OpenVAS Scanner 23.32.3
nasl_frame_forgery.c File Reference

Functions to forge and manipulate datalink layer frames. More...

#include "nasl_frame_forgery.h"
#include "../misc/bpf_share.h"
#include "../misc/pcap_openvas.h"
#include "../misc/plugutils.h"
#include "capture_packet.h"
#include "nasl_debug.h"
#include <errno.h>
#include <gvm/base/networking.h>
#include <linux/if_packet.h>
#include <net/ethernet.h>
#include <net/if.h>
#include <net/if_arp.h>
#include <netinet/ether.h>
#include <netinet/if_ether.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/ioctl.h>
#include <unistd.h>
Include dependency graph for nasl_frame_forgery.c:

Go to the source code of this file.

Data Structures

struct  pseudo_eth_arp
struct  pseudo_frame

Macros

#define G_LOG_DOMAIN   "lib misc"
 GLib logging domain.

Functions

struct pseudo_eth_arp __attribute__ ((packed))
static void dump_frame (const u_char *frame, int frame_sz)
 Dump a datalink layer frame.
static void prepare_sockaddr_ll (struct sockaddr_ll *soc_addr_ll, int ifindex, const u_char *ether_dst_addr)
 Prepare message header to be sent with sendmsg().
static void prepare_message (u_char *msg, struct sockaddr_ll *soc_addr_ll, u_char *payload, int payload_sz)
 Prepare message header to be sent with sendmsg().
static int send_frame (const u_char *frame, int frame_sz, int use_pcap, int timeout, char *filter, struct in6_addr *ipaddr, u_char **answer)
 Send a frame and listen to the answer.
static int forge_frame (const u_char *ether_src_addr, const u_char *ether_dst_addr, int ether_proto, u_char *payload, int payload_sz, struct pseudo_frame **frame)
 Forge a datalink layer frame.
tree_cellnasl_forge_frame (lex_ctxt *lexic)
 Forge a datalink layer frame.
tree_cellnasl_send_frame (lex_ctxt *lexic)
 Send a frame and listen to the answer.
tree_cellnasl_dump_frame (lex_ctxt *lexic)
 Dump a datalink layer frame.
static int get_local_mac_address_from_ip (char *ip_address, u_char *mac)
 Get the MAC address of host.
tree_cellnasl_get_local_mac_address_from_ip (lex_ctxt *lexic)
 Get the MAC address of host.
tree_cellnasl_send_arp_request (lex_ctxt *lexic)
 Send an arp request to an IP host.

Variables

struct arphdr arp_header
u_char __ar_sha [ETH_ALEN]
u_char __ar_sip [4]
u_char __ar_tha [ETH_ALEN]
u_char __ar_tip [4]
u_char __zero_padding [18]
struct ethhdr framehdr
u_char * payload

Detailed Description

Functions to forge and manipulate datalink layer frames.

Definition in file nasl_frame_forgery.c.

Macro Definition Documentation

◆ G_LOG_DOMAIN

#define G_LOG_DOMAIN   "lib misc"

GLib logging domain.

Definition at line 38 of file nasl_frame_forgery.c.

Function Documentation

◆ __attribute__()

struct pseudo_eth_arp __attribute__ ( (packed) )

◆ dump_frame()

void dump_frame ( const u_char * frame,
int frame_sz )
static

Dump a datalink layer frame.

Parameters
frameThe frame to be dumped.
frame_szThe frame's size.

Definition at line 63 of file nasl_frame_forgery.c.

64{
65 int f = 0;
66
67 printf ("\nThe Frame:\n");
68 while (f < frame_sz)
69 {
70 printf ("%02x%02x ", ((u_char *) frame)[f], ((u_char *) frame)[f + 1]);
71 f += 2;
72 if (f % 16 == 0)
73 printf ("\n");
74 }
75 printf ("\n\n");
76}

Referenced by nasl_dump_frame().

Here is the caller graph for this function:

◆ forge_frame()

int forge_frame ( const u_char * ether_src_addr,
const u_char * ether_dst_addr,
int ether_proto,
u_char * payload,
int payload_sz,
struct pseudo_frame ** frame )
static

Forge a datalink layer frame.

