FreeBSD Bugzilla – Attachment 204357 Details for
Bug 237879
security/dsniff: Add "-p pcapfile" argument functionality
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch to add "-p pcapfile" argument functionality
dsniff-2.4.b1_3.diff (text/plain), 43.63 KB, created by
Joachim Werner
on 2019-05-13 14:14:23 UTC
(
hide
)
Description:
patch to add "-p pcapfile" argument functionality
Filename:
MIME Type:
Creator:
Joachim Werner
Created:
2019-05-13 14:14:23 UTC
Size:
43.63 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 501561) >+++ Makefile (working copy) >@@ -3,7 +3,7 @@ > > PORTNAME= dsniff > DISTVERSION= 2.4b1 >-PORTREVISION= 2 >+PORTREVISION= 3 > CATEGORIES= security > MASTER_SITES= http://www.monkey.org/~dugsong/${PORTNAME}/beta/ \ > LOCAL/sbz >Index: files/patch-Makefile.in >=================================================================== >--- files/patch-Makefile.in (revision 501561) >+++ files/patch-Makefile.in (working copy) >@@ -1,4 +1,4 @@ >---- Makefile.in.orig 2001-03-15 08:34:42 UTC >+--- Makefile.in.orig 2019-05-13 13:40:23 UTC > +++ Makefile.in > @@ -26,7 +26,7 @@ LNETINC = @LNETINC@ > LNETLIB = @LNETLIB@ >@@ -21,7 +21,7 @@ > > INSTALL = @INSTALL@ > INSTALL_PROGRAM = @INSTALL_PROGRAM@ >-@@ -76,22 +75,23 @@ CONFIGS = dsniff.magic dsniff.services d >+@@ -76,23 +75,24 @@ CONFIGS = dsniff.magic dsniff.services dnsspoof.hosts > .c.o: > $(CC) $(CFLAGS) $(INCS) -c $(srcdir)/$*.c > >@@ -48,14 +48,15 @@ > - $(RANLIB) $@ > +nfs_prot.c: nfs_prot.x nfs_prot.h > + rpcgen -c nfs_prot.x -o $@ >-+ >+ > +nfs_prot.h: nfs_prot.x > + rpcgen -h nfs_prot.x -o $@ > + > +filesnarf.c: nfs_prot.h >- >++ > dsniff: $(HDRS) $(SRCS) $(OBJS) > $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) >+ > @@ -156,7 +156,7 @@ install: > done > >Index: files/patch-arpspoof.c >=================================================================== >--- files/patch-arpspoof.c (revision 501561) >+++ files/patch-arpspoof.c (working copy) >@@ -1,5 +1,5 @@ >---- ./arpspoof.c.orig 2001-03-15 09:32:58.000000000 +0100 >-+++ ./arpspoof.c 2014-07-22 13:21:17.000000000 +0200 >+--- arpspoof.c.orig 2019-05-13 13:40:23 UTC >++++ arpspoof.c > @@ -13,7 +13,10 @@ > > #include <sys/types.h> >@@ -27,7 +27,7 @@ > static struct ether_addr spoof_mac, target_mac; > static in_addr_t spoof_ip, target_ip; > static char *intf; >-@@ -41,47 +44,49 @@ >+@@ -41,47 +44,49 @@ usage(void) > } > > static int >@@ -94,7 +94,7 @@ > } > > #ifdef __linux__ >-@@ -119,7 +124,7 @@ >+@@ -119,7 +124,7 @@ arp_find(in_addr_t ip, struct ether_addr *mac) > /* XXX - force the kernel to arp. feh. */ > arp_force(ip); > #else >@@ -103,7 +103,7 @@ > #endif > sleep(1); > } >-@@ -136,9 +141,9 @@ >+@@ -136,9 +141,9 @@ cleanup(int sig) > if (arp_find(spoof_ip, &spoof_mac)) { > for (i = 0; i < 3; i++) { > /* XXX - on BSD, requires ETHERSPOOF kernel. */ >@@ -116,7 +116,7 @@ > target_ip); > sleep(1); > } >-@@ -151,7 +156,8 @@ >+@@ -151,7 +156,8 @@ main(int argc, char *argv[]) > { > extern char *optarg; > extern int optind; >@@ -126,7 +126,7 @@ > int c; > > intf = NULL; >-@@ -163,7 +169,7 @@ >+@@ -163,7 +169,7 @@ main(int argc, char *argv[]) > intf = optarg; > break; > case 't': >@@ -135,7 +135,7 @@ > usage(); > break; > default: >-@@ -176,26 +182,26 @@ >+@@ -176,26 +182,26 @@ main(int argc, char *argv[]) > if (argc != 1) > usage(); > >Index: files/patch-dnsspoof.c >=================================================================== >--- files/patch-dnsspoof.c (revision 501561) >+++ files/patch-dnsspoof.c (working copy) >@@ -1,6 +1,6 @@ >---- ./dnsspoof.c.orig 2001-03-15 09:33:03.000000000 +0100 >-+++ ./dnsspoof.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -38,7 +38,7 @@ >+--- dnsspoof.c.orig 2019-05-13 13:40:23 UTC >++++ dnsspoof.c >+@@ -38,7 +38,7 @@ SLIST_HEAD(, dnsent) dns_entries; > > pcap_t *pcap_pd = NULL; > int pcap_off = -1; >@@ -9,7 +9,7 @@ > u_long lnet_ip = -1; > > static void >-@@ -90,19 +90,18 @@ >+@@ -90,19 +90,18 @@ static void > dns_init(char *dev, char *filename) > { > FILE *f; >@@ -36,7 +36,7 @@ > > SLIST_INIT(&dns_entries); > >-@@ -180,7 +179,7 @@ >+@@ -180,7 +179,7 @@ dns_lookup_ptr(const char *name) > static void > dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, const u_char *pkt) > { >@@ -45,7 +45,7 @@ > struct libnet_udp_hdr *udp; > HEADER *dns; > char name[MAXHOSTNAMELEN]; >-@@ -189,7 +188,7 @@ >+@@ -189,7 +188,7 @@ dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, > in_addr_t dst; > u_short type, class; > >@@ -54,7 +54,7 @@ > udp = (struct libnet_udp_hdr *)(pkt + pcap_off + (ip->ip_hl * 4)); > dns = (HEADER *)(udp + 1); > p = (u_char *)(dns + 1); >-@@ -212,7 +211,7 @@ >+@@ -212,7 +211,7 @@ dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, > if (class != C_IN) > return; > >@@ -63,7 +63,7 @@ > > if (type == T_A) { > if ((dst = dns_lookup_a(name)) == -1) >-@@ -234,38 +233,38 @@ >+@@ -234,38 +233,38 @@ dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, > anslen += 12; > } > else return; >@@ -117,7 +117,7 @@ > pcap_close(pcap_pd); > exit(0); > } >-@@ -276,6 +275,7 @@ >+@@ -276,6 +275,7 @@ main(int argc, char *argv[]) > extern char *optarg; > extern int optind; > char *p, *dev, *hosts, buf[1024]; >@@ -125,7 +125,7 @@ > int i; > > dev = hosts = NULL; >-@@ -306,7 +306,7 @@ >+@@ -306,7 +306,7 @@ main(int argc, char *argv[]) > strlcpy(buf, p, sizeof(buf)); > } > else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s", >@@ -134,7 +134,7 @@ > > if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL) > errx(1, "couldn't initialize sniffing"); >-@@ -314,10 +314,10 @@ >+@@ -314,10 +314,10 @@ main(int argc, char *argv[]) > if ((pcap_off = pcap_dloff(pcap_pd)) < 0) > errx(1, "couldn't determine link layer offset"); > >Index: files/patch-dsniff.8 >=================================================================== >--- files/patch-dsniff.8 (nonexistent) >+++ files/patch-dsniff.8 (working copy) >@@ -0,0 +1,21 @@ >+--- dsniff.8.orig 2000-12-15 16:05:36 UTC >++++ dsniff.8 >+@@ -10,7 +10,7 @@ password sniffer >+ .nf >+ .fi >+ \fBdsniff\fR [\fB-c\fR] [\fB-d\fR] [\fB-m\fR] [\fB-n\fR] [\fB-i >+-\fIinterface\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] >++\fIinterface\fR | \fB-p \fIpcapfile\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] >+ [\fB-t \fItrigger[,...]\fR]] >+ [\fB-r\fR|\fB-w\fR \fIsavefile\fR] [\fIexpression\fR] >+ .SH DESCRIPTION >+@@ -45,6 +45,9 @@ Enable automatic protocol detection. >+ Do not resolve IP addresses to hostnames. >+ .IP "\fB-i \fIinterface\fR" >+ Specify the interface to listen on. >++.IP "\fB-p \fIpcapfile\fR" >++Rather than processing the contents of packets observed upon the network >++process the given PCAP capture file. >+ .IP "\fB-s \fIsnaplen\fR" >+ Analyze at most the first \fIsnaplen\fR bytes of each TCP connection, >+ rather than the default of 1024. > >Property changes on: files/patch-dsniff.8 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-dsniff.c >=================================================================== >--- files/patch-dsniff.c (nonexistent) >+++ files/patch-dsniff.c (working copy) >@@ -0,0 +1,60 @@ >+--- dsniff.c.orig 2001-03-15 08:33:03 UTC >++++ dsniff.c >+@@ -46,8 +46,9 @@ static void >+ usage(void) >+ { >+ fprintf(stderr, "Version: " VERSION "\n" >+- "Usage: dsniff [-cdmn] [-i interface] [-s snaplen] [-f services]\n" >+- " [-t trigger[,...]] [-r|-w savefile] [expression]\n"); >++ "Usage: dsniff [-cdmn] [-i interface | -p pcapfile] [-s snaplen]\n" >++ " [-f services] [-t trigger[,...]] [-r|-w savefile]\n" >++ " [expression]\n"); >+ exit(1); >+ } >+ >+@@ -79,7 +80,7 @@ main(int argc, char *argv[]) >+ >+ services = savefile = triggers = NULL; >+ >+- while ((c = getopt(argc, argv, "cdf:i:mnr:s:t:w:h?V")) != -1) { >++ while ((c = getopt(argc, argv, "cdf:i:mnp:r:s:t:w:h?V")) != -1) { >+ switch (c) { >+ case 'c': >+ Opt_client = 1; >+@@ -99,6 +100,9 @@ main(int argc, char *argv[]) >+ case 'n': >+ Opt_dns = 0; >+ break; >++ case 'p': >++ nids_params.filename = optarg; >++ break; >+ case 'r': >+ Opt_read = 1; >+ savefile = optarg; >+@@ -168,10 +172,23 @@ main(int argc, char *argv[]) >+ else nids_register_tcp(trigger_tcp); >+ >+ if (nids_params.pcap_filter != NULL) { >+- warnx("listening on %s [%s]", nids_params.device, >+- nids_params.pcap_filter); >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s [%s]", nids_params.device, >++ nids_params.pcap_filter); >++ } >++ else { >++ warnx("using %s [%s]", nids_params.filename, >++ nids_params.pcap_filter); >++ } >+ } >+- else warnx("listening on %s", nids_params.device); >++ else { >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s", nids_params.device); >++ } >++ else { >++ warnx("using %s", nids_params.filename); >++ } >++ } >+ >+ nids_run(); >+ > >Property changes on: files/patch-dsniff.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-filesnarf.8 >=================================================================== >--- files/patch-filesnarf.8 (nonexistent) >+++ files/patch-filesnarf.8 (working copy) >@@ -0,0 +1,20 @@ >+--- filesnarf.8.orig 2000-11-19 06:23:33 UTC >++++ filesnarf.8 >+@@ -9,7 +9,7 @@ sniff files from NFS traffic >+ .na >+ .nf >+ .fi >+-\fBfilesnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] >++\fBfilesnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] >+ .SH DESCRIPTION >+ .ad >+ .fi >+@@ -18,6 +18,8 @@ working directory. >+ .SH OPTIONS >+ .IP "\fB-i \fIinterface\fR" >+ Specify the interface to listen on. >++.IP "\fB-p \fIpcapfile\fR" >++Process packets from the specified PCAP capture file instead of the network. >+ .IP \fB-v\fR >+ "Versus" mode. Invert the sense of matching, to select non-matching >+ files. > >Property changes on: files/patch-filesnarf.8 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-filesnarf.c >=================================================================== >--- files/patch-filesnarf.c (revision 501561) >+++ files/patch-filesnarf.c (working copy) >@@ -1,6 +1,15 @@ >---- ./filesnarf.c.orig 2001-03-15 09:33:03.000000000 +0100 >-+++ ./filesnarf.