lano
Aktives Mitglied
Moin.
Ich probiere mittels pcap die Management Frames vom Monitor in ne Datenbank zu bekommen.
Nu wollt ich die Einträge die schon existieren überspringen. Dazu wollt ich einfach per select gucken ob was gefunden wurde.
Aber irgendwie komm ich damit nicht zu rande.
Weiteres Problem ist das ich an die SSID zb von den Beacon Frames kommen will und nicht weis ob das jetzt so clever gelöst ist.
Ich kopier hier ma den ganzen Code rein.
Insgesamt geht es sich darum das ich alle Informationen sammeln will und die dann so verknüpfen das ic sagen kann welche clients sich an welchem accesspoint angemeldet sind, bzw daten tauschen und über die probe requests welcher client welche anderen accesspoints kennt.
Ich probiere mittels pcap die Management Frames vom Monitor in ne Datenbank zu bekommen.
Nu wollt ich die Einträge die schon existieren überspringen. Dazu wollt ich einfach per select gucken ob was gefunden wurde.
Aber irgendwie komm ich damit nicht zu rande.
Weiteres Problem ist das ich an die SSID zb von den Beacon Frames kommen will und nicht weis ob das jetzt so clever gelöst ist.
Ich kopier hier ma den ganzen Code rein.
Insgesamt geht es sich darum das ich alle Informationen sammeln will und die dann so verknüpfen das ic sagen kann welche clients sich an welchem accesspoint angemeldet sind, bzw daten tauschen und über die probe requests welcher client welche anderen accesspoints kennt.
pcap.c:
#include <netinet/in.h>
#include <pcap.h>
#include <signal.h>
#include <sqlite3.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include "version.h"
#define SNAP_LEN 65535
struct radiotap_header { //only first few bytes
uint8_t it_rev;
uint8_t it_pad;
uint16_t it_len;
};
/* Global Variables */
pcap_t *capturehandle; /* packet capture handle */
struct bpf_program fp; /* compiled filter program (expression) */
pcap_dumper_t *pcapfile; /* output file */
pcap_t *filehandle; /* output file handle */
char *filename = NULL; /* output file name */
//struct bsslist *blist = NULL; /* list of beacons */
int pcaptype = -1;
int beacons = 0;
int eapols = 0;
int data = 0;
int probereq = 0;
int proberes = 0;
int nullp = 0;
int ack = 0;
int qosdata = 0;
int cts = 0;
int rts = 0;
int areq = 0;
int ares = 0;
int auth = 0;
int qosnull = 0;
sqlite3 *db;
/**
* Returns the current time in microseconds.
*/
long getMicrotime() {
// long m ;
struct timeval currentTime;
gettimeofday(¤tTime, NULL);
// m = currentTime.tv_sec * (int)1e6 + currentTime.tv_usec;
//printf("current time :: %ld\n", m);
return currentTime.tv_sec * (int)1e6 + currentTime.tv_usec;
}
void terminate_process(int signum) {
printf("\nCapture complete.\n\n \
Other packets: %d\n \
Beacon packets: %d \n \
Data packets: %d \n \
Qos data packets: %d \n \
Qos NULL data packets: %d \n \
NULL packets: %d \n \
CTS packets: %d \n \
RTS packets: %d \n \
ACK packets: %d \n \
Probe Req. packets: %d\n \
Probe Res. packets: %d\n \
Association Req: %d \n \
Association Response: %d \n \
Authentication: %d \n\n\n",
eapols, beacons, data, qosdata, qosnull, nullp, cts, rts, ack, probereq, proberes, areq, ares, auth);
pcap_breakloop(capturehandle);
pcap_close(capturehandle);
pcap_freecode(&fp);
// pcap_dump_close(pcapfile);
pcap_close(filehandle);
//free_bsslist(blist);
exit(signum);
}
int mac_exist(const u_char *bssid) {
int rc;
char *err_msg = 0;
char s[19] = "";
sprintf(s, "%02X:%02X:%02X:%02X:%02X:%02X", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
char *sql = sqlite3_mprintf("INSERT INTO AP VALUES ('%q','%q');", s, ssid);
rc = sqlite3_exec(db, sql, 0, 0, &err_msg);
if (rc != SQLITE_OK) {
printf("SQL error: %s\n", err_msg);
printf("sql: %s\n", sql);
sqlite3_free(err_msg);
sqlite3_close(db);
return 1;
}
return 0;
}
int save_device(const u_char *bssid) {
int rc;
char *err_msg = 0;
char s[19] = "";
sprintf(s, "%02X:%02X:%02X:%02X:%02X:%02X", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
char *sql = sqlite3_mprintf("INSERT INTO Devices VALUES ('%q');", s);
rc = sqlite3_exec(db, sql, 0, 0, &err_msg);
if (rc != SQLITE_OK) {
printf("SQL error: %s\n", err_msg);
printf("sql: %s\n", sql);
sqlite3_free(err_msg);
sqlite3_close(db);
return 1;
}
return 0;
}
int save_ap(const u_char *bssid, char *ssid) {
int rc;
char *err_msg = 0;
char s[19] = "";
sprintf(s, "%02X:%02X:%02X:%02X:%02X:%02X", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
char *sql = sqlite3_mprintf("INSERT INTO AP VALUES ('%q','%q');", s, ssid);
rc = sqlite3_exec(db, sql, 0, 0, &err_msg);
if (rc != SQLITE_OK) {
printf("SQL error: %s\n", err_msg);
printf("sql: %s\n", sql);
sqlite3_free(err_msg);
sqlite3_close(db);
return 1;
}
return 0;
}
void got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet) {
const u_char *bssid;
//const u_char *ssid;
//u_char ssid_tag;
//u_char ssid_len;
int offset = 0;
struct radiotap_header *rtaphdr;
/* determine offset based on link type*/
switch (pcaptype) {
case DLT_PRISM_HEADER:
offset = 144;
break;
case DLT_IEEE802_11:
offset = 0;
break;
case DLT_IEEE802_11_RADIO:
rtaphdr = (struct radiotap_header *)packet;
offset = rtaphdr->it_len;
//----------------------------------------Printing RSSI channel and data radio, basically parsing radiotap header
// These are placeholders for offset values:
// const u_char *bssid; // a place to put our BSSID these are bytes
const u_char *essid; // a place to put our ESSID from the packet
// const u_char *essidLen;
// const u_char *channel; // the frequency (in Mhz) of the AP Radio
// const u_char *rssi; // received signal strength
// const u_char *data_rate; // received signal strength
// int offset = 0;
offset = rtaphdr->it_len; // 26 bytes on my machine
bssid = packet + 42;
essid = packet + 64;
// essidLen = packet + 63;
// rssi = packet + 34;
// signed int rssiDbm = rssi[0] - 256;
// data_rate = packet + 25;
// channel = packet + 26;
// int channelFreq = channel[1] * 256 + channel[0];
//char *ssid = malloc(63);
// unsigned int i = 0;
// int dataratedec = data_rate[0];
//ssid[i] = '\0'; // terminate the string
// fprintf(stdout,"SSID: %s ",ssid);
// fprintf(stdout,"RSSI: %d dBm",rssiDbm);
// fprintf(stdout," AP Frequency: %iMhz",channelFreq);
// fprintf(stdout," Data RAte: % Mbps\n", dataratedec/2);
//-------------parsing radiotap header end
break;
default:
fprintf(stderr, "Error: Unrecognized data link type: %d\n", pcaptype);
return;
}
/*
SA(Source Address): Source of the data (MSDU) --> STA1
TA(Transmitter Address) : STA that transmitted the frame --> STA1, AP1, AP2
RA(Receiver Address) : Immediate recipient of the frame --> AP1, AP2, STA2
DA(Destination Address) : Final recipient of the data (MSDU) --> STA2
BSSID (Basic Service Set IDentifier) : Unique identifier of the BSS, e.g,
the MAC address of the AP in an infrastructure network --> AP1, AP2
*/
const u_char *sa; // Source Address
const u_char *da; // Destination Address
const u_char *ssid_tag;
const u_char *ssid_len;
char ssid[64] = {"\0"};
if ((packet[offset] == 0x80)) { // beacon frame
da = packet + offset + 4; // destination address
sa = packet + offset + 10; // source address
bssid = packet + offset + 16; // bssid
ssid_tag = packet + offset + 36;
ssid_len = packet + offset + 37;
//wlan tag nummer = byte 62 - 26
printf(" * Beacon captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
//Save device
// Source Address known
// probaly station
printf("ssid_tag: %02X\n", ssid_tag[0]);
printf("ssid_len: %d\n", ssid_len[0]);
strncpy(ssid, packet + offset + 38, *ssid_len);
printf("ssid: %s\n", ssid);
//save_device(bssid);
save_ap(bssid, ssid);
beacons++;
}
else if ((packet[offset] == 0x00)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Association Request Captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
} else if ((packet[offset] == 0x10)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Association Respose captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
} else if ((packet[offset] == 0xB0)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Authentication Packet captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
} else if ((packet[offset] == 0xC0)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Deauthentications Packet captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
} else if ((packet[offset] == 0x08)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Disassociation Packet captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
} else if ((packet[offset] == 0x30)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Resssociation Response Packet captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
} else if ((packet[offset] == 0x20)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Resssociation Requests Packet captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
}
else if ((packet[offset] == 0x54)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * VHT/HE NDP Announcment captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
// Save device
// Soucre addres known
// Receiveraddress known
// probaly connection
} else if ((packet[offset] == 0xD0)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Action captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
// Save device
// Soucre addres known
// Receiveraddress known
// probaly connection
} else if ((packet[offset] == 0xA4)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Power-Save poll from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
// Save device
// Soucre addres known
// Receiveraddress known
// probaly connection
} else if ((packet[offset] == 0xA8)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * QoS Data + CF-Poll from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
// Save device
// Soucre addres known
// Receiveraddress known
// probaly connection
}
else if ((packet[offset] == 0x08)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Data Packet captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
} else if ((packet[offset] == 0x40)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Probe Request captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
// Save device
// Source address known
// probaly client
} else if ((packet[offset] == 0x50)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Probe Response captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
// Save device
// Sorce address known
// probaly STA
} else if ((packet[offset] == 0x48)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Null Packet captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
// save device
// source + destination address
} else if ((packet[offset] == 0xd4)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * ACK captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
// Save device
// Receiveraddress known
} else if ((packet[offset] == 0x88)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * QoS Data Packet captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
} else if ((packet[offset] == 0xc4)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * CTS captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
// Save device
// Receiveraddress known
} else if ((packet[offset] == 0xb4)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * RTS captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
// Save Devie
// Source addres known
// probaly connection
} else if ((packet[offset] == 0x08)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Data Packet captured from: (%02X:%02X:%02X:%02X:%02X:%02X) to:()\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
} else if ((packet[offset] == 0xC8)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * QoS NULL Packet captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
}
else if ((packet[offset] == 0xE4)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * CF-End captured from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
}
else if ((packet[offset] == 0x94)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * 802.11 Block ACK from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
}
else if ((packet[offset] == 0x84)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * 802.11 Block ACK Reqest from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
}
else if ((packet[offset] == 0xA0)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Disassociate from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
}
else if ((packet[offset] == 0xE0)) {
bssid = packet + offset + 10; //remeber to tally the offset.
