mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 08:48:31 -05:00
449 lines
19 KiB
Plaintext
449 lines
19 KiB
Plaintext
wpa_supplicant for Windows
|
|
==========================
|
|
|
|
Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> and
|
|
contributors
|
|
All Rights Reserved.
|
|
|
|
This program is dual-licensed under both the GPL version 2 and BSD
|
|
license. Either license may be used at your option.
|
|
|
|
This product includes software developed by the OpenSSL Project
|
|
for use in the OpenSSL Toolkit (http://www.openssl.org/)
|
|
|
|
|
|
wpa_supplicant has support for being used as a WPA/WPA2/IEEE 802.1X
|
|
Supplicant on Windows. The current port requires that WinPcap
|
|
(http://winpcap.polito.it/) is installed for accessing packets and the
|
|
driver interface. Both release versions 3.0 and 3.1 are supported.
|
|
|
|
The current port is still somewhat experimental. It has been tested
|
|
mainly on Windows XP (SP2) with limited set of NDIS drivers. In
|
|
addition, the current version has been reported to work with Windows
|
|
2000.
|
|
|
|
All security modes have been verified to work (at least complete
|
|
authentication and successfully ping a wired host):
|
|
- plaintext
|
|
- static WEP / open system authentication
|
|
- static WEP / shared key authentication
|
|
- IEEE 802.1X with dynamic WEP keys
|
|
- WPA-PSK, TKIP, CCMP, TKIP+CCMP
|
|
- WPA-EAP, TKIP, CCMP, TKIP+CCMP
|
|
- WPA2-PSK, TKIP, CCMP, TKIP+CCMP
|
|
- WPA2-EAP, TKIP, CCMP, TKIP+CCMP
|
|
|
|
|
|
Binary version
|
|
--------------
|
|
|
|
Compiled binary version of the wpa_supplicant and additional tools is
|
|
available from http://w1.fi/wpa_supplicant/. These binaries can be
|
|
used after installing WinPcap.
|
|
|
|
wpa_gui uses Qt 4 framework and may need additional dynamic libraries
|
|
(DLLs). These libraries are available from
|
|
http://w1.fi/wpa_supplicant/qt4/wpa_gui-qt433-windows-dll.zip
|
|
You can copy the DLL files from this ZIP package into the same directory
|
|
with wpa_gui.exe to allow wpa_gui to be started.
|
|
|
|
|
|
Building wpa_supplicant with mingw
|
|
----------------------------------
|
|
|
|
The default build setup for wpa_supplicant is to use MinGW and
|
|
cross-compiling from Linux to MinGW/Windows. It should also be
|
|
possible to build this under Windows using the MinGW tools, but that
|
|
is not tested nor supported and is likely to require some changes to
|
|
the Makefile unless cygwin is used.
|
|
|
|
|
|
Building wpa_supplicant with MSVC
|
|
---------------------------------
|
|
|
|
wpa_supplicant can be built with Microsoft Visual C++ compiler. This
|
|
has been tested with Microsoft Visual C++ Toolkit 2003 and Visual
|
|
Studio 2005 using the included nmake.mak as a Makefile for nmake. IDE
|
|
can also be used by creating a project that includes the files and
|
|
defines mentioned in nmake.mak. Example VS2005 solution and project
|
|
files are included in vs2005 subdirectory. This can be used as a
|
|
starting point for building the programs with VS2005 IDE.
|
|
|
|
WinPcap development package is needed for the build and this can be
|
|
downloaded from http://www.winpcap.org/install/bin/WpdPack_3_1.zip. The
|
|
default nmake.mak expects this to be unpacked into C:\dev\WpdPack so
|
|
that Include and Lib directories are in this directory. The files can be
|
|
stored elsewhere as long as the WINPCAPDIR in nmake.mak is updated to
|
|
match with the selected directory. In case a project file in the IDE is
|
|
used, these Include and Lib directories need to be added to project
|
|
properties as additional include/library directories.
|
|
|
|
OpenSSL source package can be downloaded from
|
|
http://www.openssl.org/source/openssl-0.9.8b.tar.gz and built and
|
|
installed following instructions in INSTALL.W32. Note that if EAP-FAST
|
|
support will be included in the wpa_supplicant, OpenSSL needs to be
|
|
patched to# support it openssl-tls-extensions.patch. The example
|
|
nmake.mak file expects OpenSSL to be installed into C:\dev\openssl, but
|
|
this directory can be modified by changing OPENSSLDIR variable in
|
|
nmake.mak.
