From 6420cc13148b81b8b8e55460e4393f64f4bdfa65 Mon Sep 17 00:00:00 2001 From: Mathy Vanhoef Date: Sun, 13 Jun 2021 17:46:33 +0400 Subject: [PATCH] fragattacks: add pcap for cache attack with full reconnect --- example-pcaps/README.md | 4 +++- .../ping_I_E_R_E__full-recon-fromclient.pcapng | Bin 0 -> 27692 bytes 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 example-pcaps/ping_I_E_R_E__full-recon-fromclient.pcapng diff --git a/example-pcaps/README.md b/example-pcaps/README.md index b0ae3ee90..727706e84 100644 --- a/example-pcaps/README.md +++ b/example-pcaps/README.md @@ -14,7 +14,9 @@ Note that the captures were made on the same network card that was injecting pac ## Cache attacks -- `ping_I_E_R_E-fromclient.pcapng`: used command was `ping I,E,R,E`. Frame 69 contains the first fragment encrypted under TK `dda31c8516b9d92581fc17e4a8f1b47b`. Frame 72 and 74 shows that the client is reassociating. Frame 98 contains the second fragmented encrypted under TK `b4d1a94a4d126dbd39ec3557969f430b`. The ping reply is contained in frame 101. +- `ping_I_E_R_E-fromclient.pcapng`: used command was `ping I,E,R,E`. Frame 69 contains the first fragment encrypted under TK `dda31c8516b9d92581fc17e4a8f1b47b`. Frame 72 and 74 shows that the client is reassociating. Frame 98 contains the second fragment encrypted under TK `b4d1a94a4d126dbd39ec3557969f430b`. The ping reply is contained in frame 101. + +- `ping_I_E_R_E__full-recon-fromclient.pcapng`: used command was `ping I,E,R,E --full-recon`. Frame 63 contains the first fragmented encrypted under TK `7911b7173daf49c898fa42119232885e`. Frame 66 shows the deauthentication frame, and frames 67 and 71 show that the client is authenticating and reassociating. Frame 107 contains the second fragment encrypted under TK `292184b9c862a4b640d4c920aba35a48`. The ping reply is contained in frame 110. ## Non-consecutive PNs attack diff --git a/example-pcaps/ping_I_E_R_E__full-recon-fromclient.pcapng b/example-pcaps/ping_I_E_R_E__full-recon-fromclient.pcapng new file mode 100644 index 0000000000000000000000000000000000000000..afa2e0c7559e5d551ea23883be1301cf9edcb730 GIT binary patch literal 27692 zcmeHw2|QHa`~Mw=Y-Pw2DU*uG9@)#55K<|m#Tv3rvb5RCGSNa(@{x#2DD-JxiL^;b zi%`}`DcY2z-#K%qTr+d~@L9g!&-ed#UYz zOmPDE{7z47hz4Tj8{p%&LDzABu|;g*?O7 z)8B2qhm*gTEP0lqn&NEojQO4cWEVdlAMi1Imb!+Mi;9}Ey0fM%;0i$?kB~oOKw*Fo zgov;qT!@dKZ?LzMuL?K#l^cA^htoE^0$$4rhzKhJX^ae2WTE9r=_Zhegdk%PVmKS9 z7bJZ^s4S48JAn^m(0n(zl)%MCBr1c4DsQD<0tO)=$TUPrA4w3(6@P< z40gBElQswm!huEg;y>-;2PtH8O6W;51VpD_%JQQI*IyLD^A3{H=iK zcOW&4upodi>51@;p=B5j%0i$pe;!2e#}RZS3?d&+E6U4(Ad>|*HB10{$pR z1IW;572>R_gqV*LLU<5)!Y!aE9Ecb)hI8IhGGXlGYkY--qFH_4`Pd;9fohPx?+wQX z;W9=DY$P3ozz)%>;@UJJr{%n`wu9Y6-|OR~NmGysi=DhZeZ9ywZZ00ae%^lW8|C4^ zp(p}`BZB#X9E0YWnE)~^TYU;B!G->#A!sdal z2q3&@4F=XrR;xm#nZk!E#UR{c5I!S*z;(kEgs&ZkA$KOo-WKJq4=V@@C4NG1V67KS{NJ69Au9n1Xp1f&UwZ^762kp~5K`kQv@#)KqK1sAFvgi5gSiFnT zyQdghqVqN(?UZ-FK=5zboby{Kne|!cbr(G})NFTFs4YD0TykXLO%G~QYjn66<;&Xw10k<*l9Q@A_P*NA znQGl`B-?Z)aj)_hR{XnjMd0#(UTL`eBYKr|{yD{s3zV(=gi>Et+d7mqotkfz-|a!Z zmlS!U-+k^O<0;MeU7l*zwp%nBCt2M5ct&)7-)hYxekDjzKVi1$y@KB#^y~HotA3s! zR_vUq7;0HHMGZe41l=?K8L!LeGgM{(oq_IOJYj{@!xZhdydq= zFKF>!_l$xGXkD;Q?AY17$wwP+>pfry%zfS3j|GxO{PzK9m6@MmemCVy?3QVI>C= zxE9JG%X0kQK{;T@!C|3jeY|nd9*=FO4%AbJGY%?kcO;-?N5{cPe27*n#ddHUoCXqx z362B4wdMK%G6d2P`w35(?WZ!E3iLojC$&SD0a!cgVS5=JqRpZuHlTB0-U>`LAGsOp#wOF#3 zW7}FeJ-BUKYGT_)?M>xR`#$WpwewfWv1~hdV7w7tzm*OC*|zscO~-9pe;&4NbZq>c z{f;+L!);sK?C)tA*YWSZdlmlm=sX8hIzwW-JPFO9a;DQMYI|1uII(0pO*(Lw)G z35PpK&;}?}A2&S#@{ky9fNCBV7gQgqY^>r7cx_G&J2+Bz5!jK{Y)C8uV-A=Isk>s? zOVo_pvPkLII$F=ZR<`k+nx^;3aKa4f0CK4G3$)lsj()}U5}-Wn2ed1<=-0yja3fu& zN5DBGXp5jCDI-*1pqQN{Sggi!9mqxi<>`r#zu!W0iRBsH+ZsI+qj!9nD^<58W1v{+ zU0cDIf|ZjF9{*7g@3YsyZ|s9t&p&%`5b`&Ws^20atQ{}79`X;|J9LR&4$ zx*z+sE;#z2lfChF$;^wZi5ag2n+e@XXOhQ1TlXd2^!NJ{Gfg|zAo7_Fjir)$9|}7Z z0jIG4P!8pQV1jsV|E^>PWsS;v9Ke%?