New upstream version 1.6.1+git20170715
Sophie Brun
6 years ago
| 10 | 10 | |
| 11 | 11 | CFLAGS=-DCONF_DIR='"$(CONFDIR)"' $(CFLAGS_USER) $(DISABLED_WARNINGS) |
| 12 | 12 | CFLAGS += $(INC) |
| 13 | CFLAGS += -DCONFIG_IPV6 | |
| 14 | ||
| 15 | UTILS_OBJS= \ | |
| 16 | utils/base64.o \ | |
| 17 | utils/common.o \ | |
| 18 | utils/ip_addr.o \ | |
| 19 | utils/radiotap.o \ | |
| 20 | utils/trace.o \ | |
| 21 | utils/uuid.o \ | |
| 22 | utils/wpa_debug.o \ | |
| 23 | utils/wpabuf.o \ | |
| 24 | utils/os_unix.o \ | |
| 25 | utils/eloop.o | |
| 26 | ||
| 13 | 27 | |
| 14 | 28 | WPS_OBJS=wps/wps_attr_build.o wps/wps_attr_parse.o wps/wps_attr_process.o \ |
| 15 | 29 | wps/wps.o wps/wps_common.o wps/wps_dev_attr.o wps/wps_enrollee.o \ |
| 17 | 31 | |
| 18 | 32 | LWE_OBJS=lwe/iwlib.o |
| 19 | 33 | |
| 20 | LIB_OBJS=libwps/libwps.o $(WPS_OBJS) utils/libutils.a \ | |
| 34 | LIB_OBJS=libwps/libwps.o $(WPS_OBJS) $(UTILS_OBJS) \ | |
| 21 | 35 | crypto/libcrypto.a tls/libtls.a $(LWE_OBJS) |
| 22 | 36 | |
| 23 | 37 | WASH_OBJS=globule.o init.o misc.o 80211.o iface.o \ |
| 24 | builder.o crc.o pixie.o | |
| 38 | builder.o crc.o pixie.o wpsmon.o | |
| 25 | 39 | REAVER_OBJS=argsparser.o globule.o init.o sigint.o iface.o sigalrm.o \ |
| 26 | 40 | misc.o cracker.o session.o send.o pins.o 80211.o exchange.o builder.o \ |
| 27 | keys.o crc.o pixie.o | |
| 41 | keys.o crc.o pixie.o wpscrack.o | |
| 28 | 42 | |
| 29 | 43 | # Version of the Wireless Tools |
| 30 | 44 | WT_VERSION := $(shell sed -ne "/WT_VERSION/{s:\([^0-9]*\)::;p;q;}" < lwe/iwlib.h ) |
| 39 | 53 | $(WPS_OBJS): CFLAGS+=-I. -Iutils |
| 40 | 54 | |
| 41 | 55 | wash: $(WASH_OBJS) $(LIB_OBJS) |
| 42 | $(CC) $(CFLAGS) $(INC) wpsmon.c $(WASH_OBJS) $(LIB_OBJS) $(LDFLAGS) -o wash | |
| 56 | $(CC) $(CFLAGS) $(INC) $(WASH_OBJS) $(LIB_OBJS) $(LDFLAGS) -o wash | |
| 43 | 57 | |
| 44 | 58 | reaver: $(REAVER_OBJS) $(LIB_OBJS) |
| 45 | $(CC) $(CFLAGS) $(INC) wpscrack.c $(REAVER_OBJS) $(LIB_OBJS) $(LDFLAGS) -o reaver | |
| 46 | ||
| 47 | utils/libutils.a: | |
| 48 | (cd utils && make) | |
| 59 | $(CC) $(CFLAGS) $(INC) $(REAVER_OBJS) $(LIB_OBJS) $(LDFLAGS) -o reaver | |
| 49 | 60 | |
| 50 | 61 | crypto/libcrypto.a: tls/libtls.a |
| 51 | 62 | (cd crypto && make) |
| 11 | 11 | #define LIBWPS_C |
| 12 | 12 | |
| 13 | 13 | #include "libwps.h" |
| 14 | ||
| 15 | char *wps_data_to_json(const char*bssid, const char *ssid, int channel, int rssi,struct libwps_data *wps) { | |
| 16 | size_t ol = 0, nl = 0, ns = 0; | |
| 17 | char *json_str = 0, *old = strdup("{"); | |
| 18 | char buf[1024]; | |
| 19 | ||
| 20 | nl = snprintf(buf, sizeof buf, "\"bssid\" : \"%s\", ", bssid); | |
| 21 | ol = strlen(old); | |
| 22 | ns = ol + nl + 1; | |
| 23 | json_str = malloc(ns); | |
| 24 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 25 | free(old); | |
| 26 | old = json_str; | |
| 27 | ||
| 28 | nl = snprintf(buf, sizeof buf, "\"essid\" : \"%s\", ", ssid); | |
| 29 | ol = strlen(old); | |
| 30 | ns = ol + nl + 1; | |
| 31 | json_str = malloc(ns); | |
| 32 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 33 | free(old); | |
| 34 | old = json_str; | |
| 35 | ||
