Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2024-11-25 00:38:24 -05:00
Code Issues Projects Releases Wiki Activity

fragattack: add RT5572 notes

Browse Source
This commit is contained in:
Mathy Vanhoef 2022-01-27 17:15:05 +01:00
parent 0e9ef74801
commit 568d566478
2 changed files with 57 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -467,7 +467,8 @@ In case the test tool doesn't appear to be working, check the following:
1. Check that no other process is using the network card (e.g. kill your network manager).
2. If everything worked previously, try unplugging your Wi-Fi dongle, restart your computer or virtual
machine, and then try again.
machine, and then try again. Also try to disable hardware encryption using the `disable-hwcrypto.sh`
script (reboot your computer after executing this script).
3. Assure the device you are testing doesn't enter a sleep state (causing it to miss injected frames).
I recommend running the test tool in [mixed mode](#id-mixed-mode) since this better handles clients
@ -940,6 +941,15 @@ I tested the Intel AX200 and found that it is _not_ compatible with the test too
after injecting a frame with the More Fragments flag set. If an Intel developer is reading this, please
update the firmware and make it possible to inject fragmented frames.
### RT5572-based chips
I tested this chipset using the general [CSL USB 2.0 WLAN Adapter 300Mbit adapter](http://www.amazon.de/dp/B00LLIOT34?tag=modwiffir-20).
After disabling hardware decryption by executing the `disable-hwcrypto.sh` script I was able to perform
a basic ping test (`ping`). A fragmented ping test (`ping I,E,E`) was very unreliable but sometimes worked.
The current conclusion is that RT5572 chips _might_ work with the test tool after disabling hardware
encryption. But extra experiments are needed to confirm this (feedback is welcome).
<a id="id-hwsim-details"></a>
## 9.9. Hwsim mode details

46
research/disable-hwcrypto.sh Executable file
View File

@ -0,0 +1,46 @@
#!/bin/bash
# Copyright (c) 2017, Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
#
# This code may be distributed under the terms of the BSD license.
# See README for more details.
set -e
NOHWCRYPT="ath5k ath9k ath9k_htc rt2800usb carl9170 b43 p54common rt2500usb rt2800pci rt73usb"
SWCRYPTO="iwlwifi iwl3945 iwl4965"
HWCRYPTO="ipw2200"
MODFILE="/etc/modprobe.d/nohwcrypt.conf"
# 0. Check if we have root privileges
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
# 1. Create nohwcrypt.conf options file
rm $MODFILE 2> /dev/null || true
for MODULE in $NOHWCRYPT
do echo "options $MODULE nohwcrypt=1" >> $MODFILE; done
for MODULE in $SWCRYPTO
do echo "options $MODULE swcrypto=1" >> $MODFILE; done
for MODULE in $HWCRYPTO
do echo "options $MODULE hwcrypto=0" >> $MODFILE; done
# 2. Remove loaded modules so they'll reload parameters. Note that modules that
# are in use by others won't be removed (e.g. iwlwifi won't be removed).
for MODULE in $NOHWCRYPT $SWCRYPTO $HWCRYPTO
do rmmod $MODULE 2> /dev/null || true; done
# 3. Done. To be sure parameters are reloaded, reboot computer.
echo "Created config file $MODFILE to disable hardware decryption."
echo "Reboot your computer to apply the changes."