(HIWmzZ+B72iO;ET-4XEVum+AuzNtqR5^{i z2-rVp18cyM)%>*peh(6qkGes=*=~@B^hf$m8mjNB+1Lm59nKE^Qqu12NcKsY#N855 zT$8_OrU0l6@(E>dnqD#Fw|3q+vqW$X2|@lC&;K;fkXOia9%K(B$n$*dOJ+Mj9ufo3 z21D%%ZB!)7OUWzH$TH3FZQ^><%#MKE%s;tS2y6s9#~tE8pgL8Pbc3yuEpr& zuWUHk?tl|oc2p-vqLZ#G#&r$qBo>#l0%Us z%Y&PqRN6XL-;2@v;8CHkRgkFN96jc7@$+ZxFDQ|3WbKsM`D%7_c6e+wX*}qXT=}6W zjQsI7FoD@*|LfwPjOH^@$3av+~-f(i?6#3yzun0Eu3B_?f%`b^itn0 zHUcd>s+S|t%SwSz?Loc7+KZqFhjnK)fdngE^ zq5a|nei3WOK7YyGhKEa6(RvIn=svn|a6R*yLb%;UA9RFe>`%cr2ReV@pWg@m!jfA$ro}<)|v(S zc}D4e+eFPTH_LHPOAG9syP5n%JZ;`UQp;wm{>+UZy+t(NuD^aY!YR6KdS!WZZ)MKR z1qKR)R^sD3l&`v?tsk>{t)X5IU#rC(Sh_!UlHT0j>{8d~-*!GNwQbSuE6BK3 zo+7w>--&0}b-vaN^foU4mR%uBu-2Qiak-Ox@jAOuAuf5-h3{+^9kX~cRVDn^;!Sc_ zE_y%Q{m@fvU~P#blrbCw6q;O7S?`)D7i|sBAq|<2ax%_GN98?Ic|$ovd1Kc`4Xx#( z@#5r}egUY>q0Os*y*Ap4!SIFrrsz^|4vF#JPh=3iPFkFd)=4!SdQT4B&rAl_0&d|4 zVyZ~pI=RG`z<$0_vc((da?Gx!D?cwmV`y6)8 ze7z}8uz-7A9v_jvlb zl8z(f&W#*=hbSLB$EpNyCHo)PA2{cg{MJjt&&xz-5e9x+<9D(^t4LUD%|Jn0qT2ob zMO@2fuQLd?3iq2+fB#V64dT9Hep5k>4T@&Rx-R|M*1X zFLw?Ho)s|EYRn7zV5A>kdXEyJ{48E>e56!Kv1Dk`J*9+z+}Z9)7PYHZT;VyrICRU& zU{$pm5su>q^^d-;k+wQ;-z51U;klf;nnAAHw&GV}*^UDjg8V~-<(CDpO!0kvPJzxDHeu{-8{T;FeQ6Fp+nG!bs%vcyx$q|8&Yrn%wM z56txD9qWep{}!vzdr#|Na?kW_m()0qUU<9pLZ}MS6=DnZ#v4Kb610iNN@dYzAPx=2*Xn21O(vUqwmEe^5 zwx~WEJFvhA8?26253CQX^OxjmadqDQH)h`P?gy-Z4S)oBtm=3ctqbyy80C?limel! z8%82`hV1tv0uhu3w`RdQA;00Yv4hrKA7K=;3Yr>ECynRA?-(qeJ0snP+=1AWb>yR;OQd=YP4C4EJd2hq zs#;%OA3R?{O4wS|{VxA+4_a0>edaShlsY@YVVR~hZ>K_nukdlA{4&kphspPBQ;R#x z*Cj1ucSS_zW`#{lvPob3Aj-)6W=W{m()<&`FG$b*J$I@q87?+{q@`8Z6`8b3!nF5> z$|3&gF9bGn7&wRIjz7KEtm}QkZ;020g;egt#dDtO-Fm;zvN_^b3g7LO_g6)C>CAy!|a~U&d z&4G`$+z9uAk4p2zzl`C_bo2_|m*czGK4sy_=-bb~mC5fG=$LbTcl&gSir>YqZRkH< zaVq7TDusjSs?a|Yy{@(!!0Wsci;}juy#SE_`3tQ!?