Merge pull request #473 from FluxionNetwork/resumable-attacks

Resumable attacks

attacks/Captive Portal/attack.sh

@@ -24,6 +24,8 @@ CaptivePortalGatewayNetwork=${CaptivePortalGatewayAddress%.*}
 # ============== < Captive Portal Subroutines > ============== #
 # ============================================================ #
 captive_portal_unset_jammer_interface() {
+  CaptivePortalJammerInterfaceOriginal=""
+
   if [ ! "$CaptivePortalJammerInterface" ]; then return 1; fi
   CaptivePortalJammerInterface=""
 
@@ -38,20 +40,18 @@ captive_portal_unset_jammer_interface() {
 captive_portal_set_jammer_interface() {
   if [ "$CaptivePortalJammerInterface" ]; then return 0; fi
 
-
-  if [ ! "$CaptivePortalUninitializedJammerInterface" ]; then
+  if [ ! "$CaptivePortalJammerInterfaceOriginal" ]; then
     echo "Running get jammer interface." > $FLUXIONOutputDevice
     if ! fluxion_get_interface attack_targetting_interfaces \
       "$CaptivePortalJammerInterfaceQuery"; then
       echo "Failed to get jammer interface" > $FLUXIONOutputDevice
       return 1
     fi
-    local selectedInterface=$FluxionInterfaceSelected
-  else
-    local selectedInterface=$CaptivePortalUninitializedJammerInterface
-    unset CaptivePortalUninitializedJammerInterface
+    CaptivePortalJammerInterfaceOriginal=$FluxionInterfaceSelected
   fi
 
+  local selectedInterface=$CaptivePortalJammerInterfaceOriginal
+
   if ! fluxion_allocate_interface $selectedInterface; then
     echo "Failed to allocate jammer interface" > $FLUXIONOutputDevice
     return 2
@@ -71,6 +71,8 @@ captive_portal_ap_interfaces() {
 }
 
 captive_portal_unset_ap_interface() {
+  CaptivePortalAccessPointInterfaceOriginal=""
+
   if [ ! "$CaptivePortalAccessPointInterface" ]; then return 1; fi
   if [ "$CaptivePortalAccessPointInterface" = \
     "${CaptivePortalJammerInterface}v" ]; then
@@ -86,19 +88,18 @@ captive_portal_unset_ap_interface() {
 captive_portal_set_ap_interface() {
   if [ "$CaptivePortalAccessPointInterface" ]; then return 0; fi
 
-  if [ ! "$CaptivePortalUninitializedAccessPointInterface" ]; then
+  if [ ! "$CaptivePortalAccessPointInterfaceOriginal" ]; then
     echo "Running get ap interface." > $FLUXIONOutputDevice
     if ! fluxion_get_interface captive_portal_ap_interfaces \
       "$CaptivePortalAccessPointInterfaceQuery"; then
       echo "Failed to get ap interface" > $FLUXIONOutputDevice
       return 1
     fi
-    local selectedInterface=$FluxionInterfaceSelected
-  else
-    local selectedInterface=$CaptivePortalUninitializedAccessPointInterface
-    unset CaptivePortalUninitializedAccessPointInterface
+    CaptivePortalAccessPointInterfaceOriginal=$FluxionInterfaceSelected
   fi
 
+  local selectedInterface=$CaptivePortalAccessPointInterfaceOriginal
+
   if ! fluxion_allocate_interface $selectedInterface; then
     echo "Failed to allocate ap interface" > $FLUXIONOutputDevice
     return 2
@@ -140,9 +141,15 @@ function captive_portal_unset_ap_service() {
 }
 
 function captive_portal_set_ap_service() {
-  if [ "$CaptivePortalAPService" ]; then return 0; fi
+  if [ "$CaptivePortalAPService" ]; then
+    if ! type -t ap_service_start; then
+      # AP Service: Load the service's helper routines.
+      source "lib/ap/$CaptivePortalAPService.sh"
+    fi
+    return 0
+  fi
   if ! interface_is_wireless "$CaptivePortalAccessPointInterface"; then
-    return 0;
+    return 0
   fi
 
   captive_portal_unset_ap_service
@@ -205,9 +212,15 @@ captive_portal_unset_authenticator() {
 
