From bfed6275017294dd91f063e6e5a1ed77184112bf Mon Sep 17 00:00:00 2001 From: evilsocket Date: Mon, 12 Mar 2018 15:25:52 +0100 Subject: [PATCH] new: working on wifi.beacon.flood feature, still very WIP --- modules/wifi_beacon_flood.go | 79 ++++++++++++++++++++++++++++++++++++ modules/wifi_deauth.go | 2 +- modules/wifi_recon.go | 6 +++ 3 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 modules/wifi_beacon_flood.go diff --git a/modules/wifi_beacon_flood.go b/modules/wifi_beacon_flood.go new file mode 100644 index 00000000..42561b95 --- /dev/null +++ b/modules/wifi_beacon_flood.go @@ -0,0 +1,79 @@ +package modules + +import ( + "net" + "time" + + "github.com/bettercap/bettercap/log" + "github.com/bettercap/bettercap/network" + "github.com/bettercap/bettercap/packets" + + "github.com/google/gopacket/layers" +) + +func NewDot11Beacon(bssid net.HardwareAddr, ssid string, seq uint16) (error, []byte) { + // TODO: still very incomplete + return packets.Serialize( + &layers.RadioTap{}, + &layers.Dot11{ + Address1: network.BroadcastHw, + Address2: bssid, + Address3: bssid, + Type: layers.Dot11TypeMgmtBeacon, + SequenceNumber: seq, // not sure this needs to be a specific value + }, + &layers.Dot11MgmtBeacon{ + Timestamp: uint64(time.Now().Second()), // not sure + Interval: 1041, // ? + Flags: 100, // ? + }, + &layers.Dot11InformationElement{ + ID: layers.Dot11InformationElementIDSSID, + Length: uint8(len(ssid) & 0xff), + Info: []byte(ssid), + }, + // TODO: Rates n stuff ... + &layers.Dot11InformationElement{ + BaseLayer: layers.BaseLayer{ + Contents: []byte{0x01, 0x08, 0x82, 0x84, 0x8b, 0x96, 0x24, 0x30, 0x48, 0x6c}, + }, + }, + &layers.Dot11InformationElement{ + BaseLayer: layers.BaseLayer{ + Contents: []byte{0x03, 0x01, 0x0b}, + }, + }, + ) +} + +func (w *WiFiModule) sendBeaconPacket(counter int) { + w.writes.Add(1) + defer w.writes.Done() + + if err, pkt := NewDot11Beacon(w.Session.Interface.HW, "Prova", uint16(counter)); err != nil { + log.Error("Could not create beacon packet: %s", err) + } else { + w.injectPacket(pkt) + } + + time.Sleep(10 * time.Millisecond) +} + +func (w *WiFiModule) startBeaconFlood() error { + // if not already running, temporarily enable the pcap handle + // for packet injection + if w.Running() == false { + if err := w.Configure(); err != nil { + return err + } + } + + go func() { + defer w.handle.Close() + for counter := 0; w.Running(); counter++ { + w.sendBeaconPacket(counter) + } + }() + + return nil +} diff --git a/modules/wifi_deauth.go b/modules/wifi_deauth.go index 90cf8cc9..f5ca6247 100644 --- a/modules/wifi_deauth.go +++ b/modules/wifi_deauth.go @@ -11,7 +11,7 @@ import ( func (w *WiFiModule) injectPacket(data []byte) { if err := w.handle.WritePacketData(data); err != nil { - log.Error("Could not send deauth packet: %s", err) + log.Error("Could not inject WiFi packet: %s", err) w.Session.Queue.Stats.Lock() w.Session.Queue.Stats.Errors++ diff --git a/modules/wifi_recon.go b/modules/wifi_recon.go index 8b4308df..f6e56cdc 100644 --- a/modules/wifi_recon.go +++ b/modules/wifi_recon.go @@ -98,6 +98,12 @@ func NewWiFiModule(s *session.Session) *WiFiModule { return w.startDeauth(bssid) })) + w.AddHandler(session.NewModuleHandler("wifi.beacon.flood", "", + "todo", + func(args []string) error { + return w.startBeaconFlood() + })) + w.AddHandler(session.NewModuleHandler("wifi.show", "", "Show current wireless stations list (default sorting by essid).", func(args []string) error {