├── AUTHORS ├── COPYING ├── ChangeLog ├── INSTALL ├── Makefile.am ├── NEWS ├── README ├── THANKS ├── TODO ├── autocrack.c ├── autocrack.h ├── common ├── common.c ├── common.h ├── common_macro.h ├── conio.h ├── crypto.c └── crypto.h ├── configure ├── configure.ac ├── engine ├── engine.c └── engine.h ├── include ├── byteorder.h ├── crypto.c └── pcap.h ├── install-sh ├── parser ├── cap2hccap.c ├── parser.c └── parser.h └── test ├── hash.md5 ├── hash.md5.in ├── test.sh ├── uword ├── wordlist ├── wpa2psk-2WIRE972.dump ├── wpa2psk-MOM1.dump ├── wpa2psk-Red_Apple.dump ├── wpa2psk-linksys.dump ├── wpapsk-linksys.dump └── wpapsk-virgin_broadband.dump /AUTHORS: -------------------------------------------------------------------------------- 1 | Autocrack - automatically crack everything throught CPU and GPU 2 | Copyright (C) 2012 Massimo Dragano 3 | 4 | Primary author: Massimo Dragano 5 | -------------------------------------------------------------------------------- /COPYING: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | 3 | Version 3, 29 June 2007 4 | 5 | Copyright © 2007 Free Software Foundation, Inc. 6 | 7 | Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. 8 | 9 | Preamble 10 | 11 | The GNU General Public License is a free, copyleft license for software and other kinds of works. 12 | 13 | The licenses for most software and other practical works are designed to take away your freedom to share and change the 14 | works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of 15 | a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General 16 | Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it 17 | to your programs, too. 18 | 19 | When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure 20 | that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source 21 | code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you 22 | know you can do these things. 23 | 24 | To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. 25 | Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities 26 | to respect the freedom of others. 27 | 28 | For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the 29 | same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show 30 | them these terms so they know their rights. 31 | 32 | Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you 33 | this License giving you legal permission to copy, distribute and/or modify it. 34 | 35 | For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For 36 | both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not 37 | be attributed erroneously to authors of previous versions. 38 | 39 | Some devices are designed to deny users access to install or run modified versions of the software inside them, although the 40 | manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. 41 | The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is 42 | most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such 43 | problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of 44 | the GPL, as needed to protect the freedom of users. 45 | 46 | Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development 47 | and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents 48 | applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used 49 | to render the program non-free. 50 | 51 | The precise terms and conditions for copying, distribution and modification follow. 52 | 53 | TERMS AND CONDITIONS 54 | 55 | 0. Definitions. 56 | “This License” refers to version 3 of the GNU General Public License. 57 | 58 | “Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. 59 | 60 | “The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as 61 | “you”. “Licensees” and “recipients” may be individuals or organizations. 62 | 63 | To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, 64 | other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a 65 | work “based on” the earlier work. 66 | 67 | A “covered work” means either the unmodified Program or a work based on the Program. 68 | 69 | To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily 70 | liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. 71 | Propagation includes copying, distribution (with or without modification), making available to the public, and in some 72 | countries other activities as well. 73 | 74 | To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere 75 | interaction with a user through a computer network, with no transfer of a copy, is not conveying. 76 | 77 | An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and 78 | prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no 79 | warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this 80 | License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a 81 | menu, a prominent item in the list meets this criterion. 82 | 83 | 1. Source Code. 84 | The “source code” for a work means the preferred form of the work for making modifications to it. “Object 85 | code” means any non-source form of a work. 86 | 87 | A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, 88 | or, in the case of interfaces specified for a particular programming language, one that is widely used among developers 89 | working in that language. 90 | 91 | The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included 92 | in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to 93 | enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is 94 | available to the public in source code form. A “Major Component”, in this context, means a major essential component 95 | (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler 96 | used to produce the work, or an object code interpreter used to run it. 97 | 98 | The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and 99 | (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, 100 | it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used 101 | unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes 102 | interface definition files associated with source files for the work, and the source code for shared libraries and 103 | dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or 104 | control flow between those subprograms and other parts of the work. 105 | 106 | The Corresponding Source need not include anything that users can regenerate automatically from other parts of the 107 | Corresponding Source. 