Professional Documents
Culture Documents
#include <ctype.h>
#include <getopt.h>
#include <libgen.h>
#include <limits.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <time.h>
#include <unistd.h>
#ifdef _WIN32
#include <winsock2.h>
#else
#include <arpa/inet.h>
#endif
#include "include/hcxhash2cap.h"
#include "include/hashcatops.h"
#include "include/pcap.c"
#include "include/ieee80211.c"
#include "include/strings.c"
#include "include/byteops.c"
/*===========================================================================*/
/* global var */
/*===========================================================================*/
static void globalinit(void)
{
srand(time(NULL));
gettimeofday(&tv, NULL);
timestamp = ((uint64_t)tv.tv_sec * 1000000) + tv.tv_usec;
mybeaconsequence = rand() %4096;
myaponlinetime = rand();
myapchannel = (rand() %12) +1;
pmkcapwritten = 0;
pmkcapskipped = 0;
hccapxcapwritten = 0;
hccapxcapskipped = 0;
hccapcapwritten = 0;
hccapcapskipped = 0;
johnwritten = 0;
johnskipped = 0;
}
/*===========================================================================*/
static void writecapm1wpa1(int fd_cap, uint8_t *macsta, uint8_t *macap, uint8_t
*anonce, uint8_t keyversion, uint16_t keylen, uint64_t rc)
{
static int c;
static pcaprec_hdr_t *pcaph;
static mac_t *mach;
static wpakey_t *wpak;
memset(&packetout, 0, 0xff);
pcaph = (pcaprec_hdr_t*)packetout;
pcaph->ts_sec = timestamp /1000000;
pcaph->ts_usec = timestamp %1000000;
pcaph->incl_len = M1WPA1DATA_SIZE;
pcaph->orig_len = pcaph->incl_len;
timestamp++;
memcpy(&packetout[PCAPREC_SIZE], &m1wpa1data, M1WPA1DATA_SIZE);
mach = (mac_t*)(packetout +PCAPREC_SIZE);
memcpy(mach->addr1, macsta, 6);
memcpy(mach->addr2, macap, 6);
memcpy(mach->addr3, macap, 6);
packetout[PCAPREC_SIZE +0x22] = keyversion;
wpak = (wpakey_t*)(packetout +PCAPREC_SIZE +0x26);
#ifdef BIG_ENDIAN_HOST
rc = byte_swap_64(rc);
#endif
wpak->keylen = keylen;
wpak->replaycount = rc;
for(c = 0; c < 32; c++)
{
packetout[PCAPREC_SIZE +0x33 +c] = anonce[c];
}
if(write(fd_cap, packetout, PCAPREC_SIZE +M1WPA1DATA_SIZE) < 0)
{
perror("\nfailed to write EAPOL packet");
}
return;
}
/*===========================================================================*/
static void writecapm1wpa2(int fd_cap, uint8_t *macsta, uint8_t *macap, uint8_t
*anonce, uint8_t keyversion, uint16_t keylen, uint64_t rc)
{
static int c;
static pcaprec_hdr_t *pcaph;
static mac_t *mach;
static wpakey_t *wpak;
memset(&packetout, 0, 0xff);
pcaph = (pcaprec_hdr_t*)packetout;
pcaph->ts_sec = timestamp /1000000;
pcaph->ts_usec = timestamp %1000000;
pcaph->incl_len = M1WPA2DATA_SIZE;
pcaph->orig_len = pcaph->incl_len;
timestamp++;
memset(&packetout, 0, 0xff);
pcaph = (pcaprec_hdr_t*)packetout;
pcaph->ts_sec = timestamp /1000000;
pcaph->ts_usec = timestamp %1000000;
pcaph->incl_len = M1WPA2KEYVER3DATA_SIZE;
pcaph->orig_len = pcaph->incl_len;
timestamp++;
memcpy(&packetout[PCAPREC_SIZE], &m1wpa2keyver3data, M1WPA2KEYVER3DATA_SIZE);
mach = (mac_t*)(packetout +PCAPREC_SIZE);
memcpy(mach->addr1, macsta, 6);
memcpy(mach->addr2, macap, 6);
memcpy(mach->addr3, macap, 6);
