airbase: add -R (bssid randomization)

aircrack-ng · Sep 16, 2020 · 1c24a7a · 1c24a7a
1 parent 8908600
commit 1c24a7a
Showing 1 changed file with 19 additions and 6 deletions.
diff --git a/src/airbase-ng/airbase-ng.c b/src/airbase-ng/airbase-ng.c
@@ -151,6 +151,7 @@ static const char usage[]
 	  "  Options:\n"
 	  "\n"
 	  "      -a bssid         : set Access Point MAC address\n"
+	  "      -R               : randomize Access Point MAC address\n"
 	  "      -i iface         : capture packets from this interface\n"
 	  // "      -y file          : read PRGA from this file\n"
 	  "      -w WEP key       : use this WEP key to en-/decrypt packets\n"
@@ -326,6 +327,18 @@ static void beacon_thread(void * arg);
 static void caffelatte_thread(void);
 static void cfrag_thread(void);
 
+// generates a random locally administered mac address
+static inline void get_random_mac(uint8_t * mac)
+{
+	unsigned i;
+
+	ALLEGE(mac != NULL);
+
+	// force OUI to be locally administered and unicast
+	mac[0] = (rand_u8() & 0xfe) | 0x02;
+	for (i = 1; i < 6; i++) mac[i] = rand_u8();
+}
+
 static int addESSID(char * essid, int len, int expiration)
 {
 	pESSID_t tmp;
@@ -3216,7 +3229,7 @@ int main(int argc, char * argv[])
 		int option = getopt_long(
 			argc,
 			argv,
-			"a:h:i:C:I:r:w:HPe:E:c:d:D:f:W:qMY:b:B:XsS:Lx:vAz:Z:yV:0NF:n:",
+			"a:h:i:C:I:r:w:HPe:E:c:d:D:f:W:qMY:b:B:XsS:Lx:vAz:Z:yV:0NF:n:R",
 			long_options,
 			&option_index);
 
@@ -3263,6 +3276,10 @@ int main(int argc, char * argv[])
 				}
 				break;
 
+			case 'R':
+				get_random_mac(opt.r_bssid);
+				break;
+
 			case 'c':
 
 				lopt.channel = atoi(optarg);
@@ -3970,11 +3987,7 @@ int main(int argc, char * argv[])
 
 	if (lopt.adhoc)
 	{
-		for (i = 0; i < 6; i++) // random cell
-			opt.r_bssid[i] = rand_u8();
-
-		// generate an even first byte
-		if (opt.r_bssid[0] & 0x01) opt.r_bssid[0] ^= 0x01;
+		get_random_mac(opt.r_bssid);
 	}
 
 	memcpy(apc.bssid, opt.r_bssid, 6);