+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <bluetooth/bluetooth.h>
+#include <bluetooth/rfcomm.h>
+#include <sys/ioctl.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+int parse_packet(unsigned char *buf, unsigned bytes, int sock)
+{
+ char *ptr;
+ int ret = 0;
+ buf[bytes + 1] = 0;
+
+ ptr = strtok((char *)buf, "\n");
+ while (ptr) {
+ if (strncmp(ptr, "*NETWORK: ", 10) == 0) {
+ char bssid[32];
+ int crypted, weak, signal, noise;
+ if (sscanf(ptr, "*NETWORK: %s %d %d %d %d", bssid, &crypted, &weak, &signal, &noise) != 5) {
+ printf("Couldn't parse NETWORK packet\n");
+ } else {
+ if (strcmp(bssid, "00:0D:54:A0:27:7F") == 0) {
+ char str1[64], str2[64], str3[64], str4[64];
+ short len;
+ sprintf(str1, "Crypted: %d", crypted);
+ sprintf(str2, "Weak IVs: %d", weak);
+ sprintf(str3, "Signal level: %d dB", signal);
+ sprintf(str4, "Noise level: %d dB", noise);
+
+ write(sock, "\000\001", 2);
+ len = htons(2 * 4 + strlen(str1) + strlen(str2) + strlen(str3) + strlen(str4));
+ write(sock, (char*)&len, 2);
+
+ len = htons(strlen(str1));
+ write(sock, (char*)&len, 2);
+ write(sock, str1, strlen(str1));
+
+ len = htons(strlen(str2));
+ write(sock, (char*)&len, 2);
+ write(sock, str2, strlen(str2));
+
+ len = htons(strlen(str3));
+ write(sock, (char*)&len, 2);
+ write(sock, str3, strlen(str3));
+
+ len = htons(strlen(str4));
+ write(sock, (char*)&len, 2);
+ write(sock, str4, strlen(str4));
+
+ ret = 1;
+ }
+ }
+ }
+ ptr = strtok(NULL, "\n");
+ }
+
+ return ret;
+}
+
+int main(int argc, char **argv)
+{
+ struct sockaddr_rc loc_addr = { 0 }, rem_addr = { 0 };
+ struct sockaddr_in addr;
+ unsigned char buf[1024] = { 0 };
+ char initstr[] = "!1 ENABLE NETWORK bssid,cryptpackets,weakpackets,signal,noise\n";
+ int s, client, kismet, bytes_read;
+ size_t opt = sizeof(rem_addr);
+ unsigned one = 1;
+
+ // allocate socket
+ s = socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM);
+
+ // bind socket to port 1 of the first available
+ // local bluetooth adapter
+ loc_addr.rc_family = AF_BLUETOOTH;
+ loc_addr.rc_bdaddr = *BDADDR_ANY;
+ loc_addr.rc_channel = (uint8_t) 1;
+ bind(s, (struct sockaddr *)&loc_addr, sizeof(loc_addr));
+
+ // put socket into listening mode
+ listen(s, 1);
+
+ // accept one connection
+ client = accept(s, (struct sockaddr *)&rem_addr, &opt);
+
+ ba2str( &rem_addr.rc_bdaddr, buf );
+ fprintf(stderr, "accepted connection from %s\n", buf);
+ memset(buf, 0, sizeof(buf));
+
+ ioctl(client, FIONBIO, &one);
+
+ // connect to kismet
+ kismet = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ addr.sin_family = AF_INET;
+ addr.sin_addr.s_addr = inet_addr("127.0.0.1");
+ addr.sin_port = htons(2501);
+
+ if (connect(kismet, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
+ perror("connect()");
+ exit(1);
+ }
+ ioctl(kismet, FIONBIO, &one);
+ write(kismet, initstr, strlen(initstr));
+
+ printf("Connected to Kismet.\n");
+
+ // read data from the client
+ for ( ;; ) {
+ int flag = 1;
+
+ // gobble up data from the phone
+ bytes_read = read(client, buf, sizeof(buf) - 1);
+ if( bytes_read > 0 ) {
+ unsigned i;
+ printf("received [");
+ for (i = 0; i < bytes_read; ++i)
+ printf("0x%02x ", buf[i]);
+ printf("]\n");
+ }
+
+ // read from kismet
+ bytes_read = read(kismet, buf, sizeof(buf));
+ if( bytes_read > 0 ) {
+ unsigned i;
+ for (i = 0; i < bytes_read; ++i)
+ printf("%c", buf[i]);
+
+ flag = parse_packet(buf, bytes_read, client);
+ }
+
+ if (flag) {
+ // alive?
+ write(client, "\000\012\000\000", 4);
+ sleep(1);
+ }
+ }
+
+ // close connection
+ close(client);
+ close(s);
+ return 0;
+}
+