| 36 | nl = snprintf(buf, sizeof buf, "\"channel\" : %d, ", channel); | |
| 37 | ol = strlen(old); | |
| 38 | ns = ol + nl + 1; | |
| 39 | json_str = malloc(ns); | |
| 40 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 41 | free(old); | |
| 42 | old = json_str; | |
| 43 | ||
| 44 | nl = snprintf(buf, sizeof buf, "\"rssi\" : %d, ", rssi); | |
| 45 | ol = strlen(old); | |
| 46 | ns = ol + nl + 1; | |
| 47 | json_str = malloc(ns); | |
| 48 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 49 | free(old); | |
| 50 | old = json_str; | |
| 51 | ||
| 52 | if(wps->version) { | |
| 53 | nl = snprintf(buf, sizeof buf, "\"wps_version\" : %d, ", wps->version); | |
| 54 | ol = strlen(old); | |
| 55 | ns = ol + nl + 1; | |
| 56 | json_str = malloc(ns); | |
| 57 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 58 | free(old); | |
| 59 | old = json_str; | |
| 60 | } | |
| 61 | if(wps->state) { | |
| 62 | nl = snprintf(buf, sizeof buf, "\"wps_state\" : %d, ", wps->state); | |
| 63 | ol = strlen(old); | |
| 64 | ns = ol + nl + 1; | |
| 65 | json_str = malloc(ns); | |
| 66 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 67 | free(old); | |
| 68 | old = json_str; | |
| 69 | } | |
| 70 | if(wps->locked) { | |
| 71 | nl = snprintf(buf, sizeof buf, "\"wps_locked\" : %d, ", wps->locked); | |
| 72 | ol = strlen(old); | |
| 73 | ns = ol + nl + 1; | |
| 74 | json_str = malloc(ns); | |
| 75 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 76 | free(old); | |
| 77 | old = json_str; | |
| 78 | } | |
| 79 | if(*wps->manufacturer) { | |
| 80 | nl = snprintf(buf, sizeof buf, "\"wps_manufacturer\" : \"%s\", ", wps->manufacturer); | |
| 81 | ol = strlen(old); | |
| 82 | ns = ol + nl + 1; | |
| 83 | json_str = malloc(ns); | |
| 84 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 85 | free(old); | |
| 86 | old = json_str; | |
| 87 | } | |
| 88 | if(*wps->model_name) { | |
| 89 | nl = snprintf(buf, sizeof buf, "\"wps_model_name\" : \"%s\", ", wps->model_name); | |
| 90 | ol = strlen(old); | |
| 91 | ns = ol + nl + 1; | |
| 92 | json_str = malloc(ns); | |
| 93 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 94 | free(old); | |
| 95 | old = json_str; | |
| 96 | } | |
| 97 | if(*wps->model_number) { | |
| 98 | nl = snprintf(buf, sizeof buf, "\"wps_model_number\" : \"%s\", ", wps->model_number); | |
| 99 | ol = strlen(old); | |
| 100 | ns = ol + nl + 1; | |
| 101 | json_str = malloc(ns); | |
| 102 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 103 | free(old); | |
| 104 | old = json_str; | |
| 105 | } | |
| 106 | if(*wps->device_name) { | |
| 107 | nl = snprintf(buf, sizeof buf, "\"wps_device_name\" : \"%s\", ", wps->device_name); | |
| 108 | ol = strlen(old); | |
| 109 | ns = ol + nl + 1; | |
| 110 | json_str = malloc(ns); | |
| 111 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 112 | free(old); | |
| 113 | old = json_str; | |
| 114 | } | |
| 115 | if(*wps->ssid) { | |
| 116 | nl = snprintf(buf, sizeof buf, "\"wps_ssid\" : \"%s\", ", wps->ssid); | |
| 117 | ol = strlen(old); | |
| 118 | ns = ol + nl + 1; | |
| 119 | json_str = malloc(ns); | |
| 120 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 121 | free(old); | |
