Mirrors
/
fluxion
mirror of https://github.com/FluxionNetwork/fluxion.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed a potential resume attack inconsistency bug. 

The Captive Portal attack verifies the restored hash is for fluxion's target.
This commit is contained in:
Matias Barcenas 2018-04-28 22:34:00 -05:00
parent ca455fc29a
commit aceda5940a
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
attacks/Captive Portal/attack.sh
View File

@ -1300,6 +1300,18 @@ load_attack() {
# Hash authenticator mode configuration.
CaptivePortalHashPath=${configuration[7]}
# Target hash information for verification.
local -r targetHashSSID=${configuration[8]}
local -r targetHashMAC=${configuration[9]}
# Assure hash is relevant for fluxion's current target.
# If the hash is no longer relevant, clear to force reset.
if [ \
"$targetHashSSID" != "$FluxionTargetSSID" -o \
"$targetHashMAC" != "$FluxionTargetMAC" ]; then
CaptivePortalHashPath=""
fi
}
save_attack() {
@ -1317,6 +1329,10 @@ save_attack() {
# Hash authenticator mode configuration.
echo "$CaptivePortalHashPath" >> "$configurationPath"
# Target to verify validity of hash on restore.
echo "$FluxionTargetSSID" >> "$configurationPath"
echo "$FluxionTargetMAC" >> "$configurationPath"
}
stop_attack() {