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -134,8 +134,8 @@ >+--- filesnarf.c.orig 2019-05-13 13:40:23 UTC >++++ filesnarf.c >+@@ -51,7 +51,7 @@ static void >+ usage(void) >+ { >+ fprintf(stderr, "Version: " VERSION "\n" >+- "Usage: filesnarf [-i interface] [[-v] pattern [expression]]\n"); >++ "Usage: filesnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); >+ exit(1); >+ } >+ >+@@ -134,8 +134,8 @@ nfs_save(struct tuple4 *addr, struct myreadargs *ma, u > int fd; > > warnx("%s.%d > %s.%d: %s (%d@%d)", >@@ -11,7 +20,7 @@ > ma->filename, len, ma->offset); > > if ((fd = open(ma->filename, O_WRONLY|O_CREAT, 0644)) >= 0) { >-@@ -353,7 +353,7 @@ >+@@ -353,7 +353,7 @@ decode_nfs(struct tuple4 *addr, u_char *buf, int len) > } > > static void >@@ -20,3 +29,49 @@ > { > static struct tuple4 addr; > struct libnet_udp_hdr *udp; >+@@ -464,11 +464,14 @@ main(int argc, char *argv[]) >+ extern int optind; >+ int c; >+ >+- while ((c = getopt(argc, argv, "i:vh?V")) != -1) { >++ while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { >+ switch (c) { >+ case 'i': >+ nids_params.device = optarg; >+ break; >++ case 'p': >++ nids_params.filename = optarg; >++ break; >+ case 'v': >+ Opt_invert = 1; >+ break; >+@@ -498,11 +501,24 @@ main(int argc, char *argv[]) >+ nids_register_ip(decode_udp_nfs); >+ nids_register_tcp(decode_tcp_nfs); >+ >+- if (nids_params.pcap_filter != NULL) { >+- warnx("listening on %s [%s]", nids_params.device, >+- nids_params.pcap_filter); >+- } >+- else warnx("listening on %s", nids_params.device); >++ if (nids_params.pcap_filter != NULL) { >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s [%s]", nids_params.device, >++ nids_params.pcap_filter); >++ } >++ else { >++ warnx("using %s [%s]", nids_params.filename, >++ nids_params.pcap_filter); >++ } >++ } >++ else { >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s", nids_params.device); >++ } >++ else { >++ warnx("using %s", nids_params.filename); >++ } >++ } >+ >+ nids_run(); >+ >Index: files/patch-macof.c >=================================================================== >--- files/patch-macof.c (revision 501561) >+++ files/patch-macof.c (working copy) >@@ -1,6 +1,6 @@ >---- ./macof.c.orig 2001-03-15 09:33:04.000000000 +0100 >-+++ ./macof.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -48,8 +48,8 @@ >+--- macof.c.orig 2019-05-13 13:40:23 UTC >++++ macof.c >+@@ -48,8 +48,8 @@ usage(void) > static void > gen_mac(u_char *mac) > { >@@ -11,7 +11,7 @@ > } > > int >-@@ -59,22 +59,23 @@ >+@@ -59,22 +59,23 @@ main(int argc, char *argv[]) > extern int optind; > int c, i; > struct libnet_link_int *llif; >@@ -39,7 +39,7 @@ > break; > case 'e': > Tha = (u_char *)ether_aton(optarg); >-@@ -101,13 +102,13 @@ >+@@ -101,13 +102,13 @@ main(int argc, char *argv[]) > if (argc != 0) > usage(); > >@@ -58,7 +58,7 @@ > > for (i = 0; i != Repeat; i++) { > >-@@ -117,39 +118,39 @@ >+@@ -117,39 +118,39 @@ main(int argc, char *argv[]) > else memcpy(tha, Tha, sizeof(tha)); > > if (Src != 0) src = Src; >@@ -78,13 +78,13 @@ > + else dport = libnet_get_prand(LIBNET_PRu16); > > - seq = libnet_get_prand(PRu32); >-- >++ seq = libnet_get_prand(LIBNET_PRu32); >+ > - libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, pkt); > - > - libnet_build_ip(TCP_H, 0, libnet_get_prand(PRu16), 0, 64, > - IPPROTO_TCP, src, dst, NULL, 0, pkt + ETH_H); >-+ seq = libnet_get_prand(LIBNET_PRu32); >- >+- > libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512, > - 0, NULL, 0, pkt + ETH_H + IP_H); > + 0, 0, LIBNET_TCP_H, NULL, 0, l, 0); >Index: files/patch-mailsnarf.8 >=================================================================== >--- files/patch-mailsnarf.8 (nonexistent) >+++ files/patch-mailsnarf.8 (working copy) >@@ -0,0 +1,20 @@ >+--- mailsnarf.8.orig 2000-11-19 06:09:28 UTC >++++ mailsnarf.8 >+@@ -9,7 +9,7 @@ sniff mail messages in Berkeley mbox format >+ .na >+ .nf >+ .fi >+-\fBmailsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] >++\fBmailsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] >+ .SH DESCRIPTION >+ .ad >+ .fi >+@@ -19,6 +19,8 @@ your favorite mail reader (mail(1), pine(1), etc.). >+ .SH OPTIONS >+ .IP "\fB-i \fIinterface\fR" >+ Specify the interface to listen on. >++.IP "\fB-p \fIpcapfile\fR" >++Process packets from the specified PCAP capture file instead of the network. >+ .IP \fB-v\fR >+ "Versus" mode. Invert the sense of matching, to select non-matching >+ messages. > >Property changes on: files/patch-mailsnarf.8 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-mailsnarf.c >=================================================================== >--- files/patch-mailsnarf.c (nonexistent) >+++ files/patch-mailsnarf.c (working copy) >@@ -0,0 +1,54 @@ >+--- mailsnarf.c.orig 2001-03-15 08:33:04 UTC >++++ mailsnarf.c >+@@ -59,7 +59,7 @@ static void >+ usage(void) >+ { >+ fprintf(stderr, "Version: " VERSION "\n" >+- "Usage: mailsnarf [-i interface] [[-v] pattern [expression]]\n"); >++ "Usage: mailsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); >+ exit(1); >+ } >+ >+@@ -344,11 +344,14 @@ main(int argc, char *argv[]) >+ extern int optind; >+ int c; >+ >+- while ((c = getopt(argc, argv, "i:vh?V")) != -1) { >++ while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { >+ switch (c) { >+ case 'i': >+ nids_params.device = optarg; >+ break; >++ case 'p': >++ nids_params.filename = optarg; >++ break; >+ case 'v': >+ Opt_invert = 1; >+ break; >+@@ -378,10 +381,23 @@ main(int argc, char *argv[]) >+ nids_register_tcp(sniff_pop_session); >+ >+ if (nids_params.pcap_filter != NULL) { >+- warnx("listening on %s [%s]", nids_params.device, >+- nids_params.pcap_filter); >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s [%s]", nids_params.device, >++ nids_params.pcap_filter); >++ } >++ else { >++ warnx("using %s [%s]", nids_params.filename, >++ nids_params.pcap_filter); >++ } >+ } >+- else warnx("listening on %s", nids_params.device); >++ else { >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s", nids_params.device); >++ } >++ else { >++ warnx("using %s", nids_params.filename); >++ } >++ } >+ >+ nids_run(); >+ > >Property changes on: files/patch-mailsnarf.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-msgsnarf.8 >=================================================================== >--- files/patch-msgsnarf.8 (nonexistent) >+++ files/patch-msgsnarf.8 (working copy) >@@ -0,0 +1,20 @@ >+--- msgsnarf.8.orig 2000-11-19 06:10:50 UTC >++++ msgsnarf.8 >+@@ -9,7 +9,7 @@ sniff chat messages >+ .na >+ .nf >+ .fi >+-\fBmsgsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] >++\fBmsgsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] >+ .SH DESCRIPTION >+ .ad >+ .fi >+@@ -19,6 +19,8 @@ sessions. >+ .SH OPTIONS >+ .IP "\fB-i \fIinterface\fR" >+ Specify the interface to listen on. >++.IP "\fB-p \fIpcapfile\fR" >++Process packets from the specified PCAP capture file instead of the network. >+ .IP \fB-v\fR >+ "Versus" mode. Invert the sense of matching, to select non-matching >+ messages. > >Property changes on: files/patch-msgsnarf.8 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-msgsnarf.c >=================================================================== >--- files/patch-msgsnarf.c (nonexistent) >+++ files/patch-msgsnarf.c (working copy) >@@ -0,0 +1,57 @@ >+--- msgsnarf.c.orig 2001-03-15 08:33:04 UTC >++++ msgsnarf.c >+@@ -44,7 +44,7 @@ static void >+ usage(void) >+ { >+ fprintf(stderr, "Version: " VERSION "\n" >+- "Usage: msgsnarf [-i interface] [[-v] pattern [expression]]\n"); >++ "Usage: msgsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); >+ exit(1); >+ } >+ >+@@ -632,11 +632,14 @@ main(int argc, char *argv[]) >+ extern int optind; >+ int c; >+ >+- while ((c = getopt(argc, argv, "i:hv?V")) != -1) { >++ while ((c = getopt(argc, argv, "i:p:hv?V")) != -1) { >+ switch (c) { >+ case 'i': >+ nids_params.device = optarg; >+ break; >++ case 'p': >++ nids_params.filename = optarg; >++ break; >+ case 'v': >+ Opt_invert = 1; >+ break; >+@@ -665,11 +668,24 @@ main(int argc, char *argv[]) >+ >+ nids_register_tcp(sniff_msgs); >+ >+- if (nids_params.pcap_filter != NULL) { >+- warnx("listening on %s [%s]", nids_params.device, >+- nids_params.pcap_filter); >+- } >+- else warnx("listening on %s", nids_params.device); >++ if (nids_params.pcap_filter != NULL) { >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s [%s]", nids_params.device, >++ nids_params.pcap_filter); >++ } >++ else { >++ warnx("using %s [%s]", nids_params.filename, >++ nids_params.pcap_filter); >++ } >++ } >++ else { >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s", nids_params.device); >++ } >++ else { >++ warnx("using %s", nids_params.filename); >++ } >++ } >+ >+ nids_run(); >+ > >Property changes on: files/patch-msgsnarf.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-pcaputil.c >=================================================================== >--- files/patch-pcaputil.c (revision 501561) >+++ files/patch-pcaputil.c (working copy) >@@ -1,4 +1,4 @@ >---- pcaputil.c.orig 2001-03-15 08:33:04 UTC >+--- pcaputil.c.orig 2019-05-13 13:40:23 UTC > +++ pcaputil.c > @@ -17,20 +17,9 @@ > #include <string.h> >@@ -21,7 +21,7 @@ > int > pcap_dloff(pcap_t *pd) > { >-@@ -87,12 +76,6 @@ pcap_init(char *intf, char *filter, int >+@@ -87,12 +76,6 @@ pcap_init(char *intf, char *filter, int snaplen) > pcap_perror(pd, "pcap_compile"); > return (NULL); > } >Index: files/patch-record.c >=================================================================== >--- files/patch-record.c (revision 501561) >+++ files/patch-record.c (working copy) >@@ -1,6 +1,6 @@ >---- ./record.c.orig 2001-03-15 09:33:04.000000000 +0100 >-+++ ./record.