From 28338289e5be12369c6df425883757a27e2508c6 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Thu, 9 Dec 2021 15:05:59 -0500 Subject: [PATCH 01/28] =?UTF-8?q?=F0=9F=8E=89=20revert=20to=20QT=20used=20?= =?UTF-8?q?version?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 75 ++++++++ README.md | 7 + app/captiveportal/captiveportal.cpp | 178 ++++++++++++++++++ app/captiveportal/captiveportal.h | 39 ++++ app/captiveportal/captiveportal.pro | 43 +++++ app/captiveportal/main.cpp | 44 +++++ app/captiveportal/stdafx.h | 21 +++ app/captiveportal/weudpclient.cpp | 40 ++++ app/captiveportal/weudpclient.h | 19 ++ app/captiveportal/weudpserver.cpp | 32 ++++ app/captiveportal/weudpserver.h | 22 +++ app/captiveportal/weupdater.cpp | 109 +++++++++++ app/captiveportal/weupdater.h | 23 +++ app/cpsingle-test/captiveportal.cpp | 157 ++++++++++++++++ app/cpsingle-test/captiveportal.h | 35 ++++ app/cpsingle-test/cpsingle-test.pro | 21 +++ app/cpsingle-test/main.cpp | 13 ++ app/cpsingle-test/stdafx.h | 21 +++ app/udp-test/main.cpp | 22 +++ app/udp-test/udp-test.pro | 25 +++ app/weupdater-test/main.cpp | 17 ++ app/weupdater-test/stdafx.h | 7 + app/weupdater-test/weupdater-test.pro | 27 +++ app/weupdater-test/weupdater.cpp | 106 +++++++++++ app/weupdater-test/weupdater.h | 24 +++ cp.pri | 4 + src/http.h | 10 + src/httprequest.cpp | 251 ++++++++++++++++++++++++++ src/httprequest.h | 44 +++++ src/httpresponse.cpp | 239 ++++++++++++++++++++++++ src/httpresponse.h | 38 ++++ src/socket.cpp | 6 + src/socket.h | 37 ++++ src/tcpclient.cpp | 25 +++ src/tcpclient.h | 15 ++ src/tcpsocket.cpp | 51 ++++++ src/tcpsocket.h | 15 ++ src/udpclient.cpp | 39 ++++ src/udpclient.h | 19 ++ src/udpserver.cpp | 38 ++++ src/udpserver.h | 21 +++ src/udpsocket.cpp | 51 ++++++ src/udpsocket.h | 24 +++ version.txt | 1 + 44 files changed, 2055 insertions(+) create mode 100755 .gitignore create mode 100755 README.md create mode 100755 app/captiveportal/captiveportal.cpp create mode 100755 app/captiveportal/captiveportal.h create mode 100755 app/captiveportal/captiveportal.pro create mode 100755 app/captiveportal/main.cpp create mode 100755 app/captiveportal/stdafx.h create mode 100755 app/captiveportal/weudpclient.cpp create mode 100755 app/captiveportal/weudpclient.h create mode 100755 app/captiveportal/weudpserver.cpp create mode 100755 app/captiveportal/weudpserver.h create mode 100755 app/captiveportal/weupdater.cpp create mode 100755 app/captiveportal/weupdater.h create mode 100755 app/cpsingle-test/captiveportal.cpp create mode 100755 app/cpsingle-test/captiveportal.h create mode 100755 app/cpsingle-test/cpsingle-test.pro create mode 100755 app/cpsingle-test/main.cpp create mode 100755 app/cpsingle-test/stdafx.h create mode 100755 app/udp-test/main.cpp create mode 100755 app/udp-test/udp-test.pro create mode 100755 app/weupdater-test/main.cpp create mode 100755 app/weupdater-test/stdafx.h create mode 100755 app/weupdater-test/weupdater-test.pro create mode 100755 app/weupdater-test/weupdater.cpp create mode 100755 app/weupdater-test/weupdater.h create mode 100755 cp.pri create mode 100755 src/http.h create mode 100755 src/httprequest.cpp create mode 100755 src/httprequest.h create mode 100755 src/httpresponse.cpp create mode 100755 src/httpresponse.h create mode 100755 src/socket.cpp create mode 100755 src/socket.h create mode 100755 src/tcpclient.cpp create mode 100755 src/tcpclient.h create mode 100755 src/tcpsocket.cpp create mode 100755 src/tcpsocket.h create mode 100755 src/udpclient.cpp create mode 100755 src/udpclient.h create mode 100755 src/udpserver.cpp create mode 100755 src/udpserver.h create mode 100755 src/udpsocket.cpp create mode 100755 src/udpsocket.h create mode 100755 version.txt diff --git a/.gitignore b/.gitignore new file mode 100755 index 0000000..44da3df --- /dev/null +++ b/.gitignore @@ -0,0 +1,75 @@ +# This file is used to ignore files which are generated +# ---------------------------------------------------------------------------- + +*~ +*.autosave +*.a +*.core +*.moc +*.o +*.obj +*.orig +*.rej +*.so +*.so.* +*_pch.h.cpp +*_resource.rc +*.qm +.#* +*.*# +core +!core/ +tags +.DS_Store +.directory +*.debug +Makefile* +*.prl +*.app +moc_*.cpp +ui_*.h +qrc_*.cpp +Thumbs.db +*.res +*.rc +/.qmake.cache +/.qmake.stash + +# qtcreator generated files +*.pro.user* + +# xemacs temporary files +*.flc + +# Vim temporary files +.*.swp + +# Visual Studio generated files +*.ib_pdb_index +*.idb +*.ilk +*.pdb +*.sln +*.suo +*.vcproj +*vcproj.*.*.user +*.ncb +*.sdf +*.opensdf +*.vcxproj +*vcxproj.* + +# MinGW generated files +*.Debug +*.Release + +# Python byte code +*.pyc + +# Binaries +# -------- +*.dll +*.exe + +bin/ +build-*/ diff --git a/README.md b/README.md new file mode 100755 index 0000000..89627b1 --- /dev/null +++ b/README.md @@ -0,0 +1,7 @@ +# cp + +clone "g" at same clone location where cp dir exists. + +test remove flow with url below + +http://wifievent.io/sungjin.html diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp new file mode 100755 index 0000000..9569b82 --- /dev/null +++ b/app/captiveportal/captiveportal.cpp @@ -0,0 +1,178 @@ +#include "captiveportal.h" + +CaptivePortal::CaptivePortal() +{ + capturer_.hostDetect_.checkDhcp_ = true; + capturer_.hostDetect_.checkArp_ = true; + capturer_.hostDetect_.checkIp_ = true; + + tcpblock_.backwardBlockType_ = GTcpBlock::Fin; + + QObject::connect( + &capturer_, + SIGNAL(captured(GPacket*)), + this, + SLOT(processPacket(GPacket*)), + Qt::DirectConnection + ); + + tcpblock_.writer_ = &writer_; +} + +void CaptivePortal::setComponent() +{ + capturer_.intfName_ = intfname_; + tcpblock_.backwardFinMsg_ = QStringList{"HTTP/1.0 302 Redirect\r\n" + "Location: "+redirectpage_+"\r\n" + "\r\n"}; +} + +bool CaptivePortal::doOpen() +{ + QUrl url = redirectpage_; + struct addrinfo *servinfo; + struct addrinfo hints; + char host[16]; + + QString domain = url.host(); + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = AF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + if(getaddrinfo(qPrintable(domain), NULL, &hints, &servinfo)) + { + qDebug() << "failed to get host ip"; + exit(1); + } + + getnameinfo(servinfo->ai_addr, + servinfo->ai_addrlen, + host, sizeof(host), + NULL, + 0, + NI_NUMERICHOST); + + QString ip = QString(host); + host_ = GIp(ip); + qInfo() << "domain=" << redirectpage_ << "," << "ip=" << QString(host_); + + setComponent(); + + if(!(writer_.open())) + { + qDebug() << "failed to open writer"; + return false; + } + if(!(tcpblock_.open())) + { + qDebug() << "failed to open tcpblock"; + return false; + } + if(!(capturer_.open())) + { + qDebug() << "failed to open arpspoof"; + return false; + } + return true; +} + +bool CaptivePortal::doClose() +{ + if(!(writer_.close())) + { + qDebug() << "failed to close writer"; + return false; + } + if(!(tcpblock_.close())) + { + qDebug() << "failed to close tcpblock"; + return false; + } + if(!(capturer_.close())) + { + qDebug() << "failed to close arpspoof"; + return false; + } + return true; +} + +void CaptivePortal::propLoad(QJsonObject jo) +{ + GProp::propLoad(jo); + jo["capturer"] >> capturer_; + jo["tcpblock"] >> tcpblock_; + jo["writer"] >> writer_; +} + +void CaptivePortal::propSave(QJsonObject &jo) +{ + GProp::propSave(jo); + jo["capturer"] << capturer_; + jo["tcpblock"] << tcpblock_; + jo["writer"] << writer_; +} + +void CaptivePortal::processPacket(GPacket *packet) +{ + GEthHdr* ethHdr = packet->ethHdr_; + if (ethHdr == nullptr) { + qCritical() << "ethHdr is null"; + return; + } + + if (ethHdr->type() != GEthHdr::Ip4) + return; + + GIpHdr* ipHdr = packet->ipHdr_; + if (ipHdr == nullptr) { + qCritical() << "ipHdr is null"; + return; + } + + if(ipHdr->p() != GIpHdr::Tcp) + return; + + GTcpHdr* tcpHdr = packet->tcpHdr_; + + if (tcpHdr == nullptr) { + qCritical() << "tcpHdr is null"; + return; + } + + if (tcpHdr->dport() == 443) + { + if (ipHdr->dip() != host_) + packet->ctrl.block_ = true; + return; + } + + if (tcpHdr->dport() == 80) + { + GBuf tcpData = packet->tcpData_; + if(!tcpData.valid()) + return; + + const char* castedtcpdata = reinterpret_cast(tcpData.data_); + if(strncmp(castedtcpdata, "GET ", 4) == 0 && ipHdr->dip() != host_) + { + qDebug() << "Send redirect page data to client"; + tcpblock_.block(packet); + } + if(strncmp(castedtcpdata, "POST ", 5) == 0) + { + std::string api = "infected=false"; + std::string tcpdata = castedtcpdata; + auto it = std::search(tcpdata.begin(), tcpdata.end(), std::boyer_moore_searcher(api.begin(), api.end())); + if (it != tcpdata.end()) + { + qDebug() << "infection off" << QString(ipHdr->sip()); + capturer_.removeFlows(ipHdr->sip(), gwIp_, gwIp_, ipHdr->sip()); + } + else if(it == tcpdata.end()) + { + qDebug() << "infection keep"; + return; + } + } + } +} diff --git a/app/captiveportal/captiveportal.h b/app/captiveportal/captiveportal.h new file mode 100755 index 0000000..5fc939d --- /dev/null +++ b/app/captiveportal/captiveportal.h @@ -0,0 +1,39 @@ +#pragma once + +#include "stdafx.h" + +class CaptivePortal : public GStateObj +{ + Q_OBJECT + Q_PROPERTY(QString intfname MEMBER intfname_) + Q_PROPERTY(QString redirectpage MEMBER redirectpage_) + + GAutoArpSpoof capturer_; + GTcpBlock tcpblock_; + GPcapDeviceWrite writer_; + + GIp host_; + +public: + QString intfname_; + QString redirectpage_; + GIp gwIp_; + +public: + CaptivePortal(); + ~CaptivePortal() override {close();}; + +private: + void setComponent(); + +protected: + bool doOpen() override; + bool doClose() override; + +public: + void propLoad(QJsonObject jo) override; + void propSave(QJsonObject& jo) override; + +public slots: + void processPacket(GPacket* packet); +}; diff --git a/app/captiveportal/captiveportal.pro b/app/captiveportal/captiveportal.pro new file mode 100755 index 0000000..867b0bb --- /dev/null +++ b/app/captiveportal/captiveportal.pro @@ -0,0 +1,43 @@ +QT += widgets + +greaterThan(QT_MAJOR_VERSION, 4): QT += widgets + +CONFIG += c++17 +TEMPLATE = app +CONFIG += qt + +include(../../../g/g.pri) +include(../../cp.pri) + +DESTDIR = $${PWD}/../../bin + +SOURCES += \ + ../../src/socket.cpp \ + ../../src/udpclient.cpp \ + ../../src/udpsocket.cpp \ + ../../src/udpserver.cpp \ + ../../src/httprequest.cpp \ + ../../src/httpresponse.cpp \ + ../../src/tcpsocket.cpp \ + ../../src/tcpclient.cpp \ + captiveportal.cpp \ + main.cpp \ + weudpclient.cpp \ + weudpserver.cpp \ + weupdater.cpp + +HEADERS += \ + ../../src/socket.h \ + ../../src/udpclient.h \ + ../../src/udpsocket.h \ + ../../src/udpserver.h \ + ../../src/httprequest.h \ + ../../src/httpresponse.h \ + ../../src/tcpsocket.h \ + ../../src/tcpclient.h \ + ../../src/http.h \ + captiveportal.h \ + stdafx.h \ + weudpclient.h \ + weudpserver.h \ + weupdater.h diff --git a/app/captiveportal/main.cpp b/app/captiveportal/main.cpp new file mode 100755 index 0000000..ee64ce5 --- /dev/null +++ b/app/captiveportal/main.cpp @@ -0,0 +1,44 @@ +#include "weudpclient.h" +#include "weudpserver.h" +#include "captiveportal.h" + +const char* version() +{ + return +#include "../../version.txt" +#ifdef _DEBUG + " Debug Build(" __DATE__ " " __TIME__ ")"; +#else + " Release Build(" __DATE__ " " __TIME__ ")"; +#endif +} + +int main(int argc, char *argv[]) +{ + GApp a(argc, argv); + WEUdpClient client; + if(client.searchProduct(7284, 1, 0, "run already?")) + { + qDebug() << "Captive Portal stop thanks to using"; + return 0; + } + else + { + qInfo() << "CaptivePortal Started" << version(); + } + + WEUdpServer ws; + ws.start(7284); + + GRtmEntry* entry = GNetInfo::instance().rtm().getBestEntry(QString("8.8.8.8")); + + CaptivePortal cp; + cp.intfname_ = entry->intf()->name(); + cp.gwIp_ = entry->intf()->gateway(); + cp.redirectpage_ = "http://test.gilgil.net"; + cp.open(); + + a.exec(); + + ws.stop(); +} diff --git a/app/captiveportal/stdafx.h b/app/captiveportal/stdafx.h new file mode 100755 index 0000000..ff481fe --- /dev/null +++ b/app/captiveportal/stdafx.h @@ -0,0 +1,21 @@ +#pragma once + +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include diff --git a/app/captiveportal/weudpclient.cpp b/app/captiveportal/weudpclient.cpp new file mode 100755 index 0000000..52ef7cb --- /dev/null +++ b/app/captiveportal/weudpclient.cpp @@ -0,0 +1,40 @@ +#include "weudpclient.h" + +WEUdpClient::WEUdpClient() +{ +} + +WEUdpClient::~WEUdpClient() +{ +} + +bool WEUdpClient::searchProduct(int port, int sec, int millisec, std::string protocol) +{ + strncpy(sendbuf_, protocol.c_str(), protocol.length()); + setSocketBroadcastable(); + setRecvTimeout(sec, millisec); + setSockAddrBroadcast(port); + send(sendbuf_, strlen(sendbuf_) + 1); + if(recv(recvbuf_, BUFSIZE) != -1) + { + if(strcmp(recvbuf_, "run already!") == 0) + { + qDebug() << "There is already wifievent product running..."; + return true; + } + } + qDebug() << "There is no wifievent product..."; + return false; +} + +void WEUdpClient::setSockAddrBroadcast(int port) +{ + //myIp or !netmask + GRtmEntry* entry = GNetInfo::instance().rtm().getBestEntry(QString("8.8.8.8")); + GIp broadcastip = entry->intf()->gateway() | ~(entry->intf()->mask()); + qInfo() << "gateway ip:" << QString(entry->intf()->gateway()); + qInfo() << "mask:" << QString(entry->intf()->mask()); + qInfo() << "broadcast ip:" << QString(broadcastip); + setSockAddr(QString(broadcastip).toStdString(), port); + return; +} diff --git a/app/captiveportal/weudpclient.h b/app/captiveportal/weudpclient.h new file mode 100755 index 0000000..576d904 --- /dev/null +++ b/app/captiveportal/weudpclient.h @@ -0,0 +1,19 @@ +#pragma once +#include "udpclient.h" +#include + +class WEUdpClient : public UdpClient +{ + char sendbuf_[BUFSIZE]; + char recvbuf_[BUFSIZE]; + +public: + WEUdpClient(); + ~WEUdpClient(); + +protected: + void setSockAddrBroadcast(int port); + +public: + bool searchProduct(int port, int sec, int millisec, std::string protocol); +}; diff --git a/app/captiveportal/weudpserver.cpp b/app/captiveportal/weudpserver.cpp new file mode 100755 index 0000000..1a1d4dc --- /dev/null +++ b/app/captiveportal/weudpserver.cpp @@ -0,0 +1,32 @@ +#include "weudpserver.h" + +void WEUdpServer::start(int port) { + + bind(port); + + t1 = new std::thread(&WEUdpServer::handleCnt, this); +} + +void WEUdpServer::stop() { + check = false; + + disconnect(); + + t1->join(); +} + +void WEUdpServer::handleCnt() { + char buf[BUFSIZ]; + while(check) { + qDebug() << "server running"; + int res = recv(buf, sizeof(buf)); + qDebug() << "server recv pass"; + if(res > 0) { + qDebug() << "buf: " << buf; + + if(strcmp(buf, "run already?") == 0) { + send("run already!", strlen("run already!") + 1); + } + } + } +} diff --git a/app/captiveportal/weudpserver.h b/app/captiveportal/weudpserver.h new file mode 100755 index 0000000..27000d7 --- /dev/null +++ b/app/captiveportal/weudpserver.h @@ -0,0 +1,22 @@ +#ifndef WEUDPSERVER_H +#define WEUDPSERVER_H + +#include "udpserver.h" + +class WEUdpServer : public UdpServer +{ +public: + WEUdpServer() {} + ~WEUdpServer() {} + + bool check = true; + + std::thread* t1; + + void start(int port); + void stop(); + + void handleCnt(); +}; + +#endif // WEUDPSERVER_H diff --git a/app/captiveportal/weupdater.cpp b/app/captiveportal/weupdater.cpp new file mode 100755 index 0000000..1192ae9 --- /dev/null +++ b/app/captiveportal/weupdater.cpp @@ -0,0 +1,109 @@ +#include "weupdater.h" + +using namespace std; + +WEUpdater::WEUpdater() +{ + +} + +void WEUpdater::getIpAddress(QString versionurl) +{ + QUrl url = versionurl; + struct addrinfo *servinfo; + struct addrinfo hints; + char host[16]; + + QString domain = url.host(); + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = AF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + if(getaddrinfo(qPrintable(domain), NULL, &hints, &servinfo)) + { + qDebug() << "failed to get host ip"; + exit(1); + } + + getnameinfo(servinfo->ai_addr, + servinfo->ai_addrlen, + host, sizeof(host), + NULL, + 0, + NI_NUMERICHOST); + + QString ip = QString(host); + host_ = GIp(ip); + path_ = url.path(); + qInfo() << "host=" << QString(host_) << "," << "path=" << path_; +} + +void WEUpdater::setHttpRequest() +{ + vector> headervector; + headervector.push_back(make_pair("Host", "wifievent.io")); + headervector.push_back(make_pair("Connection", "keep-alive")); + headervector.push_back(make_pair("Accept", "text/html")); + headervector.push_back(make_pair("Accept-Encoding", "gzip, deflate")); + headervector.push_back(make_pair("Accept-Language", "en-US, ko")); + headervector.push_back(make_pair("User-Agent", "Mozilla/5.0 (X11; Linux x86_64) " + "AppleWebKit/537.36 (KHTML, like Gecko) " + "Chrome/95.0.4638.69 Safari/537.36")); + versionrequest_.setMethod(GET); + versionrequest_.setURL(path_.toStdString()); + versionrequest_.setProtocol(HTTP1_1); + versionrequest_.setUserAgent("Mozilla/5.0 (X11; Linux x86_64) " + "AppleWebKit/537.36 (KHTML, like Gecko) " + "Chrome/95.0.4638.69 Safari/537.36"); + versionrequest_.setHTTPHeaderVector(&headervector); + qDebug() << "make Request packet"; + versionrequest_.makeRequest(); +} + +bool WEUpdater::checkVersion(QString versionurl, string currentversion) +{ + char buf[BUFSIZE]; + getIpAddress(versionurl); + setHttpRequest(); + TcpClient client; + if(client.connect(QString(host_).toStdString(), 80)) + { + qDebug() << "connect error"; + return ""; + } + if(client.send((char*)versionrequest_.getRequestData()->c_str(), versionrequest_.getRequestSize()) == -1) + { + qDebug() << "send error"; + return ""; + } + int len = client.recv(buf, BUFSIZE); + if(len == -1) + { + qDebug() << "recv error"; + return ""; + } + client.disconnect(); + versionresponse_.addResponsePacket(buf, len); + versionresponse_.parseResponsePacket(); + string latestversion = versionresponse_.getResponseBody().erase(versionresponse_.getResponseBody().length() - 2, 2); + latestversion = latestversion.erase(0, 1); + qDebug() << "latest version:" << latestversion.c_str(); + qDebug() << "current version:" << currentversion.c_str(); + + int current[4]; + int latest[4]; + sscanf(latestversion.c_str(), "v%d.%d.%d.%d", &latest[0], &latest[1], &latest[2], &latest[3]); + sscanf(currentversion.c_str(), "v%d.%d.%d.%d", ¤t[0], ¤t[1], ¤t[2], ¤t[3]); + for(int i = 0; i < 4; i++) + { + if(latest[i] > current[i]) + { + return true; + } + else if(latest[i] < current[i]) + { + qDebug() << "current version is more higher error"; + } + } + return false; +} diff --git a/app/captiveportal/weupdater.h b/app/captiveportal/weupdater.h new file mode 100755 index 0000000..4f11b1c --- /dev/null +++ b/app/captiveportal/weupdater.h @@ -0,0 +1,23 @@ +#pragma once +#include "stdafx.h" +#include "tcpclient.h" +#include "httprequest.h" +#include "httpresponse.h" + +class WEUpdater : public TcpClient +{ + HTTPRequest versionrequest_; + HTTPResponse versionresponse_; + GIp host_; + QString path_; + +public: + WEUpdater(); + +protected: + void getIpAddress(QString versionurl); + void setHttpRequest(); + +public: + bool checkVersion(QString versionurl, std::string currentversion); +}; diff --git a/app/cpsingle-test/captiveportal.cpp b/app/cpsingle-test/captiveportal.cpp new file mode 100755 index 0000000..e8c2eba --- /dev/null +++ b/app/cpsingle-test/captiveportal.cpp @@ -0,0 +1,157 @@ +#include "captiveportal.h" + +CaptivePortal::CaptivePortal(QString redirectpage, QString intfname) +{ + string domain; + struct addrinfo *servinfo; + struct addrinfo hints; + char host[16]; + + redirectpage_ = redirectpage; + intfname_ = intfname; + domain = getDomainAtUrl(redirectpage.toStdString()); + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = AF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + if(getaddrinfo(domain.c_str(), NULL, &hints, &servinfo)) + { + qDebug() << "failed to get host ip"; + exit(1); + } + + getnameinfo(servinfo->ai_addr, + servinfo->ai_addrlen, + host, sizeof(host), + NULL, + 0, + NI_NUMERICHOST); + + + QString ip = QString(host); + host_ = GIp(ip); + qInfo() << "domain=" << redirectpage << "," << "ip=" << QString(host_); + + setComponent(); + + QObject::connect( + &capturer_, + SIGNAL(captured(GPacket*)), + this, + SLOT(processPacket(GPacket*)), + Qt::DirectConnection + ); +} + +void CaptivePortal::setComponent() +{ + capturer_.intfName_ = intfname_; + + tcpblock_.backwardRst_ = false; + tcpblock_.backwardFin_ = true; + tcpblock_.backwardFinMsg_ = QStringList{"HTTP/1.0 302 Redirected\r\n" + "Location: "+redirectpage_+"\r\n" + "\r\n"}; + tcpblock_.writer_ = &writer_; +} + +string CaptivePortal::getDomainAtUrl(string url) +{ + string result; + int cursorbegin = 0, cursorend = 0; + if((cursorend = url.find("https://", cursorbegin)) != string::npos) + { + cursorbegin += 8; + } + else if((cursorend = url.find("http://", cursorbegin)) != string::npos) + { + cursorbegin += 7; + } + if((cursorend = url.find("/", cursorbegin)) != string::npos) + { + result = url.substr(cursorbegin, cursorend-cursorbegin); + } + else if((cursorend = url.find("/", cursorbegin)) == string::npos) + { + result = url.substr(cursorbegin); + } + return result; +} + +bool CaptivePortal::doOpen() +{ + if(!