Gentoo Attachment #29381 for bug #47980

View | Details | Raw Unified
Collapse All | Expand All

(-) ../WepAttack-0.1.3/src/config.h (-1 / +1 lines)

Lines 37-43	Link Here

#define WEPKEYSTORE     	(WEPKEYSIZE * WEPKEYS)

#define WEPKEYSTORE     	(WEPKEYSIZE * WEPKEYS)

#define DEBUG 			0

#define DEBUG 			0

#define VERSION			"0.1.3"

#define VERSION			"0.1.3 (patched)"

#endif

#endif

(-) ../WepAttack-0.1.3/src/log.c (-3 / +3 lines)

Lines 73-79	Link Here

	fprintf(fp, "Cracking started: %s", ctime(&start_time));

	fprintf(fp, "Cracking started: %s", ctime(&start_time));

	fprintf(fp, "%s\t%s\n", word, in);

	fprintf(fp, "%s\t%s\n", word, in);

	fprintf(fp, "\nBssid\tKeyNo\tWepKey\tASCII\tEncryption\tElapsed Time");

	fprintf(fp, "\nBssid\t\t\tKeyNo\tWepKey\t\tASCII\tEncryption\tElapsed Time");

	fclose(fp);

	fclose(fp);

Lines 101-107	Link Here

	fprintf(fp, "\t%d Bit", ((bssid->encryption&0x0F)+3)*8);

	fprintf(fp, "\t%d Bit", ((bssid->encryption&0x0F)+3)*8);

	if ((bssid->encryption&0x60) == MODE_KEYGEN)

	if ((bssid->encryption&0x60) == MODE_KEYGEN)

		fprintf(fp, " (KEYGEN)");

		fprintf(fp, " (KEYGEN)");

	fprintf(fp, "\t%d sec", (int)difftime(now, start_time));

	fprintf(fp, "\t%d sec", (int)difftime(now, start_time));

	fclose(fp);

	fclose(fp);

Lines 120-126	Link Here

			fprintf(fp, "\n");

			fprintf(fp, "\n");

			print_hex_array(fp, list->frame.bssid, 6);

			print_hex_array(fp, list->frame.bssid, 6);

			fprintf(fp, "\t%d", list->frame.key);

			fprintf(fp, "\t%d", list->frame.key);

			fprintf(fp, "\tnot cracked\t\t%d sec",

			fprintf(fp, "\tnot cracked\t\t\t\t%d sec",

				(int)difftime(now, start_time));

				(int)difftime(now, start_time));

		list = list->next;

		list = list->next;

(-) ../WepAttack-0.1.3/src/misc.c (-1 / +2 lines)

Lines 40-49	Link Here

	fprintf(stdout,"WEPATTACK by Dominik Blunk and Alain ");

	fprintf(stdout,"WEPATTACK by Dominik Blunk and Alain ");

	fprintf(stdout,"Girardet - Version %s\n", VERSION);

	fprintf(stdout,"Girardet - Version %s\n", VERSION);

	fprintf(stdout,"\nusage: wepattack -f dumpfile [-w wordfile]");

	fprintf(stdout,"\nusage: wepattack -f dumpfile [-w wordfile]");

	fprintf(stdout, " [-m mode] [-n	network]\n");

	fprintf(stdout, " [-m mode] [-b mac_address] [-n network]\n");

	fprintf(stdout,"-f dumpfile \tnetwork dumpfile to read\n");

	fprintf(stdout,"-f dumpfile \tnetwork dumpfile to read\n");

	fprintf(stdout,"\t\t(in PCAP format as TCPDUMP or ETHEREAL uses)\n");

	fprintf(stdout,"\t\t(in PCAP format as TCPDUMP or ETHEREAL uses)\n");

	fprintf(stdout,"-w wordlist \twordlist to use (default: stdin)\n");

	fprintf(stdout,"-w wordlist \twordlist to use (default: stdin)\n");

	fprintf(stdout,"-b mac_address \tfilter the mac address from the dump file\n");

	fprintf(stdout,"-m mode \trun wepattack in diffente modes (default: all)\n");

	fprintf(stdout,"-m mode \trun wepattack in diffente modes (default: all)\n");

	fprintf(stdout,"\t\tvalues: 64, 128, n64, n128\n");

	fprintf(stdout,"\t\tvalues: 64, 128, n64, n128\n");

	fprintf(stdout,"-n network \tnetwork number to attack\n");

	fprintf(stdout,"-n network \tnetwork number to attack\n");

(-) ../WepAttack-0.1.3/src/modes.c (-2 / +1 lines)

Lines 153-159	Link Here

	rc4_key_gen = generate_rc4_key(padded_key,

	rc4_key_gen = generate_rc4_key(padded_key,

		generate_length, current_packet->frame.iv);

		generate_length, current_packet->frame.iv);

	// process rc4 on first byte of stream

	// process rc4 on first byte of stream

	process_rc4_key(current_packet->frame.payload, 1 ,rc4_key_gen);

	process_rc4_key(current_packet->frame.payload, 1 ,rc4_key_gen);