Parameters
[in]src_haddrSource MAC address to use.
[in]dst_haddrDestination MAC address to use.
[in]ether_protoEthernet type integer in hex format. Default 0x0800 (ETHER_P_IP)
[in]payloadPayload to be attached to the frame. E.g a forged tcp datagram, or arp header
[out]framethe forge frame
Returns
the forged frame size.

Definition at line 230 of file nasl_frame_forgery.c.

233{
234 int frame_sz;
235
236 *frame = (struct pseudo_frame *) g_malloc0 (sizeof (struct pseudo_frame)
237 + payload_sz);
238
239 memcpy ((*frame)->framehdr.h_dest, ether_dst_addr, ETHER_ADDR_LEN);
240 memcpy ((*frame)->framehdr.h_source, ether_src_addr, ETHER_ADDR_LEN);
241 (*frame)->framehdr.h_proto = htons (ether_proto);
242 (*frame)->payload = payload;
243
244 frame_sz = ETH_HLEN + payload_sz;
245 memcpy ((char *) *frame + ETH_HLEN, payload, payload_sz);
246
247 return frame_sz;
248}
payload
u_char * payload
Definition nasl_frame_forgery.c:1
pseudo_frame
Definition nasl_frame_forgery.c:51

References payload.

Referenced by nasl_forge_frame(), and nasl_send_arp_request().

Here is the caller graph for this function:

◆ get_local_mac_address_from_ip()

int get_local_mac_address_from_ip ( char * ip_address,
u_char * mac )
static

Get the MAC address of host.

Parameters
[in]ip_addressLocal IP address
[out]macThe MAC address
Returns
0 on success. MAC address is put into buffer. -1 on error.

Definition at line 389 of file nasl_frame_forgery.c.

390{
391 struct ifreq ifr;
392 int sock;
393 char *if_name = NULL;
394
395 if_name = get_iface_from_ip (ip_address);
396 if (!if_name)
397 {
398 g_debug ("%s: Missing interface name", __func__);
399 return -1;
400 }
401
402 strncpy (ifr.ifr_name, if_name, sizeof (ifr.ifr_name) - 1);
403 g_free (if_name);
404 ifr.ifr_name[sizeof (ifr.ifr_name) - 1] = '\0';
405
406 sock = socket (PF_INET, SOCK_STREAM, 0);
407 if (-1 == sock)
408 {
409 perror ("socket() ");
410 return -1;
411 }
412
413 if (-1 == ioctl (sock, SIOCGIFHWADDR, &ifr))
414 {
415 g_debug ("%s: ioctl(SIOCGIFHWADDR)", __func__);
416 return -1;
417 }
418
419 memcpy (mac, (u_char *) ifr.ifr_hwaddr.sa_data, ETHER_ADDR_LEN);
420 close (sock);
421
422 return 0;
423}
mac
gpg_err_code_t mac(const char *key, const size_t key_len, const char *data, const size_t data_len, const char *iv, const size_t iv_len, int algo, int flags, char **out, size_t *out_len)
Definition nasl_crypt_helper.c:97
get_iface_from_ip
char * get_iface_from_ip(const char *local_ip)
Given an IP address, determines which interface belongs to.
Definition pcap.c:1280

References get_iface_from_ip(), and mac().

Referenced by nasl_get_local_mac_address_from_ip(), and nasl_send_arp_request().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nasl_dump_frame()

tree_cell * nasl_dump_frame ( lex_ctxt * lexic)

Dump a datalink layer frame.

@naslparam


  • frame The frame to be dumped.
Parameters
lexicLexical context of NASL interpreter.
Returns
Null

Definition at line 363 of file nasl_frame_forgery.c.