108 | 109 | The Corresponding Source for a work in source code form is that same work. 110 | 111 | 2. Basic Permissions. 112 | All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the 113 | stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The 114 | output from running a covered work is covered by this License only if the output, given its content, constitutes a covered 115 | work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. 116 | 117 | You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise 118 | remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively 119 | for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in 120 | conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do 121 | so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your 122 | copyrighted material outside their relationship with you. 123 | 124 | Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; 125 | section 10 makes it unnecessary. 126 | 127 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law. 128 | No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations 129 | under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting 130 | circumvention of such measures. 131 | 132 | When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent 133 | such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any 134 | intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third 135 | parties' legal rights to forbid circumvention of technological measures. 136 | 137 | 4. Conveying Verbatim Copies. 138 | You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously 139 | and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and 140 | any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any 141 | warranty; and give all recipients a copy of this License along with the Program. 142 | 143 | You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a 144 | fee. 145 | 146 | 5. Conveying Modified Source Versions. 147 | You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code 148 | under the terms of section 4, provided that you also meet all of these conditions: 149 | 150 | a) The work must carry prominent notices stating that you modified it, and giving a relevant date. 151 | b) The work must carry prominent notices stating that it is released under this License and any conditions added under 152 | section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”. 153 | c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This 154 | License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its 155 | parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it 156 | does not invalidate such permission if you have separately received it. 157 | d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has 158 | interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. 159 | A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the 160 | covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or 161 | distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit 162 | the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in 163 | an aggregate does not cause this License to apply to the other parts of the aggregate. 164 | 165 | 6. Conveying Non-Source Forms. 166 | You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the 167 | machine-readable Corresponding Source under the terms of this License, in one of these ways: 168 | 169 | a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by 170 | the Corresponding Source fixed on a durable physical medium customarily used for software interchange. 171 | b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a 172 | written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that 173 | product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the 174 | software in the product that is covered by this License, on a durable physical medium customarily used for software 175 | interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access 176 | to copy the Corresponding Source from a network server at no charge. 177 | c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This 178 | alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in 179 | accord with subsection 6b. 180 | d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to 181 | the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy 182 | the Corresponding Source along with the object code. If the place to copy the object code is a network server, the 183 | Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying 184 | facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. 185 | Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as 186 | needed to satisfy these requirements. 187 | e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and 188 | Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. 189 | A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need 190 | not be included in conveying the object code work. 191 | 192 | A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is 193 | normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a 194 | dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For 195 | a particular product received by a particular user, “normally used” refers to a typical or common use of that class 196 | of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or 197 | expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial 198 | commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. 