This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From b2393237de31be1799cb9026e30a5bf7b611f6e7 Mon Sep 17 00:00:00 2001 | |
From: Mathy Vanhoef <Mathy.Vanhoef@kuleuven.be> | |
Date: Fri, 17 Feb 2023 21:38:06 +0100 | |
Subject: [PATCH] Make hostap vulnerable to PTK key reinstallation | |
Apply this patch to hostap_2_10 to make it vulnerable to PTK key | |
reinstallations. | |
--- | |
src/rsn_supp/wpa.c | 23 +++++++++++++++++++++++ | |
1 file changed, 23 insertions(+) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** Comp128 version 2 and 3 overview by Mathy Vanhoef (based on other contributions mentioned inline) */ | |
#include <string.h> | |
#include <stdio.h> | |
#include <stdint.h> | |
#include <stdlib.h> | |
#include <time.h> | |
static uint8_t table0[] = { | |
197, 235, 60, 151, 98, 96, 3, 100, 248, 118, 42, 117, 172, 211, 181, 203, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_main.c b/drivers/net/wireless/ath/ath9k/htc_drv_main.c | |
index d441045..84359c3 100644 | |
--- a/drivers/net/wireless/ath/ath9k/htc_drv_main.c | |
+++ b/drivers/net/wireless/ath/ath9k/htc_drv_main.c | |
@@ -147,21 +147,26 @@ static void ath9k_htc_bssid_iter(void *data, u8 *mac, struct ieee80211_vif *vif) | |
struct ath9k_vif_iter_data *iter_data = data; | |
int i; | |
- for (i = 0; i < ETH_ALEN; i++) | |
- iter_data->mask[i] &= ~(iter_data->hw_macaddr[i] ^ mac[i]); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
from scapy.all import * | |
import random | |
# number of times to inject probe for one bit (combat packet loss) | |
ATTEMPTS_PER_BIT = 3 | |
# time to wait for ACK in seconds | |
SNIFFTIME = 0.1 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from selenium.webdriver import Firefox | |
from selenium.webdriver.firefox.options import Options | |
import subprocess, time | |
def reset_router(browser): | |
browser.execute_script('javascript:CheckHTMLStatus("System");') | |
time.sleep(0.13) | |
browser.execute_script('javascript:SetFactory_Default();') | |
time.sleep(0.01) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from scapy.all import * | |
# MAC address of our own interface | |
MYMACADDR = "11:22:33:44:55:66" | |
def wait_router(iface, ip): | |
s = L2Socket(type=ETH_P_ALL, iface=iface) | |
arp = Ether(dst="ff:ff:ff:ff:ff:ff", src=MYMACADDR) | |
arp = arp/ARP(hwsrc=MYMACADDR, pdst=ip, psrc="192.168.0.100") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-- Wireshark LUA script to handle Gamespy Packets | |
trivial_proto = Proto("gamespy","Gamespy Protocol") | |
-- XOR Cipher: | |
local tab = { -- tab[i][j] = xor(i-1, j-1) | |
{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, }, | |
{1, 0, 3, 2, 5, 4, 7, 6, 9, 8, 11, 10, 13, 12, 15, 14, }, | |
{2, 3, 0, 1, 6, 7, 4, 5, 10, 11, 8, 9, 14, 15, 12, 13, }, | |
{3, 2, 1, 0, 7, 6, 5, 4, 11, 10, 9, 8, 15, 14, 13, 12, }, | |
{4, 5, 6, 7, 0, 1, 2, 3, 12, 13, 14, 15, 8, 9, 10, 11, }, | |
{5, 4, 7, 6, 1, 0, 3, 2, 13, 12, 15, 14, 9, 8, 11, 10, }, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <string.h> | |
#include <stdlib.h> | |
#include <stdio.h> | |
int main(int argc, char *argv[]) | |
{ | |
char *buf1 = malloc(256); | |
char *buf2 = malloc(512); | |
char *buf3 = malloc(1024); | |
char *top, *aftertop; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -------------- netcatlib.py ----------------------------------- | |
import socket | |
class Netcat: | |
# TODO: ip and port should be optionaly, and an open() method should be added | |
# TODO: specify a timeout argument as well? | |
def __init__(self, ip, port): | |
self.buff = "" | |
self.soc = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
self.soc.connect((ip, port)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
call 0x80486d0 <printf@plt> | |
movl $0x8049f3a,(%esp) | |
call 0x8048750 <puts@plt> | |
mov -0xc(%ebp),%eax | |
leave ; equivalent to movl %ebp, %esp | |
; popl %ebp | |
ret |
NewerOlder