From cd1df65dc36ac35d526de195284d5ebf18e1f92b Mon Sep 17 00:00:00 2001 From: Marc Date: Fri, 17 Dec 2021 18:52:36 +0000 Subject: test: Add ctests for generation functions. This commit also enforces error code checking on functions inside of the generation functions, such as for `libwifi_quick_add_tag`. --- test/src/test_generation.c | 924 --------------------------------------------- 1 file changed, 924 deletions(-) delete mode 100644 test/src/test_generation.c (limited to 'test/src/test_generation.c') diff --git a/test/src/test_generation.c b/test/src/test_generation.c deleted file mode 100644 index 407e87f..0000000 --- a/test/src/test_generation.c +++ /dev/null @@ -1,924 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "helpers.h" - -#define LIVE_INJECT 0 -#define OFFLINE_DUMP 1 - -#define MODE_BEACON 0 -#define MODE_PROBE_RESPONSE 1 -#define MODE_PROBE_REQUEST 2 -#define MODE_DEAUTH 3 -#define MODE_DISASSOC 4 -#define MODE_ASSOC_RESPONSE 5 -#define MODE_ASSOC_REQUEST 6 -#define MODE_REASSOC_RESPONSE 7 -#define MODE_REASSOC_REQUEST 8 -#define MODE_AUTH 9 -#define MODE_RTS 10 -#define MODE_CTS 11 -#define MODE_RANDOM_BEACON 12 -#define MODE_ACTION 13 -#define MODE_ACTION_NOACK 14 -#define MODE_TIMING_AD 15 -#define MODE_ATIM 16 - -#define SNAPLEN 96 -#define CHANNEL 11 -#define BCAST_MAC "\xff\xff\xff\xff\xff\xff" -#define TO_MAC "\x00\x20\x91\xAA\xBB\xCC" -#define FROM_MAC "\x00\x20\x91\x11\x22\x33" -#define REASSOC_MAC "\xAA\xBB\xCC\xDD\xEE\xFF" -#define BEACON_SSID "libwifi-beacon" -#define PROBE_RESP_SSID "libwifi-probe-resp" -#define PROBE_REQ_SSID "libwifi-probe-req" -#define ASSOC_REQ_SSID "libwifi-assoc-req" -#define REASSOC_REQ_SSID "libwifi-reassoc-req" - -pcap_t *handle = NULL; -pcap_dumper_t *outputHandle = NULL; -FILE *filename = NULL; - -static unsigned char to[] = TO_MAC; -static unsigned char from[] = FROM_MAC; -static unsigned char bcast[] = BCAST_MAC; -static unsigned char reassoc_mac[] = REASSOC_MAC; -static unsigned char tag_data[] = "\x00\x00\00\x01This is a 221 tag from libwifi.\n"; - -static int mode = 0; -static int inject_mode = 0; - -void handle_interupt(int signal) { - if (signal == SIGINT) { - int oldmode = inject_mode; - mode = -1; - inject_mode = -1; - - if (oldmode == LIVE_INJECT) { - pcap_close(handle); - printf("\n\nClosed Capture Handle!\n"); - } else if (oldmode == OFFLINE_DUMP) { - pcap_dump_flush(outputHandle); - pcap_dump_close(outputHandle); - printf("\n\nDumped and Closed Output File!\n"); - } - - exit(EXIT_SUCCESS); - } -} - -void inject_frame(void *buf, size_t buf_sz) { - struct libwifi_radiotap_info info = {0}; - info.present = 0x0000002e; // 0x002e: Flags, Rate, Channel, dBm Ant Signal - info.channel.flags = 0x0140; // OFDM, 5GHz - info.channel.freq = 5180; // Channel 46 - info.flags = 0x0000; // No Flags - info.rate = 1; // 1 Mbit - info.rate_raw = info.rate * 2; // Radiotap uses 500kb/s increments - info.signal = -20; // Signal in dBm - - char *rtap = NULL; - rtap = malloc(LIBWIFI_MAX_RADIOTAP_LEN); - if (rtap == NULL) { - printf("malloc failure: %s\n", strerror(errno)); - return; - } - memset(rtap, 0, LIBWIFI_MAX_RADIOTAP_LEN); - - int rtap_len = libwifi_create_radiotap(&info, rtap); - if (rtap_len == -1) { - printf("error generating radiotap header\n"); - return; - } - - void *frame = NULL; - size_t frame_sz = rtap_len + buf_sz; - frame = malloc(frame_sz); - if (frame == NULL) { - printf("malloc failure: %s\n", strerror(errno)); - exit(EXIT_FAILURE); - } - - memcpy(frame, rtap, rtap_len); - memcpy(frame + rtap_len, buf, buf_sz); - - hexdump(rtap, rtap_len); - printf("-----\n"); - hexdump(frame, frame_sz); - - if (inject_mode == LIVE_INJECT) { - pcap_inject(handle, frame, frame_sz); - } else if (inject_mode == OFFLINE_DUMP) { - struct pcap_pkthdr hdr = {0}; - hdr.caplen = frame_sz; - hdr.len = frame_sz; - struct timeval tv; - gettimeofday(&tv, NULL); - hdr.ts = tv; - pcap_dump((unsigned char *) outputHandle, &hdr, frame); - } - - free(rtap); - free(frame); -} - -void inject_beacons(int random_mac) { - while (1) { - printf("Sending 50 beacons...\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_beacon beacon; - unsigned char txmac[6] = {0}; - memset(&beacon, 0, sizeof(struct libwifi_beacon)); - - if (random_mac) { - libwifi_random_mac(txmac, NULL); - } else { - memcpy(txmac, FROM_MAC, 6); - } - libwifi_create_beacon(&beacon, bcast, txmac, BEACON_SSID, CHANNEL); - libwifi_quick_add_tag(&beacon.tags, TAG_VENDOR_SPECIFIC, tag_data, sizeof(tag_data)); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_beacon_length(&beacon); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting beacon with:\n"); - printf("\tSSID: %s\n", BEACON_SSID); - printf("\tChannel: %d\n", CHANNEL); - printf("\tSource: " MACSTR "\n", MAC2STR(txmac)); - printf("\tDestination: " MACSTR "\n", MAC2STR(bcast)); - - libwifi_dump_beacon(&beacon, buf, buf_sz); - inject_frame(buf, buf_sz); - - libwifi_free_beacon(&beacon); - free(buf); - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_probe_responses() { - while (1) { - printf("Sending 50 probe responses, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_probe_resp probe_resp; - memset(&probe_resp, 0, sizeof(struct libwifi_probe_resp)); - - libwifi_create_probe_resp(&probe_resp, to, from, PROBE_RESP_SSID, CHANNEL); - libwifi_quick_add_tag(&probe_resp.tags, TAG_VENDOR_SPECIFIC, tag_data, sizeof(tag_data)); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_probe_resp_length(&probe_resp); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting probe responses with:\n"); - printf("\tSSID: %s\n", PROBE_RESP_SSID); - printf("\tChannel: %d\n", CHANNEL); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - - libwifi_dump_probe_resp(&probe_resp, buf, buf_sz); - inject_frame(buf, buf_sz); - - libwifi_free_probe_resp(&probe_resp); - free(buf); - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_probe_requests() { - while (1) { - printf("Sending 50 probe responses, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_probe_req probe; - memset(&probe, 0, sizeof(struct libwifi_probe_req)); - - libwifi_create_probe_req(&probe, to, from, to, PROBE_REQ_SSID, CHANNEL); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_probe_req_length(&probe); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting probe requests with:\n"); - printf("\tSSID: %s\n", PROBE_REQ_SSID); - printf("\tChannel: %d\n", CHANNEL); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - - libwifi_dump_probe_req(&probe, buf, buf_sz); - inject_frame(buf, buf_sz); - - libwifi_free_probe_req(&probe); - free(buf); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_deauths() { - while (1) { - printf("Sending 50 probe responses, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_deauth deauth; - memset(&deauth, 0, sizeof(struct libwifi_deauth)); - - libwifi_create_deauth(&deauth, to, from, REASON_STA_LEAVING); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_deauth_length(&deauth); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting deauths with:\n"); - printf("\tChannel: %d\n", CHANNEL); - printf("\tReason: %d\n", REASON_STA_LEAVING); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - - libwifi_dump_deauth(&deauth, buf, buf_sz); - inject_frame(buf, buf_sz); - - free(buf); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_disassocs() { - while (1) { - printf("Sending 50 probe responses, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_disassoc disassoc; - memset(&disassoc, 0, sizeof(struct libwifi_disassoc)); - - libwifi_create_disassoc(&disassoc, to, from, REASON_STA_LEAVING); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_disassoc_length(&disassoc); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting disassocs with:\n"); - printf("\tChannel: %d\n", CHANNEL); - printf("\tReason: %d\n", REASON_STA_LEAVING); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - - libwifi_dump_disassoc(&disassoc, buf, buf_sz); - inject_frame(buf, buf_sz); - - free(buf); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_assoc_requests() { - while (1) { - printf("Sending 50 association requests, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_assoc_req assoc_req; - memset(&assoc_req, 0, sizeof(struct libwifi_assoc_req)); - - libwifi_create_assoc_req(&assoc_req, to, from, ASSOC_REQ_SSID, CHANNEL); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_assoc_req_length(&assoc_req); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting association requests with:\n"); - printf("\tChannel: %d\n", CHANNEL); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - - libwifi_dump_assoc_req(&assoc_req, buf, buf_sz); - inject_frame(buf, buf_sz); - - free(buf); - libwifi_free_assoc_req(&assoc_req); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_assoc_responses() { - while (1) { - printf("Sending 50 association responses, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_assoc_resp assoc_resp; - memset(&assoc_resp, 0, sizeof(struct libwifi_assoc_req)); - - libwifi_create_assoc_resp(&assoc_resp, to, from, CHANNEL); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_assoc_resp_length(&assoc_resp); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting association responses with:\n"); - printf("\tChannel: %d\n", CHANNEL); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - - libwifi_dump_assoc_resp(&assoc_resp, buf, buf_sz); - inject_frame(buf, buf_sz); - - free(buf); - libwifi_free_assoc_resp(&assoc_resp); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_reassoc_requests() { - while (1) { - printf("Sending 50 reassociation requests, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_reassoc_req reassoc_req; - memset(&reassoc_req, 0, sizeof(struct libwifi_assoc_req)); - - libwifi_create_reassoc_req(&reassoc_req, to, from, reassoc_mac, REASSOC_REQ_SSID, CHANNEL); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_reassoc_req_length(&reassoc_req); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting reassociation requests with:\n"); - printf("\tChannel: %d\n", CHANNEL); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - printf("\tPrevious BSSID: " MACSTR "\n", MAC2STR(reassoc_mac)); - - libwifi_dump_reassoc_req(&reassoc_req, buf, buf_sz); - inject_frame(buf, buf_sz); - - free(buf); - libwifi_free_reassoc_req(&reassoc_req); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_reassoc_responses() { - while (1) { - printf("Sending 50 reassociation responses, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_reassoc_resp reassoc_resp; - memset(&reassoc_resp, 0, sizeof(struct libwifi_assoc_req)); - - libwifi_create_reassoc_resp(&reassoc_resp, to, from, CHANNEL); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_reassoc_resp_length(&reassoc_resp); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting reassociation responses with:\n"); - printf("\tChannel: %d\n", CHANNEL); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - - libwifi_dump_reassoc_resp(&reassoc_resp, buf, buf_sz); - inject_frame(buf, buf_sz); - - free(buf); - libwifi_free_reassoc_resp(&reassoc_resp); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_auths() { - while (1) { - printf("Sending 50 auth frames, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_auth auth; - memset(&auth, 0, sizeof(struct libwifi_deauth)); - - libwifi_create_auth(&auth, to, from, AUTH_OPEN, 0, STATUS_SUCCESS); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_auth_length(&auth); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - libwifi_dump_auth(&auth, buf, buf_sz); - inject_frame(buf, buf_sz); - - free(buf); - - memset(&auth, 0, sizeof(struct libwifi_deauth)); - - libwifi_create_auth(&auth, from, to, AUTH_OPEN, 1, STATUS_SUCCESS); - - buf = NULL; - buf_sz = libwifi_get_auth_length(&auth); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting auths with:\n"); - printf("\tChannel: %d\n", CHANNEL); - printf("\tAlgorithm: %d\n", AUTH_OPEN); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - - libwifi_dump_auth(&auth, buf, buf_sz); - inject_frame(buf, buf_sz); - - free(buf); - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_timing_ads() { - while (1) { - printf("Sending 50 timing advertisement frames, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_timing_advert time_ad = {0}; - struct libwifi_timing_advert_fields ad_fields = {0}; - - ad_fields.timing_capabilities = 2; - memcpy(ad_fields.time_error, "\xCC\xCC\xCC\xCC\xCC", 5); - memcpy(ad_fields.time_update, "\xBB", 1); - memcpy(ad_fields.time_value, - "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", 10); - - libwifi_create_timing_advert(&time_ad, to, from, &ad_fields, "GB", -56, -56, -30, -20); - - unsigned char *buf = NULL; - size_t buf_len = libwifi_get_timing_advert_length(&time_ad); - buf = malloc(buf_len); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - printf("buf_len: %zu\n", buf_len); - - size_t ret = libwifi_dump_timing_advert(&time_ad, buf, buf_len); - if (ret < 0) { - printf("error dump: %zu\n", ret); - exit(EXIT_FAILURE); - } - hexdump(buf, buf_len); - inject_frame(buf, buf_len); - - free(buf); - libwifi_free_timing_advert(&time_ad); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_action_noacks() { - while (1) { - printf("Sending 50 action no ack frames, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_action