	// verify if snap header is equal then second verify crc32

	// verify if snap header is equal then second verify crc32

Lines 184-187	Link Here

	return 0;

	return 0;

(-) ../WepAttack-0.1.3/src/wepattack.c (-14 / +71 lines)

Lines 4-9	Link Here

* Author: 		Alain Girardet/Dominik Blunk

* Author: 		Alain Girardet/Dominik Blunk

* Last Modified:	2002-10-24

* Last Modified:	2002-10-24

* Send me any suggestions about the patch to kirano_1@hotmail.com

* Description: Read guessed passwords from stdin and applies RC4

* Description: Read guessed passwords from stdin and applies RC4

* on sniffed encrypted 802.11 DATA packets

* on sniffed encrypted 802.11 DATA packets

Lines 57-62	Link Here

// default mode (all modes sequential)

// default mode (all modes sequential)

static unsigned char use_modes = 0x01;

static unsigned char use_modes = 0x01;

// to check bssid

char* BSSID=NULL;

wlan_packet_list* bssids_list=NULL;

int is_bssid_set = 0;

void clean_up();

void clean_up();

//

//

Lines 64-70	Link Here

//

//

void load_packets(char *infile, int network) {

void load_packets(char *infile, int network) {

	int network_count = 0;

	int network_count = 0;

	wlan_packet_list* aux;

	wlan_packet_list* aux_2;

	wlan_packet_list* aux3;

	char bssid_aux[18],bssid_aux2[13],bssid_aux3[18],bssid_aux4[13];

	// load networks from file

	// load networks from file

	list_packet_to_crack = get_packets(infile);

	list_packet_to_crack = get_packets(infile);

Lines 77-93	Link Here

	current_packet = list_packet_to_crack;

	current_packet = list_packet_to_crack;

	// list all available networks

	//Make another list with provided bssid

	printf("\n\nFounded BSSID:");

	if (is_bssid_set){

	while (current_packet->next != NULL) {

		for (aux=current_packet; aux!=NULL;aux=aux->next){

		network_count++;

			sprintf(bssid_aux,"%.2X:%.2X:%.2X:%.2X:%.2X:%.2X",aux->frame.bssid[0],aux->frame.bssid[1],aux->frame.bssid[2],aux->frame.bssid[3],aux->frame.bssid[4],aux->frame.bssid[5]);

		printf("\n%d)  ", network_count);

			sprintf(bssid_aux2,"%.2X%.2X%.2X%.2X%.2X%.2X",aux->frame.bssid[0],aux->frame.bssid[1],aux->frame.bssid[2],aux->frame.bssid[3],aux->frame.bssid[4],aux->frame.bssid[5]);

		print_hex_array(stdout, current_packet->frame.bssid, 6);

			sprintf(bssid_aux3,"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",aux->frame.bssid[0],aux->frame.bssid[1],aux->frame.bssid[2],aux->frame.bssid[3],aux->frame.bssid[4],aux->frame.bssid[5]);

		printf("/ Key %d", current_packet->frame.key);

			sprintf(bssid_aux4,"%.2x%.2x%.2x%.2x%.2x%.2x",aux->frame.bssid[0],aux->frame.bssid[1],aux->frame.bssid[2],aux->frame.bssid[3],aux->frame.bssid[4],aux->frame.bssid[5]);

		current_packet = current_packet->next;

			if ((strncmp(bssid_aux,BSSID,17) == 0) || (strncmp(bssid_aux2,BSSID,12) == 0) || (strncmp(bssid_aux3,BSSID,17) == 0) || (strncmp(bssid_aux4,BSSID,12) == 0)){

				aux_2 = malloc(sizeof(wlan_packet_list));

				memcpy(&aux_2->frame.frameControl, aux->frame.frameControl, 2);

				memcpy(&aux_2->frame.duration, aux->frame.duration, 2);

				memcpy(&aux_2->frame.srcAddress, aux->frame.srcAddress, 6);

				memcpy(&aux_2->frame.dstAddress, aux->frame.dstAddress, 6);

				memcpy(&aux_2->frame.bssid, aux->frame.bssid, 6);

				if(aux->frame.address4 > 0) {

					memcpy(&aux_2->frame.address4, aux->frame.address4, 6);

				memcpy(&aux_2->frame.sequenceControl, aux->frame.sequenceControl, 2);

				memcpy(&aux_2->frame.iv, &aux->frame.iv, 3);

				aux_2->frame.key=aux->frame.key;

				memcpy(&aux_2->frame.payload, aux->frame.payload, (aux->framesize)- (aux->frame.limits_payload));

				if (bssids_list == NULL){

					aux3 = malloc(sizeof(wlan_packet_list));

					aux3->next = NULL;

					bssids_list = aux3;

				aux_2->framesize = aux->framesize;

				aux_2->next = bssids_list;

				bssids_list = aux_2;

		if (bssids_list != NULL){

		//we must free the old list

			delete_list(list_packet_to_crack);

			list_packet_to_crack = bssids_list;

			current_packet = list_packet_to_crack;

		else printf("\n\nProvided BSSID not found. Cracking all networks");

