Date: Fri, 1 Mar 2002 03:43:58 +0100 (CET) From: "Simon 'corecode' Schubert" <corecode@corecode.ath.cx> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/35438: new port: net/driftnet Message-ID: <200203010243.g212hwD46006@elevation.zuhause.stoert.net>
next in thread | raw e-mail | index | archive | help
>Number: 35438 >Category: ports >Synopsis: new port: net/driftnet >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Feb 28 19:40:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Simon 'corecode' Schubert >Release: FreeBSD 4.5-STABLE i386 >Organization: >Environment: System: FreeBSD elevation.zuhause.stoert.net 4.5-STABLE FreeBSD 4.5-STABLE #6: Sat Feb 9 22:49:14 CET 2002 corecode@elevation.zuhause.stoert.net:/usr/obj/i386/k7/usr/src/sys/ELEVATION i386 >Description: not for sniffing in the first place, just nice to see all kinds of images passing through your connection: EtherPEG was a program that sniffed for JPEGs passing by on the AirPort networks at MacHack, and showed them on the huge screen to shame people into a) turning the 802.11 encryption on, or b) reducing amount of pr0n they download at weirdo Mac conventions. DRIFTNET can do the same for *your* office, and make an attractive desktop accessory to boot. The program promiscuously sniffs and decodes any JPEG downloaded by anyone on your LAN, displaying it in an attractive, ever changing mosaic of fluffy kittens, oversized navigation buttons, and blurred images of Big Brother Elizabeth fiddling. It's UNIX only. Your sysadmin is undoubtedly running it already. So stop that. Now. WWW: http://www.ex-parrot.com/~chris/driftnet/ - Simon 'corecode' Schubert >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # driftnet # driftnet/files # driftnet/files/Makefile # driftnet/files/patch-driftnet.c # driftnet/files/patch-img.h # driftnet/Makefile # driftnet/distinfo # driftnet/pkg-comment # driftnet/pkg-descr # driftnet/pkg-plist # echo c - driftnet mkdir -p driftnet > /dev/null 2>&1 echo c - driftnet/files mkdir -p driftnet/files > /dev/null 2>&1 echo x - driftnet/files/Makefile sed 's/^X//' >driftnet/files/Makefile << 'END-of-driftnet/files/Makefile' X# $corecode: ports/driftnet/files/Makefile,v 1.1 2002/03/01 02:32:10 corecode Exp $ X# $FreeBSD$ X XVERSION?= 0.1.4 X XPROG= driftnet XSRCS= gif.c img.c jpeg.c png.c driftnet.c image.c display.c XCFLAGS+= -I${LOCALBASE}/include -DDRIFTNET_VERSION='"${VERSION}"' ${GTK_CFLAGS} XLDFLAGS+= ${GTK_LDFLAGS} -lpcap -ljpeg -lungif X XNOMAN= yes X X.if defined(PREFIX) XDESTDIR= ${PREFIX}/bin X.else XDESTDIR?= /usr/X11R6/bin X.endif X XGTK_CONFIG?= gtk12-config XGTK_CFLAGS!= ${GTK_CONFIG} --cflags XGTK_LDFLAGS!= ${GTK_CONFIG} --libs X X.include <bsd.prog.mk> END-of-driftnet/files/Makefile echo x - driftnet/files/patch-driftnet.c sed 's/^X//' >driftnet/files/patch-driftnet.c << 'END-of-driftnet/files/patch-driftnet.c' X--- driftnet.c.orig Tue Sep 11 11:34:56 2001 X+++ driftnet.c Fri Mar 1 02:05:56 2002 X@@ -14,7 +14,9 @@ X #include <assert.h> X #include <errno.h> X #include <pcap.h> X-#include <linux/if_ether.h> X+#include <sys/types.h> X+#include <netinet/in_systm.h> X+#include <netinet/in.h> X #include <netinet/ip.h> X #include <netinet/tcp.h> X #include <stdlib.h> X@@ -261,8 +263,8 @@ X "Synopsis: driftnet -h | [-i interface] [-p] [-v] [filter code]\n" X "\n" X " -h Display this help message.\n" X-" -i interface Select the interface on which to listen (default: all\n" X-" interfaces).\n" X+" -i interface Select the interface on which to listen (default: first\n" X+" available interface).\n" X " -p Do not put the listening interface into promiscuous mode.\n" X " -v Verbose operation.