364{
365 u_char *frame = (u_char *) get_str_var_by_name (lexic, "frame");
366 int frame_sz = get_var_size_by_name (lexic, "frame");
367
368 if (frame == NULL || frame_sz <= 0)
369 {
370 nasl_perror (lexic, "%s usage: frame is a mandatory parameters.\n",
371 __func__);
372 return NULL;
373 }
374
375 dump_frame (frame, frame_sz);
376 return NULL;
377}
nasl_perror
void nasl_perror(lex_ctxt *lexic, char *msg,...)
Definition nasl_debug.c:105
dump_frame
static void dump_frame(const u_char *frame, int frame_sz)
Dump a datalink layer frame.
Definition nasl_frame_forgery.c:63
get_var_size_by_name
int get_var_size_by_name(lex_ctxt *, const char *)
Definition nasl_var.c:1138
get_str_var_by_name
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition nasl_var.c:1118

References dump_frame(), get_str_var_by_name(), get_var_size_by_name(), and nasl_perror().

Here is the call graph for this function:

◆ nasl_forge_frame()

tree_cell * nasl_forge_frame ( lex_ctxt * lexic)

Forge a datalink layer frame.

@naslparams


  • src_haddr Source MAC address to use.

  • dst_haddr Destination MAC address to use.

  • ether_proto Ethernet type integer in hex format. Default 0x0800 (ETHER_P_IP)

  • payload Payload to be attached to the frame. E.g a forged tcp datagram.
  • @naslreturn the forged frame.
Parameters
lexicLexical context of NASL interpreter.
Returns
tree_cell element or null.

Definition at line 268 of file nasl_frame_forgery.c.

269{
270 tree_cell *retc;
271 struct pseudo_frame *frame;
272 int frame_sz;
273 u_char *payload = (u_char *) get_str_var_by_name (lexic, "payload");
274 int payload_sz = get_var_size_by_name (lexic, "payload");
275 char *ether_src_addr = get_str_var_by_name (lexic, "src_haddr");
276 char *ether_dst_addr = get_str_var_by_name (lexic, "dst_haddr");
277 int ether_proto = get_int_var_by_name (lexic, "ether_proto", 0x0800);
278
279 if (ether_src_addr == NULL || ether_dst_addr == NULL || payload == NULL)
280 {
281 nasl_perror (lexic,
282 "%s usage: payload, src_haddr and dst_haddr are mandatory "
283 "parameters.\n",
284 __func__);
285 return NULL;
286 }
287
288 frame_sz = forge_frame ((u_char *) ether_src_addr, (u_char *) ether_dst_addr,
289 ether_proto, payload, payload_sz, &frame);
290
291 retc = alloc_typed_cell (CONST_DATA);
292 retc->x.str_val = (char *) frame;
293 retc->size = frame_sz;
294 return retc;
295}
forge_frame
static int forge_frame(const u_char *ether_src_addr, const u_char *ether_dst_addr, int ether_proto, u_char *payload, int payload_sz, struct pseudo_frame **frame)
Forge a datalink layer frame.
Definition nasl_frame_forgery.c:230
get_int_var_by_name
long int get_int_var_by_name(lex_ctxt *, const char *, int)
Definition nasl_var.c:1101
alloc_typed_cell
tree_cell * alloc_typed_cell(int typ)
Definition nasl_tree.c:25
CONST_DATA
@ CONST_DATA
Definition nasl_tree.h:82
tree_cell
struct TC tree_cell
TC::size
int size
Definition nasl_tree.h:99
TC::x
union TC::@332262321161220155002104006201360276211317150140 x
TC::str_val
char * str_val
Definition nasl_tree.h:103

References alloc_typed_cell(), CONST_DATA, forge_frame(), get_int_var_by_name(), get_str_var_by_name(), get_var_size_by_name(), nasl_perror(), payload, TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_get_local_mac_address_from_ip()

tree_cell * nasl_get_local_mac_address_from_ip ( lex_ctxt * lexic)

Get the MAC address of host.

@naslparam

  • ip_address Local IP address

    @naslreturn The MAC address of the host. NULL otherwise

Parameters
[in]lexicLexical context of NASL interpreter.

Definition at line 438 of file nasl_frame_forgery.c.

