github/bettercap
1
0
Fork 0
mirror of https://github.com/bettercap/bettercap synced 2025-08-14 10:46:57 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

new: handshakes history is now loaded from the configured pcap

Browse source
This commit is contained in:
evilsocket 2019-03-22 23:31:11 +01:00
commit 9a3c252c4f
No known key found for this signature in database
GPG key ID: 1564D7F30393A456
3 changed files with 74 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

24
modules/wifi/wifi_recon_handshakes.go
View file

@ -18,12 +18,14 @@ func allZeros(s []byte) bool {
return true
}
func (mod *WiFiModule) discoverHandshakes(radiotap *layers.RadioTap, dot11 *layers.Dot11, packet gopacket.Packet) {
func (mod *WiFiModule) discoverHandshakes(radiotap *layers.RadioTap, dot11 *layers.Dot11, packet gopacket.Packet, readOnly bool) {
if ok, key, apMac, staMac := packets.Dot11ParseEAPOL(packet, dot11); ok {
// first, locate the AP in our list by its BSSID
ap, found := mod.Session.WiFi.Get(apMac.String())
if !found {
mod.Warning("could not find AP with BSSID %s", apMac.String())
if !readOnly {
mod.Warning("could not find AP with BSSID %s", apMac.String())
}
return
}
@ -75,7 +77,7 @@ func (mod *WiFiModule) discoverHandshakes(radiotap *layers.RadioTap, dot11 *laye
// if we have unsaved packets as part of the handshake, save them.
numUnsaved := station.Handshake.NumUnsaved()
doSave := numUnsaved > 0
if doSave && mod.shakesFile != "" {
if !readOnly && doSave && mod.shakesFile != "" {
mod.Debug("saving handshake frames to %s", mod.shakesFile)
if err := mod.Session.WiFi.SaveHandshakesTo(mod.shakesFile, mod.handle.LinkType()); err != nil {
mod.Error("error while saving handshake frames to %s: %s", mod.shakesFile, err)
@ -85,13 +87,15 @@ func (mod *WiFiModule) discoverHandshakes(radiotap *layers.RadioTap, dot11 *laye
// if we had unsaved packets and either the handshake is complete
// or it contains the PMKID, generate a new event.
if doSave && (rawPMKID != nil || station.Handshake.Complete()) {
mod.Session.Events.Add("wifi.client.handshake", HandshakeEvent{
File: mod.shakesFile,
NewPackets: numUnsaved,
AP: apMac.String(),
Station: staMac.String(),
PMKID: rawPMKID,
})
if !readOnly {
mod.Session.Events.Add("wifi.client.handshake", HandshakeEvent{
File: mod.shakesFile,
NewPackets: numUnsaved,
AP: apMac.String(),
Station: staMac.String(),
PMKID: rawPMKID,
})
}
// make sure the info that we have key material for this AP
// is persisted even after stations are pruned due to inactivity
ap.WithKeyMaterial(true)