Hash subroutines, attack subroutines, & bug fixes.
Implemented modular hash and attack subroutines. Fixed minor bugs with script startup.
This commit is contained in:
parent
7987e28b56
commit
1613eec221
300
fluxion
300
fluxion
|
@ -90,7 +90,7 @@ declare -r FLUXIONCLIArguments=$FLUXIONCLIArguments
|
||||||
# ============= < Argument Loaded Configurables > ============ #
|
# ============= < Argument Loaded Configurables > ============ #
|
||||||
eval set -- "$FLUXIONCLIArguments" # Set environment parameters.
|
eval set -- "$FLUXIONCLIArguments" # Set environment parameters.
|
||||||
|
|
||||||
[ "$1" ] && declare -r FLUXIONAuto=1 # Auto-mode if using CLI.
|
[ "$1" != "--" ] && declare -r FLUXIONAuto=1 # Auto-mode if using CLI.
|
||||||
|
|
||||||
while [ "$1" != "--" ]; do
|
while [ "$1" != "--" ]; do
|
||||||
case "$1" in
|
case "$1" in
|
||||||
|
@ -478,33 +478,35 @@ function fluxion_do_sequence() {
|
||||||
# The for-loop implementation must support the subroutines
|
# The for-loop implementation must support the subroutines
|
||||||
# defined above, including updating the namespace tracker.
|
# defined above, including updating the namespace tracker.
|
||||||
|
|
||||||
local -r namespace=$1
|
local -r __fluxion_do_sequence__namespace=$1
|
||||||
local -r sequence=("${!2}")
|
local -r __fluxion_do_sequence__sequence=("${!2}")
|
||||||
|
|
||||||
if [ ${#sequence[@]} -eq 0 ]; then return -2; fi
|
if [ ${#__fluxion_do_sequence__sequence[@]} -eq 0 ]; then
|
||||||
|
return -2
|
||||||
|
fi
|
||||||
|
|
||||||
local -A index=()
|
local -A __fluxion_do_sequence__index=()
|
||||||
|
|
||||||
local i
|
local i
|
||||||
for i in $(seq ${#sequence[@]}); do
|
for i in $(seq ${#__fluxion_do_sequence__sequence[@]}); do
|
||||||
index["${sequence[i-1]}"]=$i
|
__fluxion_do_sequence__index["${__fluxion_do_sequence__sequence[i-1]}"]=$i
|
||||||
done
|
done
|
||||||
|
|
||||||
local instruction=${sequence[0]}
|
local __fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence[0]}
|
||||||
while [ "$instruction" ]; do
|
while [ "$__fluxion_do_sequence__instruction" ]; do
|
||||||
if ! fluxion_do $namespace $instruction; then
|
if ! fluxion_do $__fluxion_do_sequence__namespace $__fluxion_do_sequence__instruction; then
|
||||||
if ! fluxion_undo $namespace
|
if ! fluxion_undo $__fluxion_do_sequence__namespace
|
||||||
then break
|
then break
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! fluxion_done; then return -3; fi
|
if ! fluxion_done; then return -3; fi
|
||||||
|
|
||||||
local instructionIndex=${index["$FluxionDone"]}
|
local __fluxion_do_sequence__instructionIndex=${__fluxion_do_sequence__index["$FluxionDone"]}
|
||||||
|
|
||||||
if [ ! "$instructionIndex" ]; then return -4; fi
|
if [ ! "$__fluxion_do_sequence__instructionIndex" ]; then return -4; fi
|
||||||
|
|
||||||
instruction=${sequence["$instructionIndex"]}
|
__fluxion_do_sequence__instruction=${__fluxion_do_sequence__sequence["$__fluxion_do_sequence__instructionIndex"]}
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1007,9 +1009,279 @@ function fluxion_get_target() {
|
||||||
FLUXIONGetTargetRogueMAC="${FLUXIONGetTargetMAC::13}${rogueMACHex:1:1}${FLUXIONGetTargetRogueMAC:14:4}"
|