 captive_portal_set_authenticator() {
   if [ "$CaptivePortalAuthenticatorMode" ]; then
-    echo "Captive Portal authentication mode is already set, skipping!" \
-      > $FLUXIONOutputDevice
-    return 0
+    case "$CaptivePortalAuthenticatorMode" in
+      "hash")
+        if [ "$CaptivePortalHashPath" ]; then
+          echo "Captive Portal authentication mode is already set, skipping!" \
+            > $FLUXIONOutputDevice
+          return 0
+        fi
+        ;;
+    esac
   fi
 
   captive_portal_unset_authenticator
@@ -277,7 +290,7 @@ captive_portal_set_authenticator() {
 captive_portal_run_certificate_generator() {
   xterm -bg "#000000" -fg "#CCCCCC" \
     -title "Generating Self-Signed SSL Certificate" -e openssl req \
-    -subj '/CN=captive.router.lan/O=CaptivePortal/OU=Networking/C=US' \
+    -subj '/CN=captive.gateway.lan/O=CaptivePortal/OU=Networking/C=US' \
     -new -newkey rsa:2048 -days 365 -nodes -x509 \
     -keyout "$FLUXIONWorkspacePath/server.pem" \
     -out "$FLUXIONWorkspacePath/server.pem"
@@ -299,7 +312,10 @@ captive_portal_unset_certificate() {
 
 # Create Self-Signed SSL Certificate
 captive_portal_set_certificate() {
-  if [ "$CaptivePortalSSL" ]; then
+  if [ \
+      "$CaptivePortalSSL" = "disabled" -o \
+      "$CaptivePortalSSL" = "enabled" -a \
+      -f "$FLUXIONWorkspacePath/server.pem" ]; then
     echo "Captive Portal SSL mode already set to $CaptivePortalSSL!" \
       > $FLUXIONOutputDevice
     return 0
@@ -323,6 +339,18 @@ captive_portal_set_certificate() {
     return 0
   fi
 
+
+  # Check if we're restoring and we need to re-create certificate.
+  if [ "$CaptivePortalSSL" = "enabled" ]; then
+    if ! captive_portal_run_certificate_generator; then
+      fluxion_conditional_bail "cert-gen failed!"
+      return 2
+    fi
+    CaptivePortalSSL="enabled"
+    return 0
+  fi
+
+
   if [ "$FLUXIONAuto" ]; then
     CaptivePortalSSL="disabled"
   else
@@ -1251,6 +1279,41 @@ prep_attack() {
   CaptivePortalState="Ready"
 }
 
+load_attack() {
+  local -r configurationPath=$1
+
+  local configuration
+  readarray -t configuration < <(more "$configurationPath")
+
+  CaptivePortalJammerInterfaceOriginal=${configuration[0]}
+  CaptivePortalAccessPointInterfaceOriginal=${configuration[1]}
+  CaptivePortalAPService=${configuration[2]}
+  CaptivePortalAuthenticatorMode=${configuration[3]}
+  CaptivePortalSSL=${configuration[4]}
+  CaptivePortalConnectivity=${configuration[5]}
+  CaptivePortalUserInterface=${configuration[6]}
+
+  # Hash authenticator mode configuration.
+  CaptivePortalHashPath=${configuration[7]}
+}
+
+save_attack() {
+  local -r configurationPath=$1
+
+  # Store/overwrite attack configuration for pause & resume.
+  # Order: JammerWI, APWI, APServ, AuthMode, SSL, Conn, UI
+  echo "$CaptivePortalJammerInterfaceOriginal" > "$configurationPath"
+  echo "$CaptivePortalAccessPointInterfaceOriginal" >> "$configurationPath"
+  echo "$CaptivePortalAPService" >> "$configurationPath"
+  echo "$CaptivePortalAuthenticatorMode" >> "$configurationPath"
+  echo "$CaptivePortalSSL" >> "$configurationPath"
+  echo "$CaptivePortalConnectivity" >> "$configurationPath"
+  echo "$CaptivePortalUserInterface" >> "$configurationPath"
+
+  # Hash authenticator mode configuration.
+  echo "$CaptivePortalHashPath" >> "$configurationPath"
+}
+
 stop_attack() {
   # Attempt to find PIDs of any running authenticators.
   local authenticatorPID=$(ps a | grep -vE "xterm|grep" | grep captive_portal_authenticator.sh | awk '{print $1}')