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -65,8 +65,8 @@ >+--- record.c.orig 2019-05-13 13:40:23 UTC >++++ record.c >+@@ -65,8 +65,8 @@ record_print(struct rec *rec) > tm = localtime(&rec->time); > strftime(tstr, sizeof(tstr), "%x %X", tm); > >Index: files/patch-sshcrypto.c >=================================================================== >--- files/patch-sshcrypto.c (revision 501561) >+++ files/patch-sshcrypto.c (working copy) >@@ -1,6 +1,6 @@ > $OpenBSD: patch-sshcrypto_c,v 1.3 2015/05/29 15:57:29 jca Exp $ >---- sshcrypto.c.orig Tue Nov 28 22:23:28 2000 >-+++ sshcrypto.c Fri May 29 17:56:22 2015 >+--- sshcrypto.c.orig 2019-05-13 13:40:23 UTC >++++ sshcrypto.c > @@ -15,7 +15,9 @@ > #include <sys/types.h> > #include <openssl/ssl.h> >Index: files/patch-sshmitm.c >=================================================================== >--- files/patch-sshmitm.c (revision 501561) >+++ files/patch-sshmitm.c (working copy) >@@ -1,55 +1,55 @@ >---- ./sshmitm.c.orig 2001-03-15 09:33:04.000000000 +0100 >-+++ ./sshmitm.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -41,7 +41,7 @@ >+--- sshmitm.c.orig 2019-05-13 13:40:23 UTC >++++ sshmitm.c >+@@ -41,7 +41,7 @@ int mitm_fd; > int client_fd, server_fd; > SSH_CTX *ssh_client_ctx, *ssh_server_ctx; > SSH *ssh_client, *ssh_server; > -struct sockaddr_in csin, ssin; >-+struct sockaddr_in ________csin, ssin; >++struct sockaddr_in _________csin, ssin; > int sig_pipe[2]; > > static void >-@@ -148,7 +148,7 @@ >+@@ -148,7 +148,7 @@ mitm_child(void) > > if (Opt_debug) > warnx("new connection from %s.%d", > - inet_ntoa(csin.sin_addr), ntohs(csin.sin_port)); >-+ inet_ntoa(________csin.sin_addr), ntohs(________csin.sin_port)); >++ inet_ntoa(_________csin.sin_addr), ntohs(_________csin.sin_port)); > > if (fcntl(client_fd, F_SETFL, 0) == -1) > err(1, "fcntl"); >-@@ -237,10 +237,10 @@ >+@@ -237,10 +237,10 @@ mitm_child(void) > } > else { > pass_done = 1; > - record(csin.sin_addr.s_addr, >-+ record(________csin.sin_addr.s_addr, >++ record(_________csin.sin_addr.s_addr, > ssin.sin_addr.s_addr, > IPPROTO_TCP, > - ntohs(csin.sin_port), >-+ ntohs(________csin.sin_port), >++ ntohs(_________csin.sin_port), > ntohs(ssin.sin_port), "ssh", > userpass, strlen(userpass)); > } >-@@ -326,7 +326,7 @@ >+@@ -326,7 +326,7 @@ mitm_run(void) > if (errno != EINTR) > err(1, "select"); > } > - i = sizeof(csin); >-+ i = sizeof(________csin); >++ i = sizeof(_________csin); > > if (FD_ISSET(sig_pipe[0], &fds)) { > while (read(sig_pipe[0], buf, 1) == 1) >-@@ -336,7 +336,7 @@ >+@@ -336,7 +336,7 @@ mitm_run(void) > } > if (FD_ISSET(mitm_fd, &fds)) { > client_fd = accept(mitm_fd, > - (struct sockaddr *)&csin, &i); >-+ (struct sockaddr *)&________csin, &i); >++ (struct sockaddr *)&_________csin, &i); > > if (client_fd >= 0) { > if (fork() == 0) { >-@@ -389,7 +389,7 @@ >+@@ -389,7 +389,7 @@ main(int argc, char *argv[]) > if (argc < 1) > usage(); > >Index: files/patch-sshow.8 >=================================================================== >--- files/patch-sshow.8 (nonexistent) >+++ files/patch-sshow.8 (working copy) >@@ -0,0 +1,20 @@ >+--- sshow.8.orig 2001-03-17 05:37:47 UTC >++++ sshow.8 >+@@ -9,7 +9,7 @@ SSH traffic analysis tool >+ .na >+ .nf >+ .fi >+-\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR] [\fIexpression\fR] >++\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [\fIexpression\fR] >+ .SH DESCRIPTION >+ .ad >+ .fi >+@@ -28,6 +28,8 @@ The following advisory describes the attacks implement >+ Enable verbose debugging output. >+ .IP "\fB-i \fIinterface\fR" >+ Specify the interface to listen on. >++.IP "\fB-p \fIpcapfile\fR" >++Process packets from the specified PCAP capture file instead of the network. >+ .IP "\fIexpression\fR" >+ Specify a tcpdump(8) filter expression to select traffic to sniff. >+ .SH "SEE ALSO" > >Property changes on: files/patch-sshow.8 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-sshow.c >=================================================================== >--- files/patch-sshow.c (nonexistent) >+++ files/patch-sshow.c (working copy) >@@ -0,0 +1,60 @@ >+--- sshow.c.orig 2001-03-19 06:52:15 UTC >++++ sshow.c >+@@ -81,7 +81,7 @@ static clock_t now; >+ static void >+ usage(void) >+ { >+- fprintf(stderr, "Usage: sshow [-d] [-i interface]\n"); >++ fprintf(stderr, "Usage: sshow [-d] [-i interface | -p pcapfile]\n"); >+ exit(1); >+ } >+ >+@@ -615,7 +615,7 @@ main(int argc, char *argv[]) >+ extern int optind; >+ int c; >+ >+- while ((c = getopt(argc, argv, "di:h?")) != -1) { >++ while ((c = getopt(argc, argv, "di:p:h?")) != -1) { >+ switch (c) { >+ case 'd': >+ debug++; >+@@ -623,6 +623,9 @@ main(int argc, char *argv[]) >+ case 'i': >+ nids_params.device = optarg; >+ break; >++ case 'p': >++ nids_params.filename = optarg; >++ break; >+ default: >+ usage(); >+ break; >+@@ -651,11 +654,24 @@ main(int argc, char *argv[]) >+ >+ nids_register_tcp(process_event); >+ >+- if (nids_params.pcap_filter != NULL) { >+- warnx("listening on %s [%s]", nids_params.device, >+- nids_params.pcap_filter); >+- } >+- else warnx("listening on %s", nids_params.device); >++ if (nids_params.pcap_filter != NULL) { >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s [%s]", nids_params.device, >++ nids_params.pcap_filter); >++ } >++ else { >++ warnx("using %s [%s]", nids_params.filename, >++ nids_params.pcap_filter); >++ } >++ } >++ else { >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s", nids_params.device); >++ } >++ else { >++ warnx("using %s", nids_params.filename); >++ } >++ } >+ >+ nids_run(); >+ > >Property changes on: files/patch-sshow.