199 | 200 | “Installation Information” for a User Product means any methods, procedures, authorization keys, or other information 201 | required to install and execute modified versions of a covered work in that User Product from a modified version of its 202 | Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in 203 | no case prevented or interfered with solely because modification has been made. 204 | 205 | If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the 206 | conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the 207 | recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source 208 | conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if 209 | neither you nor any third party retains the ability to install modified object code on the User Product (for example, the 210 | work has been installed in ROM). 211 | 212 | The requirement to provide Installation Information does not include a requirement to continue to provide support service, 213 | warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has 214 | been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects 215 | the operation of the network or violates the rules and protocols for communication across the network. 216 | 217 | Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is 218 | publicly documented (and with an implementation available to the public in source code form), and must require no special 219 | password or key for unpacking, reading or copying. 220 | 221 | 7. Additional Terms. 222 | “Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of 223 | its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were 224 | included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to 225 | part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by 226 | this License without regard to the additional permissions. 227 | 228 | When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from 229 | any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the 230 | work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give 231 | appropriate copyright permission. 232 | 233 | Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the 234 | copyright holders of that material) supplement the terms of this License with terms: 235 | 236 | a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or 237 | b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate 238 | Legal Notices displayed by works containing it; or 239 | c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be 240 | marked in reasonable ways as different from the original version; or 241 | d) Limiting the use for publicity purposes of names of licensors or authors of the material; or 242 | e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or 243 | f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified 244 | versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual 245 | assumptions directly impose on those licensors and authors. 246 | All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If 247 | the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a 248 | term that is a further restriction, you may remove that term. If a license document contains a further restriction but 249 | permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that 250 | license document, provided that the further restriction does not survive such relicensing or conveying. 251 | 252 | If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of 253 | the additional terms that apply to those files, or a notice indicating where to find the applicable terms. 254 | 255 | Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as 256 | exceptions; the above requirements apply either way. 257 | 258 | 8. Termination. 259 | You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to 260 | propagate or modify it is void, and will automatically terminate your rights under this License (including any patent 261 | licenses granted under the third paragraph of section 11). 262 | 263 | However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) 264 | provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if 265 | the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. 266 | 267 | Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of 268 | the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any 269 | work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. 270 | 271 | Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights 272 | from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to 273 | receive new licenses for the same material under section 10. 274 | 275 | 9. Acceptance Not Required for Having Copies. 276 | You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a 277 | covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require 278 | acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These 279 | actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you 280 | indicate your acceptance of this License to do so. 281 | 282 | 10. Automatic Licensing of Downstream Recipients. 283 | Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, 284 | modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties 285 | with this License. 286 | 287 | An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, 288 | or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity 289 | transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the 290 | party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the 291 | Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable 292 | efforts. 293 | 294 | You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For 295 | example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and 296 | you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is 297 | infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 298 | 299 | 11. Patents. 300 | A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the 301 | Program is based. The work thus licensed is called the contributor's “contributor version”. 302 | 303 | A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether 304 | already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, 305 | or selling its contributor version, but do not include claims that would be infringed only as a consequence of further 306 | modification of the contributor version. For purposes of this definition, “control” includes the right to grant 307 | patent sublicenses in a manner consistent with the requirements of this License. 308 | 309 | Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent 310 | claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor 311 | version. 312 | 313 | In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, 314 | not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). 315 | To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent 316 | against the party. 317 | 318 | If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not 319 | available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server 320 | or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange 321 | to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent 322 | with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” 323 | means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your 324 | recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you 325 | have reason to believe are valid. 326 | 327 | If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance 328 | of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, 329 | propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended 330 | to all recipients of the covered work and works based on it. 331 | 332 | A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise 333 | of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You 334 | may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing 335 | software, under which you make payment to the third party based on the extent of your activity of conveying the work, and 336 | under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory 337 | patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) 338 | primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into 339 | that arrangement, or that patent license was granted, prior to 28 March 2007. 340 | 341 | Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement 342 | that may otherwise be available to you under applicable patent law. 343 | 344 | 12. No Surrender of Others' Freedom. 345 | If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this 346 | License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy 347 | simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not 348 | convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those 349 | to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely 350 | from conveying the Program. 351 | 352 | 13. Use with the GNU Affero General Public License. 353 | Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work 354 | licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting 355 | work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of 356 | the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as 357 | such. 358 | 359 | 14. Revised Versions of this License. 360 | The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. 361 | Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or 362 | concerns. 363 | 364 | Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU 365 | General Public License “or any later version” applies to it, you have the option of following the terms and 366 | conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program 367 | does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free 368 | Software Foundation. 369 | 370 | If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that 371 | proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. 372 | 373 | Later license versions may give you additional or different permissions. However, no additional obligations are imposed on 374 | any author or copyright holder as a result of your choosing to follow a later version. 375 | 376 | 15. Disclaimer of Warranty. 377 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE 378 | COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR 379 | IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE 380 | ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE 381 | COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 382 | 383 | 16. Limitation of Liability. 384 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO 385 | MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, 386 | INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS 387 | OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE 388 | WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 389 | 390 | 17. Interpretation of Sections 15 and 16. 391 | If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to 392 | their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability 393 | in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for 394 | a fee. 395 | 396 | END OF TERMS AND CONDITIONS 397 | -------------------------------------------------------------------------------- /ChangeLog: -------------------------------------------------------------------------------- 1 | Autocrack - automatically crack everything throught CPU and GPU 2 | Copyright (C) 2012 Massimo Dragano 3 | 4 | 2012-10-09 Massimo Dragano 5 | * Makefile.am: add check-local target 6 | * test/test.sh: testing script 7 | 2012-10-08 Massimo Dragano 8 | * autocrack.c: moved verbosity control on first option check. 9 | optimized network check killer. 10 | * INSTALL: add instructions on install-sh 11 | 2012-09-22 Massimo Dragano 12 | * autocrack.c: use optind for restart getopt counter. 