FLUXIONGetTargetRogueMAC="${FLUXIONGetTargetMAC::13}${rogueMACHex:1:1}${FLUXIONGetTargetRogueMAC:14:4}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function fluxion_target_show() {
|
||||||
|
format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n"
|
||||||
|
|
||||||
|
local colorlessFormat="$FormatApplyAutosize"
|
||||||
|
local colorfullFormat=$(echo "$colorlessFormat" | sed -r 's/%-32s/%-32b/g')
|
||||||
|
|
||||||
|
printf "$colorlessFormat" "" "ESSID" "\"${FLUXIONGetTargetSSID:-[N/A]}\" / ${FLUXIONGetTargetEncryption:-[N/A]}" ""
|
||||||
|
printf "$colorlessFormat" "" "Channel" "${FLUXIONGetTargetChannel:-[N/A]}" ""
|
||||||
|
printf "$colorfullFormat" "" "BSSID" "${FLUXIONGetTargetMAC:-[N/A]} ($CYel${FLUXIONGetTargetMaker:-[N/A]}$CClr)" ""
|
||||||
|
|
||||||
|
echo
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# =================== < Hash Subroutines > =================== #
|
||||||
|
# Parameters: <hash path> <bssid> <essid> [channel [encryption [maker]]]
|
||||||
|
function fluxion_hash_verify() {
|
||||||
|
if [ ${#@} -lt 3 ]; then return 1; fi
|
||||||
|
|
||||||
|
local -r hashPath=$1
|
||||||
|
local -r hashBSSID=$2
|
||||||
|
local -r hashESSID=$3
|
||||||
|
local -r hashChannel=$4
|
||||||
|
local -r hashEncryption=$5
|
||||||
|
local -r hashMaker=$6
|
||||||
|
|
||||||
|
if [ ! -f "$hashPath" -o ! -s "$hashPath" ]; then
|
||||||
|
echo -e "$FLUXIONVLine $FLUXIONHashFileDoesNotExistError"
|
||||||
|
sleep 3
|
||||||
|
return 2
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$FLUXIONAuto" ]; then
|
||||||
|
local -r verifier="pyrit"
|
||||||
|
else
|
||||||
|
fluxion_header
|
||||||
|
|
||||||
|
echo -e "$FLUXIONVLine $FLUXIONHashVerificationMethodQuery"
|
||||||
|
echo
|
||||||
|
|
||||||
|
fluxion_show_ap_info
|
||||||
|
"$hashESSID" \
|
||||||
|
"$hashEncryption" \
|
||||||
|
"$hashChannel" \
|
||||||
|
"$hashBSSID" \
|
||||||
|
"$hashMaker"
|
||||||
|
|
||||||
|
local choices=( \
|
||||||
|
"$FLUXIONHashVerificationMethodPyritOption" \
|
||||||
|
"$FLUXIONHashVerificationMethodAircrackOption" \
|
||||||
|
"$FLUXIONGeneralBackOption" \
|
||||||
|
)
|
||||||
|
|
||||||
|
io_query_choice "" choices[@]
|
||||||
|
|
||||||
|
echo
|
||||||
|
|
||||||
|
case "$IOQueryChoice" in
|
||||||
|
"$FLUXIONHashVerificationMethodPyritOption")
|
||||||
|
local -r verifier="pyrit" ;;
|
||||||
|
|
||||||
|
"$FLUXIONHashVerificationMethodAircrackOption")
|
||||||
|
local -r verifier="aircrack-ng" ;;
|
||||||
|
|
||||||
|
"$FLUXIONGeneralBackOption")
|
||||||
|
return -1 ;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
|
||||||
|
hash_check_handshake \
|
||||||
|
"$verifier" \
|
||||||
|
"$hashPath" \
|
||||||
|
"$APTargetSSID" \
|
||||||
|
"$APTargetMAC"
|
||||||
|
|
||||||
|
local -r hashResult=$?
|
||||||
|
|
||||||
|
# A value other than 0 means there's an issue with the hash.
|
||||||
|
if [ $hashResult -ne 0 ]; then
|
||||||
|
echo -e "$FLUXIONVLine $FLUXIONHashInvalidError"
|
||||||
|
else
|
||||||
|
echo -e "$FLUXIONVLine $FLUXIONHashValidNotice"
|
||||||
|
fi
|
||||||
|
|
||||||
|
sleep 3
|
||||||
|
|
||||||
|
if [ $hashResult -ne 0 ]; then return 1; fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function fluxion_hash_unset_path() {
|
||||||
|
FluxionHashPath=""
