Skip to content

Commit

Permalink
Bug fixes
Browse files Browse the repository at this point in the history 
Makefile Cflag, parallel fix
Fix some compiler warnings
Fix drop faulty
Wpsmon use less spcae in output
Fix wash probe request
  • Loading branch information
@t6x
t6x committed Jun 4, 2015
1 parent addbe3b commit 845501b
Show file tree
Hide file tree
Showing 11 changed files with 130 additions and 44 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Expand Up @@ -129,7 +129,7 @@


#Contribution
Modifications made by t6_x, DataHead, Soxrok2212
Modifications made by t6_x, DataHead, Soxrok2212, Wiire

Some ideas made by nuroo, kcdtv

Expand Down
24 changes: 12 additions & 12 deletions src/Makefile.in
View file
Expand Up @@ -16,22 +16,22 @@ reaver: wps libiw libwps.o argsparser.o globule.o init.o sigint.o sigalrm.o misc
$(CC) $(CFLAGS) $(INC) wpscrack.c *.o $(LDFLAGS) -o reaver

libwps.o:
(cd $(LIBWPS_DIR) && make)
(cd $(LIBWPS_DIR) && $(MAKE))

wps: libutils libcrypto
(cd wps && make)
(cd wps && $(MAKE))

libutils:
(cd utils && make)
(cd utils && $(MAKE))

libcrypto: libtls
(cd crypto && make)
(cd crypto && $(MAKE))

libtls:
(cd tls && make)
(cd tls && $(MAKE))

libiw:
(cd lwe && make BUILD_STATIC=y libiw.a)
(cd lwe && $(MAKE) BUILD_STATIC=y libiw.a)

init.o:
$(CC) $(CFLAGS) init.c -c
Expand Down Expand Up @@ -93,12 +93,12 @@ install: cleanbin
clean:
rm -f *~ *.o reaver wash
rm -rf *.cache config.status config.log
(cd utils && make clean)
(cd tls && make clean)
(cd crypto && make clean)
(cd wps && make clean)
(cd lwe && make realclean)
(cd $(LIBWPS_DIR) && make clean)
(cd utils && $(MAKE) clean)
(cd tls && $(MAKE) clean)
(cd crypto && $(MAKE) clean)
(cd wps && $(MAKE) clean)
(cd lwe && $(MAKE) realclean)
(cd $(LIBWPS_DIR) && $(MAKE) clean)
rm -f Makefile config.h

cleanbin:
Expand Down
53 changes: 48 additions & 5 deletions src/cracker.c
View file
Expand Up @@ -315,7 +315,52 @@ int get_pin_count()
return pin_count;
}

/* Displays the status and rate of cracking */
char *get_max_time_remaining(int average, int attempts_remaining)
{
char *max_time, hours[8], minutes[3], seconds[3];
int max_hours = 0, max_minutes = 0, max_seconds = 0;

max_time = malloc(16);

if(!max_time)
exit(-1);

if(average)
{
max_seconds = attempts_remaining * average;
if(max_seconds > 60)
{
max_minutes = max_seconds / 60;
max_seconds -= max_minutes * 60;
}
if(max_minutes > 60)
{
max_hours = max_minutes / 60;
max_minutes -= max_hours * 60;
}

if(max_seconds < 0 || max_minutes < 0 || max_hours < 0)
{
free(max_time);
return NULL;
}

sprintf(hours, "%d", max_hours);
sprintf(minutes, "%s%d", max_minutes > 9 ? "" : "0", max_minutes);
sprintf(seconds, "%s%d", max_seconds > 9 ? "" : "0", max_seconds);

sprintf(max_time, "%s:%s:%s", hours, minutes, seconds);
}
else
{
free(max_time);
return NULL;
}

return max_time;
}

//Displays the status and rate of cracking
void display_status(time_t start_time)
{
float percentage = 0;
Expand All @@ -327,10 +372,8 @@ void display_status(time_t start_time)
{
attempts = get_p1_index() + get_p2_index();
}
/*
* If we've found the first half of the key, then the entire key1 keyspace
* has been exhausted/eliminated. Our output should reflect that.
*/
// If we've found the first half of the key, then the entire key1 keyspace
// has been exhausted/eliminated. Our output should reflect that.
else if(get_key_status() == KEY2_WIP)
{
attempts = P1_SIZE + get_p2_index();
Expand Down
7 changes: 7 additions & 0 deletions src/session.c
View file
Expand Up @@ -63,6 +63,7 @@ int restore_session()

bssid = mac2str(get_bssid(), '\0');
snprintf(file, FILENAME_MAX, "%s/%s.%s", CONF_DIR, bssid, CONF_EXT);
//snprintf(file, FILENAME_MAX, "%s.%s", bssid, CONF_EXT);
free(bssid);
}

Expand Down Expand Up @@ -199,6 +200,7 @@ int save_session()
* If the configuration directory exists, save the session file there; else, save it to the
* current working directory.
*/

if(configuration_directory_exists())
{
snprintf((char *) &file_name, FILENAME_MAX, "%s/%s.%s", CONF_DIR, bssid, CONF_EXT);
Expand All @@ -207,6 +209,11 @@ int save_session()
{
snprintf((char *) &file_name, FILENAME_MAX, "%s.%s", bssid, CONF_EXT);
}