439{
440 tree_cell *retc = NULL;
441 char *buffer = NULL;
442 u_char *mac;
443
444 char *ip_address = get_str_var_by_num (lexic, 0);
445
446 mac = g_malloc0 (sizeof (u_char) * ETHER_ADDR_LEN);
447 get_local_mac_address_from_ip (ip_address, mac);
448 if (mac != NULL)
449 {
450 buffer = g_strdup_printf ("%02x:%02x:%02x:%02x:%02x:%02x", mac[0], mac[1],
451 mac[2], mac[3], mac[4], mac[5]);
452 g_free (mac);
453 retc = alloc_typed_cell (CONST_DATA);
454 retc->x.str_val = buffer;
455 retc->size = 17;
456 }
457
458 return retc;
459}
get_local_mac_address_from_ip
static int get_local_mac_address_from_ip(char *ip_address, u_char *mac)
Get the MAC address of host.
Definition nasl_frame_forgery.c:389
get_str_var_by_num
char * get_str_var_by_num(lex_ctxt *, int)
Definition nasl_var.c:1108

References alloc_typed_cell(), CONST_DATA, get_local_mac_address_from_ip(), get_str_var_by_num(), mac(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_send_arp_request()

tree_cell * nasl_send_arp_request ( lex_ctxt * lexic)

Send an arp request to an IP host.

NASL Returns:\n The MAC address of the target. NULL otherwise
Parameters
[in]lexicLexical context of NASL interpreter.
Returns
A tree cell or NULL.

Definition at line 471 of file nasl_frame_forgery.c.

472{
473 tree_cell *retc = NULL;
474 struct in6_addr src, *dst = plug_get_host_ip (lexic->script_infos);
475 struct in_addr dst_inaddr, src_inaddr;
476 struct pseudo_eth_arp eth_arp;
477 struct pseudo_frame *frame;
478 int frame_sz;
479 char ip_src_str[INET6_ADDRSTRLEN];
480 u_char mac_broadcast_addr[6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
481 u_char mac[6], *mac_aux;
482 char filter[255];
483 u_char *answer = NULL;
484 int answer_sz;
485 int to = get_int_var_by_name (lexic, "pcap_timeout", 5);
486
487 /* Get source IP address via routethrough. We need it to find our mac address.
488 */
489 if (dst == NULL || (IN6_IS_ADDR_V4MAPPED (dst) != 1))
490 return retc;
491
492 memset (&dst_inaddr, '\0', sizeof (struct in_addr));
493 dst_inaddr.s_addr = dst->s6_addr32[3];
494 routethrough (&dst_inaddr, &src_inaddr);
495 ipv4_as_ipv6 (&src_inaddr, &src);
496
497 /* Getting target IP address as string, to get the mac address */
498 addr6_to_str (&src, ip_src_str);
499
500 mac_aux = (u_char *) g_malloc0 (sizeof (u_char) * 6);
501 get_local_mac_address_from_ip (ip_src_str, mac_aux);
502 mac[0] = mac_aux[0];
503 mac[1] = mac_aux[1];
504 mac[2] = mac_aux[2];
505 mac[3] = mac_aux[3];
506 mac[4] = mac_aux[4];
507 mac[5] = mac_aux[5];
508 g_free (mac_aux);
509
510 /* Building ARP header */
511 memset (&eth_arp, '\0', sizeof (struct pseudo_eth_arp));
512 eth_arp.arp_header.ar_hrd = htons (ARPHRD_ETHER);
513 eth_arp.arp_header.ar_pro = htons (ETHERTYPE_IP);
514 eth_arp.arp_header.ar_hln = ETH_ALEN;
515 eth_arp.arp_header.ar_pln = 4;
516 eth_arp.arp_header.ar_op = htons (ARPOP_REQUEST);
517
518 memcpy (&(eth_arp.__ar_sha), mac, ETH_ALEN);
519 memcpy (&(eth_arp.__ar_sip), &src_inaddr, 4);
520 memcpy (&(eth_arp.__ar_tha), mac_broadcast_addr, ETH_ALEN);
521 memcpy (&(eth_arp.__ar_tip), &dst_inaddr, 4);
522
523 frame_sz =
524 forge_frame (mac, mac_broadcast_addr, ETH_P_ARP, (u_char *) &eth_arp,
525 sizeof (struct pseudo_eth_arp), &frame);
526
527 /* Prepare filter */
528 snprintf (filter, sizeof (filter), "arp and src host %s",
529 inet_ntoa (dst_inaddr));
530
531 answer_sz =
532 send_frame ((const u_char *) frame, frame_sz, 1, to, filter, dst, &answer);
533 g_free (frame);
534 if (answer_sz == -2)
535 {
536 g_message ("%s: Not possible to send the frame", __func__);
537 return NULL;
538 }
539
540 if (answer && answer_sz > -1)
541 {
542 char *daddr;
543 struct ether_header *answer_aux;
544
545 answer_aux = (struct ether_header *) answer;
546 daddr = g_strdup_printf (
547 "%02x:%02x:%02x:%02x:%02x:%02x", (u_int) answer_aux->ether_shost[0],
548 (u_int) answer_aux->ether_shost[1], (u_int) answer_aux->ether_shost[2],
549 (u_int) answer_aux->ether_shost[3], (u_int) answer_aux->ether_shost[4],
550 (u_int) answer_aux->ether_shost[5]);
551
552 retc = alloc_typed_cell (CONST_DATA);
553 retc->x.str_val = daddr;
554 retc->size = strlen (daddr);
555 }
556 else
557 g_debug ("%s: No answer received.", __func__);
558
559 return retc;
560}
send_frame
static int send_frame(const u_char *frame, int frame_sz, int use_pcap, int timeout, char *filter, struct in6_addr *ipaddr, u_char **answer)
Send a frame and listen to the answer.
Definition nasl_frame_forgery.c:141
daddr
struct in_addr daddr
Definition nasl_packet_forgery.c:1
routethrough
char * routethrough(struct in_addr *dest, struct in_addr *source)
An awesome function to determine what interface a packet to a given destination should be routed thro...
Definition pcap.c:1070
plug_get_host_ip
struct in6_addr * plug_get_host_ip(struct script_infos *args)
Definition plugutils.c:371
pseudo_eth_arp
Definition nasl_frame_forgery.c:41
struct_lex_ctxt::script_infos
struct script_infos * script_infos
Definition nasl_lex_ctxt.h:33

