rec->data.n_bytes, 1, rec->data.n_len, stdout);
87  printf("\n");
88 
89  fflush(stdout);
90 }
91 
92 static DBT *
94 {
95  static DBT key;
96  static u_char hash[16];
97  MD5_CTX ctx;
98 
99  /* Unique key: src/dst IPs, decode type, decode data. */
100 
101  MD5Init(&ctx);
102  MD5Update(&ctx, (u_char *) &rec->src, sizeof(rec->src));
103  MD5Update(&ctx, (u_char *) &rec->dst, sizeof(rec->dst));
104  MD5Update(&ctx, rec->name.n_bytes, rec->name.n_len);
105  MD5Update(&ctx, rec->data.n_bytes, rec->data.n_len);
106  MD5Final(hash, &ctx);
107 
108  key.data = hash;
109  key.size = sizeof(hash);
110 
111  return (&key);
112 }
113 
114 static int
116 {
117  DBT *key, data;
118  XDR xdrs;
119  u_char buf[2048];
120 
121  xdrmem_create(&xdrs, buf, sizeof(buf), XDR_ENCODE);
122 
123  if (!xdr_rec(&xdrs, rec))
124  return (0);
125 
126  data.data = buf;
127  data.size = xdr_getpos(&xdrs);
128 
129  xdr_destroy(&xdrs);
130 
131  key = record_hash(rec);
132 
133  if (db->put(db, key, &data, R_NOOVERWRITE) == 0)
134  db->sync(db, 0);
135 
136  return (1);
137 }
138 
139 void
141 {
142  DBT key, data;
143  XDR xdrs;
144  struct rec rec;
145 
146  while (db->seq(db, &key, &data, R_NEXT) == 0) {
147  memset(&rec, 0, sizeof(rec));
148  xdrmem_create(&xdrs, data.data, data.size, XDR_DECODE);
149 
150  if (xdr_rec(&xdrs, &rec)) {
151  record_print(&rec);
152  }
153  xdr_destroy(&xdrs);
154  }
155 }
156 
157 int
158 record_init(char *file)
159 {
160  int flags, mode;
161 
162  if (Opt_read) {
163  flags = O_RDONLY;
164  mode = 0;
165  }
166  else {
167  flags = O_RDWR|O_CREAT;
168  mode = S_IRUSR|S_IWUSR;
169  }
170  if ((db = dbopen(file, flags, mode, DB_BTREE, NULL)) == NULL)
171  return (0);
172 
173  return (1);
174 }
175 
176 int
177 record(in_addr_t src, in_addr_t dst, int proto, u_short sport, u_short dport,
178  char *name, u_char *buf, int len)
179 {
180  struct rec rec;
181 
182  rec.time = time(NULL);
183 
184  rec.src = src;
185  rec.dst = dst;
186 
187  rec.proto = proto;
188 
189  rec.sport = sport;
190  rec.dport = dport;
191 
192  rec.name.n_bytes = name;
193  rec.name.n_len = strlen(name);
194 
195  rec.data.n_bytes = buf;
196  rec.data.n_len = len;
197 
198  if (!Opt_read && !Opt_write)
199  record_print(&rec);
200 
201  record_save(&rec);
202 
203  return (1);
204 }
205 
206 void
208 {
209  db->close(db);
210 }
211 
Opt_write
int Opt_write
Definition: dsniff.c:41
rec::sport
u_short sport
Definition: record.c:34
rec::proto
u_int proto
Definition: record.c:33
record_hash
static DBT * record_hash(struct rec *rec)
Definition: record.c:93
rec::dst
u_int32_t dst
Definition: record.c:32
rec::dport
u_short dport
Definition: record.c:35
options.h
buf
static u_char buf[BUFSIZ]
Definition: filenamesnarf.c:29
record.h
rec::data
struct netobj data
Definition: record.c:37
Opt_dns
u_short Opt_dns
Definition: dsniff.c:38
record_close
void record_close(void)
Definition: record.c:207
rec::src
u_int32_t src
Definition: record.c:31
MD5Update
void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
Definition: md5.c:65
rec::time
time_t time
Definition: record.c:30
buf
Definition: buf.h:14
Opt_read
int Opt_read
Definition: dsniff.c:40
md5.h
db
static DB * db
Definition: record.c:40
xdr_rec
static int xdr_rec(XDR *xdrs, struct rec *rec)
Definition: record.c:43
record
int record(u_int32_t src, u_int32_t dst, int proto, u_short sport, u_short dport, char *name, u_char *buf, int len)
Definition: record.c:177
rec::name
struct netobj name
Definition: record.c:36
rec
Definition: record.c:29
in_addr_t
#define in_addr_t
Definition: config.h:32
record_print
static void record_print(struct rec *rec)
Definition: record.c:59
MD5Init
void MD5Init(struct MD5Context *ctx)
Definition: md5.c:50
record_dump
void record_dump(void)
Definition: record.c:140
config.h
MD5Context
Definition: md5.h:4
record_save
static int record_save(struct rec *rec)
Definition: record.c:115
MD5Final
void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
Definition: md5.c:113
record_init
int record_init(char *file)
Definition: record.c:158