Set filter to ignore other devices

xfangfang · May 12, 2024 · 1228175 · 1228175
1 parent 89158dc
commit 1228175
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -16,7 +16,7 @@ You can download the latest build from [nightly.link](https://nightly.link/xfang
 
 For Windows users, you need to install [npcap](https://npcap.com) before run this program.
 
-For macOS users, you need run `sudo xattr -rd com.apple.quarantine <path-to-pppwn>` after download.
+For macOS users, you need to run `sudo xattr -rd com.apple.quarantine <path-to-pppwn>` after download.
 
 ```shell
 # show help
@@ -32,7 +32,7 @@ pppwn --interface en0 --fw 1100 --stage1 "stage1.bin" --stage2 "stage2.bin" --au
 # Development
 
 This project depends on [pcap](https://github.com/the-tcpdump-group/libpcap), cmake will search for it in the system path by default.
-You can also add cmake option `-DUSE_SYSTEM_PCAP=OFF` to compile pcap together (can be used when cross-compiling).
+You can also add cmake option `-DUSE_SYSTEM_PCAP=OFF` to compile pcap from source (can be used when cross-compiling).
 
 ```shell
 # native build (macOS, Linux, mingw)

diff --git a/src/exploit.cpp b/src/exploit.cpp
@@ -40,7 +40,7 @@ const static std::string SOURCE_IPV6 = "fe80::4141:4141:4141:4141";
 
 const static std::string TARGET_IPV4 = "42.42.42.42";
 
-const static std::string BPF_FILTER = "(ip6) || (pppoed) || (pppoes && !ip)";
+const static std::string BPF_FILTER = "((ip6) || (pppoed) || (pppoes && !ip))";
 
 struct Cookie {
     pcpp::Packet packet;
@@ -178,7 +178,9 @@ int Exploit::setInterface(const std::string &iface) {
 
     // open the device before start capturing/sending packets
     pcpp::PcapLiveDevice::DeviceConfiguration config;
+#if !defined(_WIN32)
     config.direction = pcpp::PcapLiveDevice::PCPP_IN;
+#endif
     if (!dev->open(config)) {
         std::cerr << "[-] Cannot open device" << std::endl;
         dev = nullptr;
@@ -387,6 +389,8 @@ int Exploit::ppp_negotiation(const std::function<std::vector<uint8_t>(Exploit *)
     if (ethLayer) {
         target_mac = ethLayer->getSourceMac();
         std::cout << "[+] Target MAC: " << target_mac << std::endl;
+        std::string filter = "(ether src " + ethLayer->getSourceMac().toString() + ") && " + BPF_FILTER;
+        this->dev->setFilter(filter);
     }
 
     source_mac = pcpp::MacAddress(SOURCE_MAC);
@@ -726,7 +730,7 @@ int Exploit::stage0() {
         std::cout << "[+] Generate target IPv6 from MAC address" << std::endl;
         const uint8_t *mac = this->target_mac.getRawData();
         uint8_t flag = mac[0] ^ 0x02;
-        uint8_t ipv6[16] = {0xfe, 0x80, 0, 0, 0, 0, 0, 0,flag, mac[1], mac[2], 0xff, 0xfe, mac[3], mac[4], mac[5]};
+        uint8_t ipv6[16] = {0xfe, 0x80, 0, 0, 0, 0, 0, 0, flag, mac[1], mac[2], 0xff, 0xfe, mac[3], mac[4], mac[5]};
         this->target_ipv6 = pcpp::IPv6Address(ipv6);
         std::cout << "[+] Target IPv6: " << this->target_ipv6 << std::endl;
     }