Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 4b78669686
Branches Tags
krackattacks
/
krackattack
/
libwifi
/
crypto.py

crypto.py 4.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169 
  1. #!/usr/bin/env python3
    2. 

  2. import struct, binascii
    3. 

  3. from .wifi import *
    4. 

  4. #from binascii import a2b_hex
    5. 

  5. #from struct import unpack,pack
    6. 

  6. 

  7. from Crypto.Cipher import AES, ARC4
    8. 

  8. from scapy.layers.dot11 import Dot11, Dot11CCMP, Dot11QoS
    9. 

  9. 

  10. import zlib
    11. 

  11. 

  12. def pn2bytes(pn):
    13. 

  13. 	pn_bytes = [0] * 6
    14. 

  14. 	for i in range(6):
    15. 

  15. 		pn_bytes[i] = pn & 0xFF
    16. 

  16. 		pn >>= 8
    17. 

  17. 	return pn_bytes
    18. 

  18. 

  19. def pn2bin(pn):
    20. 

  20. 	return struct.pack(">Q", pn)[2:]
    21. 

  21. 

  22. def dot11ccmp_get_pn(p):
    23. 

  23. 	pn = p.PN5
    24. 

  24. 	pn = (pn << 8) | p.PN4
    25. 

  25. 	pn = (pn << 8) | p.PN3
    26. 

  26. 	pn = (pn << 8) | p.PN2
    27. 

  27. 	pn = (pn << 8) | p.PN1
    28. 

  28. 	pn = (pn << 8) | p.PN0
    29. 

  29. 	return pn
    30. 

  30. 

  31. def ccmp_get_nonce(priority, addr, pn):
    32. 

  32. 	return struct.pack("B", priority) + addr2bin(addr) + pn2bin(pn)
    33. 

  33. 

  34. def ccmp_get_aad(p, amsdu_spp=False):
    35. 

  35. 	# FC field with masked values
    36. 

  36. 	fc = raw(p)[:2]
    37. 

  37. 	fc = struct.pack("<BB", fc[0] & 0x8f, fc[1] & 0xc7)
    38. 

  38. 

  39. 	# Sequence number is masked, but fragment number is included
    40. 

  40. 	sc = struct.pack("<H", p.SC & 0xf)
    41. 

  41. 

  42. 	addr1 = addr2bin(p.addr1)
    43. 

  43. 	addr2 = addr2bin(p.addr2)
    44. 

  44. 	addr3 = addr2bin(p.addr3)
    45. 

  45. 	aad = fc + addr1 + addr2 + addr3 + sc
    46. 

  46. 	if Dot11QoS in p:
    47. 

  47. 		if not amsdu_spp:
    48. 

  48. 			# Everything except the TID is masked
    49. 

  49. 			aad += struct.pack("<H", p[Dot11QoS].TID)
    50. 

  50. 		else:
    51. 

  51. 			# TODO: Mask unrelated fields
    52. 

  52. 			aad += raw(p[Dot11QoS])[:2]
    53. 

  53. 

  54. 	return aad
    55. 

  55. 

  56. def Raw(x):
    57. 

  57. 	return x
    58. 

  58. 

  59. def encrypt_ccmp(p, tk, pn, keyid=0, amsdu_spp=False):
    60. 

  60. 	"""Takes a plaintext Dot11 frame, encrypts it, and adds all the necessairy headers"""
    61. 

  61. 

  62. 	# Update the FC field
    63. 

  63. 	p = p.copy()
    64. 

  64. 	p.FCfield |= Dot11(FCfield="protected").FCfield
    65. 

  65. 	if Dot11QoS in p:
    66. 

  66. 		payload = raw(p[Dot11QoS].payload)
    67. 

  67. 		p[Dot11QoS].remove_payload()
    68. 

  68. 		# Explicitly set TID so we can assume it's an integer
    69. 

  69. 		if p[Dot11QoS].TID == None:
    70. 

  70. 			p[Dot11QoS].TID = 0
    71. 

  71. 		priority = p[Dot11QoS].TID
    72. 

  72. 	else:
    73. 

  73. 		payload = raw(p.payload)
    74. 

  74. 		p.remove_payload()
    75. 

  75. 		priority = 0
    76. 

  76. 

  77. 	# Add the CCMP header. res0 and res1 are by default set to zero.
    78. 

  78. 	newp = p/Dot11CCMP()
    79. 

  79. 	pn_bytes = pn2bytes(pn)
    80. 

  80. 	newp.PN0, newp.PN1, newp.PN2, newp.PN3, newp.PN4, newp.PN5 = pn_bytes
    81. 

  81. 	newp.key_id = keyid
    82. 

  82. 	newp.ext_iv = 1
    83. 

  83. 

  84. 	# Generate the CCMP Header and AAD for encryption.
    85. 

  85. 	ccm_nonce = ccmp_get_nonce(priority, newp.addr2, pn)
    86. 

  86. 	ccm_aad = ccmp_get_aad(newp, amsdu_spp)
    87. 

  87. 	#print("CCM Nonce:", ccm_nonce.hex())
    88. 

  88. 	#print("CCM aad  :", ccm_aad.hex())
    89. 

  89. 

  90. 	# Encrypt the plaintext using AES in CCM Mode.
    91. 

  91. 	#print("Payload:", payload.hex())
    92. 

  92. 	cipher = AES.new(tk, AES.MODE_CCM, ccm_nonce, mac_len=8)
    93. 

  93. 	cipher.update(ccm_aad)
    94. 

  94. 	ciphertext = cipher.encrypt(payload)
    95. 

  95. 	digest = cipher.digest()
    96. 

  96. 	newp = newp/Raw(ciphertext)
    97. 

  97. 	newp = newp/Raw(digest)
    98. 

  98. 

  99. 	#print("Ciphertext:", ciphertext.hex())
    100. 

  100. 	#print(repr(newp))
    101. 

  101. 	#print(raw(newp).hex())
    102. 

  102. 

  103. 	return newp
    104. 

  104. 

  105. def decrypt_ccmp(p, tk, verify=True):
    106. 

  106. 	"""Takes a Dot11CCMP frame and decrypts it"""
    107. 

  107. 

  108. 	p = p.copy()
    109. 

  109. 

  110. 	# Get used CCMP parameters
    111. 

  111. 	keyid = get_ccmp_keyid(p)
    112. 

  112. 	priority = dot11_get_priority(p)
    113. 

  113. 	pn = dot11ccmp_get_pn(p)
    114. 

  114. 

  115. 	# TODO: Mask flags in p.FCfield that are not part of the AAD
    116. 

  116. 	fc = p.FCfield
    117. 

  117. 	payload = get_ccmp_payload(p)
    118. 

  118. 

  119. 	if Dot11QoS in p:
    120. 

  120. 		p[Dot11QoS].remove_payload()
    121. 

  121. 	else:
    122. 

  122. 		p.remove_payload()
    123. 

  123. 

  124. 	# Prepare for CCMP decryption
    125. 

  125. 	ccm_nonce = ccmp_get_nonce(priority, p.addr2, pn)
    126. 

  126. 	ccm_aad = ccmp_get_aad(p)
    127. 

  127. 

  128. 	# Decrypt using AES in CCM Mode.
    129. 

  129. 	cipher = AES.new(tk, AES.MODE_CCM, ccm_nonce, mac_len=8)
    130. 

  130. 	cipher.update(ccm_aad)
    131. 

  131. 	plaintext = cipher.decrypt(payload[:-8])
    132. 

  132. 

  133. 	try:
    134. 

  134. 		if verify:
    135. 

  135. 			cipher.verify(payload[-8:])
    136. 

  136. 	except ValueError:
    137. 

  137. 		return None
    138. 

  138. 

  139. 	return p/LLC(plaintext)
    140. 

  140. 

  141. def encrypt_wep(p, key, pn, keyid=0):
    142. 

  142. 	"""Takes a plaintext Dot11 frame, encrypts it, and adds all the necessairy headers"""
    143. 

  143. 

  144. 	# Update the FC field --- XXX share this with encrypt_ccmp
    145. 

  145. 	p = p.copy()
    146. 

  146. 	p.FCfield |= Dot11(FCfield="protected").FCfield
    147. 

  147. 	if Dot11QoS in p:
    148. 

  148. 		payload = raw(p[Dot11QoS].payload)
    149. 

  149. 		p[Dot11QoS].remove_payload()
    150. 

  150. 		# Explicitly set TID so we can assume it's an integer
    151. 

  151. 		if p[Dot11QoS].TID == None:
    152. 

  152. 			p[Dot11QoS].TID = 0
    153. 

  153. 		priority = p[Dot11QoS].TID
    154. 

  154. 	else:
    155. 

  155. 		payload = raw(p.payload)
    156. 

  156. 		p.remove_payload()
    157. 

  157. 		priority = 0
    158. 

  158. 

  159. 	# Add the WEP ICV which will be encrypted
    160. 

  160. 	payload += struct.pack("<I", zlib.crc32(payload) & 0xffffffff)
    161. 

  161. 	iv = struct.pack(">I", pn)[1:]
    162. 

  162. 	cipher = ARC4.new(iv + key)
    163. 

  163. 	ciphertext = cipher.encrypt(payload)
    164. 

  164. 

  165. 	# Construct packet ourselves to avoid scapy bugs
    166. 

  166. 	newp = p/iv/struct.pack("<B", keyid)/ciphertext
    167. 

  167. 

  168. 	return newp
    169. 

  169.