(writer_.open())) + { + qDebug() << "failed to open writer"; + return false; + } + if(!(tcpblock_.open())) + { + qDebug() << "failed to open tcpblock"; + return false; + } + if(!(capturer_.open())) + { + qDebug() << "failed to open arpspoof"; + return false; + } + return true; +} + +bool CaptivePortal::doClose() +{ + if(!(writer_.close())) + { + qDebug() << "failed to close writer"; + return false; + } + if(!(tcpblock_.close())) + { + qDebug() << "failed to close tcpblock"; + return false; + } + if(!(capturer_.close())) + { + qDebug() << "failed to close arpspoof"; + return false; + } + return true; +} + +void CaptivePortal::processPacket(GPacket *packet) +{ + const char* castedtcpdata = nullptr; + if(packet->ethHdr_->type() != GEthHdr::Ip4) + { + return; + } + if(packet->ipHdr_->p() != GIpHdr::Tcp) + { + return; + } + if(packet->tcpHdr_->dport() == 443) + { + packet->ctrl.block_ = true; + return; + } + else if(packet->tcpHdr_->dport() == 80) + { + if(packet->tcpData_.valid()) + { + castedtcpdata = reinterpret_cast(packet->tcpData_.data_); + } + else + { + qDebug() << "there is no tcpdata in packet"; + return; + } + qDebug() << uint32_t(packet->ipHdr_->dip()) + << ", " + << uint32_t(host_) << "check both ip address"; + if(strncmp(castedtcpdata, "GET ", 4) == 0 && packet->ipHdr_->dip() != host_) + { + qDebug() << "Send redirect page data to client"; + tcpblock_.block(packet); + } + } +} diff --git a/app/cpsingle-test/captiveportal.h b/app/cpsingle-test/captiveportal.h new file mode 100755 index 0000000..4e582f0 --- /dev/null +++ b/app/cpsingle-test/captiveportal.h @@ -0,0 +1,35 @@ +#pragma once + +#include "stdafx.h" + +using namespace std; + +class CaptivePortal : public GStateObj +{ + Q_OBJECT + + GAutoArpSpoof capturer_; + GTcpBlock tcpblock_; + GPcapDeviceWrite writer_; + + QString redirectpage_; + GIp host_; + +public: + QString intfname_{"eth0"}; + +public: + CaptivePortal(QString redirectpage, QString intfname); + ~CaptivePortal() override {close();}; + +private: + void setComponent(); + string getDomainAtUrl(string url); + +protected: + bool doOpen() override; + bool doClose() override; + +public slots: + void processPacket(GPacket* packet); +}; diff --git a/app/cpsingle-test/cpsingle-test.pro b/app/cpsingle-test/cpsingle-test.pro new file mode 100755 index 0000000..9bbeb0b --- /dev/null +++ b/app/cpsingle-test/cpsingle-test.pro @@ -0,0 +1,21 @@ +QT += core +QT += widgets + +TEMPLATE = app +CONFIG += c++11 console +CONFIG += qt +CONFIG -= app_bundle + +LIBS *= -pthread + +include(../../../g/g.pri) + +DESTDIR = $${PWD}/../../bin + +SOURCES += \ + captiveportal.cpp \ + main.cpp + +HEADERS += \ + captiveportal.h \ + stdafx.h diff --git a/app/cpsingle-test/main.cpp b/app/cpsingle-test/main.cpp new file mode 100755 index 0000000..ac88e0c --- /dev/null +++ b/app/cpsingle-test/main.cpp @@ -0,0 +1,13 @@ +#include "stdafx.h" +#include "captiveportal.h" + +int main(int argc, char *argv[]) +{ + GApp a(argc, argv); + + CaptivePortal* cp = new CaptivePortal("http://test.gilgil.net/ek.jpg", "eth0"); + + cp->open(); + + return a.exec(); +} diff --git a/app/cpsingle-test/stdafx.h b/app/cpsingle-test/stdafx.h new file mode 100755 index 0000000..bd8df16 --- /dev/null +++ b/app/cpsingle-test/stdafx.h @@ -0,0 +1,21 @@ +#pragma once + +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +#include +#include + +#include +#include +#include diff --git a/app/udp-test/main.cpp b/app/udp-test/main.cpp new file mode 100755 index 0000000..2ef2c80 --- /dev/null +++ b/app/udp-test/main.cpp @@ -0,0 +1,22 @@ +#include "udp.h" +#include "udpclient.h" + +int main() +{ + char sendbuf[BUFSIZE] = "run already?"; + char recvbuf[BUFSIZE]; + UdpClient* client = new UdpClient(); + client->setSocketBroadcastable(); + client->setRecvTimeout(5, 0); + client->setSockAddrBroadcast(7284); + client->send(sendbuf, strlen(sendbuf) + 1); + if(client->recv(recvbuf, BUFSIZE) != -1) + { + qDebug() << recvbuf; + } + else + { + qDebug() << "Can't get data"; + } + return 0; +} diff --git a/app/udp-test/udp-test.pro b/app/udp-test/udp-test.pro new file mode 100755 index 0000000..31921a7 --- /dev/null +++ b/app/udp-test/udp-test.pro @@ -0,0 +1,25 @@ +QT += core + +TEMPLATE = app +CONFIG += c++17 console +CONFIG += qt + +LIBS *= -pthread + +INCLUDEPATH *= $${PWD}/../../src + +DESTDIR = $${PWD}/../../bin + +include(../../../g/g.pri) + +SOURCES += \ + main.cpp \ + ../../src/socket.cpp \ + ../../src/udpclient.cpp \ + ../../src/udpsocket.cpp + +HEADERS += \ + ../../src/socket.h \ + ../../src/udp.h \ + ../../src/udpclient.h \ + ../../src/udpsocket.h diff --git a/app/weupdater-test/main.cpp b/app/weupdater-test/main.cpp new file mode 100755 index 0000000..80389c6 --- /dev/null +++ b/app/weupdater-test/main.cpp @@ -0,0 +1,17 @@ +#include "weupdater.h" + +//"v[0~999].[0~999].[0~999].[0~999]" +int main() +{ + WEUpdater weupdater; + string productversion = "\"v0.9.0.0\""; + if(weupdater.checkVersion("http://wifievent.io/version/netblock.txt", productversion)) + { + cout << "something action to do in product(print notion that \'you have to update!\')\n"; + } + else + { + cout << "there is no new version of product\n"; + } + return 0; +} diff --git a/app/weupdater-test/stdafx.h b/app/weupdater-test/stdafx.h new file mode 100755 index 0000000..e25a119 --- /dev/null +++ b/app/weupdater-test/stdafx.h @@ -0,0 +1,7 @@ +#pragma once + +#include + +#include +#include +#include diff --git a/app/weupdater-test/weupdater-test.pro b/app/weupdater-test/weupdater-test.pro new file mode 100755 index 0000000..199594d --- /dev/null +++ b/app/weupdater-test/weupdater-test.pro @@ -0,0 +1,27 @@ +QT -= gui + +CONFIG += c++11 console +CONFIG -= app_bundle + +include(../../cp.pri) +include(../../../g/g.pri) + +SOURCES += \ + main.cpp \ + weupdater.cpp \ + ../../src/httprequest.cpp \ + ../../src/httpresponse.cpp \ + ../../src/socket.cpp \ + ../../src/tcpsocket.cpp \ + ../../src/tcpclient.cpp + +HEADERS += \ + stdafx.h \ + weupdater.h \ + ../../src/httprequest.h \ + ../../src/httpresponse.h \ + ../../src/socket.h \ + ../../src/tcpsocket.h \ + ../../src/tcpclient.h \ + ../../src/http.h \ + ../../src/tcp.h diff --git a/app/weupdater-test/weupdater.cpp b/app/weupdater-test/weupdater.cpp new file mode 100755 index 0000000..9b96929 --- /dev/null +++ b/app/weupdater-test/weupdater.cpp @@ -0,0 +1,106 @@ +#include "weupdater.h" + +WEUpdater::WEUpdater() +{ + +} + +void WEUpdater::getIpAddress(QString versionurl) +{ + QUrl url = versionurl; + struct addrinfo *servinfo; + struct addrinfo hints; + char host[16]; + + QString domain = url.host(); + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = AF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + if(getaddrinfo(qPrintable(domain), NULL, &hints, &servinfo)) + { + qDebug() << "failed to get host ip"; + exit(1); + } + + getnameinfo(servinfo->ai_addr, + servinfo->ai_addrlen, + host, sizeof(host), + NULL, + 0, + NI_NUMERICHOST); + + QString ip = QString(host); + host_ = GIp(ip); + path_ = url.path(); + qInfo() << "host=" << QString(host_) << "," << "path=" << path_; +} + +void WEUpdater::setHttpRequest() +{ + vector> headervector; + headervector.push_back(make_pair("Host", "wifievent.io")); + headervector.push_back(make_pair("Connection", "keep-alive")); + headervector.push_back(make_pair("Accept", "text/html")); + headervector.push_back(make_pair("Accept-Encoding", "gzip, deflate")); + headervector.push_back(make_pair("Accept-Language", "en-US, ko")); + headervector.push_back(make_pair("User-Agent", "Mozilla/5.0 (X11; Linux x86_64) " + "AppleWebKit/537.36 (KHTML, like Gecko) " + "Chrome/95.0.4638.69 Safari/537.36")); + versionrequest_.setMethod(GET); + versionrequest_.setURL(path_.toStdString()); + versionrequest_.setProtocol(HTTP1_1); + versionrequest_.setUserAgent("Mozilla/5.0 (X11; Linux x86_64) " + "AppleWebKit/537.36 (KHTML, like Gecko) " + "Chrome/95.0.4638.69 Safari/537.36"); + versionrequest_.setHTTPHeaderVector(&headervector); + qDebug() << "make Request packet"; + versionrequest_.makeRequest(); +} + +bool WEUpdater::checkVersion(QString versionurl, string currentversion) +{ + char buf[BUFSIZE]; + getIpAddress(versionurl); + setHttpRequest(); + TcpClient client; + if(client.connect(QString(host_).toStdString(), 80)) + { + qDebug() << "connect error"; + return ""; + } + if(client.send((char*)versionrequest_.getRequestData()->c_str(), versionrequest_.getRequestSize()) == -1) + { + qDebug() << "send error"; + return ""; + } + int len = client.recv(buf, BUFSIZE); + if(len == -1) + { + qDebug() << "recv error"; + return ""; + } + client.disconnect(); + versionresponse_.addResponsePacket(buf, len); + versionresponse_.parseResponsePacket(); + string latestversion = versionresponse_.getResponseBody().erase(versionresponse_.getResponseBody().length() - 2, 2); + qDebug() << "latest version:" << latestversion.c_str(); + qDebug() << "current version:" << currentversion.c_str(); + + int current[4]; + int latest[4]; + sscanf(latestversion.c_str(), "\"v%d.%d.%d.%d\"", &latest[0], &latest[1], &latest[2], &latest[3]); + sscanf(currentversion.c_str(), "\"v%d.%d.%d.%d\"", ¤t[0], ¤t[1], ¤t[2], ¤t[3]); + for(int i = 0; i < 4; i++) + { + if(latest[i] > current[i]) + { + return true; + } + else if(latest[i] < current[i]) + { + qDebug() << "current version is more higher error"; + } + } + return false; +} diff --git a/app/weupdater-test/weupdater.h b/app/weupdater-test/weupdater.h new file mode 100755 index 0000000..d614f2a --- /dev/null +++ b/app/weupdater-test/weupdater.h @@ -0,0 +1,24 @@ +#pragma once +#include "stdafx.h" +#include "tcp.h" +#include "tcpclient.h" +#include "httprequest.h" +#include "httpresponse.h" + +class WEUpdater : public TcpClient +{ + HTTPRequest versionrequest_; + HTTPResponse versionresponse_; + GIp host_; + QString path_; + +public: + WEUpdater(); + +protected: + void getIpAddress(QString versionurl); + void setHttpRequest(); + +public: + bool checkVersion(QString versionurl, string currentversion); +}; diff --git a/cp.pri b/cp.pri new file mode 100755 index 0000000..c7cca2b --- /dev/null +++ b/cp.pri @@ -0,0 +1,4 @@ +# +# include path +# +INCLUDEPATH *= $${PWD}/src \ No newline at end of file diff --git a/src/http.h b/src/http.h new file mode 100755 index 0000000..12a5939 --- /dev/null +++ b/src/http.h @@ -0,0 +1,10 @@ +#pragma once + +typedef enum {GET, PUT, HEAD, POST, NOT_IMPLEMENTED} Method; +//we can add more +typedef enum {HTTP1_0, HTTP1_1, HTTP_UNSUPPORTED} Protocol; +//we can add more + +#define CR '\r' +#define LF '\n' +#define CRLF "\r\n" \ No newline at end of file diff --git a/src/httprequest.cpp b/src/httprequest.cpp new file mode 100755 index 0000000..cff9898 --- /dev/null +++ b/src/httprequest.cpp @@ -0,0 +1,251 @@ +#include "httprequest.h" + +using namespace std; + +HTTPRequest::HTTPRequest() +{ + body_ = ""; + requestpacket_ = ""; +} + +HTTPRequest::~HTTPRequest() +{ +} + +void HTTPRequest::addRequestPacket(char* buf, int& len) +{ + requestpacket_.append(buf, len); +} + +void HTTPRequest::addRequestBody(string& str) +{ + body_ += str; +} + +//set, get func begin + +int HTTPRequest::setMethod(Method argmethod) +{ + method_ = argmethod; + return 0; +} + +Method HTTPRequest::getMethod() +{ + return method_; +} + +int HTTPRequest::setURL(string argurl) +{ + url_ = argurl; + return 0; +} + +string HTTPRequest::getURL() +{ + return url_; +} + +int HTTPRequest::setProtocol(Protocol argprotocol) +{ + protocol_ = argprotocol; + return 0; +} + +Protocol HTTPRequest::getProtocol() +{ + return protocol_; +} + +int HTTPRequest::setUserAgent(string arguseragent) +{ + useragent_ = arguseragent; + return 0; +} + +string HTTPRequest::getUserAgent() +{ + return useragent_; +} + +int HTTPRequest::setHTTPHeader(string name, string content) +{ + headers_.push_back(make_pair(name, content)); + return 0; +} + +string HTTPRequest::getHTTPHeader(string name) +{ + vector>::iterator iter; + for(iter = headers_.begin(); iter != headers_.end(); iter++) + { + if((*iter).first == name) + { + return (*iter).first + ":" + (*iter).second; + } + } + return "There is no header name " + name; +} + +int HTTPRequest::setHTTPHeaderVector(vector>* headervector) +{ + vector>::iterator iter; + for(iter = headervector->begin(); iter != headervector->end(); iter++) + { + setHTTPHeader((*iter).first, (*iter).second); + } + return 0; +} + +vector>* HTTPRequest::getHTTPHeaderVector() +{ + return &headers_; +} + +int HTTPRequest::setRequestBody(string argbody) +{ + body_ = argbody; + return 0; +} + +string HTTPRequest::getRequestBody() +{ + return body_; +} + +//set, get func end + +int HTTPRequest::parseRequestPacket() +{ + size_t cursorbegin = 0, cursorend = 0; + size_t headercursorbegin, headercursorend; + string httpmethod, httpprotocol, header; + string name, content; + + //http method + httpmethod = updateCursor(cursorbegin, cursorend, " ", requestpacket_, 1); + if(httpmethod == "GET") + { + method_ = GET; + } + else if(httpmethod == "PUT") + { + method_ = PUT; + } + else if(httpmethod == "POST") + { + method_ = POST; + } + else + { + method_ = NOT_IMPLEMENTED; + return 0; + } + + //url + url_ = updateCursor(cursorbegin, cursorend, " ", requestpacket_, 1); + + //protocol + httpprotocol = updateCursor(cursorbegin, cursorend, CRLF, requestpacket_, 1); + if(httpprotocol == "HTTP/1.0") + { + protocol_ = HTTP1_0; + } + else if(httpprotocol == "HTTP/1.1") + { + protocol_ = HTTP1_1; + } + else + { + protocol_ = HTTP_UNSUPPORTED; + return 0; + } + + cursorbegin++; //CRLF + + //header parse start here + while(1) + { + header = updateCursor(cursorbegin, cursorend, CRLF, requestpacket_, 1); + //separate header line by line + + headercursorbegin = 0; + headercursorend = 0; + + //name: content + name = updateCursor(headercursorbegin, headercursorend, ":", header, 2); + content = updateCursor(headercursorbegin, headercursorend, CRLF, header, 0); + + setHTTPHeader(name, content); + cursorbegin++; //CRLF + if(requestpacket_.substr(cursorbegin, 2) == CRLF) //one more CRLF + { + break; + } + } + + cursorbegin+=2; + body_ = requestpacket_.substr(cursorbegin); + + return 0; +} + +int HTTPRequest::makeRequest() +{ + string httpmethod, httpprotocol; + + switch(method_){ + case GET: + httpmethod = "GET"; + break; + case PUT: + httpmethod = "PUT"; + break; + case POST: + httpmethod = "POST"; + break; + default: + return -1; + break; + } + + switch(protocol_){ + case HTTP1_0: + httpprotocol = "HTTP/1.0"; + break; + case HTTP1_1: + httpprotocol = "HTTP/1.1"; + break; + default: + return -1; + break; + } + + requestpacket_ += httpmethod + " " + url_ + " " + httpprotocol + CRLF; + vector>::iterator iter; + for(iter = headers_.begin(); iter != headers_.end(); iter++){ + requestpacket_ += (*iter).first + ": " + (*iter).second + CRLF; + } + requestpacket_ += CRLF; + requestpacket_ += body_; + return 0; +} + +size_t HTTPRequest::getRequestSize() +{ + return requestpacket_.length(); +} + +string* HTTPRequest::getRequestData() +{ + return &requestpacket_; +} + +string HTTPRequest::updateCursor(size_t& cursorbegin, size_t& cursorend, string target, string obj, size_t next) +{ + string result; + cursorend = obj.find_first_of(target, cursorbegin); + result = obj.substr(cursorbegin, cursorend - cursorbegin); + cursorbegin = cursorend + next; + return result; +} diff --git a/src/httprequest.h b/src/httprequest.h new file mode 100755 index 0000000..54da231 --- /dev/null +++ b/src/httprequest.h @@ -0,0 +1,44 @@ +#pragma once + +#include "stdafx.h" +#include "http.h" + +class HTTPRequest +{ + Method method_; + std::string url_; + Protocol protocol_; + std::string hostname_; + std::string useragent_; + + std::vector> headers_; + std::string body_; + std::string requestpacket_; + + public: + HTTPRequest(); + ~HTTPRequest(); + void addRequestPacket(char* buf, int& len); + void addRequestBody(std::string& str); + + int setMethod(Method argmethod); + Method getMethod(); + int setURL(std::string argurl); + std::string getURL(); + int setProtocol(Protocol argprotocol); + Protocol getProtocol(); + int setUserAgent(std::string arguseragent); + std::string getUserAgent(); + int setHTTPHeader(std::string name, std::string content); + std::string getHTTPHeader(std::string name); + int setHTTPHeaderVector(std::vector>* headervector); + std::vector>* getHTTPHeaderVector(); + int setRequestBody(std::string argbody); + std::string getRequestBody(); + + int parseRequestPacket(); + int makeRequest(); + size_t getRequestSize(); + std::string* getRequestData(); + std::string updateCursor(size_t& cursorbegin, size_t& cursorend, std::string target, std::string obj, size_t next); +}; diff --git a/src/httpresponse.cpp b/src/httpresponse.cpp new file mode 100755 index 0000000..3e86839 --- /dev/null +++ b/src/httpresponse.cpp @@ -0,0 +1,239 @@ +#include "httpresponse.h" + +using namespace std; + +HTTPResponse::HTTPResponse() +{ + body_ = ""; + responsepacket_ = ""; +} + +HTTPResponse::~HTTPResponse() +{ +} + +void HTTPResponse::addResponsePacket(char *buf, int& len) +{ + responsepacket_.append(buf, len); +} + +int HTTPResponse::setProtocol(Protocol argprotocol) +{ + protocol_ = argprotocol; + return 0; +} + +Protocol HTTPResponse::getProtocol() +{ + return protocol_; +} + +int HTTPResponse::setStatusCode(size_t argstatuscode) +{ + statuscode_ = argstatuscode; + return 0; +} + +size_t HTTPResponse::getStatusCode() +{ + return statuscode_; +} + +int HTTPResponse::setReasonPhrase() +{ + switch(statuscode_) + { + case 200: + reasonphrase_ = "OK"; + break; + case 201: + reasonphrase_ = "Created"; + break; + case 400: + reasonphrase_ = "Bad Request"; + break; + case 403: + reasonphrase_ = "Forbidden"; + break; + case 404: + reasonphrase_ = "Not Found"; + break; + case 411: + reasonphrase_ = "Length Required"; + break; + case 500: + reasonphrase_ = "Internal Server Error"; + break; + case 501: + reasonphrase_ = "Not Implemented"; + break; + case 502: + reasonphrase_ = "Bad Gateway"; + break; + case 505: + reasonphrase_ = "HTTP Version Not Supported"; + break; + default: + return -1; + break; + } + + return 0; +} + +string HTTPResponse::getReasonPhrase() +{ + return reasonphrase_; +} + +int HTTPResponse::setHTTPHeader(string name, string content) +{ + headers_.push_back(make_pair(name, content)); + return 0; +} + +string HTTPResponse::getHTTPHeader(string name) +{ + vector>::iterator iter; + for(iter = headers_.begin(); iter != headers_.end(); iter++) + { + if((*iter).first == name) + { + return (*iter).second; + } + } + return "There is no header name " + name; +} + +int HTTPResponse::setHTTPHeaderVector(vector>* headervector) +{ + vector>::iterator iter; + for(iter = headervector->begin(); iter!