13 | 2012-09-09 Massimo Dragano 14 | * autocrack.c: fix option parsing bug that keep run even if no data has been provided 15 | 2012-08-28 Massimo Dragano 16 | * configure.ac: hide rcracki_mt checking. 17 | 2012-08-27 Massimo Dragano 18 | * common.c: auto-kill if cannot terminate some childs. 19 | * autocrack.c: double parse options for exit immediatly if user ask for help or infos. 20 | * All: minor bug-fixes 21 | 2012-06-04 Massimo Dragano 22 | * : First release. 23 | -------------------------------------------------------------------------------- /INSTALL: -------------------------------------------------------------------------------- 1 | Autocrack - automatically crack everything throught CPU and GPU 2 | Copyright (C) 2012 Massimo Dragano 3 | 4 | INSTALLATION 5 | 6 | simply run: 7 | ./configure 8 | make 9 | make install ( as root ) 10 | 11 | if ./configure FAIL try with ./install-sh . 12 | 13 | ./configre gives you a couple of WARNING and ERROR 14 | if some external binaries are missing or not properly working. 15 | gcc will gracefully fail in preprocessing phase 16 | if some library on your system is missing. 17 | -------------------------------------------------------------------------------- /Makefile.am: -------------------------------------------------------------------------------- 1 | bin_PROGRAMS = autocrack 2 | autocrack_SOURCES = autocrack.c common/common* parser/* engine/engine* 3 | autocrack_LDFLAGS= -lm 4 | autocrack_CFLAGS = -Wall -Iinclude 5 | 6 | check-local: 7 | test/test.sh 8 | -------------------------------------------------------------------------------- /NEWS: -------------------------------------------------------------------------------- 1 | Autocrack NEWS -- history of user-visible changes. 2 | 3 | Autocrack - automatically crack everything throught CPU and GPU 4 | Copyright (C) 2012 Massimo Dragano 5 | 6 | * Changes in Autocrack 0.0.1 7 | 8 | ** First Release. 9 | 10 | -------------------------------------------------------------------------------- /README: -------------------------------------------------------------------------------- 1 | Hi tester! 2 | There is an hidden option: 3 | -C, --no-cow 4 | this because cowpatty seems to having trouble with parsing capture files 5 | with multiple WPA handshakes. 6 | 7 | That's all folks! 8 | Happy Hacking! ;D 9 | 10 | ah! ( the usual ballshit ) 11 | this software is write for testing the security of your password and WPA keys, 12 | don't use it on hash and/or WPA handshakes of other people/company. 13 | -------------------------------------------------------------------------------- /THANKS: -------------------------------------------------------------------------------- 1 | Autocrack THANKS file 2 | 3 | Autocrack - automatically crack everything throught CPU and GPU 4 | Copyright (C) 2012 Massimo Dragano 5 | 6 | Autocrack was originally written by Massimo Dragano. 7 | For now no one else contributed to this project. 8 | I hope to enlarge this list ;-) 9 | 10 | Massimo Dragano massimo.dragano@gmail.com -------------------------------------------------------------------------------- /TODO: -------------------------------------------------------------------------------- 1 | [optional] may be we can support unicode chars...but what is the http POST standard? 2 | [optional] make str2up/dn return a pointer to local static buffer. why??? 3 | [optional] parallelizing option parsing ( must have globals.err_buff mutex lock ) 4 | [low priority] also compare hash type from john the ripper 'pot' files. 5 | [low priority] WORK_RATIO is not exact, if oclhashcat use permutation attack, him load is very very bigger then othres. 6 | [low priority] start parsing after read all options. ( where store the arguments? or we can reuse getopt/argv or option_index ?) 7 | [low priority] add support for pwdump and lst files. 8 | [normal] must add support for md5 subtypes for cracking vBullettin, joomla and more md5 hashes. 9 | [normal] pyrit crack using GPU and CPU, how handle this ? 10 | [normal] add permutation attack support ( will be silently started if no results are founded? ) 11 | [normal] configure.ac: check for rcracki_mt 12 | [normal] parser_online(): killing thread while calling getadddrinfo() will leak memory, but wait for getadddrinfo() ends is too 13 | [normal] add feature: search for essid online ( the one with cracked algorithm ) for retrieve defaul passphrase 14 | [normal] leave coWPAtty support, it fail on multiple AP caputre 15 | files. we will go to integrare OSP into master branch. 16 | [high priority] test praser_ocl ( oclhashcat not working on workstation ). 17 | [high priority] pthread_mutex_lock called by exit() ?? 18 | [high priority] something wrong with thread killer...we found all password but som thread still 19 | running.....maybe a CURL thread...yep 20 | -------------------------------------------------------------------------------- /autocrack.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Autocrack - automatically crack everything throught CPU and GPU 3 | * Copyright (C) 2012 Massimo Dragano 4 | * 5 | * Autocrack is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * Autocrack is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with Autocrack. If not, see . 