#!/usr/bin/perl
#
# Original File
# --------------
#	http://www.remote-exploit.org/downloads/simple-perl-sniffer.pl.gz
#
#
# 08-Dec-04 amo Mirrored at http://Linux-Sec.net/Sniffer/Scripts
#
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#

############################################################
# Team remote-exploit.org provides you a perl sample code  #
# Visit us at http://www.remote-exploit.org or at the irc  #
# on openprojects.net #wellenreiter.                       #
############################################################
# Author: Max Moser, mmo@remote-exploit.org                #
############################################################
# And please don't forget to share the magic :-)           #
############################################################
# Description:											 #
# This code is a simple sniffer. It just initializes the   #
# interface defined in the global variable $g_sniff_device #
# and prints out each packet in hex to the cosole. When the#
# user hits ctrl+c the signal gets trapped and closes first#
# the pcap handle and then exit. (Propper cleanup)         #
############################################################

use strict;
use Net::Pcap;

# Switch this to 1 for enabling debugging code
my $debug = 1;

# Do no buffering - flushing output directly
$|=1;
#declaration of functions
sub f_probe_pcapinit;
sub f_probe_read80211b_func;
sub f_probe_ctrl_c;

# Declarations of global variables
my $g_pcap_err = '';
my $g_sniff_device='eth0';
my $g_cap_descrip;

# Trapping Signal "INT" like ctrl+c for cleanup first.
$SIG{INT} = \&f_probe_ctrl_c; 

# Main program
#initializing the sniffer
f_probe_pcapinit;

# End of the main-program


sub f_probe_pcapinit{
	if ($g_cap_descrip = Net::Pcap::open_live($g_sniff_device,2000,0,1000,\$g_pcap_err))
	{
		# Initiate endless packet gathering.
		Net::Pcap::loop($g_cap_descrip, -1, \&f_probe_read80211b_func , '' );
	}
	else
	{
		print "\nCould not initiating the open_live command on $g_sniff_device from the pcap.\nThe following error where reported: $g_pcap_err\n";
		exit;
	}
};

sub f_probe_read80211b_func {
	my($data, $header,$packet) = @_;
	print "\n Got a packet: ";
	print "\n" . unpack ('H*',$packet);
};

sub f_probe_ctrl_c {
	# Checks if there is a open pcap handle and closes it first.
	if ($g_cap_descrip)
	{
		Net::Pcap::close ($g_cap_descrip);
		print "\nClosed the pcap allready, the program exits now.\n";
	}
};
# 
# End of file