diff options
Diffstat (limited to 'net-wireless/cowpatty')
-rw-r--r-- | net-wireless/cowpatty/Manifest | 7 | ||||
-rw-r--r-- | net-wireless/cowpatty/cowpatty-4.3-r2.ebuild | 28 | ||||
-rw-r--r-- | net-wireless/cowpatty/cowpatty-4.6-r4.ebuild | 28 | ||||
-rw-r--r-- | net-wireless/cowpatty/files/cowpatty-4.3-fixup2.patch | 221 | ||||
-rw-r--r-- | net-wireless/cowpatty/files/cowpatty-4.3-hashfix.patch | 12 | ||||
-rw-r--r-- | net-wireless/cowpatty/files/cowpatty-4.6-fixup14.patch | 346 |
6 files changed, 0 insertions, 642 deletions
diff --git a/net-wireless/cowpatty/Manifest b/net-wireless/cowpatty/Manifest deleted file mode 100644 index d7e9de0a..00000000 --- a/net-wireless/cowpatty/Manifest +++ /dev/null @@ -1,7 +0,0 @@ -AUX cowpatty-4.3-fixup2.patch 7550 RMD160 7b8bbb2266b69cf12290ac825f06efaf59b7c39c SHA1 0a42824828f3a91bb8a072b7210d9015205c096a SHA256 a5f1ea5429afd3a6cfc3509fdc564490f85f006258d11c5dc8b515d9490524e2 -AUX cowpatty-4.3-hashfix.patch 518 RMD160 7056eb376306bd086e7af8ca63f60799e5630cbf SHA1 10ee4c3796664c3f0a421e5f4901086d5985fd27 SHA256 a32d8dc367d858dda7bf557a9c01a5b9509aad04f4d0491100a1e42fdf749c72 -AUX cowpatty-4.6-fixup14.patch 12727 RMD160 fb2c3d60b5f07a9be4a25d7380ee1f33fc95a082 SHA1 635c09a981f30c9604f56497e71a451f00cc37f8 SHA256 49671af83ba4f6551e5b6e96e8036b0fba8929eda5917856c96643a1062a3db4 -DIST cowpatty-4.3.tgz 103720 RMD160 3eff935f1532f84c60bfd576801be4d6911964d1 SHA1 8b7cb2015d0534031827f2f06135bf5cf5929d35 SHA256 b82154c9183fed3c26226c124f5e50ef38adaaafc84c5a13d9256b1ebd489bca -DIST cowpatty-4.6.tgz 104979 RMD160 643e9e675ec06f606c99729289692654ddcbe3b4 SHA1 2dc09d725e4131a68a33c8717d3a7317e5616df2 SHA256 cd3fc113e5052d3ee08ab71aa87edf772d044f760670c73fde5d5581d7803bc2 -EBUILD cowpatty-4.3-r2.ebuild 719 RMD160 7e905574beb66550f4d28e686e36cbed6d59927f SHA1 58524b3354f7a85684c27a9161bcadcfe13fc673 SHA256 816e5ed329658a9ff09d142a70015e879537022aef63ad4e1eb2b0d1d18227ff -EBUILD cowpatty-4.6-r4.ebuild 670 RMD160 873dfed750509f50a4d7777cea257d72c078550e SHA1 61a4620a6f8568beaab0ea66cde4828de258533a SHA256 b9cf08fa1d839e9ba25e8ea65d20e208122b5ea7b397d3a2f323b48f23c4ccf0 diff --git a/net-wireless/cowpatty/cowpatty-4.3-r2.ebuild b/net-wireless/cowpatty/cowpatty-4.3-r2.ebuild deleted file mode 100644 index c60c8302..00000000 --- a/net-wireless/cowpatty/cowpatty-4.3-r2.ebuild +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 1999-2010 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: $ - -inherit eutils - -DESCRIPTION="WLAN tools for bruteforcing 802.11 WPA/WPA2 keys" -HOMEPAGE="http://www.willhackforsushi.com/Cowpatty.html" -SRC_URI="http://www.willhackforsushi.com/code/${PN}/${PV}/${P}.tgz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="" -DEPEND="dev-libs/openssl - net-libs/libpcap" -RDEPEND="${DEPEND}" - -src_compile() { - epatch "${FILESDIR}"/cowpatty-4.3-fixup2.patch - epatch "${FILESDIR}"/cowpatty-4.3-hashfix.patch - emake -j1 || die "emake failed" -} - -src_install() { - dobin cowpatty genpmk || die "dobin failed" - dodoc AUTHORS CHANGELOG FAQ INSTALL README TODO dict *.dump -} diff --git a/net-wireless/cowpatty/cowpatty-4.6-r4.ebuild b/net-wireless/cowpatty/cowpatty-4.6-r4.ebuild deleted file mode 100644 index 7beab82e..00000000 --- a/net-wireless/cowpatty/cowpatty-4.6-r4.ebuild +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 1999-2010 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: $ - -inherit eutils - -DESCRIPTION="WLAN tools for bruteforcing 802.11 WPA/WPA2 keys" -HOMEPAGE="http://www.willhackforsushi.com/?page_id=50" -SRC_URI="http://www.willhackforsushi.com/code/${PN}/${PV}/${P}.tgz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="" - -DEPEND="dev-libs/openssl - net-libs/libpcap" -RDEPEND="${DEPEND}" - -src_compile() { - epatch "${FILESDIR}"/cowpatty-4.6-fixup14.patch - emake -j1 || die "emake failed" -} - -src_install() { - dobin cowpatty genpmk || die "dobin failed" - dodoc AUTHORS CHANGELOG FAQ INSTALL README TODO dict *.dump -} diff --git a/net-wireless/cowpatty/files/cowpatty-4.3-fixup2.patch b/net-wireless/cowpatty/files/cowpatty-4.3-fixup2.patch deleted file mode 100644 index 3ac75910..00000000 --- a/net-wireless/cowpatty/files/cowpatty-4.3-fixup2.patch +++ /dev/null @@ -1,221 +0,0 @@ -diff -uNr cowpatty-4.3/cowpatty.c cowpatty-4.3-fixup2/cowpatty.c ---- cowpatty-4.3/cowpatty.c 2008-03-20 09:49:38.000000000 -0700 -+++ cowpatty-4.3-fixup2/cowpatty.c 2009-05-21 23:38:17.970291072 -0700 -@@ -71,7 +71,7 @@ - void cleanup(); - void parseopts(struct user_opt *opt, int argc, char **argv); - void closepcap(struct capture_data *capdata); --void handle_dot1x(struct crack_data *cdata, struct capture_data *capdata); -+void handle_dot1x(struct crack_data *cdata, struct capture_data *capdata, struct user_opt *opt); - void dump_all_fields(struct crack_data cdata); - void printstats(struct timeval start, struct timeval end, - unsigned long int wordcount); -@@ -389,7 +389,7 @@ - return (ret); - } - --void handle_dot1x(struct crack_data *cdata, struct capture_data *capdata) -+void handle_dot1x(struct crack_data *cdata, struct capture_data *capdata, struct user_opt *opt) - { - struct ieee8021x *dot1xhdr; - struct wpa_eapol_key *eapolkeyhdr; -@@ -415,8 +415,8 @@ - cdata->ver = key_info & WPA_KEY_INFO_TYPE_MASK; - index = key_info & WPA_KEY_INFO_KEY_INDEX_MASK; - -- /* Check for EAPOL version 1, type EAPOL-Key */ -- if (dot1xhdr->version != 1 || dot1xhdr->type != 3) { -+ /* Check for type EAPOL-Key */ -+ if (dot1xhdr->type != 3) { - return; - } - -@@ -427,59 +427,78 @@ - - if (cdata->ver == WPA_KEY_INFO_TYPE_HMAC_MD5_RC4) { - /* Check for WPA key, and pairwise key type */ -- if (eapolkeyhdr->type != 254 || -+ if ((eapolkeyhdr->type != 2 && eapolkeyhdr->type != 254) || - (key_info & WPA_KEY_INFO_KEY_TYPE) == 0) { - return; - } - } else if (cdata->ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { -- if (eapolkeyhdr->type != 2 || -+ if ((eapolkeyhdr->type != 2 && eapolkeyhdr->type != 254) || - (key_info & WPA_KEY_INFO_KEY_TYPE) == 0) { - return; - } - } - -+ if (opt->verbose > 2) { -+ printf ("WPA_KEY_INFO_TYPE_HMAC_MD5_RC4: %d\n", WPA_KEY_INFO_TYPE_HMAC_MD5_RC4); -+ printf ("WPA_KEY_INFO_TYPE_HMAC_SHA1_AES: %d\n", WPA_KEY_INFO_TYPE_HMAC_SHA1_AES); -+ printf ("key version: %d\n", cdata->ver); -+ printf ("eapol key header type: %d\n", eapolkeyhdr->type); -+ } -+ -+ /* Check for frame 1 of the 4-way handshake */ -+ if ((key_info & WPA_KEY_INFO_MIC) == 0 -+ && (key_info & WPA_KEY_INFO_ACK) -+ && (key_info & WPA_KEY_INFO_INSTALL) == 0 ) { -+ /* All we need from this frame is the authenticator nonce */ -+ memcpy(cdata->anonce, eapolkeyhdr->key_nonce, -+ sizeof(cdata->anonce)); -+ cdata->anonceset = 1; -+ - /* Check for frame 2 of the 4-way handshake */ -- if ((key_info & WPA_KEY_INFO_MIC) && (key_info & WPA_KEY_INFO_ACK) == 0 -- && (key_info & WPA_KEY_INFO_INSTALL) == 0 -- && eapolkeyhdr->key_data_length > 0) { -- /* All we need from this frame is the authenticator nonce */ -- memcpy(cdata->snonce, eapolkeyhdr->key_nonce, -- sizeof(cdata->snonce)); -- cdata->snonceset = 1; -+ } else if ((key_info & WPA_KEY_INFO_MIC) -+ && (key_info & WPA_KEY_INFO_INSTALL) == 0 -+ && (key_info & WPA_KEY_INFO_ACK) == 0 -+ && eapolkeyhdr->key_data_length > 0) { - -- } else if ( /* Check for frame 3 of the 4-way handshake */ -- (key_info & WPA_KEY_INFO_MIC) -- && (key_info & WPA_KEY_INFO_INSTALL) -- && (key_info & WPA_KEY_INFO_ACK)) { -+ cdata->eapolframe_size = ( packet[capdata->dot1x_offset + 2] << 8 ) -+ + packet[capdata->dot1x_offset + 3] + 4; - - memcpy(cdata->spa, &packet[capdata->dstmac_offset], -- sizeof(cdata->spa)); -- memcpy(cdata->aa, &packet[capdata->srcmac_offset], -- sizeof(cdata->aa)); -- memcpy(cdata->anonce, eapolkeyhdr->key_nonce, -- sizeof(cdata->anonce)); -- cdata->aaset = 1; -- cdata->spaset = 1; -- cdata->anonceset = 1; -- /* We save the replay counter value in the 3rd frame to match -- against the 4th frame of the four-way handshake */ -- memcpy(cdata->replay_counter, eapolkeyhdr->replay_counter, 8); -- -- } else if ( /* Check for frame 4 of the four-way handshake */ -- (key_info & WPA_KEY_INFO_MIC) -- && (key_info & WPA_KEY_INFO_ACK) == 0 -- && (key_info & WPA_KEY_INFO_INSTALL) == 0 -- && -- (memcmp -- (cdata->replay_counter, eapolkeyhdr->replay_counter, -- 8) == 0)) { -+ sizeof(cdata->spa)); -+ memcpy(cdata->aa, &packet[capdata->srcmac_offset], -+ sizeof(cdata->aa)); -+ memcpy(cdata->snonce, eapolkeyhdr->key_nonce, -+ sizeof(cdata->snonce)); -+ cdata->aaset = 1; -+ cdata->spaset = 1; -+ cdata->snonceset = 1; - - memcpy(cdata->keymic, eapolkeyhdr->key_mic, -- sizeof(cdata->keymic)); -+ sizeof(cdata->keymic)); - memcpy(cdata->eapolframe, &packet[capdata->dot1x_offset], -- sizeof(cdata->eapolframe)); -+ cdata->eapolframe_size); -+ - cdata->keymicset = 1; - cdata->eapolframeset = 1; -+ -+ /* Check for frame 3 of the 4-way handshake */ -+ } else if ((key_info & WPA_KEY_INFO_MIC) -+ && (key_info & WPA_KEY_INFO_ACK) -+ && (key_info & WPA_KEY_INFO_INSTALL)) { -+ /* All we need from this frame is the authenticator nonce */ -+ memcpy(cdata->anonce, eapolkeyhdr->key_nonce, -+ sizeof(cdata->anonce)); -+ cdata->anonceset = 1; -+ -+ } -+ -+ if (opt->verbose > 2) { -+ printf("aaset: %d\n",cdata->aaset); -+ printf("spaset: %d\n",cdata->spaset); -+ printf("snonceset: %d\n",cdata->snonceset); -+ printf("keymicset: %d\n",cdata->keymicset); -+ printf("eapolframeset: %d\n",cdata->eapolframeset); -+ printf("anonceset: %d\n", cdata->anonceset); - } - } - -@@ -507,8 +526,7 @@ - printf("\n"); - - printf("eapolframe is:"); -- lamont_hdump(cdata.eapolframe, 99); /* Bug in lamont_hdump makes this look -- wrong, only shows 98 bytes */ -+ lamont_hdump(cdata.eapolframe, cdata.eapolframe_size); - printf("\n"); - - } -@@ -706,7 +724,7 @@ - } - - hmac_hash(cdata->ver, ptkset->mic_key, 16, cdata->eapolframe, -- sizeof(cdata->eapolframe), keymic); -+ cdata->eapolframe_size, keymic); - - if (opt->verbose > 2) { - printf("Calculated MIC with \"%s\" is", passphrase); -@@ -815,7 +833,7 @@ - } - - hmac_hash(cdata->ver, ptkset->mic_key, 16, cdata->eapolframe, -- sizeof(cdata->eapolframe), keymic); -+ cdata->eapolframe_size, keymic); - - if (opt->verbose > 2) { - printf("Calculated MIC with \"%s\" is", passphrase); -@@ -874,7 +892,7 @@ - 0 && (h->len > - capdata.l2type_offset + sizeof(struct wpa_eapol_key))) { - /* It's a dot1x frame, process it */ -- handle_dot1x(&cdata, &capdata); -+ handle_dot1x(&cdata, &capdata, &opt); - if (cdata.aaset && cdata.spaset && cdata.snonceset && - cdata.anonceset && cdata.keymicset - && cdata.eapolframeset) { -@@ -909,7 +927,6 @@ - eapkeypacket = - (struct wpa_eapol_key *)&cdata.eapolframe[EAPDOT1XOFFSET]; - memset(&eapkeypacket->key_mic, 0, sizeof(eapkeypacket->key_mic)); -- eapkeypacket->key_data_length = 0; - - printf("Starting dictionary attack. Please be patient.\n"); - fflush(stdout); -diff -uNr cowpatty-4.3/cowpatty.h cowpatty-4.3-fixup2/cowpatty.h ---- cowpatty-4.3/cowpatty.h 2008-03-20 09:49:38.000000000 -0700 -+++ cowpatty-4.3-fixup2/cowpatty.h 2009-05-21 23:37:52.533281370 -0700 -@@ -94,7 +94,7 @@ - u16 length; - } __attribute__ ((packed)); - --#define MAXPASSLEN 63 -+#define MAXPASSLEN 64 - #define MEMORY_DICT 0 - #define STDIN_DICT 1 - #define EAPDOT1XOFFSET 4 -@@ -166,7 +166,8 @@ - u8 spa[6]; - u8 snonce[32]; - u8 anonce[32]; -- u8 eapolframe[99]; /* Length the same for all packets? */ -+ u8 eapolframe[99]; -+ u8 eapolframe2[125]; - u8 keymic[16]; - u8 aaset; - u8 spaset; -@@ -177,6 +178,7 @@ - u8 replay_counter[8]; - - int ver; /* Hashing algo, MD5 or AES-CBC-MAC */ -+ int eapolframe_size; - }; - - struct hashdb_head { diff --git a/net-wireless/cowpatty/files/cowpatty-4.3-hashfix.patch b/net-wireless/cowpatty/files/cowpatty-4.3-hashfix.patch deleted file mode 100644 index 2ae6fcd2..00000000 --- a/net-wireless/cowpatty/files/cowpatty-4.3-hashfix.