120 lines
3.5 KiB
C
120 lines
3.5 KiB
C
#include <arpa/inet.h>
|
|
#include <netinet/if_ether.h>
|
|
#include <netinet/ip.h>
|
|
#include <netinet/udp.h>
|
|
#include <pcap.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
|
|
#define SOURCE_PORT 14236
|
|
#define DEST_PORT 14235
|
|
|
|
char* ether_ntoa(const struct ether_addr* addr)
|
|
{
|
|
static char buf[18];
|
|
snprintf(buf, sizeof(buf), "%02x:%02x:%02x:%02x:%02x:%02x",
|
|
addr->ether_addr_octet[0], addr->ether_addr_octet[1],
|
|
addr->ether_addr_octet[2], addr->ether_addr_octet[3],
|
|
addr->ether_addr_octet[4], addr->ether_addr_octet[5]);
|
|
return buf;
|
|
}
|
|
|
|
void packet_handler(unsigned char* user, const struct pcap_pkthdr* h, const unsigned char* bytes)
|
|
{
|
|
struct ether_header* eth_header;
|
|
struct ip* ip_header;
|
|
struct udphdr* udp_header;
|
|
|
|
eth_header = (struct ether_header*)bytes;
|
|
|
|
// Check if the packet is an IP packet
|
|
if (ntohs(eth_header->ether_type) == ETHERTYPE_IP) {
|
|
ip_header = (struct ip*)(bytes + sizeof(struct ether_header));
|
|
|
|
// Check if the packet is a UDP packet
|
|
if (ip_header->ip_p == IPPROTO_UDP) {
|
|
udp_header = (struct udphdr*)(bytes + sizeof(struct ether_header) + sizeof(struct ip));
|
|
|
|
// Convert IP addresses from network byte order to text
|
|
char source_ip[INET_ADDRSTRLEN];
|
|
char dest_ip[INET_ADDRSTRLEN];
|
|
inet_ntop(AF_INET, &(ip_header->ip_src), source_ip, INET_ADDRSTRLEN);
|
|
inet_ntop(AF_INET, &(ip_header->ip_dst), dest_ip, INET_ADDRSTRLEN);
|
|
|
|
// Check if the destination IP address and UDP ports match
|
|
if (strcmp(dest_ip, "255.255.255.255") == 0 && ntohs(udp_header->source) == SOURCE_PORT && ntohs(udp_header->dest) == DEST_PORT) {
|
|
|
|
// Convert MAC address to readable format
|
|
char source_mac[18];
|
|
snprintf(source_mac, sizeof(source_mac), "%s", ether_ntoa((struct ether_addr*)eth_header->ether_shost));
|
|
|
|
// Print the extracted information
|
|
printf("Miner IP: %s\n", source_ip);
|
|
printf("Source MAC Address: %s\n", source_mac);
|
|
printf("----------------------------------------\n");
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
char* get_default_interface()
|
|
{
|
|
pcap_if_t *alldevs, *d;
|
|
char errbuf[PCAP_ERRBUF_SIZE];
|
|
char* dev = NULL;
|
|
|
|
if (pcap_findalldevs(&alldevs, errbuf) == -1) {
|
|
fprintf(stderr, "Error finding devices: %s\n", errbuf);
|
|
return NULL;
|
|
}
|
|
|
|
// Find the first interface that is up
|
|
for (d = alldevs; d != NULL; d = d->next) {
|
|
if (d->flags & PCAP_IF_UP) {
|
|
dev = strdup(d->name); // Duplicate the interface name
|
|
break;
|
|
}
|
|
}
|
|
|
|
pcap_freealldevs(alldevs); // Free the device list
|
|
|
|
if (dev == NULL) {
|
|
fprintf(stderr, "No suitable device found\n");
|
|
return NULL;
|
|
}
|
|
|
|
return dev;
|
|
}
|
|
|
|
int main()
|
|
{
|
|
char errbuf[PCAP_ERRBUF_SIZE];
|
|
pcap_t* handle;
|
|
char* dev = get_default_interface();
|
|
|
|
if (dev == NULL) {
|
|
return 2; // No suitable device found
|
|
}
|
|
|
|
printf("Using device: %s\n", dev);
|
|
|
|
// Open the device for capturing
|
|
handle = pcap_open_live(dev, BUFSIZ, 1, 1000, errbuf);
|
|
free(dev); // Free the duplicated device name string
|
|
|
|
if (handle == NULL) {
|
|
fprintf(stderr, "Could not open device: %s\n", errbuf);
|
|
return 2;
|
|
}
|
|
|
|
printf("Listening...\n");
|
|
|
|
// Start the packet capture loop
|
|
pcap_loop(handle, 0, packet_handler, NULL);
|
|
|
|
// Close the capture handle
|
|
pcap_close(handle);
|
|
|
|
return 0;
|
|
}
|