API tools faq
paste
tuxmartin

iwlist wpa

tuxmartin
Feb 18th, 2015
214
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 4.09 KB | None | 0 0
raw download clone embed print report
  1. /*------------------------------------------------------------------*/
  2. /*
  3.  * Parse, and display the results of a WPA or WPA2 IE.
  4.  *
  5.  */
  6. static inline void
  7. iw_print_ie_wpa(unsigned char * iebuf,
  8.         int     buflen)
  9. {
  10.   int           ielen = iebuf[1] + 2;
  11.   int           offset = 2; /* Skip the IE id, and the length. */
  12.   unsigned char     wpa1_oui[3] = {0x00, 0x50, 0xf2};
  13.   unsigned char     wpa2_oui[3] = {0x00, 0x0f, 0xac};
  14.   unsigned char *   wpa_oui;
  15.   int           i;
  16.   uint16_t      ver = 0;
  17.   uint16_t      cnt = 0;
  18.  
  19.   if(ielen > buflen)
  20.     ielen = buflen;
  21.  
  22. #ifdef DEBUG
  23.   /* Debugging code. In theory useless, because it's debugged ;-) */
  24.   printf("IE raw value %d [%02X", buflen, iebuf[0]);
  25.   for(i = 1; i < buflen; i++)
  26.     printf(":%02X", iebuf[i]);
  27.   printf("]\n");
  28. #endif
  29.  
  30.   switch(iebuf[0])
  31.     {
  32.     case 0x30:      /* WPA2 */
  33.       /* Check if we have enough data */
  34.       if(ielen < 4)
  35.     {
  36.       iw_print_ie_unknown(iebuf, buflen);
  37.       return;
  38.     }
  39.  
  40.       wpa_oui = wpa2_oui;
  41.       break;
  42.  
  43.     case 0xdd:      /* WPA or else */
  44.       wpa_oui = wpa1_oui;
  45.  
  46.       /* Not all IEs that start with 0xdd are WPA.
  47.        * So check that the OUI is valid. Note : offset==2 */
  48.       if((ielen < 8)
  49.      || (memcmp(&iebuf[offset], wpa_oui, 3) != 0)
  50.      || (iebuf[offset + 3] != 0x01))
  51.     {
  52.       iw_print_ie_unknown(iebuf, buflen);
  53.       return;
  54.     }
  55.  
  56.       /* Skip the OUI type */
  57.       offset += 4;
  58.       break;
  59.  
  60.     default:
  61.       return;
  62.     }
  63.  
  64.   /* Pick version number (little endian) */
  65.   ver = iebuf[offset] | (iebuf[offset + 1] << 8);
  66.   offset += 2;
  67.  
  68.   if(iebuf[0] == 0xdd)
  69.     printf("WPA Version %d\n", ver);
  70.   if(iebuf[0] == 0x30)
  71.     printf("IEEE 802.11i/WPA2 Version %d\n", ver);
  72.  
  73.   /* From here, everything is technically optional. */
  74.  
  75.   /* Check if we are done */
  76.   if(ielen < (offset + 4))
  77.     {
  78.       /* We have a short IE.  So we should assume TKIP/TKIP. */
  79.       printf("                        Group Cipher : TKIP\n");
  80.       printf("                        Pairwise Cipher : TKIP\n");
  81.       return;
  82.     }
  83.  
  84.   /* Next we have our group cipher. */
  85.   if(memcmp(&iebuf[offset], wpa_oui, 3) != 0)
  86.     {
  87.       printf("                        Group Cipher : Proprietary\n");
  88.     }
  89.   else
  90.     {
  91.       printf("                        Group Cipher :");
  92.       iw_print_value_name(iebuf[offset+3],
  93.               iw_ie_cypher_name, IW_IE_CYPHER_NUM);
  94.       printf("\n");
  95.     }
  96.   offset += 4;
  97.  
  98.   /* Check if we are done */
  99.   if(ielen < (offset + 2))
  100.     {
  101.       /* We don't have a pairwise cipher, or auth method. Assume TKIP. */
  102.       printf("                        Pairwise Ciphers : TKIP\n");
  103.       return;
  104.     }
  105.  
  106.   /* Otherwise, we have some number of pairwise ciphers. */
  107.   cnt = iebuf[offset] | (iebuf[offset + 1] << 8);
  108.   offset += 2;
  109.   printf("                        Pairwise Ciphers (%d) :", cnt);
  110.  
  111.   if(ielen < (offset + 4*cnt))
  112.     return;
  113.  
  114.   for(i = 0; i < cnt; i++)
  115.     {
  116.       if(memcmp(&iebuf[offset], wpa_oui, 3) != 0)
  117.     {
  118.       printf(" Proprietary");
  119.     }
  120.       else
  121.     {
  122.       iw_print_value_name(iebuf[offset+3],
  123.                   iw_ie_cypher_name, IW_IE_CYPHER_NUM);
  124.     }
  125.       offset+=4;
  126.     }
  127.   printf("\n");
  128.  
  129.   /* Check if we are done */
  130.   if(ielen < (offset + 2))
  131.     return;
  132.  
  133.   /* Now, we have authentication suites. */
  134.   cnt = iebuf[offset] | (iebuf[offset + 1] << 8);
  135.   offset += 2;
  136.   printf("                        Authentication Suites (%d) :", cnt);
  137.  
  138.   if(ielen < (offset + 4*cnt))
  139.     return;
  140.  
  141.   for(i = 0; i < cnt; i++)
  142.     {
  143.       if(memcmp(&iebuf[offset], wpa_oui, 3) != 0)
  144.     {
  145.       printf(" Proprietary");
  146.     }
  147.       else
  148.     {
  149.       iw_print_value_name(iebuf[offset+3],
  150.                   iw_ie_key_mgmt_name, IW_IE_KEY_MGMT_NUM);
  151.     }
  152.        offset+=4;
  153.      }
  154.   printf("\n");
  155.  
  156.   /* Check if we are done */
  157.   if(ielen < (offset + 1))
  158.     return;
  159.  
  160.   /* Otherwise, we have capabilities bytes.
  161.    * For now, we only care about preauth which is in bit position 1 of the
  162.    * first byte.  (But, preauth with WPA version 1 isn't supposed to be
  163.    * allowed.) 8-) */
  164.   if(iebuf[offset] & 0x01)
  165.     {
  166.       printf("                       Preauthentication Supported\n");
  167.     }
  168. }
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!