diff options
Diffstat (limited to 'network/dsniff')
-rw-r--r-- | network/dsniff/dsniff.SlackBuild | 7 | ||||
-rw-r--r-- | network/dsniff/patches/arpspoof-r-switch.patch | 166 | ||||
-rw-r--r-- | network/dsniff/patches/libnet11.patch (renamed from network/dsniff/libnet11.patch) | 0 | ||||
-rw-r--r-- | network/dsniff/patches/libnet1164.patch (renamed from network/dsniff/libnet1164.patch) | 0 | ||||
-rw-r--r-- | network/dsniff/patches/rewrite-and-modernize-POP-decoder.patch | 128 |
5 files changed, 299 insertions, 2 deletions
diff --git a/network/dsniff/dsniff.SlackBuild b/network/dsniff/dsniff.SlackBuild index f55dbdb26b..764025181b 100644 --- a/network/dsniff/dsniff.SlackBuild +++ b/network/dsniff/dsniff.SlackBuild @@ -26,7 +26,7 @@ PRGNAM=dsniff VERSION=${VERSION:-2.4b1} SRCVER=${SRCVER:-2.4} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} TAG=${TAG:-_SBo} if [ -z "$ARCH" ]; then @@ -76,7 +76,10 @@ find -L . \ # This patch adds support for libnet 1.1.x, it's heavily based on Gentoo ebuild # which, in turn, is heavily based on Debian patch set. And I added a couple # of bits myself in the mix too... - sid77 -patch -p1 < $CWD/libnet11$LIBDIRSUFFIX.patch +patch -p1 < $CWD/patches/libnet11$LIBDIRSUFFIX.patch + +patch -p1 < $CWD/patches/arpspoof-r-switch.patch +patch -p1 < $CWD/patches/rewrite-and-modernize-POP-decoder.patch CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ diff --git a/network/dsniff/patches/arpspoof-r-switch.patch b/network/dsniff/patches/arpspoof-r-switch.patch new file mode 100644 index 0000000000..df81ce3241 --- /dev/null +++ b/network/dsniff/patches/arpspoof-r-switch.patch @@ -0,0 +1,166 @@ + +Debian bug #650749 +arpspoof: add -r switch to poison both directions + +diff --git a/arpspoof.8 b/arpspoof.8 +index a05b5d3..544e06c 100644 +--- a/arpspoof.8 ++++ b/arpspoof.8 +@@ -9,7 +9,7 @@ intercept packets on a switched LAN + .na + .nf + .fi +-\fBarpspoof\fR [\fB-i \fIinterface\fR] [\fB-t \fItarget\fR] \fIhost\fR ++\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR + .SH DESCRIPTION + .ad + .fi +@@ -26,6 +26,9 @@ Specify the interface to use. + .IP "\fB-t \fItarget\fR" + Specify a particular host to ARP poison (if not specified, all hosts + on the LAN). ++.IP "\fB\-r\fR" ++Poison both hosts (host and target) to capture traffic in both directions. ++(only valid in conjuntion with \-t) + .IP \fIhost\fR + Specify the host you wish to intercept packets for (usually the local + gateway). +diff --git a/arpspoof.c b/arpspoof.c +index 7cdbbf8..f51b699 100644 +--- a/arpspoof.c ++++ b/arpspoof.c +@@ -7,6 +7,8 @@ + * Copyright (c) 1999 Dug Song <dugsong@monkey.org> + * + * $Id: arpspoof.c,v 1.5 2001/03/15 08:32:58 dugsong Exp $ ++ * ++ * Improved 2011 by Stefan Tomanek <stefa@pico.ruhr.de> + */ + + #include "config.h" +@@ -31,12 +33,13 @@ static libnet_t *l; + static struct ether_addr spoof_mac, target_mac; + static in_addr_t spoof_ip, target_ip; + static char *intf; ++static int poison_reverse; + + static void + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: arpspoof [-i interface] [-t