packetout[PCAPREC_SIZE +0x22] = keyversion;
wpak = (wpakey_t*)(packetout +PCAPREC_SIZE +0x26);
#ifdef BIG_ENDIAN_HOST
rc = byte_swap_64(rc);
#endif
wpak->keylen = keylen;
wpak->replaycount = rc;
for(c = 0; c < 32; c++)
{
packetout[PCAPREC_SIZE +0x33 +c] = anonce[c];
}
if(write(fd_cap, packetout, PCAPREC_SIZE +M1WPA2KEYVER3DATA_SIZE) < 0)
{
perror("\nfailed to write EAPOL packet");
}
return;
}
/*===========================================================================*/
static void writecappmkidwpa2(int fd_cap, uint8_t *macsta, uint8_t *macap, uint8_t
*pmkid)
{
static pcaprec_hdr_t *pcaph;
static mac_t *mach;
static const uint8_t pmkiddata[] =
{
0x88, 0x02, 0x3a, 0x01,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
0x00, 0x00, 0x06, 0x00,
0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00, 0x88, 0x8e,
0x02, 0x03, 0x00, 0x75, 0x02,
0x00, 0x8a, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x91, 0x1b, 0xd9, 0xcb, 0x88, 0x9a, 0xcf, 0x5b, 0x0f, 0x62, 0xbf, 0x0d, 0x87, 0x6c,
0x33, 0x30,
0x8a, 0xbf, 0x58, 0x8b, 0xc3, 0x80, 0x4c, 0x15, 0xc0, 0x42, 0x3c, 0xf2, 0x4c, 0x07,
0xa7, 0x25,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00,
0x00, 0x16,
0xdd, 0x14, 0x00, 0x0f, 0xac, 0x04,
0x7e, 0xf1, 0x33, 0x3c, 0xb6, 0xf9, 0x03, 0x73, 0xfc, 0x2a, 0xc7, 0x59, 0x37, 0xfd,
0x24, 0x3a
};
#define PMKIDDATA_SIZE sizeof(pmkiddata)
static uint8_t packetout[0xff];
memset(&packetout, 0, 0xff);
pcaph = (pcaprec_hdr_t*)packetout;
pcaph->ts_sec = timestamp /1000000;
pcaph->ts_usec = timestamp %1000000;
pcaph->incl_len = PMKIDDATA_SIZE;
pcaph->orig_len = pcaph->incl_len;
timestamp++;
memcpy(&packetout[PCAPREC_SIZE], &pmkiddata, PMKIDDATA_SIZE);
mach = (mac_t*)(packetout +PCAPREC_SIZE);
memcpy(mach->addr1, macsta, 6);
memcpy(mach->addr2, macap, 6);
memcpy(mach->addr3, macap, 6);
memcpy(&packetout[PCAPREC_SIZE +0x8b], pmkid, 16);
if(write(fd_cap, packetout, PCAPREC_SIZE +PMKIDDATA_SIZE) < 0)
{
perror("\nfailed to write EAPOL packet");
}
return;
}
/*===========================================================================*/
static void writecapm2(int fd_cap, uint8_t *macsta, uint8_t *macap, uint8_t
eapollen, uint8_t *eapol, uint8_t *mic)
{
static pcaprec_hdr_t *pcaph;
static mac_t *mach;
memset(&packetout, 0, 0xff);
pcaph = (pcaprec_hdr_t*)packetout;
pcaph->ts_sec = timestamp /1000000;
pcaph->ts_usec = timestamp %1000000;
pcaph->incl_len = M2DATA_SIZE +eapollen;
pcaph->orig_len = pcaph->incl_len;
timestamp++;
memcpy(&packetout[PCAPREC_SIZE], &m2data, M2DATA_SIZE);
mach = (mac_t*)(packetout +PCAPREC_SIZE);
memcpy(mach->addr1, macap, 6);
memcpy(mach->addr2, macsta, 6);
memcpy(mach->addr3, macap, 6);
memcpy(&packetout[PCAPREC_SIZE +M2DATA_SIZE], eapol, eapollen);
memcpy(&packetout[PCAPREC_SIZE +M2DATA_SIZE +0x51], mic, 16);
if(write(fd_cap, packetout, PCAPREC_SIZE +M2DATA_SIZE +eapollen) < 0)
{
perror("\nfailed to write EAPOL packet");
}
return;
}
/*===========================================================================*/
static void writecapbeaconwpa1(int fd_cap, uint8_t *macap, uint8_t essidlen,
uint8_t *essid)
{
static pcaprec_hdr_t *pcaph;
static mac_t *mach;