|
|
|
|
If you do not need EAP-FAST support, you may also be able to use Win32
|
|
binary installation package of OpenSSL from
|
|
http://www.slproweb.com/products/Win32OpenSSL.html instead of building
|
|
the library yourself. In this case, you will need to copy Include and
|
|
Lib directories in suitable directory, e.g., C:\dev\openssl for the
|
|
default nmake.mak. Copy {Win32OpenSSLRoot}\include into
|
|
C:\dev\openssl\include and make C:\dev\openssl\lib subdirectory with
|
|
files from {Win32OpenSSLRoot}\VC (i.e., libeay*.lib and ssleay*.lib).
|
|
This will end up using dynamically linked OpenSSL (i.e., .dll files are
|
|
needed) for it. Alternative, you can copy files from
|
|
{Win32OpenSSLRoot}\VC\static to create a static build (no OpenSSL .dll
|
|
files needed).
|
|
|
|
|
|
Building wpa_supplicant for cygwin
|
|
----------------------------------
|
|
|
|
wpa_supplicant can be built for cygwin by installing the needed
|
|
development packages for cygwin. This includes things like compiler,
|
|
make, openssl development package, etc. In addition, developer's pack
|
|
for WinPcap (WPdpack.zip) from
|
|
http://winpcap.polito.it/install/default.htm is needed.
|
|
|
|
.config file should enable only one driver interface,
|
|
CONFIG_DRIVER_NDIS. In addition, include directories may need to be
|
|
added to match the system. An example configuration is available in
|
|
defconfig. The library and include files for WinPcap will either need
|
|
to be installed in compiler/linker default directories or their
|
|
location will need to be adding to .config when building
|
|
wpa_supplicant.
|
|
|
|
Othen than this, the build should be more or less identical to Linux
|
|
version, i.e., just run make after having created .config file. An
|
|
additional tool, win_if_list.exe, can be built by running "make
|
|
win_if_list".
|
|
|
|
|
|
Building wpa_gui
|
|
----------------
|
|
|
|
wpa_gui uses Qt application framework from Trolltech. It can be built
|
|
with the open source version of Qt4 and MinGW. Following commands can
|
|
be used to build the binary in the Qt 4 Command Prompt:
|
|
|
|
# go to the root directory of wpa_supplicant source code
|
|
cd wpa_gui-qt4
|
|
qmake -o Makefile wpa_gui.pro
|
|
make
|
|
# the wpa_gui.exe binary is created into 'release' subdirectory
|
|
|
|
|
|
Using wpa_supplicant for Windows
|
|
--------------------------------
|
|
|
|
wpa_supplicant, wpa_cli, and wpa_gui behave more or less identically to
|
|
Linux version, so instructions in README and example wpa_supplicant.conf
|
|
should be applicable for most parts. In addition, there is another
|
|
version of wpa_supplicant, wpasvc.exe, which can be used as a Windows
|
|
service and which reads its configuration from registry instead of
|
|
text file.
|
|
|
|
When using access points in "hidden SSID" mode, ap_scan=2 mode need to
|
|
be used (see wpa_supplicant.conf for more information).
|
|
|
|
Windows NDIS/WinPcap uses quite long interface names, so some care
|
|
will be needed when starting wpa_supplicant. Alternatively, the
|
|
adapter description can be used as the interface name which may be
|
|
easier since it is usually in more human-readable
|
|
format. win_if_list.exe can be used to find out the proper interface
|
|
name.
|
|
|
|
Example steps in starting up wpa_supplicant:
|
|
|
|
# win_if_list.exe
|
|
ifname: \Device\NPF_GenericNdisWanAdapter
|
|
description: Generic NdisWan adapter
|
|
|
|
ifname: \Device\NPF_{769E012B-FD17-4935-A5E3-8090C38E25D2}
|
|
description: Atheros Wireless Network Adapter (Microsoft's Packet Scheduler)
|
|
|
|
ifname: \Device\NPF_{732546E7-E26C-48E3-9871-7537B020A211}
|
|
description: Intel 8255x-based Integrated Fast Ethernet (Microsoft's Packet Scheduler)
|
|
|
|
|
|
Since the example configuration used Atheros WLAN card, the middle one
|
|
is the correct interface in this case. The interface name for -i
|
|
command line option is the full string following "ifname:" (the
|
|
"\Device\NPF_" prefix can be removed). In other words, wpa_supplicant
|
|
would be started with the following command:
|
|
|
|
# wpa_supplicant.exe -i'{769E012B-FD17-4935-A5E3-8090C38E25D2}' -c wpa_supplicant.conf -d
|
|
|
|
-d optional enables some more debugging (use -dd for even more, if
|
|
needed). It can be left out if debugging information is not needed.