action; - memset(&action, 0, sizeof(struct libwifi_action)); - - libwifi_create_action_no_ack(&action, to, from, ACTION_FAST_BSS_TRANSITION); - - unsigned char *action_buf = malloc(256); - memset(action_buf, 0, 256); - - size_t offset = 0; - size_t w = 0; - - memcpy(action_buf, "\x01", 1); // Fast BSS Request - offset += 1; - memcpy(action_buf + offset, "\xAA\xBB\xCC\xDD\xEE\xFF", 6); // STA Address - offset += 6; - memcpy(action_buf + offset, "\xFF\xEE\xDD\xCC\xBB\xAA", 6); // AP Address - offset += 6; - - unsigned char *tag_tmp = malloc(256); - memset(tag_tmp, 0, 256); - - struct libwifi_tagged_parameter rsne = {0}; - size_t tsz = libwifi_create_tag(&rsne, TAG_RSN, (const unsigned char * )"\x01\x00\x00\x0f\xac\x04\x01\x00\x00\x0f\xac\x04\x01\x00\x00\x0f\xac\x02\x00\x00", 20); - w = libwifi_dump_tag(&rsne, tag_tmp, tsz); - memcpy(action_buf + offset, tag_tmp, w); - offset += w; - - - struct libwifi_tagged_parameter mobdom = {0}; - tsz = libwifi_create_tag(&mobdom, TAG_MOBILITY_DOMAIN, (const unsigned char*)"\x00\x11\x01", 3); - memset(tag_tmp, 0, tsz); - w = libwifi_dump_tag(&mobdom, tag_tmp, tsz); - memcpy(action_buf + offset, tag_tmp, w); - offset += w; - libwifi_free_tag(&mobdom); - - struct libwifi_tagged_parameter fbss = {0}; - tsz = libwifi_create_tag(&fbss, TAG_FAST_BSS_TRANSITION, (const unsigned char*)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xAA\xBB\xCC\xDD\xEE\xFF\xAA\xBB\xCC\xDD\xEE\xFF\xAA\xBB\xCC\xDD\xEE\xFF\xAA\xBB\xCC\xDD\xEE\xFF\xAA\xBB\xCC\xDD\xEE\xFF\xAA\x03\x04\xAA\xBB\x04\xAA\xBB\xCC\xDD", 88); - memset(tag_tmp, 0, tsz); - w = libwifi_dump_tag(&fbss, tag_tmp, tsz); - memcpy(action_buf + offset, tag_tmp, w); - offset += w; - libwifi_free_tag(&fbss); - - libwifi_add_action_detail(&action.fixed_parameters.details, action_buf, offset); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_action_length(&action); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting actions with:\n"); - printf("\tAction: %d\n", ACTION_FAST_BSS_TRANSITION); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - - libwifi_dump_action(&action, buf, buf_sz); - inject_frame(buf, buf_sz); - - free(buf); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_actions() { - while (1) { - printf("Sending 50 action frames, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_action action; - memset(&action, 0, sizeof(struct libwifi_action)); - - libwifi_create_action(&action, to, from, ACTION_FAST_BSS_TRANSITION); - - unsigned char *action_buf = malloc(256); - memset(action_buf, 0, 256); - - size_t offset = 0; - size_t w = 0; - - memcpy(action_buf, "\x01", 1); // Fast BSS Request - offset += 1; - memcpy(action_buf + offset, "\xAA\xBB\xCC\xDD\xEE\xFF", 6); // STA Address - offset += 6; - memcpy(action_buf + offset, "\xFF\xEE\xDD\xCC\xBB\xAA", 6); // AP Address - offset += 6; - - unsigned char *tag_tmp = malloc(256); - memset(tag_tmp, 0, 256); - - struct libwifi_tagged_parameter rsne = {0}; - size_t tsz = libwifi_create_tag(&rsne, TAG_RSN, (const unsigned char * )"\x01\x00\x00\x0f\xac\x04\x01\x00\x00\x0f\xac\x04\x01\x00\x00\x0f\xac\x02\x00\x00", 20); - w = libwifi_dump_tag(&rsne, tag_tmp, tsz); - memcpy(action_buf + offset, tag_tmp, w); - offset += w; - - - struct libwifi_tagged_parameter mobdom = {0}; - tsz = libwifi_create_tag(&mobdom, TAG_MOBILITY_DOMAIN, (const unsigned char*)"\x00\x11\x01", 3); - memset(tag_tmp, 0, tsz); - w = libwifi_dump_tag(&mobdom, tag_tmp, tsz); - memcpy(action_buf + offset, tag_tmp, w); - offset += w; - libwifi_free_tag(&mobdom); - - struct libwifi_tagged_parameter fbss = {0}; - tsz = libwifi_create_tag(&fbss, TAG_FAST_BSS_TRANSITION, (const unsigned char*)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xAA\xBB\xCC\xDD\xEE\xFF\xAA\xBB\xCC\xDD\xEE\xFF\xAA\xBB\xCC\xDD\xEE\xFF\xAA\xBB\xCC\xDD\xEE\xFF\xAA\xBB\xCC\xDD\xEE\xFF\xAA\x03\x04\xAA\xBB\x04\xAA\xBB\xCC\xDD", 88); - memset(tag_tmp, 0, tsz); - w = libwifi_dump_tag(&fbss, tag_tmp, tsz); - memcpy(action_buf + offset, tag_tmp, w); - offset += w; - libwifi_free_tag(&fbss); - - libwifi_add_action_detail(&action.fixed_parameters.details, action_buf, offset); - - unsigned char *buf = NULL; - size_t buf_sz = libwifi_get_action_length(&action); - - buf = malloc(buf_sz); - if (buf == NULL) { - printf("malloc failure: %s", strerror(errno)); - exit(EXIT_FAILURE); - } - - printf("Injecting actions with:\n"); - printf("\tAction: %d\n", ACTION_FAST_BSS_TRANSITION); - printf("\tSource: " MACSTR "\n", MAC2STR(from)); - printf("\tDestination: " MACSTR "\n", MAC2STR(to)); - - libwifi_dump_action(&action, buf, buf_sz); - inject_frame(buf, buf_sz); - - free(buf); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_atim() { - while (1) { - printf("Sending 50 ATIM frames, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_atim atim = {0}; - - libwifi_create_atim(&atim, to, from, from); - - inject_frame(&atim, sizeof(struct libwifi_atim)); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_rts() { - while (1) { - printf("Sending 50 RTS frames, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_rts rts = {0}; - - libwifi_create_rts(&rts, to, from, 32); - - inject_frame(&rts, sizeof(struct libwifi_rts)); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void inject_cts() { - while (1) { - printf("Sending 50 CTS frames, then sleeping for 1 second\n"); - for (int i = 0; i < 50; ++i) { - struct libwifi_cts cts = {0}; - - libwifi_create_cts(&cts, to, 32); - - inject_frame(&cts, sizeof(struct libwifi_cts)); - - usleep(1e4); // 10ms - } - sleep(1); - } -} - -void help(const char *name) { - fprintf(stderr, "Usage:\n"); - fprintf(stderr, "\t%s --interface [interface] [--mode]\n", name); - fprintf(stderr, "\t\tor\n"); - fprintf(stderr, "\t%s --file [output file] [--mode]\n", name); - fprintf(stderr, "\n"); - fprintf(stderr, "Modes:\n"); - fprintf(stderr, "\t--beacon\n"); - fprintf(stderr, "\t--random-beacon\n"); - fprintf(stderr, "\t--probe-req\n"); - fprintf(stderr, "\t--probe-resp\n"); - fprintf(stderr, "\t--deauth\n"); - fprintf(stderr, "\t--disassoc\n"); - fprintf(stderr, "\t--assoc-req\n"); - fprintf(stderr, "\t--assoc-resp\n"); - fprintf(stderr, "\t--reassoc-req\n"); - fprintf(stderr, "\t--reassoc-resp\n"); - fprintf(stderr, "\t--auth\n"); - fprintf(stderr, "\t--timing-ad\n"); - fprintf(stderr, "\t--atim\n"); - fprintf(stderr, "\t--rts\n"); - fprintf(stderr, "\t--cts\n"); -} - -void handle_args(int argc, const char *argv[]) { - char errbuf[PCAP_ERRBUF_SIZE]; - memset(errbuf, 0, PCAP_ERRBUF_SIZE); - - if (argc < 4) { - help(argv[0]); - exit(EXIT_SUCCESS); - } - - if (strcmp(argv[1], "--file") == 0) { - inject_mode = OFFLINE_DUMP; - - filename = fopen(argv[2], "w+"); - if ((handle = pcap_open_dead(DLT_IEEE802_11_RADIO, BUFSIZ)) == NULL) { - fprintf(stderr, "1 %s: %s\n", argv[2], errbuf); - exit(EXIT_FAILURE); - } - if ((outputHandle = pcap_dump_fopen(handle, filename)) == NULL) { - fprintf(stderr, "2 %s: %s\n", argv[2], errbuf); - exit(EXIT_FAILURE); - } - } else if (strcmp(argv[1], "--interface") == 0) { - inject_mode = LIVE_INJECT; - - if ((handle = pcap_create(argv[2], errbuf)) == NULL) { - fprintf(stderr, "Couldn't open interface %s: %s\n", argv[2], errbuf); - exit(EXIT_FAILURE); - } - if (pcap_activate(handle) == 0) { - printf("Sniffing on %s\n", argv[2]); - } else { - fprintf(stderr, "Couldn't activate %s: %s\n", argv[2], pcap_geterr(handle)); - exit(EXIT_FAILURE); - } - } else { - help(argv[0]); - exit(EXIT_SUCCESS); - } - - if (strcmp(argv[3], "--beacon") == 0) { - mode = MODE_BEACON; - } else if (strcmp(argv[3], "--random-beacon") == 0) { - mode = MODE_RANDOM_BEACON; - } else if (strcmp(argv[3], "--probe-resp") == 0) { - mode = MODE_PROBE_RESPONSE; - } else if (strcmp(argv[3], "--probe-req") == 0) { - mode = MODE_PROBE_REQUEST; - } else if (strcmp(argv[3], "--deauth") == 0) { - mode = MODE_DEAUTH; - } else if (strcmp(argv[3], "--disassoc") == 0) { - mode = MODE_DISASSOC; - } else if (strcmp(argv[3], "--assoc-resp") == 0) { - mode = MODE_ASSOC_RESPONSE; - } else if (strcmp(argv[3], "--assoc-req") == 0) { - mode = MODE_ASSOC_REQUEST; - } else if (strcmp(argv[3], "--reassoc-resp") == 0) { - mode = MODE_REASSOC_RESPONSE; - } else if (strcmp(argv[3], "--reassoc-req") == 0) { - mode = MODE_REASSOC_REQUEST; - } else if (strcmp(argv[3], "--auth") == 0) { - mode = MODE_AUTH; - } else if (strcmp(argv[3], "--timing-ad") == 0) { - mode = MODE_TIMING_AD; - } else if (strcmp(argv[3], "--action") == 0) { - mode = MODE_ACTION; - } else if (strcmp(argv[3], "--action-noack") == 0) { - mode = MODE_ACTION_NOACK; - } else if (strcmp(argv[3], "--atim") == 0) { - mode = MODE_ATIM; - } else if (strcmp(argv[3], "--rts") == 0) { - mode = MODE_RTS; - } else if (strcmp(argv[3], "--cts") == 0) { - mode = MODE_CTS; - } else { - help(argv[0]); - exit(EXIT_SUCCESS); - } -} - -int main(int argc, const char *argv[]) { - signal(SIGINT, handle_interupt); - handle_args(argc, argv); - - printf("Starting in 5 seconds...\n"); - - sleep(5); - - switch (mode) { - case MODE_BEACON: - inject_beacons(0); - break; - case MODE_RANDOM_BEACON: - inject_beacons(1); - break; - case MODE_PROBE_RESPONSE: - inject_probe_responses(); - break; - case MODE_PROBE_REQUEST: - inject_probe_requests(); - break; - case MODE_DEAUTH: - inject_deauths(); - break; - case MODE_DISASSOC: - inject_disassocs(); - break; - case MODE_ASSOC_REQUEST: - inject_assoc_requests(); - break; - case MODE_ASSOC_RESPONSE: - inject_assoc_responses(); - break; - case MODE_REASSOC_REQUEST: - inject_reassoc_requests(); - break; - case MODE_REASSOC_RESPONSE: - inject_reassoc_responses(); - break; - case MODE_AUTH: - inject_auths(); - break; - case MODE_ACTION: - inject_actions(); - break; - case MODE_ACTION_NOACK: - inject_action_noacks(); - break; - case MODE_TIMING_AD: - inject_timing_ads(); - break; - case MODE_ATIM: - inject_atim(); - break; - case MODE_RTS: - inject_rts(); - break; - case MODE_CTS: - inject_cts(); - break; - } - - return 0; -} -- cgit 1.4.1