Thread: attempt to get IP with inet_ntoa()

  1. #1
    Registered User
    Join Date
    Jun 2012
    Posts
    2

    attempt to get IP with inet_ntoa()

    Good evening! inet_ntoa isn't returning a char*, I need to typecast it. But in this case, I get a segmentation fault on gcc while trying to capture an IP header. I know inet_ntoa is deprecated but it's still working in the wild

    inet_ntoa() is inside the decode_ip() function in the code below (in bold):

    Code:
    #include <pcap.h>
    #include "hacking.h"
    #include "hacking-network.h"
    
    
    void pcap_fatal(const char *, const char *);
    void decode_ethernet(const u_char *);
    void decode_ip(const u_char *);
    u_int decode_tcp(const u_char *);
    
    void caught_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
    
    int main() {
        struct pcap_pkthdr cap_header;
        const u_char *packet, *pkt_data;
        char errbuf[PCAP_ERRBUF_SIZE];
        char *device;
    
        pcap_t *pcap_handle;
        
        device = pcap_lookupdev(errbuf);
        if(device == NULL)
            pcap_fatal("pcap_lookupdev", errbuf);
    
        printf("Sniffing on device %s\n", device);
        
        pcap_handle = pcap_open_live(device, 4096, 1, 0, errbuf);
        if(pcap_handle == NULL)
            pcap_fatal("pcap_open_live", errbuf);
        
        pcap_loop(pcap_handle, 3, caught_packet, NULL);
    
        pcap_close(pcap_handle);
    }
    
    void caught_packet(u_char *user_args, const struct pcap_pkthdr *cap_header, const u_char *packet) {
        int tcp_header_length, total_header_size, pkt_data_len;
        u_char *pkt_data;
        
        printf("==== Got a %d byte packet ====\n", cap_header->len);
    
    
        decode_ethernet(packet);
        decode_ip(packet+ETHER_HDR_LEN);
        tcp_header_length = decode_tcp(packet+ETHER_HDR_LEN+sizeof(struct ip_hdr));
    
        total_header_size = ETHER_HDR_LEN+sizeof(struct ip_hdr)+tcp_header_length;
        pkt_data = (u_char *)packet + total_header_size;  // pkt_data points to the data portion
        pkt_data_len = cap_header->len - total_header_size;
        if(pkt_data_len > 0) {
            printf("\t\t\t%u bytes of packet data\n", pkt_data_len);
            dump(pkt_data, pkt_data_len);
        } else
            printf("\t\t\tNo Packet Data\n");
    }
    
    void pcap_fatal(const char *failed_in, const char *errbuf) {
        printf("Fatal Error in %s: %s\n", failed_in, errbuf);
        exit(1);
    }
    
    void decode_ethernet(const u_char *header_start) {
        int i;
        const struct ether_hdr *ethernet_header;
    
        ethernet_header = (const struct ether_hdr *)header_start;
        printf("[[  Layer 2 :: Ethernet Header  ]]\n");
        printf("[ Source: %02x", ethernet_header->ether_src_addr[0]);
        for(i=1; i < ETHER_ADDR_LEN; i++)
            printf(":%02x", ethernet_header->ether_src_addr[i]);
    
        printf("\tDest: %02x", ethernet_header->ether_dest_addr[0]);
        for(i=1; i < ETHER_ADDR_LEN; i++)
            printf(":%02x", ethernet_header->ether_dest_addr[i]);
        printf("\tType: %hu ]\n", ethernet_header->ether_type);
    }
    
    void decode_ip(const u_char *header_start) {
        const struct ip_hdr *ip_header;
    
        ip_header = (const struct ip_hdr *)header_start;
        printf("\t((  Layer 3 ::: IP Header  ))\n");
        printf("\t( Source: %s\t", (char *) inet_ntoa(ip_header->ip_src_addr));
        printf("Dest: %s )\n", (char *) inet_ntoa(ip_header->ip_dest_addr));
        printf("\t( Type: %u\t", (u_int) ip_header->ip_type);
        printf("ID: %hu\tLength: %hu )\n", ntohs(ip_header->ip_id), ntohs(ip_header->ip_len));
    }
    
    u_int decode_tcp(const u_char *header_start) {
        u_int header_size;
        const struct tcp_hdr *tcp_header;
    
        tcp_header = (const struct tcp_hdr *)header_start;
        header_size = 4 * tcp_header->tcp_offset;
        
        printf("\t\t{{  Layer 4 :::: TCP Header  }}\n");
        printf("\t\t{ Src Port: %hu\t", ntohs(tcp_header->tcp_src_port));
        printf("Dest Port: %hu }\n", ntohs(tcp_header->tcp_dest_port));
        printf("\t\t{ Seq #: %u\t", ntohl(tcp_header->tcp_seq));
        printf("Ack #: %u }\n", ntohl(tcp_header->tcp_ack));
        printf("\t\t{ Header Size: %u\tFlags: ", header_size);
        if(tcp_header->tcp_flags & TCP_FIN)
            printf("FIN ");
        if(tcp_header->tcp_flags & TCP_SYN)
            printf("SYN ");
        if(tcp_header->tcp_flags & TCP_RST)
            printf("RST ");
        if(tcp_header->tcp_flags & TCP_PUSH)
            printf("PUSH ");
        if(tcp_header->tcp_flags & TCP_ACK)
            printf("ACK ");
        if(tcp_header->tcp_flags & TCP_URG)
            printf("URG ");
        printf(" }\n");
    
        return header_size;
    }

  2. #2
    Registered User
    Join Date
    Dec 2011
    Posts
    795
    #include "hacking.h"
    #include "hacking-network.h"
    Interesting...

    Read this (#6) -> Announcements - C++ Programming

    6. Messages relating to cracking, (erroneously called "hacking" by many), copyright violations, or other illegal activities will be deleted. Due to the overlapping boundaries of code with malicious intent, and other legitimate uses of it, the moderators will assess each potential infraction on a case by case basis.
    Edit: LOL, you stole the code from here. Nice job, wannabe hacker.
    Last edited by memcpy; 06-15-2012 at 06:43 PM.

  3. #3
    Registered User
    Join Date
    Jun 2012
    Posts
    2
    Quote Originally Posted by memcpy View Post
    Interesting...

    Read this (#6) -> Announcements - C++ Programming

    Edit: LOL, you stole the code from here. Nice job, wannabe hacker.
    If you want to be a security professional you need to have a start point. No, I read the John's book. I don't like so much code snippets from nowhere. And yes, I didn't know the rule. Most forums don't have it. Nice job being an idiot even without knowing my intentions or who I am.

    Edit: LOL, you break the copyright violation rule showing me the link to the book. Nice job, wannabe moralist.
    Last edited by p1t0hu1; 06-15-2012 at 07:43 PM.

  4. #4
    Registered User
    Join Date
    Mar 2005
    Location
    Juneda
    Posts
    291
    "...I know inet_ntoa is deprecated..."

    Then, why don't you start using using inet_pton() or inet_ntop() functions rather tha discuss about wannabes jobs? Also, are you using a hacking library (hacking*.h) that cannot solve a network to ascii routine ?? This is not no secure, much less professional. As you said 'you need to have a start point', take a look at the beejs: be sure what are you argumenting to the inet_ntoa function, maybe is not a netwoking error but a C language (or whatever) misunderstanding.

    Niara

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Help using inet_ntoa()
    By Noob_Zaiboot in forum C Programming
    Replies: 5
    Last Post: 11-19-2011, 06:08 AM
  2. strcpy and inet_ntoa
    By AdamOhio76 in forum C Programming
    Replies: 1
    Last Post: 05-09-2011, 06:38 PM
  3. inet_ntoa to strings
    By TomChesley in forum Networking/Device Communication
    Replies: 7
    Last Post: 02-24-2009, 05:01 PM
  4. Replies: 1
    Last Post: 04-05-2003, 08:39 AM
  5. inet_ntoa() or not?
    By PhilB in forum C Programming
    Replies: 1
    Last Post: 05-01-2002, 04:02 PM

Tags for this Thread