scan nmap output ask user for choice

Author: avan-pra

.gitignore

@@ -5,5 +5,6 @@ arpmess
 .bash_history
 peda*
 manuf
+res
 .gdb_history
 .vscode

Makefile

@@ -2,7 +2,7 @@ NAME = arpmess
 
 CC = gcc
 
-CFLAGS = -I$(HEAD_DIR) -lpthread
+CFLAGS = -I$(HEAD_DIR) -lpthread -lm
 
 HEAD_DIR = ./head/
 

head/define.h

@@ -23,7 +23,8 @@
 # define MACCOLOR ANSI_COLOR_BRIGHT_YELLOW
 # define NETMASKCOLOR ANSI_COLOR_BRIGHT_MAGENTA
 
-# define PROG_NAME "arpmess"
+# define PROGNAME "arpmess"
+# define PROMPT ANSI_COLOR_BRIGHT_MAGENTA""PROGNAME""ANSI_COLOR_RESET" "ANSI_COLOR_BRIGHT_WHITE"Ɛ> "ANSI_COLOR_RESET
 # define SOCKET int
 # define IPV4_LEN 4
 // # define ETH_HLEN sizeof(eth)
@@ -39,17 +40,20 @@
 # define TELLIFACE(IFACENAME) { printf("%sFound available interface "IFACECOLOR"%s"ANSI_COLOR_RESET"\n", SAMPLE_NEW, IFACENAME); }
 # define TELLGATEWAY(GATEWAYPA) { printf("%sFound gateway protocol address "IPV4COLOR"%hhu.%hhu.%hhu.%hhu"ANSI_COLOR_RESET"\n", SAMPLE_NEW, GATEWAYPA[0], GATEWAYPA[1], GATEWAYPA[2], GATEWAYPA[3]); }
 # define TELLIFACEINFO(IFACENAME, IPV4, MASK, MAC) { printf("%sFound netmask for network: "NETMASKCOLOR"%hhu.%hhu.%hhu.%hhu"ANSI_COLOR_RESET"\n%sFound ipv4 for interface "IFACECOLOR"%s"ANSI_COLOR_RESET": "IPV4COLOR"%d.%d.%d.%d"ANSI_COLOR_RESET"\n%sFound mac for interface "IFACECOLOR"%s"ANSI_COLOR_RESET": "MACCOLOR"%02x:%02x:%02x:%02x:%02x:%02x"ANSI_COLOR_RESET"\n", SAMPLE_NEW, MASK[0], MASK[1], MASK[2], MASK[3], SAMPLE_NEW, IFACENAME, IPV4[0], IPV4[1], IPV4[2], IPV4[3], SAMPLE_NEW, IFACENAME, MAC[0], MAC[1], MAC[2], MAC[3], MAC[4], MAC[5]); }
-# define TELLSCAN(IPV4, MASK) { printf("%susing nmap, arp scanning network "IPV4COLOR"%hhu.%hhu.%hhu.%hhu"ANSI_COLOR_RESET"/"NETMASKCOLOR"%d"ANSI_COLOR_RESET"\n", SAMPLE_INFO, IPV4[0] & MASK[0], IPV4[1] & MASK[1], IPV4[2] & MASK[2], IPV4[3] & MASK[3], __builtin_popcount(*(uint32_t*)MASK)); }
+# define TELLSCAN(IPV4, MASK) { printf("%sUsing nmap, arp scanning network "IPV4COLOR"%hhu.%hhu.%hhu.%hhu"ANSI_COLOR_RESET"/"NETMASKCOLOR"%d"ANSI_COLOR_RESET"\n", SAMPLE_INFO, IPV4[0] & MASK[0], IPV4[1] & MASK[1], IPV4[2] & MASK[2], IPV4[3] & MASK[3], __builtin_popcount(*(uint32_t*)MASK)); }
 # define TELLHANGON() { printf("%snmap scan running, hang on...\n", SAMPLE_INFO); }
-# define TELLDONESCANNING(N, NT) { printf("%sdone scanning %d out of %d hosts are up\n", SAMPLE_INFO, N, NT); }
+# define TELLDONESCANNING(N, NT) { printf("%sDone scanning, %d out of %d hosts are up\n", SAMPLE_INFO, N, NT); }
+# define TELLGATEWAYHA(HA) { printf("%sFound gateway hardware address: "MACCOLOR"%02x:%02x:%02x:%02x:%02x:%02x"ANSI_COLOR_RESET"\n", SAMPLE_NEW, HA[0], HA[1], HA[2], HA[3], HA[4], HA[5]); }
 