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -uNr cowpatty-4.3/cowpatty.c cowpatty-4.3-hashfix/cowpatty.c ---- cowpatty-4.3/cowpatty.c 2008-03-20 09:49:38.000000000 -0700 -+++ cowpatty-4.3-hashfix/cowpatty.c 2008-10-19 23:29:22.000000000 -0700 -@@ -202,7 +202,7 @@ - } - - /* Test that the files specified exist and are greater than 0 bytes */ -- if (!IsBlank(opt->hashfile)) { -+ if (!IsBlank(opt->hashfile) && strncmp(opt->hashfile, "-", 1) != 0) { - if (stat(opt->hashfile, &teststat)) { - usage("Could not stat hashfile. Check file path."); - exit(-1); diff --git a/net-wireless/cowpatty/files/cowpatty-4.6-fixup14.patch b/net-wireless/cowpatty/files/cowpatty-4.6-fixup14.patch deleted file mode 100644 index c27e2b18..00000000 --- a/net-wireless/cowpatty/files/cowpatty-4.6-fixup14.patch +++ /dev/null @@ -1,346 +0,0 @@ -diff -uNr cowpatty-4.6/cowpatty.c cowpatty-4.6-fixup14/cowpatty.c ---- cowpatty-4.6/cowpatty.c 2009-07-03 08:15:50.000000000 -0700 -+++ cowpatty-4.6-fixup14/cowpatty.c 2009-07-17 19:16:21.792816008 -0700 -@@ -94,8 +94,7 @@ - "\t-d \tHash file (genpmk)\n" - "\t-r \tPacket capture file\n" - "\t-s \tNetwork SSID (enclose in quotes if SSID includes spaces)\n" -- "\t-2 \tUse frames 1 and 2 or 2 and 3 for key attack (nonstrict mode)\n" -- "\t-c \tCheck for valid 4-way frames, does not crack\n" -+ "\t-c \tCheck for valid 4-way frames, does not crack\n" - "\t-h \tPrint this help information and exit\n" - "\t-v \tPrint verbose information (more -v for more verbosity)\n" - "\t-V \tPrint program version and exit\n" "\n"); -@@ -151,7 +150,7 @@ - - int c; - -- while ((c = getopt(argc, argv, "f:r:s:d:c2nhvV")) != EOF) { -+ while ((c = getopt(argc, argv, "f:r:s:d:cnhvV")) != EOF) { - switch (c) { - case 'f': - strncpy(opt->dictfile, optarg, sizeof(opt->dictfile)); -@@ -166,9 +165,6 @@ - strncpy(opt->hashfile, optarg, sizeof(opt->hashfile)); - break; - case 'n': -- case '2': -- opt->nonstrict++; -- break; - case 'c': - opt->checkonly++; - break; -@@ -435,21 +431,11 @@ - cdata->ver = key_info & WPA_KEY_INFO_TYPE_MASK; - index = key_info & WPA_KEY_INFO_KEY_INDEX_MASK; - -- if (opt->nonstrict == 0) { -- -- /* Check for EAPOL version 1, type EAPOL-Key */ -- if (dot1xhdr->version != 1 || dot1xhdr->type != 3) { -- return; -- } -- -- } else { -- -- /* Check for type EAPOL-Key */ -- if (dot1xhdr->type != 3) { -- return; -- } -- -+ /* Check for type EAPOL-Key */ -+ if (dot1xhdr->type != 3) { -+ return; - } -+ - if (cdata->ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 && - cdata->ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { - return; -@@ -457,12 +443,12 @@ - - if (cdata->ver == WPA_KEY_INFO_TYPE_HMAC_MD5_RC4) { - /* Check