|
|
|
|
With the alternative mechanism for selecting the interface, this
|
|
command has identical results in this case:
|
|
|
|
# wpa_supplicant.exe -iAtheros -c wpa_supplicant.conf -d
|
|
|
|
|
|
Simple configuration example for WPA-PSK:
|
|
|
|
#ap_scan=2
|
|
ctrl_interface=
|
|
network={
|
|
ssid="test"
|
|
key_mgmt=WPA-PSK
|
|
proto=WPA
|
|
pairwise=TKIP
|
|
psk="secret passphrase"
|
|
}
|
|
|
|
(remove '#' from the comment out ap_scan line to enable mode in which
|
|
wpa_supplicant tries to associate with the SSID without doing
|
|
scanning; this allows APs with hidden SSIDs to be used)
|
|
|
|
|
|
wpa_cli.exe and wpa_gui.exe can be used to interact with the
|
|
wpa_supplicant.exe program in the same way as with Linux. Note that
|
|
ctrl_interface is using UNIX domain sockets when built for cygwin, but
|
|
the native build for Windows uses named pipes and the contents of the
|
|
ctrl_interface configuration item is used to control access to the
|
|
interface. Anyway, this variable has to be included in the configuration
|
|
to enable the control interface.
|
|
|
|
|
|
Example SDDL string formats:
|
|
|
|
(local admins group has permission, but nobody else):
|
|
|
|
ctrl_interface=SDDL=D:(A;;GA;;;BA)
|
|
|
|
("A" == "access allowed", "GA" == GENERIC_ALL == all permissions, and
|
|
"BA" == "builtin administrators" == the local admins. The empty fields
|
|
are for flags and object GUIDs, none of which should be required in this
|
|
case.)
|
|
|
|
(local admins and the local "power users" group have permissions,
|
|
but nobody else):
|
|
|
|
ctrl_interface=SDDL=D:(A;;GA;;;BA)(A;;GA;;;PU)
|
|
|
|
(One ACCESS_ALLOWED ACE for GENERIC_ALL for builtin administrators, and
|
|
one ACCESS_ALLOWED ACE for GENERIC_ALL for power users.)
|
|
|
|
(close to wide open, but you have to be a valid user on
|
|
the machine):
|
|
|
|
ctrl_interface=SDDL=D:(A;;GA;;;AU)
|
|
|
|
(One ACCESS_ALLOWED ACE for GENERIC_ALL for the "authenticated users"
|
|
group.)
|
|
|
|
This one would allow absolutely everyone (including anonymous
|
|
users) -- this is *not* recommended, since named pipes can be attached
|
|
to from anywhere on the network (i.e. there's no "this machine only"
|
|
like there is with 127.0.0.1 sockets):
|
|
|
|
ctrl_interface=SDDL=D:(A;;GA;;;BU)(A;;GA;;;AN)
|
|
|
|
(BU == "builtin users", "AN" == "anonymous")
|
|
|
|
See also [1] for the format of ACEs, and [2] for the possible strings
|
|
that can be used for principal names.
|
|
|
|
[1]
|
|
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/ace_strings.asp
|
|
[2]
|
|
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/sid_strings.asp
|
|
|
|
|
|
Starting wpa_supplicant as a Windows service (wpasvc.exe)
|
|
---------------------------------------------------------
|
|
|
|
wpa_supplicant can be started as a Windows service by using wpasvc.exe
|
|
program that is alternative build of wpa_supplicant.exe. Most of the
|
|
core functionality of wpasvc.exe is identical to wpa_supplicant.exe,
|
|
but it is using Windows registry for configuration information instead
|
|
of a text file and command line parameters. In addition, it can be
|
|
registered as a service that can be started automatically or manually
|
|
like any other Windows service.
|
|
|
|
The root of wpa_supplicant configuration in registry is
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant. This level includes global
|
|
parameters and a 'interfaces' subkey with all the interface configuration
|
|
(adapter to confname mapping). Each such mapping is a subkey that has
|
|
'adapter', 'config', and 'ctrl_interface' values.
|
|
|
|
This program can be run either as a normal command line application,
|
|
e.g., for debugging, with 'wpasvc.exe app' or as a Windows service.