static capap_t *capap;
memset(&packetout, 0, 0xff);
pcaph = (pcaprec_hdr_t*)packetout;
pcaph->ts_sec = timestamp /1000000;
pcaph->ts_usec = timestamp %1000000;
pcaph->incl_len = MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen +BEACONDATA_SIZE;
pcaph->orig_len = pcaph->incl_len;
timestamp++;
mach = (mac_t*)(packetout +PCAPREC_SIZE);
mach->type = IEEE80211_FTYPE_MGMT;
mach->subtype = IEEE80211_STYPE_BEACON;
memcpy(mach->addr1, &mac_broadcast, 6);
memcpy(mach->addr2, macap, 6);
memcpy(mach->addr3, macap, 6);
mach->sequence = mybeaconsequence++ << 4;
if(mybeaconsequence >= 4096)
{
mybeaconsequence = 0;
}
capap = (capap_t*)(packetout +PCAPREC_SIZE +MAC_SIZE_NORM);
capap->timestamp = myaponlinetime++;
capap->beaconintervall = 0x64;
capap->capabilities = 0x431;
packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +1] = essidlen;
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2], essid,
essidlen);
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen],
&beacondata, BEACONDATA_SIZE);
packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen +0x0c] =
myapchannel;
if(write(fd_cap, packetout, PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2
+essidlen +BEACONDATA_SIZE) < 0)
{
perror("\nfailed to write beacon packet");
}
return;
}
/*===========================================================================*/
static void writecapbeaconwpa2(int fd_cap, uint8_t *macap, uint8_t essidlen,
uint8_t *essid)
{
static pcaprec_hdr_t *pcaph;
static mac_t *mach;
static capap_t *capap;
memset(&packetout, 0, 0xff);
pcaph = (pcaprec_hdr_t*)packetout;
pcaph->ts_sec = timestamp /1000000;
pcaph->ts_usec = timestamp %1000000;
pcaph->incl_len = MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen +BEACONDATA_SIZE;
pcaph->orig_len = pcaph->incl_len;
timestamp++;
mach = (mac_t*)(packetout +PCAPREC_SIZE);
mach->type = IEEE80211_FTYPE_MGMT;
mach->subtype = IEEE80211_STYPE_BEACON;
memcpy(mach->addr1, &mac_broadcast, 6);
memcpy(mach->addr2, macap, 6);
memcpy(mach->addr3, macap, 6);
mach->sequence = mybeaconsequence++ << 4;
if(mybeaconsequence >= 4096)
{
mybeaconsequence = 0;
}
capap = (capap_t*)(packetout +PCAPREC_SIZE +MAC_SIZE_NORM);
capap->timestamp = myaponlinetime++;
capap->beaconintervall = 0x64;
capap->capabilities = 0x431;
packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +1] = essidlen;
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2], essid,
essidlen);
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen],
&beacondata, BEACONDATA_SIZE);
packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen +0x0c] =
myapchannel;
if(write(fd_cap, packetout, PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2
+essidlen +BEACONDATA_SIZE) < 0)
{
perror("\nfailed to write beacon packet");
}
return;
}
/*===========================================================================*/
static void writecapbeaconwpa2keyver3(int fd_cap, uint8_t *macap, uint8_t essidlen,
uint8_t *essid)
{
static pcaprec_hdr_t *pcaph;
static mac_t *mach;
static capap_t *capap;
memset(&packetout, 0, 0xff);
pcaph = (pcaprec_hdr_t*)packetout;
pcaph->ts_sec = timestamp /1000000;
