?? airdecap-ng.c
字號:
B0[0] &= 0x07; B0[14] = B0[15] = 0; aes_encrypt( &aes_ctx, B0, B ); XOR( h80211 + caplen - 8, B, 8 ); blocks = ( data_len + 16 - 1 ) / 16; last = data_len % 16; offset = z + 8; for( i = 1; i <= blocks; i++ ) { n = ( last > 0 && i == blocks ) ? last : 16; B0[14] = ( i >> 8 ) & 0xFF; B0[15] = i & 0xFF; aes_encrypt( &aes_ctx, B0, B ); XOR( h80211 + offset, B, n ); XOR( MIC, h80211 + offset, n ); aes_encrypt( &aes_ctx, MIC, MIC ); offset += n; } return( memcmp( h80211 + offset, MIC, 8 ) == 0 );}struct decap_stats{ unsigned long nb_read; /* # of packets read */ unsigned long nb_wep; /* # of WEP data packets */ unsigned long nb_wpa; /* # of WPA data packets */ unsigned long nb_plain; /* # of plaintext packets */ unsigned long nb_unwep; /* # of decrypted WEP pkt */ unsigned long nb_unwpa; /* # of decrypted WPA pkt */}stats;struct options{ int no_convert; char essid[36]; char passphrase[65]; uchar bssid[6]; uchar pmk[40]; uchar wepkey[64]; int weplen, crypt;}opt;uchar buffer[65536];/* this routine handles to 802.11 to Ethernet translation */int write_packet( FILE *f_out, struct pcap_pkthdr *pkh, uchar *h80211 ){ int n; uchar arphdr[12]; if( opt.no_convert ) { if( buffer != h80211 ) memcpy( buffer, h80211, pkh->caplen ); } else { /* create the Ethernet link layer (MAC dst+src) */ switch( h80211[1] & 3 ) { case 0: /* To DS = 0, From DS = 0: DA, SA, BSSID */ memcpy( arphdr + 0, h80211 + 4, 6 ); memcpy( arphdr + 6, h80211 + 10, 6 ); break; case 1: /* To DS = 1, From DS = 0: BSSID, SA, DA */ memcpy( arphdr + 0, h80211 + 16, 6 ); memcpy( arphdr + 6, h80211 + 10, 6 ); break; case 2: /* To DS = 0, From DS = 1: DA, BSSID, SA */ memcpy( arphdr + 0, h80211 + 4, 6 ); memcpy( arphdr + 6, h80211 + 16, 6 ); break; default: /* To DS = 1, From DS = 1: RA, TA, DA, SA */ memcpy( arphdr + 0, h80211 + 16, 6 ); memcpy( arphdr + 6, h80211 + 24, 6 ); break; } /* remove the 802.11 + LLC header */ if( ( h80211[1] & 3 ) != 3 ) { pkh->len -= 24 + 6; pkh->caplen -= 24 + 6; memcpy( buffer + 12, h80211 + 30, pkh->caplen ); } else { pkh->len -= 30 + 6; pkh->caplen -= 30 + 6; memcpy( buffer + 12, h80211 + 36, pkh->caplen ); } memcpy( buffer, arphdr, 12 ); pkh->len += 12; pkh->caplen += 12; } n = sizeof( struct pcap_pkthdr ); if( fwrite( pkh, 1, n, f_out ) != (size_t) n ) { perror( "fwrite(packet header) failed" ); return( 1 ); } n = pkh->caplen; if( fwrite( buffer, 1, n, f_out ) != (size_t) n ) { perror( "fwrite(packet data) failed" ); return( 1 ); } return( 0 );}int main( int argc, char *argv[] ){ time_t tt; uint magic; char *s, buf[128]; FILE *f_in, *f_out; unsigned long crc; int i = 0, n, z, linktype; uchar ZERO[32], *h80211; uchar bssid[6], stmac[6]; struct ST_info *st_1st; struct ST_info *st_cur; struct ST_info *st_prv; struct pcap_file_header pfh; struct pcap_pkthdr pkh; /* parse the arguments */ memset( ZERO, 0, sizeof( ZERO ) ); memset( &opt, 0, sizeof( opt ) ); while( 1 ) { int option = getopt( argc, argv, "lb:k:e:p:w:" ); if( option < 0 ) break; switch( option ) { case 'l' : opt.no_convert = 1; break; case 'b' : i = 0; s = optarg; while( sscanf( s, "%x", &n ) == 1 ) { if( n < 0 || n > 255 ) { printf( "Invalid BSSID (not a MAC).