/* save session to the current directory - OpenWRT*/
//snprintf((char *) &file_name, FILENAME_MAX, "%s.%s", bssid, CONF_EXT);
}

/* Don't bother saving anything if nothing has been done */
Expand Down
39 changes: 34 additions & 5 deletions src/utils/common.c
View file
Expand Up @@ -543,14 +543,11 @@ Tactical Network Solutions
http://www.devttys0.com/2014/10/reversing-d-links-wps-pin-algorithm/
*/

int pingen_dlink(char *mac, char *serial, int len_serial, int add)
int pingen_dlink(char *mac, int add)
{
int mac_len=0, serial_len=0, nic=0, pin=0;
int nic=0, pin=0;
char buff[10];

mac_len = strlen(mac);
serial_len = len_serial;

nic = hexToInt(strncpy(buff, mac+6, sizeof(buff)));
nic = nic + add;

Expand All @@ -570,3 +567,35 @@ int pingen_dlink(char *mac, char *serial, int len_serial, int add)

return (pin * 10) + wps_checksum(pin);
}

//Zhaochunsheng algorithm/
//mac to decimal by kib0rg
int pingen_zhaochunsheng(char *mac, int add)
{
int default_pin=0, pin=0, i=0, pin_len = 9;
//char *bssid = mac2str(get_bssid(), ':');
char *bssid_copy = (char *)malloc(strlen(mac) + 1);
char *bssid_parts, temp[7] = { 0 };

strcpy(bssid_copy, mac);
bssid_parts = strtok(bssid_copy, ":");

while(bssid_parts)
{
if(i > 2)
{
strcat(temp, bssid_parts);
}

bssid_parts = strtok(NULL, ":");
++i;
}

temp[6] = '\0';
sscanf(temp, "%x", &default_pin);
default_pin = default_pin % 10000000;

snprintf(pin, pin_len, "%08d", (default_pin * 10) + wps_checksum(default_pin));

return pin;
}
2 changes: 1 addition & 1 deletion src/utils/common.h
View file
Expand Up @@ -445,7 +445,7 @@ int wpa_snprintf_hex_uppercase(char *buf, size_t buf_size, const u8 *data,
size_t len);

int pingen_belkin(char *mac, char *serial, int len_serial, int add);
int pingen_dlink(char *mac, char *serial, int len_serial, int add);
int pingen_dlink(char *mac, int add);

#ifdef CONFIG_NATIVE_WINDOWS
void wpa_unicode2ascii_inplace(TCHAR *str);
Expand Down
20 changes: 10 additions & 10 deletions src/wps/Makefile
View file
@@ -1,34 +1,34 @@
CC=gcc
CC?=gcc
INC=-I../utils -I ../

all: wps_attr_build.o wps_attr_parse.o wps_attr_process.o wps.o wps_common.o wps_dev_attr.o wps_enrollee.o wps_registrar.o wps_ufd.o

wps_attr_build.o:
$(CC) $(INC) wps_attr_build.c -c
$(CC) $(CFLAGS) $(INC) wps_attr_build.c -c

wps_attr_parse.o:
$(CC) $(INC) wps_attr_parse.c -c
$(CC) $(CFLAGS) $(INC) wps_attr_parse.c -c

wps_attr_process.o:
$(CC) $(INC) wps_attr_process.c -c
$(CC) $(CFLAGS) $(INC) wps_attr_process.c -c

wps.o:
$(CC) $(INC) wps.c -c
$(CC) $(CFLAGS) $(INC) wps.c -c

wps_common.o:
$(CC) $(INC) wps_common.c -c
$(CC) $(CFLAGS) $(INC) wps_common.c -c

wps_dev_attr.o:
$(CC) $(INC) wps_dev_attr.c -c
$(CC) $(CFLAGS) $(INC) wps_dev_attr.c -c

wps_enrollee.o:
$(CC) $(INC) wps_enrollee.c -c
$(CC) $(CFLAGS) $(INC) wps_enrollee.c -c

wps_registrar.o:
$(CC) $(INC) wps_registrar.c -c
$(CC) $(CFLAGS) $(INC) wps_registrar.c -c

wps_ufd.o:
$(CC) $(INC) wps_ufd.c -c
$(CC) $(CFLAGS) $(INC) wps_ufd.c -c

clean:
rm -f *.o
6 changes: 3 additions & 3 deletions src/wps/wps_dev_attr.c
View file
Expand Up @@ -316,9 +316,9 @@ static int wps_process_serial_number(struct wps_device_data *dev,
if(globule->op_gen_pin == 2)
{
printf("[Pin Gen] D-Link Default Pin Generator by devttys0 team\n");
printf("[Pin Gen] Pin Generated : %08d\n",pingen_dlink(mac2str(get_bssid(),'\0'), str, str_len, 0));
printf("[Pin Gen] Pin Generated (+1): %08d\n",pingen_dlink(mac2str(get_bssid(),'\0'), str, str_len, 1));
printf("[Pin Gen] Pin Generated (-1): %08d\n\n",pingen_dlink(mac2str(get_bssid(),'\0'), str, str_len, -1));
printf("[Pin Gen] Pin Generated : %08d\n",pingen_dlink(mac2str(get_bssid(),'\0'), 0));
printf("[Pin Gen] Pin Generated (+1): %08d\n",pingen_dlink(mac2str(get_bssid(),'\0'), 1));
printf("[Pin Gen] Pin Generated (-1): %08d\n\n",pingen_dlink(mac2str(get_bssid(),'\0'), -1));
exit(0);
}