pcaph->ts_usec = timestamp %1000000;
pcaph->incl_len = MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen +BEACONDATA_SIZE;
pcaph->orig_len = pcaph->incl_len;
timestamp++;
mach = (mac_t*)(packetout +PCAPREC_SIZE);
mach->type = IEEE80211_FTYPE_MGMT;
mach->subtype = IEEE80211_STYPE_BEACON;
memcpy(mach->addr1, &mac_broadcast, 6);
memcpy(mach->addr2, macap, 6);
memcpy(mach->addr3, macap, 6);
mach->sequence = mybeaconsequence++ << 4;
if(mybeaconsequence >= 4096)
{
mybeaconsequence = 0;
}
capap = (capap_t*)(packetout +PCAPREC_SIZE +MAC_SIZE_NORM);
capap->timestamp = myaponlinetime++;
capap->beaconintervall = 0x64;
capap->capabilities = 0x431;
packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +1] = essidlen;
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2], essid,
essidlen);
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen],
&beacondata, BEACONDATA_SIZE);
packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen +0x0c] =
myapchannel;
if(write(fd_cap, packetout, PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2
+essidlen +BEACONDATA_SIZE) < 0)
{
perror("\nfailed to write beacon packet");
}
return;
}
/*===========================================================================*/
static size_t chop(char *buffer, size_t len)
{
static char *ptr;
if(feof(inputstream))
return -1;
buffptr = fgets (buffer, size, inputstream);
if(buffptr == NULL)
return -1;
len = strlen(buffptr);
len = chop(buffptr, len);
return len;
}
static uint16_t getfield(char *lineptr, size_t bufflen, uint8_t *buff)
{
static size_t p;
static uint8_t idx0;
static uint8_t idx1;
memset(buff, 0, bufflen);
p = 0;
while((lineptr[p] != '*') && (lineptr[p] != 0) && (p /2 <= bufflen))
{
if(! isxdigit((unsigned char)lineptr[p +0])) return 0;
if(! isxdigit((unsigned char)lineptr[p +1])) return 0;
if((lineptr[p +1] == '*') || (lineptr[p +1] == 0)) return 0;
idx0 = ((uint8_t)lineptr[p +0] &0x1F) ^0x10;
idx1 = ((uint8_t)lineptr[p +1] &0x1F) ^0x10;
buff[p /2] = (uint8_t)(hashmap[idx0] <<4) | hashmap[idx1];
p += 2;
if((p /2) > PMKIDEAPOL_BUFFER_LEN) return 0;
}
return p /2;
}
/*===========================================================================*/
static void processpmkideapolfile(char *pmkideapolname, int fd_cap)
{
static int len;
static int oflen;
static int aktread = 1;
static FILE *fhpmkideapol;
static uint16_t essidlen;
static uint16_t noncelen;
static uint16_t eapauthlen;
static uint16_t mplen;
static int fd_singlecap;
static eapauth_t *eapa;
static wpakey_t *wpak;
static uint16_t keyinfo;
static uint8_t keyver;
static uint64_t rc;
if(fd_cap == 0)
{
snprintf(singlecapname, 18, "%02x%02x%02x%02x%02x%02x.cap",
macsta[0], macsta[1], macsta[2], macsta[3], macsta[4], macsta[5]);
fd_singlecap = hcxopencapdump(singlecapname);
if(fd_singlecap == -1)
{
fprintf(stderr, "could not create cap file\n");
exit(EXIT_FAILURE);
}
if(keyver == 1)
{
writecapbeaconwpa1(fd_singlecap, macap, essidlen, essid);
writecapm1wpa1(fd_singlecap, macsta, macap, anonce, eapa-
>version, wpak->keylen, rc);
writecapm2(fd_singlecap, macsta, macap, eapauthlen, eapol,
hash);
pmkideapolcapwritten++;