\n" X "\n" X@@ -293,7 +295,7 @@ X void setup_signals(void) { X int *p; X /* Signals to ignore. */ X- int ignore_signals[] = {SIGPIPE, 0}; X+ int ignore_signals[] = {SIGPIPE, SIGCONT, SIGHUP, 0}; X /* Signals which mean we should quit, killing the display child if X * applicable. */ X int terminate_signals[] = {SIGTERM, SIGINT, SIGSEGV, SIGBUS, SIGCHLD, 0}; X@@ -393,6 +395,15 @@ X } X } X X+ if (!interface) { X+ interface = pcap_lookupdev(ebuf); X+ X+ if (!interface) { X+ fprintf(stderr, PROGNAME": pcap_lookupdev: %s\n", ebuf); X+ return -1; X+ } X+ } X+ X X if (verbose) X fprintf(stderr, PROGNAME": listening on %s%s\n", interface ? interface : "all interfaces", promisc ? " in promiscuous mode" : ""); X@@ -468,7 +479,7 @@ X fprintf(stderr, PROGNAME": link-level header length is %d bytes\n", pkt_offset); X X while (!foad) { X- struct iphdr ip; X+ struct ip ip; X struct tcphdr tcp; X struct in_addr s, d; X int off, len; X@@ -485,32 +496,32 @@ X fprintf(stderr, "packet len = %d captured = %d!\n", hdr.len, hdr.caplen); X */ X memcpy(&ip, pkt + pkt_offset, sizeof(ip)); X- memcpy(&s, &ip.saddr, sizeof(ip.saddr)); X- memcpy(&d, &ip.daddr, sizeof(ip.daddr)); X+ memcpy(&s, &ip.ip_src, sizeof(ip.ip_src)); X+ memcpy(&d, &ip.ip_dst, sizeof(ip.ip_dst)); X X- memcpy(&tcp, pkt + pkt_offset + (ip.ihl << 2), sizeof(tcp)); X- off = pkt_offset + (ip.ihl << 2) + (tcp.doff << 2); X+ memcpy(&tcp, pkt + pkt_offset + (ip.ip_hl << 2), sizeof(tcp)); X+ off = pkt_offset + (ip.ip_hl << 2) + (tcp.th_off << 2); X len = hdr.caplen - off; X X /* X if (verbose) X- fprintf(stderr, PROGNAME": captured packet: %s:%d -> %s:%d\n", inet_ntoa(s), ntohs(tcp.source), inet_ntoa(d), ntohs(tcp.dest)); X+ fprintf(stderr, PROGNAME": captured packet: %s:%d -> %s:%d\n", inet_ntoa(s), ntohs(tcp.th_sport), inet_ntoa(d), ntohs(tcp.th_dport)); X */ X X /* XXX fragmented packets and other nasties. */ X X /* try to find the connection slot associated with this. */ X- C = find_connection(&s, &d, ntohs(tcp.source), ntohs(tcp.dest)); X+ C = find_connection(&s, &d, ntohs(tcp.th_sport), ntohs(tcp.th_dport)); X X /* no connection at all, so we need to allocate one. */ X if (!C) { X if (verbose) X- fprintf(stderr, PROGNAME": new connection: %s\n", connection_string(s, ntohs(tcp.source), d, ntohs(tcp.dest))); X+ fprintf(stderr, PROGNAME": new connection: %s\n", connection_string(s, ntohs(tcp.th_sport), d, ntohs(tcp.th_dport))); X C = alloc_connection(); X- *C = connection_new(&s, &d, ntohs(tcp.source), ntohs(tcp.dest)); X+ *C = connection_new(&s, &d, ntohs(tcp.th_sport), ntohs(tcp.th_dport)); X /* This might or might not be an entirely new connection (SYN flag X * set). Either way we need a sequence number to start at. */ X- (*C)->isn = ntohl(tcp.seq); X+ (*C)->isn = ntohl(tcp.th_seq); X } X X /* Now we need to process this segment. */ X@@ -526,16 +537,16 @@ X c->isn = htonl(tcp.seq); X #endif X X- if (tcp.rst) { X+ if (tcp.th_flags & TH_RST) { X /* Looks like this connection is bogus, and so might be a X * connection going the other way. */ X if (verbose) X- fprintf(stderr, PROGNAME": connection reset: %s\n", connection_string(s, ntohs(tcp.source), d, ntohs(tcp.dest))); X+ fprintf(stderr, PROGNAME": connection reset: %s\n", connection_string(s, ntohs(tcp.th_sport), d, ntohs(tcp.th_dport))); X X connection_delete(c); X *C = NULL; X X- if ((C = find_connection(&d, &s, ntohs(tcp.dest), ntohs(tcp.source)))) { X+ if ((C = find_connection(&d, &s, ntohs(tcp.th_dport), ntohs(tcp.th_sport)))) { X connection_delete(*C); X *C = NULL; X } X@@ -547,7 +558,7 @@ X /* We have some data in the packet. If this data occurred after X * the first data we collected for this connection, then save it X * so that we can look for images. Otherwise, discard it. */ X- unsigned int offset = ntohl(tcp.seq); X+ unsigned int offset = ntohl(tcp.th_seq); X X /* Modulo 2**32 arithmetic; offset = seq - isn + delta. */ X if (offset < (c->isn + delta)) X@@ -558,19 +569,19 @@ X if (offset > c->len + 262144) { X /* Out-of-order packet. */ X if (verbose) X- fprintf(stderr, PROGNAME": out of order packet: %s\n", connection_string(s, ntohs(tcp.source), d, ntohs(tcp.dest))); X+ fprintf(stderr, PROGNAME": out of order packet: %s\n", connection_string(s, ntohs(tcp.th_sport), d, ntohs(tcp.th_dport))); X } else { X /* if (verbose) X- fprintf(stderr, PROGNAME": captured %d bytes: %s:%d -> %s:%d\n", (int)len, inet_ntoa(s), ntohs(tcp.source), inet_ntoa(d), ntohs(tcp.dest));*/ X+ fprintf(stderr, PROGNAME": captured %d bytes: %s:%d -> %s:%d\n", (int)len, inet_ntoa(s), ntohs(tcp.th_sport), inet_ntoa(d), ntohs(tcp.th_dport));*/ X connection_push(c, pkt + off, offset, len); X connection_harvest_images(c); X } X } X X- if (tcp.fin) { X+ if (tcp.th_flags & TH_FIN) { X /* Connection closing. */ X if (verbose) X- fprintf(stderr, PROGNAME": connection closing: %s, %d bytes transferred\n", connection_string(s, ntohs(tcp.source), d, ntohs(tcp.dest)), c->len); X+ fprintf(stderr, PROGNAME": connection closing: %s, %d bytes transferred\n", connection_string(s, ntohs(tcp.th_sport), d, ntohs(tcp.th_dport)), c->len); X connection_harvest_images(c); X connection_delete(c); X *C = NULL; END-of-driftnet/files/patch-driftnet.c echo x - driftnet/files/patch-img.h sed 's/^X//' >driftnet/files/patch-img.h << 'END-of-driftnet/files/patch-img.h' X--- img.h.orig Tue Sep 11 11:34:56 2001 X+++ img.h Fri Mar 1 00:01:34 2002 X@@ -12,7 +12,7 @@ X #ifndef __IMG_H_ /* include guard */ X #define __IMG_H_ X X-#include <stdint.h> X+#include <sys/types.h> X #include <stdio.h> X X typedef uint8_t chan; END-of-driftnet/files/patch-img.h echo x - driftnet/Makefile sed 's/^X//' >driftnet/Makefile << 'END-of-driftnet/Makefile' X# New ports collection makefile for: driftnet X# Date created: 28 February 2002 X# Whom: Simon 'corecode' Schubert <corecode@corecode.ath.cx> X# X# $FreeBSD$ X# X XPORTNAME= driftnet XPORTVERSION= 0.1.4 XCATEGORIES= net XMASTER_SITES= http://www.ex-parrot.com/~chris/driftnet/ \ X http://www.vanheusden.com/mirrors/ X XMAINTAINER= corecode@corecode.ath.cx X XLIB_DEPENDS= ungif.5:${PORTSDIR}/graphics/libungif \ X jpeg.9:${PORTSDIR}/graphics/jpeg X XUSE_GTK= yes XUSE_X_PREFIX= yes X Xpost-patch: X @${CP} ${FILESDIR}/Makefile ${WRKSRC} X X.include <bsd.port.mk> END-of-driftnet/Makefile echo x - driftnet/distinfo sed 's/^X//' >driftnet/distinfo << 'END-of-driftnet/distinfo' XMD5 (driftnet-0.1.4.tar.gz) = d7bcc13ee9237287104b55b67fd10a19 END-of-driftnet/distinfo echo x - driftnet/pkg-comment sed 's/^X//' >driftnet/pkg-comment << 'END-of-driftnet/pkg-comment' XA Tool to grab images out of (your) TCP connections END-of-driftnet/pkg-comment echo x - driftnet/pkg-descr sed 's/^X//' >driftnet/pkg-descr << 'END-of-driftnet/pkg-descr' XEtherPEG was a program that sniffed for JPEGs passing by on the AirPort Xnetworks at MacHack, and showed them on the huge screen to shame people Xinto a) turning the 802.11 encryption on, or b) reducing amount of pr0n Xthey download at weirdo Mac conventions. DRIFTNET can do the same for X*your* office, and make an attractive desktop accessory to boot. The Xprogram promiscuously sniffs and decodes any JPEG downloaded by anyone Xon your LAN, displaying it in an attractive, ever changing mosaic of Xfluffy kittens, oversized navigation buttons, and blurred images of Big XBrother Elizabeth fiddling. It's UNIX only. Your sysadmin is undoubtedly Xrunning it already. So stop that. Now. X XWWW: http://www.ex-parrot.com/~chris/driftnet/ X X- Simon 'corecode' Schubert END-of-driftnet/pkg-descr echo x - driftnet/pkg-plist sed 's/^X//' >driftnet/pkg-plist << 'END-of-driftnet/pkg-plist' Xbin/driftnet END-of-driftnet/pkg-plist exit >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203010243.g212hwD46006>