Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2024-11-25 00:38:24 -05:00
Code Issues Projects Releases Wiki Activity

fragattacks: always encrypt EAPOL Request frames

Browse Source 
When the parameter --rekey-plaintext is used, the rekey 4-way handshake
itself should be sent in plaintext. But possible EAPOL Request frames,
which ask the AP for a new 4-way handshake, should ideally still be sent
using encryption.

This patch assures that EAPOL (Rekey) Request frames are always sent
encrypted, even when --rekey-plaintext is used.
This commit is contained in:
Mathy Vanhoef 2023-10-11 22:42:55 +02:00
parent c894c820ff
commit 6fd347ee1c
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
research/fraginternals.py
View File

@ -535,7 +535,12 @@ class Station():
# - Send with high priority, otherwise Action.AfterAuth might be send before # - Send with high priority, otherwise Action.AfterAuth might be send before
# the EAPOL frame by the Wi-Fi chip. # the EAPOL frame by the Wi-Fi chip.
# - Some routers such as the RT-AC51U do the 4-way rekey HS in plaintext. # - Some routers such as the RT-AC51U do the 4-way rekey HS in plaintext.
self.send_mon(eapol, plaintext=self.options.rekey_plaintext)
plaintext = self.options.rekey_plaintext
if WPA_key in eapol and eapol[WPA_key].key_info & 2048:
plaintext = False
self.send_mon(eapol, plaintext=plaintext)
def perform_actions(self, trigger, **kwargs): def perform_actions(self, trigger, **kwargs):
result = None result = None