}
else if(keyver == 2)
{
writecapbeaconwpa2(fd_singlecap, macap, essidlen, essid);
writecapm1wpa2(fd_singlecap, macsta, macap, anonce, eapa-
>version, wpak->keylen, rc);
writecapm2(fd_singlecap, macsta, macap, eapauthlen, eapol,
hash);
pmkideapolcapwritten++;
}
else if(keyver == 3)
{
writecapbeaconwpa2keyver3(fd_singlecap, macap, essidlen,
essid);
writecapm1wpa2keyver3(fd_singlecap, macsta, macap, anonce,
eapa->version, wpak->keylen, rc);
writecapm2(fd_singlecap, macsta, macap, eapauthlen, eapol,
hash);
pmkideapolcapwritten++;
}
close(fd_singlecap);
}
else
{
if(keyver == 1)
{
writecapbeaconwpa1(fd_cap, macap, essidlen, essid);
writecapm1wpa1(fd_cap, macsta, macap, anonce, eapa-
>version, wpak->keylen, rc);
writecapm2(fd_cap, macsta, macap, eapauthlen, eapol, hash);
pmkideapolcapwritten++;
}
else if(keyver == 2)
{
writecapbeaconwpa2(fd_cap, macap, essidlen, essid);
writecapm1wpa2(fd_cap, macsta, macap, anonce, eapa-
>version, wpak->keylen, rc);
writecapm2(fd_cap, macsta, macap, eapauthlen, eapol, hash);
pmkideapolcapwritten++;
}
else if(keyver == 3)
{
writecapbeaconwpa2keyver3(fd_cap, macap, essidlen, essid);
writecapm1wpa2keyver3(fd_cap, macsta, macap, anonce, eapa-
>version, wpak->keylen, rc);
writecapm2(fd_cap, macsta, macap, eapauthlen, eapol, hash);
pmkideapolcapwritten++;
}
}
}
else
{
pmkideapolcapskipped++;
continue;
}
}
return;
}
/*===========================================================================*/
static void processpmkidfile(char *pmkidname, int fd_cap)
{
static int len;
static int aktread = 1;
static int essidlen;
static int fd_singlecap;
static FILE *fhpmkid;
if(stat(hccapxname, &statinfo) != 0)
{
fprintf(stderr, "can't stat %s\n", hccapxname);
return;
}
if((statinfo.st_size %HCCAPX_SIZE) != 0)
{
fprintf(stderr, "file corrupt\n");
return;
}
if((fhhcx = fopen(hccapxname, "r")) == NULL)
{
fprintf(stderr, "error opening file %s", hccapxname);
return;
}
hcxptr = (hccapx_t*)hcxdata;
while(fread(&hcxdata, HCCAPX_SIZE, 1, fhhcx) == 1)
{
if(hcxptr->signature != HCCAPX_SIGNATURE)
{
hccapxcapskipped++;
continue;
}
if((hcxptr->version != 3) && (hcxptr->version != 4))
{
hccapxcapskipped++;
continue;
}
if((hcxptr->essid_len == 0) || (hcxptr->essid_len > ESSID_LEN_MAX))
{
hccapxcapskipped++;
continue;
}
eapa = (eapauth_t*)hcxptr->eapol;
if(eapa->type != EAPOL_KEY)
{
hccapxcapskipped++;
continue;
}
if(hcxptr->eapol_len != ntohs(eapa->len) +4)
{
hccapxcapskipped++;
continue;
}
wpak = (wpakey_t*)(hcxptr->eapol +EAPAUTH_SIZE);
keyver = ntohs(wpak->keyinfo) & WPA_KEY_INFO_TYPE_MASK;
if(keyver != hcxptr->keyver)
{
hccapxcapskipped++;
continue;
}
if(keyver > 3)
{
hccapxcapskipped++;
continue;
}
keyinfo = (getkeyinfo(ntohs(wpak->keyinfo)));
if(keyinfo == 3)
{
hccapxcapskipped++;
continue;
}
rc = wpak->replaycount;
#ifdef BIG_ENDIAN_HOST
rc = byte_swap_64(rc);
#endif
if(keyinfo == 4)
{
rc--;
}
if(fd_cap == 0)
{
snprintf(singlecapname, 18, "%02x%02x%02x%02x%02x%02x.cap", hcxptr-
>mac_sta[0], hcxptr->mac_sta[1], hcxptr->mac_sta[2], hcxptr->mac_sta[3], hcxptr-
>mac_sta[4], hcxptr->mac_sta[5]);
fd_singlecap = hcxopencapdump(singlecapname);
if(fd_singlecap == -1)