|
||||||
|
}
|
||||||
|
|
||||||
|
# Parameters: <hash path> <bssid> <essid> [channel [encryption [maker]]]
|
||||||
|
function fluxion_hash_set_path() {
|
||||||
|
if [ "$FluxionHashPath" ]; then return 0; fi
|
||||||
|
|
||||||
|
fluxion_hash_unset_path
|
||||||
|
|
||||||
|
local -r hashPath=$1
|
||||||
|
|
||||||
|
# If we've got a default path, check if a hash exists.
|
||||||
|
# If one exists, ask users if they'd like to use it.
|
||||||
|
if [ "$hashPath" -a -f "$hashPath" -a -s "$hashPath" ]; then
|
||||||
|
local choices=( \
|
||||||
|
"$FLUXIONUseFoundHashOption" \
|
||||||
|
"$FLUXIONSpecifyHashPathOption" \
|
||||||
|
"$FLUXIONHashSourceRescanOption" \
|
||||||
|
"$FLUXIONGeneralBackOption" \
|
||||||
|
)
|
||||||
|
|
||||||
|
fluxion_header
|
||||||
|
|
||||||
|
echo -e "$FLUXIONVLine $FLUXIONFoundHashNotice"
|
||||||
|
echo -e "$FLUXIONVLine $FLUXIONUseFoundHashQuery"
|
||||||
|
echo
|
||||||
|
|
||||||
|
io_query_choice "" choices[@]
|
||||||
|
|
||||||
|
echo
|
||||||
|
|
||||||
|
case "$IOQueryChoice" in
|
||||||
|
"$FLUXIONUseFoundHashOption")
|
||||||
|
FluxionHashPath=$hashPath
|
||||||
|
return ;;
|
||||||
|
|
||||||
|
"$FLUXIONHashSourceRescanOption")
|
||||||
|
fluxion_hash_set_path "$hashPath"
|
||||||
|
return $? ;;
|
||||||
|
|
||||||
|
"$FLUXIONGeneralBackOption")
|
||||||
|
return -1 ;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
|
||||||
|
while [ ! "$FluxionHashPath" ]; do
|
||||||
|
fluxion_header
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileQuery"
|
||||||
|
echo -e "$FLUXIONVLine $FLUXIONPathToHandshakeFileReturnTip"
|
||||||
|
echo
|
||||||
|
echo -ne "$FLUXIONAbsolutePathInfo: "
|
||||||
|
read FluxionHashPath
|
||||||
|
|
||||||
|
# Back-track when the user leaves the hash path blank.
|
||||||
|
# Notice: Path is cleared if we return, no need to unset.
|
||||||
|
if [ ! "$FluxionHashPath" ]; then return -1; fi
|
||||||
|
|
||||||
|
# Make sure the path points to a valid generic file.
|
||||||
|
if [ ! -f "$FluxionHashPath" -o ! -s "$FluxionHashPath" ]; then
|
||||||
|
echo -e "$FLUXIONVLine $FLUXIONEmptyOrNonExistentHashError"
