fragattack: update to README and small script fix

research/README.md

@@ -1,13 +1,24 @@
 # Usage
 
-Install the dependencies in `../../requirements.txt`. Then you can run
+## Installation
-`./inject.py interface tests` where the first argument is the interface
+
-to use. This inferface should NOT be set to monitor mode (the script will
+1. Install the dependencies in `../../requirements.txt`.
-handle this). The second parameter is the test to execute.
+
+2. Compile the modified `hostapd` and `wpa_supplicant` using `cd research && ./build.sh`.
+   If this fails install the required dependencies. The build.sh script is also very
+   trivial so you can manually execute each command in that script to see
+   where it fails and how to fix it.
+
+
+## Example Usage
+
+Then you can run `./fragattack.py interface tests` where the first argument
+is the interface to use. This inferface should NOT be set to monitor mode
+(the script will handle this). The second parameter is the test to execute.
 
 You can first execute a simple ping to see if everything is working:
 
-	./inject.py wlan0 ping --ip 192.168.100.10 --peerip 192.168.100.1
+	./fragattack.py wlan0 ping --ip 192.168.100.10 --peerip 192.168.100.1
 
 Here `peerip` is the IP address of the AP/router we are testing, and `ip`
 denotes the IP address we are assignment to the client. Edit the file

research/build.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+set -e
+
+cd ../hostapd
+cp defconfig .config
+make clean
+make -j2
+
+cd ../wpa_supplicant
+cp defconfig .config
+make clean
+make -j2
+

research/fragattack.py

@@ -107,7 +107,7 @@ class Action():
 	# Reconnect: force a reconnect
 	GetIp, Rekey, Reconnect, Roam, Inject, Func = range(6)
 
-	def __init__(self, trigger, action=Inject, func=None, enc=False, frame=None, inc_pn=1, delay=None):
+	def __init__(self, trigger, action=Inject, func=None, enc=False, frame=None, inc_pn=1, delay=None, wait=None):
 		self.trigger = trigger
 		self.action = action
 		self.func = func
@@ -115,6 +115,13 @@ class Action():
 		if self.func != None:
 			self.action = Action.Func
 
+		# Take into account default wait values. A wait value of True means the next
+		# Action will not be immediately executed if it has the same trigger (instead
+		# we have to wait on a new trigger e.g. after rekey, reconnect, roam).
+		self.wait = wait
+		if self.wait == None:
+			self.wait = action in [Action.Rekey, Action.Reconnect, Action.Roam]
+
 		# Specific to fragment injection
 		self.encrypted = enc
 		self.inc_pn = inc_pn
@@ -548,17 +555,17 @@ class Station():
 			elif act.action == Action.Rekey:
 				# Force rekey as AP, wait on rekey as client
 				self.daemon.rekey(self)
-				break
+				if act.wait: break
 
 			elif act.action == Action.Roam:
 				# Roam as client, TODO XXX what was AP?
 				self.daemon.roam(self)
-				break
+				if act.wait: break
 
 			elif act.action == Action.Reconnect:
 				# Full reconnect as AP, reassociation as client
 				self.daemon.reconnect(self)
-				#break
+				if act.wait: break
 
 			elif act.action == Action.Inject:
 				if act.delay != None: