Mirrors
/
fluxion
mirror of https://github.com/FluxionNetwork/fluxion.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added support for UTF-8 ESSIDs & bug fixes. 

Added support for ESSIDs containing non-ASCII and other special characters.
Fixed a bug which would prevent exiting when the debug flag was active.
Fixed a bug where attacks' unprep_attack wasn't being called on abort.
Fixed a bug where fluxion_show_ap_info was escaping some ESSIDs.

Added better logging messages to HashUtils.
Added support for special characters to HashUtils.
This commit is contained in:
Matias Barcenas 2017-12-21 20:43:50 -06:00
parent 3df7ec512d
commit 33a22c1eaa
2 changed files with 35 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
fluxion.sh
View File

@ -156,7 +156,7 @@ function fluxion_exitmode() {
clear clear
exit exit 0
} }
# Delete log only in Normal Mode ! # Delete log only in Normal Mode !
@ -186,6 +186,7 @@ fi
function fluxion_handle_abort_attack() { function fluxion_handle_abort_attack() {
if [ $(type -t stop_attack) ]; then if [ $(type -t stop_attack) ]; then
stop_attack &> $FLUXIONOutputDevice stop_attack &> $FLUXIONOutputDevice
unprep_attack &> $FLUXIONOutputDevice
else else
echo "Attack undefined, can't stop anything..." > $FLUXIONOutputDevice echo "Attack undefined, can't stop anything..." > $FLUXIONOutputDevice
fi fi
@ -198,6 +199,7 @@ trap fluxion_handle_abort_attack SIGABRT
function fluxion_handle_exit() { function fluxion_handle_exit() {
fluxion_handle_abort_attack fluxion_handle_abort_attack
fluxion_exitmode fluxion_exitmode
exit 1
} }
# In case of unexpected termination, run fluxion_exitmode # In case of unexpected termination, run fluxion_exitmode
@ -559,7 +561,7 @@ function fluxion_run_scanner() {
fi fi
# Begin scanner and output all results to "dump-01.csv." # Begin scanner and output all results to "dump-01.csv."
if ! xterm $FLUXIONHoldXterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2> /dev/null; then if ! xterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2> /dev/null; then
echo -e "$FLUXIONVLine$CRed $FLUXIONGeneralXTermFailureError"; sleep 5; return 1 echo -e "$FLUXIONVLine$CRed $FLUXIONGeneralXTermFailureError"; sleep 5; return 1
fi fi
@ -636,14 +638,18 @@ function fluxion_set_target_ap() {
local i=${#TargetAPCandidatesMAC[@]} local i=${#TargetAPCandidatesMAC[@]}
TargetAPCandidatesMAC[i]=$(echo $candidateAPInfo | cut -d , -f 1) TargetAPCandidatesMAC[i]=$(echo "$candidateAPInfo" | cut -d , -f 1)
TargetAPCandidatesClientsCount[i]=$(echo "${TargetAPCandidatesClients[@]}" | grep -c "${TargetAPCandidatesMAC[i]}") TargetAPCandidatesClientsCount[i]=$(echo "${TargetAPCandidatesClients[@]}" | grep -c "${TargetAPCandidatesMAC[i]}")
TargetAPCandidatesChannel[i]=$(echo $candidateAPInfo | cut -d , -f 4) TargetAPCandidatesChannel[i]=$(echo "$candidateAPInfo" | cut -d , -f 4)
TargetAPCandidatesSecurity[i]=$(echo $candidateAPInfo | cut -d , -f 6) TargetAPCandidatesSecurity[i]=$(echo "$candidateAPInfo" | cut -d , -f 6)
TargetAPCandidatesPower[i]=$(echo $candidateAPInfo | cut -d , -f 9) TargetAPCandidatesPower[i]=$(echo "$candidateAPInfo" | cut -d , -f 9)
TargetAPCandidatesESSID[i]=$(echo $candidateAPInfo | cut -d , -f 14 | tr -d "'" | tr -d "\"" | tr -d "<" | tr -d ">" | tr -d "&")
TargetAPCandidatesColor[i]=$([ ${TargetAPCandidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr) TargetAPCandidatesColor[i]=$([ ${TargetAPCandidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr)
# Parse any non-ascii characters by letting bash handle them.
# Just escape all single quotes in ESSID and let bash's $'...' handle it.
local sanitizedESSID=$(echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14)
TargetAPCandidatesESSID[i]=$(eval "echo \$'$sanitizedESSID'")
local power=${TargetAPCandidatesPower[i]} local power=${TargetAPCandidatesPower[i]}
if [ $power -eq -1 ]; then if [ $power -eq -1 ]; then
# airodump-ng's man page says -1 means unsupported value. # airodump-ng's man page says -1 means unsupported value.
@ -684,9 +690,12 @@ function fluxion_set_target_ap() {
APTargetMakerID=${APTargetMAC:0:8} APTargetMakerID=${APTargetMAC:0:8}
APTargetMaker=$(macchanger -l | grep ${APTargetMakerID,,} | cut -d ' ' -f 5-) APTargetMaker=$(macchanger -l | grep ${APTargetMakerID,,} | cut -d ' ' -f 5-)
# Remove any special characters allowed in WPA2 ESSIDs for normalization. # Sanitize network ESSID to normalize it and make it safe for manipulation.
# Removing: ' ', '[', ']', '(', ')', '*', ':' # Notice: Why remove these? Because some smartass might decide to name their
APTargetSSIDClean="`echo "$APTargetSSID" | sed -r 's/( |\[|\]|\(|\)|\*|:)*//g'`" # network something like "; rm -rf / ;". If the string isn't sanitized accidentally
# shit'll hit the fan and we'll have an extremely distressed person subit an issue.
# Removing: ' ', '/', '.', '~'
APTargetSSIDClean=$(echo "$APTargetSSID" | sed -r 's/( |\/|\.|\~)+/_/g')
# We'll change a single hex digit from the target AP's MAC address. # We'll change a single hex digit from the target AP's MAC address.
# This new MAC address will be used as the rogue AP's MAC address. # This new MAC address will be used as the rogue AP's MAC address.
@ -695,11 +704,14 @@ function fluxion_set_target_ap() {
} }
function fluxion_show_ap_info() { function fluxion_show_ap_info() {
format_apply_autosize "%*s$CBlu%7s$CClr: %-32b%*s\n" format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n"
printf "$FormatApplyAutosize" "" "ESSID" "$APTargetSSID / $APTargetEncryption" "" local colorlessFormat="$FormatApplyAutosize"
printf "$FormatApplyAutosize" "" "Channel" "$APTargetChannel" "" local colorfullFormat=$(echo "$colorlessFormat" | sed -r 's/%-32s/-%32b/g')
printf "$FormatApplyAutosize" "" "BSSID" "$APTargetMAC ($CYel${APTargetMaker:-UNKNOWN}$CClr)" ""
printf "$colorlessFormat" "" "ESSID" "\"$APTargetSSID\" / $APTargetEncryption" ""
printf "$colorlessFormat" "" "Channel" "$APTargetChannel" ""
printf "$colorfullFormat" "" "BSSID" "$APTargetMAC ($CYel${APTargetMaker:-UNKNOWN}$CClr)" ""
echo echo
} }
@ -868,7 +880,7 @@ function fluxion_set_hash() {
###################################### < Attack > ###################################### ###################################### < Attack > ######################################
function fluxion_unset_attack() { function fluxion_unset_attack() {
if [ "$FLUXIONAttack" ] if [ "$FLUXIONAttack" ]
then unprep_attack then unprep_attack
fi fi
FLUXIONAttack="" FLUXIONAttack=""
} }
@ -954,7 +966,7 @@ function fluxion_run_attack() {
stop_attack stop_attack
if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then fluxion_exitmode; fi if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then fluxion_handle_exit; fi
fluxion_unset_attack fluxion_unset_attack
} }

