Code:
#include <stdio.h>
#include <stdlib.h>
#include "framehdr.h"
#define SIZE_ETHERNET 14
#define SIZE_BUFFER 1000
int main() {
char buffer[SIZE_BUFFER];
FILE *file = fopen("TCPdump", "rb");
// Get total length of package in bytes
int totLenPkg;
fscanf(file, "%d", &totLenPkg);
printf("Total length of package: %d", totLenPkg);
// Read the package only
fgets(buffer, SIZE_BUFFER, file);
if (file == NULL) {
printf("Error");
exit(1);
}
void* packet = malloc(totLenPkg);
printf("\n\n");
printf("--- Ethernet ---\t");
printf("--- IP ---");
printf("\t\t--- TCP ---\n");
// Convert void* pointer to ethernet_hdr* pointer
struct ethernet_hdr* getEthernet = (struct ethernet_hdr*)packet;
fread(packet, totLenPkg, 1, file);
// Convert void* pointer to ip_hdr* pointer and get IP-package
struct ip_hdr *getIP = (struct ip_hdr*)(packet + SIZE_ETHERNET);
unsigned char *srcAdress = (unsigned char*)&getIP->src;
unsigned char *dstAdress = (unsigned char*)&getIP->dst;
// Size of IP
int sizeIP = IP_HL(getIP);
printf("\nsizeIP: %d\n", sizeIP);
// The source adress
printf("\nsrc: ");
int i;
for (i = 0; i < 4; i++) {
printf("%d.", srcAdress[i]);
}
// The destination adress
printf("\ndst: ");
int j;
for (j = 0; j < 4; j++) {
printf("%d.", dstAdress[j]);
}
// TCP-package
struct tcp_hdr* getTCP = (struct tcp_hdr*)(packet + SIZE_ETHERNET + sizeIP);
int sizeTCP = TH_OFF(getTCP);
printf("\nsizeTCP: %d", sizeTCP);
// Payload-package
struct tcp_hdr* getPayload = (struct tcp_hdr*)(packet + SIZE_ETHERNET + sizeIP + sizeTCP);
unsigned char *str = (unsigned char*)getPayload;
printf("\n");
int k = 0;
int size = ftell(file);
printf("\nftell: %d\n", size);
while (fgets(buffer, SIZE_BUFFER, file) != NULL) {
printf("\nftell: %d\n", size);
printf("%s\n", str);
if (*buffer == '\n') { // *buffer == '\n' fgets(buffer, SIZE_BUFFER, file) == '\0'
size = ftell(file);
fseek(file, size, SEEK_CUR);
printf("SEEK_CUR: %d", SEEK_CUR);
printf("\nftell: %d\n", size);
//*str += size;
}
/*
if (fgets(buffer, SIZE_BUFFER, file) == NULL) {
fseek(file, 123*sizeof(char*), SEEK_CUR);
}*/
k++;
}
/*fseek(file, sizeof(char*), SEEK_CUR);
int h = 0;
while (fgets(buffer, SIZE_BUFFER, file) != NULL) {
printf("%s\n", str);
h++;
}*/
free(packet);
fclose(file);
return 0;
}
framehdr.h
Code:
/*
* Credit to Tim Carstens for the contents of this file
* http://www.tcpdump.org/pcap.html
*/
#ifndef FRAMEHDR_H
#define FRAMEHDR_H
/* Ethernet addresses are 6 bytes */
#define ETHER_ADDR_LEN 6
/* Ethernet header */
struct ethernet_hdr {
unsigned char dhost[ETHER_ADDR_LEN]; /* Destination host address */
unsigned char shost[ETHER_ADDR_LEN]; /* Source host address */
unsigned short type; /* IP? ARP? RARP? etc */
};
/* IP header */
struct ip_hdr {
unsigned char vhl; /* Version and header length */
unsigned char tos; /* Type of service */
unsigned short len; /* Total length */
unsigned short id; /* Identification */
unsigned short off; /* Fragment offset field */
unsigned char ttl; /* Time to live */
unsigned char p; /* Protocol */
unsigned short ip_sum; /* Checksum */
unsigned int src, dst; /* Source and dest address */
};
#define IP_HL(ip) ((((ip)->vhl) & 0x0f) * 4) /* Gets length of the IP header, use with (ip_hdr *) */
/* TCP header */
typedef unsigned int tcp_seq;
struct tcp_hdr {
unsigned short sport; /* Source port */
unsigned short dport; /* Destination port */
tcp_seq seq; /* Sequence number */
tcp_seq ack; /* Acknowledgement number */
unsigned char offx2; /* Data offset, rsvd */
unsigned char flags;
unsigned short win; /* Window */
unsigned short sum; /* Checksum */
unsigned short urp; /* Urgent pointer */
};
#define TH_OFF(th) ((((th)->offx2 & 0xf0) >> 4) * 4) /* Gets length of the TCP header, use with (tcp_hdr *) */
#endif