{
fprintf(stderr, "could not create cap file\n");
exit(EXIT_FAILURE);
}
if(keyver == 1)
{
writecapbeaconwpa1(fd_singlecap, hcxptr->mac_ap, hcxptr-
>essid_len, hcxptr->essid);
if(memcmp(wpak->nonce, hcxptr->nonce_ap, 32) != 0)
{
writecapm1wpa1(fd_singlecap, hcxptr->mac_sta, hcxptr-
>mac_ap, hcxptr->nonce_ap, eapa->version, wpak->keylen, rc);
}
else
{
writecapm1wpa1(fd_singlecap, hcxptr->mac_sta, hcxptr-
>mac_ap, hcxptr->nonce_sta, eapa->version, wpak->keylen, rc);
}
writecapm2(fd_singlecap, hcxptr->mac_sta, hcxptr->mac_ap, hcxptr-
>eapol_len, hcxptr->eapol, hcxptr->keymic);
hccapxcapwritten++;
}
else if(keyver == 2)
{
writecapbeaconwpa2(fd_singlecap, hcxptr->mac_ap, hcxptr-
>essid_len, hcxptr->essid);
if(memcmp(wpak->nonce, hcxptr->nonce_ap, 32) != 0)
{
writecapm1wpa2(fd_singlecap, hcxptr->mac_sta, hcxptr-
>mac_ap, hcxptr->nonce_ap, eapa->version, wpak->keylen, rc);
}
else
{
writecapm1wpa2(fd_singlecap, hcxptr->mac_sta, hcxptr-
>mac_ap, hcxptr->nonce_sta, eapa->version, wpak->keylen, rc);
}
writecapm2(fd_singlecap, hcxptr->mac_sta, hcxptr->mac_ap, hcxptr-
>eapol_len, hcxptr->eapol, hcxptr->keymic);
hccapxcapwritten++;
}
else if(keyver == 3)
{
writecapbeaconwpa2keyver3(fd_singlecap, hcxptr->mac_ap, hcxptr-
>essid_len, hcxptr->essid);
if(memcmp(wpak->nonce, hcxptr->nonce_ap, 32) != 0)
{
writecapm1wpa2keyver3(fd_singlecap, hcxptr->mac_sta,
hcxptr->mac_ap, hcxptr->nonce_ap, eapa->version, wpak->keylen, rc);
}
else
{
writecapm1wpa2keyver3(fd_singlecap, hcxptr->mac_sta,
hcxptr->mac_ap, hcxptr->nonce_sta, eapa->version, wpak->keylen, rc);
}
writecapm2(fd_singlecap, hcxptr->mac_sta, hcxptr->mac_ap, hcxptr-
>eapol_len, hcxptr->eapol, hcxptr->keymic);
hccapxcapwritten++;
}
close(fd_singlecap);
}
else
{
if(keyver == 1)
{
writecapbeaconwpa1(fd_cap, hcxptr->mac_ap, hcxptr->essid_len,
hcxptr->essid);
if(memcmp(wpak->nonce, hcxptr->nonce_ap, 32) != 0)
{
writecapm1wpa1(fd_cap, hcxptr->mac_sta, hcxptr->mac_ap,
hcxptr->nonce_ap, eapa->version, wpak->keylen, rc);
}
else
{
writecapm1wpa1(fd_cap, hcxptr->mac_sta, hcxptr->mac_ap,
hcxptr->nonce_sta, eapa->version, wpak->keylen, rc);
}
writecapm2(fd_cap, hcxptr->mac_sta, hcxptr->mac_ap, hcxptr-
>eapol_len, hcxptr->eapol, hcxptr->keymic);
hccapxcapwritten++;
}
else if(keyver == 2)
{
writecapbeaconwpa2(fd_cap, hcxptr->mac_ap, hcxptr->essid_len,
hcxptr->essid);
if(memcmp(wpak->nonce, hcxptr->nonce_ap, 32) != 0)
{
writecapm1wpa2(fd_cap, hcxptr->mac_sta, hcxptr->mac_ap,
hcxptr->nonce_ap, eapa->version, wpak->keylen, rc);
}
else
{
writecapm1wpa2(fd_cap, hcxptr->mac_sta, hcxptr->mac_ap,
hcxptr->nonce_sta, eapa->version, wpak->keylen, rc);
}
writecapm2(fd_cap, hcxptr->mac_sta, hcxptr->mac_ap, hcxptr-
>eapol_len, hcxptr->eapol, hcxptr->keymic);
hccapxcapwritten++;
}
else if(keyver == 3)
{
writecapbeaconwpa2keyver3(fd_cap, hcxptr->mac_ap, hcxptr-
>essid_len, hcxptr->essid);
if(memcmp(wpak->nonce, hcxptr->nonce_ap, 32) != 0)
{
writecapm1wpa2keyver3(fd_cap, hcxptr->mac_sta, hcxptr-
>mac_ap, hcxptr->nonce_ap, eapa->version, wpak->keylen, rc);
}
else
{
writecapm1wpa2keyver3(fd_cap, hcxptr->mac_sta, hcxptr-
