Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: libdnet problem with monitor mode interfaces
From: David Fifield <david () bamsoftware com>
Date: Tue, 29 May 2012 08:10:58 -0700

On Tue, May 29, 2012 at 03:20:48PM +0100, Djalal Harouni wrote:
On Tue, May 29, 2012 at 03:06:42PM +0100, Djalal Harouni wrote:
[...]
Not sure how to fix cleanly, but ignoring the return code of
addr_ston() line 516 makes it work.
Ok, it seems for the monitor mode the address family will be
set to ARPHRD_IEEE80211_RADIOTAP == 803 [1] which is not supported by
addr_ston().

We could replace that addr_ston() in _intf_get_noalias() by:
 memcpy(&entry->intf_link_addr.addr_eth, &ifr.ifr_addr.sa_data, ETH_ADDR_LEN)
Actually after responding to David I think that we should just use
memcpy() to get the hardware address, I don't know why there is the
addr_ston() ? and in other places they use addr_ntos()...

Another patch is attached, this will show if you have an interface with
the monitor mode and if the inet address is null.

Index: libdnet-stripped/src/intf.c
===================================================================
--- libdnet-stripped/src/intf.c       (revision 28753)
+++ libdnet-stripped/src/intf.c       (working copy)
@@ -513,8 +513,7 @@
 #if defined(SIOCGIFHWADDR)
              if (ioctl(intf->fd, SIOCGIFHWADDR, &ifr) < 0)
                      return (-1);
-             if (addr_ston(&ifr.ifr_addr, &entry->intf_link_addr) < 0)
-                     return (-1);
+             memcpy(&entry->intf_link_addr, &ifr.ifr_addr.sa_data, ETH_ADDR_LEN);
 #elif defined(SIOCRPHYSADDR)
              /* Tru64 */
              struct ifdevea *ifd = (struct ifdevea *)&ifr; /* XXX */

Wouldn't it be better to add this support to addr_ston? There is already
the same memcpy in addr_ston, but only for the types AF_UNSPEC and
ARP_HRD_ETH. Does adding ARPHRD_IEEE80211_RADIOTAP in addr_ston solve
the problem too?

addr_ston converts a struct sockaddr to libdnet's own struct addr.
addr_ntos goes the other direction. I remember them as "sockaddr to
numeric" and "numeric to sockaddr."

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]