Added support for UTF-8 ESSIDs & bug fixes.

Added support for ESSIDs containing non-ASCII and other special characters.
Fixed a bug which would prevent exiting when the debug flag was active.
Fixed a bug where attacks' unprep_attack wasn't being called on abort.
Fixed a bug where fluxion_show_ap_info was escaping some ESSIDs.

Added better logging messages to HashUtils.
Added support for special characters to HashUtils.
This commit is contained in:
Matias Barcenas 2017-12-21 20:43:50 -06:00
parent 3df7ec512d
commit 33a22c1eaa
2 changed files with 35 additions and 21 deletions

View File

@ -156,7 +156,7 @@ function fluxion_exitmode() {
clear
exit
exit 0
}
# Delete log only in Normal Mode !
@ -186,6 +186,7 @@ fi
function fluxion_handle_abort_attack() {
if [ $(type -t stop_attack) ]; then
stop_attack &> $FLUXIONOutputDevice
unprep_attack &> $FLUXIONOutputDevice
else
echo "Attack undefined, can't stop anything..." > $FLUXIONOutputDevice
fi
@ -198,6 +199,7 @@ trap fluxion_handle_abort_attack SIGABRT
function fluxion_handle_exit() {
fluxion_handle_abort_attack
fluxion_exitmode
exit 1
}
# In case of unexpected termination, run fluxion_exitmode
@ -559,7 +561,7 @@ function fluxion_run_scanner() {
fi
# Begin scanner and output all results to "dump-01.csv."
if ! xterm $FLUXIONHoldXterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2> /dev/null; then
if ! xterm -title "$FLUXIONScannerHeader" $TOPLEFTBIG -bg "#000000" -fg "#FFFFFF" -e "airodump-ng -Mat WPA "${2:+"--channel $2"}" "${3:+"--band $3"}" -w \"$FLUXIONWorkspacePath/dump\" $1" 2> /dev/null; then
echo -e "$FLUXIONVLine$CRed $FLUXIONGeneralXTermFailureError"; sleep 5; return 1
fi
@ -636,14 +638,18 @@ function fluxion_set_target_ap() {
local i=${#TargetAPCandidatesMAC[@]}
TargetAPCandidatesMAC[i]=$(echo $candidateAPInfo | cut -d , -f 1)
TargetAPCandidatesMAC[i]=$(echo "$candidateAPInfo" | cut -d , -f 1)
TargetAPCandidatesClientsCount[i]=$(echo "${TargetAPCandidatesClients[@]}" | grep -c "${TargetAPCandidatesMAC[i]}")
TargetAPCandidatesChannel[i]=$(echo $candidateAPInfo | cut -d , -f 4)
TargetAPCandidatesSecurity[i]=$(echo $candidateAPInfo | cut -d , -f 6)
TargetAPCandidatesPower[i]=$(echo $candidateAPInfo | cut -d , -f 9)
TargetAPCandidatesESSID[i]=$(echo $candidateAPInfo | cut -d , -f 14 | tr -d "'" | tr -d "\"" | tr -d "<" | tr -d ">" | tr -d "&")
TargetAPCandidatesChannel[i]=$(echo "$candidateAPInfo" | cut -d , -f 4)
TargetAPCandidatesSecurity[i]=$(echo "$candidateAPInfo" | cut -d , -f 6)
TargetAPCandidatesPower[i]=$(echo "$candidateAPInfo" | cut -d , -f 9)
TargetAPCandidatesColor[i]=$([ ${TargetAPCandidatesClientsCount[i]} -gt 0 ] && echo $CGrn || echo $CClr)
# Parse any non-ascii characters by letting bash handle them.
# Just escape all single quotes in ESSID and let bash's $'...' handle it.
local sanitizedESSID=$(echo "${candidateAPInfo//\'/\\\'}" | cut -d , -f 14)
TargetAPCandidatesESSID[i]=$(eval "echo \$'$sanitizedESSID'")
local power=${TargetAPCandidatesPower[i]}
if [ $power -eq -1 ]; then
# airodump-ng's man page says -1 means unsupported value.
@ -684,9 +690,12 @@ function fluxion_set_target_ap() {
APTargetMakerID=${APTargetMAC:0:8}
APTargetMaker=$(macchanger -l | grep ${APTargetMakerID,,} | cut -d ' ' -f 5-)
# Remove any special characters allowed in WPA2 ESSIDs for normalization.
# Removing: ' ', '[', ']', '(', ')', '*', ':'
APTargetSSIDClean="`echo "$APTargetSSID" | sed -r 's/( |\[|\]|\(|\)|\*|:)*//g'`"
# Sanitize network ESSID to normalize it and make it safe for manipulation.
# Notice: Why remove these? Because some smartass might decide to name their
# network something like "; rm -rf / ;". If the string isn't sanitized accidentally
# shit'll hit the fan and we'll have an extremely distressed person subit an issue.
# Removing: ' ', '/', '.', '~'
APTargetSSIDClean=$(echo "$APTargetSSID" | sed -r 's/( |\/|\.|\~)+/_/g')
# We'll change a single hex digit from the target AP's MAC address.
# This new MAC address will be used as the rogue AP's MAC address.
@ -695,11 +704,14 @@ function fluxion_set_target_ap() {
}
function fluxion_show_ap_info() {
format_apply_autosize "%*s$CBlu%7s$CClr: %-32b%*s\n"
format_apply_autosize "%*s$CBlu%7s$CClr: %-32s%*s\n"
printf "$FormatApplyAutosize" "" "ESSID" "$APTargetSSID / $APTargetEncryption" ""
printf "$FormatApplyAutosize" "" "Channel" "$APTargetChannel" ""
printf "$FormatApplyAutosize" "" "BSSID" "$APTargetMAC ($CYel${APTargetMaker:-UNKNOWN}$CClr)" ""
local colorlessFormat="$FormatApplyAutosize"
local colorfullFormat=$(echo "$colorlessFormat" | sed -r 's/%-32s/-%32b/g')
printf "$colorlessFormat" "" "ESSID" "\"$APTargetSSID\" / $APTargetEncryption" ""
printf "$colorlessFormat" "" "Channel" "$APTargetChannel" ""
printf "$colorfullFormat" "" "BSSID" "$APTargetMAC ($CYel${APTargetMaker:-UNKNOWN}$CClr)" ""
echo
}
@ -868,7 +880,7 @@ function fluxion_set_hash() {
###################################### < Attack > ######################################
function fluxion_unset_attack() {
if [ "$FLUXIONAttack" ]
then unprep_attack
then unprep_attack
fi
FLUXIONAttack=""
}
@ -954,7 +966,7 @@ function fluxion_run_attack() {
stop_attack
if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then fluxion_exitmode; fi
if [ "$choice" = "$FLUXIONGeneralExitOption" ]; then fluxion_handle_exit; fi
fluxion_unset_attack
}