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-tcp_raw.c >=================================================================== >--- files/patch-tcp_raw.c (revision 501561) >+++ files/patch-tcp_raw.c (working copy) >@@ -1,6 +1,6 @@ >---- ./tcp_raw.c.orig 2001-03-15 09:33:04.000000000 +0100 >-+++ ./tcp_raw.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -119,7 +119,7 @@ >+--- tcp_raw.c.orig 2019-05-13 13:40:23 UTC >++++ tcp_raw.c >+@@ -119,7 +119,7 @@ tcp_raw_reassemble(struct tcp_conn *conn, int minlen) > } > > struct iovec * >@@ -9,7 +9,7 @@ > { > struct tha tha; > struct tcp_conn *conn; >-@@ -131,7 +131,7 @@ >+@@ -131,7 +131,7 @@ tcp_raw_input(struct libnet_ip_hdr *ip, struct libnet_ > > /* Verify TCP checksum. */ > cksum = tcp->th_sum; >Index: files/patch-tcp_raw.h >=================================================================== >--- files/patch-tcp_raw.h (revision 501561) >+++ files/patch-tcp_raw.h (working copy) >@@ -1,6 +1,6 @@ >---- ./tcp_raw.h.orig 2001-03-15 09:33:06.000000000 +0100 >-+++ ./tcp_raw.h 2014-07-22 13:20:14.000000000 +0200 >-@@ -15,7 +15,7 @@ >+--- tcp_raw.h.orig 2019-05-13 13:40:23 UTC >++++ tcp_raw.h >+@@ -15,7 +15,7 @@ typedef void (*tcp_raw_callback_t)(in_addr_t src, in_a > u_short sport, u_short dport, > u_char *buf, int len); > >Index: files/patch-tcpkill.c >=================================================================== >--- files/patch-tcpkill.c (revision 501561) >+++ files/patch-tcpkill.c (working copy) >@@ -1,6 +1,6 @@ >---- ./tcpkill.c.orig 2001-03-17 09:10:43.000000000 +0100 >-+++ ./tcpkill.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -39,17 +39,18 @@ >+--- tcpkill.c.orig 2019-05-13 13:40:23 UTC >++++ tcpkill.c >+@@ -39,17 +39,18 @@ usage(void) > static void > tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) > { >@@ -24,7 +24,7 @@ > if (ip->ip_p != IPPROTO_TCP) > return; > >-@@ -57,34 +58,31 @@ >+@@ -57,35 +58,32 @@ tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pc > if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST)) > return; > >@@ -62,7 +62,7 @@ > + libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), > + seq, 0, TH_RST, 0, 0, 0, LIBNET_TCP_H, > + NULL, 0, l, 0); >-+ >+ > + libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H, 0, > + libnet_get_prand(LIBNET_PRu16), 0, 64, > + IPPROTO_TCP, 0, ip->ip_dst.s_addr, >@@ -70,10 +70,11 @@ > + > + if (libnet_write(l) < 0) > + warn("write"); >- >++ > fprintf(stderr, "%s R %lu:%lu(0) win 0\n", ctext, seq, seq); > } >-@@ -95,8 +93,10 @@ >+ } >+@@ -95,8 +93,10 @@ main(int argc, char *argv[]) > { > extern char *optarg; > extern int optind; >@@ -85,7 +86,7 @@ > pcap_t *pd; > > intf = NULL; >-@@ -136,14 +136,14 @@ >+@@ -136,14 +136,14 @@ main(int argc, char *argv[]) > if ((pcap_off = pcap_dloff(pd)) < 0) > errx(1, "couldn't determine link layer offset"); > >Index: files/patch-tcpnice.c >=================================================================== >--- files/patch-tcpnice.c (revision 501561) >+++ files/patch-tcpnice.c (working copy) >@@ -1,6 +1,6 @@ >---- ./tcpnice.c.orig 2001-03-17 08:41:51.000000000 +0100 >-+++ ./tcpnice.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -41,107 +41,106 @@ >+--- tcpnice.c.orig 2019-05-13 13:40:23 UTC >++++ tcpnice.c >+@@ -41,107 +41,106 @@ usage(void) > } > > static void >@@ -106,8 +106,6 @@ > + memcpy((u_char *)icmp + LIBNET_ICMPV4_MASK_H, (u_char *)ip, len); > > - libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_MASK_H + len); >-- >-- len += (IP_H + ICMP_MASK_H); > + len += LIBNET_ICMPV4_MASK_H; > + > + libnet_build_ipv4(LIBNET_IPV4_H + len, 4, >@@ -115,6 +113,8 @@ > + 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, > + (u_int8_t *) icmp, len, l, 0); > >+- len += (IP_H + ICMP_MASK_H); >+- > - if (libnet_write_ip(sock, buf, len) != len) > + if (libnet_write(l) != len) > warn("write"); >@@ -149,7 +149,7 @@ > if (ip->ip_p != IPPROTO_TCP) > return; > >-@@ -151,11 +150,11 @@ >+@@ -151,11 +150,11 @@ tcp_nice_cb(u_char *user, const struct pcap_pkthdr *pc > > if (ntohs(ip->ip_len) > (ip->ip_hl << 2) + (tcp->th_off << 2)) { > if (Opt_icmp) >@@ -164,7 +164,7 @@ > } > } > >-@@ -164,8 +163,10 @@ >+@@ -164,8 +163,10 @@ main(int argc, char *argv[]) > { > extern char *optarg; > extern int optind; >@@ -176,7 +176,7 @@ > pcap_t *pd; > > intf = NULL; >-@@ -209,14 +210,14 @@ >+@@ -209,14 +210,14 @@ main(int argc, char *argv[]) > if ((pcap_off = pcap_dloff(pd)) < 0) > errx(1, "couldn't determine link layer offset"); > >Index: files/patch-trigger.c >=================================================================== >--- files/patch-trigger.c (revision 501561) >+++ files/patch-trigger.c (working copy) >@@ -1,6 +1,6 @@ >---- ./trigger.c.orig 2001-03-15 09:33:05.000000000 +0100 >-+++ ./trigger.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -276,7 +276,7 @@ >+--- trigger.c.orig 2019-05-13 13:40:23 UTC >++++ trigger.c >+@@ -276,7 +276,7 @@ trigger_dump(void) > } > > void >@@ -9,7 +9,7 @@ > { > struct trigger *t, tr; > u_char *buf; >-@@ -305,7 +305,7 @@ >+@@ -305,7 +305,7 @@ trigger_ip(struct libnet_ip_hdr *ip) > > /* libnids needs a nids_register_udp()... */ > void >@@ -18,7 +18,7 @@ > { > struct trigger *t, tr; > struct libnet_udp_hdr *udp; >-@@ -437,7 +437,7 @@ >+@@ -437,7 +437,7 @@ trigger_tcp(struct tcp_stream *ts, void **conn_save) > } > > void >Index: files/patch-trigger.h >=================================================================== >--- files/patch-trigger.h (revision 501561) >+++ files/patch-trigger.h (working copy) >@@ -1,6 +1,6 @@ >---- ./trigger.h.orig 2001-03-15 09:33:06.000000000 +0100 >-+++ ./trigger.h 2014-07-22 13:20:14.000000000 +0200 >-@@ -24,10 +24,10 @@ >+--- trigger.h.orig 2019-05-13 13:40:23 UTC >++++ trigger.h >+@@ -24,10 +24,10 @@ int trigger_set_udp(int port, char *name); > int trigger_set_tcp(int port, char *name); > int trigger_set_rpc(int program, char *name); > >Index: files/patch-urlsnarf.8 >=================================================================== >--- files/patch-urlsnarf.8 (nonexistent) >+++ files/patch-urlsnarf.8 (working copy) >@@ -0,0 +1,21 @@ >+--- urlsnarf.8.orig 2000-11-19 06:24:51 UTC >++++ urlsnarf.8 >+@@ -9,7 +9,7 @@ sniff HTTP requests in Common Log Format >+ .na >+ .nf >+ .fi >+-\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] >++\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] >+ .SH DESCRIPTION >+ .ad >+ .fi >+@@ -21,6 +21,9 @@ offline post-processing with your favorite web log ana >+ .IP \fB-n\fR >+ Do not resolve IP addresses to hostnames. >+ .IP "\fB-i \fIinterface\fR" >++Specify the interface to listen on. >++.IP "\fB-p \fIpcapfile\fR" >++Process packets from the specified PCAP capture file instead of the network. >+ .IP \fB-v\fR >+ "Versus" mode. Invert the sense of matching, to select non-matching >+ URLs. > >Property changes on: files/patch-urlsnarf.8 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-urlsnarf.c >=================================================================== >--- files/patch-urlsnarf.c (revision 501561) >+++ files/patch-urlsnarf.c (working copy) >@@ -1,6 +1,15 @@ >---- ./urlsnarf.c.orig 2001-03-15 10:26:13.000000000 +0100 >-+++ ./urlsnarf.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -145,14 +145,14 @@ >+--- urlsnarf.c.orig 2019-05-13 13:40:23 UTC >++++ urlsnarf.c >+@@ -41,7 +41,7 @@ static void >+ usage(void) >+ { >+ fprintf(stderr, "Version: " VERSION "\n" >+- "Usage: urlsnarf [-n] [-i interface] [[-v] pattern [expression]]\n"); >++ "Usage: urlsnarf [-n] [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); >+ exit(1); >+ } >+ >+@@ -145,14 +145,14 @@ process_http_request(struct tuple4 *addr, u_char *data > if (user == NULL) > user = "-"; > if (vhost == NULL) >@@ -17,3 +26,46 @@ > user, timestamp(), req, vhost, uri, referer, agent); > } > fflush(stdout); >+@@ -201,11 +201,14 @@ main(int argc, char *argv[]) >+ extern int optind; >+ int c; >+ >+- while ((c = getopt(argc, argv, "i:nvh?V")) != -1) { >++ while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) { >+ switch (c) { >+ case 'i': >+ nids_params.device = optarg; >+ break; >++ case 'p': >++ nids_params.filename = optarg; >++ break; >+ case 'n': >+ Opt_dns = 0; >+ break; >+@@ -238,8 +241,24 @@ main(int argc, char *argv[]) >+ >+ nids_register_tcp(sniff_http_client); >+ >+- warnx("listening on %s [%s]", nids_params.device, >+- nids_params.pcap_filter); >++ if (nids_params.pcap_filter != NULL) { >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s [%s]", nids_params.device, >++ nids_params.pcap_filter); >++ } >++ else { >++ warnx("using %s [%s]", nids_params.filename, >++ nids_params.pcap_filter); >++ } >++ } >++ else { >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s", nids_params.device); >++ } >++ else { >++ warnx("using %s", nids_params.filename); >++ } >++ } >+ >+ nids_run(); >+ >Index: files/patch-webmitm.c >=================================================================== >--- files/patch-webmitm.c (revision 501561) >+++ files/patch-webmitm.c (working copy) >@@ -1,26 +1,26 @@ >---- ./webmitm.c.orig 2001-03-17 09:35:05.000000000 +0100 >-+++ ./webmitm.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -43,7 +43,7 @@ >+--- webmitm.c.orig 2019-05-13 13:40:23 UTC >++++ webmitm.c >+@@ -43,7 +43,7 @@ int http_fd, https_fd; > int client_fd, server_fd; > SSL_CTX *ssl_client_ctx, *ssl_server_ctx; > SSL *ssl_client, *ssl_server; > -struct sockaddr_in csin, ssin; >-+struct sockaddr_in ________csin, ssin; >++struct sockaddr_in _________csin, ssin; > int do_ssl, sig_pipe[2]; > in_addr_t static_host = 0; > >-@@ -101,8 +101,8 @@ >+@@ -101,8 +101,8 @@ grep_passwords(char *buf, int len) > char obuf[1024]; > > if ((len = decode_http(buf, len, obuf, sizeof(obuf))) > 0) { > - record(csin.sin_addr.s_addr, ssin.sin_addr.s_addr, > - IPPROTO_TCP, ntohs(csin.sin_port), ntohs(ssin.sin_port), >-+ record(________csin.sin_addr.s_addr, ssin.sin_addr.s_addr, >-+ IPPROTO_TCP, ntohs(________csin.sin_port), ntohs(ssin.sin_port), >++ record(_________csin.sin_addr.s_addr, ssin.sin_addr.s_addr, >++ IPPROTO_TCP, ntohs(_________csin.sin_port), ntohs(ssin.sin_port), > "http", obuf, len); > } > } >-@@ -242,7 +242,7 @@ >+@@ -242,7 +242,7 @@ server_init(char *buf, int size) > word = buf_tok(&msg, "/", 1); > vhost = buf_strdup(word); > } >@@ -29,57 +29,57 @@ > free(vhost); > > if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) || >-@@ -355,7 +355,7 @@ >+@@ -355,7 +355,7 @@ mitm_child(void) > > if (Opt_debug) > warnx("new connection from %s.