| 122 | old = json_str; | |
| 123 | } | |
| 124 | if(*wps->serial) { | |
| 125 | nl = snprintf(buf, sizeof buf, "\"wps_serial\" : \"%s\", ", wps->serial); | |
| 126 | ol = strlen(old); | |
| 127 | ns = ol + nl + 1; | |
| 128 | json_str = malloc(ns); | |
| 129 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 130 | free(old); | |
| 131 | old = json_str; | |
| 132 | } | |
| 133 | if(*wps->os_version) { | |
| 134 | nl = snprintf(buf, sizeof buf, "\"wps_os_version\" : \"%s\", ", wps->os_version); | |
| 135 | ol = strlen(old); | |
| 136 | ns = ol + nl + 1; | |
| 137 | json_str = malloc(ns); | |
| 138 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 139 | free(old); | |
| 140 | old = json_str; | |
| 141 | } | |
| 142 | if(*wps->uuid) { | |
| 143 | nl = snprintf(buf, sizeof buf, "\"wps_uuid\" : \"%s\", ", wps->uuid); | |
| 144 | ol = strlen(old); | |
| 145 | ns = ol + nl + 1; | |
| 146 | json_str = malloc(ns); | |
| 147 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 148 | free(old); | |
| 149 | old = json_str; | |
| 150 | } | |
| 151 | if(*wps->selected_registrar) { | |
| 152 | nl = snprintf(buf, sizeof buf, "\"wps_selected_registrar\" : \"%s\", ", wps->selected_registrar); | |
| 153 | ol = strlen(old); | |
| 154 | ns = ol + nl + 1; | |
| 155 | json_str = malloc(ns); | |
| 156 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 157 | free(old); | |
| 158 | old = json_str; | |
| 159 | } | |
| 160 | if(*wps->response_type) { | |
| 161 | nl = snprintf(buf, sizeof buf, "\"wps_response_type\" : \"%s\", ", wps->response_type); | |
| 162 | ol = strlen(old); | |
| 163 | ns = ol + nl + 1; | |
| 164 | json_str = malloc(ns); | |
| 165 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 166 | free(old); | |
| 167 | old = json_str; | |
| 168 | } | |
| 169 | if(*wps->primary_device_type) { | |
| 170 | nl = snprintf(buf, sizeof buf, "\"wps_primary_device_type\" : \"%s\", ", wps->primary_device_type); | |
| 171 | ol = strlen(old); | |
| 172 | ns = ol + nl + 1; | |
| 173 | json_str = malloc(ns); | |
| 174 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 175 | free(old); | |
| 176 | old = json_str; | |
| 177 | } | |
| 178 | if(*wps->config_methods) { | |
| 179 | nl = snprintf(buf, sizeof buf, "\"wps_config_methods\" : \"%s\", ", wps->config_methods); | |
| 180 | ol = strlen(old); | |
| 181 | ns = ol + nl + 1; | |
| 182 | json_str = malloc(ns); | |
| 183 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 184 | free(old); | |
| 185 | old = json_str; | |
| 186 | } | |
| 187 | if(*wps->rf_bands) { | |
| 188 | nl = snprintf(buf, sizeof buf, "\"wps_rf_bands\" : \"%s\", ", wps->rf_bands); | |
| 189 | ol = strlen(old); | |
| 190 | ns = ol + nl + 1; | |
| 191 | json_str = malloc(ns); | |
| 192 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 193 | free(old); | |
| 194 | old = json_str; | |
| 195 | } | |
| 196 | ||
| 197 | nl = snprintf(buf, sizeof buf, "\"dummy\": 0}"); | |
| 198 | ol = strlen(old); | |
| 199 | ns = ol + nl + 1; | |
| 200 | json_str = malloc(ns); | |
| 201 | snprintf(json_str, ns, "%s%s", old, buf); | |
| 202 | free(old); | |
| 203 | old = json_str; | |
| 204 | ||
| 205 | return json_str; | |
