- 论坛徽章:
- 0
|
段错误一般跟内存分配,指针有关,不过,偶找了半天,还是没找出来,编译通过,但是执行的时候报段错误,希望有能人能看一哈,构造一个80211的管理帧,sample的一个程序被修改了哈
注释中给出了函数原型
/*管理帧 连接请求*/
#include "../include/config.h"
#include "./libnet_test.h"
u_int8_t enet_bssid[6] = {0x00, 0x0F, 0xB5, 0xA9, 0xA4, 0x08}; /* my SMC AP */
u_int8_t enet_ta[6] = {0x33, 0x33, 0x33, 0x33, 0x33, 0x33};
u_int8_t enet_src[6] = {0x00, 0x0A, 0xEB, 0x89, 0xD9, 0x3F};
u_int8_t enet_dst[6] = {0x00, 0x0F, 0xB5, 0xA9, 0xA4, 0x08};
u_int8_t *hwda = enet_dst;
u_int8_t *hwsa = enet_src;
u_int8_t *hwta = enet_ta;
u_int8_t *bssid = enet_bssid;
int main()
{
int c;
libnet_t *l=NULL;
libnet_ptag_t t = 0;
char errbuf[LIBNET_ERRBUF_SIZE];
u_int16_t fc,ci;
char *ssid = "netgear";
char *rates = "\x82\x84\x8b\x96\xff";
int mode = LIBNET_LINK;
l = libnet_init(
LIBNET_LINK, /* injection type */
NULL, /* network interface */
errbuf); /* errbuf */
if (l == NULL)
{
printf("%s\n", errbuf);
exit(EXIT_FAILURE);
}
printf("Writng to wlan0 (mode=%d)\n", mode);
/* u_int16_t libnet_build_802_11_cap_info(
u_int8_t ess, u_int8_t ibss,
u_int8_t cf_pollable, u_int8_t cf_poll_req,
u_int8_t privacy, u_int8_t preamble,
u_int8_t pbcc, u_int8_t channel_agility,
u_int8_t r1, u_int8_t short_slot_time,
u_int8_t r2, u_int8_t dss_ofdm,
u_int8_t r3)
*/
ci = libnet_build_802_11_cap_info(
1, 0, 0, 0, 1, 1, 0, 0,
00, 1, 00, 0, 00);
/* libnet_ptag_t libnet_build_802_11_mngt_assoc_req(
u_int16_t capab_info,
u_int16_t l_int,
u_int8_t slen, u_int8_t *ssid,
u_int8_t rlen, u_int8_t *rates,
u_int8_t *payload,
u_int32_t payload_s,
libnet_t *l,
libnet_ptag_t ptag)
*/
t = libnet_build_802_11_mngt_assoc_req(
ci, /* capab_info */
0xdead, /* listen_int */
strlen(ssid), /* lenght of ssid */
(u_int8_t *)atoi(ssid), /* SSID */
strlen(rates), /* lenght of rates */
(u_int8_t *)atoi(rates), /* supported rates */
NULL, /* payload */
0, /* payload size */
l, /* libnet context */
0); /* libnet id */
if (t == -1)
{
printf("Can't build 802.11 MNGT header (stype=assoc_req): %s\n",
libnet_geterror(l));
goto bad;
}
else printf("assoc_req suceed");
/*u_int16_t libnet_build_802_11_frame_control(
u_int8_t version, u_int8_t type,
u_int8_t subtype, u_int8_t to_ds,
u_int8_t from_ds, u_int8_t more_frag,
u_int8_t retry, u_int8_t pwr_man,
u_int8_t more_data, u_int8_t wep,
u_int8_t order)
*/
fc = libnet_build_802_11_frame_control(
0, /* version */
LIBNET_802_11_FC_TYPE_MGMT, /* type */
LIBNET_802_11_FC_STYPE_ASSOC_REQ, /* subtype */
0, /* to_ds */
0, /* from_ds */
0, /* more_frag */
0, /* retry */
0, /* power management */
0, /* more data */
0, /* wep */
0 /* order */
);
printf("frame control = 0x%04x\n", fc);
/*libnet_ptag_t libnet_build_802_11_mngt(u_int16_t fc, u_int16_t dur_id,
u_int8_t da[6], u_int8_t sa[6],
u_int8_t bssid[6], u_int16_t seq_ctrl,
u_int8_t *payload, u_int32_t payload_s,
libnet_t *l, libnet_ptag_t ptag)
*/
t = libnet_build_802_11_mngt(
fc, /* frame control */
LIBNET_802_11_DURATION_SET_NAV(0x2345), /* duration */
hwda, /* dst hardware addr */
hwsa, /* src hardware addr */
bssid, /* AP hardware addr */
LIBNET_802_11_SEQ_CTRL(4,0x321), /* seq / ctrl */
NULL, /* payload */
0, /* payload size */
l, /* libnet context */
0); /* libnet id */
if (t == -1)
{
printf("Can't build 802.11 MNGT header: %s\n",
libnet_geterror(l));
goto bad;
}
/* libnet_dump(stderr, l); */
c = libnet_write(l); /*send packet*/
if (c == -1)
{
printf("Write error: %s\n", libnet_geterror(l));
goto bad;
}
else
{
printf("Wrote %d byte 802.11 packet\n", c);
}
printf("over");
libnet_destroy(l);
return (EXIT_SUCCESS);
bad:
libnet_destroy(l);
return (EXIT_FAILURE);
} |
|
免费注册
发表于 2007-01-06 10:59