attacks/Handshake Snooper/attack.sh

@@ -222,6 +222,8 @@ handshake_snooper_set_deauthenticator_identifier() {
 }
 
 handshake_snooper_unset_jammer_interface() {
+  HandshakeSnooperJammerInterfaceOriginal=""
+
   if [ ! "$HandshakeSnooperJammerInterface" ]; then return 1; fi
   HandshakeSnooperJammerInterface=""
 
@@ -238,19 +240,18 @@ handshake_snooper_set_jammer_interface() {
   #if [ "$HandshakeSnooperDeauthenticatorIdentifier" = \
   #  "$HandshakeSnooperMonitorMethodOption" ]; then return 0; fi
 
-  if [ ! "$HandshakeSnooperUninitializedJammerInterface" ]; then
+  if [ ! "$HandshakeSnooperJammerInterfaceOriginal" ]; then
     echo "Running get jammer interface." > $FLUXIONOutputDevice
     if ! fluxion_get_interface attack_targetting_interfaces \
       "$HandshakeSnooperJammerInterfaceQuery"; then
       echo "Failed to get jammer interface" > $FLUXIONOutputDevice
       return 1
     fi
-    local selectedInterface=$FluxionInterfaceSelected
-  else
-    local selectedInterface=$HandshakeSnooperUninitializedJammerInterface
-    unset HandshakeSnooperUninitializedJammerInterface
+    HandshakeSnooperJammerInterfaceOriginal=$FluxionInterfaceSelected
   fi
 
+  local selectedInterface=$HandshakeSnooperJammerInterfaceOriginal
+
   if ! fluxion_allocate_interface $selectedInterface; then
     echo "Failed to allocate jammer interface" > $FLUXIONOutputDevice
     return 2
@@ -424,31 +425,6 @@ prep_attack() {
 
   IOUtilsHeader="handshake_snooper_header"
 
-  local -r attackPath="$FLUXIONPath/attacks/Handshake Snooper"
-
-  # Attempt loading configuration if one is available.
-  # TODO: Enable this by removing extraneous " -a ! " when properly implemented.
-  if [ -f "$attackPath/attack.conf" -a ! ]; then
-    local choice=${1:+Y}
-    # TODO: This doesn't translate choices to the selected language.
-    while ! echo "$choice" | grep -q "^[ynYN]$" &> /dev/null; do
-      echo -ne "$FLUXIONVLine Would you like to repeat the last attack? [Y/n] "
-      read choice
-      if [ ! "$choice" ]; then break; fi
-    done
-
-    if [ "${choice,,}" != "n" ]; then
-      local configuration
-      readarray -t configuration < <(more "$attackPath/attack.conf")
-
-      HandshakeSnooperDeauthenticatorIdentifier=${configuration[0]}
-      HandshakeSnooperJammerInterface=${configuration[1]}
-      HandshakeSnooperVerifierIdentifier=${configuration[2]}
-      HandshakeSnooperVerifierInterval=${configuration[3]}
-      HandshakeSnooperVerifierSynchronicity=${configuration[4]}
-    fi
-  fi
-
   # Removed read-only due to local constant shadowing bug.
   # I've reported the bug, we can add it when fixed.
   local sequence=(
@@ -463,15 +439,32 @@ prep_attack() {
     return 1
   fi
 