Expand Down
2 changes: 1 addition & 1 deletion src/wps/wps_enrollee.c
View file
Expand Up @@ -514,7 +514,7 @@ static int wps_process_uuid_r(struct wps_data *wps, const u8 *uuid_r)
static int wps_process_pubkey(struct wps_data *wps, const u8 *pk,
size_t pk_len)
{
printf("--------------------------------------------------------------------------------------");

if (pk == NULL || pk_len == 0) {
wpa_printf(MSG_DEBUG, "WPS: No Public Key received");
return -1;
Expand Down
2 changes: 2 additions & 0 deletions src/wps/wps_registrar.c
View file
Expand Up @@ -1818,6 +1818,8 @@ static int wps_process_e_hash2(struct wps_data *wps, const u8 *e_hash2)
os_memcpy(wps->peer_hash2, e_hash2, WPS_HASH_LEN);
wpa_hexdump(MSG_DEBUG, "WPS: E-Hash2", wps->peer_hash2, WPS_HASH_LEN);

//get_debug() = 4(-vvv), use this to verbose all pixie msg

/****** ADD THIS PART ******/
memset(pixie_ehash2,0,sizeof(pixie_ehash2));
printf("[P] E-Hash2: ");
Expand Down
17 changes: 11 additions & 6 deletions src/wpsmon.c
View file
Expand Up @@ -285,8 +285,8 @@ void monitor(char *bssid, int passive, int source, int channel, int mode)
{
if (o_file_p == 0)
{
cprintf(INFO, "BSSID Channel RSSI WPS Version WPS Locked ESSID\n");
cprintf(INFO, "---------------------------------------------------------------------------------------------------------------\n");
cprintf(INFO, "BSSID Channel RSSI WPS Version WPS Locked ESSID\n");
cprintf(INFO, "--------------------------------------------------------------------------------------\n");
header_printed = 1;
}

Expand Down Expand Up @@ -324,6 +324,7 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char *
}

rt_header = (struct radio_tap_header *) radio_header(packet, header->len);

frame_header = (struct dot11_frame_header *) (packet + rt_header->len);

/* If a specific BSSID was specified, only parse packets from that BSSID */
Expand Down Expand Up @@ -351,6 +352,10 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char *
change_channel(channel);
channel_changed = 1;
}





if(frame_header->fc.sub_type == PROBE_RESPONSE ||
frame_header->fc.sub_type == SUBTYPE_BEACON)
Expand All @@ -360,7 +365,7 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char *

if(!is_done(bssid) && (get_channel() == channel || source == PCAP_FILE))
{
if(frame_header->fc.sub_type == SUBTYPE_BEACON &&
if(frame_header->fc.sub_type == SUBTYPE_BEACON &&
mode == SCAN &&
!passive &&
should_probe(bssid))
Expand Down Expand Up @@ -485,7 +490,7 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char *

if (o_file_p == 0)
{
cprintf(INFO, "%17s %2d %.2d %d.%d %s %s\n", bssid, channel, rssi, (wps->version >> 4), (wps->version & 0x0F), lock_display, ssid);
cprintf(INFO, "%17s %2d %.2d %d.%d %s %s\n", bssid, channel, rssi, (wps->version >> 4), (wps->version & 0x0F), lock_display, ssid);
}
else
{
Expand All @@ -507,7 +512,7 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char *
update_probe_count(bssid);
}

/*
/*
* If there was no WPS information, then the AP does not support WPS and we should ignore it from here on.
* If this was a probe response, then we've gotten all WPS info we can get from this AP and should ignore it from here on.
*/
Expand Down Expand Up @@ -573,7 +578,7 @@ void usage(char *prog)
fprintf(stderr, "\t-5, --5ghz Use 5GHz 802.11 channels\n");
fprintf(stderr, "\t-s, --scan Use scan mode\n");
fprintf(stderr, "\t-u, --survey Use survey mode [default]\n");
fprintf(stderr, "\t-P, --output-piped Allows Wash output to be piped. Example. wash x|y|z...\n");
fprintf(stderr, "\t-P, --output-piped Allows Wash output to be piped. Example. wash x|y|z...\n");
fprintf(stderr, "\t-g, --get-chipset Pipes output and runs reaver alongside to get chipset\n");
fprintf(stderr, "\t-h, --help Show help\n");

Expand Down