=headervector->end(); iter++) + { + setHTTPHeader((*iter).first, (*iter).second); + } + return 0; +} + +vector>* HTTPResponse::getHTTPHeaderVector() +{ + return &headers_; +} + +int HTTPResponse::setResponseBody(string argbody) +{ + body_ = argbody; + return 0; +} + +string HTTPResponse::getResponseBody() +{ + return body_; +} + +int HTTPResponse::makeResponse() +{ + string httpprotocol; + string tmppacket; + + switch(protocol_){ + case HTTP1_0: + httpprotocol = "HTTP/1.0"; + break; + case HTTP1_1: + httpprotocol = "HTTP/1.1"; + break; + default: + return -1; + break; + } + + tmppacket += httpprotocol + " " + to_string(statuscode_) + " " + reasonphrase_ + CRLF; + + vector>::iterator iter; + for(iter = headers_.begin(); iter != headers_.end(); iter++) + { + tmppacket += (*iter).first + ": " + (*iter).second + CRLF; + } + tmppacket += CRLF + body_; + responsepacket_ = tmppacket; + return 0; +} + +int HTTPResponse::parseResponsePacket() +{ + size_t cursorbegin = 0, cursorend = 0; + size_t headercursorbegin, headercursorend; + string httpprotocol, httpstatuscode, header; + string name, content; + + //protocol + httpprotocol = updateCursor(cursorbegin, cursorend, " ", responsepacket_, 1); + if(httpprotocol == "HTTP/1.0") + { + protocol_ = HTTP1_0; + } + else if(httpprotocol == "HTTP/1.1") + { + protocol_ = HTTP1_1; + } + else + { + protocol_ = HTTP_UNSUPPORTED; + return 0; + } + + //status code + httpstatuscode = updateCursor(cursorbegin, cursorend, " ", responsepacket_, 1); + statuscode_ = atoi(httpstatuscode.c_str()); + + //reason phrase + reasonphrase_ = updateCursor(cursorbegin, cursorend, CRLF, responsepacket_, 1); + + cursorbegin++; //CRLF + + //header parse start here + while(1) + { + header = updateCursor(cursorbegin, cursorend, CRLF, responsepacket_, 1); + //separate header line by line + + headercursorbegin = 0; + headercursorend = 0; + + //name: content + name = updateCursor(headercursorbegin, headercursorend, ":", header, 2); + content = updateCursor(headercursorbegin, headercursorend, CRLF, header, 0); + + setHTTPHeader(name, content); + cursorbegin++; //CRLF + if(responsepacket_.substr(cursorbegin, 2) == CRLF) //one more CRLF + { + break; + } + } + + cursorbegin+=2; + body_ = responsepacket_.substr(cursorbegin); + + return 0; +} + +size_t HTTPResponse::getResponseSize(void ) +{ + return responsepacket_.length(); +} + +string* HTTPResponse::getResponseData() +{ + return &responsepacket_; +} + +string HTTPResponse::updateCursor(size_t& cursorbegin, size_t& cursorend, string target, string obj, size_t next) +{ + string result; + cursorend = obj.find_first_of(target, cursorbegin); + result = obj.substr(cursorbegin, cursorend - cursorbegin); + cursorbegin = cursorend + next; + return result; +} diff --git a/src/httpresponse.h b/src/httpresponse.h new file mode 100755 index 0000000..e18ed84 --- /dev/null +++ b/src/httpresponse.h @@ -0,0 +1,38 @@ +#pragma once + +#include "stdafx.h" +#include "http.h" + +class HTTPResponse +{ + Protocol protocol_; + size_t statuscode_; + std::string reasonphrase_; + std::vector> headers_; + std::string body_; + std::string responsepacket_; + + public: + HTTPResponse(); + ~HTTPResponse(); + void addResponsePacket(char* buf, int& len); + + int setProtocol(Protocol argprotocol); + Protocol getProtocol(); + int setStatusCode(size_t argstatuscode); + size_t getStatusCode(); + int setReasonPhrase(); + std::string getReasonPhrase(); + int setHTTPHeader(std::string name, std::string content); + std::string getHTTPHeader(std::string name); + int setHTTPHeaderVector(std::vector>* headervector); + std::vector>* getHTTPHeaderVector(); + int setResponseBody(std::string argbody); + std::string getResponseBody(); + + int makeResponse(); + int parseResponsePacket(); + size_t getResponseSize(); + std::string* getResponseData(); + std::string updateCursor(size_t& cursorbegin, size_t& cursorend, std::string target, std::string obj, size_t next); +}; diff --git a/src/socket.cpp b/src/socket.cpp new file mode 100755 index 0000000..4c374b6 --- /dev/null +++ b/src/socket.cpp @@ -0,0 +1,6 @@ +#include "socket.h" + +Socket::Socket() +{ + +} diff --git a/src/socket.h b/src/socket.h new file mode 100755 index 0000000..6ce38b3 --- /dev/null +++ b/src/socket.h @@ -0,0 +1,37 @@ +#ifndef SOCKET_H +#define SOCKET_H + +# include +# include +# include +# include + +#include +#include + +#include + +#ifdef Q_OS_WIN +#include +#endif + +#ifdef Q_OS_LINUX +# include +# include +# include +#endif + +#define BUFSIZE 65536 + +class Socket +{ +public: + Socket(); + virtual ~Socket() {} + + virtual int disconnect() = 0; + virtual int send(char* buf, size_t len) = 0; + virtual int recv(char* buf, size_t len) = 0; +}; + +#endif // SOCKET_H diff --git a/src/tcpclient.cpp b/src/tcpclient.cpp new file mode 100755 index 0000000..360f31d --- /dev/null +++ b/src/tcpclient.cpp @@ -0,0 +1,25 @@ +#include "tcpclient.h" + +using namespace std; + +TcpClient::TcpClient() +{ +} + +TcpClient::~TcpClient() +{ +} + +int TcpClient::connect(string ip, int port) //connect +{ + memset(&sockaddr_, 0, sizeof(sockaddr_)); + sockaddr_.sin_family=AF_INET; + sockaddr_.sin_addr.s_addr=inet_addr(ip.c_str()); + sockaddr_.sin_port=htons(port); + return ::connect( + sock_, + (struct sockaddr*)&(sockaddr_), + sizeof(sockaddr_) + ); + //success 0, fail -1 +} diff --git a/src/tcpclient.h b/src/tcpclient.h new file mode 100755 index 0000000..95ebeda --- /dev/null +++ b/src/tcpclient.h @@ -0,0 +1,15 @@ +#pragma once +#include "tcpsocket.h" + +class TcpClient : public TcpSocket //tcp +{ + + +public: + //how about get TcpSocket* tcpsock_ for arg + TcpClient(); + ~TcpClient(); + +public: + int connect(std::string ip, int port); +}; diff --git a/src/tcpsocket.cpp b/src/tcpsocket.cpp new file mode 100755 index 0000000..7fd530b --- /dev/null +++ b/src/tcpsocket.cpp @@ -0,0 +1,51 @@ +#include "tcpsocket.h" + +TcpSocket::TcpSocket() +{ + if((sock_=socket(PF_INET, SOCK_STREAM, 0)) < 0) + { + qDebug() << "server socket create failed"; + } +} + +TcpSocket::~TcpSocket() +{ + disconnect(); +} + +int TcpSocket::send(char *buf, size_t len) +{ + return ::send(sock_, buf, len, 0); + //success sent data length, fail -1 +} + +int TcpSocket::recv(char *buf, size_t len) +{ + int recv_len; + memset(buf, '\0', len); + recv_len = ::recv(this->sock_, buf, len, 0); + if(recv_len==-1) + { + qDebug() << "Can't recv data"; + } + return recv_len; +} + +int TcpSocket::disconnect() +{ + int result = 0; + if(sock_ != 0) + { +#ifdef Q_OS_WIN + ::shutdown(sock_, SD_BOTH); + result = ::closesocket(sock_); +#endif +#ifdef Q_OS_LINUX + ::shutdown(sock_, SHUT_RDWR); + result = ::close(sock_); +#endif + sock_ = 0; + } + return result; + //success 0, fail -1 +} diff --git a/src/tcpsocket.h b/src/tcpsocket.h new file mode 100755 index 0000000..471451f --- /dev/null +++ b/src/tcpsocket.h @@ -0,0 +1,15 @@ +#include "socket.h" + +class TcpSocket : public Socket +{ +public: + int sock_{0}; + struct sockaddr_in sockaddr_; + +public: + TcpSocket(); + ~TcpSocket() override; + int send(char* buf, size_t len) override; + int recv(char* buf, size_t len) override; + int disconnect() override; +}; diff --git a/src/udpclient.cpp b/src/udpclient.cpp new file mode 100755 index 0000000..09591a9 --- /dev/null +++ b/src/udpclient.cpp @@ -0,0 +1,39 @@ +#include "udpclient.h" + +bool UdpClient::setSocketBroadcastable() +{ + int optval = 1; +#ifdef Q_OS_WIN + int res = setsockopt(sock_, SOL_SOCKET, SO_BROADCAST, (char *) &optval, sizeof(optval)); +#endif +#ifdef Q_OS_LINUX + int res = setsockopt(sock_, SOL_SOCKET, SO_BROADCAST, &optval, sizeof(optval)); +#endif + if (res == -1) + { + perror("setsockopt"); + return false; + } + return true; +} + +void UdpClient::setSockAddr(std::string ip, int port) +{ + memset(&sockAddr_, 0, sizeof(sockAddr_)); + sockAddr_.sin_family = AF_INET; + sockAddr_.sin_port = htons(port); + sockAddr_.sin_addr.s_addr = inet_addr(ip.c_str()); + memset(&sockAddr_.sin_zero, 0, sizeof(sockAddr_.sin_zero)); +} + +void UdpClient::setRecvTimeout(int sec, int millisec) +{ + struct timeval optVal = {sec, millisec}; //sec, millisec + int optLen = sizeof(optVal); +#ifdef Q_OS_WIN + setsockopt(sock_, SOL_SOCKET, SO_RCVTIMEO, (char *) &optVal, optLen); +#endif +#ifdef Q_OS_LINUX + setsockopt(sock_, SOL_SOCKET, SO_RCVTIMEO, &optVal, optLen); +#endif +} diff --git a/src/udpclient.h b/src/udpclient.h new file mode 100755 index 0000000..382d35b --- /dev/null +++ b/src/udpclient.h @@ -0,0 +1,19 @@ +#ifndef UDPCLIENT_H +#define UDPCLIENT_H + +#include "udpsocket.h" +#include + +class UdpClient : public UdpSocket +{ +public: + UdpClient() {} + ~UdpClient() {} + +public: + bool setSocketBroadcastable(); + void setSockAddr(std::string ip, int port); + void setRecvTimeout(int sec, int millisec); +}; + +#endif // UDPCLIENT_H diff --git a/src/udpserver.cpp b/src/udpserver.cpp new file mode 100755 index 0000000..8d2a2ae --- /dev/null +++ b/src/udpserver.cpp @@ -0,0 +1,38 @@ +#include "udpserver.h" + +UdpServer::UdpServer() +{ + setSockOptforReuse(); +} + +UdpServer::~UdpServer() +{ + +} + +bool UdpServer::bind(int port) +{ + memset(&sockAddr_, 0, sizeof(sockAddr_)); + sockAddr_.sin_family=AF_INET; + sockAddr_.sin_addr.s_addr=INADDR_ANY; + sockAddr_.sin_port=htons(port); + if(::bind(sock_, (struct sockaddr*)&sockAddr_, sizeof(sockAddr_))==-1) + { + qDebug() << "bind() error"; + return false; + } + return true; +} + +int UdpServer::setSockOptforReuse() +{ + int optval = 1; + int result = 1; +#ifdef Q_OS_WIN + result = setsockopt(sock_, SOL_SOCKET, SO_REUSEADDR, (char *)&optval, sizeof(optval)); +#endif +#ifdef Q_OS_LINUX + result = setsockopt(sock_, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval)); +#endif + return result; //success 0, fail -1 +} diff --git a/src/udpserver.h b/src/udpserver.h new file mode 100755 index 0000000..1752021 --- /dev/null +++ b/src/udpserver.h @@ -0,0 +1,21 @@ +#ifndef UDPSERVER_H +#define UDPSERVER_H + +#include "udpsocket.h" +#include +#include + +class UdpServer : public UdpSocket +{ +public: + UdpServer(); + ~UdpServer(); + + bool bind(int port); + +protected: + int setSockOptforReuse(); + +}; + +#endif // UDPSERVER_H diff --git a/src/udpsocket.cpp b/src/udpsocket.cpp new file mode 100755 index 0000000..43a5f5b --- /dev/null +++ b/src/udpsocket.cpp @@ -0,0 +1,51 @@ +#include "udpsocket.h" + +UdpSocket::UdpSocket() +{ + if((sock_=socket(PF_INET, SOCK_DGRAM, 0)) < 0) + { + qDebug() << "socket create failed"; + } +} + +UdpSocket::~UdpSocket() +{ + disconnect(); +} + +int UdpSocket::send(char *buf, size_t len) +{ + return ::sendto(sock_, buf, len, 0, (struct sockaddr*)&sockAddr_, sizeof(sockAddr_)); +} + +int UdpSocket::recv(char *buf, size_t len) +{ +#ifdef Q_OS_WIN + int sockLen = sizeof(sockAddr_); +#endif +#ifdef Q_OS_LINUX + socklen_t sockLen = sizeof(sockAddr_); +#endif + memset(buf, 0, len); + ssize_t res = ::recvfrom(sock_, buf, len, 0, (struct sockaddr*)&sockAddr_, &sockLen); + return res; +} + +int UdpSocket::disconnect() +{ + int result = 0; + if(sock_ != 0) + { +#ifdef Q_OS_WIN + ::shutdown(sock_, SD_BOTH); + result = ::closesocket(sock_); +#endif +#ifdef Q_OS_LINUX + ::shutdown(sock_, SHUT_RDWR); + result = ::close(sock_); +#endif + sock_ = 0; + } + return result; + //success 0, fail -1 +} diff --git a/src/udpsocket.h b/src/udpsocket.h new file mode 100755 index 0000000..b2fde0a --- /dev/null +++ b/src/udpsocket.h @@ -0,0 +1,24 @@ +#ifndef UDPSOCKET_H +#define UDPSOCKET_H + +#include + +#include "socket.h" + +class UdpSocket : public Socket +{ +public: + int sock_{0}; + struct sockaddr_in sockAddr_; + +public: + UdpSocket(); + ~UdpSocket() override; + + int send(char *buf, size_t len) override; + int recv(char* buf, size_t len) override; + int disconnect() override; + +}; + +#endif // UDPSOCKET_H diff --git a/version.txt b/version.txt new file mode 100755 index 0000000..4ff4d6e --- /dev/null +++ b/version.txt @@ -0,0 +1 @@ +"v0.9.0.0" \ No newline at end of file From 5e02e5d04c5ab6659df3d5d48a3f48e1224f854f Mon Sep 17 00:00:00 2001 From: gilgil Date: Sat, 11 Dec 2021 00:51:55 +0900 Subject: [PATCH 02/28] Call GThreadMgr::suspendStart() before cp.open() and call GThreadMgr::resumeStart() after cp.open() --- app/captiveportal/main.cpp | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/app/captiveportal/main.cpp b/app/captiveportal/main.cpp index ee64ce5..aa37ad9 100755 --- a/app/captiveportal/main.cpp +++ b/app/captiveportal/main.cpp @@ -36,7 +36,16 @@ int main(int argc, char *argv[]) cp.intfname_ = entry->intf()->name(); cp.gwIp_ = entry->intf()->gateway(); cp.redirectpage_ = "http://test.gilgil.net"; + + QJsonObject jo = GJson::loadFromFile(); + if (!jo.isEmpty()) + jo["cp"] >> cp; + jo["cp"] << cp; + GJson::saveToFile(jo); + + GThreadMgr::suspendStart(); cp.open(); + GThreadMgr::resumeStart(); a.exec(); From d15ddebdb339f1109ae63b6ce3dd2ef38917813e Mon Sep 17 00:00:00 2001 From: maro5397 Date: Sat, 11 Dec 2021 14:42:06 -0500 Subject: [PATCH 03/28] =?UTF-8?q?=F0=9F=9A=91=EF=B8=8F=20fix:=20making=20c?= =?UTF-8?q?onnection=20between=20victim=20and=20tls=20server?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.cpp | 47 ++++++- app/captiveportal/captiveportal.h | 5 + app/captiveportal/captiveportal.pro | 26 ++-- app/captiveportal/certkey-test/server.crt | 23 ++++ app/captiveportal/certkey-test/server.csr | 18 +++ app/captiveportal/certkey-test/server.key | 27 ++++ .../certkey-test/server.key.origin | 30 +++++ app/captiveportal/main.cpp | 25 ++-- app/captiveportal/stdafx.h | 17 +++ app/captiveportal/werawclient.cpp | 116 ++++++++++++++++++ app/captiveportal/werawclient.h | 43 +++++++ app/captiveportal/wesslserver.cpp | 27 ++++ app/captiveportal/wesslserver.h | 16 +++ app/captiveportal/weudpserver.cpp | 4 +- app/captiveportal/weudpserver.h | 3 +- app/rawsocket-test/main.cpp | 11 ++ app/rawsocket-test/rawsocket-test.pro | 20 +++ app/rawsocket-test/werawclient.cpp | 114 +++++++++++++++++ app/rawsocket-test/werawclient.h | 68 ++++++++++ 19 files changed, 608 insertions(+), 32 deletions(-) create mode 100644 app/captiveportal/certkey-test/server.crt create mode 100644 app/captiveportal/certkey-test/server.csr create mode 100644 app/captiveportal/certkey-test/server.key create mode 100644 app/captiveportal/certkey-test/server.key.origin create mode 100644 app/captiveportal/werawclient.cpp create mode 100644 app/captiveportal/werawclient.h create mode 100644 app/captiveportal/wesslserver.cpp create mode 100644 app/captiveportal/wesslserver.h create mode 100644 app/rawsocket-test/main.cpp create mode 100644 app/rawsocket-test/rawsocket-test.pro create mode 100644 app/rawsocket-test/werawclient.cpp create mode 100644 app/rawsocket-test/werawclient.h diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index 9569b82..8580a1d 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -24,7 +24,35 @@ void CaptivePortal::setComponent() capturer_.intfName_ = intfname_; tcpblock_.backwardFinMsg_ = QStringList{"HTTP/1.0 302 Redirect\r\n" "Location: "+redirectpage_+"\r\n" - "\r\n"}; + "\r\n"}; +} + +void CaptivePortal::getIPAddress() +{ + uint32_t ipaddr; + int sock; + struct ifreq ifr; + struct sockaddr_in *sin; + sock = socket(AF_INET, SOCK_STREAM, 0); + if (sock < 0) + { + fprintf(stderr, "%s", "SOCK ERROR"); + return; + } + + strcpy(ifr.ifr_name, qPrintable(intfname_)); + if (ioctl(sock, SIOCGIFADDR, &ifr)< 0) + { + fprintf(stderr, "%s", "IOCTL ERROR"); + ::close(sock); + return; + } + sin = (struct sockaddr_in*)&ifr.ifr_addr; + ipaddr = ntohl((sin->sin_addr).s_addr); + ::close(sock); + myIp_ = GIp(ipaddr); + qDebug() << "My Ip Address:" << QString(myIp_); + return; } bool CaptivePortal::doOpen() @@ -56,8 +84,9 @@ bool CaptivePortal::doOpen() host_ = GIp(ip); qInfo() << "domain=" << redirectpage_ << "," << "ip=" << QString(host_); - setComponent(); + getIPAddress(); + setComponent(); if(!(writer_.open())) { qDebug() << "failed to open writer"; @@ -141,8 +170,18 @@ void CaptivePortal::processPacket(GPacket *packet) if (tcpHdr->dport() == 443) { - if (ipHdr->dip() != host_) - packet->ctrl.block_ = true; + packet->ctrl.block_ = true; + GBuf tcpData = packet->tcpData_; + + char* castedtcpdata = reinterpret_cast(tcpData.data_); + qDebug() << "tcpdata:" << castedtcpdata; + if (ipHdr->dip() != host_) { + qDebug() << "There is tls connection request"; + socket_.setSocketOpt(myIp_, 5050); + socket_.setIpHeader(*ipHdr); + socket_.setTcpHeader(*tcpHdr); + socket_.send(); + } return; } diff --git a/app/captiveportal/captiveportal.h b/app/captiveportal/captiveportal.h index 5fc939d..347cfaf 100755 --- a/app/captiveportal/captiveportal.h +++ b/app/captiveportal/captiveportal.h @@ -1,6 +1,7 @@ #pragma once #include "stdafx.h" +#include "werawclient.h" class CaptivePortal : public GStateObj { @@ -12,11 +13,14 @@ class CaptivePortal : public GStateObj GTcpBlock tcpblock_; GPcapDeviceWrite writer_; + WERawClient socket_; + GIp host_; public: QString intfname_; QString redirectpage_; + GIp myIp_; GIp gwIp_; public: @@ -25,6 +29,7 @@ class CaptivePortal : public GStateObj private: void setComponent(); + void getIPAddress(); protected: bool doOpen() override; diff --git a/app/captiveportal/captiveportal.pro b/app/captiveportal/captiveportal.pro index 867b0bb..8b10b39 100755 --- a/app/captiveportal/captiveportal.pro +++ b/app/captiveportal/captiveportal.pro @@ -1,6 +1,4 @@ -QT += widgets - -greaterThan(QT_MAJOR_VERSION, 4): QT += widgets +QT -= gui CONFIG += c++17 TEMPLATE = app @@ -11,33 +9,31 @@ include(../../cp.pri) DESTDIR = $${PWD}/../../bin +LIBS += -L../../../opensocket/lib -lopensocket -lssl -lcrypto -lpthread + SOURCES += \ - ../../src/socket.cpp \ - ../../src/udpclient.cpp \ - ../../src/udpsocket.cpp \ - ../../src/udpserver.cpp \ ../../src/httprequest.cpp \ ../../src/httpresponse.cpp \ - ../../src/tcpsocket.cpp \ - ../../src/tcpclient.cpp \ + ../../../opensocket/src/*.cpp \ + ../../../opensocket/src/base/*.cpp \ + werawclient.cpp \ captiveportal.cpp \ main.cpp \ + wesslserver.cpp \ weudpclient.cpp \ weudpserver.cpp \ weupdater.cpp HEADERS += \ - ../../src/socket.h \ - ../../src/udpclient.h \ - ../../src/udpsocket.h \ - ../../src/udpserver.h \ ../../src/httprequest.h \ ../../src/httpresponse.h \ - ../../src/tcpsocket.h \ - ../../src/tcpclient.h \ ../../src/http.h \ + ../../../opensocket/src/*.h \ + ../../../opensocket/src/base/*.h \ + werawclient.h \ captiveportal.h \ stdafx.h \ + wesslserver.h \ weudpclient.h \ weudpserver.h \ weupdater.h diff --git a/app/captiveportal/certkey-test/server.crt b/app/captiveportal/certkey-test/server.crt new file mode 100644 index 0000000..c173550 --- /dev/null +++ b/app/captiveportal/certkey-test/server.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDvTCCAqUCFG38JdC+WY+pyCSB2beHOcu0EArzMA0GCSqGSIb3DQEBCwUAMIGa +MQswCQYDVQQGEwJLUjEOMAwGA1UECAwFU2VvdWwxFjAUBgNVBAcMDURvbmdEYWVN +b29uR3UxEjAQBgNVBAoMCVdpRmlldmVudDESMBAGA1UECwwJV2lGaWV2ZW50MRUw +EwYDVQQDDAx3aWZpZXZlbnQuaW8xJDAiBgkqhkiG9w0BCQEWFXdpZmlldmVudDIx +QGdtYWlsLmNvbTAeFw0yMTExMjkxMjE4MjNaFw0zMTExMjcxMjE4MjNaMIGaMQsw +CQYDVQQGEwJLUjEOMAwGA1UECAwFU2VvdWwxFjAUBgNVBAcMDURvbmdEYWVNb29u +R3UxEjAQBgNVBAoMCVdpRmlldmVudDESMBAGA1UECwwJV2lGaWV2ZW50MRUwEwYD +VQQDDAx3aWZpZXZlbnQuaW8xJDAiBgkqhkiG9w0BCQEWFXdpZmlldmVudDIxQGdt +YWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM5ve73TXL9b +hb/LKImhge4V+S/tABMteCRvpw/3c3FtcVGzsKI7hQfKrH6V5C4+Q19J/QcSO7x/ +ZBg1gMGTBrls1vVkKlwfXBv4J/wfpUmnIH7VamKUSTYt/Y2zFdLMJ8km5pZK0jDV +Kfy51QaZ9exEZ9le7etPU858vaGRe0N2xr0BEGQXlggDJ43tZVDyrbR9z3WGc2QV +zNzC7M7M5t5A1pLdedCu/Zb8kg0+HV6IMv7LZFDvk2pWBZ/E/DP/1Ptk0XbC1EXb +BjQ3zhx1DmrQ8LShX7VJFWxVMVC28eGOO6aQqvRwGrbr8Smc5mvHal5aIHWBKhZR ++3HOHjV3EHUCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAAZk4hY3i/Qnw52m5TLaY +D32KczRcWVAxQVeADhoMqBvJnIS4USTlcsn26nSt/T00XYcaAJg3lYCrUVVgLhAD +3tmS0IKlFGj+afRvvjVacAme4bcqsyHtf187bE8qHjtR8Y3ywJovWdNcfICa31nT +2vJH8TYWxYzi5isy00jgnJcAAF7IMS2/JYe5EovQc6xNRvW9N1KDiTR4WBcQUlXN +L4mLgnDMrK8JpvrmegHDAgIbicagLMDcwqK0gfBdH31sf+sqn4fs7qu2iVXbZXBb +LB/lXI26DtLuyBrDdopSkNSDlspqDchlEbFuaHjo4meH9FuA9Z1yP7sV72Rt+xjS +uQ== +-----END CERTIFICATE----- diff --git a/app/captiveportal/certkey-test/server.csr b/app/captiveportal/certkey-test/server.csr new file mode 100644 index 0000000..ae90938 --- /dev/null +++ b/app/captiveportal/certkey-test/server.csr @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC4DCCAcgCAQAwgZoxCzAJBgNVBAYTAktSMQ4wDAYDVQQIDAVTZW91bDEWMBQG +A1UEBwwNRG9uZ0RhZU1vb25HdTESMBAGA1UECgwJV2lGaWV2ZW50MRIwEAYDVQQL +DAlXaUZpZXZlbnQxFTATBgNVBAMMDHdpZmlldmVudC5pbzEkMCIGCSqGSIb3DQEJ +ARYVd2lmaWV2ZW50MjFAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAzm97vdNcv1uFv8soiaGB7hX5L+0AEy14JG+nD/dzcW1xUbOwojuF +B8qsfpXkLj5DX0n9BxI7vH9kGDWAwZMGuWzW9WQqXB9cG/gn/B+lSacgftVqYpRJ +Ni39jbMV0swnySbmlkrSMNUp/LnVBpn17ERn2V7t609Tzny9oZF7Q3bGvQEQZBeW +CAMnje1lUPKttH3PdYZzZBXM3MLszszm3kDWkt150K79lvySDT4dXogy/stkUO+T +alYFn8T8M//U+2TRdsLURdsGNDfOHHUOatDwtKFftUkVbFUxULbx4Y47ppCq9HAa +tuvxKZzma8dqXlogdYEqFlH7cc4eNXcQdQIDAQABoAAwDQYJKoZIhvcNAQELBQAD +ggEBAJsjCpmFe7Erzyv3aF3iFb8mWBai4rbbNIypzwOeth0bfVUEGSHNog8L02ke +IQsHs67eu77aPYEpUmT9pOcKQkPtvRKMxR6cEVBbnpYQU/ry3nVfiRy25vTMUIEF +C07PW6iPI5mpwxD1R7OneClByJ0DtPBVFEHIO1jpWJdqJI7KdVEUzpQV3VvzH2Dw +s7BK78iZLrFqzQ5Cvtbftm7zzFXSa4npnzpWPEyHwnMxVCC8d9+oHyD+2oZHweeP +QnULs71BU7Rw7OQAikWF9felrXohjr+CkC0biD3gzlZolyTXjdfc1dDtNx0K7N1j +SdU6coe6PsrpceC2ovxVcnqYmgk= +-----END CERTIFICATE REQUEST----- diff --git a/app/captiveportal/certkey-test/server.key b/app/captiveportal/certkey-test/server.key new file mode 100644 index 0000000..42ff826 --- /dev/null +++ b/app/captiveportal/certkey-test/server.