From 3d31bf37121e6371c8bd72bfd6b9b83bbec09d51 Mon Sep 17 00:00:00 2001 From: evilsocket Date: Mon, 19 Aug 2019 13:56:18 -0400 Subject: [PATCH] new: reporting if wifi handshakes are full or half --- modules/events_stream/events_view_wifi.go | 4 ++++ modules/wifi/wifi_events.go | 2 ++ modules/wifi/wifi_recon_handshakes.go | 2 ++ 3 files changed, 8 insertions(+) diff --git a/modules/events_stream/events_view_wifi.go b/modules/events_stream/events_view_wifi.go index 66f1ce36..ba072454 100644 --- a/modules/events_stream/events_view_wifi.go +++ b/modules/events_stream/events_view_wifi.go @@ -80,6 +80,10 @@ func (mod *EventsStream) viewWiFiHandshakeEvent(e session.Event) { if hand.PMKID != nil { what = "RSN PMKID" + } else if hand.Full { + what += " (full)" + } else if hand.Half { + what += " (half)" } fmt.Fprintf(mod.output, "[%s] [%s] captured %s -> %s %s to %s\n", diff --git a/modules/wifi/wifi_events.go b/modules/wifi/wifi_events.go index 15e27c1e..0a53f0ce 100644 --- a/modules/wifi/wifi_events.go +++ b/modules/wifi/wifi_events.go @@ -22,5 +22,7 @@ type HandshakeEvent struct { NewPackets int `json:"new_packets"` AP string `json:"ap"` Station string `json:"station"` + Half bool `json:"half"` + Full bool `json:"full"` PMKID []byte `json:"pmkid"` } diff --git a/modules/wifi/wifi_recon_handshakes.go b/modules/wifi/wifi_recon_handshakes.go index 68f52078..af2c4f5d 100644 --- a/modules/wifi/wifi_recon_handshakes.go +++ b/modules/wifi/wifi_recon_handshakes.go @@ -102,6 +102,8 @@ func (mod *WiFiModule) discoverHandshakes(radiotap *layers.RadioTap, dot11 *laye AP: apMac.String(), Station: staMac.String(), PMKID: rawPMKID, + Half: station.Handshake.Half(), + Full: station.Handshake.Complete(), }) // make sure the info that we have key material for this AP // is persisted even after stations are pruned due to inactivity