for WPA key, and pairwise key type */ -- if (eapolkeyhdr->type != 254 || -+ if ((eapolkeyhdr->type != 2 && eapolkeyhdr->type != 254) || - (key_info & WPA_KEY_INFO_KEY_TYPE) == 0) { - return; - } - } else if (cdata->ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { -- if (eapolkeyhdr->type != 2 || -+ if ((eapolkeyhdr->type != 2 && eapolkeyhdr->type != 254) || - (key_info & WPA_KEY_INFO_KEY_TYPE) == 0) { - return; - } -@@ -472,19 +458,22 @@ - - /* Check for frame 2 of the 4-way handshake */ - if ((key_info & WPA_KEY_INFO_MIC) -- && (key_info & WPA_KEY_INFO_ACK) == 0 -- && (key_info & WPA_KEY_INFO_INSTALL) == 0 -- && eapolkeyhdr->key_data_length > 0) { -+ && (key_info & WPA_KEY_INFO_ACK) == 0 -+ && (key_info & WPA_KEY_INFO_INSTALL) == 0 -+ && eapolkeyhdr->key_data_length > 0) { - - /* All we need from this frame is the authenticator nonce */ - memcpy(cdata->snonce, eapolkeyhdr->key_nonce, - sizeof(cdata->snonce)); - cdata->snonceset = 1; -+ memcpy(cdata->replay_counter1, -+ eapolkeyhdr->replay_counter, 8); -+ cdata->replay_counter1[7] = cdata->replay_counter1[7] + 1; - - /* Check for frame 3 of the 4-way handshake */ - } else if ((key_info & WPA_KEY_INFO_MIC) -- && (key_info & WPA_KEY_INFO_INSTALL) -- && (key_info & WPA_KEY_INFO_ACK)) { -+ && (key_info & WPA_KEY_INFO_INSTALL) -+ && (key_info & WPA_KEY_INFO_ACK)) { - - memcpy(cdata->spa, &packet[capdata->dstmac_offset], - sizeof(cdata->spa)); -@@ -497,15 +486,17 @@ - cdata->anonceset = 1; - /* We save the replay counter value in the 3rd frame to match - against the 4th frame of the four-way handshake */ -- memcpy(cdata->replay_counter, -+ memcpy(cdata->replay_counter2, - eapolkeyhdr->replay_counter, 8); - - /* Check for frame 4 of the four-way handshake */ - } else if ((key_info & WPA_KEY_INFO_MIC) -- && (key_info & WPA_KEY_INFO_ACK) == 0 -- && (key_info & WPA_KEY_INFO_INSTALL) == 0 -- && (memcmp (cdata->replay_counter, -- eapolkeyhdr->replay_counter, 8) == 0)) { -+ && (key_info & WPA_KEY_INFO_ACK) == 0 -+ && (key_info & WPA_KEY_INFO_INSTALL) == 0 -+ && (memcmp (cdata->replay_counter1, -+ cdata->replay_counter2, 8) == 0) -+ && (memcmp (cdata->replay_counter2, -+ eapolkeyhdr->replay_counter, 8) == 0)) { - - memcpy(cdata->keymic, eapolkeyhdr->key_mic, - sizeof(cdata->keymic)); -@@ -513,57 +504,76 @@ - sizeof(cdata->eapolframe)); - cdata->keymicset = 1; - cdata->eapolframeset = 1; -+ cdata->counters = 1; - } -- } else { -- -- /* Check for frame 1 of the 4-way handshake */ -- if ((key_info & WPA_KEY_INFO_MIC) == 0 -- && (key_info & WPA_KEY_INFO_ACK) -- && (key_info & WPA_KEY_INFO_INSTALL) == 0 ) { -- /* All we need from this frame is the authenticator nonce */ -- memcpy(cdata->anonce, eapolkeyhdr->key_nonce, -- sizeof(cdata->anonce)); -- cdata->anonceset = 1; -- -- /* Check for frame 2 of the 4-way handshake */ -- } else if ((key_info & WPA_KEY_INFO_MIC) -- && (key_info & WPA_KEY_INFO_INSTALL) == 