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAzm97vdNcv1uFv8soiaGB7hX5L+0AEy14JG+nD/dzcW1xUbOw +ojuFB8qsfpXkLj5DX0n9BxI7vH9kGDWAwZMGuWzW9WQqXB9cG/gn/B+lSacgftVq +YpRJNi39jbMV0swnySbmlkrSMNUp/LnVBpn17ERn2V7t609Tzny9oZF7Q3bGvQEQ +ZBeWCAMnje1lUPKttH3PdYZzZBXM3MLszszm3kDWkt150K79lvySDT4dXogy/stk +UO+TalYFn8T8M//U+2TRdsLURdsGNDfOHHUOatDwtKFftUkVbFUxULbx4Y47ppCq +9HAatuvxKZzma8dqXlogdYEqFlH7cc4eNXcQdQIDAQABAoIBAE1qT2xblD+K0fif +9l7Ou4wOn3lSlqGafqCjYnJBaQCTe1iZW1crnPLUFaYPDhgtb1SPyZzaQJ6q412U +yulM+suUvnQeESik9gTjJhONxo19aFlILXI0i9QOoTR/gWKg/xaXSQf5nSOE/Q7y +namxGSF2cb95sx14jUQ1UWQCy8f7WTXDCOplUUVr2wukqjPqrXZEhbYnQ4fTnZUc +gn5HTD2gWY2ArKg7uAFfNzH6OMK57BSQpDwRcbsX8R+OsOddbZKwA8ny8k1WQriw +rTf2oCJyjHnQOtpNQ989HpqpUryUOgGDruAbsA4gcZtsl+fJQnSYK1yxAVKKUt7M +gyT8cI0CgYEA9Zy9QXv1d0w6uM5fG7SbAZSMpKzUXpUKBRwRIWyBfcP1LA2kWM+o +9oAe1xktkJmZSoaSehQPvoita19wR/tXRZ88qePf61Iv6pMStkOCxZXeFs16O53k +7V4vFTaU9fRCjGGNr2TfX2Pxk1UFLqKDx432Cb60ZRPiyeKoKFvQq/MCgYEA1yqT +DEZYhGNrrng6eDpOWIugFlnF+Bxv6vO5BFzusK8V3++6FJFmMB4yZeRvmc+aTzMv +tYjdOscpwFPvqWCfQkn8HBhvjtEvTMNuV1Ppa1RlCOsH4qP9C1UaufkShbF0Z/PH +UySLAvK6CeB8ZIZz5FVuXrkWbt811mUath5Rc/cCgYEAj5ANY5B0O0YYcNtX5lbb +38GXr83B2IMfNztfm/zTd9KppRVYQf0nkuXyoOH7qzDM1C3ywl6lkUZMr506gSid +q3lXOSqUQPVqQp+y6UxuzNU72nJCh0RUgpZxyOF9koIyv+FpsuKwWg6OLwMcI1Uk +1+jXrnyE7yv/fOf6SJTaVRcCgYBt6MSGn6R1s+d8jtOnOHlux5v17tOugrA0v1zC +Osp+nGE7K9TMztz5NWOfIspTMnXrgQUc4RXJAZV1NisVRVL05KAQpfbOaFKWDrpd +h3KTrd+SZ6R2hDgtQsLNPsrUWipRM3idIuyTi/O2OeKw4vFuMKmZX0hzSDfTFYBI +iUIoTwKBgDFGhX2qpWBYpfYSCBLCflSTjFDof1TyynGKnXEXvf/wOBDw/LDPR8ct +u/K3B/ABwx38uMJVFCnBnG7R5kIDnPtwYYATqz9haYTDa+x5ALZqQKw1Rq/1i0/Q +DmMG1xn/qBIT4AIZCxXmHR8bXCPgUdzWjwy4+IVfKxQNPduIswUE +-----END RSA PRIVATE KEY----- diff --git a/app/captiveportal/certkey-test/server.key.origin b/app/captiveportal/certkey-test/server.key.origin new file mode 100644 index 0000000..392b4c9 --- /dev/null +++ b/app/captiveportal/certkey-test/server.key.origin @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,7793CBA27B88F988 + +l4aT2xJHOa8mtMCSTh8YEahmtWeeYkLpTReQtFnPIH3NeENNfzsa0ZAY0tEt38Z3 +yJSsh6/FIooDkXWpUpFSgZ0Xo9Ap2A9BVxcJJTg/B6boO8lXkMseV4kFvIE2WPRS +evf9WcjOqrofHkvq6HGLpv1rtYkWvKrdD2nc0c/kjYEzaZ7LMm0L/rsfGuEYFvau +o60EcNfJna+mkZ1UDu1CLlNxlC7KqMwzCCAcx6rI9gadpzWPmisd3/X2/RS16oGg +TyvWOax0frudvUYquyjSPcDXLo0MLCsIA3UfKn39oLk6bh43suTq60EqRiTdVW/f +j+IrXQvVqahxMzS2ByTSufThnp0MEOmKFCO7TdiGRvHi1z17Hr1j9PIwwIub9GbK +lfbFWBezgVlcLE6OWdZtAk8I/cLh5AnnYRRtk5BxjvSQd5TxoVX8TImrLPEYnlEd +jsa07L5NvP1xIDNtZKMeEmfNV95b/bhnJGt6YizFburAqUT70yMaSp5iHWaNDx1M +TEVm1hGFtX4Pfi3Ynn0Wi6Bqk0nv1SFdzTJzfvp0eKhteFSEHOs+k2RFvNBuqoBm +jL3H+Bli0RdoilKuQChrRWw2jU22j407hQXcLCO8LKP9jffOm1mkJUX5NQDjBxAp +xkvMVY2xmv8idffTwkC/F3s6A4BK8igsQDCz34qtGlhtBF6q9Mle5hIVNIXqptBl +IIodz9uYtuZ1HzHDBrfi5C+etpXn8dZOG+Avi8yJWQPXppJX3G69yqH4MSIs/Ehm +StO84clG50f5/T9ivhTvTTMK/vBR6Zn6i5FKsLtkveRZFb2PnNmeJJ8EKPO8tRv9 +OZZ949QYu9eAzOom3LKWASTZp0j+V7bzVqkZjlxUPpTeOnlfR0iI9orwOi4f9F2Z +AZSM3ZdPsyi5UIx2fn9dcOQ5XEEu93A8Qfyz4Nh00t+6tegjkx1kevOg1nNh1HY6 +w91dy6oeqAz9MfcHYpyFWBFMRdf5K+0bzAOhvSvu/0jmThEBgjCH/ZBrPWuVYAzI +2xA2p6mBTVGOBXiEippQESYFe92DbuqW+PfeCrinGe8KCVnokJ10Qhd7z7NsdHUQ +agR3jBSWyBldcOlZ2YaViC2i4s08Uzsppjp1GxemJgjRrz0dLOzdP1Nefoyq1Uov +jvkOTNsaxcLQO67h4bBuTSYO1MO3WC1mdswh74VBGYnOeu/U5QaXBwn6zQkPYWah +GYLXBuK3EL4K/J0L8a+9jMxD7zi2vNmpX4HWPWVUxKEjXwp7hEgMh7NCBiWYmJnF +0p0btk1kdV9CpCbgf+6TTG76YvLCabH+/58qR1NuAGo2w/5ZyYhUJyYyLId0DVFV +5VxKI31cj8A0bjN9jLP3mrR81Bd4r0U2Rrd0gM5WcdO8J7CJb0b0RlzQ3sYkwIOH +n/tdo70Dm7HsFS5hY8hvoVS65G6+Nf/azieKb80pOLLJ9qDca2XyWob5Bnn/XnUQ +6SZ5lFknV9K007KeuajqFTn9ypP1w7eGTWZWlnp0h0fHmBl2sTN0XS/wCbdZANu7 +ngnkcVJu4gRE8BnOZuEcyYcfrQ1dIC+tVlKMRzWH7x19NdwUHJqbnA== +-----END RSA PRIVATE KEY----- diff --git a/app/captiveportal/main.cpp b/app/captiveportal/main.cpp index aa37ad9..9df9e55 100755 --- a/app/captiveportal/main.cpp +++ b/app/captiveportal/main.cpp @@ -1,5 +1,6 @@ #include "weudpclient.h" #include "weudpserver.h" +#include "wesslserver.h" #include "captiveportal.h" const char* version() @@ -27,8 +28,11 @@ int main(int argc, char *argv[]) qInfo() << "CaptivePortal Started" << version(); } - WEUdpServer ws; - ws.start(7284); + WEUdpServer wus; + wus.start(7284); + WESslServer wss; + wss.redirectpage_ = "http://test.gilgil.net"; + wss.start(443, "./certkey-test/server.crt", "./certkey-test/server.key"); GRtmEntry* entry = GNetInfo::instance().rtm().getBestEntry(QString("8.8.8.8")); @@ -37,17 +41,18 @@ int main(int argc, char *argv[]) cp.gwIp_ = entry->intf()->gateway(); cp.redirectpage_ = "http://test.gilgil.net"; - QJsonObject jo = GJson::loadFromFile(); - if (!jo.isEmpty()) - jo["cp"] >> cp; - jo["cp"] << cp; - GJson::saveToFile(jo); + QJsonObject jo = GJson::loadFromFile(); + if (!jo.isEmpty()) + jo["cp"] >> cp; + jo["cp"] << cp; + GJson::saveToFile(jo); - GThreadMgr::suspendStart(); + GThreadMgr::suspendStart(); cp.open(); - GThreadMgr::resumeStart(); + GThreadMgr::resumeStart(); a.exec(); - ws.stop(); + wss.stop(); + wus.stop(); } diff --git a/app/captiveportal/stdafx.h b/app/captiveportal/stdafx.h index ff481fe..0522b5b 100755 --- a/app/captiveportal/stdafx.h +++ b/app/captiveportal/stdafx.h @@ -19,3 +19,20 @@ #include #include #include + +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +#include +#include +#include +#include diff --git a/app/captiveportal/werawclient.cpp b/app/captiveportal/werawclient.cpp new file mode 100644 index 0000000..f11594d --- /dev/null +++ b/app/captiveportal/werawclient.cpp @@ -0,0 +1,116 @@ +#include "werawclient.h" + +WERawClient::WERawClient() { + sock_ = socket(PF_INET, SOCK_RAW, IPPROTO_TCP); + if(sock_ == -1) + { + perror("Failed to create socket"); + exit(1); + } + memset(datagram_, 0, 4096); + + iph_ = (struct iphdr *)datagram_; + tcph_ = (struct tcphdr *)(datagram_ + sizeof(struct ip)); + data_ = datagram_ + sizeof(struct iphdr) + sizeof(struct tcphdr); +} + +unsigned short WERawClient::checkSum(unsigned short* ptr, int nbytes) { + long sum = 0; + unsigned short oddbyte; + short answer; + + while( nbytes > 1 ) { + sum += *ptr++; + nbytes -= 2; + } + if(nbytes==1) { + oddbyte = 0; + *((u_char*)&oddbyte) = *(u_char*)ptr; + sum += oddbyte; + } + + sum = (sum>>16) + (sum & 0xffff); + sum = sum + (sum>>16); + answer = (short)~sum; + + return answer; +} + +void WERawClient::setSocketOpt(GIp myip, int port) { + QString tlsip = QString(myip); + + memset(&sin_, 0, sizeof(sin_)); + sin_.sin_family = AF_INET; + sin_.sin_port = htons(port); + sin_.sin_addr.s_addr = inet_addr(qPrintable(tlsip)); + + int one = 1; + const int *val = &one; + + if (setsockopt(sock_, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0) { + perror("Error setting IP_HDRINCL"); + exit(0); + } +} + +void WERawClient::setIpHeader(GIpHdr iphdr) { + iph_->ihl = iphdr.hl(); + iph_->version = iphdr.v(); + iph_->tos = iphdr.tos(); + iph_->tot_len = iphdr.len(); + iph_->id = iphdr.id(); + iph_->frag_off = iphdr.off(); + iph_->ttl = iphdr.ttl(); + iph_->protocol = iphdr.p(); + + iph_->check = 0; + iph_->saddr = iphdr.sip_; + sip_ = QString(iphdr.sip()); + qDebug() << "This packet is from here:" << sip_; + iph_->daddr = sin_.sin_addr.s_addr; + + iph_->check = checkSum((unsigned short *)datagram_, iph_->tot_len); +} + +void WERawClient::setTcpHeader(GTcpHdr tcphdr) { + //TCP Header + tcph_->source = tcphdr.sport_; + tcph_->dest = tcphdr.dport_; + tcph_->seq = tcphdr.seq(); + tcph_->ack_seq = tcphdr.ack(); + tcph_->doff = tcphdr.off(); //tcp header size + tcph_->fin = tcphdr.flags_ & 0x01; + tcph_->syn = tcphdr.flags_ >> 1 & 0x01; + tcph_->rst = tcphdr.flags_ >> 2 & 0x01; + tcph_->psh = tcphdr.flags_ >> 3 & 0x01; + tcph_->ack = tcphdr.flags_ >> 4 & 0x01; + tcph_->urg = tcphdr.flags_ >> 5 & 0x01; + tcph_->window = tcphdr.win_; /* maximum allowed window size */ + tcph_->check = 0; //leave checksum 0 now, filled later by pseudo header + tcph_->urg_ptr = tcphdr.urp_; + + //Now the TCP checksum + psh_.source_address = inet_addr( qPrintable(sip_) ); + psh_.dest_address = sin_.sin_addr.s_addr; + psh_.placeholder = 0; + psh_.protocol = IPPROTO_TCP; + psh_.tcp_length = htons(sizeof(struct tcphdr) + strlen(data_)); + + int psize = sizeof(struct PseudoHeader) + sizeof(struct tcphdr) + strlen(data_); + pseudogram_ = (char*)malloc(psize); + + memcpy(pseudogram_, (char*)&psh_, sizeof(struct PseudoHeader)); + memcpy(pseudogram_ + sizeof(struct PseudoHeader), tcph_, sizeof(struct tcphdr) + strlen(data_)); + + tcph_->check = checkSum((unsigned short*)pseudogram_, psize); +} + +void WERawClient::send() { + qDebug() << "Sending data to tls server data is down below..."; + if (sendto(sock_, datagram_, iph_->tot_len , 0, (struct sockaddr *)&sin_, sizeof(sin_)) < 0) { + qDebug() << "sendto failed"; + } + else { + qDebug() << "Packet Send. Length : " << iph_->tot_len; + } +} diff --git a/app/captiveportal/werawclient.h b/app/captiveportal/werawclient.h new file mode 100644 index 0000000..1ea7eac --- /dev/null +++ b/app/captiveportal/werawclient.h @@ -0,0 +1,43 @@ +#pragma once + +#include "stdafx.h" + +struct PseudoHeader +{ + u_int32_t source_address; + u_int32_t dest_address; + u_int8_t placeholder; + u_int8_t protocol; + u_int16_t tcp_length; +}; + +class WERawClient +{ + int sock_; + char datagram_[4096], *data_, *pseudogram_; + QString sip_; + struct iphdr *iph_; + + struct tcphdr *tcph_; + struct sockaddr_in sin_; + struct PseudoHeader psh_; + +public: + WERawClient(); + ~WERawClient() {} + +private: + unsigned short checkSum(unsigned short* ptr, int nbytes); + +public: + void setSocketOpt(GIp myip, int port); + void setIpHeader(GIpHdr iphdr); + void setTcpHeader(GTcpHdr tcphdr); + void send(); +}; + +/* +setSocketOpt(); +setIpHeader(); +setTcpHeader(); +*/ diff --git a/app/captiveportal/wesslserver.cpp b/app/captiveportal/wesslserver.cpp new file mode 100644 index 0000000..5e91c9b --- /dev/null +++ b/app/captiveportal/wesslserver.cpp @@ -0,0 +1,27 @@ +#include "wesslserver.h" + +WESslServer::WESslServer() +{ + +} + +void WESslServer::handleClnt(SslClientSocket* clntsock) { + char buffer[BUFSIZE]; + std::string message = "HTTP/1.0 302 Redirect\r\n" + "Location: "+redirectpage_+"\r\n" + "\r\n"; + int len = 0; + while((len = clntsock->recv(buffer, BUFSIZE)) != -1) { + if(len == 0) { + spdlog::info("clntsock is shutdown"); + return; + } + spdlog::info("recv data from client"); + if(strncmp(buffer, "GET ", 4) == 0) + { + spdlog::info("send redirect data to client"); + clntsock->send(message.data(), message.length() + 1); + } + } + return; +} diff --git a/app/captiveportal/wesslserver.h b/app/captiveportal/wesslserver.h new file mode 100644 index 0000000..4815864 --- /dev/null +++ b/app/captiveportal/wesslserver.h @@ -0,0 +1,16 @@ +#pragma once +#include "sslserver.h" +#include "stdafx.h" + +class WESslServer : public SslServer +{ +public: + std::string redirectpage_; + +public: + WESslServer(); + ~WESslServer() {} + +protected: + void handleClnt(SslClientSocket* clntsock) override; +}; diff --git a/app/captiveportal/weudpserver.cpp b/app/captiveportal/weudpserver.cpp index 1a1d4dc..8ea2a80 100755 --- a/app/captiveportal/weudpserver.cpp +++ b/app/captiveportal/weudpserver.cpp @@ -4,7 +4,7 @@ void WEUdpServer::start(int port) { bind(port); - t1 = new std::thread(&WEUdpServer::handleCnt, this); + t1 = new std::thread(&WEUdpServer::handleClnt, this); } void WEUdpServer::stop() { @@ -15,7 +15,7 @@ void WEUdpServer::stop() { t1->join(); } -void WEUdpServer::handleCnt() { +void WEUdpServer::handleClnt() { char buf[BUFSIZ]; while(check) { qDebug() << "server running"; diff --git a/app/captiveportal/weudpserver.h b/app/captiveportal/weudpserver.h index 27000d7..92f53e2 100755 --- a/app/captiveportal/weudpserver.h +++ b/app/captiveportal/weudpserver.h @@ -2,6 +2,7 @@ #define WEUDPSERVER_H #include "udpserver.h" +#include "stdafx.h" class WEUdpServer : public UdpServer { @@ -16,7 +17,7 @@ class WEUdpServer : public UdpServer void start(int port); void stop(); - void handleCnt(); + void handleClnt(); }; #endif // WEUDPSERVER_H diff --git a/app/rawsocket-test/main.cpp b/app/rawsocket-test/main.cpp new file mode 100644 index 0000000..7873f66 --- /dev/null +++ b/app/rawsocket-test/main.cpp @@ -0,0 +1,11 @@ +#include "werawclient.h" + +int main() +{ + WERawClient wec; + + wec.setSocketOpt("192.168.1.16", 443); + wec.setIpHeader(*ipHdr); + wec.setTcpHeader(*tcpHdr); + wec.send(); +} diff --git a/app/rawsocket-test/rawsocket-test.pro b/app/rawsocket-test/rawsocket-test.pro new file mode 100644 index 0000000..99d2d25 --- /dev/null +++ b/app/rawsocket-test/rawsocket-test.pro @@ -0,0 +1,20 @@ +QT -= gui + +CONFIG += c++11 console +CONFIG -= app_bundle + +DESTDIR = $${PWD}/../../bin + +include(../../../g/g.pri) + +INCLUDEPATH += $${PWD}/../../../opensocket/src +INCLUDEPATH += $${PWD}/../../../opensocket/external + +LIBS += -L../../../opensocket/lib -lopensocket -lssl -lcrypto -lpthread + +SOURCES += \ + werawclient.cpp \ + main.cpp + +HEADERS += \ + werawclient.h diff --git a/app/rawsocket-test/werawclient.cpp b/app/rawsocket-test/werawclient.cpp new file mode 100644 index 0000000..3179d62 --- /dev/null +++ b/app/rawsocket-test/werawclient.cpp @@ -0,0 +1,114 @@ +#include "werawclient.h" + +WERawClient::WERawClient() { + sock_ = socket(PF_INET, SOCK_RAW, IPPROTO_TCP); + if(sock_ == -1) + { + perror("Failed to create socket"); + exit(1); + } + memset(datagram_, 0, 4096); + + iph_ = (struct iphdr *)datagram_; + tcph_ = (struct tcphdr *)(datagram_ + sizeof(struct ip)); + data_ = datagram_ + sizeof(struct iphdr) + sizeof(struct tcphdr); +} + +unsigned short WERawClient::checkSum(unsigned short* ptr, int nbytes) { + long sum = 0; + unsigned short oddbyte; + short answer; + + while( nbytes > 1 ) { + sum += *ptr++; + nbytes -= 2; + } + if(nbytes==1) { + oddbyte = 0; + *((u_char*)&oddbyte) = *(u_char*)ptr; + sum += oddbyte; + } + + sum = (sum>>16) + (sum & 0xffff); + sum = sum + (sum>>16); + answer = (short)~sum; + + return answer; +} + +void WERawClient::setSocketOpt(std::string ip, int port) { + memset(&sin_, 0, sizeof(sin_)); + sin_.sin_family = AF_INET; + sin_.sin_port = htons(port); + sin_.sin_addr.s_addr = inet_addr(ip.c_str()); + + int one = 1; + const int *val = &one; + + if (setsockopt(sock_, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0) { + perror("Error setting IP_HDRINCL"); + exit(0); + } +} + +//destination, ttl +void WERawClient::setIpHeader(GIpHdr iphdr) { + sip_ = iphdr.sip(); + + iph_->ihl = iphdr.hl(); + iph_->version = iphdr.v(); + iph_->tos = iphdr.tos(); + iph_->tot_len = iphdr.len(); + iph_->id = iphdr.id(); + iph_->frag_off = iphdr.off(); + iph_->ttl = iphdr.ttl(); + iph_->protocol = iphdr.p(); + + iph_->check = 0; + iph_->saddr = inet_addr( qPrintable(sip_) ); + iph_->daddr = sin_.sin_addr.s_addr; + + iph_->check = checkSum((unsigned short *)datagram_, iph_->tot_len); +} + +void WERawClient::setTcpHeader(GTcpHdr tcphdr) { + //TCP Header + tcph_->source = tcphdr.sport_; + tcph_->dest = tcphdr.dport_; + tcph_->seq = tcphdr.seq(); + tcph_->ack_seq = tcphdr.ack(); + tcph_->doff = tcphdr.off(); //tcp header size + tcph_->fin = tcphdr.flags_; + tcph_->syn = tcphdr.flags_ >> 1; + tcph_->rst = tcphdr.flags_ >> 2; + tcph_->psh = tcphdr.flags_ >> 3; + tcph_->ack = tcphdr.flags_ >> 4; + tcph_->urg = tcphdr.flags_ >> 5; + tcph_->window = tcphdr.win_; /* maximum allowed window size */ + tcph_->check = 0; //leave checksum 0 now, filled later by pseudo header + tcph_->urg_ptr = tcphdr.urp_; + + //Now the TCP checksum + psh_.source_address = inet_addr( qPrintable(sip_) ); + psh_.dest_address = sin_.sin_addr.s_addr; + psh_.placeholder = 0; + psh_.protocol = IPPROTO_TCP; + psh_.tcp_length = htons(sizeof(struct tcphdr) + strlen(data_)); + + int psize = sizeof(struct PseudoHeader) + sizeof(struct tcphdr) + strlen(data_); + pseudogram_ = (char*)malloc(psize); + + memcpy(pseudogram_, (char*)&psh_, sizeof(struct PseudoHeader)); + memcpy(pseudogram_ + sizeof(struct PseudoHeader), tcph_, sizeof(struct tcphdr) + strlen(data_)); + + tcph_->check = checkSum((unsigned short*)pseudogram_, psize); +} + +void WERawClient::send() { + if (sendto(sock_, datagram_, iph_->tot_len , 0, (struct sockaddr *)&sin_, sizeof(sin_)) < 0) { + qDebug() << "sendto failed"; + } + else { + qDebug() << "Packet Send. Length : " << iph_->tot_len; + } +} diff --git a/app/rawsocket-test/werawclient.h b/app/rawsocket-test/werawclient.h new file mode 100644 index 0000000..70fb5a1 --- /dev/null +++ b/app/rawsocket-test/werawclient.h @@ -0,0 +1,68 @@ +#pragma once + +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +struct PseudoHeader +{ + u_int32_t source_address; + u_int32_t dest_address; + u_int8_t placeholder; + u_int8_t protocol; + u_int16_t tcp_length; +}; + +class WERawClient +{ + int sock_; + char datagram_[4096], *data_, *pseudogram_; + QString sip_; + struct iphdr *iph_; + + struct tcphdr *tcph_; + struct sockaddr_in sin_; + struct PseudoHeader psh_; + +public: + WERawClient(); + ~WERawClient() {} + +private: + unsigned short checkSum(unsigned short* ptr, int nbytes); + +public: + void setSocketOpt(std::string ip, int port); + void setIpHeader(GIpHdr iphdr); + void setTcpHeader(GTcpHdr tcphdr); + void send(); +}; + +/* +setSocketOpt(); +setIpHeader(); +setTcpHeader(); +*/ From e45fcc02f043b684145c5d9ce840653809eadb6c Mon Sep 17 00:00:00 2001 From: maro5397 Date: Sat, 11 Dec 2021 14:51:48 -0500 Subject: [PATCH 04/28] =?UTF-8?q?=E2=9C=85=20build:=20have=20to=20build=20?= =?UTF-8?q?with=20opensocket=20at=20same=20dir=20that=20located=20at=20cp-?= =?UTF-8?q?QT?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cp.pri | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cp.pri b/cp.pri index c7cca2b..49b2548 100755 --- a/cp.pri +++ b/cp.pri @@ -1,4 +1,7 @@ # # include path # -INCLUDEPATH *= $${PWD}/src \ No newline at end of file +INCLUDEPATH *= $${PWD}/src + +INCLUDEPATH += $${PWD}/../opensocket/src +INCLUDEPATH += $${PWD}/../opensocket/external From 55e8e47cdc926cf52f9e874a4890e4548dc83502 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Sat, 11 Dec 2021 14:52:41 -0500 Subject: [PATCH 05/28] =?UTF-8?q?=F0=9F=94=A5=20revert:=20delete=20all=20s?= =?UTF-8?q?ocket=20code=20in=20src?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/socket.cpp | 6 ------ src/socket.h | 37 ---------------------------------- src/tcpclient.cpp | 25 ----------------------- src/tcpclient.h | 15 -------------- src/tcpsocket.cpp | 51 ----------------------------------------------- src/tcpsocket.h | 15 -------------- src/udpclient.cpp | 39 ------------------------------------ src/udpclient.h | 19 ------------------ src/udpserver.cpp | 38 ----------------------------------- src/udpserver.h | 21 ------------------- src/udpsocket.cpp | 51 ----------------------------------------------- src/udpsocket.h | 24 ---------------------- 12 files changed, 341 deletions(-) delete mode 100755 src/socket.cpp delete mode 100755 src/socket.h delete mode 100755 src/tcpclient.cpp delete mode 100755 src/tcpclient.h delete mode 100755 src/tcpsocket.cpp delete mode 100755 src/tcpsocket.h delete mode 100755 src/udpclient.cpp delete mode 100755 src/udpclient.h delete mode 100755 src/udpserver.cpp delete mode 100755 src/udpserver.h delete mode 100755 src/udpsocket.cpp delete mode 100755 src/udpsocket.h diff --git a/src/socket.cpp b/src/socket.cpp deleted file mode 100755 index 4c374b6..0000000 --- a/src/socket.cpp +++ /dev/null @@ -1,6 +0,0 @@ -#include "socket.h" - -Socket::Socket() -{ - -} diff --git a/src/socket.h b/src/socket.h deleted file mode 100755 index 6ce38b3..0000000 --- a/src/socket.h +++ /dev/null @@ -1,37 +0,0 @@ -#ifndef SOCKET_H -#define SOCKET_H - -# include -# include -# include -# include - -#include -#include - -#include - -#ifdef Q_OS_WIN -#include -#endif - -#ifdef Q_OS_LINUX -# include -# include -# include -#endif - -#define BUFSIZE 65536 - -class Socket -{ -public: - Socket(); - virtual ~Socket() {} - - virtual int disconnect() = 0; - virtual int send(char* buf, size_t len) = 0; - virtual int recv(char* buf, size_t len) = 0; -}; - -#endif // SOCKET_H diff --git a/src/tcpclient.cpp b/src/tcpclient.cpp deleted file mode 100755 index 360f31d..0000000 --- a/src/tcpclient.cpp +++ /dev/null @@ -1,25 +0,0 @@ -#include "tcpclient.h" - -using namespace std; - -TcpClient::TcpClient() -{ -} - -TcpClient::~TcpClient() -{ -} - -int TcpClient::connect(string ip, int port) //connect -{ - memset(&sockaddr_, 0, sizeof(sockaddr_)); - sockaddr_.sin_family=AF_INET; - sockaddr_.sin_addr.s_addr=inet_addr(ip.c_str()); - sockaddr_.sin_port=htons(port); - return ::connect( - sock_, - (struct sockaddr*)&(sockaddr_), - sizeof(sockaddr_) - ); - //success 0, fail -1 -} diff --git a/src/tcpclient.h b/src/tcpclient.h deleted file mode 100755 index 95ebeda..0000000 --- a/src/tcpclient.h +++ /dev/null @@ -1,15 +0,0 @@ -#pragma once -#include "tcpsocket.h" - -class TcpClient : public TcpSocket //tcp -{ - - -public: - //how about get TcpSocket* tcpsock_ for arg - TcpClient(); - ~TcpClient(); - -public: - int connect(std::string ip, int port); -}; diff --git a/src/tcpsocket.cpp b/src/tcpsocket.cpp deleted file mode 100755 index 7fd530b..0000000 --- a/src/tcpsocket.cpp +++ /dev/null @@ -1,51 +0,0 @@ -#include "tcpsocket.h" - -TcpSocket::TcpSocket() -{ - if((sock_=socket(PF_INET, SOCK_STREAM, 0)) < 0) - { - qDebug() << "server socket create failed"; - } -} - -TcpSocket::~TcpSocket() -{ - disconnect(); -} - -int TcpSocket::send(char *buf, size_t len) -{ - return ::send(sock_, buf, len, 0); - //success sent data length, fail -1 -} - -int TcpSocket::recv(char *buf, size_t len) -{ - int recv_len; - memset(buf, '\0', len); - recv_len = ::recv(this->sock_, buf, len, 0); - if(recv_len==-1) - { - qDebug() << "Can't recv data"; - } - return recv_len; -} - -int TcpSocket::disconnect() -{ - int result = 0; - if(sock_ != 0) - { -#ifdef Q_OS_WIN - ::shutdown(sock_, SD_BOTH); - result = ::closesocket(sock_); -#endif -#ifdef Q_OS_LINUX - ::shutdown(sock_, SHUT_RDWR); - result = ::close(sock_); -#endif - sock_ = 0; - } - return result; - //success 0, fail -1 -} diff --git a/src/tcpsocket.h b/src/tcpsocket.h deleted file mode 100755 index 471451f..0000000 --- a/src/tcpsocket.h +++ /dev/null @@ -1,15 +0,0 @@ -#include "socket.h" - -class TcpSocket : public Socket -{ -public: - int sock_{0}; - struct sockaddr_in sockaddr_; - -public: - TcpSocket(); - ~TcpSocket() override; - int send(char* buf, size_t len) override; - int recv(char* buf, size_t len) override; - int disconnect() override; -}; diff --git a/src/udpclient.cpp b/src/udpclient.cpp deleted file mode 100755 index 09591a9..0000000 --- a/src/udpclient.cpp +++ /dev/null @@ -1,39 +0,0 @@ -#include "udpclient.h" - -bool UdpClient::setSocketBroadcastable() -{ - int optval = 1; -#ifdef Q_OS_WIN - int res = setsockopt(sock_, SOL_SOCKET, SO_BROADCAST, (char *) &optval, sizeof(optval)); -#endif -#ifdef Q_OS_LINUX - int res = setsockopt(sock_, SOL_SOCKET, SO_BROADCAST, &optval, sizeof(optval)); -#endif - if (res == -1) - { - perror("setsockopt"); - return false; - } - return true; -} - -void UdpClient::setSockAddr(std::string ip, int port) -{ - memset(&sockAddr_, 0, sizeof(sockAddr_)); - sockAddr_.sin_family = AF_INET; - sockAddr_.sin_port = htons(port); - sockAddr_.sin_addr.s_addr = inet_addr(ip.c_str()); - memset(&sockAddr_.sin_zero, 0, sizeof(sockAddr_.sin_zero)); -} - -void UdpClient::setRecvTimeout(int sec, int millisec) -{ - struct timeval optVal = {sec, millisec}; //sec, millisec - int optLen = sizeof(optVal); -#ifdef Q_OS_WIN - setsockopt(sock_, SOL_SOCKET, SO_RCVTIMEO, (char *) &optVal, optLen); -#endif -#ifdef Q_OS_LINUX - setsockopt(sock_, SOL_SOCKET, SO_RCVTIMEO, &optVal, optLen); -#endif -} diff --git a/src/udpclient.h b/src/udpclient.h deleted file mode 100755 index 382d35b..0000000 --- a/src/udpclient.