From 9e9b984fec6ba9c89434988568d9ecdda4e32bcc Mon Sep 17 00:00:00 2001 From: evilsocket Date: Sat, 17 Aug 2019 22:33:26 -0400 Subject: [PATCH] new: added support for half WPA handshakes (https://hashcat.net/forum/thread-6745-post-36007.html) --- modules/wifi/wifi_recon_handshakes.go | 4 ++-- network/wifi_handshake.go | 19 +++++++++++++++++++ 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/modules/wifi/wifi_recon_handshakes.go b/modules/wifi/wifi_recon_handshakes.go index ee22dba3..68f52078 100644 --- a/modules/wifi/wifi_recon_handshakes.go +++ b/modules/wifi/wifi_recon_handshakes.go @@ -93,9 +93,9 @@ func (mod *WiFiModule) discoverHandshakes(radiotap *layers.RadioTap, dot11 *laye } } - // if we had unsaved packets and either the handshake is complete + // if we had unsaved packets and either the handshake is half, complete // or it contains the PMKID, generate a new event. - if doSave && (rawPMKID != nil || station.Handshake.Complete()) { + if doSave && (rawPMKID != nil || station.Handshake.Half() || station.Handshake.Complete()) { mod.Session.Events.Add("wifi.client.handshake", HandshakeEvent{ File: mod.shakesFile, NewPackets: numUnsaved, diff --git a/network/wifi_handshake.go b/network/wifi_handshake.go index 0075ee2c..341a4f9e 100644 --- a/network/wifi_handshake.go +++ b/network/wifi_handshake.go @@ -90,6 +90,25 @@ func (h *Handshake) Complete() bool { return nChal > 0 && nResp > 0 && nConf > 0 } +func (h *Handshake) Half() bool { + h.Lock() + defer h.Unlock() + + /* + * You can use every combination of the handshake to crack the net: + * M1/M2 + * M2/M3 + * M3/M4 + * M1/M4 (if M4 snonce is not zero) + * We only have M1 (the challenge), M2 (the response) and M3 (the confirmation) + */ + nChal := len(h.Challenges) + nResp := len(h.Responses) + nConf := len(h.Confirmations) + + return (nChal > 0 && nResp > 0) || (nResp > 0 && nConf > 0) +} + func (h *Handshake) HasPMKID() bool { h.Lock() defer h.Unlock()