17 | */ 18 | 19 | #include "autocrack.h" 20 | 21 | struct _globals globals; 22 | 23 | int main(int argc, char *argv[]) 24 | { 25 | // init memory 26 | memset(&globals,0,sizeof(struct _globals)); 27 | globals.online = globals.rain = globals.dict = globals.gpu = true; 28 | globals.log_level = info; 29 | globals.err_buff = malloc((MAX_BUFF+1)*sizeof(char)); 30 | report_error(NULL,0,0,debug); 31 | P_path(argv[0]); 32 | signal(SIGINT, signal_handler); 33 | // handle args 34 | option_handler(argc,argv); 35 | // start engine 36 | engine(); 37 | if(globals.log_level >= info) 38 | print_hash_list(); 39 | destroy_all(); 40 | exit(EXIT_SUCCESS); 41 | } 42 | 43 | void option_handler(int argc, char *argv[]) 44 | { 45 | static struct option long_options[] = 46 | { 47 | /* These options set a flag. */ 48 | {"local", no_argument, NULL, 'l'}, 49 | {"no-rain", no_argument, NULL, 'r'}, 50 | {"no-dict", no_argument, NULL, 'd'}, 51 | {"no-gpu", no_argument, NULL, 'g'}, 52 | {"no-cow", no_argument, NULL, 'C'}, 53 | {"no-john",no_argument, NULL, 'J'}, 54 | {"verbose", no_argument, NULL, 'v'}, 55 | {"quiet", no_argument, NULL, 'q'}, 56 | {"debug", no_argument, NULL, 'D'}, 57 | /* These options don't set a flag. */ 58 | {"hash", required_argument, NULL, 'H'}, 59 | {"type", required_argument, NULL, 't'}, 60 | {"infile", required_argument, NULL, 'i'}, 61 | {"outfile", required_argument, NULL, 'o'}, 62 | {"capture", required_argument, NULL, 'c'}, 63 | {"wordlist", required_argument, NULL, 'w'}, 64 | {"essid", required_argument, NULL, 'e'}, 65 | {"rt-root", required_argument, NULL, 'R'}, 66 | {"onlinedb", required_argument, NULL, 'O'}, 67 | 68 | {"help", no_argument, NULL, 'h'}, 69 | {NULL, no_argument, NULL, 0} 70 | }; 71 | 72 | int option_index, c; 73 | bool bad_option,exit_now; 74 | 75 | option_index = 0; 76 | exit_now = bad_option = false; 77 | c = getopt_long(argc, argv, "vqDH:t:i:o:c:w:e:R:O:hlrdgCJ", long_options, &option_index); 78 | if(c == -1) // no option given, threat as "--help" 79 | { 80 | usage(argv[0]); 81 | exit_now = true; 82 | } 83 | else 84 | { 85 | //parsing options, thus to handle special cases like help and print info without waste CPU time for other options. 86 | while(c!=-1 && bad_option==false && exit_now == false) 87 | { 88 | switch(c) 89 | { 90 | case 't': 91 | if( strlen(optarg) == 4 && (!strncmp(optarg,"list",4) || !strncmp(optarg,"LIST",4))) 92 | { 93 | exit_now = true; 94 | print_type_list(); 95 | } 96 | break; 97 | case 'h': 98 | usage(argv[0]); 99 | exit_now = true; 100 | break; 101 | case 'v': 102 | if( globals.log_level < verbose3 ) 103 | globals.log_level++; 104 | else if( globals.log_level == debug ) 105 | { 106 | report_error("already in debug mode.",0,0,warning); 107 | } 108 | else if( globals.log_level == verbose3 ) 109 | { 110 | report_error("maximum verbose level reached.",0,0,info); 111 | report_error("use --debug or -D if you want more output",0,0,info); 112 | } 113 | 114 | break; 115 | 116 | case 'q': 117 | if(globals.log_level > info) 118 | globals.log_level -= info; // keep the previous verbosity offset 119 | else 120 | globals.log_level = quiet; 121 | break; 122 | 123 | case 'D': 124 | globals.log_level = debug; 125 | break; 126 | case 'H': 127 | case 'i': 128 | case 'o': 129 | case 'c': 130 | case 'w': 131 | case 'e': 132 | case 'R': 133 | case 'l': 134 | case 'r': 135 | case 'd': 136 | case 'g': 137 | case 'O': 138 | case 'C': 139 | case 'J': 140 | case 0: 141 | break; 142 | default: 143 | bad_option = true; 144 | } 145 | c = getopt_long(argc, argv, "vqDH:t:i:o:c:w:e:R:O:hlrdgCJ", long_options, &option_index); 146 | } 147 | } 148 | 149 | if((exit_now | bad_option ) == false) 150 | { 151 | //ok, we will do something, start the network check thread. 152 | globals.tpool = malloc(sizeof(struct t_info)); 153 | pthread_create(&(globals.tpool->thread), NULL, P_online, NULL); 154 | 155 | optind = 1; 156 | c = getopt_long(argc, argv, "vqDH:t:i:o:c:w:e:R:O:hlrdgCJ", long_options, &option_index); 157 | while(c!=-1) 158 | { 159 | switch(c) 160 | { 161 | case 0: 162 | break; 163 | 164 | case 'H': 165 | add_hash(NONE,optarg); 166 | break; 167 | 168 | case 't': 169 | add_hash(P_type(optarg),NULL); 170 | break; 171 | 172 | case 'i': 173 | P_infile(optarg); 174 | break; 175 | 176 | case 'o': 177 | P_outfile(optarg); 178 | break; 179 | 180 | case 'c': 181 | P_capture(optarg); 182 | break; 183 | 184 | case 'w': 185 | P_wordlist(optarg); 186 | break; 187 | 188 | case 'e': 189 | P_essid(optarg); 190 | break; 191 | 192 | case 'R': 193 | if(globals.rain==true) 194 | P_rt_root(optarg); 195 | break; 196 | case 'O': 197 | if(globals.online == true) 198 | P_odb(optarg); 199 | break; 200 | 201 | case 'l': 202 | globals.online = false; 203 | report_error("switching OFF all online features.",0,0,verbose); 204 | break; 205 | 206 | case 'r': 207 | globals.rain = false; 208 | report_error("switching OFF rainbowtable features.",0,0,verbose); 209 | break; 210 | 211 | case 'd': 212 | globals.dict = false; 213 | report_error("switching OFF dictionary features.",0,0,verbose); 214 | break; 215 | 216 | case 'g': 217 | globals.gpu = false; 218 | report_error("switching OFF GPU features.",0,0,verbose); 219 | break; 220 | 221 | case 'C': 222 | if(globals.bins.cow!=NULL) 223 | free((void *) globals.bins.cow); 224 | globals.bins.cow = NULL; 225 | report_error("use this function only for testing.",0,0,warning); 226 | break; 227 | 228 | case 'J': 229 | if(globals.bins.jtr!=NULL) 230 | free((void *) globals.bins.jtr); 231 | globals.bins.jtr = NULL; 232 | report_error("use this function only for testing.",0,0,warning); 233 | break; 234 | } 235 | c = getopt_long(argc, argv, "vqDH:t:i:o:c:w:e:R:O:hlrdgCJ", long_options, &option_index); 236 | } 237 | //option check 238 | if((globals.rain == false && globals.dict == false && globals.online == false) || 239 | (globals.hash_list == NULL && globals.wpa_list == NULL )) 240 | { 241 | // parser functions have yet printed something, otherwise user have specified only flags options 242 | // cancel network check, we are going to exit 243 | if(pthread_kill(globals.tpool->thread,0) == 0) // thread is running 244 | pthread_cancel(globals.tpool->thread); 245 | bad_option = true; 246 | pthread_join(globals.tpool->thread,NULL); 247 | } 248 | else if(globals.online==false) // if user disable network features or a problem shut it off. 249 | { 250 | if(pthread_kill(globals.tpool->thread,0) == 0) // thread is running 251 | pthread_cancel(globals.tpool->thread); 252 | P_hash_list(); 253 | P_wpa_list(); 254 | P_defaults(); 255 | pthread_join(globals.tpool->thread,NULL); 256 | } 257 | else 258 | { 259 | // fix missing option and other stuff, stealing a little extra CPU time while online check finish 260 | P_hash_list(); 261 | P_wpa_list(); 262 | P_defaults(); 263 | 264 | for(option_index=0;pthread_kill(globals.tpool->thread,0) == 0 && option_indexthread); 270 | pthread_join(globals.tpool->thread,NULL); 271 | } 272 | else //network checker done, join and take errno 273 | { 274 | 275 | report(debug,"i've wait network check for %d ms",option_index); 276 | pthread_join(globals.tpool->thread, (void **) &option_index); 277 | } 278 | 279 | if(option_index!