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef UDPCLIENT_H -#define UDPCLIENT_H - -#include "udpsocket.h" -#include - -class UdpClient : public UdpSocket -{ -public: - UdpClient() {} - ~UdpClient() {} - -public: - bool setSocketBroadcastable(); - void setSockAddr(std::string ip, int port); - void setRecvTimeout(int sec, int millisec); -}; - -#endif // UDPCLIENT_H diff --git a/src/udpserver.cpp b/src/udpserver.cpp deleted file mode 100755 index 8d2a2ae..0000000 --- a/src/udpserver.cpp +++ /dev/null @@ -1,38 +0,0 @@ -#include "udpserver.h" - -UdpServer::UdpServer() -{ - setSockOptforReuse(); -} - -UdpServer::~UdpServer() -{ - -} - -bool UdpServer::bind(int port) -{ - memset(&sockAddr_, 0, sizeof(sockAddr_)); - sockAddr_.sin_family=AF_INET; - sockAddr_.sin_addr.s_addr=INADDR_ANY; - sockAddr_.sin_port=htons(port); - if(::bind(sock_, (struct sockaddr*)&sockAddr_, sizeof(sockAddr_))==-1) - { - qDebug() << "bind() error"; - return false; - } - return true; -} - -int UdpServer::setSockOptforReuse() -{ - int optval = 1; - int result = 1; -#ifdef Q_OS_WIN - result = setsockopt(sock_, SOL_SOCKET, SO_REUSEADDR, (char *)&optval, sizeof(optval)); -#endif -#ifdef Q_OS_LINUX - result = setsockopt(sock_, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval)); -#endif - return result; //success 0, fail -1 -} diff --git a/src/udpserver.h b/src/udpserver.h deleted file mode 100755 index 1752021..0000000 --- a/src/udpserver.h +++ /dev/null @@ -1,21 +0,0 @@ -#ifndef UDPSERVER_H -#define UDPSERVER_H - -#include "udpsocket.h" -#include -#include - -class UdpServer : public UdpSocket -{ -public: - UdpServer(); - ~UdpServer(); - - bool bind(int port); - -protected: - int setSockOptforReuse(); - -}; - -#endif // UDPSERVER_H diff --git a/src/udpsocket.cpp b/src/udpsocket.cpp deleted file mode 100755 index 43a5f5b..0000000 --- a/src/udpsocket.cpp +++ /dev/null @@ -1,51 +0,0 @@ -#include "udpsocket.h" - -UdpSocket::UdpSocket() -{ - if((sock_=socket(PF_INET, SOCK_DGRAM, 0)) < 0) - { - qDebug() << "socket create failed"; - } -} - -UdpSocket::~UdpSocket() -{ - disconnect(); -} - -int UdpSocket::send(char *buf, size_t len) -{ - return ::sendto(sock_, buf, len, 0, (struct sockaddr*)&sockAddr_, sizeof(sockAddr_)); -} - -int UdpSocket::recv(char *buf, size_t len) -{ -#ifdef Q_OS_WIN - int sockLen = sizeof(sockAddr_); -#endif -#ifdef Q_OS_LINUX - socklen_t sockLen = sizeof(sockAddr_); -#endif - memset(buf, 0, len); - ssize_t res = ::recvfrom(sock_, buf, len, 0, (struct sockaddr*)&sockAddr_, &sockLen); - return res; -} - -int UdpSocket::disconnect() -{ - int result = 0; - if(sock_ != 0) - { -#ifdef Q_OS_WIN - ::shutdown(sock_, SD_BOTH); - result = ::closesocket(sock_); -#endif -#ifdef Q_OS_LINUX - ::shutdown(sock_, SHUT_RDWR); - result = ::close(sock_); -#endif - sock_ = 0; - } - return result; - //success 0, fail -1 -} diff --git a/src/udpsocket.h b/src/udpsocket.h deleted file mode 100755 index b2fde0a..0000000 --- a/src/udpsocket.h +++ /dev/null @@ -1,24 +0,0 @@ -#ifndef UDPSOCKET_H -#define UDPSOCKET_H - -#include - -#include "socket.h" - -class UdpSocket : public Socket -{ -public: - int sock_{0}; - struct sockaddr_in sockAddr_; - -public: - UdpSocket(); - ~UdpSocket() override; - - int send(char *buf, size_t len) override; - int recv(char* buf, size_t len) override; - int disconnect() override; - -}; - -#endif // UDPSOCKET_H From afea1f7445f1c6fe88451786235d3f9bc6dbecba Mon Sep 17 00:00:00 2001 From: maro5397 Date: Sun, 12 Dec 2021 06:13:35 -0500 Subject: [PATCH 06/28] =?UTF-8?q?=F0=9F=9A=9A=20move=20cert=20files=20to?= =?UTF-8?q?=20bin?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 3 ++- {app/captiveportal => bin}/certkey-test/server.crt | 0 {app/captiveportal => bin}/certkey-test/server.csr | 0 {app/captiveportal => bin}/certkey-test/server.key | 0 {app/captiveportal => bin}/certkey-test/server.key.origin | 0 5 files changed, 2 insertions(+), 1 deletion(-) rename {app/captiveportal => bin}/certkey-test/server.crt (100%) rename {app/captiveportal => bin}/certkey-test/server.csr (100%) rename {app/captiveportal => bin}/certkey-test/server.key (100%) rename {app/captiveportal => bin}/certkey-test/server.key.origin (100%) diff --git a/.gitignore b/.gitignore index 44da3df..b1b574d 100755 --- a/.gitignore +++ b/.gitignore @@ -71,5 +71,6 @@ Thumbs.db *.dll *.exe -bin/ +bin/log +bin/captiveportal* build-*/ diff --git a/app/captiveportal/certkey-test/server.crt b/bin/certkey-test/server.crt similarity index 100% rename from app/captiveportal/certkey-test/server.crt rename to bin/certkey-test/server.crt diff --git a/app/captiveportal/certkey-test/server.csr b/bin/certkey-test/server.csr similarity index 100% rename from app/captiveportal/certkey-test/server.csr rename to bin/certkey-test/server.csr diff --git a/app/captiveportal/certkey-test/server.key b/bin/certkey-test/server.key similarity index 100% rename from app/captiveportal/certkey-test/server.key rename to bin/certkey-test/server.key diff --git a/app/captiveportal/certkey-test/server.key.origin b/bin/certkey-test/server.key.origin similarity index 100% rename from app/captiveportal/certkey-test/server.key.origin rename to bin/certkey-test/server.key.origin From 6f44f4531b18181587736e8601cf0da2b8c28584 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Sun, 12 Dec 2021 11:44:48 -0500 Subject: [PATCH 07/28] =?UTF-8?q?=F0=9F=9A=9A=20modify=20cert=20file=20pat?= =?UTF-8?q?h?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/main.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/captiveportal/main.cpp b/app/captiveportal/main.cpp index 9df9e55..3fe4ab3 100755 --- a/app/captiveportal/main.cpp +++ b/app/captiveportal/main.cpp @@ -32,7 +32,7 @@ int main(int argc, char *argv[]) wus.start(7284); WESslServer wss; wss.redirectpage_ = "http://test.gilgil.net"; - wss.start(443, "./certkey-test/server.crt", "./certkey-test/server.key"); + wss.start(443, "../../bin/certkey-test/server.crt", "../../bin/certkey-test/server.key"); GRtmEntry* entry = GNetInfo::instance().rtm().getBestEntry(QString("8.8.8.8")); From 7c3df95c87f42fa5564c3018c97efc8be4fc0ff2 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Sun, 12 Dec 2021 11:45:49 -0500 Subject: [PATCH 08/28] =?UTF-8?q?=F0=9F=9A=A7=20fix:=20rawsocket=20packet?= =?UTF-8?q?=20doesn't=20detected=20in=20wireshark?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.cpp | 15 ++-- app/captiveportal/werawclient.cpp | 120 +++++++++------------------- app/captiveportal/werawclient.h | 35 ++------ 3 files changed, 49 insertions(+), 121 deletions(-) diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index 8580a1d..67f90ca 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -6,6 +6,8 @@ CaptivePortal::CaptivePortal() capturer_.hostDetect_.checkArp_ = true; capturer_.hostDetect_.checkIp_ = true; + capturer_.internalFilter_ = "ether host 2C:8D:B1:E9:43:7D or ether host 64:EE:B7:93:E7:D0"; + tcpblock_.backwardBlockType_ = GTcpBlock::Fin; QObject::connect( @@ -171,16 +173,13 @@ void CaptivePortal::processPacket(GPacket *packet) if (tcpHdr->dport() == 443) { packet->ctrl.block_ = true; - GBuf tcpData = packet->tcpData_; - - char* castedtcpdata = reinterpret_cast(tcpData.data_); - qDebug() << "tcpdata:" << castedtcpdata; + GPacket cpypacket; + memcpy(&cpypacket, packet, sizeof(GPacket)); if (ipHdr->dip() != host_) { qDebug() << "There is tls connection request"; - socket_.setSocketOpt(myIp_, 5050); - socket_.setIpHeader(*ipHdr); - socket_.setTcpHeader(*tcpHdr); - socket_.send(); + socket_.setSocketOpt(myIp_); + socket_.setHeader(&cpypacket); + socket_.send(&cpypacket); } return; } diff --git a/app/captiveportal/werawclient.cpp b/app/captiveportal/werawclient.cpp index f11594d..c19b534 100644 --- a/app/captiveportal/werawclient.cpp +++ b/app/captiveportal/werawclient.cpp @@ -1,4 +1,5 @@ #include "werawclient.h" +#include WERawClient::WERawClient() { sock_ = socket(PF_INET, SOCK_RAW, IPPROTO_TCP); @@ -6,111 +7,62 @@ WERawClient::WERawClient() { { perror("Failed to create socket"); exit(1); - } - memset(datagram_, 0, 4096); - - iph_ = (struct iphdr *)datagram_; - tcph_ = (struct tcphdr *)(datagram_ + sizeof(struct ip)); - data_ = datagram_ + sizeof(struct iphdr) + sizeof(struct tcphdr); -} - -unsigned short WERawClient::checkSum(unsigned short* ptr, int nbytes) { - long sum = 0; - unsigned short oddbyte; - short answer; - - while( nbytes > 1 ) { - sum += *ptr++; - nbytes -= 2; - } - if(nbytes==1) { - oddbyte = 0; - *((u_char*)&oddbyte) = *(u_char*)ptr; - sum += oddbyte; - } - - sum = (sum>>16) + (sum & 0xffff); - sum = sum + (sum>>16); - answer = (short)~sum; - - return answer; + } } -void WERawClient::setSocketOpt(GIp myip, int port) { +void WERawClient::setSocketOpt(GIp myip) { QString tlsip = QString(myip); memset(&sin_, 0, sizeof(sin_)); sin_.sin_family = AF_INET; - sin_.sin_port = htons(port); - sin_.sin_addr.s_addr = inet_addr(qPrintable(tlsip)); + //sin_.sin_addr.s_addr = inet_addr(qPrintable(tlsip)); + sin_.sin_addr.s_addr = inet_addr("4.4.4.4"); int one = 1; const int *val = &one; - if (setsockopt(sock_, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0) { + if (setsockopt(sock_, IPPROTO_IP, IP_HDRINCL, val, sizeof(one)) < 0) { perror("Error setting IP_HDRINCL"); exit(0); } } -void WERawClient::setIpHeader(GIpHdr iphdr) { - iph_->ihl = iphdr.hl(); - iph_->version = iphdr.v(); - iph_->tos = iphdr.tos(); - iph_->tot_len = iphdr.len(); - iph_->id = iphdr.id(); - iph_->frag_off = iphdr.off(); - iph_->ttl = iphdr.ttl(); - iph_->protocol = iphdr.p(); - - iph_->check = 0; - iph_->saddr = iphdr.sip_; - sip_ = QString(iphdr.sip()); - qDebug() << "This packet is from here:" << sip_; - iph_->daddr = sin_.sin_addr.s_addr; - - iph_->check = checkSum((unsigned short *)datagram_, iph_->tot_len); -} - -void WERawClient::setTcpHeader(GTcpHdr tcphdr) { - //TCP Header - tcph_->source = tcphdr.sport_; - tcph_->dest = tcphdr.dport_; - tcph_->seq = tcphdr.seq(); - tcph_->ack_seq = tcphdr.ack(); - tcph_->doff = tcphdr.off(); //tcp header size - tcph_->fin = tcphdr.flags_ & 0x01; - tcph_->syn = tcphdr.flags_ >> 1 & 0x01; - tcph_->rst = tcphdr.flags_ >> 2 & 0x01; - tcph_->psh = tcphdr.flags_ >> 3 & 0x01; - tcph_->ack = tcphdr.flags_ >> 4 & 0x01; - tcph_->urg = tcphdr.flags_ >> 5 & 0x01; - tcph_->window = tcphdr.win_; /* maximum allowed window size */ - tcph_->check = 0; //leave checksum 0 now, filled later by pseudo header - tcph_->urg_ptr = tcphdr.urp_; +void WERawClient::setHeader(GPacket* packet) { + qDebug() << "This packet is from here:" << QString(packet->ipHdr_->sip()); + packet->ipHdr_->dip_ = sin_.sin_addr.s_addr; + packet->ipHdr_->sum_ = htons(GIpHdr::calcChecksum(packet->ipHdr_)); //Now the TCP checksum - psh_.source_address = inet_addr( qPrintable(sip_) ); - psh_.dest_address = sin_.sin_addr.s_addr; - psh_.placeholder = 0; - psh_.protocol = IPPROTO_TCP; - psh_.tcp_length = htons(sizeof(struct tcphdr) + strlen(data_)); - - int psize = sizeof(struct PseudoHeader) + sizeof(struct tcphdr) + strlen(data_); - pseudogram_ = (char*)malloc(psize); - - memcpy(pseudogram_, (char*)&psh_, sizeof(struct PseudoHeader)); - memcpy(pseudogram_ + sizeof(struct PseudoHeader), tcph_, sizeof(struct tcphdr) + strlen(data_)); - - tcph_->check = checkSum((unsigned short*)pseudogram_, psize); + packet->tcpHdr_->sum_ = htons(GTcpHdr::calcChecksum(packet->ipHdr_, packet->tcpHdr_)); } -void WERawClient::send() { - qDebug() << "Sending data to tls server data is down below..."; - if (sendto(sock_, datagram_, iph_->tot_len , 0, (struct sockaddr *)&sin_, sizeof(sin_)) < 0) { +void WERawClient::send(GPacket* packet) { + buf_.size_ = 60; + buf_.data_ = packet->buf_.data_; + char* dataptr = reinterpret_cast(buf_.data_); + + qDebug() << "Sending data to tls server data"; + show_binary((char*)buf_.data_, buf_.size_); + if (sendto(sock_, (char*)buf_.data_, buf_.size_, 0, (struct sockaddr *)&sin_, sizeof(sin_)) < 0) { qDebug() << "sendto failed"; } else { - qDebug() << "Packet Send. Length : " << iph_->tot_len; + qDebug() << "Packet Send. Length : " << packet->ipHdr_->len(); + } +} + +void WERawClient::show_binary(char* pAddr, int size) +{ + qDebug() << "sizeof print:" << size; + char dwBuffer[6]; + uint8_t dwValue; + + for (int i = 1; i <= size; i++) { + dwValue = pAddr[i-1]; + sprintf(dwBuffer, "%02X ", dwValue); + std::cout << dwBuffer; + if(i % 16 == 0) + std::cout << std::endl; } + std::cout << std::endl; } diff --git a/app/captiveportal/werawclient.h b/app/captiveportal/werawclient.h index 1ea7eac..2218b11 100644 --- a/app/captiveportal/werawclient.h +++ b/app/captiveportal/werawclient.h @@ -2,42 +2,19 @@ #include "stdafx.h" -struct PseudoHeader -{ - u_int32_t source_address; - u_int32_t dest_address; - u_int8_t placeholder; - u_int8_t protocol; - u_int16_t tcp_length; -}; - class WERawClient { int sock_; - char datagram_[4096], *data_, *pseudogram_; - QString sip_; - struct iphdr *iph_; - - struct tcphdr *tcph_; - struct sockaddr_in sin_; - struct PseudoHeader psh_; + struct sockaddr_in sin_; + GBuf buf_; public: WERawClient(); ~WERawClient() {} -private: - unsigned short checkSum(unsigned short* ptr, int nbytes); - public: - void setSocketOpt(GIp myip, int port); - void setIpHeader(GIpHdr iphdr); - void setTcpHeader(GTcpHdr tcphdr); - void send(); + void setSocketOpt(GIp myip); + void setHeader(GPacket* packet); + void send(GPacket* packet); + void show_binary(char* pAddr, int size); }; - -/* -setSocketOpt(); -setIpHeader(); -setTcpHeader(); -*/ From 0263208333d62e7a0995f7ef71bfee592e7883e1 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Sun, 12 Dec 2021 12:56:59 -0500 Subject: [PATCH 09/28] =?UTF-8?q?=F0=9F=9A=91=EF=B8=8F=20fix:=20rawsocket?= =?UTF-8?q?=20packet=20capture=20success?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.cpp | 6 ++---- app/captiveportal/werawclient.cpp | 11 +++-------- app/captiveportal/werawclient.h | 1 - 3 files changed, 5 insertions(+), 13 deletions(-) diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index 67f90ca..8874b94 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -173,13 +173,11 @@ void CaptivePortal::processPacket(GPacket *packet) if (tcpHdr->dport() == 443) { packet->ctrl.block_ = true; - GPacket cpypacket; - memcpy(&cpypacket, packet, sizeof(GPacket)); if (ipHdr->dip() != host_) { qDebug() << "There is tls connection request"; socket_.setSocketOpt(myIp_); - socket_.setHeader(&cpypacket); - socket_.send(&cpypacket); + socket_.setHeader(packet); + socket_.send(packet); } return; } diff --git a/app/captiveportal/werawclient.cpp b/app/captiveportal/werawclient.cpp index c19b534..8cc776a 100644 --- a/app/captiveportal/werawclient.cpp +++ b/app/captiveportal/werawclient.cpp @@ -15,8 +15,7 @@ void WERawClient::setSocketOpt(GIp myip) { memset(&sin_, 0, sizeof(sin_)); sin_.sin_family = AF_INET; - //sin_.sin_addr.s_addr = inet_addr(qPrintable(tlsip)); - sin_.sin_addr.s_addr = inet_addr("4.4.4.4"); + sin_.sin_addr.s_addr = inet_addr(qPrintable(tlsip)); int one = 1; const int *val = &one; @@ -37,13 +36,9 @@ void WERawClient::setHeader(GPacket* packet) { } void WERawClient::send(GPacket* packet) { - buf_.size_ = 60; - buf_.data_ = packet->buf_.data_; - char* dataptr = reinterpret_cast(buf_.data_); - qDebug() << "Sending data to tls server data"; - show_binary((char*)buf_.data_, buf_.size_); - if (sendto(sock_, (char*)buf_.data_, buf_.size_, 0, (struct sockaddr *)&sin_, sizeof(sin_)) < 0) { + show_binary((char*)packet->buf_.data_, packet->ipHdr_->len()); + if (sendto(sock_, (char*)packet->ipHdr_, packet->ipHdr_->len(), 0, (struct sockaddr *)&sin_, sizeof(sin_)) < 0) { qDebug() << "sendto failed"; } else { diff --git a/app/captiveportal/werawclient.h b/app/captiveportal/werawclient.h index 2218b11..497b57d 100644 --- a/app/captiveportal/werawclient.h +++ b/app/captiveportal/werawclient.h @@ -6,7 +6,6 @@ class WERawClient { int sock_; struct sockaddr_in sin_; - GBuf buf_; public: WERawClient(); From d0aed32c02f58d175369a8b47fa4a9c5b1116065 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Sun, 12 Dec 2021 13:23:58 -0500 Subject: [PATCH 10/28] =?UTF-8?q?=F0=9F=94=A5=20fix:=20remove=20hard=20cod?= =?UTF-8?q?e?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.cpp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index 8874b94..9e522be 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -4,9 +4,7 @@ CaptivePortal::CaptivePortal() { capturer_.hostDetect_.checkDhcp_ = true; capturer_.hostDetect_.checkArp_ = true; - capturer_.hostDetect_.checkIp_ = true; - - capturer_.internalFilter_ = "ether host 2C:8D:B1:E9:43:7D or ether host 64:EE:B7:93:E7:D0"; + capturer_.hostDetect_.checkIp_ = true; tcpblock_.backwardBlockType_ = GTcpBlock::Fin; From e59286ecf132fab54a00cca2e26d666bab07a472 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Sun, 12 Dec 2021 18:36:45 -0500 Subject: [PATCH 11/28] =?UTF-8?q?=F0=9F=9A=A7=20build:=20there=20is=20buil?= =?UTF-8?q?d=20error?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.cpp | 54 +++++++++++++++++++++++++++-- app/captiveportal/captiveportal.h | 12 +++++++ app/captiveportal/stdafx.h | 1 + app/captiveportal/werawclient.cpp | 22 +++++++++--- app/captiveportal/werawclient.h | 3 +- 5 files changed, 84 insertions(+), 8 deletions(-) diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index 9e522be..647e0ed 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -55,6 +55,39 @@ void CaptivePortal::getIPAddress() return; } +void CaptivePortal::setClientDict(GIp keyip, GIp webip, uint16_t port) +{ + ClientData target = {port, webip}; + dict_.insert({keyip, std::vector{{port, webip}}}); + auto it = find(dict_[keyip].begin(), dict_[keyip].end(), target); + if (it == dict_[keyip].end()) { + dict_[keyip].push_back(target); + } + else { + return; + } + return; +} + +void CaptivePortal::delClientDict(GIp keyip) +{ + dict_[keyip].clear(); + dict_.erase(keyip); + return; +} + +GIp CaptivePortal::getClientDict(GIp keyip, uint16_t port) +{ + std::vector::iterator iter; + for(iter = dict_[keyip].begin() ; iter!