mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
fragattack: minor tweaks to README and tool output
This commit is contained in:
parent
25066d096d
commit
d10941c8bc
@ -24,20 +24,24 @@ the paper also briefly discusses the applicability of the attacks against WEP.
|
||||
|
||||
- Tool will automatically quit after a test completed or timed out.
|
||||
|
||||
- Tool detects if the 4-way handshake is looping or if there is not replly to a rekey request (`--rekey-req`).
|
||||
- Tool detects if the 4-way handshake is looping or if there is no reply to a rekey request (`--rekey-req`).
|
||||
|
||||
- When using an external DHCP server, the tool will now send rekey EAPOL frames with as destination address
|
||||
the AP (instead of the DHCP server).
|
||||
- When using an external DHCP server, the tool will now always send EAPOL frames with as destination address
|
||||
the AP (instead of the DHCP server). This is important in mixed key and cache attack tests when using an
|
||||
external DHCP server.
|
||||
|
||||
- When acting as a client, the tool will send EAPOL Rekey Request with a Replay Counter of one instead of zero.
|
||||
- When testing an AP using `--rekey-req` the tool will now send EAPOL Rekey Request with a Replay Counter of
|
||||
one instead of zero.
|
||||
|
||||
- Debug output now shows the correct (group) key when encrypting broadcast/multicast frames. This does not
|
||||
influence any test results, it only changes the output of the test tool.
|
||||
|
||||
- Clarified that all commands can test both clients and APs unless noted otherwise.
|
||||
- Clarified that all commands in this README can test both clients and APs unless noted otherwise.
|
||||
|
||||
- Clarified the description of cache attacks, Broadcast fragment, and A-MSDU EAPOL attack tests in this README.
|
||||
|
||||
- Clarified that it's important to test both the 2.4 and 5 GHz band in this README.
|
||||
|
||||
**Version 1.1 (20 October 2020)**:
|
||||
|
||||
- Fixed a bug where the command `ping I,E,D` would send a normal encrypted ping request. It now sends an
|
||||
@ -592,7 +596,8 @@ these alternative mixed key attack tests. Some remarks:
|
||||
driver. These routers perform the rekey handshake in plaintext, and the client can actively request a rekey handshake.
|
||||
|
||||
- `ping I,E,F,AE --rekey-early-install`: A low number of clients (incorrectly) install the key too early during
|
||||
a pairwise session rekey. To reliably test these clients, add the `--rekey-early-install` parameter.
|
||||
a pairwise session rekey. To reliably test these clients, add the `--rekey-early-install` parameter. This test
|
||||
is not meaningfull against APs.
|
||||
|
||||
Finally, in case the test `ping-frag-sep` doesn't succeed, you should try the following mixed key attack test:
|
||||
|
||||
|
@ -165,7 +165,7 @@ def args2msdu(args):
|
||||
return None
|
||||
|
||||
if __name__ == "__main__":
|
||||
parser = argparse.ArgumentParser(description=f"Test for fragmentation vulnerabilities (v{FRAGVERSION} - {FRAGDATE}).")
|
||||
parser = argparse.ArgumentParser(description=f"Test for fragmentation vulnerabilities (version {FRAGVERSION}).")
|
||||
parser.add_argument('iface', help="Interface to use for the tests.")
|
||||
parser.add_argument('testname', help="Name or identifier of the test to run.")
|
||||
parser.add_argument('actions', nargs='?', help="Optional textual descriptions of actions")
|
||||
@ -240,7 +240,7 @@ if __name__ == "__main__":
|
||||
change_log_level(-options.debug)
|
||||
|
||||
# Now start the tests --- TODO: Inject Deauths before connecting with client...
|
||||
log(STATUS, f"This is fragattack version {FRAGVERSION} - {FRAGDATE}.")
|
||||
log(STATUS, f"This is fragattack version {FRAGVERSION}.")
|
||||
if options.ap:
|
||||
daemon = Authenticator(options)
|
||||
else:
|
||||
|
@ -12,7 +12,6 @@ from scapy.contrib.wpa_eapol import WPA_key
|
||||
from scapy.arch.common import get_if_raw_hwaddr
|
||||
|
||||
FRAGVERSION = "1.2"
|
||||
FRAGDATE = "27 October 2020"
|
||||
|
||||
# ----------------------------------- Utility Commands -----------------------------------
|
||||
|
||||
@ -631,7 +630,7 @@ class Station():
|
||||
if not self.test.requires_manual_check():
|
||||
log(ERROR, ">>> Test timed out! Retry to be sure, or manually check result.")
|
||||
else:
|
||||
log(STATUS, "Closing down. Remember to manually check whether test succeeded or not.")
|
||||
log(STATUS, "Closing down. Remember to manually check whether the test succeeded or not.")
|
||||
self.stop_test()
|
||||
|
||||
# ----------------------------------- Client and AP Daemons -----------------------------------
|
||||
|
Loading…
Reference in New Issue
Block a user