diff options
Diffstat (limited to 'unmaintained/dsniff/03_pcap_read_dump.patch')
-rw-r--r-- | unmaintained/dsniff/03_pcap_read_dump.patch | 531 |
1 files changed, 531 insertions, 0 deletions
diff --git a/unmaintained/dsniff/03_pcap_read_dump.patch b/unmaintained/dsniff/03_pcap_read_dump.patch new file mode 100644 index 0000000000..18369f9a85 --- /dev/null +++ b/unmaintained/dsniff/03_pcap_read_dump.patch @@ -0,0 +1,531 @@ +Author: Joseph Battaglia <sephail@sephail.net> and Joshua Krage <jkrage@guisarme.us> +Description: Allow the reading of saved PCAP capture files. +Closes #153462 +Closes #298604 +--- a/dsniff.8 2011-06-19 17:14:20.847999386 -0500 ++++ b/dsniff.8 2011-06-19 17:15:01.067999376 -0500 +@@ -10,7 +10,7 @@ + .nf + .fi + \fBdsniff\fR [\fB-c\fR] [\fB-d\fR] [\fB-m\fR] [\fB-n\fR] [\fB-i +-\fIinterface\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] ++\fIinterface\fR | \fB-p \fIpcapfile\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] + [\fB-t \fItrigger[,...]\fR]] + [\fB-r\fR|\fB-w\fR \fIsavefile\fR] [\fIexpression\fR] + .SH DESCRIPTION +@@ -45,6 +45,9 @@ + Do not resolve IP addresses to hostnames. + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Rather than processing the contents of packets observed upon the network ++process the given PCAP capture file. + .IP "\fB-s \fIsnaplen\fR" + Analyze at most the first \fIsnaplen\fR bytes of each TCP connection, + rather than the default of 1024. +--- a/dsniff.c 2011-06-19 17:14:20.303999384 -0500 ++++ b/dsniff.c 2011-06-19 17:15:01.071999376 -0500 +@@ -46,8 +46,9 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: dsniff [-cdmn] [-i interface] [-s snaplen] [-f services]\n" +- " [-t trigger[,...]] [-r|-w savefile] [expression]\n"); ++ "Usage: dsniff [-cdmn] [-i interface | -p pcapfile] [-s snaplen]\n" ++ " [-f services] [-t trigger[,...]] [-r|-w savefile]\n" ++ " [expression]\n"); + exit(1); + } + +@@ -79,7 +80,7 @@ + + services = savefile = triggers = NULL; + +- while ((c = getopt(argc, argv, "cdf:i:mnr:s:t:w:h?V")) != -1) { ++ while ((c = getopt(argc, argv, "cdf:i:mnp:r:s:t:w:h?V")) != -1) { + switch (c) { + case 'c': + Opt_client = 1; +@@ -99,6 +100,9 @@ + case 'n': + Opt_dns = 0; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + case 'r': + Opt_read = 1; + savefile = optarg; +@@ -168,10 +172,23 @@ + else nids_register_tcp(trigger_tcp); + + if (nids_params.pcap_filter != NULL) { +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } + } +- else warnx("listening on %s", nids_params.device); + + nids_run(); + +--- a/filesnarf.8 2011-06-19 17:14:22.343999384 -0500 ++++ b/filesnarf.8 2011-06-19 17:15:01.071999376 -0500 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBfilesnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] ++\fBfilesnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] + .SH DESCRIPTION + .ad + .fi +@@ -18,6 +18,8 @@ + .SH OPTIONS + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP \fB-v\fR + "Versus" mode. Invert the sense of matching, to select non-matching + files. +--- a/filesnarf.c 2011-06-19 17:14:22.155999384 -0500 ++++ b/filesnarf.c 2011-06-19 17:15:01.075999376 -0500 +@@ -51,7 +51,7 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: filesnarf [-i interface] [[-v] pattern [expression]]\n"); ++ "Usage: filesnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); + exit(1); + } + +@@ -464,11 +464,14 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "i:vh?V")) != -1) { ++ while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + case 'v': + Opt_invert = 1; + break; +@@ -498,11 +501,24 @@ + nids_register_ip(decode_udp_nfs); + nids_register_tcp(decode_tcp_nfs); + +- if (nids_params.pcap_filter != NULL) { +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); +- } +- else warnx("listening on %s", nids_params.device); ++ if (nids_params.pcap_filter != NULL) { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ } + + nids_run(); + +--- a/mailsnarf.8 2011-06-19 17:14:21.099999386 -0500 ++++ b/mailsnarf.8 2011-06-19 17:15:01.079999376 -0500 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBmailsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] ++\fBmailsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] + .SH DESCRIPTION + .ad + .fi +@@ -19,6 +19,8 @@ + .SH OPTIONS + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP \fB-v\fR + "Versus" mode. Invert the sense of matching, to select non-matching + messages. +--- a/mailsnarf.c 2011-06-19 17:14:59.327999376 -0500 ++++ b/mailsnarf.c 2011-06-19 17:15:01.083999376 -0500 +@@ -59,7 +59,7 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: mailsnarf [-i interface] [[-v] pattern [expression]]\n"); ++ "Usage: mailsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); + exit(1); + } + +@@ -344,11 +344,14 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "i:vh?V")) != -1) { ++ while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + case 'v': + Opt_invert = 1; + break; +@@ -378,10 +381,23 @@ + nids_register_tcp(sniff_pop_session); + + if (nids_params.pcap_filter != NULL) { +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); +- } +- else warnx("listening on %s", nids_params.device); ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ } + + nids_run(); + +--- a/msgsnarf.8 2011-06-19 17:14:21.771999384 -0500 ++++ b/msgsnarf.8 2011-06-19 17:15:01.087999376 -0500 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBmsgsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] ++\fBmsgsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] + .SH DESCRIPTION + .ad + .fi +@@ -19,6 +19,8 @@ + .SH OPTIONS + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP \fB-v\fR + "Versus" mode. Invert the sense of matching, to select non-matching + messages. +--- a/msgsnarf.c 2011-06-19 17:14:56.475999377 -0500 ++++ b/msgsnarf.c 2011-06-19 17:15:01.091999376 -0500 +@@ -45,7 +45,7 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: msgsnarf [-i interface] [[-v] pattern [expression]]\n"); ++ "Usage: msgsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); + exit(1); + } + +@@ -633,11 +633,14 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "i:hv?V")) != -1) { ++ while ((c = getopt(argc, argv, "i:p:hv?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + case 'v': + Opt_invert = 1; + break; +@@ -666,11 +669,24 @@ + + nids_register_tcp(sniff_msgs); + +- if (nids_params.pcap_filter != NULL) { +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); +- } +- else warnx("listening on %s", nids_params.device); ++ if (nids_params.pcap_filter != NULL) { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ } + + nids_run(); + +--- a/sshow.8 2011-06-19 17:14:18.839999384 -0500 ++++ b/sshow.8 2011-06-19 17:15:01.095999376 -0500 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR] [\fIexpression\fR] ++\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [\fIexpression\fR] + .SH DESCRIPTION + .ad + .fi +@@ -28,6 +28,8 @@ + Enable verbose debugging output. + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP "\fIexpression\fR" + Specify a tcpdump(8) filter expression to select traffic to sniff. + .SH "SEE ALSO" +--- a/sshow.c 2011-06-19 17:14:56.475999377 -0500 ++++ b/sshow.c 2011-06-19 17:15:01.099999376 -0500 +@@ -82,7 +82,7 @@ + static void + usage(void) + { +- fprintf(stderr, "Usage: sshow [-d] [-i interface]\n"); ++ fprintf(stderr, "Usage: sshow [-d] [-i interface | -p pcapfile]\n"); + exit(1); + } + +@@ -616,7 +616,7 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "di:h?")) != -1) { ++ while ((c = getopt(argc, argv, "di:p:h?")) != -1) { + switch (c) { + case 'd': + debug++; +@@ -624,6 +624,9 @@ + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + default: + usage(); + break; +@@ -652,11 +655,24 @@ + + nids_register_tcp(process_event); + +- if (nids_params.pcap_filter != NULL) { +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); +- } +- else warnx("listening on %s", nids_params.device); ++ if (nids_params.pcap_filter != NULL) { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ } + + nids_run(); + +--- a/urlsnarf.8 2011-06-19 17:14:19.727999384 -0500 ++++ b/urlsnarf.8 2011-06-19 17:15:01.099999376 -0500 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] ++\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] + .SH DESCRIPTION + .ad + .fi +@@ -21,6 +21,9 @@ + .IP \fB-n\fR + Do not resolve IP addresses to hostnames. + .IP "\fB-i \fIinterface\fR" ++Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP \fB-v\fR + "Versus" mode. Invert the sense of matching, to select non-matching + URLs. +--- a/urlsnarf.c 2011-06-19 17:14:19.323999384 -0500 ++++ b/urlsnarf.c 2011-06-19 17:15:01.103999376 -0500 +@@ -41,7 +41,7 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: urlsnarf [-n] [-i interface] [[-v] pattern [expression]]\n"); ++ "Usage: urlsnarf [-n] [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); + exit(1); + } + +@@ -201,11 +201,14 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "i:nvh?V")) != -1) { ++ while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + case 'n': + Opt_dns = 0; + break; +@@ -238,8 +241,24 @@ + + nids_register_tcp(sniff_http_client); + +- warnx("listening on %s [%s]", nids_params.device, +- nids_params.pcap_filter); ++ if (nids_params.pcap_filter != NULL) { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s [%s]", nids_params.device, ++ nids_params.pcap_filter); ++ } ++ else { ++ warnx("using %s [%s]", nids_params.filename, ++ nids_params.pcap_filter); ++ } ++ } ++ else { ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ } + + nids_run(); + +--- a/webspy.8 2011-06-19 17:14:18.319999386 -0500 ++++ b/webspy.8 2011-06-19 17:15:01.107999376 -0500 +@@ -9,7 +9,7 @@ + .na + .nf + .fi +-\fBwebspy\fR [\fB-i \fIinterface\fR] \fIhost\fR ++\fBwebspy\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] \fIhost\fR + .SH DESCRIPTION + .ad + .fi +@@ -20,6 +20,8 @@ + .SH OPTIONS + .IP "\fB-i \fIinterface\fR" + Specify the interface to listen on. ++.IP "\fB-p \fIpcapfile\fR" ++Process packets from the specified PCAP capture file instead of the network. + .IP \fIhost\fR + Specify the web client to spy on. + .SH "SEE ALSO" +--- a/webspy.c 2011-06-19 17:14:21.395999384 -0500 ++++ b/webspy.c 2011-06-19 17:15:01.111999376 -0500 +@@ -42,7 +42,7 @@ + usage(void) + { + fprintf(stderr, "Version: " VERSION "\n" +- "Usage: %s [-i interface] host\n", progname); ++ "Usage: %s [-i interface | -p pcapfile] host\n", progname); + exit(1); + } + +@@ -184,11 +184,14 @@ + extern int optind; + int c; + +- while ((c = getopt(argc, argv, "i:h?V")) != -1) { ++ while ((c = getopt(argc, argv, "i:p:h?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; ++ case 'p': ++ nids_params.filename = optarg; ++ break; + default: + usage(); + } +@@ -216,7 +219,13 @@ + + nids_register_tcp(sniff_http_client); + +- warnx("listening on %s", nids_params.device); ++ if (nids_params.filename == NULL) { ++ warnx("listening on %s", nids_params.device); ++ } ++ else { ++ warnx("using %s", nids_params.filename); ++ } ++ + + nids_run(); + |