= dict_[keyip].end() ; iter++) { + if(iter->port_ == port) { + return iter->webip_; + } + } + qDebug() << "There is no WEBIP"; + return GIp("8.8.8.8"); +} + bool CaptivePortal::doOpen() { QUrl url = redirectpage_; @@ -168,13 +201,27 @@ void CaptivePortal::processPacket(GPacket *packet) return; } - if (tcpHdr->dport() == 443) + if (tcpHdr->dport() == 443 && ipHdr->dip() != myIp_) { packet->ctrl.block_ = true; if (ipHdr->dip() != host_) { - qDebug() << "There is tls connection request"; + qDebug() << "There is client to tls request"; + setClientDict(ipHdr->sip(), ipHdr->dip(), tcpHdr->sport()); socket_.setSocketOpt(myIp_); - socket_.setHeader(packet); + socket_.setreqHeader(packet); + socket_.send(packet); + } + return; + } + + if(tcpHdr->sport() == 443 && ipHdr->sip() == myIp_) + { + packet->ctrl.block_ = true; + if (ipHdr->dip() != host_) { + qDebug() << "There is tls to client response"; + GIp webip = getClientDict(ipHdr->dip(), tcpHdr->dport()); + socket_.setSocketOpt(ipHdr->dip()); + socket_.setrespHeader(packet, webip); socket_.send(packet); } return; @@ -201,6 +248,7 @@ void CaptivePortal::processPacket(GPacket *packet) { qDebug() << "infection off" << QString(ipHdr->sip()); capturer_.removeFlows(ipHdr->sip(), gwIp_, gwIp_, ipHdr->sip()); + delClientDict(ipHdr->sip()); } else if(it == tcpdata.end()) { diff --git a/app/captiveportal/captiveportal.h b/app/captiveportal/captiveportal.h index 347cfaf..37dcd17 100755 --- a/app/captiveportal/captiveportal.h +++ b/app/captiveportal/captiveportal.h @@ -3,6 +3,12 @@ #include "stdafx.h" #include "werawclient.h" +struct ClientData +{ + uint16_t port_; + GIp webip_; +}; + class CaptivePortal : public GStateObj { Q_OBJECT @@ -17,6 +23,8 @@ class CaptivePortal : public GStateObj GIp host_; + std::map> dict_; + public: QString intfname_; QString redirectpage_; @@ -31,6 +39,10 @@ class CaptivePortal : public GStateObj void setComponent(); void getIPAddress(); + void setClientDict(GIp keyip, GIp webip, uint16_t port); + void delClientDict(GIp keyip); + GIp getClientDict(GIp keyip, uint16_t port); + protected: bool doOpen() override; bool doClose() override; diff --git a/app/captiveportal/stdafx.h b/app/captiveportal/stdafx.h index 0522b5b..f38fa0c 100755 --- a/app/captiveportal/stdafx.h +++ b/app/captiveportal/stdafx.h @@ -19,6 +19,7 @@ #include #include #include +#include #include #include diff --git a/app/captiveportal/werawclient.cpp b/app/captiveportal/werawclient.cpp index 8cc776a..7a962c4 100644 --- a/app/captiveportal/werawclient.cpp +++ b/app/captiveportal/werawclient.cpp @@ -10,12 +10,12 @@ WERawClient::WERawClient() { } } -void WERawClient::setSocketOpt(GIp myip) { - QString tlsip = QString(myip); +void WERawClient::setSocketOpt(GIp dip) { + QString destip = QString(dip); memset(&sin_, 0, sizeof(sin_)); sin_.sin_family = AF_INET; - sin_.sin_addr.s_addr = inet_addr(qPrintable(tlsip)); + sin_.sin_addr.s_addr = inet_addr(qPrintable(destip)); int one = 1; const int *val = &one; @@ -26,7 +26,7 @@ void WERawClient::setSocketOpt(GIp myip) { } } -void WERawClient::setHeader(GPacket* packet) { +void WERawClient::setreqHeader(GPacket* packet) { qDebug() << "This packet is from here:" << QString(packet->ipHdr_->sip()); packet->ipHdr_->dip_ = sin_.sin_addr.s_addr; packet->ipHdr_->sum_ = htons(GIpHdr::calcChecksum(packet->ipHdr_)); @@ -35,6 +35,18 @@ void WERawClient::setHeader(GPacket* packet) { packet->tcpHdr_->sum_ = htons(GTcpHdr::calcChecksum(packet->ipHdr_, packet->tcpHdr_)); } +//================================================== + +void WERawClient::setrespHeader(GPacket *packet, GIp webip) +{ + qDebug() << "This packet is from here:" << QString(packet->ipHdr_->sip()); + packet->ipHdr_->sip_ = htonl(webip); + packet->ipHdr_->sum_ = htons(GIpHdr::calcChecksum(packet->ipHdr_)); + + //Now the TCP checksum + packet->tcpHdr_->sum_ = htons(GTcpHdr::calcChecksum(packet->ipHdr_, packet->tcpHdr_)); +} + void WERawClient::send(GPacket* packet) { qDebug() << "Sending data to tls server data"; show_binary((char*)packet->buf_.data_, packet->ipHdr_->len()); @@ -46,6 +58,8 @@ void WERawClient::send(GPacket* packet) { } } +//================================================== + void WERawClient::show_binary(char* pAddr, int size) { qDebug() << "sizeof print:" << size; diff --git a/app/captiveportal/werawclient.h b/app/captiveportal/werawclient.h index 497b57d..b580c6d 100644 --- a/app/captiveportal/werawclient.h +++ b/app/captiveportal/werawclient.h @@ -13,7 +13,8 @@ class WERawClient public: void setSocketOpt(GIp myip); - void setHeader(GPacket* packet); + void setreqHeader(GPacket* packet); + void setrespHeader(GPacket* packet, GIp webip); void send(GPacket* packet); void show_binary(char* pAddr, int size); }; From 8188cb36bde2226ab73c3fe839d649d68841912a Mon Sep 17 00:00:00 2001 From: maro5397 Date: Mon, 13 Dec 2021 05:53:07 -0500 Subject: [PATCH 12/28] =?UTF-8?q?=F0=9F=9A=A7=20feat:=20netfilter=20add=20?= =?UTF-8?q?process?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.cpp | 96 +++++++++++++++++++++-------- app/captiveportal/captiveportal.h | 10 ++- app/captiveportal/main.cpp | 4 -- app/captiveportal/stdafx.h | 1 + app/captiveportal/werawclient.cpp | 16 ++--- app/captiveportal/werawclient.h | 3 +- 6 files changed, 85 insertions(+), 45 deletions(-) diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index 647e0ed..94ba883 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -2,19 +2,43 @@ CaptivePortal::CaptivePortal() { + GRtmEntry* entry = GNetInfo::instance().rtm().getBestEntry(QString("8.8.8.8")); + intfname_ = entry->intf()->name(); + gwIp_ = entry->intf()->gateway(); + + getIPAddress(); + capturer_.hostDetect_.checkDhcp_ = true; capturer_.hostDetect_.checkArp_ = true; capturer_.hostDetect_.checkIp_ = true; tcpblock_.backwardBlockType_ = GTcpBlock::Fin; + GCommandItem opencommand; + opencommand.commands_ = QStringList{"su -c \"iptables -A OUTPUT -p tcp -s " + QString(myIp_) + " -sport 443 -j ACCEPT\""}; + filter_.command_.openCommands_.clear(); + filter_.command_.openCommands_.push_back(opencommand); + + GCommandItem closecommand; + closecommand.commands_ = QStringList{"su -c \"iptables -D OUTPUT -p tcp -s " + QString(myIp_) + " -sport 443 -j ACCEPT\""}; + filter_.command_.closeCommands_.clear(); + filter_.command_.closeCommands_.push_back(closecommand); + + QObject::connect( + &filter_, + SIGNAL(captured(GPakcet*)), + this, + SLOT(getSendPacket(GPacket*)), + Qt::DirectConnection + ); + QObject::connect( &capturer_, SIGNAL(captured(GPacket*)), this, SLOT(processPacket(GPacket*)), Qt::DirectConnection - ); + ); tcpblock_.writer_ = &writer_; } @@ -51,7 +75,7 @@ void CaptivePortal::getIPAddress() ipaddr = ntohl((sin->sin_addr).s_addr); ::close(sock); myIp_ = GIp(ipaddr); - qDebug() << "My Ip Address:" << QString(myIp_); + qInfo() << "My Ip Address:" << QString(myIp_); return; } @@ -59,13 +83,14 @@ void CaptivePortal::setClientDict(GIp keyip, GIp webip, uint16_t port) { ClientData target = {port, webip}; dict_.insert({keyip, std::vector{{port, webip}}}); - auto it = find(dict_[keyip].begin(), dict_[keyip].end(), target); - if (it == dict_[keyip].end()) { - dict_[keyip].push_back(target); - } - else { - return; + std::vector::iterator iter; + for(iter = dict_[keyip].begin() ; iter!= dict_[keyip].end() ; iter++) { + if(iter->port_ == port) { + iter->webip_ = webip; + return; + } } + dict_[keyip].push_back(target); return; } @@ -88,6 +113,10 @@ GIp CaptivePortal::getClientDict(GIp keyip, uint16_t port) return GIp("8.8.8.8"); } +void CaptivePortal::showClientDict() +{ +} + bool CaptivePortal::doOpen() { QUrl url = redirectpage_; @@ -115,9 +144,7 @@ bool CaptivePortal::doOpen() QString ip = QString(host); host_ = GIp(ip); - qInfo() << "domain=" << redirectpage_ << "," << "ip=" << QString(host_); - - getIPAddress(); + qInfo() << "domain=" << redirectpage_ << "," << "ip=" << QString(host_); setComponent(); if(!(writer_.open())) @@ -130,6 +157,11 @@ bool CaptivePortal::doOpen() qDebug() << "failed to open tcpblock"; return false; } + if(!(filter_.open())) + { + qDebug() << "failed to open filter"; + return false; + } if(!(capturer_.open())) { qDebug() << "failed to open arpspoof"; @@ -150,6 +182,11 @@ bool CaptivePortal::doClose() qDebug() << "failed to close tcpblock"; return false; } + if(!(filter_.open())) + { + qDebug() << "failed to close filter"; + return false; + } if(!(capturer_.close())) { qDebug() << "failed to close arpspoof"; @@ -207,22 +244,8 @@ void CaptivePortal::processPacket(GPacket *packet) if (ipHdr->dip() != host_) { qDebug() << "There is client to tls request"; setClientDict(ipHdr->sip(), ipHdr->dip(), tcpHdr->sport()); - socket_.setSocketOpt(myIp_); - socket_.setreqHeader(packet); - socket_.send(packet); - } - return; - } - - if(tcpHdr->sport() == 443 && ipHdr->sip() == myIp_) - { - packet->ctrl.block_ = true; - if (ipHdr->dip() != host_) { - qDebug() << "There is tls to client response"; - GIp webip = getClientDict(ipHdr->dip(), tcpHdr->dport()); - socket_.setSocketOpt(ipHdr->dip()); - socket_.setrespHeader(packet, webip); - socket_.send(packet); + forspoofsocket_.setreqHeader(packet, myIp_); + forspoofsocket_.send(packet); } return; } @@ -258,3 +281,22 @@ void CaptivePortal::processPacket(GPacket *packet) } } } + +void CaptivePortal::getSendPacket(GPacket *packet) +{ + qDebug() << "Capture Packet from local!"; + GIpHdr* ipHdr = packet->ipHdr_; + GTcpHdr* tcpHdr = packet->tcpHdr_; + + if(tcpHdr->sport() == 443 && ipHdr->sip() == myIp_) + { + packet->ctrl.block_ = true; + if (ipHdr->dip() != host_) { + qDebug() << "There is tls to client response"; + GIp webip = getClientDict(ipHdr->dip(), tcpHdr->dport()); + forfiltersocket_.setrespHeader(packet, webip); + forfiltersocket_.send(packet); + } + return; + } +} diff --git a/app/captiveportal/captiveportal.h b/app/captiveportal/captiveportal.h index 37dcd17..0acb2a7 100755 --- a/app/captiveportal/captiveportal.h +++ b/app/captiveportal/captiveportal.h @@ -9,6 +9,8 @@ struct ClientData GIp webip_; }; +typedef std::map> dict; + class CaptivePortal : public GStateObj { Q_OBJECT @@ -18,12 +20,14 @@ class CaptivePortal : public GStateObj GAutoArpSpoof capturer_; GTcpBlock tcpblock_; GPcapDeviceWrite writer_; + GNetFilter filter_; - WERawClient socket_; + WERawClient forspoofsocket_; + WERawClient forfiltersocket_; GIp host_; - std::map> dict_; + dict dict_; public: QString intfname_; @@ -42,6 +46,7 @@ class CaptivePortal : public GStateObj void setClientDict(GIp keyip, GIp webip, uint16_t port); void delClientDict(GIp keyip); GIp getClientDict(GIp keyip, uint16_t port); + void showClientDict(); protected: bool doOpen() override; @@ -53,4 +58,5 @@ class CaptivePortal : public GStateObj public slots: void processPacket(GPacket* packet); + void getSendPacket(GPacket* packet); }; diff --git a/app/captiveportal/main.cpp b/app/captiveportal/main.cpp index 3fe4ab3..945f23f 100755 --- a/app/captiveportal/main.cpp +++ b/app/captiveportal/main.cpp @@ -34,11 +34,7 @@ int main(int argc, char *argv[]) wss.redirectpage_ = "http://test.gilgil.net"; wss.start(443, "../../bin/certkey-test/server.crt", "../../bin/certkey-test/server.key"); - GRtmEntry* entry = GNetInfo::instance().rtm().getBestEntry(QString("8.8.8.8")); - CaptivePortal cp; - cp.intfname_ = entry->intf()->name(); - cp.gwIp_ = entry->intf()->gateway(); cp.redirectpage_ = "http://test.gilgil.net"; QJsonObject jo = GJson::loadFromFile(); diff --git a/app/captiveportal/stdafx.h b/app/captiveportal/stdafx.h index f38fa0c..8209f15 100755 --- a/app/captiveportal/stdafx.h +++ b/app/captiveportal/stdafx.h @@ -7,6 +7,7 @@ #include #include #include +#include #include #include diff --git a/app/captiveportal/werawclient.cpp b/app/captiveportal/werawclient.cpp index 7a962c4..ecf6aae 100644 --- a/app/captiveportal/werawclient.cpp +++ b/app/captiveportal/werawclient.cpp @@ -8,14 +8,6 @@ WERawClient::WERawClient() { perror("Failed to create socket"); exit(1); } -} - -void WERawClient::setSocketOpt(GIp dip) { - QString destip = QString(dip); - - memset(&sin_, 0, sizeof(sin_)); - sin_.sin_family = AF_INET; - sin_.sin_addr.s_addr = inet_addr(qPrintable(destip)); int one = 1; const int *val = &one; @@ -26,9 +18,9 @@ void WERawClient::setSocketOpt(GIp dip) { } } -void WERawClient::setreqHeader(GPacket* packet) { +void WERawClient::setreqHeader(GPacket* packet, GIp dip) { qDebug() << "This packet is from here:" << QString(packet->ipHdr_->sip()); - packet->ipHdr_->dip_ = sin_.sin_addr.s_addr; + packet->ipHdr_->dip_ = htonl(dip); packet->ipHdr_->sum_ = htons(GIpHdr::calcChecksum(packet->ipHdr_)); //Now the TCP checksum @@ -48,6 +40,10 @@ void WERawClient::setrespHeader(GPacket *packet, GIp webip) } void WERawClient::send(GPacket* packet) { + memset(&sin_, 0, sizeof(sin_)); + sin_.sin_family = AF_INET; + sin_.sin_addr.s_addr = packet->ipHdr_->dip_; + qDebug() << "Sending data to tls server data"; show_binary((char*)packet->buf_.data_, packet->ipHdr_->len()); if (sendto(sock_, (char*)packet->ipHdr_, packet->ipHdr_->len(), 0, (struct sockaddr *)&sin_, sizeof(sin_)) < 0) { diff --git a/app/captiveportal/werawclient.h b/app/captiveportal/werawclient.h index b580c6d..ccad672 100644 --- a/app/captiveportal/werawclient.h +++ b/app/captiveportal/werawclient.h @@ -12,8 +12,7 @@ class WERawClient ~WERawClient() {} public: - void setSocketOpt(GIp myip); - void setreqHeader(GPacket* packet); + void setreqHeader(GPacket* packet, GIp dip); void setrespHeader(GPacket* packet, GIp webip); void send(GPacket* packet); void show_binary(char* pAddr, int size); From b0e86d2f0e107192a5c9342547625c9c3f3a6da7 Mon Sep 17 00:00:00 2001 From: algosipdahack Date: Mon, 13 Dec 2021 21:58:42 +0900 Subject: [PATCH 13/28] fix netfilter string error --- app/captiveportal/captiveportal.cpp | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index 94ba883..e862e60 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -15,18 +15,23 @@ CaptivePortal::CaptivePortal() tcpblock_.backwardBlockType_ = GTcpBlock::Fin; GCommandItem opencommand; - opencommand.commands_ = QStringList{"su -c \"iptables -A OUTPUT -p tcp -s " + QString(myIp_) + " -sport 443 -j ACCEPT\""}; + //opencommand.commands_ = QStringList{"su -c \"iptables -A OUTPUT -p tcp -s " + QString(myIp_) + " -sport 443 -j ACCEPT\""}; filter_.command_.openCommands_.clear(); - filter_.command_.openCommands_.push_back(opencommand); + filter_.command_.closeCommands_.push_back(new GCommandItem(this, QStringList{"su -c \"iptables -A OUTPUT -p tcp -s " + + QString(myIp_) + " -sport 443 -j ACCEPT\""} + )); + //filter_.command_.openCommands_.push_back(opencommand); GCommandItem closecommand; - closecommand.commands_ = QStringList{"su -c \"iptables -D OUTPUT -p tcp -s " + QString(myIp_) + " -sport 443 -j ACCEPT\""}; + //closecommand.commands_ = QStringList{"su -c \"iptables -D OUTPUT -p tcp -s " + QString(myIp_) + " -sport 443 -j ACCEPT\""}; filter_.command_.closeCommands_.clear(); - filter_.command_.closeCommands_.push_back(closecommand); + filter_.command_.closeCommands_.push_back(new GCommandItem(this, QStringList{"su -c \"iptables -D OUTPUT -p tcp -s " + + QString(myIp_) + " -sport 443 -j ACCEPT\""} + )); QObject::connect( &filter_, - SIGNAL(captured(GPakcet*)), + SIGNAL(captured(GPacket*)), this, SLOT(getSendPacket(GPacket*)), Qt::DirectConnection @@ -295,6 +300,7 @@ void CaptivePortal::getSendPacket(GPacket *packet) qDebug() << "There is tls to client response"; GIp webip = getClientDict(ipHdr->dip(), tcpHdr->dport()); forfiltersocket_.setrespHeader(packet, webip); + //packet->ctrl.changed_ = true; forfiltersocket_.send(packet); } return; From 09a2e5ea76dffc187964ab2b18f9e10376dc473e Mon Sep 17 00:00:00 2001 From: maro5397 Date: Mon, 13 Dec 2021 13:38:52 -0500 Subject: [PATCH 14/28] =?UTF-8?q?=F0=9F=9A=91fix:=20syn=20ack=20exchange?= =?UTF-8?q?=20done=20tls=20error=20expose?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.cpp | 12 +++++------- app/captiveportal/captiveportal.h | 2 +- app/captiveportal/captiveportal.pro | 2 +- app/captiveportal/stdafx.h | 4 ++++ app/captiveportal/werawclient.cpp | 19 ------------------- app/captiveportal/werawclient.h | 1 - 6 files changed, 11 insertions(+), 29 deletions(-) diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index e862e60..281450f 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -15,18 +15,15 @@ CaptivePortal::CaptivePortal() tcpblock_.backwardBlockType_ = GTcpBlock::Fin; GCommandItem opencommand; - //opencommand.commands_ = QStringList{"su -c \"iptables -A OUTPUT -p tcp -s " + QString(myIp_) + " -sport 443 -j ACCEPT\""}; filter_.command_.openCommands_.clear(); filter_.command_.closeCommands_.push_back(new GCommandItem(this, QStringList{"su -c \"iptables -A OUTPUT -p tcp -s " - + QString(myIp_) + " -sport 443 -j ACCEPT\""} + + QString(myIp_) + " --sport 443 -j NFQUEUE --queue-num 0\""} )); - //filter_.command_.openCommands_.push_back(opencommand); GCommandItem closecommand; - //closecommand.commands_ = QStringList{"su -c \"iptables -D OUTPUT -p tcp -s " + QString(myIp_) + " -sport 443 -j ACCEPT\""}; filter_.command_.closeCommands_.clear(); filter_.command_.closeCommands_.push_back(new GCommandItem(this, QStringList{"su -c \"iptables -D OUTPUT -p tcp -s " - + QString(myIp_) + " -sport 443 -j ACCEPT\""} + + QString(myIp_) + " --sport 443 -j NFQUEUE --queue-num 0\""} )); QObject::connect( @@ -120,6 +117,7 @@ GIp CaptivePortal::getClientDict(GIp keyip, uint16_t port) void CaptivePortal::showClientDict() { + } bool CaptivePortal::doOpen() @@ -187,7 +185,7 @@ bool CaptivePortal::doClose() qDebug() << "failed to close tcpblock"; return false; } - if(!(filter_.open())) + if(!(filter_.close())) { qDebug() << "failed to close filter"; return false; @@ -300,7 +298,7 @@ void CaptivePortal::getSendPacket(GPacket *packet) qDebug() << "There is tls to client response"; GIp webip = getClientDict(ipHdr->dip(), tcpHdr->dport()); forfiltersocket_.setrespHeader(packet, webip); - //packet->ctrl.changed_ = true; + packet->ctrl.changed_ = true; forfiltersocket_.send(packet); } return; diff --git a/app/captiveportal/captiveportal.h b/app/captiveportal/captiveportal.h index 0acb2a7..1b9c64e 100755 --- a/app/captiveportal/captiveportal.h +++ b/app/captiveportal/captiveportal.h @@ -2,6 +2,7 @@ #include "stdafx.h" #include "werawclient.h" +#include "wenetfilter.h" struct ClientData { @@ -26,7 +27,6 @@ class CaptivePortal : public GStateObj WERawClient forfiltersocket_; GIp host_; - dict dict_; public: diff --git a/app/captiveportal/captiveportal.pro b/app/captiveportal/captiveportal.pro index 8b10b39..34b9ceb 100755 --- a/app/captiveportal/captiveportal.pro +++ b/app/captiveportal/captiveportal.pro @@ -9,7 +9,7 @@ include(../../cp.pri) DESTDIR = $${PWD}/../../bin -LIBS += -L../../../opensocket/lib -lopensocket -lssl -lcrypto -lpthread +LIBS += -L../../../opensocket/lib -lopensocket -lssl -lcrypto -lpthread -lnetfilter_queue SOURCES += \ ../../src/httprequest.cpp \ diff --git a/app/captiveportal/stdafx.h b/app/captiveportal/stdafx.h index 8209f15..f833b02 100755 --- a/app/captiveportal/stdafx.h +++ b/app/captiveportal/stdafx.h @@ -38,3 +38,7 @@ #include #include #include + +#include +#include +#include diff --git a/app/captiveportal/werawclient.cpp b/app/captiveportal/werawclient.cpp index ecf6aae..029db0b 100644 --- a/app/captiveportal/werawclient.cpp +++ b/app/captiveportal/werawclient.cpp @@ -45,7 +45,6 @@ void WERawClient::send(GPacket* packet) { sin_.sin_addr.s_addr = packet->ipHdr_->dip_; qDebug() << "Sending data to tls server data"; - show_binary((char*)packet->buf_.data_, packet->ipHdr_->len()); if (sendto(sock_, (char*)packet->ipHdr_, packet->ipHdr_->len(), 0, (struct sockaddr *)&sin_, sizeof(sin_)) < 0) { qDebug() << "sendto failed"; } @@ -53,21 +52,3 @@ void WERawClient::send(GPacket* packet) { qDebug() << "Packet Send. Length : " << packet->ipHdr_->len(); } } - -//================================================== - -void WERawClient::show_binary(char* pAddr, int size) -{ - qDebug() << "sizeof print:" << size; - char dwBuffer[6]; - uint8_t dwValue; - - for (int i = 1; i <= size; i++) { - dwValue = pAddr[i-1]; - sprintf(dwBuffer, "%02X ", dwValue); - std::cout << dwBuffer; - if(i % 16 == 0) - std::cout << std::endl; - } - std::cout << std::endl; -} diff --git a/app/captiveportal/werawclient.h b/app/captiveportal/werawclient.h index ccad672..96b1d1f 100644 --- a/app/captiveportal/werawclient.h +++ b/app/captiveportal/werawclient.h @@ -15,5 +15,4 @@ class WERawClient void setreqHeader(GPacket* packet, GIp dip); void setrespHeader(GPacket* packet, GIp webip); void send(GPacket* packet); - void show_binary(char* pAddr, int size); }; From e4c649eff2e190d48216adfe78872da43e7556b4 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Mon, 13 Dec 2021 14:52:44 -0500 Subject: [PATCH 15/28] =?UTF-8?q?=F0=9F=A9=B9=20fix:=20delete=20wenetfilte?= =?UTF-8?q?r=20header?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.h | 1 - 1 file changed, 1 deletion(-) diff --git a/app/captiveportal/captiveportal.h b/app/captiveportal/captiveportal.h index 1b9c64e..489a153 100755 --- a/app/captiveportal/captiveportal.h +++ b/app/captiveportal/captiveportal.h @@ -2,7 +2,6 @@ #include "stdafx.h" #include "werawclient.h" -#include "wenetfilter.h" struct ClientData { From 490a0da632ae79e6dbc72725794757d7575111af Mon Sep 17 00:00:00 2001 From: maro5397 Date: Tue, 14 Dec 2021 00:15:50 -0500 Subject: [PATCH 16/28] =?UTF-8?q?=F0=9F=A9=B9=20fix:=20closeCommands=20to?= =?UTF-8?q?=20openCommands?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index 281450f..1aed778 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -16,7 +16,7 @@ CaptivePortal::CaptivePortal() GCommandItem opencommand; filter_.command_.openCommands_.clear(); - filter_.command_.closeCommands_.push_back(new GCommandItem(this, QStringList{"su -c \"iptables -A OUTPUT -p tcp -s " + filter_.command_.openCommands_.push_back(new GCommandItem(this, QStringList{"su -c \"iptables -A OUTPUT -p tcp -s " + QString(myIp_) + " --sport 443 -j NFQUEUE --queue-num 0\""} )); From 4b592008d2278825c19a6d6d1d2c1b196c575ee7 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Tue, 14 Dec 2021 05:48:57 -0500 Subject: [PATCH 17/28] =?UTF-8?q?=F0=9F=9A=91=EF=B8=8F=20fix:=20fix=20cert?= =?UTF-8?q?=20file=20path?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/main.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/captiveportal/main.cpp b/app/captiveportal/main.cpp index 945f23f..6ab1e31 100755 --- a/app/captiveportal/main.cpp +++ b/app/captiveportal/main.cpp @@ -32,7 +32,7 @@ int main(int argc, char *argv[]) wus.start(7284); WESslServer wss; wss.redirectpage_ = "http://test.gilgil.net"; - wss.start(443, "../../bin/certkey-test/server.crt", "../../bin/certkey-test/server.key"); + wss.start(443, "../../cp-QT/bin/certkey-test/server.crt", "../../cp-QT/bin/certkey-test/server.key"); CaptivePortal cp; cp.redirectpage_ = "http://test.gilgil.net"; From 31d99bbc560a3b67b4a36c6dbcb22c3522da1722 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Tue, 14 Dec 2021 12:21:09 -0500 Subject: [PATCH 18/28] =?UTF-8?q?=E2=9C=A8=20ui=20combined?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.cpp | 14 +++- app/captiveportal/captiveportal.h | 2 + app/captiveportal/captiveportal.pro | 2 + app/captiveportal/main.cpp | 25 ++----- app/captiveportal/webui/index.html | 32 +++++++++ app/captiveportal/webui/reset.css | 43 +++++++++++ app/captiveportal/webui/webui.css | 80 +++++++++++++++++++++ app/captiveportal/webui/webui.js | 88 +++++++++++++++++++++++ app/captiveportal/weuiserver.cpp | 107 ++++++++++++++++++++++++++++ app/captiveportal/weuiserver.h | 31 ++++++++ 10 files changed, 403 insertions(+), 21 deletions(-) create mode 100644 app/captiveportal/webui/index.html create mode 100644 app/captiveportal/webui/reset.css create mode 100644 app/captiveportal/webui/webui.css create mode 100644 app/captiveportal/webui/webui.js create mode 100644 app/captiveportal/weuiserver.cpp create mode 100644 app/captiveportal/weuiserver.h diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index 1aed778..7cfdd06 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -150,6 +150,13 @@ bool CaptivePortal::doOpen() qInfo() << "domain=" << redirectpage_ << "," << "ip=" << QString(host_); setComponent(); + + wss.redirectpage_ = redirectpage_.toStdString(); + if(!(wss.start(443, "../../cp-QT/bin/certkey-test/server.crt", "../../cp-QT/bin/certkey-test/server.key"))) + { + qDebug() << "failed to start wesslserver"; + return false; + } if(!(writer_.open())) { qDebug() << "failed to open writer"; @@ -175,6 +182,11 @@ bool CaptivePortal::doOpen() bool CaptivePortal::doClose() { + if(!(wss.stop())) + { + qDebug() << "failed to stop wesslserver"; + return false; + } if(!(writer_.close())) { qDebug() << "failed to close writer"; @@ -239,7 +251,7 @@ void CaptivePortal::processPacket(GPacket *packet) if (tcpHdr == nullptr) { qCritical() << "tcpHdr is null"; return; - } + } if (tcpHdr->dport() == 443 && ipHdr->dip() != myIp_) { diff --git a/app/captiveportal/captiveportal.h b/app/captiveportal/captiveportal.h index 489a153..ea0840d 100755 --- a/app/captiveportal/captiveportal.h +++ b/app/captiveportal/captiveportal.h @@ -2,6 +2,7 @@ #include "stdafx.h" #include "werawclient.h" +#include "wesslserver.h" struct ClientData { @@ -24,6 +25,7 @@ class CaptivePortal : public GStateObj WERawClient forspoofsocket_; WERawClient forfiltersocket_; + WESslServer wss; GIp host_; dict dict_; diff --git a/app/captiveportal/captiveportal.pro b/app/captiveportal/captiveportal.pro index 34b9ceb..854dda1 100755 --- a/app/captiveportal/captiveportal.pro +++ b/app/captiveportal/captiveportal.pro @@ -16,6 +16,7 @@ SOURCES += \ ../../src/httpresponse.cpp \ ../../../opensocket/src/*.cpp \ ../../../opensocket/src/base/*.cpp \ + weuiserver.cpp \ werawclient.cpp \ captiveportal.cpp \ main.cpp \ @@ -30,6 +31,7 @@ HEADERS += \ ../../src/http.h \ ../../../opensocket/src/*.h \ ../../../opensocket/src/base/*.h \ + weuiserver.h \ werawclient.h \ captiveportal.h \ stdafx.h \ diff --git a/app/captiveportal/main.cpp b/app/captiveportal/main.cpp index 6ab1e31..239bbcc 100755 --- a/app/captiveportal/main.cpp +++ b/app/captiveportal/main.cpp @@ -1,7 +1,6 @@ #include "weudpclient.h" #include "weudpserver.h" -#include "wesslserver.h" -#include "captiveportal.h" +#include "weuiserver.h" const char* version() { @@ -30,25 +29,11 @@ int main(int argc, char *argv[]) WEUdpServer wus; wus.start(7284); - WESslServer wss; - wss.redirectpage_ = "http://test.gilgil.net"; - wss.start(443, "../../cp-QT/bin/certkey-test/server.crt", "../../cp-QT/bin/certkey-test/server.key"); - - CaptivePortal cp; - cp.redirectpage_ = "http://test.gilgil.net"; - - QJsonObject jo = GJson::loadFromFile(); - if (!jo.isEmpty()) - jo["cp"] >> cp; - jo["cp"] << cp; - GJson::saveToFile(jo); - - GThreadMgr::suspendStart(); - cp.open(); - GThreadMgr::resumeStart(); + WEUIServer uiserver; + uiserver.rootdir_ = "/home/kali/cp-QT/app/captiveportal/webui"; + uiserver.start(80); a.exec(); - - wss.stop(); + uiserver.stop(); wus.stop(); } diff --git a/app/captiveportal/webui/index.html b/app/captiveportal/webui/index.html new file mode 100644 index 0000000..c487040 --- /dev/null +++ b/app/captiveportal/webui/index.html @@ -0,0 +1,32 @@ + + + + + + + + + CaptivePortal UI + + +
+
+ +
+
+ +
+
+ +
+
+
+

이 제품은 개인 사용자의 네트워크 제어 목적으로 만들어진 제품으로 공공장소 등에서 악의적인 목적으로 사용하거나 잘못된 사용으로 인한 손해가 발생한 경우 모든 법적 책임은 본인에게 있습니다

+

You can give a free donation on the account number
IBK 9730943757-01-011
on name of the Lee Sungjin (Core Developer)

+
+ + + + + + \ No newline at end of file diff --git a/app/captiveportal/webui/reset.css b/app/captiveportal/webui/reset.css new file mode 100644 index 0000000..aab9d38 --- /dev/null +++ b/app/captiveportal/webui/reset.css @@ -0,0 +1,43 @@ +html, body, div, span, applet, object, iframe, +h1, h2, h3, h4, h5, h6, p, blockquote, pre, +a, abbr, acronym, address, big, cite, code, +del, dfn, em, img, ins, kbd, q, s, samp, +small, strike, strong, sub, sup, tt, var, +b, u, i, center, +dl, dt, dd, ol, ul, li, +fieldset, form, label, legend, +table, caption, tbody, tfoot, thead, tr, th, td, +article, aside, canvas, details, embed, +figure, figcaption, footer, header, hgroup, +menu, nav, output, ruby, section, summary, +time, mark, audio, video { + margin: 0; + padding: 0; + border: 0; + font-size: 100%; + font: inherit; + vertical-align: baseline; +} + +article, aside, details, figcaption, figure, +footer, header, hgroup, menu, nav, section { + display: block; +} +body { + line-height: 1; +} +ol, ul { + list-style: none; +} +blockquote, q { + quotes: none; +} +blockquote:before, blockquote:after, +q:before, q:after { + content: ''; + content: none; +} +table { + border-collapse: collapse; + border-spacing: 0; +} diff --git a/app/captiveportal/webui/webui.css b/app/captiveportal/webui/webui.css new file mode 100644 index 0000000..eaf4a91 --- /dev/null +++ b/app/captiveportal/webui/webui.css @@ -0,0 +1,80 @@ +:root{ + --body-background-color: #f5f6f7; + --font-color: #4e4e4e; + --border-gray-color : #dadada; + --we-blue-color: #0044ff; + --we-blue-border-color: #0066ff; + --we-red-color: #ff0000; + --we-red-border-color: #ff0077; +} + +* { + margin:0; + padding:0; +} + +body { + display: grid; + grid-template-rows: 7fr 1fr; +} + +.input-section-wrap{ + padding-top: 60px; + display: flex; + flex-direction: column; + align-items: center; + justify-content: center; +} + +.input-wrap{ + width: 465px; + height :48px; + border: solid 1px var( --border-gray-color ); + background: white; +} + +.input-wrap input{ + border: none; + width:430px; + margin-top: 10px; + font-size: 14px; + margin-left: 10px; + height:30px; +} + +.password-wrap{ + margin-top: 13px; +} + +.button-wrap { + padding-top: 13px; +} + +.blue-button-wrap button{ + width: 465px; + height :48px; + font-size: 18px; + background: var(--we-blue-color); + color: white; + border: solid 1px var(--we-blue-border-color); +} + +.red-button-wrap button{ + width: 465px; + height :48px; + font-size: 18px; + background: var(--we-red-color); + color: white; + border: solid 1px var(--we-red-border-color); +} + +body{ + background:var(--body-background-color); +} +footer { + margin-top: 30px; + text-align: center; +} +p { + margin: 10px; +} \ No newline at end of file diff --git a/app/captiveportal/webui/webui.js b/app/captiveportal/webui/webui.js new file mode 100644 index 0000000..85df35b --- /dev/null +++ b/app/captiveportal/webui/webui.js @@ -0,0 +1,88 @@ +let url = 'http://wifievent.io/api'; +url = 'http://192.168.1.12:3001'; + +const webReq = axios.create({ + baseURL: url, + withCredentials: true, + timeout: 1000, +}) + +window.onload = async function () { + const sessRes = await webReq({ + url: '/user/session', + }); + if (sessRes.status !== 200) + return; + + exchangeUI(); + + const pageRes = await webReq({ + url: '/cp/page', + }) + if (pageRes.status !== 200) + return; + + $('#browsers').empty(); + for (const page of pageRes.data) { + const option = $(``); + $('#browsers').append(option); + } +}; + +document.querySelector('#button').addEventListener('click', async function () { + const uid = document.querySelector('#uid').value; + const pw = document.querySelector('#pw').value; + if (!uid || !pw) { + alert('fill in the blank'); + return; + } + + const body = { uid, pw }; + + const loginRes = await webReq({ + method: 'POST', + url: '/user/login', + data: body, + }).catch(err => { + alert(err.response.statusText); + return; + }); + if (loginRes.status !== 200) + return; + + alert('login success'); + location.reload(); +}); + +function exchangeUI(pageList) { + $('#idbox').remove(); + $('#pwbox').remove(); + $('#buttonbox').remove(); + $('#main').append(`
\ + \ +
\ +
\ + \ +
`); +} + +async function cpStatus() { + let status = $('button').text(); + const pid = document.querySelector('#browsers').value; + await axios.post(`/${status}`, `${pid}`).catch(err => { + alert(`${status} Failed`); + return; + }); + + let buttonColor; + if (status == 'Start') { + buttonColor = 'red'; + status = 'Stop'; + } else { + buttonColor = 'blue'; + status = 'Start'; + } + $('#buttonbox').attr('class',`${buttonColor}-button-wrap button-wrap`); + $('#button').text(status); +} diff --git a/app/captiveportal/weuiserver.cpp b/app/captiveportal/weuiserver.cpp new file mode 100644 index 0000000..0a3e93d --- /dev/null +++ b/app/captiveportal/weuiserver.cpp @@ -0,0 +1,107 @@ +#include "weuiserver.h" + +WEUIServer::WEUIServer() { + QJsonObject jo = GJson::loadFromFile(); + if (!jo.isEmpty()) + jo["cp"] >> cp_; + jo["cp"] << cp_; + GJson::saveToFile(jo); +} + +void WEUIServer::handleClnt(TcpClientSocket *clntsock) { + + char buffer[BUFSIZE]; + int len; + + while((len = clntsock->recv(buffer, BUFSIZE)) != -1) { + if(len == 0) { + spdlog::info("clntsock is shutdown"); + return; + } + uirequest_.resetData(); + uirequest_.addRequestPacket(buffer, len); + uirequest_.parseRequestPacket(); + setHttpResponse(); + clntsock->send((char*)uiresponse_.getResponseData()->c_str(), uiresponse_.getResponseSize()); + } + return; +} + +//http://wifievent.io/cp/page/render/{id} +void WEUIServer::setHttpResponse() { + std::string path = uirequest_.getURL(); + uiresponse_.resetData(); + int size = 0; + spdlog::info("request path: {}", path); + + if(path == "/") { + size = getWebUIData("/index.html"); + uiresponse_.setResponseBody(ui_); + } + else if(path == "/Start") { + size = 0; + uiresponse_.setResponseBody("start"); + QString pageid = QString::fromStdString(uirequest_.getRequestBody()); + cp_.redirectpage_ = "http://192.168.1.12:3001/cp/page/render/" + pageid; + GThreadMgr::suspendStart(); + cp_.open(); + GThreadMgr::resumeStart(); + } + else if(path == "/Stop") { + size = 0; + uiresponse_.setResponseBody("stop"); + cp_.close(); + } + else { + size = getWebUIData(path); + uiresponse_.setResponseBody(ui_); + } + + std::string len = std::to_string(size); + + std::vector> headervector; + headervector.push_back(std::make_pair("Connection", "keep-alive")); + headervector.push_back(std::make_pair("Content-Length", len.c_str())); + headervector.push_back(std::make_pair("Content-Type", "text/html")); + headervector.push_back(std::make_pair("Date", getDateTime())); + headervector.push_back(std::make_pair("Keep-Alive", "timeout=5, max=100")); + headervector.push_back(std::make_pair("Server", "WEUIServer")); + + uiresponse_.setProtocol(HTTP1_1); + uiresponse_.setStatusCode(200); + uiresponse_.setReasonPhrase(); + uiresponse_.setHTTPHeaderVector(&headervector); + uiresponse_.makeResponse(); +} + +int WEUIServer::getWebUIData(std::string path) { + spdlog::info("Get local data from\n{}", rootdir_+path); + std::ifstream fin(rootdir_+path); + int size = 0; + + if(fin.is_open()){ + fin.seekg(0, std::ios::end); + size = fin.tellg(); + fin.seekg(0, std::ios::beg); + fin.read(ui_, size); + } + return size; +} + +std::string WEUIServer::getDateTime() { + char date[30] = {'\0'}; + + time_t now = time(0); + tm *gmtm = gmtime(&now); + char* dt = asctime(gmtm); + + char mon[4]; + char dayofweek[4]; + int year, day, hour, min, sec; + + sscanf(dt, "%s %s %d %d:%d:%d %d\n", dayofweek, mon, &day, &hour, &min, &sec, &year); + sprintf(date, "%s, %02d %s %d %02d:%02d:%02d GMT", dayofweek, day, mon, year, hour, min, sec); + std::string dateheader = date; + return dateheader; +} + diff --git a/app/captiveportal/weuiserver.h b/app/captiveportal/weuiserver.h new file mode 100644 index 0000000..82817c1 --- /dev/null +++ b/app/captiveportal/weuiserver.h @@ -0,0 +1,31 @@ +#pragma once +#include "tcpserver.h" +#include "httprequest.h" +#include "httpresponse.h" +#include "captiveportal.h" + +#include +#include +#include + +class WEUIServer : public TcpServer +{ + HTTPRequest uirequest_; + HTTPResponse uiresponse_; + char ui_[BUFSIZE]; + + CaptivePortal cp_; + +public: + std::string rootdir_; + +public: + WEUIServer(); + ~WEUIServer() {} + +protected: + void handleClnt(TcpClientSocket* clntsock) override; + void setHttpResponse(); + int getWebUIData(std::string path); + std::string getDateTime(); +}; From c1f55040fade5a048e112846ac92cd43df40cf3e Mon Sep 17 00:00:00 2001 From: maro5397 Date: Tue, 14 Dec 2021 12:23:24 -0500 Subject: [PATCH 19/28] =?UTF-8?q?=E2=9A=A1add=20reset=20function?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/http.h | 5 ++++- src/httprequest.cpp | 8 +++++++- src/httprequest.h | 2 +- src/httpresponse.cpp | 6 ++++++ src/httpresponse.h | 2 +- 5 files changed, 19 insertions(+), 4 deletions(-) mode change 100755 => 100644 src/http.h mode change 100755 => 100644 src/httprequest.cpp mode change 100755 => 100644 src/httprequest.h mode change 100755 => 100644 src/httpresponse.cpp mode change 100755 => 100644 src/httpresponse.h diff --git a/src/http.h b/src/http.h old mode 100755 new mode 100644 index 12a5939..a339b1f --- a/src/http.h +++ b/src/http.h @@ -7,4 +7,7 @@ typedef enum {HTTP1_0, HTTP1_1, HTTP_UNSUPPORTED} Protocol; #define CR '\r' #define LF '\n' -#define CRLF "\r\n" \ No newline at end of file +#define CRLF "\r\n" + +#include +#include diff --git a/src/httprequest.cpp b/src/httprequest.cpp old mode 100755 new mode 100644 index cff9898..5162a62 --- a/src/httprequest.cpp +++ b/src/httprequest.cpp @@ -81,7 +81,7 @@ string HTTPRequest::getHTTPHeader(string name) { if((*iter).first == name) { - return (*iter).first + ":" + (*iter).second; + return (*iter).second; } } return "There is no header name " + name; @@ -249,3 +249,9 @@ string HTTPRequest::updateCursor(size_t& cursorbegin, size_t& cursorend, string cursorbegin = cursorend + next; return result; } + +void HTTPRequest::resetData() +{ + requestpacket_ = ""; + headers_.clear(); +} diff --git a/src/httprequest.h b/src/httprequest.h old mode 100755 new mode 100644 index 54da231..2f4db11 --- a/src/httprequest.h +++ b/src/httprequest.h @@ -1,6 +1,5 @@ #pragma once -#include "stdafx.h" #include "http.h" class HTTPRequest @@ -41,4 +40,5 @@ class HTTPRequest size_t getRequestSize(); std::string* getRequestData(); std::string updateCursor(size_t& cursorbegin, size_t& cursorend, std::string target, std::string obj, size_t next); + void resetData(); }; diff --git a/src/httpresponse.cpp b/src/httpresponse.cpp old mode 100755 new mode 100644 index 3e86839..2015875 --- a/src/httpresponse.cpp +++ b/src/httpresponse.cpp @@ -237,3 +237,9 @@ string HTTPResponse::updateCursor(size_t& cursorbegin, size_t& cursorend, string cursorbegin = cursorend + next; return result; } + +void HTTPResponse::resetData() +{ + responsepacket_ = ""; + headers_.clear(); +} \ No newline at end of file diff --git a/src/httpresponse.h b/src/httpresponse.h old mode 100755 new mode 100644 index e18ed84..40b8053 --- a/src/httpresponse.h +++ b/src/httpresponse.h @@ -1,6 +1,5 @@ #pragma once -#include "stdafx.h" #include "http.h" class HTTPResponse @@ -35,4 +34,5 @@ class HTTPResponse size_t getResponseSize(); std::string* getResponseData(); std::string updateCursor(size_t& cursorbegin, size_t& cursorend, std::string target, std::string obj, size_t next); + void resetData(); }; From cdb7515df7ec681ea16466f48112708cc6ffe31a Mon Sep 17 00:00:00 2001 From: maro5397 Date: Tue, 14 Dec 2021 12:24:16 -0500 Subject: [PATCH 20/28] =?UTF-8?q?=F0=9F=90=9Btls=20server=20reuse=20error?= =?UTF-8?q?=20fixing?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/wesslserver-test/main.cpp | 41 +++++++++++++++++++++++ app/wesslserver-test/wesslserver-test.pro | 14 ++++++++ 2 files changed, 55 insertions(+) create mode 100644 app/wesslserver-test/main.cpp create mode 100644 app/wesslserver-test/wesslserver-test.pro diff --git a/app/wesslserver-test/main.cpp b/app/wesslserver-test/main.cpp new file mode 100644 index 0000000..773cf3a --- /dev/null +++ b/app/wesslserver-test/main.cpp @@ -0,0 +1,41 @@ +#include "sslserver.h" + +class EchoSsl : public SslServer +{ +public: + EchoSsl(); + ~EchoSsl() {} + +protected: + void handleClnt(SslClientSocket* clntsock) override; +}; + +EchoSsl::EchoSsl() { +} + +void EchoSsl::handleClnt(SslClientSocket* clntsock) { + char buffer[BUFSIZE]; + char message[] = "HI, this is server"; + int len = 0; + int count = 0; + while((len = clntsock->recv(buffer, BUFSIZE)) != -1) { + if(len == 0) { + spdlog::info("clntsock is shutdown"); + return; + } + spdlog::info(count++); + spdlog::info("recv data from client"); + spdlog::info(buffer); + clntsock->send(message, strlen(message) + 1); + } + return; +} + +int main() +{ + EchoSsl server; + server.start(9090, "../../cp-QT/bin/certkey-test/server.crt", "../../cp-QT/bin/certkey-test/server.key"); + while(1) {} + server.stop(); + return 0; +} diff --git a/app/wesslserver-test/wesslserver-test.pro b/app/wesslserver-test/wesslserver-test.pro new file mode 100644 index 0000000..313ec95 --- /dev/null +++ b/app/wesslserver-test/wesslserver-test.pro @@ -0,0 +1,14 @@ +QT -= gui + +CONFIG += c++17 +TEMPLATE = app +CONFIG += qt + +include(../../cp.pri) + +LIBS += -L../../../opensocket/lib -lopensocket -lssl -lcrypto -lpthread + +SOURCES += \ + main.cpp + +HEADERS += \ From 104ba6b91bb7dbe0eafa5b94fb1831dc234a92d6 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Wed, 15 Dec 2021 04:31:02 -0500 Subject: [PATCH 21/28] cp test version(Beta) --- app/captiveportal/captiveportal.cpp | 62 +++++++++++++---------------- app/captiveportal/webui/webui.js | 3 +- app/captiveportal/weuiserver.cpp | 6 +-- 3 files changed, 31 insertions(+), 40 deletions(-) diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index 7cfdd06..c59727d 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -8,6 +8,8 @@ CaptivePortal::CaptivePortal() getIPAddress(); + wss.start(443, "../../cp-QT/bin/certkey-test/server.crt", "../../cp-QT/bin/certkey-test/server.key"); + capturer_.hostDetect_.checkDhcp_ = true; capturer_.hostDetect_.checkArp_ = true; capturer_.hostDetect_.checkIp_ = true; @@ -152,11 +154,7 @@ bool CaptivePortal::doOpen() setComponent(); wss.redirectpage_ = redirectpage_.toStdString(); - if(!(wss.start(443, "../../cp-QT/bin/certkey-test/server.crt", "../../cp-QT/bin/certkey-test/server.key"))) - { - qDebug() << "failed to start wesslserver"; - return false; - } + if(!(writer_.open())) { qDebug() << "failed to open writer"; @@ -177,16 +175,12 @@ bool CaptivePortal::doOpen() qDebug() << "failed to open arpspoof"; return false; } + qDebug() << "ALL COMPONENT OPENED!"; return true; } bool CaptivePortal::doClose() { - if(!(wss.stop())) - { - qDebug() << "failed to stop wesslserver"; - return false; - } if(!