+  HandshakeSnooperState="Ready"
+}
+
+load_attack() {
+  local -r configurationPath=$1
+
+  local configuration
+  readarray -t configuration < <(more "$configurationPath")
+
+  HandshakeSnooperDeauthenticatorIdentifier=${configuration[0]}
+  HandshakeSnooperJammerInterfaceOriginal=${configuration[1]}
+  HandshakeSnooperVerifierIdentifier=${configuration[2]}
+  HandshakeSnooperVerifierInterval=${configuration[3]}
+  HandshakeSnooperVerifierSynchronicity=${configuration[4]}
+}
+
+save_attack() {
+  local -r configurationPath=$1
+
   # Store/overwrite attack configuration for pause & resume.
   # Order: DeauthID, JammerWI, VerifId, VerifInt, VerifSync
-  echo "$HandshakeSnooperDeauthenticatorIdentifier" > "$attackPath/attack.conf"
-  echo "$HandshakeSnooperJammerInterface" >> "$attackPath/attack.conf"
-  echo "$HandshakeSnooperVerifierIdentifier" >> "$attackPath/attack.conf"
-  echo "$HandshakeSnooperVerifierInterval" >> "$attackPath/attack.conf"
-  echo "$HandshakeSnooperVerifierSynchronicity" >> "$attackPath/attack.conf"
-
-  HandshakeSnooperState="Ready"
+  echo "$HandshakeSnooperDeauthenticatorIdentifier" > "$configurationPath"
+  echo "$HandshakeSnooperJammerInterfaceOriginal" >> "$configurationPath"
+  echo "$HandshakeSnooperVerifierIdentifier" >> "$configurationPath"
+  echo "$HandshakeSnooperVerifierInterval" >> "$configurationPath"
+  echo "$HandshakeSnooperVerifierSynchronicity" >> "$configurationPath"
 }
 
 stop_attack() {

fluxion.sh

@@ -450,6 +450,26 @@ fluxion_handle_target_change() {
   FluxionTargetChannel=${targetInfo[2]}
 
   FluxionTargetSSIDClean=$(fluxion_target_normalize_SSID)
+
+  if ! stop_attack; then
+    fluxion_conditional_bail "Target tracker failed to stop attack."
+  fi
+
+  if ! unprep_attack; then
+    fluxion_conditional_bail "Target tracker failed to unprep attack."
+  fi
+
+  if ! load_attack "$FLUXIONPath/attacks/$FluxionAttack/attack.conf"; then
+    fluxion_conditional_bail "Target tracker failed to load attack."
+  fi
+
+  if ! prep_attack; then
+    fluxion_conditional_bail "Target tracker failed to prep attack."
+  fi
+
+  if ! fluxion_run_attack; then
+    fluxion_conditional_bail "Target tracker failed to start attack."
+  fi
 }
 
 # If target monitoring enabled, act on changes.
@@ -1699,10 +1719,14 @@ fluxion_unprep_attack() {
 
   IOUtilsHeader="fluxion_header"
 
-  # Remove any lingering targetting loaded subroutines
+  # Remove any lingering targetting subroutines loaded.
   unset attack_targetting_interfaces
   unset attack_tracking_interfaces
 
+  # Remove any lingering restoration subroutines loaded.
+  unset load_attack
+  unset save_attack
+
   FluxionTargetTrackerInterface=""
 
   return 1 # Trigger another undo since prep isn't significant.
@@ -1736,11 +1760,34 @@ fluxion_prep_attack() {
 
   # Check if attack provides tracking interfaces, get & set one.
   # TODO: Uncomment the lines below after implementation.
-  #if type -t attack_tracking_interfaces &> /dev/null; then
-  #  if ! fluxion_target_set_tracker; then return 4; fi
-  #fi
+  if type -t attack_tracking_interfaces &> /dev/null; then
+    if ! fluxion_target_set_tracker; then return 4; fi
+  fi
+
+  # If attack is capable of restoration, check for configuration.
+  if type -t load_attack &> /dev/null; then
+    # If configuration file available, check if user wants to restore.
+    if [ -f "$path/attack.conf" ]; then
+      local choice="?"
+      # TODO: This doesn't translate choices to the selected language.
+      while ! echo "$choice" | grep -q "^[ynYN]$" &> /dev/null; do
+        echo -ne "$FLUXIONVLine Would you like to repeat the last attack? [Y/n] "
+        read choice
+        if [ ! "$choice" ]; then break; fi
+      done
+
+      if [ "${choice,,}" != "n" ]; then
+        load_attack "$path/attack.conf"
+      fi
+    fi
+  fi
 
   if ! prep_attack; then return 5; fi
+
+  # Save the attack for user's convenience if possible.
+  if type -t save_attack &> /dev/null; then
+    save_attack "$path/attack.conf"
+  fi
 }
 
 fluxion_run_attack() {