1 diff -urN dsniff-2.3/msgsnarf.8 dsniff-2.3-gg/msgsnarf.8
2 --- dsniff-2.3/msgsnarf.8 Sun Nov 19 07:10:50 2000
3 +++ dsniff-2.3-gg/msgsnarf.8 Tue Mar 26 11:29:29 2002
7 \fBmsgsnarf\fR records selected messages from AOL Instant
8 -Messenger, ICQ 2000, IRC, MSN Messenger, or Yahoo Messenger chat
9 +Messenger, ICQ 2000, IRC, MSN Messenger, Gadu-Gadu, or Yahoo Messenger chat
12 .IP "\fB-i \fIinterface\fR"
13 diff -urN dsniff-2.3/msgsnarf.c dsniff-2.3-gg/msgsnarf.c
14 --- dsniff-2.3/msgsnarf.c Fri Dec 15 21:12:19 2000
15 +++ dsniff-2.3-gg/msgsnarf.c Tue Mar 26 14:09:13 2002
20 - Sniff chat messages (AIM, ICQ, IRC, MSN, Yahoo) on a network.
21 + Sniff chat messages (AIM, ICQ, IRC, MSN, Yahoo, Gadu-Gadu) on a network.
23 Copyright (c) 1999 Dug Song <dugsong@monkey.org>
26 + 2002.03.20 - support for Gadu-Gadu messages added by Ryba <ryba_84@hotmail.com>
27 + (based on protocol description from EKG, http://dev.null.pl/ekg/)
33 return (len - buf_len(&buf));
38 + Support for GG messages added by Ryba <ryba_84@hotmail.com>
41 + Protocol description taken from EKG (http://dev.null.pl/ekg/)
42 + by <wojtekka@irc.pl>, <speedy@atman.pl> and others.
43 + Thanks to all of them!
45 + Gadu-Gadu (http://www.gadu-gadu.pl) is a Polish communicator.
46 + I believe it is most popular instant messenger in Poland.
49 +#define GG_LOGIN 0x000c
50 +#define GG_SEND_MSG 0x000b
51 +#define GG_RECV_MSG 0x000a
82 +int process_gg(struct client_info *info, u_char *data, int len) {
84 + struct buf *msg, buf;
85 + struct gg_header *header;
86 + struct gg_send_msg *send_msg;
87 + struct gg_recv_msg *recv_msg;
88 + struct gg_login *login;
89 + struct in_addr addr;
94 + buf_init(&buf, data, len);
96 + while (buf_len(&buf) > sizeof(*header)) {
97 + header = (struct gg_header *)buf_ptr(&buf);
98 + i = sizeof(*header) + header->length;
100 + if ((msg = buf_tok(&buf, NULL, i)) == NULL)
103 + buf_skip(msg, sizeof(*header));
105 + if (header->type == GG_LOGIN && header->length == 22) {
107 + login = (struct gg_login *)buf_ptr(msg);
108 + addr.s_addr = login->local_ip;
110 + if (info->nick) free(info->nick);
111 + snprintf(sbuff, 10, "%u", login->uin);
112 + info->nick = strdup(sbuff);
115 + if (header->type == GG_SEND_MSG) {
116 + send_msg = (struct gg_send_msg *)buf_ptr(msg);
117 + buf_skip(msg, sizeof(*send_msg));
119 + p = buf_strdup(msg);
120 + if (regex_match(p)) {
121 + printf("%s GG %s > %u: %s\n", timestamp(), info->nick, send_msg->recipient, p);
126 + if (header->type == GG_RECV_MSG) {
127 + recv_msg = (struct gg_recv_msg *)buf_ptr(msg);
128 + buf_skip(msg, sizeof(*recv_msg));
130 + p = buf_strdup(msg);
131 + if (regex_match(p)) {
132 + printf("%s GG %s < %u: %s\n", timestamp(), info->nick, recv_msg->sender, p);
138 + return(len - buf_len(&buf));
143 sniff_msgs(struct tcp_stream *ts, void **conn_save)
147 else if (ts->addr.dest == 1863) {
148 process_msgs = process_msn;
150 + else if (ts->addr.dest == 8074 || ts->addr.source == 8074) {
151 + process_msgs = process_gg;