12
lib/HashUtils.sh
View File

@ -14,30 +14,32 @@ function hash_check_handshake() {
local analysis local analysis
local hashData local hashData
echo "Verifier $handshakeVerifier, path $handshakePath, SSID $handshakeAPSSID, MAC $handshakeAPMAC" > $HashOutputDevice echo "Verifier Parameters: $handshakeVerifier, path $handshakePath, SSID \"$handshakeAPSSID\", MAC $handshakeAPMAC" > $HashOutputDevice
case "$handshakeVerifier" in case "$handshakeVerifier" in
"pyrit") "pyrit")
readarray analysis < <(pyrit -r "$handshakePath" analyze 2> $HashOutputDevice) readarray analysis < <(pyrit -r "$handshakePath" analyze 2> $HashOutputDevice)
if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then
echo "pyrit seems to be broken!" echo "Error: pyrit seems to be broken!" > $HashOutputDevice
return 1 return 1
fi fi
local hashMeta=$(echo "${analysis[@]}" | grep "AccessPoint ${handshakeAPMAC,,} ('$handshakeAPSSID')") local hashMeta=$(echo "${analysis[@]}" | grep -F "AccessPoint ${handshakeAPMAC,,} ('$handshakeAPSSID')")
if [ "$hashMeta" ]; then if [ "$hashMeta" ]; then
local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}') local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}')
hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_SHA[0-9]+_AES/{ print \$0 }") hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_SHA[0-9]+_AES/{ print \$0 }")
else
echo "No valid hash meta was found for \"$handshakeAPSSID\"" > $HashOutputDevice
fi;; fi;;
"aircrack-ng") "aircrack-ng")
readarray analysis < <(aircrack-ng "$handshakePath" 2> $HashOutputDevice) readarray analysis < <(aircrack-ng "$handshakePath" 2> $HashOutputDevice)
if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then
echo "aircrack-ng seems to be broken!" echo "Error: aircrack-ng seems to be broken!" > $HashOutputDevice
return 1 return 1
fi fi
hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+$handshakeAPSSID");; hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+" | grep -F "$handshakeAPSSID");;
*) echo "Invalid verifier, quitting!"; return 1;; *) echo "Invalid verifier, quitting!"; return 1;;
esac esac