Thread: C program to SNIFF wifi packets without using lpcap

Hi All,

I have a requirement to sniff the wifi packets. There are examples available which does the sniffing using pcap functionality. I need a C program which will sniff the wifi packets without using pcap functionality.. Kindly help....

Code:

#include<pcap.h>
#include<stdio.h>
#include<stdlib.h> // for exit()
#include<string.h> //for memset

#include<sys/socket.h>
#include<arpa/inet.h> // for inet_ntoa()
#include<net/ethernet.h>
#include<netinet/ip_icmp.h>   //Provides declarations for icmp header
#include<netinet/udp.h>   //Provides declarations for udp header
#include<netinet/tcp.h>   //Provides declarations for tcp header
#include<netinet/ip.h>    //Provides declarations for ip header


int main()
{
    pcap_if_t *alldevsp , *device;
    pcap_t *handle; //Handle of the device that shall be sniffed
    struct bpf_program fp;              /* The compiled filter */
    char filter_exp[] = "((type mgt subtype auth) or (type mgt subtype assoc-req) or (type mgt subtype deauth) )";      /* The filter expression */
    //char filter_exp[] = "tcp";        /* The filter expression */
                bpf_u_int32 mask;               /* Our netmask */
                bpf_u_int32 net;                /* Our IP */

    char errbuf[100] , *devname , devs[100][100];
    int count = 1 , n;

    //First get the list of available devices
    printf("Finding available devices ... ");
    if( pcap_findalldevs( &alldevsp , errbuf) )
    {
        printf("Error finding devices : %s" , errbuf);
        exit(1);
    }
    printf("Done");

    //Print the available devices
    printf("\nAvailable Devices are :\n");
    for(device = alldevsp ; device != NULL ; device = device->next)
    {
        printf("%d. %s - %s\n" , count , device->name , device->description);
        if(device->name != NULL)
        {
            strcpy(devs[count] , device->name);
        }
        count++;
    }



    //Ask user which device to sniff
    printf("Enter the number of the device you want to sniff : ");
    scanf("%d" , &n);
    devname = devs[n];

    //Open the device for sniffing
    printf("Opening device %s for sniffing ... " , devname);
    handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);

    if (handle == NULL)
    {
        fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
        exit(1);
    }
    printf("Done\n");

    logfile=fopen("log.txt","w");
    if(logfile==NULL)
    {
            printf("Unable to create file.");
    }
#if 1
    /* Compile and apply the filter */
    if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
            fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp, pcap_geterr(handle));
            return(2);
    }
    if (pcap_setfilter(handle, &fp) == -1) {
            fprintf(stderr, "Couldn't install filter %s: %s\n", filter_exp, pcap_geterr(handle));
            return(2);
    }
#endif

    //Put the device in sniff loop
    pcap_loop(handle , -1 , process_packet , NULL);

    return 0;
}

It's system dependent and it doesn't really have anything to do with C. On Linux, I have personally taken the following approach.

Code:

#include <stdio.h>
#include <stdlib.h>
#include <arpa/inet.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>
#include <linux/if_ether.h>

int main(void)
{
	unsigned char buf[1500];
	int fd, n;

	if ((fd = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL))) == -1) {
		fprintf(stderr, "failed to initialise socket\n");
		return EXIT_FAILURE;
	}
	while ((n = read(fd, buf, sizeof buf)) > 0)
		fwrite(buf, 1, n, stdout);
	close(fd);
	return EXIT_FAILURE;
}

I have no idea about other operating systems, but usually this sort of thing isn't very well documented ...

Please experiment with libpcap and socket, and find out for yourselves where the described security feature is implemented. It is more helpful than making hasty judgements about mahe's character.

Originally Posted by Jimmy

on each of those occasions pigs flew.

Finally visible proof of God, did you get any pictures

no the pigs flying would not be salems doing but god's doing to make a point.
But while we're on the topic of God I'll make a quick point that caused me to find my faith (hopefully others too):

Existence is infinite in all directions, just as eternal time (not the relative time we perceive) is infinite in the only 2 directions it can go, does it not stand to reason then that the God described by the Holy Bible cannot help but exist and that in turn we should give more serious thought to the words of his son Jesus Christ who now resides on heavens throne where he rightfully belongs:

None may enter heaven except through him, that whosoever believeth on him shall have everlasting life.

There is plenty more of what he said that should be paid attention to but that is the most important, I'll look up the exact sentence later for quoting.

I don't care for mahe's intentions, or Salem's assumptions about them, as I post to talk about interesting things like programming. :-p

What I have found is that the call to socket fails whenever I run the program as an unprivileged user. Did you have similar results?

Originally Posted by zyxwvuts

It's system dependent and it doesn't really have anything to do with C. On Linux, I have personally taken the following approach.

Code:

#include  #include  #include  #include  #include  #include  #include   int main(void) { 	unsigned char buf[1500]; 	int fd, n;  	if ((fd = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL))) == -1) { 		fprintf(stderr, "failed to initialise socket\n"); 		return EXIT_FAILURE; 	} 	while ((n = read(fd, buf, sizeof buf)) > 0) 		fwrite(buf, 1, n, stdout); 	close(fd); 	return EXIT_FAILURE; }

I have no idea about other operating systems, but usually this sort of thing isn't very well documented ...

Thanks for your reply... Are you using raw socket to get the packets from wireless interface?? My requriement is to capture the packets from wlan0 interface. How to do it via raw socket?? Can you help me??

Originally Posted by awsdert

Existence is infinite in all directions, just as eternal time (not the relative time we perceive) is infinite in the only 2 directions it can go, does it not stand to reason...

I'd be careful of drawing conclusions from such an obviously flawed premise.

Originally Posted by awsdert

There is plenty more of what he said that should be paid attention to but that is the most important, I'll look up the exact sentence later for quoting.

Let's just keep it to programming, shall we?

Originally Posted by mahe2789

Thanks for your reply... Are you using raw socket to get the packets from wireless interface?? My requriement is to capture the packets from wlan0 interface. How to do it via raw socket?? Can you help me??

mahe , you want to capture packets in the network you are connected? i mean with wlan0 interface you can only capture packets and filter received to you!! ..else use you want to be in monitor mode !