|
||||||
|
sleep 5
|
||||||
|
fluxion_hash_unset_path
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
# Paramters: <defaultHashPath> <bssid> <essid>
|
||||||
|
function fluxion_hash_get() {
|
||||||
|
# Assure we've got the bssid and the essid passed in.
|
||||||
|
if [ ${#@} -lt 2 ]; then return 1; fi
|
||||||
|
|
||||||
|
if ! fluxion_hash_set_path "$1"; then return $?; fi
|
||||||
|
|
||||||
|
# TODO: People are gonna bitch about this, I can already tell:
|
||||||
|
# "The back button isn't taking me back!" So yeah, fix this.
|
||||||
|
if ! fluxion_hash_verify "$@"; then return $?; fi
|
||||||
|
|
||||||
|
# Copy to hash file to workspace for operations.
|
||||||
|
cp "$APTargetHashPath" "$hashPath"
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# ================== < Attack Subroutines > ================== #
|
||||||
|
function fluxion_unset_attack() {
|
||||||
|
FluxionAttack=""
|
||||||
|
}
|
||||||
|
|
||||||
|
function fluxion_set_attack() {
|
||||||
|
if [ "$FluxionAttack" ]; then return 0; fi
|
||||||
|
|
||||||
|
fluxion_unset_attack
|
||||||
|
|
||||||
|
fluxion_header
|
||||||
|
|
||||||
|
echo -e "$FLUXIONVLine $FLUXIONAttackQuery"
|
||||||
|
echo
|
||||||
|
|
||||||
|
fluxion_target_show
|
||||||
|
|
||||||
|
local attacks
|
||||||
|
readarray -t attacks < <(ls -1 attacks)
|
||||||
|
|
||||||
|
local descriptions
|
||||||
|
readarray -t descriptions < <(head -n 3 attacks/*/language/$FLUXIONLanguage.sh | grep -E "^# description: " | sed -E 's/# \w+: //')
|
||||||
|
|
||||||
|
local identifiers=()
|
||||||
|
|
||||||
|
local attack
|
||||||
|
for attack in "${attacks[@]}"; do
|
||||||
|
local identifier="$(head -n 3 "attacks/$attack/language/$FLUXIONLanguage.sh" | grep -E "^# identifier: " | sed -E 's/# \w+: //')"
|
||||||
|
if [ "$identifier" ]; then identifiers+=("$identifier")
|
||||||
|
else identifiers+=("$attack")
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
attacks+=("$FLUXIONGeneralExitOption")
|
||||||
|
identifiers+=("$FLUXIONGeneralExitOption")
|
||||||
|
descriptions+=("")
|
||||||
|
|
||||||
|
io_query_format_fields "" "\t$CRed[$CSYel%d$CClr$CRed]$CClr%0.0s $CCyn%b$CClr %b\n" attacks[@] identifiers[@] descriptions[@]
|
||||||
|
|
||||||
|
echo
|
||||||
|
|
||||||
|
if [ "${IOQueryFormatFields[1]}" = "$FLUXIONGeneralExitOption" ]; then
|
||||||
|
fluxion_shutdown
|
||||||
|
fi
|
||||||
|
|
||||||
|
FluxionAttack=${IOQueryFormatFields[0]}
|
||||||
|
}
|
||||||
|
|
||||||
|
function fluxion_unprep_attack() {
|
||||||
|
if type -t unprep_attack &> /dev/null; then
|
||||||
|
unprep_attack
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 1 # Trigger another undo since prep isn't significant.
|
||||||
|
}
|
||||||
|
|
||||||
|
function fluxion_prep_attack() {
|
||||||
|
local -r path="$FLUXIONPath/attacks/$FluxionAttack"
|
||||||
|
|
||||||
|
if [ ! -x "$path/attack.sh" ]; then return 1; fi
|
||||||
|
if [ ! -x "$path/language/$FLUXIONLanguage.sh" ]; then return 2; fi
|
||||||
|
|
||||||
|
# Load attack and its corresponding language file.
|
||||||
|
# Notice: If the attack is a targetted attack, sourcing
|
||||||
|
# will define the constant FLUXIONAttackTargetted.
|
||||||
|
source "$path/language/$FLUXIONLanguage.sh"
|
||||||
|
source "$path/attack.sh"
|
||||||
|
|
||||||
|
if ! prep_attack "$@"; then
|
||||||
|
fluxion_unprep_attack
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function fluxion_run_attack() {
|
||||||
|
start_attack
|
||||||
|
|
||||||
|
local choices=( \
|
||||||
|
"$FLUXIONSelectAnotherAttackOption" \
|
||||||
|
"$FLUXIONGeneralExitOption" \
|
||||||
|
)
|
||||||
|
|
||||||
|
io_query_choice \
|
||||||
|
"`io_dynamic_output $FLUXIONAttackInProgressNotice`" choices[@]
|
||||||
|
|
||||||
|
echo
|
||||||
|
|
||||||
|
# IOQueryChoice is a global, meaning, its value is volatile.
|
||||||
|
# We need to make sure to save the choice before it changes.
|
||||||
|
local choice="$IOQueryChoice"
|
||||||
|
|
||||||
|
stop_attack
|
||||||
|
|
||||||
|
if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then
|
||||||
|
fluxion_handle_exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
fluxion_unset_attack
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
# ============================================================ #
|
# ============================================================ #
|
||||||
|
|
|
@ -6,21 +6,20 @@ readonly HashUtilsVersion="1.0"
|
||||||
HashOutputDevice="/dev/stdout"
|
HashOutputDevice="/dev/stdout"
|
||||||
|
|
||||||
function hash_check_handshake() {
|
function hash_check_handshake() {
|
||||||
local handshakeVerifier=$1
|
local -r handshakeVerifier=$1
|
||||||
local handshakePath=$2
|
local -r handshakePath=$2
|
||||||
local handshakeAPSSID=$3
|
local -r handshakeAPSSID=$3
|
||||||
local handshakeAPMAC=$4
|
local -r handshakeAPMAC=$4
|
||||||
|
|
||||||
local analysis
|
echo "Verifier Parameters: $handshakeVerifier, path $handshakePath, SSID \"$handshakeAPSSID\", MAC $handshakeAPMAC" > $HashOutputDevice
|
||||||
local hashData
|
|
||||||
|
|
||||||
echo "Verifier Parameters: $handshakeVerifier, path $handshakePath, SSID \"$handshakeAPSSID\", MAC $handshakeAPMAC" >$HashOutputDevice
|
local analysis # Since it's being used in all relevant instances.