|
|
Service need to be registered with 'wpasvc.exe reg <full path to
|
|
wpasvc.exe>'. Alternatively, 'wpasvc.exe reg' can be used to register
|
|
the service with the current location of wpasvc.exe. After this, wpasvc
|
|
can be started like any other Windows service (e.g., 'net start wpasvc')
|
|
or it can be configured to start automatically through the Services tool
|
|
in administrative tasks. The service can be unregistered with
|
|
'wpasvc.exe unreg'.
|
|
|
|
If the service is set to start during system bootup to make the
|
|
network connection available before any user has logged in, there may
|
|
be a long (half a minute or so) delay in starting up wpa_supplicant
|
|
due to WinPcap needing a driver called "Network Monitor Driver" which
|
|
is started by default on demand.
|
|
|
|
To speed up wpa_supplicant start during system bootup, "Network
|
|
Monitor Driver" can be configured to be started sooner by setting its
|
|
startup type to System instead of the default Demand. To do this, open
|
|
up Device Manager, select Show Hidden Devices, expand the "Non
|
|
Plug-and-Play devices" branch, double click "Network Monitor Driver",
|
|
go to the Driver tab, and change the Demand setting to System instead.
|
|
|
|
Configuration data is in HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs
|
|
key. Each configuration profile has its own key under this. In terms of text
|
|
files, each profile would map to a separate text file with possibly multiple
|
|
networks. Under each profile, there is a networks key that lists all
|
|
networks as a subkey. Each network has set of values in the same way as
|
|
network block in the configuration file. In addition, blobs subkey has
|
|
possible blobs as values.
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs\test\networks\0000
|
|
ssid="example"
|
|
key_mgmt=WPA-PSK
|
|
|
|
See win_example.reg for an example on how to setup wpasvc.exe
|
|
parameters in registry. It can also be imported to registry as a
|
|
starting point for the configuration.
|
|
|
|
|
|
|
|
License information for third party software used in this product:
|
|
|
|
OpenSSL License
|
|
---------------
|
|
|
|
/* ====================================================================
|
|
* Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
*
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
*
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in
|
|
* the documentation and/or other materials provided with the
|
|
* distribution.
|
|
*
|
|
* 3. All advertising materials mentioning features or use of this
|
|
* software must display the following acknowledgment:
|
|
* "This product includes software developed by the OpenSSL Project
|
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
*
|
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
* endorse or promote products derived from this software without
|
|
* prior written permission. For written permission, please contact
|
|
* openssl-core@openssl.org.
|
|
*
|
|
* 5. Products derived from this software may not be called "OpenSSL"
|
|
* nor may "OpenSSL" appear in their names without prior written
|
|
* permission of the OpenSSL Project.
|
|
*
|
|
* 6. Redistributions of any form whatsoever must retain the following
|
|
* acknowledgment:
|
|
* "This product includes software developed by the OpenSSL Project
|
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
* ====================================================================
|
|
*
|
|
* This product includes cryptographic software written by Eric Young
|
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
* Hudson (tjh@cryptsoft.com).
|
|
*
|
|
*/
|
|
|
|
Original SSLeay License
|
|
-----------------------
|
|
|
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
* All rights reserved.
|
|
*
|
|
* This package is an SSL implementation written
|
|
* by Eric Young (eay@cryptsoft.com).
|
|
* The implementation was written so as to conform with Netscapes SSL.
|
|
*
|
|
* This library is free for commercial and non-commercial use as long as
|
|
* the following conditions are aheared to. The following conditions
|
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
* included with this distribution is covered by the same copyright terms
|
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
*
|
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
* the code are not to be removed.
|
|
* If this package is used in a product, Eric Young should be given attribution
|
|
* as the author of the parts of the library used.
|
|
* This can be in the form of a textual message at program startup or
|
|
* in documentation (online or textual) provided with the package.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
* must display the following acknowledgement:
|
|
* "This product includes cryptographic software written by
|
|
* Eric Young (eay@cryptsoft.com)"
|
|
* The word 'cryptographic' can be left out if the rouines from the library
|
|
* being used are not cryptographic related :-).
|
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
* the apps directory (application code) you must include an acknowledgement:
|
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*
|
|
* The licence and distribution terms for any publically available version or
|
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
* copied and put under another distribution licence
|
|
* [including the GNU Public Licence.]
|
|
*/
|
|
|
|
|
|
|
|
Qt Open Source Edition
|
|
----------------------
|
|
|
|
The Qt GUI Toolkit is Copyright (C) 1994-2007 Trolltech ASA.
|
|
Qt Open Source Edition is licensed under GPL version 2.
|
|
|
|
Source code for the library is available at
|
|
http://w1.fi/wpa_supplicant/qt4/qt-win-opensource-src-4.3.3.zip
|