	// list all available networks

            printf("\n\nFounded BSSID:");

            while (current_packet->next != NULL) {

	            network_count++;

				printf("\n%d)  ", network_count);

				print_hex_array(stdout, current_packet->frame.bssid, 6);

				printf("/ Key %d", current_packet->frame.key);

				current_packet = current_packet->next;

	if (network > network_count)

	if (network >= network_count)

		network = 0;

		network = 0;

	// if only one should be attacked, remove the others from the list

	// if only one should be attacked, remove the others from the list

Lines 98-109	Link Here

			network_count++;

			network_count++;

			current_packet = current_packet->next;

			current_packet = current_packet->next;

		// extract one packet from list

		// extract one packet from list

		list_packet_to_crack = get_one_packet(list_packet_to_crack,

		list_packet_to_crack = get_one_packet(list_packet_to_crack,

			current_packet->frame.bssid, current_packet->frame.key);

			current_packet->frame.bssid, current_packet->frame.key);

		network_count = 1;

		network_count = 1;

	printf("\n%d network%s loaded...\n", network_count, network_count>1?"s":"");

	printf("\n%d network%s loaded...\n", network_count, network_count>1?"s":"");

Lines 220-233	Link Here

	// process command line options

	// process command line options

	// program will terminate, if invalid options are passed

	// program will terminate, if invalid options are passed

    	while((op = getopt(argc, argv, "n:m:f:w:?")) != -1) {

    	while((op = getopt(argc, argv, "n:b:m:f:w:?")) != -1) {

    		switch(op) {

    		switch(op) {

		case 'n':

		case 'n':

			network_arg = atoi(optarg);

			network_arg = atoi(optarg);

			break;

			break;

		case 'b':

			BSSID = optarg;

			is_bssid_set = 1;

			printf("BSSID: %s\n", BSSID);

			break;

                // arg for packet file to read from

                // arg for packet file to read from

		case 'f':

		case 'f':

                        packet_file = optarg;

                        packet_file = optarg;

			printf("FILE: %s\n", optarg);

			pf = fopen(packet_file,"r");

			pf = fopen(packet_file,"r");

			if (!pf) {

			if (!pf) {

				printf("Dumpfile error: No such file or directory!\n\n");

				printf("Dumpfile error: No such file or directory!\n\n");

Lines 310-319	Link Here

		word_count++;

		word_count++;

		// main loop to process key in modes on every packet

		// main loop to process key in modes on every packet

		loop_packets(key);

		loop_packets(key);

	clean_up();

	clean_up();

(-) ../WepAttack-0.1.3/src/wepattack.h (+1 lines)

Lines 38-43	Link Here

	unsigned char iv[3];

	unsigned char iv[3];

	unsigned char key;

	unsigned char key;

	unsigned char payload[2400];

	unsigned char payload[2400];

	int limits_payload;

};

};

/*

/*

(-) ../WepAttack-0.1.3/src/wepfilter.c (-5 / +3 lines)

Lines 86-93	Link Here

//

//

// puts new element at the beginning of the list (pointed by head)

// puts new element at the beginning of the list (pointed by head)

//

//

void push(wlan_packet_list** head, const u_char* data, int length,

void push(wlan_packet_list** head, const u_char* data, int length,packet_delimiter limits) {

packet_delimiter limits) {

	wlan_packet_list* newframe = malloc(sizeof(wlan_packet_list));

	wlan_packet_list* newframe = malloc(sizeof(wlan_packet_list));

	memcpy(&newframe->frame.frameControl, data+limits.frame_control, 2);

	memcpy(&newframe->frame.frameControl, data+limits.frame_control, 2);

Lines 104-109	Link Here

	memcpy(&newframe->frame.key, data+limits.key, 1);

	memcpy(&newframe->frame.key, data+limits.key, 1);

	newframe->frame.key = newframe->frame.key >> 6;

	newframe->frame.key = newframe->frame.key >> 6;

	memcpy(&newframe->frame.payload, data+limits.payload, length-limits.payload);

	memcpy(&newframe->frame.payload, data+limits.payload, length-limits.payload);

	newframe->frame.limits_payload = limits.payload;

	newframe->framesize = length;

	newframe->framesize = length;

	newframe->next = *head;

	newframe->next = *head;

	*head = newframe;

	*head = newframe;

Lines 113-121	Link Here

// callback function that is passed to pcap_loop() and called each time a

// callback function that is passed to pcap_loop() and called each time a

// packet is recieved

// packet is recieved

//

//

void my_callback(u_char *useless, const struct pcap_pkthdr* pkthdr,

void my_callback(u_char *useless, const struct pcap_pkthdr* pkthdr,	const u_char* packet) {

	const u_char* packet) {

    static int count = 1;

    static int count = 1;

    FILE *fp;

    FILE *fp;

    unsigned int framesize = pkthdr->caplen;

    unsigned int framesize = pkthdr->caplen;

Attachment #29381: wepattack.patch for bug #47980