|
||||||
|
|
||||||
case "$handshakeVerifier" in
|
case "$handshakeVerifier" in
|
||||||
"pyrit")
|
"pyrit")
|
||||||
readarray analysis < <(pyrit -r "$handshakePath" analyze 2>$HashOutputDevice)
|
readarray analysis < <(pyrit -r "$handshakePath" analyze 2> $HashOutputDevice)
|
||||||
if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then
|
if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then
|
||||||
echo "Error: pyrit seems to be broken!" >$HashOutputDevice
|
echo "Error: pyrit seems to be broken!" > $HashOutputDevice
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -28,22 +27,22 @@ function hash_check_handshake() {
|
||||||
|
|
||||||
if [ "$hashMeta" ]; then
|
if [ "$hashMeta" ]; then
|
||||||
local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}')
|
local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}')
|
||||||
hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_SHA[0-9]+_AES/{ print \$0 }")
|
local hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_SHA[0-9]+_AES/{ print \$0 }")
|
||||||
else
|
else
|
||||||
echo "No valid hash meta was found for \"$handshakeAPSSID\"" >$HashOutputDevice
|
echo "No valid hash meta was found for \"$handshakeAPSSID\"" > $HashOutputDevice
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
"aircrack-ng")
|
"aircrack-ng")
|
||||||
readarray analysis < <(aircrack-ng "$handshakePath" 2>$HashOutputDevice)
|
readarray analysis < <(aircrack-ng "$handshakePath" 2> $HashOutputDevice)
|
||||||
if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then
|
if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then
|
||||||
echo "Error: aircrack-ng seems to be broken!" >$HashOutputDevice
|
echo "Error: aircrack-ng seems to be broken!" > $HashOutputDevice
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+" | grep -F "$handshakeAPSSID")
|
local hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+" | grep -F "$handshakeAPSSID")
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
echo "Invalid verifier, quitting!"
|
echo "Invalid verifier, quitting!" > $HashOutputDevice
|
||||||
return 1
|
return 1
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
@ -53,18 +52,24 @@ function hash_check_handshake() {
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
local hashResult
|
|
||||||
case "$handshakeVerifier" in
|
case "$handshakeVerifier" in
|
||||||
"pyrit") hashResult=$(echo "$hashData" | grep "good") ;;
|
"pyrit")
|
||||||
"aircrack-ng") hashResult=$(echo "$hashData" | grep "(1 handshake)") ;;
|
if echo "$hashData" | grep -qF "good"; then
|
||||||
|
local -r hashResult=1
|
||||||
|
fi ;;
|
||||||
|
|
||||||
|
"aircrack-ng")
|
||||||
|
if echo "$hashData" | grep -qE "\([0-9]+ handshake\)"; then
|
||||||
|
local -r hashResult=1
|
||||||
|
fi ;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
if [ -z "$hashResult" ]; then
|
if [ -z "$hashResult" ]; then
|
||||||
echo "Invalid hash for $handshakeAPSSID ($handshakeAPMAC)!"
|
echo "Invalid hash for $handshakeAPSSID ($handshakeAPMAC)!" > $HashOutputDevice
|
||||||
HASHCheckHandshake="invalid"
|
HASHCheckHandshake="invalid"
|
||||||
return 1
|
return 1
|
||||||
else
|
else
|
||||||
echo "Valid hash for $handshakeAPSSID ($handshakeAPMAC)!"
|
echo "Valid hash for $handshakeAPSSID ($handshakeAPMAC)!" > $HashOutputDevice
|
||||||
HASHCheckHandshake="valid"
|
HASHCheckHandshake="valid"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue