diff options
| author | zhuzhenjun <[email protected]> | 2023-09-27 15:43:32 +0800 |
|---|---|---|
| committer | zhuzhenjun <[email protected]> | 2023-09-27 19:40:42 +0800 |
| commit | 1a559eba9916e4e39f660cf803ab7196cdd7c342 (patch) | |
| tree | aa6ebd9ec47c7a7a427086752913ff6d8f694c58 /example | |
| parent | 15d4a2d27198005b557b62dbfbb03c49d5b5220c (diff) | |
v0.0.4
Diffstat (limited to 'example')
| -rw-r--r-- | example/Makefile.am | 12 | ||||
| -rw-r--r-- | example/osfp_example.c | 22 | ||||
| -rw-r--r-- | example/sample.c | 34 |
3 files changed, 64 insertions, 4 deletions
diff --git a/example/Makefile.am b/example/Makefile.am index f6fc004..e2524ba 100644 --- a/example/Makefile.am +++ b/example/Makefile.am @@ -1,4 +1,4 @@ -bin_PROGRAMS = osfp_example +bin_PROGRAMS = osfp_example sample osfp_example_SOURCES = \ osfp_example.c @@ -11,3 +11,13 @@ osfp_example_LDFLAGS = \ osfp_example_CFLAGS = \ -I../src + + +sample_SOURCES = \ + sample.c + +sample_LDADD = \ + ../src/.libs/libosfp.la + +sample_CFLAGS = \ + -I../src diff --git a/example/osfp_example.c b/example/osfp_example.c index 309a1d2..e047a91 100644 --- a/example/osfp_example.c +++ b/example/osfp_example.c @@ -16,6 +16,7 @@ #include "osfp_common.h" #include "osfp.h" +#include "osfp_log.h" #include "osfp_fingerprint.h" #include "osfp_score_db.h" @@ -163,6 +164,7 @@ unsigned char *fp_file_path; unsigned char *fp_output_file_path; FILE *fingerprinting_output_fp; +unsigned int debug_enable; unsigned char *if_name; unsigned char *pcap_file_name; unsigned char *bpf_string; @@ -466,6 +468,8 @@ void example_detect(struct osfp_db *osfp_db, Packet *p) printf("Details:\n"); printf("%s\n", osfp_result_score_detail_export(result)); + osfp_result_free(result); + exit: return; } @@ -483,10 +487,16 @@ void process_packet(char *user, struct pcap_pkthdr *h, u_char *pkt) } // only for tcp syn request packet - if (!p->tcph->syn || p->tcph->ack) { + if (!p->tcph->syn) { goto exit; } + if (p->tcph->ack) { + printf("--------------------------- SYN/ACK\n"); + } else { + printf("--------------------------- SYN\n"); + } + if (p->iph) { PrintInet(AF_INET, (const void *)&(p->src.addr_data32[0]), p->srcip, sizeof(p->srcip)); PrintInet(AF_INET, (const void *)&(p->dst.addr_data32[0]), p->dstip, sizeof(p->dstip)); @@ -508,7 +518,7 @@ int main(int argc, char *argv[]) { int r; - while ((r = getopt(argc, argv, "+f:i:r:o:")) != -1) { + while ((r = getopt(argc, argv, "+f:i:r:o:d")) != -1) { switch(r) { case 'f': if (fp_file_path) { @@ -538,6 +548,9 @@ int main(int argc, char *argv[]) } fp_output_file_path = (unsigned char*)optarg; break; + case 'd': + debug_enable = 1; + break; default: usage(); break; @@ -611,13 +624,16 @@ int main(int argc, char *argv[]) fp_file_path = DEFAULT_FP_FILE_PATH; } + if (debug_enable) { + osfp_log_level_set(OSFP_LOG_LEVEL_DEBUG); + } + struct osfp_db *osfp_db = osfp_db_new(fp_file_path); if (osfp_db == NULL) { printf("could not create osfp context. fingerprints file: %s\n", fp_file_path); exit(1); } - osfp_score_db_debug_print(osfp_db->score_db); // loop diff --git a/example/sample.c b/example/sample.c new file mode 100644 index 0000000..cb0fd37 --- /dev/null +++ b/example/sample.c @@ -0,0 +1,34 @@ +#include "stdio.h" +#include "osfp.h" + +char iph[] = { + 0x45, 0x00, 0x00, 0x34, 0x51, 0xc4, 0x40, 0x00, + 0x80, 0x06, 0xe7, 0x27, 0xc0, 0xa8, 0x73, 0x08, + 0x6a, 0xb9, 0x23, 0x6e +}; + +char tcph[] = { + 0xc1, 0xbd, 0x00, 0x50, 0x3d, 0x58, 0x51, 0x60, + 0x00, 0x00, 0x00, 0x00, 0x80, 0x02, 0x20, 0x00, + 0x3d, 0x3a, 0x00, 0x00, 0x02, 0x04, 0x04, 0xec, + 0x01, 0x03, 0x03, 0x08, 0x01, 0x01, 0x04, 0x02 +}; + +int main(int argc, char **argv) +{ + const char *json_file_path = "./fp.json"; + + struct iphdr *l3_hdr = (struct iphdr *)iph; + struct tcphdr *l4_hdr = (struct tcphdr *)tcph; + size_t l4_hdr_len = sizeof(tcph); + + struct osfp_db *db = osfp_db_new(json_file_path); + if (db) { + struct osfp_result *result = osfp_ipv4_identify(db, l3_hdr, l4_hdr, l4_hdr_len); + if (result) { + printf("likely os: %s\n", osfp_result_os_name_get(result)); + printf("details: \n%s\n", osfp_result_score_detail_export(result)); + osfp_db_free(db); + } + } +} |