%d", > - inet_ntoa(csin.sin_addr), ntohs(csin.sin_port)); >-+ inet_ntoa(________csin.sin_addr), ntohs(________csin.sin_port)); >++ inet_ntoa(_________csin.sin_addr), ntohs(_________csin.sin_port)); > > client_init(); > >-@@ -363,7 +363,7 @@ >+@@ -363,7 +363,7 @@ mitm_child(void) > err(1, "client_request"); > > if (Opt_debug) > - warnx("%d bytes from %s", i, inet_ntoa(csin.sin_addr)); >-+ warnx("%d bytes from %s", i, inet_ntoa(________csin.sin_addr)); >++ warnx("%d bytes from %s", i, inet_ntoa(_________csin.sin_addr)); > > if (Opt_debug > 1) > write(STDERR_FILENO, buf, i); >-@@ -393,7 +393,7 @@ >+@@ -393,7 +393,7 @@ mitm_child(void) > > if (Opt_debug) > warnx("%d bytes from %s", > - i, inet_ntoa(csin.sin_addr)); >-+ i, inet_ntoa(________csin.sin_addr)); >++ i, inet_ntoa(_________csin.sin_addr)); > > if (Opt_debug > 1) > write(STDERR_FILENO, buf, i); >-@@ -456,7 +456,7 @@ >+@@ -456,7 +456,7 @@ mitm_run(void) > if (errno != EINTR) > err(1, "select"); > } > - i = sizeof(csin); >-+ i = sizeof(________csin); >++ i = sizeof(_________csin); > > if (FD_ISSET(sig_pipe[0], &fds)) { > while (read(sig_pipe[0], &i, 1) == 1) >-@@ -466,11 +466,11 @@ >+@@ -466,11 +466,11 @@ mitm_run(void) > continue; > } > if (FD_ISSET(http_fd, &fds)) { > - client_fd = accept(http_fd, (struct sockaddr *)&csin, &i); >-+ client_fd = accept(http_fd, (struct sockaddr *)&________csin, &i); >++ client_fd = accept(http_fd, (struct sockaddr *)&_________csin, &i); > do_ssl = 0; > } > else if (FD_ISSET(https_fd, &fds)) { > - client_fd = accept(https_fd, (struct sockaddr *)&csin, &i); >-+ client_fd = accept(https_fd, (struct sockaddr *)&________csin, &i); >++ client_fd = accept(https_fd, (struct sockaddr *)&_________csin, &i); > do_ssl = 1; > } > else errx(1, "select failure"); >-@@ -510,7 +510,7 @@ >+@@ -510,7 +510,7 @@ main(int argc, char *argv[]) > argv += optind; > > if (argc == 1) { >Index: files/patch-webspy.8 >=================================================================== >--- files/patch-webspy.8 (nonexistent) >+++ files/patch-webspy.8 (working copy) >@@ -0,0 +1,20 @@ >+--- webspy.8.orig 2000-11-14 15:51:05 UTC >++++ webspy.8 >+@@ -9,7 +9,7 @@ display sniffed URLs in Netscape in real-time >+ .na >+ .nf >+ .fi >+-\fBwebspy\fR [\fB-i \fIinterface\fR] \fIhost\fR >++\fBwebspy\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] \fIhost\fR >+ .SH DESCRIPTION >+ .ad >+ .fi >+@@ -20,6 +20,8 @@ running on your local X display ahead of time. >+ .SH OPTIONS >+ .IP "\fB-i \fIinterface\fR" >+ Specify the interface to listen on. >++.IP "\fB-p \fIpcapfile\fR" >++Process packets from the specified PCAP capture file instead of the network. >+ .IP \fIhost\fR >+ Specify the web client to spy on. >+ .SH "SEE ALSO" > >Property changes on: files/patch-webspy.8 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-webspy.c >=================================================================== >--- files/patch-webspy.c (revision 501561) >+++ files/patch-webspy.c (working copy) >@@ -1,6 +1,15 @@ >---- ./webspy.c.orig 2001-03-15 09:33:05.000000000 +0100 >-+++ ./webspy.c 2014-07-22 13:20:14.000000000 +0200 >-@@ -126,7 +126,7 @@ >+--- webspy.c.orig 2019-05-13 13:40:23 UTC >++++ webspy.c >+@@ -42,7 +42,7 @@ static void >+ usage(void) >+ { >+ fprintf(stderr, "Version: " VERSION "\n" >+- "Usage: %s [-i interface] host\n", progname); >++ "Usage: %s [-i interface | -p pcapfile] host\n", progname); >+ exit(1); >+ } >+ >+@@ -126,7 +126,7 @@ process_http_request(struct tuple4 *addr, u_char *data > if (auth == NULL) > auth = ""; > if (vhost == NULL) >@@ -9,7 +18,23 @@ > > snprintf(cmd, sizeof(cmd), "openURL(http://%s%s%s%s)", > auth, *auth ? "@" : "", vhost, uri); >-@@ -202,7 +202,7 @@ >+@@ -184,11 +184,14 @@ main(int argc, char *argv[]) >+ extern int optind; >+ int c; >+ >+- while ((c = getopt(argc, argv, "i:h?V")) != -1) { >++ while ((c = getopt(argc, argv, "i:p:h?V")) != -1) { >+ switch (c) { >+ case 'i': >+ nids_params.device = optarg; >+ break; >++ case 'p': >++ nids_params.filename = optarg; >++ break; >+ default: >+ usage(); >+ } >+@@ -202,7 +205,7 @@ main(int argc, char *argv[]) > cmdtab[0] = cmd; > cmdtab[1] = NULL; > >@@ -18,3 +43,18 @@ > errx(1, "unknown host"); > > if ((dpy = XOpenDisplay(NULL)) == NULL) >+@@ -216,7 +219,13 @@ main(int argc, char *argv[]) >+ >+ nids_register_tcp(sniff_http_client); >+ >+- warnx("listening on %s", nids_params.device); >++ if (nids_params.filename == NULL) { >++ warnx("listening on %s", nids_params.device); >++ } >++ else { >++ warnx("using %s", nids_params.filename); >++ } >++ >+ >+ nids_run(); >+
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 237879
: 204357