References pseudo_eth_arp::__ar_sha, pseudo_eth_arp::__ar_sip, pseudo_eth_arp::__ar_tha, pseudo_eth_arp::__ar_tip, alloc_typed_cell(), pseudo_eth_arp::arp_header, CONST_DATA, daddr, forge_frame(), get_int_var_by_name(), get_local_mac_address_from_ip(), mac(), plug_get_host_ip(), routethrough(), struct_lex_ctxt::script_infos, send_frame(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_send_frame()

tree_cell * nasl_send_frame ( lex_ctxt * lexic)

Send a frame and listen to the answer.

@naslparams


  • frame The frame to be sent.

  • pcap_active TRUE by default. Otherwise, NASL does not listen for the answers.

  • pcap_filter BPF filter.

  • pcap_timeout Capture timeout. 5 by default.
  • @naslreturn Sniffed answer.
Parameters
lexicLexical context of NASL interpreter.
Returns
tree_cell element or null.

Definition at line 314 of file nasl_frame_forgery.c.

315{
316 tree_cell *retc = NULL;
317 struct script_infos *script_infos = lexic->script_infos;
318 struct in6_addr *ipaddr = plug_get_host_ip (script_infos);
319 u_char *frame = (u_char *) get_str_var_by_name (lexic, "frame");
320 int frame_sz = get_var_size_by_name (lexic, "frame");
321 int use_pcap = get_int_var_by_name (lexic, "pcap_active", 1);
322 int to = get_int_var_by_name (lexic, "pcap_timeout", 5);
323 char *filter = get_str_var_by_name (lexic, "pcap_filter");
324 u_char *answer = NULL;
325 int answer_sz;
326
327 if (frame == NULL || frame_sz <= 0)
328 {
329 nasl_perror (lexic, "%s usage: frame is a mandatory parameters.\n",
330 __func__);
331 return NULL;
332 }
333
334 answer_sz =
335 send_frame (frame, frame_sz, use_pcap, to, filter, ipaddr, &answer);
336 if (answer_sz == -2)
337 {
338 g_message ("%s: Not possible to send the frame", __func__);
339 return NULL;
340 }
341
342 if (answer && answer_sz > -1)
343 {
344 retc = alloc_typed_cell (CONST_DATA);
345 retc->x.str_val = (char *) answer;
346 retc->size = answer_sz;
347 }
348
349 return retc;
350}
script_infos
Definition scanneraux.h:29

References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), get_str_var_by_name(), get_var_size_by_name(), nasl_perror(), plug_get_host_ip(), struct_lex_ctxt::script_infos, send_frame(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ prepare_message()

void prepare_message ( u_char * msg,
struct sockaddr_ll * soc_addr_ll,
u_char * payload,
int payload_sz )
static

Prepare message header to be sent with sendmsg().

