diff options
Diffstat (limited to 'net-wireless/cowpatty/files/cowpatty-4.3-fixup2.patch')
| -rw-r--r-- | net-wireless/cowpatty/files/cowpatty-4.3-fixup2.patch | 221 |
1 files changed, 0 insertions, 221 deletions
diff --git a/net-wireless/cowpatty/files/cowpatty-4.3-fixup2.patch b/net-wireless/cowpatty/files/cowpatty-4.3-fixup2.patch deleted file mode 100644 index 3ac75910..00000000 --- a/net-wireless/cowpatty/files/cowpatty-4.3-fixup2.patch +++ /dev/null @@ -1,221 +0,0 @@ -diff -uNr cowpatty-4.3/cowpatty.c cowpatty-4.3-fixup2/cowpatty.c ---- cowpatty-4.3/cowpatty.c 2008-03-20 09:49:38.000000000 -0700 -+++ cowpatty-4.3-fixup2/cowpatty.c 2009-05-21 23:38:17.970291072 -0700 -@@ -71,7 +71,7 @@ - void cleanup(); - void parseopts(struct user_opt *opt, int argc, char **argv); - void closepcap(struct capture_data *capdata); --void handle_dot1x(struct crack_data *cdata, struct capture_data *capdata); -+void handle_dot1x(struct crack_data *cdata, struct capture_data *capdata, struct user_opt *opt); - void dump_all_fields(struct crack_data cdata); - void printstats(struct timeval start, struct timeval end, - unsigned long int wordcount); -@@ -389,7 +389,7 @@ - return (ret); - } - --void handle_dot1x(struct crack_data *cdata, struct capture_data *capdata) -+void handle_dot1x(struct crack_data *cdata, struct capture_data *capdata, struct user_opt *opt) - { - struct ieee8021x *dot1xhdr; - struct wpa_eapol_key *eapolkeyhdr; -@@ -415,8 +415,8 @@ - cdata->ver = key_info & WPA_KEY_INFO_TYPE_MASK; - index = key_info & WPA_KEY_INFO_KEY_INDEX_MASK; - -- /* Check for EAPOL version 1, type EAPOL-Key */ -- if (dot1xhdr->version != 1 || dot1xhdr->type != 3) { -+ /* Check for type EAPOL-Key */ -+ if (dot1xhdr->type != 3) { - return; - } - -@@ -427,59 +427,78 @@ - - if (cdata->ver == WPA_KEY_INFO_TYPE_HMAC_MD5_RC4) { - /* Check for WPA key, and pairwise key type */ -- if (eapolkeyhdr->type != 254 || -+ if ((eapolkeyhdr->type != 2 && eapolkeyhdr->type != 254) || - (key_info & WPA_KEY_INFO_KEY_TYPE) == 0) { - return; - } - } else if (cdata->ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { -- if (eapolkeyhdr->type != 2 || -+ if ((eapolkeyhdr->type != 2 && eapolkeyhdr->type != 254) || - (key_info & WPA_KEY_INFO_KEY_TYPE) == 0) { - return; - } - } - -+ if (opt->verbose > 2) { -+ printf ("WPA_KEY_INFO_TYPE_HMAC_MD5_RC4: %d\n", WPA_KEY_INFO_TYPE_HMAC_MD5_RC4); -+ printf ("WPA_KEY_INFO_TYPE_HMAC_SHA1_AES: %d\n", WPA_KEY_INFO_TYPE_HMAC_SHA1_AES); -+ printf ("key version: %d\n", cdata->ver); -+ printf ("eapol key header type: %d\n", eapolkeyhdr->type); -+ } -+ -+ /* Check for frame 1 of the 4-way handshake */ -+ if ((key_info & WPA_KEY_INFO_MIC) == 0 -+ && (key_info & WPA_KEY_INFO_ACK) -+ && (key_info & WPA_KEY_INFO_INSTALL) == 0 ) { -+ /* All we need from this frame is the authenticator nonce */ -+ memcpy(cdata->anonce, eapolkeyhdr->key_nonce, -+ sizeof(cdata->anonce)); -+ cdata->anonceset = 1; -+ - /* Check for frame 2 of the 4-way handshake */ -- if ((key_info & WPA_KEY_INFO_MIC) && (key_info & WPA_KEY_INFO_ACK) == 0 -- && (key_info & WPA_KEY_INFO_INSTALL) == 0 -- && eapolkeyhdr->key_data_length > 0) { -- /* All we need from this frame is the authenticator nonce */ -- memcpy(cdata->snonce, eapolkeyhdr->key_nonce, -- sizeof(cdata->snonce)); -- cdata->snonceset = 1; -+ } else if ((key_info & WPA_KEY_INFO_MIC) -+ && (key_info & WPA_KEY_INFO_INSTALL) == 0 -+ && (key_info & WPA_KEY_INFO_ACK) == 0 -+ && eapolkeyhdr->key_data_length > 0) { - -- } else if ( /* Check for frame 3 of the 4-way handshake */ -- (key_info & WPA_KEY_INFO_MIC) -- && (key_info & WPA_KEY_INFO_INSTALL) -- && (key_info & WPA_KEY_INFO_ACK)) { -+ cdata->eapolframe_size = ( packet[capdata->dot1x_offset + 2] << 8 ) -+ + packet[capdata->dot1x_offset + 3] + 4; - - memcpy(cdata->spa, &packet[capdata->dstmac_offset], -- sizeof(cdata->spa)); -- memcpy(cdata->aa, &packet[capdata->srcmac_offset], -- sizeof(cdata->aa)); -- memcpy(cdata->anonce, eapolkeyhdr->key_nonce, -- sizeof(cdata->anonce)); -- cdata->aaset = 1; -- cdata->spaset = 1; -- cdata->anonceset = 1; -- /* We save the replay counter value in the 3rd frame to match -- against the 4th frame of the four-way handshake */ -- memcpy(cdata->replay_counter, eapolkeyhdr->replay_counter, 8); -- -- } else if ( /* Check for frame 4 of the four-way handshake */ -- (key_info & WPA_KEY_INFO_MIC) -- && (key_info & WPA_KEY_INFO_ACK) == 0 -- && (key_info & WPA_KEY_INFO_INSTALL) == 0 -- && -- (memcmp -- (cdata->replay_counter, eapolkeyhdr->replay_counter, -- 8) == 0)) { -+ sizeof(cdata->spa)); -+ memcpy(cdata->aa, &packet[capdata->srcmac_offset], -+ sizeof(cdata->aa)); -+ memcpy(cdata->snonce, eapolkeyhdr->key_nonce, -+ sizeof(cdata->snonce)); -+ cdata->aaset = 1; -+ cdata->spaset = 1; -+ cdata->snonceset = 1; - - memcpy(cdata->keymic, eapolkeyhdr->key_mic, -- sizeof(cdata->keymic)); -+ sizeof(cdata->keymic)); - memcpy(cdata->eapolframe, &packet[capdata->dot1x_offset], -- sizeof(cdata->eapolframe)); -+ cdata->eapolframe_size); -+ - cdata->keymicset = 1; - cdata->eapolframeset = 1; -+ -+ /* Check for frame 3 of the 4-way handshake */ -+ } else if ((key_info & WPA_KEY_INFO_MIC) -+ && (key_info & WPA_KEY_INFO_ACK) -+ && (key_info & WPA_KEY_INFO_INSTALL)) { -+ /* All we need from this frame is the authenticator nonce */ -+ memcpy(cdata->anonce, eapolkeyhdr->key_nonce, -+ sizeof(cdata->anonce)); -+ cdata->anonceset = 1; -+ -+ } -+ -+ if (opt->verbose > 2) { -+ printf("aaset: %d\n",cdata->aaset); -+ printf("spaset: %d\n",cdata->spaset); -+ printf("snonceset: %d\n",cdata->snonceset); -+ printf("keymicset: %d\n",cdata->keymicset); -+ printf("eapolframeset: %d\n",cdata->eapolframeset); -+ printf("anonceset: %d\n", cdata->anonceset); - } - } - -@@ -507,8 +526,7 @@ - printf("\n"); - - printf("eapolframe is:"); -- lamont_hdump(cdata.eapolframe, 99); /* Bug in lamont_hdump makes this look -- wrong, only shows 98 bytes */ -+ lamont_hdump(cdata.eapolframe, cdata.eapolframe_size); - printf("\n"); - - } -@@ -706,7 +724,7 @@ - } - - hmac_hash(cdata->ver, ptkset->mic_key, 16, cdata->eapolframe, -- sizeof(cdata->eapolframe), keymic); -+ cdata->eapolframe_size, keymic); - - if (opt->verbose > 2) { - printf("Calculated MIC with \"%s\" is", passphrase); -@@ -815,7 +833,7 @@ - } - - hmac_hash(cdata->ver, ptkset->mic_key, 16, cdata->eapolframe, -- sizeof(cdata->eapolframe), keymic); -+ cdata->eapolframe_size, keymic); - - if (opt->verbose > 2) { - printf("Calculated MIC with \"%s\" is", passphrase); -@@ -874,7 +892,7 @@ - 0 && (h->len > - capdata.l2type_offset + sizeof(struct wpa_eapol_key))) { - /* It's a dot1x frame, process it */ -- handle_dot1x(&cdata, &capdata); -+ handle_dot1x(&cdata, &capdata, &opt); - if (cdata.aaset && cdata.spaset && cdata.snonceset && - cdata.anonceset && cdata.keymicset - && cdata.eapolframeset) { -@@ -909,7 +927,6 @@ - eapkeypacket = - (struct wpa_eapol_key *)&cdata.eapolframe[EAPDOT1XOFFSET]; - memset(&eapkeypacket->key_mic, 0, sizeof(eapkeypacket->key_mic)); -- eapkeypacket->key_data_length = 0; - - printf("Starting dictionary attack. Please be patient.\n"); - fflush(stdout); -diff -uNr cowpatty-4.3/cowpatty.h cowpatty-4.3-fixup2/cowpatty.h ---- cowpatty-4.3/cowpatty.h 2008-03-20 09:49:38.000000000 -0700 -+++ cowpatty-4.3-fixup2/cowpatty.h 2009-05-21 23:37:52.533281370 -0700 -@@ -94,7 +94,7 @@ - u16 length; - } __attribute__ ((packed)); - --#define MAXPASSLEN 63 -+#define MAXPASSLEN 64 - #define MEMORY_DICT 0 - #define STDIN_DICT 1 - #define EAPDOT1XOFFSET 4 -@@ -166,7 +166,8 @@ - u8 spa[6]; - u8 snonce[32]; - u8 anonce[32]; -- u8 eapolframe[99]; /* Length the same for all packets? */ -+ u8 eapolframe[99]; -+ u8 eapolframe2[125]; - u8 keymic[16]; - u8 aaset; - u8 spaset; -@@ -177,6 +178,7 @@ - u8 replay_counter[8]; - - int ver; /* Hashing algo, MD5 or AES-CBC-MAC */ -+ int eapolframe_size; - }; - - struct hashdb_head { |