View File

@ -14,30 +14,32 @@ function hash_check_handshake() {
local analysis
local hashData
echo "Verifier $handshakeVerifier, path $handshakePath, SSID $handshakeAPSSID, MAC $handshakeAPMAC" > $HashOutputDevice
echo "Verifier Parameters: $handshakeVerifier, path $handshakePath, SSID \"$handshakeAPSSID\", MAC $handshakeAPMAC" > $HashOutputDevice
case "$handshakeVerifier" in
"pyrit")
readarray analysis < <(pyrit -r "$handshakePath" analyze 2> $HashOutputDevice)
if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then
echo "pyrit seems to be broken!"
echo "Error: pyrit seems to be broken!" > $HashOutputDevice
return 1
fi
local hashMeta=$(echo "${analysis[@]}" | grep "AccessPoint ${handshakeAPMAC,,} ('$handshakeAPSSID')")
local hashMeta=$(echo "${analysis[@]}" | grep -F "AccessPoint ${handshakeAPMAC,,} ('$handshakeAPSSID')")
if [ "$hashMeta" ]; then
local hashID=$(echo "$hashMeta" | awk -F'[ #:]' '{print $3}')
hashData=$(echo "${analysis[@]}" | awk "\$0~/#$hashID: HMAC_SHA[0-9]+_AES/{ print \$0 }")
else
echo "No valid hash meta was found for \"$handshakeAPSSID\"" > $HashOutputDevice
fi;;
"aircrack-ng")
readarray analysis < <(aircrack-ng "$handshakePath" 2> $HashOutputDevice)
if [ "${#analysis[@]}" -eq 0 -o $? != 0 ]; then
echo "aircrack-ng seems to be broken!"
echo "Error: aircrack-ng seems to be broken!" > $HashOutputDevice
return 1
fi
hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+$handshakeAPSSID");;
hashData=$(echo "${analysis[@]}" | grep -E "${handshakeAPMAC^^}\s+" | grep -F "$handshakeAPSSID");;
*) echo "Invalid verifier, quitting!"; return 1;;
esac