0 -- && (key_info & WPA_KEY_INFO_ACK) == 0 -- && eapolkeyhdr->key_data_length > 0) { - -- cdata->eapolframe_size = ( packet[capdata->dot1x_offset + 2] << 8 ) -- + packet[capdata->dot1x_offset + 3] + 4; -- -- memcpy(cdata->spa, &packet[capdata->dstmac_offset], -- sizeof(cdata->spa)); -- cdata->spaset = 1; -- -- memcpy(cdata->aa, &packet[capdata->srcmac_offset], -- sizeof(cdata->aa)); -- cdata->aaset = 1; -- -- memcpy(cdata->snonce, eapolkeyhdr->key_nonce, -- sizeof(cdata->snonce)); -- cdata->snonceset = 1; -+ } else { - -- memcpy(cdata->keymic, eapolkeyhdr->key_mic, -- sizeof(cdata->keymic)); -- cdata->keymicset = 1; -+ /* Check for frame 1 of the 4-way handshake */ -+ if ((key_info & WPA_KEY_INFO_MIC) == 0 -+ && (key_info & WPA_KEY_INFO_ACK) -+ && (key_info & WPA_KEY_INFO_INSTALL) == 0 ) { -+ -+ /* All we need from this frame is the authenticator nonce */ -+ memcpy(cdata->anonce, eapolkeyhdr->key_nonce, -+ sizeof(cdata->anonce)); -+ cdata->anonceset = 1; -+ -+ memcpy(cdata->replay_counter1, -+ eapolkeyhdr->replay_counter, 8); -+ cdata->replay_counter1[7] = cdata->replay_counter1[7] + 1; -+ -+ /* Check for frame 2 or 4 of the 4-way handshake */ -+ } else if ((key_info & WPA_KEY_INFO_MIC) -+ && (key_info & WPA_KEY_INFO_INSTALL) == 0 -+ && (key_info & WPA_KEY_INFO_ACK) == 0) { -+ -+ cdata->eapolframe_size = ( packet[capdata->dot1x_offset + 2] << 8 ) -+ + packet[capdata->dot1x_offset + 3] + 4; -+ -+ memcpy(cdata->spa, &packet[capdata->dstmac_offset], -+ sizeof(cdata->spa)); -+ cdata->spaset = 1; -+ -+ memcpy(cdata->aa, &packet[capdata->srcmac_offset], -+ sizeof(cdata->aa)); -+ cdata->aaset = 1; -+ -+ memcpy(cdata->snonce, eapolkeyhdr->key_nonce, -+ sizeof(cdata->snonce)); -+ cdata->snonceset = 1; -+ -+ memcpy(cdata->keymic, eapolkeyhdr->key_mic, -+ sizeof(cdata->keymic)); -+ cdata->keymicset = 1; -+ -+ memcpy(cdata->eapolframe, &packet[capdata->dot1x_offset], -+ cdata->eapolframe_size); -+ cdata->eapolframeset = 1; - -- memcpy(cdata->eapolframe, &packet[capdata->dot1x_offset], -- cdata->eapolframe_size); -- cdata->eapolframeset = 1; -+ memcpy(cdata->replay_counter2, -+ eapolkeyhdr->replay_counter, 8); -+ cdata->replay_counter2[7] = cdata->replay_counter2[7] + 1; -+ memcpy(cdata->replay_counter3, -+ eapolkeyhdr->replay_counter, 8); -+ cdata->replay_counter3[7] = cdata->replay_counter3[7] + 2; -+ -+ /* Check for frame 3 of the 4-way handshake */ -+ } else if ((key_info & WPA_KEY_INFO_MIC) -+ && (key_info & WPA_KEY_INFO_ACK) -+ && (key_info & WPA_KEY_INFO_INSTALL)) { -+ -+ /* All we need from this frame is the authenticator nonce */ -+ memcpy(cdata->anonce, eapolkeyhdr->key_nonce, -+ sizeof(cdata->anonce)); -+ cdata->anonceset = 1; -+ -+ memcpy(cdata->replay_counter4, -+ eapolkeyhdr->replay_counter, 8); -+ cdata->replay_counter4[7] = cdata->replay_counter4[7] + 1; - -+ } - -- /* Check for frame 3 of the 4-way handshake */ -- } else if ((key_info & WPA_KEY_INFO_MIC) -- && (key_info & WPA_KEY_INFO_ACK) -- && (key_info & WPA_KEY_INFO_INSTALL)) { -- /* All we need from this frame is the authenticator nonce */ -- memcpy(cdata->anonce, eapolkeyhdr->key_nonce, -- sizeof(cdata->anonce)); -- cdata->anonceset = 1; -- } - } - } - -@@ -982,10 +992,82 @@ - } - } - -+ if (!