>mac_ap, hcxptr->nonce_sta, eapa->version, wpak->keylen, rc);
}
writecapm2(fd_cap, hcxptr->mac_sta, hcxptr->mac_ap, hcxptr-
>eapol_len, hcxptr->eapol, hcxptr->keymic);
hccapxcapwritten++;
}
}
}
fclose(fhhcx);
return;
}
/*===========================================================================*/
static void processhccapfile(char *hccapname, int fd_cap)
{
static struct stat statinfo;
static hccap_t *hcptr;
static int fd_singlecap;
static FILE *fhhc;
static uint8_t essidlen;
static int c;
static eapauth_t *eapa;
static wpakey_t *wpak;
static uint16_t keyinfo;
static uint8_t keyver;
static uint64_t rc;
if((statinfo.st_size %HCCAP_SIZE) != 0)
{
fprintf(stderr, "file corrupt\n");
return;
}
hcptr = (hccap_t*)hcdata;
while(fread(&hcdata, HCCAP_SIZE, 1, fhhc) == 1)
{
essidlen = 0;
for(c = 0; c < ESSID_LEN_MAX; c++)
{
if(hcptr->essid[c] == 0)
{
break;
}
essidlen++;
}
eapa = (eapauth_t*)hcptr->eapol;
if(eapa->type != EAPOL_KEY)
{
hccapcapskipped++;
continue;
}
if(hcptr->eapol_size != ntohs(eapa->len) +4)
{
hccapcapskipped++;
continue;
}
hcptr = (hccap_t*)hcdata;
while(1)
{
if((len = fgetline(fhjohn, JOHN_LINE_LEN, linein)) == -1)
{
break;
}
if(len < 534)
{
johnskipped++;
continue;
}
ptressid =strstr(linein, ":$WPAPSK$");
if(ptressid == NULL)
{
johnskipped++;
continue;
}
ptressid += 9;
ptreapol =strrchr(linein, '#');
if(ptreapol == NULL)
{
johnskipped++;
continue;
}
ptreapol++;
essidlen = ptreapol -ptressid -1;
if((essidlen == 0) || (essidlen > ESSID_LEN_MAX))
{
johnskipped++;
continue;
}
ptreapol2 = strchr(ptreapol, ':');
if(ptreapol2 == NULL)
{
johnskipped++;
continue;
}
hashlen = ptreapol2 - ptreapol;
if(hashlen != 475)
{
johnskipped++;
continue;
}
memset(&hcdata, 0, HCCAP_SIZE);
memcpy(&hcdata, ptressid, essidlen);
johnptr = hcdata +36;
for (i = 0; i < 118; i++)
{
johnptr[0] = (atoi64[ARCH_INDEX(ptreapol[0])] << 2) |
(atoi64[ARCH_INDEX(ptreapol[1])] >> 4);
johnptr[1] = (atoi64[ARCH_INDEX(ptreapol[1])] << 4) |
(atoi64[ARCH_INDEX(ptreapol[2])] >> 2);
johnptr[2] = (atoi64[ARCH_INDEX(ptreapol[2])] << 6) |
(atoi64[ARCH_INDEX(ptreapol[3])]);
johnptr += 3;
ptreapol += 4;
}
johnptr[0] = (atoi64[ARCH_INDEX(ptreapol[0])] << 2) |
(atoi64[ARCH_INDEX(ptreapol[1])] >> 4);
johnptr[1] = (atoi64[ARCH_INDEX(ptreapol[1])] << 4) |
(atoi64[ARCH_INDEX(ptreapol[2])] >> 2);
eapa = (eapauth_t*)hcptr->eapol;
if(eapa->type != EAPOL_KEY)
{
johnskipped++;
continue;
}
if(hcptr->eapol_size != ntohs(eapa->len) +4)
{
johnskipped++;
continue;
}
if(filenametoremove == NULL)
{
return;
}
if(stat(filenametoremove, &statinfo) != 0)
{
return;
}
if(statinfo.st_size == 24)
{
remove(filenametoremove);
return;
}
return;
}
/*===========================================================================*/
__attribute__ ((noreturn))
static void version(char *eigenname)
{
fprintf(stdout, "%s %s (C) %s ZeroBeat\n", eigenname, VERSION_TAG, VERSION_YEAR);
exit(EXIT_SUCCESS);
}
/*---------------------------------------------------------------------------*/
__attribute__ ((noreturn))
static void usage(char *eigenname)
{
fprintf(stdout, "%s %s (C) %s ZeroBeat\n"
"usage:\n"
"%s <options>\n"
"\n"
"options:\n"
"-c <file> : output cap file\n"