%d zU(V`ur>n%(+4*%h`aIPO#hV-1Cm-Wg={4C>RkV^v{z=2ju8p}-rxs~vv$eWSb2`Eg`BWX#I0+ep zr&^Ov^aqc-Xs}XTys(=`^0T)^(u>GPrJy$04s0&~5KOQ=JLgH%MIaA}!EXF5ZNjz~ z$H{R6Nh;nrnf7-06oM$OKU_p=|f5x)YQ%pb}5~Do`*nzFH z5&Yf=_HPZ1TTxM1BkbUTX&EGySE6iiuR69Jr%#%=?MzExZin@=0giwNxa(z~*r9!c z?OX=mzy$kqJtQP01>_+O;s&y0K+L#NXnU{e-~Z=!V1wrs0Xv+4YyiOoc^5hyf{Sl; zCbNuc;Dvwitc-A|a4O#V$}7SqX;{S{@7XA_+eI%sy1p`!^_2@(eiI#BU%~E;mvT%< z#oHU-B*l!2^3T20sIsC*%Kv|R<8^L_DFK~jwKv{jdwQw^_ze=HE%Q=fmg%4^!|qQH z|JC03ngbVoSnf~f_b$L~+eC#$+duIfcH2*lg!Z#+n~m=pZrifz|7_b)XDe{q*3$ZC z+b-Gh61VNnxqpA#l{CFVZMEx1!NYL>H6%t|JG^@{lU-%K2U{Opi`nZtbPu+9va0>J zlCnp{XBBA_#)RqKXD7l7A6=IY$#oL_z1{D z!o=?&Mr00Vtid`6Mw^E2jpv)N@TH|!PtuOM8y=dH$MTQwm3uSq>w#VM`lSb*EpmUf zNo$7HLEz?;4ZWeCZdA6K4J5hFDMkOu*^a|&c^^6vvzkMq+?j{O$X)7Jd)CTCFK#bDnK32(?FqaIXI z6f*JjK(v1NdQd>?E871zIp$fzeKx>x=y?BopA8UBx<3BM*pSR#5=Di(dZ!TJ5%LLT za2mt!-ZP7{SUnp6_ENI6QU7V4A+LZoonP>JK ziI_SVKVaiJ#e-{3;^ER(5IRg;y6s{M(Xyksj06{+>&hXlaanLV{4^de90uVST^?y`yf%l?WzWV8m6iM~q^47P~G((krKz z{WUH>-^BE1URl8U+0-HLE2PbW@L!a`_~L>eFNk9K4yOM{-&eTSv4I0%$m)HCLc8|i z>VjH1Ru`Uv8lKYbyEE$oS??*m?5HmM%imX6nENCeqYGF+IxeE;BA&e_w_|kyy>A*0 z>S2y=NcLs)vcJ}afBt=K|6A)LNKd=upuNW8A{BD32oDzyr)?N}{VQC^_Br&jqqvO3 zkA4f40~?ee9-KhmvAA@ttt!LAh1e50Ok9-hv*~3=aTy6N@j>ri58{HIr>@lsxx;Fn zN?_V+imtDa0j@uuXR4SOD77hF@PTgKu`IW>-v`<_WM)5KCOZ%_JMCuP>(IiuF?Ic9 znSiczGo}80<%I#4=QUB~Z%X923Y*WfNb%8hs+GU?-oeY=R!5z8&T>4xWQ&L%re5mXAElQa)yt9SrGkV5 zSO8{aFD5B+Jix=HokYdpg2r0mKrfm7tF`?O0krHWE+fHZ*7P!*^#h4pQ)=;W=}O-| zOk5o86Ee`UqqvL&mt51`xva;F*ir50c(}AF$6;{!Rop|dk5fU*j^Z*BT(qd0zy_Wl zc8mgS5lry@g}9V>6N~+J4EHY3{dNXmza5dj-!4lp|6W@*r}`zWfvU{)V`a~XZ0Fch zXtXR^XZAt+w8kkuB+^>aF|Q6G1|PTxYhQ_%XN)pwa-?P)#48> z-4uCAdUYaeK+UI#dy%>2qiZV_*CCKU*mqM{7f7)0_B))L;GRH8L-v;yfm7yNvf*qX zc!Jk6%5c{iXIvSI-NKGv)Zf*BI{s*{SO4kKS9mtz)0$lvn}EL4JsecY>_g-2gWS=w z|81Lq{7>D(ca|yzH=BOg1Z>P{*>a!<4;PcR-56Yc72BlSzoM5N#bqS6`p~MiXISGR zc>7o{9xnUWC17y*)w8Ds_B#G(*->0Zf=g2LS0C26$hKeohKCCWArXViV_?A^!`DT! zuwzB`IrOrlxQqms-0rh$P+Z`;xHlk}j+AmB7Ax$t2#5q?K>Yc~Nj35#&=~g&=W&JT}2L{tq