\n" ); return( 1 ); } opt.bssid[i] = n; if( ++i > 6 ) break; if( ! ( s = strchr( s, ':' ) ) ) break; s++; } if( i != 6 ) { printf( "Invalid BSSID (not a MAC).\n" ); return( 1 ); } break; case 'k' : if( opt.crypt != CRYPT_NONE ) { printf( "Encryption key already specified.\n" ); return( 1 ); } opt.crypt = CRYPT_WPA; i = 0; s = optarg; buf[0] = s[0]; buf[1] = s[1]; buf[2] = '\0'; while( sscanf( buf, "%x", &n ) == 1 ) { if( n < 0 || n > 255 ) { printf( "Invalid WPA PMK.\n" ); return( 1 ); } opt.pmk[i++] = n; if( i >= 32 ) break; s += 2; if( s[0] == ':' || s[0] == '-' ) s++; if( s[0] == '\0' || s[1] == '\0' ) break; buf[0] = s[0]; buf[1] = s[1]; } if( i != 32 ) { printf( "Invalid WPA PMK.\n" ); return( 1 ); } break; case 'e' : if ( opt.essid[0]) { printf( "ESSID already specified.\n" ); return( 1 ); } memset( opt.essid, 0, sizeof( opt.essid ) ); strncpy( opt.essid, optarg, sizeof( opt.essid ) - 1 ); break; case 'p' : if( opt.crypt != CRYPT_NONE ) { printf( "Encryption key already specified.\n" ); return( 1 ); } opt.crypt = CRYPT_WPA; memset( opt.passphrase, 0, sizeof( opt.passphrase ) ); strncpy( opt.passphrase, optarg, sizeof( opt.passphrase ) - 1 ); break; case 'w' : if( opt.crypt != CRYPT_NONE ) { printf( "Encryption key already specified.\n" ); return( 1 ); } opt.crypt = CRYPT_WEP; i = 0; s = optarg; buf[0] = s[0]; buf[1] = s[1]; buf[2] = '\0'; while( sscanf( buf, "%x", &n ) == 1 ) { if( n < 0 || n > 255 ) { printf( "Invalid WEP key.\n" ); return( 1 ); } opt.wepkey[i++] = n; if( i >= 64 ) break; s += 2; if( s[0] == ':' || s[0] == '-' ) s++; if( s[0] == '\0' || s[1] == '\0' ) break; buf[0] = s[0]; buf[1] = s[1]; } if( i != 5 && i != 13 && i != 16 && i != 29 && i != 61 ) { printf( "Invalid WEP key length.\n" ); return( 1 ); } opt.weplen = i; break; default : goto usage; } } if( argc - optind != 1 ) { usage: printf( usage, getVersion("Airdecap-ng", _MAJ, _MIN, _SUB_MIN, _BETA) ); return( 1 ); } if( opt.crypt == CRYPT_WPA ) { if( opt.passphrase[0] != '\0' ) { /* compute the Pairwise Master Key */ if( opt.essid[0] == '\0' ) { printf( "You must also specify the ESSID (-e).\n" ); return( 1 ); } calc_pmk( opt.passphrase, opt.essid, opt.pmk ); } } /* open the input and output pcap files */ if( ( f_in = fopen( argv[optind], "rb" ) ) == NULL ) { perror( "fopen failed\n" ); printf( "Could not open \"%s\".\n", argv[optind] ); return( 1 ); } n = sizeof( pfh ); if( fread( &pfh, 1, n, f_in ) != (size_t) n ) { perror( "fread(pcap file header) failed" ); return( 1 ); } if( pfh.magic != TCPDUMP_MAGIC && pfh.magic != TCPDUMP_CIGAM ) { printf( "\"%s\" isn't a pcap file (expected " "TCPDUMP_MAGIC).\n", argv[optind] ); return( 1 ); } if( ( magic = pfh.magic ) == TCPDUMP_CIGAM ) SWAP32( pfh.linktype ); if( pfh.linktype != LINKTYPE_IEEE802_11 && pfh.linktype != LINKTYPE_PRISM_HEADER && pfh.linktype != LINKTYPE_RADIOTAP_HDR ) { printf( "\"%s\" isn't a regular 802.11 " "(wireless) capture.\n", argv[optind] ); return( 1 ); } linktype = pfh.linktype; n = strlen( argv[optind] ); if( n > 4 && ( n + 5 < (int) sizeof( buffer ) ) && argv[optind][n - 4] == '.' ) { memcpy( buffer, argv[optind], n - 4 );?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -