permissions problem with LibPCap - ofxCarnivorePE

I am trying to get LibPCAP and eventually tcpdump (essentially CarnivorePE) running in OF, and I have some code that ostensibly should print out the first packet that passes through your local network, but I keep getting this error:

DEV: en1  
pcap_open_live(): (no devices found) /dev/bpf0: Permission denied  

You can download the code here:

I have tcpdump installed on my Macbook Pro (which is essentially a frontend for LibPCAP, and it needs to be run as root in order to get access to the live network device. If you want to try it yourself, install MacPorts and then run ‘port install tcpdump’, then restart your computer, and then run ‘sudo tcpdump -i en1’ to listen in on your wireless network. What you have done is put your network device into ‘promiscuous mode’, where it doesn’t care whether a packet is addressed to it – it accepts it regardless. This is tons of fun for office networks.

So what I’m wondering is: How do you run an openFrameworks app as root? I’ve changed the ‘Alternate Install Owner’ & ‘Install Owner’ configurations to ‘root’, but that did nothing.

I’ve tried:

sudo ./bin/   

which gives me

DEV: en1  
pcap_open_live(): BIOCSRTIMEOUT: Invalid argument  

and I’ve tried

sudo open bin/  

but that gives me nothing.

There are tons of OSX apps that prompt you for your root password. Is there a simple Objective-C way to do that? I have been searching around for a bit and I will continue, but if anyone has a clue, please let me know.



I’ve been hacking on this for a few days now and I have BetterAuthorizationSample working inside of openFrameworks. BetterAuthorizationSample (BAS) is provided by Apple to show the best practice for doing privileged operations. It basically works like this:

  1. You write a separate little C file that contains functions that do all of the privileged things that you want to do, and ONLY the privileged things. So, for instance, accessing low numbered ports, getting the UIDs (Real, User, and Saved – don’t fully understand that), and/or (my personal interest) opening a live connection to the network device for packet sniffing. These functions are designed to simply do their privileged thing and then return the results that you want in a pre-defined way. You set up your XCode project so that the helper tool builds when your app builds and is copied into the application bundle.

  2. BAS also provides a little tool that will install this little helper application. You just need to set up your oF App so that this too is compiled and copied into your application bundle.

  3. When the user runs the program, the installer tool runs, which installs the little helper app.

  4. The user is then prompted for credentials to run the helper tool as a privileged user. If the authentication is successful, the helper tool starts.

  5. A pipe to that process is opened and your oF app gets the results back from the helper app.

  6. you p0wn everyone

If it sounds complicated and convoluted, you’re right! But it’s hella safe, assuming you keep your helper app functions very specific.

I got this all working. Now the only thing left to do is package it in a way that hides that nightmarish Cocoa Foundation shit that you have to deal with. I think I will finish up in a few days, which translates into a few weeks in real human time.

Of course, this only works for Mac. It would be great to team up with someone to make a cross-platform authorization addon. Anyone interested?

It’s been 3 years, any update? :stuck_out_tongue:

Unlike in Processing (with Carnivore, super easy!), packet sniffing in OF and C++ is quite the pain in the ass. Can’t get LibCrafter to compile on Mac, libpcap won’t function without the root stuff (what you’re problem was), and so on. Desperately need this and nothing works.