// da = packet + offset + 4; // destination address
// sa = packet + offset + 10; // source address
// bssid = packet + offset + 16; // bssid
printf(" * Action No Ack from: (%02X:%02X:%02X:%02X:%02X:%02X)\n", bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5]);
}
else { // eapol, multiple can be stored. Might be useful if channel hoping
printf(" * Unknown paket captured - Subtype : %X\n", packet[offset]);
//bssid = packet + offset + 4;
//printf(" * Type: Unknown- packet captured (%02X:%02X:%02X:%02X:%02X:%02X -> %02X:%02X:%02X:%02X:%02X:%02X)\n"),
// bssid[0], bssid[1], bssid[2], bssid[3], bssid[4], bssid[5],
// bssid[6], bssid[7], bssid[8], bssid[9], bssid[10], bssid[11] );
}
return;
}
int main(int argc, char **argv) {
char *dev = NULL; /* capture device name */
char errbuf[PCAP_ERRBUF_SIZE]; /* error buffer */
//char filter_exp[1000] = "(type data) or (subtype beacon) or (subtype probe-req)";//" or (ether proto 0x888e) or ip"; /* default filter expression - only get beacon and handshakes */
char filter_exp[1000] = ""; //" or (ether proto 0x888e) or ip"; /* default filter expression - only get beacon and handshakes */
char *filename = NULL; /* output file name */
int runl = 0;
// sql
int rc = sqlite3_open("data.db", &db);
if (rc != SQLITE_OK) {
fprintf(stderr, "Cannot open database: %s\n", sqlite3_errmsg(db));
sqlite3_close(db);
return 1;
}
// ende sql
printf("-------------------------------------------------------------------------------------------------------------- \n");
printf("Wifi Paket Analyser for SZdox %s\n", VERSION);
printf("-------------------------------------------------------------------------------------------------------------- \n\n\n");
printf("Activate Monitor Mode: \n");
printf("airmon-ng start wlp1s0 \n");
printf("airdump-ng wlp1s0mon \n");
printf("airmon-ng stop wlp1s0mon \n");
printf("-------------------------------------------------------------------------------------------------------------- \n");
printf("sqlite version: %s\n", sqlite3_libversion());
/* check for capture device name on command-line */
if (argc >= 1) {
int i;
// char s[2];
// dev = argv[1];
filename = "Logs/log.pcap"; // default output name
for (i = 1; i < argc; i++) {
if (strcmp(argv[i], "-o") == 0 && argv[i + 1]) {
filename = argv[++i];
printf("Device: %s\n", filename);
runl = 1;
} else if (strcmp(argv[i], "-f") == 0 && argv[i + 1]) {
strcpy(filter_exp, argv[++i]);
printf("Filter Expression = %s \n", filter_exp);
} else {
fprintf(stderr, "Error: unrecognized command-line options\n\n");
// exit(EXIT_FAILURE);
}
}
} else {
fprintf(stderr, "Error: unrecognized command-line options\n\n");
exit(EXIT_FAILURE);
}
printf("Capture filter: %s\n", filter_exp);
/* open capture device */
if (runl == 0) {
capturehandle = pcap_open_offline(filename, errbuf);
} else {
/* open capture device */
if ((capturehandle = pcap_open_live(filename, SNAP_LEN, 1, -1, errbuf)) == NULL) {
fprintf(stderr, "\nError: unable to open device %s: %s\n", filename, errbuf);
exit(EXIT_FAILURE);
}
}
/* determine link type */
pcaptype = pcap_datalink(capturehandle);
/* make sure we're capturing on an wireless device */
if (pcaptype == DLT_IEEE802_11) {
printf("Data Link Type: DLT_IEEE802_11\n");
filehandle = pcap_open_dead(DLT_IEEE802_11, BUFSIZ);
} else if (pcaptype == DLT_PRISM_HEADER) {
printf("Data Link Type: DLT_PRISM_HEADER (Experimental - not tested!)\n");
filehandle = pcap_open_dead(DLT_PRISM_HEADER, BUFSIZ);
} else if (pcaptype == DLT_IEEE802_11_RADIO) {
printf("Data Link Type: DLT_IEEE802_11_RADIO\n");
filehandle = pcap_open_dead(DLT_IEEE802_11_RADIO, BUFSIZ);
} else {
fprintf(stderr, "\nError: %s is not a supported wireless device.\n", dev);
exit(EXIT_FAILURE);
}
printf("-------------------------------------------------------------------------------------------------------------- \n\n\n");
printf("\n");
/* compile the filter expression */
if (pcap_compile(capturehandle, &fp, filter_exp, 0, 0) == -1) {
fprintf(stderr, "Error: unable to parse filter %s: %s\n", filter_exp, pcap_geterr(capturehandle));
exit(EXIT_FAILURE);
}
/* apply the compiled filter */
if (pcap_setfilter(capturehandle, &fp) == -1) {
fprintf(stderr, "Error: unable to install filter %s: %s\n", filter_exp, pcap_geterr(capturehandle));
exit(EXIT_FAILURE);
}
/* sniff until user terminates */
signal(SIGINT, terminate_process);
printf("Sniffing in progress...\n");
/* start sniffing */
pcap_loop(capturehandle, -1, got_packet, NULL);
sqlite3_close(db);
return EXIT_SUCCESS;
}