 # define TELLEXITING() { printf("Exiting program...\n"); }
 
-# define ERROR_UID(UID, PROG_PATH) { fprintf(stderr, "%sexpected uid %d to run %s, got %d\n", SAMPLE_ERROR, 0, PROG_PATH, UID); }
+# define ERROR_UID(UID, PROG_PATH) { fprintf(stderr, "%sExpected uid %d to run %s, got %d\n", SAMPLE_ERROR, 0, PROG_PATH, UID); }
 # define ERROR_EXIT() { fprintf(stderr, "%s"ANSI_COLOR_RED"Exiting...\n"ANSI_COLOR_RESET, SAMPLE_ERROR); }
-# define ERROR_NO_IFACE(IFACENAME) { IFACENAME == NULL ? fprintf(stderr, "%scould not find a fitting interface\n", SAMPLE_ERROR) : printf("%sinterface %s not found or not fitting\n", SAMPLE_ERROR, IFACENAME); }
-# define ERROR_NO_GATEWAY() { fprintf(stderr, "%scould not find a gateway\n", SAMPLE_ERROR); }
-# define ERROR_NO_INFO_FOR_IFACE(IFACENAME) { fprintf(stderr, "%scould not find ipv4 and harware address of interface %s\n", SAMPLE_ERROR, IFACENAME); }
+# define ERROR_NO_IFACE(IFACENAME) { IFACENAME == NULL ? fprintf(stderr, "%sCould not find a fitting interface\n", SAMPLE_ERROR) : printf("%sinterface %s not found or not fitting\n", SAMPLE_ERROR, IFACENAME); }
+# define ERROR_NO_GATEWAY() { fprintf(stderr, "%sCould not find a gateway\n", SAMPLE_ERROR); }
+# define ERROR_NO_INFO_FOR_IFACE(IFACENAME) { fprintf(stderr, "%sCould not find ipv4 and harware address of interface %s\n", SAMPLE_ERROR, IFACENAME); }
+# define ERROR_MALLOC() { fprintf(stderr, "%smalloc() returned NULL\n", SAMPLE_ERROR); }
+# define ERROR_NMAP(LINE) { fprintf(stderr, "%s The nmap scan returned an incomprehensible line: |%s|", SAMPLE_ERROR, LINE); }
 
 # define ASK_OLD_OR_NEW_IP(uchoice, name, old, new) {\
 	printf("More than 1 ipv4 have been detected for the selected interface %s\n\
@@ -71,6 +75,16 @@
 	}\
 }
 
+# define ASK_ATTACK_TYPE() { printf("\n%sChoose an option from the menu:\n\
+\n\
+\t"ANSI_COLOR_BRIGHT_YELLOW"["ANSI_COLOR_BRIGHT_RED"1"ANSI_COLOR_BRIGHT_YELLOW"]"ANSI_COLOR_RESET" Kick "ANSI_COLOR_BRIGHT_WHITE"ONE"ANSI_COLOR_RESET" Off\n\
+\t"ANSI_COLOR_BRIGHT_YELLOW"["ANSI_COLOR_BRIGHT_RED"2"ANSI_COLOR_BRIGHT_YELLOW"]"ANSI_COLOR_RESET" Kick "ANSI_COLOR_BRIGHT_WHITE"SOME"ANSI_COLOR_RESET" Off\n\
+\t"ANSI_COLOR_BRIGHT_YELLOW"["ANSI_COLOR_BRIGHT_RED"3"ANSI_COLOR_BRIGHT_YELLOW"]"ANSI_COLOR_RESET" Kick "ANSI_COLOR_BRIGHT_WHITE"ALL"ANSI_COLOR_RESET" Off\n\
+\n\
+\t"ANSI_COLOR_BRIGHT_YELLOW"["ANSI_COLOR_BRIGHT_RED"E"ANSI_COLOR_BRIGHT_YELLOW"]"ANSI_COLOR_BRIGHT_WHITE" Exit"ANSI_COLOR_RESET"\n\
+\n\
+"PROMPT, SAMPLE_INFO); }
+
 # include "struct.h"
 
 #endif

head/struct.h

@@ -46,11 +46,21 @@ typedef struct arguments
 	int verbose;
 	char *target_list;
 	char ifacename[IF_NAMESIZE];
+	uint32_t scanamount;	/* number of result in the scan */
 	uint8_t gateway_pa[IPV4_LEN];	/* gateway protocol (IPv4) addr */
 	uint8_t gateway_ha[ETH_ALEN];	/* gateway hardware addr */
 	uint8_t netmask[IPV4_LEN];	/* network mask */
 	uint8_t self_pa[IPV4_LEN];	/* sender protocol (IPv4) addr */
 	uint8_t self_ha[ETH_ALEN];	/* sender hardware addr */
 }	t_arguments;
 
+typedef struct nmap_t
+{
+	uint32_t idx;
+	uint8_t pa[IPV4_LEN];
+	uint8_t ha[ETH_ALEN];
+	char *vendor;
+	char *vendor_extra;
+}	nmap_r;
+
 # endif

head/utils.h

@@ -10,10 +10,14 @@ int argparse(int argc, char **argv, struct arguments *arguments);
 int get_gateway_ip(void);
 int get_network_interface(char ifacename[IF_NAMESIZE], uint8_t gateway_pa[IPV4_LEN]);
 int get_network_interface_addresses(char name[IF_NAMESIZE], uint8_t ipv4[IPV4_LEN], uint8_t mac[ETH_ALEN], uint8_t netmask[ETH_ALEN]);
-int nmapscan(uint8_t gateway_pa[IPV4_LEN], uint8_t netmask[IPV4_LEN]);
+nmap_r **nmapscan(struct arguments *arguments);
+nmap_r **parse_arp_scan(FILE *fd, const struct arguments *arguments);
+void free_arp_scan(nmap_r **scan);
+
 
 /* interactive.c */
 int ask_user_for_gateway();
+int ask_attack_type();
 
 /* utils.c */
 int is_hbroadcast_addr(const uint8_t addr[ETH_ALEN]);

srcs/interactive.c

@@ -1,4 +1,14 @@
 # include <stdio.h>
+# include "utils.h"
+
+int ask_attack_type()
+{
+	int action;
+
+	ASK_ATTACK_TYPE();
+	while (scanf(" %c", &action) == 0)
+		ASK_ATTACK_TYPE();
+}
 
 int ask_user_for_gateway()
 {

srcs/main.c

@@ -5,6 +5,8 @@
 int main(int argc, char **argv)
 {
 	struct arguments arguments = { 0x0 };
+	nmap_r **scan = NULL; /* hold result of the arp nmap scan */
+	int action;
 
 	argparse(argc, argv, &arguments);
 
@@ -20,12 +22,19 @@ int main(int argc, char **argv)
 	if (get_network_interface_addresses(arguments.ifacename, arguments.self_pa, arguments.self_pa, arguments.netmask) != 0)
 		goto err;//error no hardware addr or protocol address for specified interface
 
-	if (arguments.target_list == NULL)
-		nmapscan(arguments.gateway_pa, arguments.netmask);
+	/* the target arg should be handle around here */
+	/* arguments.target_list == NULL */
+	if (!(scan = nmapscan(&arguments))) 
+		goto err;
 
+	action = ask_attack_type();
+
+	free_arp_scan(scan);
 	return 0;
 
 err:
+	if (scan)
+		free_arp_scan(scan);
 	ERROR_EXIT();
 	return 1;
 }

srcs/network.c

@@ -11,9 +11,11 @@
 #include <pthread.h>
 #include <unistd.h>
 #include <sys/time.h>
+#include <math.h>
 
 #include "define.h"
 #include "utils.h"
+#include "struct.h"
 
 /* retreive IPv4 address and mac address of the requestes name interface */
 int get_network_interface_addresses(char name[IF_NAMESIZE], uint8_t ipv4[IPV4_LEN], uint8_t mac[ETH_ALEN], uint8_t netmask[ETH_ALEN])
@@ -135,37 +137,103 @@ static void *print_nmap_running(void *argp)
 	}
 }
 
+void free_arp_scan(nmap_r **scan)
+{
+	for (size_t i = 0; scan && scan[i] != NULL; ++i) {
+		if (scan[i]->vendor != NULL)
+			free(scan[i]->vendor);
+		if (scan[i]->vendor_extra != NULL)
+			free(scan[i]->vendor_extra);
+		free(scan[i]);
+	}
+	if (scan)
+		free(scan);
+}
+
+nmap_r **parse_arp_scan(FILE *fd, const struct arguments *arguments)
+{
+	char *line = NULL;
+	size_t size = 0;
+	uint32_t idx = 0;
+	nmap_r **scan = NULL;
+	nmap_r *current = NULL;
+
+	while (getline(&line, &size, fd) > 0) {
+
+		/* new host */
+		if (strncmp("Nmap scan report for ", line, 21) == 0) {
+			if (!(scan = realloc(scan, (idx + 2) * sizeof(nmap_r*))))
+				{ ERROR_MALLOC(); goto err; }
+			scan[idx + 1] = NULL;
+			if (!(scan[idx] = calloc(1, sizeof(nmap_r))))
+				{ ERROR_MALLOC(); goto err; }
+			scan[idx]->idx = idx;
+			current = scan[idx];
+			sscanf(line, "Nmap scan report for %hhu.%hhu.%hhu.%hhu", &current->pa[0], &current->pa[1], &current->pa[2], &current->pa[3]);
+			++idx;
+		}
+		/* fille the mac addr of the current host */
+		if (strncmp("MAC Address: ", line, 13) == 0) {
+			if (current == NULL)
+				{ ERROR_NMAP(line); goto err; }
+			sscanf(line, "MAC Address: %hhx:%hhx:%hhx:%hhx:%hhx:%hhx", &current->ha[0], &current->ha[1], &current->ha[2], &current->ha[3],  &current->ha[4], &current->ha[5]);
+			current = NULL;
+		}
+		free(line);
+		line = NULL;
+	}
+	free(line);
+	return scan;
+
+err:
+	free_arp_scan(scan);
+	return NULL;
+}
+
 /* scan the network with arp request using nmap */
-int nmapscan(uint8_t gateway_pa[IPV4_LEN], uint8_t netmask[IPV4_LEN])
+nmap_r **nmapscan(struct arguments *arguments)
 {
 	char command[128];
 	FILE *fd;
 	pthread_t thread; /* used to print hang on to stdout */
 	int scan_status = 1;
+	nmap_r **scan = NULL; /* hold result of the arp nmap scan */
 
 	/* this ISNT portable at all but give me a simpler anwser than what's on this thread and i put it
 	https://stackoverflow.com/questions/6657475/netmask-conversion-to-cidr-format-in-c */
 	snprintf(command, 128, "nmap -PR -sn %hhu.%hhu.%hhu.%hhu/%d",
-		gateway_pa[0] & netmask[0], gateway_pa[1] & netmask[1],
-		gateway_pa[2] & netmask[2], gateway_pa[3] & netmask[3],
-		__builtin_popcount(*(uint32_t*)netmask)
+		arguments->gateway_pa[0] & arguments->netmask[0], arguments->gateway_pa[1] & arguments->netmask[1],
+		arguments->gateway_pa[2] & arguments->netmask[2], arguments->gateway_pa[3] & arguments->netmask[3],
+		__builtin_popcount(*(uint32_t*)arguments->netmask)
 	);
-	TELLSCAN(gateway_pa, netmask);
+	TELLSCAN(arguments->gateway_pa, arguments->netmask);
 
-	fd = popen(command, "r");
+	// fd = popen(command, "r");
+	fd = fopen("res", "r");
 	pthread_create(&thread, NULL, print_nmap_running, &scan_status);
-	if ( fd ) {
-		char line[256];
-		while (!feof(fd)) {
-			char *line = NULL;
-			size_t size;
-			getline(&line, &size, fd);
-			// printf("%s\n", line);
-			free(line);
-		}
-		pclose(fd);
-	}
+
+	if (!(scan = parse_arp_scan(fd, arguments)))
+		goto err;
+	pclose(fd);
+
 	scan_status = 0;
 	pthread_join(thread, NULL);
-	TELLDONESCANNING(2, 256);
+
+	/* retreive the gateway HA from the scan and get the amount of entry */ 
+	size_t i;
+	for (i = 0; scan[i] != NULL; ++i) {
+		if (is_ipv4_equal(scan[i]->pa, arguments->gateway_pa)) {
+			for (int j = 0; j < ETH_ALEN; ++j)
+				arguments->gateway_ha[j] = scan[i]->ha[j];
+		}
+	}
+	arguments->scanamount = i;
+
+	TELLDONESCANNING(arguments->scanamount, (int)pow(2, ((32 - __builtin_popcount(*(uint32_t*)arguments->netmask)))));
+	TELLGATEWAYHA(arguments->gateway_ha);
+	return scan;
+
+err:
+	pclose(fd);
+	return NULL;
 }