Parameters
[out]msgThe packaged messages to be sent
[in]soc_addr_llThe sockaddr_ll structure for capturing
[in]payloadThe payload, a datalink layer frame with payload
[in]payload_szThe payload size.

Definition at line 103 of file nasl_frame_forgery.c.

105{
106 struct iovec iov;
107 struct msghdr *message;
108
109 iov.iov_base = payload;
110 iov.iov_len = payload_sz;
111
112 message = g_malloc0 (sizeof (struct msghdr) + payload_sz);
113
114 message->msg_name = soc_addr_ll;
115 message->msg_namelen = sizeof (struct sockaddr_ll);
116 message->msg_iov = &iov;
117 message->msg_iovlen = 1;
118 message->msg_control = 0;
119 message->msg_controllen = 0;
120
121 memcpy (msg, (u_char *) message, sizeof (struct msghdr) + payload_sz);
122 g_free (message);
123}

References payload.

Referenced by send_frame().

Here is the caller graph for this function:

◆ prepare_sockaddr_ll()

void prepare_sockaddr_ll ( struct sockaddr_ll * soc_addr_ll,
int ifindex,
const u_char * ether_dst_addr )
static

Prepare message header to be sent with sendmsg().

Parameters
[out]soc_addr_llThe sockaddr_ll structure to be prepared
[in]ifindexThe interface index to be use for capturing.
[in]ether_dst_addrThe dst MAC address.

Definition at line 85 of file nasl_frame_forgery.c.

87{
88 soc_addr_ll->sll_family = AF_PACKET;
89 soc_addr_ll->sll_ifindex = ifindex;
90 soc_addr_ll->sll_halen = ETHER_ADDR_LEN;
91 soc_addr_ll->sll_protocol = htons (ETH_P_ALL);
92 memcpy (soc_addr_ll->sll_addr, ether_dst_addr, ETHER_ADDR_LEN);
93}

Referenced by send_frame().

Here is the caller graph for this function:

◆ send_frame()

int send_frame ( const u_char * frame,
int frame_sz,
int use_pcap,
int timeout,
char * filter,
struct in6_addr * ipaddr,
u_char ** answer )
static

Send a frame and listen to the answer.

Parameters
[in]

The frame to be sent.

Parameters
[in]

The frame's size.

Parameters
[in]

TRUE by default. Otherwise, NASL does not listen for the answers.

Parameters
[in]

BPF filter.

Parameters
[in]

Capture timeout. 5 by default.

Parameters
[in]

Destination address, used for calculating the ethernet index

Parameters
[out]

Sniffed answer.

Returns
Bits received in the answer or 0 on success, -1 if no answer, -2 error sending the message.

Definition at line 141 of file nasl_frame_forgery.c.