target] host\n"); ++ "Usage: arpspoof [-i interface] [-t target] [-r] host\n"); + exit(1); + } + +@@ -133,18 +136,30 @@ arp_find(in_addr_t ip, struct ether_addr *mac) + static void + cleanup(int sig) + { ++ int fw = arp_find(spoof_ip, &spoof_mac); ++ int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac); + int i; +- +- if (arp_find(spoof_ip, &spoof_mac)) { +- for (i = 0; i < 3; i++) { +- /* XXX - on BSD, requires ETHERSPOOF kernel. */ ++ ++ fprintf(stderr, "Cleaning up and re-arping targets...\n"); ++ for (i = 0; i < 5; i++) { ++ /* XXX - on BSD, requires ETHERSPOOF kernel. */ ++ if (fw) { + arp_send(l, ARPOP_REPLY, + (u_int8_t *)&spoof_mac, spoof_ip, + (target_ip ? (u_int8_t *)&target_mac : NULL), + target_ip); ++ /* we have to wait a moment before sending the next packet */ ++ sleep(1); ++ } ++ if (bw) { ++ arp_send(l, ARPOP_REPLY, ++ (u_int8_t *)&target_mac, target_ip, ++ (u_int8_t *)&spoof_mac, ++ spoof_ip); + sleep(1); + } + } ++ + exit(0); + } + +@@ -156,11 +171,12 @@ main(int argc, char *argv[]) + char pcap_ebuf[PCAP_ERRBUF_SIZE]; + char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + int c; +- ++ + intf = NULL; + spoof_ip = target_ip = 0; +- +- while ((c = getopt(argc, argv, "i:t:h?V")) != -1) { ++ poison_reverse = 0; ++ ++ while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) { + switch (c) { + case 'i': + intf = optarg; +@@ -169,6 +185,9 @@ main(int argc, char *argv[]) + if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) + usage(); + break; ++ case 'r': ++ poison_reverse = 1; ++ break; + default: + usage(); + } +@@ -178,7 +197,12 @@ main(int argc, char *argv[]) + + if (argc != 1) + usage(); +- ++ ++ if (poison_reverse && !target_ip) { ++ errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t)."); ++ usage(); ++ } ++ + if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) + usage(); + +@@ -191,18 +215,29 @@ main(int argc, char *argv[]) + if (target_ip != 0 && !arp_find(target_ip, &target_mac)) + errx(1, "couldn't arp for host %s", + libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); +- ++ ++ if (poison_reverse) { ++ if (!arp_find(spoof_ip, &spoof_mac)) { ++ errx(1, "couldn't arp for spoof host %s", ++ libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE)); ++ } ++ } ++ + signal(SIGHUP, cleanup); + signal(SIGINT, cleanup); + signal(SIGTERM, cleanup); +- ++ + for (;;) { + arp_send(l, ARPOP_REPLY, NULL, spoof_ip, + (target_ip ? (u_int8_t *)&target_mac : NULL), + target_ip); ++ if (poison_reverse) { ++ arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip); ++ } ++ + sleep(2); + } + /* NOTREACHED */ +- ++ + exit(0); + } +-- +1.7.5.4 + diff --git a/network/dsniff/libnet11.patch b/network/dsniff/patches/libnet11.patch index 61a98ef91a..61a98ef91a 100644 --- a/network/dsniff/libnet11.patch +++ b/network/dsniff/patches/libnet11.patch diff --git a/network/dsniff/libnet1164.patch b/network/dsniff/patches/libnet1164.patch index be11e6e2e5..be11e6e2e5 100644 --- a/network/dsniff/libnet1164.patch +++ b/network/dsniff/patches/libnet1164.patch diff --git