Submit fingerprint using libcurl instead of direct socket

Tweak CMakeLists to also link libcurl and enable fingerprint submit only if curl is found Signed-off-by: Gianfranco Costamagna <[email protected]>
Ettercap · Jul 29, 2020 · 05efd31 · 05efd31
1 parent 1ab403b
commit 05efd31
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 49 deletions.
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
@@ -17,7 +17,6 @@ set(EC_SRC
     ec_exit.c
     ec_file.c
     ec_filter.c
-    ec_fingerprint.c
     ec_format.c
     ec_globals.c
     ec_hash.c
@@ -125,6 +124,9 @@ set(EC_SRC
     protocols/ec_wifi_radiotap.c
 )
 
+if(CURL_FOUND)
+  set(EC_SRC ${EC_SRC} ec_fingerprint.c)
+endif()
 
 if(HAVE_GEOIP)
   set(EC_SRC ${EC_SRC} ec_geoip.c)
@@ -192,6 +194,10 @@ add_library(lib_ettercap SHARED ${EC_SRC})
 add_dependencies(lib_ettercap libnet)
 target_link_libraries(lib_ettercap ec_interfaces ${EC_LIBS})
 
+if(CURL_FOUND)
+  target_link_libraries(lib_ettercap ${CURL_LIBRARY})
+endif()
+
 if(NOT LIBRARY_BUILD)
   add_subdirectory(interfaces)
   include_directories(interfaces/daemon interfaces/text)

diff --git a/src/ec_fingerprint.c b/src/ec_fingerprint.c
@@ -24,6 +24,7 @@
 #include <ec_file.h>
 #include <ec_socket.h>
 #include <ec_fingerprint.h>
+#include <curl/curl.h>
 
 #define LOAD_ENTRY(p,h,v) do {                                 \
    SAFE_CALLOC((p), 1, sizeof(struct entry));                  \
@@ -305,69 +306,54 @@ u_int8 TTL_PREDICTOR(u_int8 x)
  */
 int fingerprint_submit(const char *finger, char *os)
 {
-   int sock;
-   char host[] = "www.ettercap-project.org";
-   char page[] = "/fingerprint.php";
-   char getmsg[1024];
+   char postparams[512];
    char *os_encoded;
    size_t i, os_enclen;
-
-   memset(getmsg, 0, sizeof(getmsg));
-
+   char* page = "https://www.ettercap-project.org/fingerprint.php";
+   char* page = "http://localhost/fingerprint.php";
+   CURL *curl;
+   CURLcode res;
+
+   memset(postparams, 0, sizeof(postparams));
+
    /* some sanity checks */
    if (strlen(finger) > FINGER_LEN || strlen(os) > OS_LEN)
       return -E_INVALID;
-
-   USER_MSG("Connecting to http://%s...\n", host);
-
-   /* prepare the socket */
-   sock = open_socket(host, 80);
-
-   switch(sock) {
-      case -E_NOADDRESS:
-         FATAL_MSG("Cannot resolve %s", host);
-         break;
-      case -E_FATAL:
-         FATAL_MSG("Cannot create the socket");
-         break;
-      case -E_TIMEOUT:
-         FATAL_MSG("Connect timeout to %s on port 80", host);
-         break;
-      case -E_INVALID:
-         FATAL_MSG("Error connecting to %s on port 80", host);
-         break;
-   }
-
+
    os_encoded = strdup(os);
    /* sanitize the os (encode the ' ' to '+') */
    os_enclen = strlen(os_encoded);
    for (i = 0; i < os_enclen; i++)
       if (os_encoded[i] == ' ') 
          os_encoded[i] = '+';
-
-   /* prepare the HTTP request */
-   snprintf(getmsg, sizeof(getmsg), "POST %s HTTP/1.1\r\n"
-                                     "Host: %s\r\n"
-                                     "Accept: */*\r\n"
-                                     "User-Agent: %s (%s)\r\n"
-                                     "Content-Length: %zu\r\n"
-                                     "Content-Type: application/x-www-form-urlencoded \r\n\r\n"
-                                     "finger=%s&os=%s\r\n"
-                                     "\r\n", page, host, EC_GBL_PROGRAM, EC_GBL_VERSION, 7 + strlen(finger) + 4 + strlen(os_encoded), finger, os_encoded );
-
-   SAFE_FREE(os_encoded);
 
-   USER_MSG("Submitting the fingerprint to %s...\n", page);
-
-   /* send the request to the server */
-   socket_send(sock, (const u_char*)getmsg, strlen(getmsg));
 
-   DEBUG_MSG("fingerprint_submit - SEND \n\n%s\n\n", getmsg);
+   curl_global_init(CURL_GLOBAL_ALL);
+   curl = curl_easy_init();
+
+   if (curl) {
+     USER_MSG("Submitting the fingerprint to %s...\n", page);
+
+     snprintf(postparams, sizeof(postparams), "finger=%s&os=%s", finger, os_encoded);
+     SAFE_FREE(os_encoded);
+
+     curl_easy_setopt(curl, CURLOPT_URL, page);
+     curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postparams);
+
+     res = curl_easy_perform(curl);
+
+     if (res != CURLE_OK) {
+       USER_MSG("Failed to submit fingerprint: %s\n", curl_easy_strerror(res));
+     } else {
+       USER_MSG("New fingerprint submitted to the ettercap website...\n");
+     }
+
+     curl_easy_cleanup(curl);
+   }
+
+   curl_global_cleanup();
 
-   /* ignore the server response */
-   close_socket(sock);
 
-   USER_MSG("New fingerprint submitted to the ettercap website...\n");
 
    return E_SUCCESS;
 }