143{
144 int soc;
145 u_char *message;
146 int ifindex;
147 int bpf = -1;
148 int frame_and_payload = 0;
149 int answer_sz = -1;
150
151 // Create the raw socket
152 soc = socket (AF_PACKET, SOCK_RAW, htons (ETH_P_ALL));
153 if (soc == -1)
154 {
155 g_debug ("%s: %s", __func__, strerror (errno));
156 return -1;
157 }
158
159 // We will need the eth index. We get it depending on the target's IP..
160 if (get_iface_index (ipaddr, &ifindex) < 0)
161 {
162 g_message ("%s: Missing interface index\n", __func__);
163 return -1;
164 }
165
166 // Prepare sockaddr_ll. This is necessary for further captures
167 u_char dst_haddr[ETHER_ADDR_LEN];
168 memcpy (&dst_haddr, (struct pseudo_frame *) frame, ETHER_ADDR_LEN);
169
170 struct sockaddr_ll soc_addr;
171 memset (&soc_addr, '\0', sizeof (struct sockaddr_ll));
172 prepare_sockaddr_ll (&soc_addr, ifindex, dst_haddr);
173
174 /* Init capture */
175 if (use_pcap != 0 && bpf < 0)
176 {
177 if (IN6_IS_ADDR_V4MAPPED (ipaddr))
178 {
179 struct in_addr sin, this_host;
180 memset (&sin, '\0', sizeof (struct in_addr));
181 memset (&this_host, '\0', sizeof (struct in_addr));
182 sin.s_addr = ipaddr->s6_addr32[3];
183 bpf = init_capture_device (sin, this_host, filter);
184 }
185 else
186 {
187 struct in6_addr this_host;
188 memset (&this_host, '\0', sizeof (struct in6_addr));
189 bpf = init_v6_capture_device (*ipaddr, this_host, filter);
190 }
191 }
192
193 // Prepare the message and send it
194 message = g_malloc0 (sizeof (struct msghdr) + frame_sz);
195 prepare_message (message, &soc_addr, (u_char *) frame, frame_sz);
196
197 int b = sendmsg (soc, (struct msghdr *) message, 0);
198 g_free (message);
199 if (b == -1)
200 {
201 g_message ("%s: Error sending message: %s", __func__, strerror (errno));
202 return -2;
203 }
204 if (bpf >= 0)
205 {
206 *answer = (u_char *) capture_next_frame (bpf, timeout, &answer_sz,
207 frame_and_payload);
208 bpf_close (bpf);
209 close (soc);
210 return answer_sz;
211 }
212
213 close (soc);
214 return 0;
215}
bpf_close
void bpf_close(int bpf)
Definition bpf_share.c:164
capture_next_frame
char * capture_next_frame(int bpf, int timeout, int *sz, int dl_layer_only)
Capture a link layer frame.
Definition capture_packet.c:96
init_capture_device
int init_capture_device(struct in_addr src, struct in_addr dest, char *filter)
Set up the pcap filter, and select the correct interface.
Definition capture_packet.c:31
init_v6_capture_device
int init_v6_capture_device(struct in6_addr src, struct in6_addr dest, char *filter)
Definition capture_packet.c:215
prepare_sockaddr_ll
static void prepare_sockaddr_ll(struct sockaddr_ll *soc_addr_ll, int ifindex, const u_char *ether_dst_addr)
Prepare message header to be sent with sendmsg().
Definition nasl_frame_forgery.c:85
prepare_message
static void prepare_message(u_char *msg, struct sockaddr_ll *soc_addr_ll, u_char *payload, int payload_sz)
Prepare message header to be sent with sendmsg().
Definition nasl_frame_forgery.c:103
get_iface_index
int get_iface_index(struct in6_addr *ipaddr, int *ifindex)
Get the interface index depending on the target's IP.
Definition pcap.c:1334

References bpf_close(), capture_next_frame(), get_iface_index(), init_capture_device(), init_v6_capture_device(), prepare_message(), and prepare_sockaddr_ll().

Referenced by nasl_send_arp_request(), and nasl_send_frame().

Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ __ar_sha

u_char __ar_sha[ETH_ALEN]

Definition at line 1 of file nasl_frame_forgery.c.

◆ __ar_sip

u_char __ar_sip[4]

Definition at line 2 of file nasl_frame_forgery.c.

◆ __ar_tha

u_char __ar_tha[ETH_ALEN]

Definition at line 3 of file nasl_frame_forgery.c.

◆ __ar_tip

u_char __ar_tip[4]

Definition at line 4 of file nasl_frame_forgery.c.

◆ __zero_padding

u_char __zero_padding[18]

Definition at line 5 of file nasl_frame_forgery.c.

◆ arp_header

struct arphdr arp_header

Definition at line 0 of file nasl_frame_forgery.c.

◆ framehdr

struct ethhdr framehdr

Definition at line 0 of file nasl_frame_forgery.c.

◆ payload

u_char* payload

Definition at line 1 of file nasl_frame_forgery.c.

Referenced by forge_frame(), nasl_forge_frame(), prepare_message(), and run_table_driven_lsc().