(writer_.close())) { qDebug() << "failed to close writer"; @@ -207,6 +201,8 @@ bool CaptivePortal::doClose() qDebug() << "failed to close arpspoof"; return false; } + qDebug() << "ALL COMPONENT CLOSED!"; + //wss.stop() return true; } @@ -253,7 +249,20 @@ void CaptivePortal::processPacket(GPacket *packet) return; } - if (tcpHdr->dport() == 443 && ipHdr->dip() != myIp_) + if(ipHdr->dip() == host_) + { + if(tcpHdr->dport() == 443 || tcpHdr->dport() == 80) { + return; + } + if(tcpHdr->dport() == 3001) { + qDebug() << "infection off" << QString(ipHdr->sip()); + capturer_.removeFlows(ipHdr->sip(), gwIp_, gwIp_, ipHdr->sip()); + delClientDict(ipHdr->sip()); + return; + } + } + + if (ipHdr->dip() != myIp_ && tcpHdr->dport() == 443) { packet->ctrl.block_ = true; if (ipHdr->dip() != host_) { @@ -265,34 +274,17 @@ void CaptivePortal::processPacket(GPacket *packet) return; } - if (tcpHdr->dport() == 80) + if (tcpHdr->dport() == 80) { - GBuf tcpData = packet->tcpData_; - if(!tcpData.valid()) - return; + GBuf tcpData = packet->tcpData_; + if(!tcpData.valid()) + return; - const char* castedtcpdata = reinterpret_cast(tcpData.data_); - if(strncmp(castedtcpdata, "GET ", 4) == 0 && ipHdr->dip() != host_) + const char* castedtcpdata = reinterpret_cast(tcpData.data_); + if(strncmp(castedtcpdata, "GET ", 4) == 0 && ipHdr->dip() != host_) { qDebug() << "Send redirect page data to client"; tcpblock_.block(packet); - } - if(strncmp(castedtcpdata, "POST ", 5) == 0) - { - std::string api = "infected=false"; - std::string tcpdata = castedtcpdata; - auto it = std::search(tcpdata.begin(), tcpdata.end(), std::boyer_moore_searcher(api.begin(), api.end())); - if (it != tcpdata.end()) - { - qDebug() << "infection off" << QString(ipHdr->sip()); - capturer_.removeFlows(ipHdr->sip(), gwIp_, gwIp_, ipHdr->sip()); - delClientDict(ipHdr->sip()); - } - else if(it == tcpdata.end()) - { - qDebug() << "infection keep"; - return; - } } } } @@ -303,7 +295,7 @@ void CaptivePortal::getSendPacket(GPacket *packet) GIpHdr* ipHdr = packet->ipHdr_; GTcpHdr* tcpHdr = packet->tcpHdr_; - if(tcpHdr->sport() == 443 && ipHdr->sip() == myIp_) + if(ipHdr->sip() == myIp_ && tcpHdr->sport() == 443) { packet->ctrl.block_ = true; if (ipHdr->dip() != host_) { diff --git a/app/captiveportal/webui/webui.js b/app/captiveportal/webui/webui.js index 85df35b..8feec5f 100644 --- a/app/captiveportal/webui/webui.js +++ b/app/captiveportal/webui/webui.js @@ -1,5 +1,4 @@ -let url = 'http://wifievent.io/api'; -url = 'http://192.168.1.12:3001'; +let url = 'https://wifievent.io/api'; const webReq = axios.create({ baseURL: url, diff --git a/app/captiveportal/weuiserver.cpp b/app/captiveportal/weuiserver.cpp index 0a3e93d..68ec1f6 100644 --- a/app/captiveportal/weuiserver.cpp +++ b/app/captiveportal/weuiserver.cpp @@ -39,16 +39,16 @@ void WEUIServer::setHttpResponse() { uiresponse_.setResponseBody(ui_); } else if(path == "/Start") { - size = 0; + size = 5; uiresponse_.setResponseBody("start"); QString pageid = QString::fromStdString(uirequest_.getRequestBody()); - cp_.redirectpage_ = "http://192.168.1.12:3001/cp/page/render/" + pageid; + cp_.redirectpage_ = "https://wifievent.io/api/cp/page/render/" + pageid; GThreadMgr::suspendStart(); cp_.open(); GThreadMgr::resumeStart(); } else if(path == "/Stop") { - size = 0; + size = 4; uiresponse_.setResponseBody("stop"); cp_.close(); } From 84614e88464dbc077980054397145b9b450478ea Mon Sep 17 00:00:00 2001 From: maro5397 Date: Wed, 15 Dec 2021 12:04:28 -0500 Subject: [PATCH 22/28] =?UTF-8?q?=F0=9F=A9=B9=20fix:=20issue=20#1=20fix?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/captiveportal/captiveportal.cpp b/app/captiveportal/captiveportal.cpp index c59727d..6b1a616 100755 --- a/app/captiveportal/captiveportal.cpp +++ b/app/captiveportal/captiveportal.cpp @@ -8,7 +8,7 @@ CaptivePortal::CaptivePortal() getIPAddress(); - wss.start(443, "../../cp-QT/bin/certkey-test/server.crt", "../../cp-QT/bin/certkey-test/server.key"); + wss.start(443, "./certkey-test/server.crt", "./certkey-test/server.key"); capturer_.hostDetect_.checkDhcp_ = true; capturer_.hostDetect_.checkArp_ = true; From 958b15d33337c0fbebb9b41369989285d433bc10 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Wed, 15 Dec 2021 12:07:01 -0500 Subject: [PATCH 23/28] =?UTF-8?q?=F0=9F=A9=B9=20fix:=20issue=20#2=20fix?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/main.cpp | 2 +- {app/captiveportal => bin}/webui/index.html | 0 {app/captiveportal => bin}/webui/reset.css | 0 {app/captiveportal => bin}/webui/webui.css | 0 {app/captiveportal => bin}/webui/webui.js | 0 5 files changed, 1 insertion(+), 1 deletion(-) rename {app/captiveportal => bin}/webui/index.html (100%) rename {app/captiveportal => bin}/webui/reset.css (100%) rename {app/captiveportal => bin}/webui/webui.css (100%) rename {app/captiveportal => bin}/webui/webui.js (100%) diff --git a/app/captiveportal/main.cpp b/app/captiveportal/main.cpp index 239bbcc..c8697a2 100755 --- a/app/captiveportal/main.cpp +++ b/app/captiveportal/main.cpp @@ -30,7 +30,7 @@ int main(int argc, char *argv[]) WEUdpServer wus; wus.start(7284); WEUIServer uiserver; - uiserver.rootdir_ = "/home/kali/cp-QT/app/captiveportal/webui"; + uiserver.rootdir_ = "./webui"; uiserver.start(80); a.exec(); diff --git a/app/captiveportal/webui/index.html b/bin/webui/index.html similarity index 100% rename from app/captiveportal/webui/index.html rename to bin/webui/index.html diff --git a/app/captiveportal/webui/reset.css b/bin/webui/reset.css similarity index 100% rename from app/captiveportal/webui/reset.css rename to bin/webui/reset.css diff --git a/app/captiveportal/webui/webui.css b/bin/webui/webui.css similarity index 100% rename from app/captiveportal/webui/webui.css rename to bin/webui/webui.css diff --git a/app/captiveportal/webui/webui.js b/bin/webui/webui.js similarity index 100% rename from app/captiveportal/webui/webui.js rename to bin/webui/webui.js From 05b2a6d1ad9deae8b3aefd653b5f39de3721e11d Mon Sep 17 00:00:00 2001 From: maro5397 Date: Wed, 15 Dec 2021 13:04:48 -0500 Subject: [PATCH 24/28] =?UTF-8?q?=F0=9F=A9=B9=20fix:=20change=20log=20modu?= =?UTF-8?q?le=20to=20glog?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.pro | 2 +- app/captiveportal/wesslserver.cpp | 6 +++--- app/captiveportal/weuiserver.cpp | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/app/captiveportal/captiveportal.pro b/app/captiveportal/captiveportal.pro index 854dda1..0fe65a3 100755 --- a/app/captiveportal/captiveportal.pro +++ b/app/captiveportal/captiveportal.pro @@ -9,7 +9,7 @@ include(../../cp.pri) DESTDIR = $${PWD}/../../bin -LIBS += -L../../../opensocket/lib -lopensocket -lssl -lcrypto -lpthread -lnetfilter_queue +LIBS += -L../../../opensocket/lib -lopensocket -lssl -lcrypto -lpthread -lnetfilter_queue -lglog SOURCES += \ ../../src/httprequest.cpp \ diff --git a/app/captiveportal/wesslserver.cpp b/app/captiveportal/wesslserver.cpp index 5e91c9b..27897ba 100644 --- a/app/captiveportal/wesslserver.cpp +++ b/app/captiveportal/wesslserver.cpp @@ -13,13 +13,13 @@ void WESslServer::handleClnt(SslClientSocket* clntsock) { int len = 0; while((len = clntsock->recv(buffer, BUFSIZE)) != -1) { if(len == 0) { - spdlog::info("clntsock is shutdown"); + DLOG(INFO) << "clntsock is shutdown"; return; } - spdlog::info("recv data from client"); + DLOG(INFO) << "recv data from client"; if(strncmp(buffer, "GET ", 4) == 0) { - spdlog::info("send redirect data to client"); + DLOG(INFO) << "send redirect data to client"; clntsock->send(message.data(), message.length() + 1); } } diff --git a/app/captiveportal/weuiserver.cpp b/app/captiveportal/weuiserver.cpp index 68ec1f6..112fee9 100644 --- a/app/captiveportal/weuiserver.cpp +++ b/app/captiveportal/weuiserver.cpp @@ -15,7 +15,7 @@ void WEUIServer::handleClnt(TcpClientSocket *clntsock) { while((len = clntsock->recv(buffer, BUFSIZE)) != -1) { if(len == 0) { - spdlog::info("clntsock is shutdown"); + DLOG(INFO) << "clntsock is shutdown"; return; } uirequest_.resetData(); @@ -32,7 +32,7 @@ void WEUIServer::setHttpResponse() { std::string path = uirequest_.getURL(); uiresponse_.resetData(); int size = 0; - spdlog::info("request path: {}", path); + DLOG(INFO) << "request path:" << path; if(path == "/") { size = getWebUIData("/index.html"); @@ -75,7 +75,7 @@ void WEUIServer::setHttpResponse() { } int WEUIServer::getWebUIData(std::string path) { - spdlog::info("Get local data from\n{}", rootdir_+path); + DLOG(INFO) << "Get local data from" << path; std::ifstream fin(rootdir_+path); int size = 0; From 5dd867c1454d5e6db2ce15b3dacfe5aec9557a1b Mon Sep 17 00:00:00 2001 From: maro5397 Date: Thu, 16 Dec 2021 07:41:45 -0500 Subject: [PATCH 25/28] =?UTF-8?q?=F0=9F=A9=B9=20fix:=20fix=20issue=20#3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/http.h | 1 + src/httprequest.cpp | 16 +++++++++++----- src/httpresponse.cpp | 12 +++++++++--- 3 files changed, 21 insertions(+), 8 deletions(-) diff --git a/src/http.h b/src/http.h index a339b1f..2d9838f 100644 --- a/src/http.h +++ b/src/http.h @@ -11,3 +11,4 @@ typedef enum {HTTP1_0, HTTP1_1, HTTP_UNSUPPORTED} Protocol; #include #include +#include diff --git a/src/httprequest.cpp b/src/httprequest.cpp index 5162a62..d6a27b2 100644 --- a/src/httprequest.cpp +++ b/src/httprequest.cpp @@ -193,6 +193,7 @@ int HTTPRequest::parseRequestPacket() int HTTPRequest::makeRequest() { string httpmethod, httpprotocol; + string tmppacket = ""; switch(method_){ case GET: @@ -221,13 +222,13 @@ int HTTPRequest::makeRequest() break; } - requestpacket_ += httpmethod + " " + url_ + " " + httpprotocol + CRLF; + tmppacket += httpmethod + " " + url_ + " " + httpprotocol + CRLF; vector>::iterator iter; for(iter = headers_.begin(); iter != headers_.end(); iter++){ - requestpacket_ += (*iter).first + ": " + (*iter).second + CRLF; + tmppacket += (*iter).first + ": " + (*iter).second + CRLF; } - requestpacket_ += CRLF; - requestpacket_ += body_; + tmppacket += CRLF + body_; + requestpacket_ = tmppacket; return 0; } @@ -243,8 +244,13 @@ string* HTTPRequest::getRequestData() string HTTPRequest::updateCursor(size_t& cursorbegin, size_t& cursorend, string target, string obj, size_t next) { - string result; + string result = ""; + size_t tmp = cursorend; cursorend = obj.find_first_of(target, cursorbegin); + if(cursorend == string::npos) { + cursorend = tmp; + return result; + } result = obj.substr(cursorbegin, cursorend - cursorbegin); cursorbegin = cursorend + next; return result; diff --git a/src/httpresponse.cpp b/src/httpresponse.cpp index 2015875..77cf4a8 100644 --- a/src/httpresponse.cpp +++ b/src/httpresponse.cpp @@ -134,7 +134,7 @@ string HTTPResponse::getResponseBody() int HTTPResponse::makeResponse() { string httpprotocol; - string tmppacket; + string tmppacket = ""; switch(protocol_){ case HTTP1_0: @@ -231,8 +231,13 @@ string* HTTPResponse::getResponseData() string HTTPResponse::updateCursor(size_t& cursorbegin, size_t& cursorend, string target, string obj, size_t next) { - string result; + string result = ""; + size_t tmp = cursorend; cursorend = obj.find_first_of(target, cursorbegin); + if(cursorend == string::npos) { + cursorend = tmp; + return result; + } result = obj.substr(cursorbegin, cursorend - cursorbegin); cursorbegin = cursorend + next; return result; @@ -241,5 +246,6 @@ string HTTPResponse::updateCursor(size_t& cursorbegin, size_t& cursorend, string void HTTPResponse::resetData() { responsepacket_ = ""; + DLOG(INFO) << "response header size:" << headers_.size(); headers_.clear(); -} \ No newline at end of file +} From c25891c8f503b9ba1b053e8f354d549896f8190d Mon Sep 17 00:00:00 2001 From: maro5397 Date: Thu, 16 Dec 2021 13:37:02 -0500 Subject: [PATCH 26/28] =?UTF-8?q?=E2=9C=A8=20feat:=20dotdot=20prevent=20an?= =?UTF-8?q?d=20header=20modify?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/uiserver-test/main.cpp | 17 ++++ app/uiserver-test/uiserver-test.pro | 25 ++++++ app/uiserver-test/uiserver.cpp | 121 ++++++++++++++++++++++++++++ app/uiserver-test/uiserver.h | 30 +++++++ 4 files changed, 193 insertions(+) create mode 100644 app/uiserver-test/main.cpp create mode 100644 app/uiserver-test/uiserver-test.pro create mode 100644 app/uiserver-test/uiserver.cpp create mode 100644 app/uiserver-test/uiserver.h diff --git a/app/uiserver-test/main.cpp b/app/uiserver-test/main.cpp new file mode 100644 index 0000000..7906130 --- /dev/null +++ b/app/uiserver-test/main.cpp @@ -0,0 +1,17 @@ +#include +#include "uiserver.h" + +int main(int argc, char *argv[]) +{ + QCoreApplication a(argc, argv); + + UIServer uiserver; + uiserver.rootdir_ = "../../bin/webui"; + uiserver.start(80); + + a.exec(); + + uiserver.stop(); + + return 0; +} diff --git a/app/uiserver-test/uiserver-test.pro b/app/uiserver-test/uiserver-test.pro new file mode 100644 index 0000000..28cc409 --- /dev/null +++ b/app/uiserver-test/uiserver-test.pro @@ -0,0 +1,25 @@ +QT -= gui + +CONFIG += c++20 +TEMPLATE = app +CONFIG += qt + +include(../../cp.pri) + +LIBS += -L../../../opensocket/lib -lopensocket -lssl -lcrypto -lpthread -lglog + +SOURCES += \ + main.cpp \ + uiserver.cpp \ + ../../src/httprequest.cpp \ + ../../src/httpresponse.cpp \ + ../../../opensocket/src/*.cpp \ + ../../../opensocket/src/base/*.cpp + +HEADERS += \ + uiserver.h \ + ../../src/httprequest.h \ + ../../src/httpresponse.h \ + ../../src/http.h \ + ../../../opensocket/src/*.h \ + ../../../opensocket/src/base/*.h diff --git a/app/uiserver-test/uiserver.cpp b/app/uiserver-test/uiserver.cpp new file mode 100644 index 0000000..eeff46b --- /dev/null +++ b/app/uiserver-test/uiserver.cpp @@ -0,0 +1,121 @@ +#include "uiserver.h" +#include + +UIServer::UIServer() { +} + +void UIServer::handleClnt(TcpClientSocket *clntsock) { + + char buffer[BUFSIZE]; + int len; + + while((len = clntsock->recv(buffer, BUFSIZE)) != -1) { + uirequest_.resetData(); + if(len == 0) { + DLOG(INFO) << "clntsock is shutdown"; + return; + } + uirequest_.addRequestPacket(buffer, len); + uirequest_.parseRequestPacket(); + setHttpResponse(); + clntsock->send((char*)uiresponse_.getResponseData()->c_str(), uiresponse_.getResponseSize()); + } + return; +} + +void UIServer::setHttpResponse() { + std::string path = uirequest_.getURL(); + uiresponse_.resetData(); + int size = 0; + DLOG(INFO) << "request path:" << path; + +// if(path.ends_with(".css")) { +// uiresponse_.setHTTPHeader("Content-Type", "text/css;charset=UTF-8"); +// } +// else if(path.ends_with(".js")) { +// uiresponse_.setHTTPHeader("Content-Type", "text/javascript;charset=UTF-8"); +// } +// else { +// uiresponse_.setHTTPHeader("Content-Type", "text/html"); +// } + + if(denyDotDotPacket(path)) { + return; + } + + if(path == "/") { + size = getWebUIData("/index.html"); + uiresponse_.setResponseBody(ui_); + } + else if(path == "/Start") { + size = 5; + uiresponse_.setResponseBody("start"); + } + else if(path == "/Stop") { + size = 4; + uiresponse_.setResponseBody("stop"); + } + else { + size = getWebUIData(path); + uiresponse_.setResponseBody(ui_); + } + + std::string len = std::to_string(size); + + uiresponse_.setProtocol(HTTP1_1); + uiresponse_.setStatusCode(200); + uiresponse_.setReasonPhrase(); + uiresponse_.setHTTPHeader("Connection", "keep-alive"); + uiresponse_.setHTTPHeader("Content-Length", len.c_str()); + uiresponse_.setHTTPHeader("Date", getDateTime()); + uiresponse_.setHTTPHeader("Keep-Alive", "timeout=5, max=100"); + uiresponse_.setHTTPHeader("Server", "UIServer"); + uiresponse_.makeResponse(); +} + +int UIServer::getWebUIData(std::string path) { + DLOG(INFO) << "Get local data from" << rootdir_+path; + std::ifstream fin(rootdir_+path); + int size = 0; + + if(fin.is_open()){ + fin.seekg(0, std::ios::end); + size = fin.tellg(); + fin.seekg(0, std::ios::beg); + fin.read(ui_, size); + } + return size; +} + +std::string UIServer::getDateTime() { + char date[30] = {'\0'}; + + time_t now = time(0); + tm *gmtm = gmtime(&now); + char* dt = asctime(gmtm); + + char mon[4]; + char dayofweek[4]; + int year, day, hour, min, sec; + + sscanf(dt, "%s %s %d %d:%d:%d %d\n", dayofweek, mon, &day, &hour, &min, &sec, &year); + sprintf(date, "%s, %02d %s %d %02d:%02d:%02d GMT", dayofweek, day, mon, year, hour, min, sec); + std::string dateheader = date; + return dateheader; +} + +bool UIServer::denyDotDotPacket(std::string path) +{ + if(path.find("..") != std::string::npos) { + DLOG(INFO) << "there is .. string from path:" << path; + uiresponse_.setProtocol(HTTP1_1); + uiresponse_.setStatusCode(403); + uiresponse_.setReasonPhrase(); + uiresponse_.setHTTPHeader("Date", getDateTime()); + uiresponse_.setHTTPHeader("Server", "UIServer"); + uiresponse_.makeResponse(); + return true; + } + return false; +} + diff --git a/app/uiserver-test/uiserver.h b/app/uiserver-test/uiserver.h new file mode 100644 index 0000000..6233867 --- /dev/null +++ b/app/uiserver-test/uiserver.h @@ -0,0 +1,30 @@ +#pragma once +#include "tcpserver.h" +#include "httprequest.h" +#include "httpresponse.h" + +#include +#include +#include +#include + +class UIServer : public TcpServer +{ + HTTPRequest uirequest_; + HTTPResponse uiresponse_; + char ui_[BUFSIZE]; + +public: + std::string rootdir_; + +public: + UIServer(); + ~UIServer() {} + +protected: + void handleClnt(TcpClientSocket* clntsock) override; + void setHttpResponse(); + int getWebUIData(std::string path); + std::string getDateTime(); + bool denyDotDotPacket(std::string path); +}; From 7375c26f0b0c5ce337bc0feac0b44fbecb4c95e0 Mon Sep 17 00:00:00 2001 From: maro5397 Date: Fri, 17 Dec 2021 03:37:22 -0500 Subject: [PATCH 27/28] =?UTF-8?q?=E2=9C=85=20fix:=20apply=20http=20header?= =?UTF-8?q?=20error?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/captiveportal/captiveportal.pro | 2 +- app/captiveportal/weuiserver.cpp | 28 ++++++++++++++++++++++++++++ app/captiveportal/weuiserver.h | 1 + app/uiserver-test/uiserver-test.pro | 2 +- app/uiserver-test/uiserver.cpp | 18 +++++++++--------- 5 files changed, 40 insertions(+), 11 deletions(-) diff --git a/app/captiveportal/captiveportal.pro b/app/captiveportal/captiveportal.pro index 0fe65a3..ed4a2d8 100755 --- a/app/captiveportal/captiveportal.pro +++ b/app/captiveportal/captiveportal.pro @@ -1,6 +1,6 @@ QT -= gui -CONFIG += c++17 +CONFIG += c++2a TEMPLATE = app CONFIG += qt diff --git a/app/captiveportal/weuiserver.cpp b/app/captiveportal/weuiserver.cpp index 112fee9..99fdf73 100644 --- a/app/captiveportal/weuiserver.cpp +++ b/app/captiveportal/weuiserver.cpp @@ -34,6 +34,20 @@ void WEUIServer::setHttpResponse() { int size = 0; DLOG(INFO) << "request path:" << path; + if(path.ends_with(".css")) { + uiresponse_.setHTTPHeader("Content-Type", "text/css;charset=UTF-8"); + } + else if(path.ends_with(".js")) { + uiresponse_.setHTTPHeader("Content-Type", "text/javascript;charset=UTF-8"); + } + else { + uiresponse_.setHTTPHeader("Content-Type", "text/html"); + } + + if(denyDotDotPacket(path)) { + return; + } + if(path == "/") { size = getWebUIData("/index.html"); uiresponse_.setResponseBody(ui_); @@ -105,3 +119,17 @@ std::string WEUIServer::getDateTime() { return dateheader; } +bool WEUIServer::denyDotDotPacket(std::string path) +{ + if(path.find("..") != std::string::npos) { + DLOG(INFO) << "there is .. string from path:" << path; + uiresponse_.setProtocol(HTTP1_1); + uiresponse_.setStatusCode(403); + uiresponse_.setReasonPhrase(); + uiresponse_.setHTTPHeader("Date", getDateTime()); + uiresponse_.setHTTPHeader("Server", "UIServer"); + uiresponse_.makeResponse(); + return true; + } + return false; +} diff --git a/app/captiveportal/weuiserver.h b/app/captiveportal/weuiserver.h index 82817c1..3b68ca4 100644 --- a/app/captiveportal/weuiserver.h +++ b/app/captiveportal/weuiserver.h @@ -28,4 +28,5 @@ class WEUIServer : public TcpServer void setHttpResponse(); int getWebUIData(std::string path); std::string getDateTime(); + bool denyDotDotPacket(std::string path); }; diff --git a/app/uiserver-test/uiserver-test.pro b/app/uiserver-test/uiserver-test.pro index 28cc409..effda44 100644 --- a/app/uiserver-test/uiserver-test.pro +++ b/app/uiserver-test/uiserver-test.pro @@ -1,6 +1,6 @@ QT -= gui -CONFIG += c++20 +CONFIG += c++2a TEMPLATE = app CONFIG += qt diff --git a/app/uiserver-test/uiserver.cpp b/app/uiserver-test/uiserver.cpp index eeff46b..63f2b08 100644 --- a/app/uiserver-test/uiserver.cpp +++ b/app/uiserver-test/uiserver.cpp @@ -29,15 +29,15 @@ void UIServer::setHttpResponse() { int size = 0; DLOG(INFO) << "request path:" << path; -// if(path.ends_with(".css")) { -// uiresponse_.setHTTPHeader("Content-Type", "text/css;charset=UTF-8"); -// } -// else if(path.ends_with(".js")) { -// uiresponse_.setHTTPHeader("Content-Type", "text/javascript;charset=UTF-8"); -// } -// else { -// uiresponse_.setHTTPHeader("Content-Type", "text/html"); -// } + if(path.ends_with(".css")) { + uiresponse_.setHTTPHeader("Content-Type", "text/css;charset=UTF-8"); + } + else if(path.ends_with(".js")) { + uiresponse_.setHTTPHeader("Content-Type", "text/javascript;charset=UTF-8"); + } + else { + uiresponse_.setHTTPHeader("Content-Type", "text/html"); + } if(denyDotDotPacket(path)) { return; From a222439e382e2584c24548a70fa89075065617eb Mon Sep 17 00:00:00 2001 From: maro5397 Date: Fri, 17 Dec 2021 04:29:06 -0500 Subject: [PATCH 28/28] =?UTF-8?q?=F0=9F=94=96=20docs:=20v0.9.1.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- version.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version.txt b/version.txt index 4ff4d6e..2dcf443 100755 --- a/version.txt +++ b/version.txt @@ -1 +1 @@ -"v0.9.0.0" \ No newline at end of file +"v0.9.1.0" \ No newline at end of file