/* Name: Brenden Keyes and Robert Casey Date: 2/13/04 Purpose: This file sniffs packets entering a port that is linked to AOL Instant Messanger. If the packet is that of an incoming instant message, it will send a byte to the serial port. That byte will be send via IR to the Handy Cricket which will turn a motor. Thus, the motor turns if the person on the computer is talking on AIM, or gets an Instant Message. Credits - Some of this code is part of the following: You Have to link it with WS2_32.lib I have this code successfully compiled and tested under win2k and vc6++ ->http://blacksun.box.sk/tutorials/format.php3?file=part3.html ->http://www.somethinginteresting.org/poorsniff/ ->And Linsniffer comments to ich@delikon.de or visit me at www.delikon.de The basic serial port code is borrowed as well, the link is lost however. */ #include #include #include #include #include #include "serialport.h" #define SIO_RCVALL _WSAIOW(IOC_VENDOR,1) #define MAX_ADDR_LEN 16 #define MAX_HOSTNAME_LAN 255 /*Under Construction ;=) void flag (int f) { if (f ==256) printf("Fin"); if (f == 512) printf("Syn"); if (f == 1024) printf("Rst"); if (f == 2048) printf("Psh"); if (f == 4096) printf("Ack"); if (f == 8192) printf("Urg"); else {} } */ //Thanks too Mike Edulla for Linsniffer void print_data(int datalen, char *data) { int t=0; printf("Datalen is: %d\n\n",datalen); for(int i=38;i != datalen;i++) { if(data[i] == 13) { printf("\n"); t=0; } if(isprint(data[i])) { printf("%c", data[i]); t++; } if(t > 75) { t=0; printf("\n"); } } } typedef struct _iphdr { unsigned char h_lenver; unsigned char tos; unsigned short total_len; unsigned short ident; unsigned short frag_and_flags; unsigned char ttl; unsigned char proto; unsigned short checksum; unsigned int sourceIP; unsigned int destIP; }IP_HDR; typedef struct tcpheader { unsigned short int sport; unsigned short int dport; unsigned int th_seq; unsigned int th_ack; unsigned char th_x2:4; unsigned char th_off:4; unsigned char Flags; unsigned short int th_win; unsigned short int th_sum; unsigned short int th_urp; }TCP_HDR; int RecvPacket(); int filterpacket(char *buf); char output[500]; void main() { if(!RecvPacket()) printf("Error Initializing COM1\n\n"); } int RecvPacket() { hPort = INVALID_HANDLE_VALUE; // Serial port handle hReadThread = NULL; // Handle to the read thread lpszDevName = TEXT("COM1:"); // Initialize the port. if (!PortInitialize (lpszDevName)) { return(0) ; } SOCKET sock; WSADATA wsd; char RecvBuf[65535] = {0}; char *HTML = ""; DWORD dwBytesRet; unsigned int optval = 1; WSAStartup(MAKEWORD(2,1),&wsd); sock = socket(AF_INET, SOCK_RAW, IPPROTO_IP); char FAR name[MAX_HOSTNAME_LAN]; gethostname(name, MAX_HOSTNAME_LAN); struct hostent FAR * pHostent; pHostent = (struct hostent * )malloc(sizeof(struct hostent)); pHostent = gethostbyname(name); SOCKADDR_IN sa; sa.sin_family = AF_INET; sa.sin_port = htons(6000); memcpy(&sa.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent->h_length); bind(sock, (SOCKADDR *)&sa, sizeof(sa)); WSAIoctl(sock, SIO_RCVALL, &optval, sizeof(optval), NULL, 0, &dwBytesRet, NULL, NULL); while (1) { memset(RecvBuf, 0, sizeof(RecvBuf)); recv(sock, RecvBuf, sizeof(RecvBuf), 0); // Filter the Packet IP_HDR *pIpheader; TCP_HDR *pTcpheader; char szSourceIP[MAX_ADDR_LEN], szDestIP[MAX_ADDR_LEN]; SOCKADDR_IN saSource, saDest; pIpheader = (IP_HDR *)RecvBuf; pTcpheader = (TCP_HDR *)(RecvBuf+ sizeof(IP_HDR)); saSource.sin_addr.s_addr = pIpheader->sourceIP; strncpy(szSourceIP, inet_ntoa(saSource.sin_addr), MAX_ADDR_LEN); //Check Dest IP saDest.sin_addr.s_addr = pIpheader->destIP; strncpy(szDestIP, inet_ntoa(saDest.sin_addr), MAX_ADDR_LEN); printf("%s->%s\n", szSourceIP, szDestIP); printf("TTL=%d\n",pIpheader->ttl); printf("Flags=%d\n",htons(pTcpheader->Flags)); printf("destport=%d\nsourceport=%d\n", ntohs(pTcpheader->dport),ntohs(pTcpheader->sport)); /* 25 is the port this computer's AIM is set to. */ if( ntohs(pTcpheader->sport) == 25) { printf("\n************PACKETstart************\n"); printf("%s->%s\n", szSourceIP, szDestIP); printf("TTL=%d\n",pIpheader->ttl); printf("Flags=%d\n",htons(pTcpheader->Flags)); printf("destport=%d\nsourceport=%d\n", ntohs(pTcpheader->dport),ntohs(pTcpheader->sport)); printf("\n\n\n-----------DATAstart---------\n"); print_data(13+(htons(pIpheader->total_len))-sizeof(pIpheader)-sizeof(pTcpheader), RecvBuf); int flag = 0; for( unsigned int i = 38; i < /*13+*/(htons(pIpheader->total_len))-sizeof(pIpheader)-sizeof(pTcpheader) && !flag; i++) { if(( RecvBuf[i] == '<' ) && ( RecvBuf[i+1] == 'H' ) && ( RecvBuf[i+2] == 'T' ) && ( RecvBuf[i+3] == 'M' ) && ( RecvBuf[i+4] == 'L' ) && ( RecvBuf[i+5] == '>' )) flag = 1; if(( !flag) && ( RecvBuf[i] == 'c' ) && ( RecvBuf[i+1] == 'h' ) && ( RecvBuf[i+2] == 'a' ) && ( RecvBuf[i+3] == 'r' ) && ( RecvBuf[i+4] == 's' ) && ( RecvBuf[i+5] == 'e' ) && ( RecvBuf[i+6] == 't' ) && ( RecvBuf[i+7] == '=' ) ) flag = 1; if(flag) { printf("WRITING 77 TO COM1\n"); PortWrite(77) ; } } flag = 0; printf("\n-----------DATAend---------\n"); printf("\n\n***************PACKETend************\n"); } } PortClose(hPort) ; /* Free the Socket down here? */ return(1); }