| 206 | } | |
| 14 | 207 | |
| 15 | 208 | /* |
| 16 | 209 | * This is the only function that external code should call. |
| 124 | 317 | ptr = wps->uuid; |
| 125 | 318 | break; |
| 126 | 319 | case SERIAL: |
| 127 | src = hex2str(el, el_len); | |
| 128 | 320 | ptr = wps->serial; |
| 129 | 321 | break; |
| 130 | 322 | case SELECTED_REGISTRAR: |
| 148 | 340 | ptr = wps->rf_bands; |
| 149 | 341 | break; |
| 150 | 342 | case OS_VERSION: |
| 151 | src = hex2str(el, el_len); | |
| 152 | 343 | ptr = wps->os_version; |
| 153 | 344 | break; |
| 154 | 345 | default: |
| 50 | 50 | }; |
| 51 | 51 | |
| 52 | 52 | int parse_wps_parameters(const u_char *packet, size_t len, struct libwps_data *wps); |
| 53 | char *wps_data_to_json(const char*bssid, const char *ssid, int channel, int rssi, struct libwps_data *wps); | |
| 53 | 54 | |
| 54 | 55 | #ifdef LIBWPS_C |
| 55 | 56 |
| 0 | all: libutils.a | |
| 1 | ||
| 2 | clean: | |
| 3 | rm -f *~ *.o *.d libutils.a | |
| 4 | ||
| 5 | install: | |
| 6 | @echo Nothing to be made. | |
| 7 | ||
| 8 | ||
| 9 | include ../common/lib.rules | |
| 10 | ||
| 11 | #CFLAGS += -DWPA_TRACE | |
| 12 | CFLAGS += -DCONFIG_IPV6 | |
| 13 | ||
| 14 | LIB_OBJS= \ | |
| 15 | base64.o \ | |
| 16 | common.o \ | |
| 17 | ip_addr.o \ | |
| 18 | radiotap.o \ | |
| 19 | trace.o \ | |
| 20 | uuid.o \ | |
| 21 | wpa_debug.o \ | |
| 22 | wpabuf.o | |
| 23 | ||
| 24 | # Pick correct OS wrapper implementation | |
| 25 | LIB_OBJS += os_unix.o | |
| 26 | ||
| 27 | # Pick correct event loop implementation | |
| 28 | LIB_OBJS += eloop.o | |
| 29 | ||
| 30 | #LIB_OBJS += pcsc_funcs.o | |
| 31 | ||
| 32 | libutils.a: $(LIB_OBJS) | |
| 33 | $(AR) crT $@ $? | |
| 34 | ||
| 35 | -include $(OBJS:%.o=%.d) |
| 0 | #include <stdlib.h> | |
| 1 | #include <stdio.h> | |
| 2 | #include <string.h> | |
| 3 | #include <assert.h> | |
| 4 | ||
| 5 | char *gettempfilename(void) { | |
| 6 | char buf[256]; | |
| 7 | strcpy(buf, "/tmp/reaver-XXXXXX"); | |
| 8 | char *s; | |
| 9 | if(!(s = mkdtemp(buf))) return 0; | |
| 10 | else assert(s == buf); | |
| 11 | strcat(buf, ".tmp"); | |
| 12 | return strdup(buf); | |
| 13 | } | |
| 14 | ||
| 15 | void writefile(const char* fn, const char* contents) { | |
| 16 | FILE *f = fopen(fn, "w"); | |
| 17 | size_t l = strlen(contents); | |
| 18 | fwrite(contents, l, 1, f); | |
| 19 | fclose(f); | |
| 20 | } |
| 0 | #ifndef UTILS_FILE_H | |
| 1 | #define UTILS_FILE_H | |
| 2 | ||
| 3 | char *gettempfilename(void); | |
| 4 | void writefile(const char* fn, const char* contents); | |
| 5 | ||
| 6 | #endif |
| 173 | 173 | fprintf(stderr, "\t-E, --eap-terminate Terminate each WPS session with an EAP FAIL packet\n"); |
| 174 | 174 | fprintf(stderr, "\t-n, --nack Target AP always sends a NACK [Auto]\n"); |
| 175 | 175 | fprintf(stderr, "\t-w, --win7 Mimic a Windows 7 registrar [False]\n"); |
| 176 | fprintf(stderr, "\t-K, --pixie-dust Run pixiedust attack\n"); | |
| 177 | fprintf(stderr, "\t-Z Run pixiedust attack\n"); | |
| 176 | 178 | |
| 177 | 179 | fprintf(stderr, "\nExample:\n\t%s -i mon0 -b 00:90:4C:C1:AC:21 -vv\n\n", prog_name); |
| 178 | 180 |
| 31 | 31 | */ |
| 32 | 32 | |
| 33 | 33 | #include "wpsmon.h" |
| 34 | #include "utils/file.h" | |
| 34 | 35 | |
| 35 | 36 | int show_all_aps = 0; |
| 37 | int json_mode = 0; | |
| 36 | 38 | |
| 37 | 39 | static struct mac { |
| 38 | 40 | unsigned char mac[6]; |
| 90 | 92 | int source = INTERFACE, ret_val = EXIT_FAILURE; |
| 91 | 93 | struct bpf_program bpf = { 0 }; |
| 92 | 94 | char *out_file = NULL, *last_optarg = NULL, *target = NULL, *bssid = NULL; |
| 93 | char *short_options = "i:c:n:o:b:5sfuDha"; | |
| 95 | char *short_options = "i:c:n:o:b:5sfuDhaj"; | |
| 94 | 96 | struct option long_options[] = { |
| 95 | 97 | { "bssid", required_argument, NULL, 'b' }, |
| 96 | 98 | { "interface", required_argument, NULL, 'i' }, |
| 103 | 105 | { "scan", no_argument, NULL, 's' }, |
| 104 | 106 | { "survey", no_argument, NULL, 'u' }, |
| 105 | 107 | { "all", no_argument, NULL, 'a' }, |
| 108 | { "json", no_argument, NULL, 'j' }, | |
| 106 | 109 | { "help", no_argument, NULL, 'h' }, |
| 107 | 110 | { 0, 0, 0, 0 } |
| 108 | 111 | }; |
| 144 | 147 | case 'o': |
| 145 | 148 | out_file = strdup(optarg); |
| 146 | 149 | break; |
| 150 | case 'j': | |
| 151 | json_mode = 1; | |
| 152 | break; | |
| 147 | 153 | case 's': |
| 148 | 154 | mode = SCAN; |
| 149 | 155 | break; |
| 308 | 314 | |
| 309 | 315 | if(!header_printed) |
| 310 | 316 | { |
| 311 | cprintf (INFO, "BSSID Ch dBm WPS Lck ESSID\n"); | |
| 312 | //cprintf(INFO, "00:11:22:33:44:55 12 -77 1.0 Yes 0123456789abcdef0123456789abcdef\n"); | |
| 313 | cprintf (INFO, "--------------------------------------------------------------------------------\n"); | |
| 317 | if(!json_mode) { | |
| 318 | cprintf (INFO, "BSSID Ch dBm WPS Lck ESSID\n"); | |
| 319 | //cprintf(INFO, "00:11:22:33:44:55 12 -77 1.0 Yes 0123456789abcdef0123456789abcdef\n"); | |
| 320 | cprintf (INFO, "--------------------------------------------------------------------------------\n"); | |
| 321 | } | |
| 314 | 322 | header_printed = 1; |
| 315 | 323 | } |
| 316 | 324 | |
| 390 | 398 | probe_sent = 1; |
| 391 | 399 | } |
| 392 | 400 | |
| 393 | if(!was_printed(bssid) && (wps->version > 0 || show_all_aps == 1)) | |
| 401 | if(!json_mode && (!was_printed(bssid) && (wps->version > 0 || show_all_aps == 1))) | |
| 394 | 402 | { |
| 395 | 403 | if(wps->version > 0) switch(wps->locked) |
| 396 | 404 | { |
| 421 | 429 | if(!wps_parsed || fsub_type == __cpu_to_le16(IEEE80211_STYPE_PROBE_RESP)) |
| 422 | 430 | { |
| 423 | 431 | mark_ap_complete(bssid); |
| 432 | if(json_mode && (show_all_aps || wps->version > 0)) { | |
| 433 | char *json_string = wps_data_to_json(bssid, ssid, channel, rssi, wps); | |
| 434 | printf("%s\n", json_string); | |
| 435 | free(json_string); | |
| 436 | } | |
| 424 | 437 | } |
| 425 | 438 | |
| 426 | 439 | } |
| 474 | 487 | fprintf(stderr, "\t-s, --scan Use scan mode\n"); |
| 475 | 488 | fprintf(stderr, "\t-u, --survey Use survey mode [default]\n"); |
| 476 | 489 | fprintf(stderr, "\t-a, --all Show all APs, even those without WPS\n"); |
| 490 | fprintf(stderr, "\t-j, --json print extended WPS info as json\n"); | |
| 477 | 491 | fprintf(stderr, "\t-h, --help Show help\n"); |
| 478 | 492 | |
| 479 | 493 | fprintf(stderr, "\nExample:\n"); |