(cdata.aaset && cdata.spaset && cdata.snonceset && -+ cdata.anonceset && cdata.keymicset && cdata.eapolframeset)) { -+ -+ cdata.aaset = 0; -+ cdata.spaset = 0; -+ cdata.snonceset = 0; -+ cdata.anonceset = 0; -+ cdata.keymicset = 0; -+ cdata.eapolframeset = 0; -+ -+ opt.nonstrict = 1; -+ -+ memset(&capdata, 0, sizeof(struct capture_data)); -+ memset(&cdata, 0, sizeof(struct crack_data)); -+ memset(&eapolkey_nomic, 0, sizeof(eapolkey_nomic)); -+ -+ /* Populate capdata struct */ -+ strncpy(capdata.pcapfilename, opt.pcapfile, -+ sizeof(capdata.pcapfilename)); -+ if (openpcap(&capdata) != 0) { -+ printf("Unsupported or unrecognized pcap file.\n"); -+ exit(-1); -+ } -+ -+ /* populates global *packet */ -+ while (getpacket(&capdata) > 0) { -+ if (opt.verbose > 2) { -+ lamont_hdump(packet, h->len); -+ } -+ /* test packet for data that we are looking for */ -+ if (memcmp(&packet[capdata.l2type_offset], DOT1X_LLCTYPE, 2) == -+ 0 && (h->len >capdata.l2type_offset + sizeof(struct wpa_eapol_key))) { -+ /* It's a dot1x frame, process it */ -+ handle_dot1x(&cdata, &capdata, &opt); -+ -+ if (cdata.aaset && cdata.spaset && cdata.snonceset -+ && cdata.anonceset && cdata.keymicset -+ && cdata.eapolframeset) { -+ -+ if (cdata.replay_counter1 != 0 -+ && cdata.replay_counter2 != 0) { -+ -+ if (memcmp (cdata.replay_counter1, -+ cdata.replay_counter2, 8) == 0) { -+ -+ cdata.counters = 1; -+ /* We've collected everything we need. */ -+ break; -+ -+ } -+ -+ } -+ -+ if (cdata.replay_counter3 != 0 -+ && cdata.replay_counter4 != 0) { -+ -+ if (memcmp (cdata.replay_counter3, -+ cdata.replay_counter4, 8) == 0) { -+ -+ cdata.counters = 1; -+ /* We've collected everything we need. */ -+ break; -+ -+ } -+ -+ } -+ -+ } -+ } -+ } -+ } -+ - closepcap(&capdata); - - if (!(cdata.aaset && cdata.spaset && cdata.snonceset && -- cdata.anonceset && cdata.keymicset && cdata.eapolframeset)) { -+ cdata.anonceset && cdata.keymicset && cdata.eapolframeset && cdata.counters)) { - printf("End of pcap capture file, incomplete four-way handshake " - "exchange. Try using a\ndifferent capture.\n"); - exit(-1); -diff -uNr cowpatty-4.6/cowpatty.h cowpatty-4.6-fixup14/cowpatty.h ---- cowpatty-4.6/cowpatty.h 2009-06-04 06:24:16.000000000 -0700 -+++ cowpatty-4.6-fixup14/cowpatty.h 2009-07-17 16:16:58.043152023 -0700 -@@ -178,7 +178,11 @@ - u8 anonceset; - u8 keymicset; - u8 eapolframeset; -- u8 replay_counter[8]; -+ u8 replay_counter1[8]; -+ u8 replay_counter2[8]; -+ u8 replay_counter3[8]; -+ u8 replay_counter4[8]; -+ u8 counters; - - int ver; /* Hashing algo, MD5 or AES-CBC-MAC */ - int eapolframe_size; |