" if no cap file is selected, output will be written to single cap
files\n"
" format: mac_sta.cap (mac_sta.cap_x)\n"
"-h : show this help\n"
"-v : show version\n"
"\n"
"--pmkid-eapol=<file> : input PMKID EAPOL (22000) combi hash file\n"
"--pmkid=<file> : input deprecated PMKID (16800) hash file\n"
"--hccapx=<file> : input deprecated hccapx (2500) hash file\n"
"--hccap=<file> : input ancient hccap (2500) file\n"
"--john=<file> : input John the Ripper WPAPSK hash file\n"
"--help : show this help\n"
"--version : show version\n"
"\n", eigenname, VERSION_TAG, VERSION_YEAR, eigenname);
exit(EXIT_SUCCESS);
}
/*---------------------------------------------------------------------------*/
__attribute__ ((noreturn))
static void usageerror(char *eigenname)
{
fprintf(stdout, "%s %s (C) %s by ZeroBeat\n"
"usage: %s -h for help\n", eigenname, VERSION_TAG, VERSION_YEAR, eigenname);
exit(EXIT_FAILURE);
}
/*===========================================================================*/
int main(int argc, char *argv[])
{
static int auswahl;
static int index;
static int fd_cap = 0;
static char *pmkideapolname = NULL;
static char *pmkidname = NULL;
static char *hccapxname = NULL;
static char *hccapname = NULL;
static char *johnname = NULL;
static char *capname = NULL;
auswahl = -1;
index = 0;
optind = 1;
optopt = 0;
case HCXP_PMKID:
pmkidname = optarg;
break;
case HCXP_HCCAPX:
hccapxname = optarg;
break;
case HCXP_HCCAP:
hccapname = optarg;
break;
case HCXP_JOHN:
johnname = optarg;
break;
case HCXP_CAP:
capname = optarg;
break;
case HCXP_HELP:
usage(basename(argv[0]));
break;
case HCXP_VERSION:
version(basename(argv[0]));
break;
case '?':
usageerror(basename(argv[0]));
break;
}
}
if(argc < 2)
{
fprintf(stderr, "no option selected\n");
return EXIT_SUCCESS;
}
globalinit();
if(capname != NULL)
{
fd_cap = hcxopencapdump(capname);
if(fd_cap == -1)
{
fprintf(stderr, "could not create cap file\n");
exit(EXIT_FAILURE);
}
}
if(pmkideapolname != NULL)
{
processpmkideapolfile(pmkideapolname, fd_cap);
}
if(pmkidname != NULL)
{
processpmkidfile(pmkidname, fd_cap);
}
if(hccapxname != NULL)
{
processhccapxfile(hccapxname, fd_cap);
}
if(hccapname != NULL)
{
processhccapfile(hccapname, fd_cap);
}
if(johnname != NULL)
{
processjohnfile(johnname, fd_cap);
}
if(fd_cap != 0)
{
close(fd_cap);
removeemptycap(capname);
}
if(pmkideapolcapwritten > 0)
{
fprintf(stdout, "PMKIDs/EAPOL messages written to capfile(s): %llu (%llu
skipped)\n", pmkideapolcapwritten, pmkideapolcapskipped);
}
if(pmkcapwritten > 0)
{
fprintf(stdout, "PMKIDs written to capfile(s): %llu (%llu skipped)\n",
pmkcapwritten, pmkcapskipped);
}
if(hccapxcapwritten > 0)
{
fprintf(stdout, "EAPOLs written to capfile(s): %llu (%llu skipped)\n",
hccapxcapwritten, hccapxcapskipped);
}
if(hccapcapwritten > 0)
{
fprintf(stdout, "EAPOLs written to capfile(s): %llu (%llu skipped)\n",
hccapcapwritten, hccapcapskipped);
}
if(johnwritten > 0)
{
fprintf(stdout, "EAPOLs written to capfile(s): %llu (%llu skipped)\n",
johnwritten, johnskipped);
}
return EXIT_SUCCESS;
}
/*===========================================================================*/