a/network/dsniff/patches/rewrite-and-modernize-POP-decoder.patch b/network/dsniff/patches/rewrite-and-modernize-POP-decoder.patch new file mode 100644 index 0000000000..1203a47c91 --- /dev/null +++ b/network/dsniff/patches/rewrite-and-modernize-POP-decoder.patch @@ -0,0 +1,128 @@ + +Debian bug #647583 +Rewrite and modernize POP decoder + +diff --git a/decode_pop.c b/decode_pop.c +index 04044f5..767da41 100644 +--- a/decode_pop.c ++++ b/decode_pop.c +@@ -6,6 +6,8 @@ + * Copyright (c) 2000 Dug Song <dugsong@monkey.org> + * + * $Id: decode_pop.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $ ++ * ++ * Rewritten by Stefan Tomanek 2011 <stefan@pico.ruhr.de> + */ + + #include "config.h" +@@ -45,32 +47,88 @@ int + decode_pop(u_char *buf, int len, u_char *obuf, int olen) + { + char *p; ++ char *s; ++ int n; + int i, j; ++ char *user; ++ char *password; ++ enum { ++ NONE, ++ AUTHPLAIN, ++ AUTHLOGIN, ++ USERPASS ++ } mode = NONE; ++ + + obuf[0] = '\0'; + + for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) { +- if (strncasecmp(p, "AUTH PLAIN", 10) == 0 || +- strncasecmp(p, "AUTH LOGIN", 10) == 0) { +- strlcat(obuf, p, olen); +- strlcat(obuf, "\n", olen); +- +- /* Decode SASL auth. */ +- for (i = 0; i < 2 && (p = strtok(NULL, "\r\n")); i++) { +- strlcat(obuf, p, olen); +- j = base64_pton(p, p, strlen(p)); +- p[j] = '\0'; +- strlcat(obuf, " [", olen); +- strlcat(obuf, p, olen); +- strlcat(obuf, "]\n", olen); ++ if (mode == NONE) { ++ user = NULL; ++ password = NULL; ++ if (strncasecmp(p, "AUTH PLAIN", 10) == 0) { ++ mode = AUTHPLAIN; ++ continue; ++ } ++ if (strncasecmp(p, "AUTH LOGIN", 10) == 0) { ++ mode = AUTHLOGIN; ++ continue; ++ } ++ if (strncasecmp(p, "USER ", 5) == 0) { ++ mode = USERPASS; ++ /* the traditional login cuts right to the case, ++ * so no continue here ++ */ + } + } +- /* Save regular POP2, POP3 auth info. */ +- else if (strncasecmp(p, "USER ", 5) == 0 || +- strncasecmp(p, "PASS ", 5) == 0 || +- strncasecmp(p, "HELO ", 5) == 0) { +- strlcat(obuf, p, olen); +- strlcat(obuf, "\n", olen); ++ printf("(%d) %s\n", mode, p); ++ if (mode == USERPASS) { ++ if (strncasecmp(p, "USER ", 5) == 0) { ++ user = &p[5]; ++ } else if (strncasecmp(p, "PASS ", 5) == 0) { ++ password = &p[5]; ++ } ++ } ++ ++ if (mode == AUTHPLAIN) { ++ j = base64_pton(p, p, strlen(p)); ++ p[j] = '\0'; ++ n = 0; ++ s = p; ++ /* p consists of three parts, divided by \0 */ ++ while (s <= &p[j] && n<=3) { ++ if (n == 0) { ++ /* we do not process this portion yet */ ++ } else if (n == 1) { ++ user = s; ++ } else if (n == 2) { ++ password = s; ++ } ++ n++; ++ while (*s) s++; ++ s++; ++ } ++ } ++ ++ if (mode == AUTHLOGIN) { ++ j = base64_pton(p, p, strlen(p)); ++ p[j] = '\0'; ++ if (! user) { ++ user = p; ++ } else { ++ password = p; ++ /* got everything we need :-) */ ++ } ++ } ++ ++ if (user && password) { ++ strlcat(obuf, "\nusername [", olen); ++ strlcat(obuf, user, olen); ++ strlcat(obuf, "] password [", olen); ++ strlcat(obuf, password, olen); ++ strlcat(obuf, "]\n", olen); ++ ++ mode = NONE; + } + } + return (strlen(obuf)); +-- +1.7.5.4 + |