=0) 280 | { 281 | report_error("network check fails.",0,0,error); 282 | if(option_index == -1) 283 | report_error("failed to resolve IP for mom Google.",0,0,error); 284 | else 285 | { 286 | errno = option_index; 287 | report_error("parser_online()",1,0,warning); 288 | } 289 | report_error("switching OFF online features.",0,0,info); 290 | globals.online = false; 291 | } 292 | } 293 | free(globals.tpool); 294 | globals.tpool=NULL; 295 | } 296 | 297 | if(bad_option == true) 298 | { 299 | usage(argv[0]); 300 | destroy_all(); 301 | exit(EXIT_FAILURE); 302 | } 303 | else if(exit_now == true) 304 | { 305 | destroy_all(); 306 | exit(EXIT_SUCCESS); 307 | } 308 | return; 309 | } 310 | 311 | void usage(char *bin_name) 312 | { 313 | int i; 314 | char *developers[] = DEVELOPERS , 315 | *msg = 316 | "\nUsage:\t%s [-hHioOtcwReldDvq] options"/* executable name */ 317 | "\n " 318 | "\n option argument description" 319 | "\n ---------------+---------------+----------------------------------" 320 | "\n -h, --help none display this help" 321 | "\n -H, --hash HASH perform a single hash crack." 322 | "\n -t, --type TYPE specify the single hash type. give \"list\" for a list of supported hash." 323 | "\n -i, --infile FILE pass a hashlist file in format $TYPE$HASH." 324 | "\n -o, --oufile FILE write all founded passwrods and passpharses to FILE." 325 | "\n -c, --capture FILE tcpdump file which contains the wpa handshake." 326 | "\n -w, --wordlist FILE wordlist to use in dictionary attacks." 327 | "\n -R, --rt-root DIR rainbow table root directory." 328 | "\n -O, --onlinedb FILE database file for online attacks." 329 | "\n -e, --essid ESSID the essid of the AP." 330 | "\n -l, --local none disable online functions." 331 | "\n -r, --no-rain none disable rainbowtable attacks." 332 | "\n -d, --no-dict none disable dictionary attacks." 333 | "\n -g, --no-gpu none disable GPU features." 334 | "\n -q, --quiet none suppress all the output" 335 | "\n -D, --debug none enable debug output." 336 | "\n -v, --verbose none produce more output." 337 | "\n ---------------+---------------+----------------------------------" 338 | "\n %s - v%s - %s" /*PROGRAM_NAME - vVERSION - RELEASE_DATE*/ 339 | "\n " 340 | "\n NOTES:" 341 | "\n the option \"--essid\" is only required if you want to manually" 342 | "\n specify the access points to test." 343 | "\n if this option is not used we will parse the pcap files," 344 | "\n obtaining the valid ESSIDs." 345 | "\n " 346 | "\n Main developers:"; 347 | /*print help*/ 348 | printf(msg,basename(bin_name),PACKAGE,VERSION,RELEASE_DATE); 349 | for(i=0;developers[i] != NULL;i++) 350 | printf("\n\t\t%s",developers[i]); 351 | printf("\n"); 352 | } 353 | -------------------------------------------------------------------------------- /autocrack.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Autocrack - automatically crack everything throught CPU and GPU 3 | * Copyright (C) 2012 Massimo Dragano 4 | * 5 | * Autocrack is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * Autocrack is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with Autocrack. If not, see . 17 | */ 18 | 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | #include "common/common.c" 26 | #include "parser/parser.c" 27 | #include "engine/engine.c" 28 | 29 | //defines 30 | #define DEVELOPERS { \ 31 | "massimo dragano - massimo.dragano@gmail.com",\ 32 | NULL } 33 | #define RELEASE_DATE "04 jun 2012" 34 | 35 | 36 | //prototypes 37 | void option_handler(int,char**); 38 | void usage(char*); 39 | 40 | -------------------------------------------------------------------------------- /common/common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Autocrack - automatically crack everything throught CPU and GPU 3 | * Copyright (C) 2012 Massimo Dragano 4 | * 5 | * Autocrack is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * Autocrack is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with Autocrack. If not, see . 17 | */ 18 | 19 | #include 20 | #ifdef HAVE_CONFIG_H 21 | # include "config.h" 22 | # ifndef HAVE_FNMATCH 23 | # error "this system havn't fnmatch.h" 24 | # endif 25 | # ifndef HAVE_WORKING_FORK 26 | # error "this system havn't fork() O_o" 27 | # endif 28 | # if HAVE_MALLOC != 1 29 | # error "this system havn't malloc() O_o" 30 | # endif 31 | # if HAVE_REALLOC != 1 32 | # error "this system havn't realloc() O_o" 33 | # endif 34 | # ifndef HAVE_DIRENT_H 35 | # error "this system havn't dirent.h" 36 | # endif 37 | # ifndef HAVE_SYS_TYPES_H 38 | # error "this system havn't sys/types.h O_o" 39 | # endif 40 | # ifndef HAVE_NETINET_IN_H 41 | # error "this system havn't netinet/in.h" 42 | # endif 43 | # ifndef HAVE_NETDB_H 44 | # error "this system havn't netdb.h" 45 | # endif 46 | # ifndef HAVE_STDBOOL_H 47 | # ifndef HAVE__BOOL 48 | # ifdef __cplusplus 49 | typedef bool _Bool; 50 | # else 51 | # define _Bool signed char 52 | # endif 53 | # endif 54 | # define bool _Bool 55 | # define false 0 56 | # define true 1 57 | # else 58 | # include 59 | # endif 60 | # ifndef STDC_HEADERS 61 | # error "this system havn't string.h O_o" 62 | # endif 63 | # ifndef HAVE_UNISTD_H 64 | # error "this system havn't unistd.h ( maybe windows ? )" 65 | # endif 66 | # ifndef HAVE_SYS_WAIT_H 67 | # error "this system havn't sys/wait.h" 68 | # endif 69 | # ifdef TIME_WITH_SYS_TIME 70 | # include 71 | # include 72 | # else 73 | # ifdef HAVE_SYS_TIME_H 74 | # include 75 | # else 76 | # include 77 | # endif 78 | # endif 79 | # ifdef HAVE_TERMIOS_H 80 | # include 81 | # elifndef GWINSZ_IN_SYS_IOCTL 82 | # error "this system havn't TIOCGWINSZ" 83 | # endif 84 | # ifndef HAVE_SYS_SOCKET_H 85 | # error "this system havn't sys/socket.h O_o" 86 | # endif 87 | # ifndef HAVE_REGEX_H 88 | # error "this system havn't regex.h" 89 | # endif 90 | # ifndef HAVE_STDLIB_H 91 | # error "this system havn't stdlib.h O_o" 92 | # endif 93 | # ifndef HAVE_STRING_H 94 | # error "this system havn't string.h O_o" 95 | # endif 96 | # ifndef HAVE_LIBCURL 97 | # error "this system havn't libcurl installed" 98 | # endif 99 | # ifndef HAVE_LIBCRYPTO 100 | # error "this system havn't crypto libs" 101 | # endif 102 | # ifndef HAVE_LIBPTHREAD 103 | # error "this system havn't pthread.h O_o" 104 | # endif 105 | # ifdef STAT_MACROS_BROKEN 106 | # error "bad stat macros. ( Tektronix UTekV, Amdahl UTS and Motorola System V/88 )" 107 | # endif 108 | #elif defined(BINS) 109 | # warning "no config.h, but ssems that required macros exist...keep going.." 110 | #else 111 | # error "no config.h, ./configure script not executed or failed." 112 | #endif/* HAVE_CONFIG_H */ 113 | 114 | 115 | #include 116 | #include 117 | #include 118 | #include 119 | #include 120 | #include 121 | #include 122 | #include 123 | #include 124 | #include 125 | #include 126 | #include 127 | #include 128 | #include 129 | #include 130 | #include 131 | #include 132 | #include 133 | #ifdef HAVE_LIBMAGIC 134 | #include 135 | #endif 136 | #include 137 | #include 138 | #include 139 | #include 140 | #include 141 | #ifdef _WIN32 142 | #include "conio.h" 143 | #endif 144 | #include "crypto.c" 145 | 146 | #define MAX_BUFF (PATH_MAX) 147 | #define MAX_LINE 255 148 | #define MAX_HASH 1024 149 | #define MAX_ODB 50 150 | #define MAX_ODB_T 10 // maximum fields to POST 151 | #define ODB_HEAD 4 // number of header's line in the file 152 | #define ODB_SEP "--" 153 | #define ODB_SKIP_RGX "^[ \t]*#" 154 | #define ODB_SKIP_CHR '#' 155 | #define ODB_HASH_UP "_HASH_" 156 | #define ODB_HASH_DN "_hash_" 157 | #define ODB_TYPE_UP "_TYPE_" 158 | #define ODB_TYPE_DN "_type_" 159 | #define CURL_TIMEOUT 40 160 | #define NET_CHK_TIMEOUT 15000 // ms 161 | #define BOT_RETRY 3 162 | #define WORK_RATIO 2.0 // (work for GPU) / (work for cpu) 163 | #define TKILL_TIMEOUT 100 // ms 164 | #ifndef DEF_RT_ROOT 165 | #define DEF_RT_ROOT "rt" 166 | #endif 167 | #ifndef DEF_WRDLST 168 | #define DEF_WRDLST "wordlist" 169 | #endif 170 | #ifndef DEF_ODB 171 | #define DEF_ODB "online.db" 172 | #endif 173 | #ifndef MAX_THREADS 174 | #define MAX_THREADS 20 175 | #endif 176 | #ifndef NULL_FILE 177 | #define NULL_FILE "/dev/null" 178 | #endif 179 | 180 | enum _log_level 181 | { 182 | quiet, 183 | error, 184 | warning, 185 | info, 186 | verbose, 187 | verbose2, 188 | verbose3, 189 | debug 190 | }; 191 | 192 | #define N_TYPE 11 193 | 194 | enum _type 195 | { 196 | NONE, 197 | LM, 198 | md5, 199 | MYSQL3, 200 | MYSQL, 201 | NT, 202 | sha1, // ...must use lowercase here, 203 | sha256, // or openssl will joke you. 204 | sha384, 205 | sha512, 206 | UNKNOWN 207 | }; 208 | 209 | static const char* type_str[] = 210 | { 211 | "NONE", 212 | "LM", 213 | "MD5", 214 | "MYSQL3", 215 | "MYSQL", 216 | "NT", 217 | "SHA1", 218 | "SHA256", 219 | "SHA384", 220 | "SHA512", 221 | "UNKNOWN" 222 | }; 223 | 224 | static const char* type_rgx[] = 225 | { 226 | ".*", 227 | "^[0-9A-Fa-f]{32}$", 228 | "^[0-9A-Fa-f]{32}$", 229 | "^[0-9A-Fa-f]{16}$", 230 | "^[0-9A-Fa-f]{40}$", 231 | "^[0-9A-Fa-f]{32}$", 232 | "^[0-9A-Fa-f]{40}$", 233 | "^[0-9A-Fa-f]{64}$", 234 | "^[0-9A-Fa-f]{98}$", 235 | "^[0-9A-Fa-f]{128}$", 236 | ".*" 237 | }; 238 | 239 | /* type codes for hashcat */ 240 | char *types_hc_codes[] = 241 | { 242 | NULL, // NONE 243 | NULL, // LM ( not supported ) 244 | "0", // MD5 245 | NULL, // MYSQL3 ( not supported ) 246 | "300", // MYSQL 247 | "1000", // NTLM 248 | "100", // SHA1 249 | "1400", // SHA256 250 | NULL, // SHA384 ( not supported ) 251 | NULL, // SHA512 ( not supported ) 252 | NULL // UNKNOWN 253 | }; 254 | 255 | /* type codes for john the ripper */ 256 | char *types_john_codes[] = 257 | { 258 | NULL, // NONE 259 | "LM", // LM 260 | "raw-md5", // MD5 - TODO: must add at least md5(md5(pass)) and md5(pass.salt) and md5(md5(pass).salt) 261 | "mysql", // MYSQL3 ( not supported ) 262 | "mysql-sha1", // MYSQL 263 | "NT", // NTLM 264 | "raw-sha1", // SHA1 265 | NULL, // SHA256 ( not supported ) 266 | NULL, // SHA384 ( not supported ) 267 | NULL, // SHA512 ( not supported ) 268 | NULL // UNKNOWN 269 | }; 270 | 271 | enum _word_mode { delete, cpu, gpu, compute }; // used for make_wordlist 272 | enum _state { done, running, waiting, parsed, killed }; // thread status 273 | 274 | typedef struct _hash 275 | { 276 | unsigned int id; 277 | enum _type type; 278 | char *hash,*plain; 279 | pthread_mutex_t lock; 280 | struct _hash *next; 281 | } _hash; 282 | 283 | // hashcat capture structure 284 | typedef struct 285 | { 286 | char essid[36]; 287 | 288 | unsigned char mac1[6]; 289 | unsigned char mac2[6]; 290 | unsigned char nonce1[32]; 291 | unsigned char nonce2[32]; 292 | 293 | unsigned char eapol[256]; 294 | int eapol_size; 295 | 296 | int keyver; 297 | unsigned char keymic[16]; 298 | 299 | } hccap_t; 300 | 301 | typedef struct _wpa 302 | { 303 | unsigned int id; 304 | char *essid,*key,*genpmk; 305 | bool manual; 306 | hccap_t *hccap; 307 | struct _wpa *next; 308 | }_wpa; 309 | 310 | struct t_info 311 | { 312 | const char *bin,*outfile; 313 | pthread_t thread; 314 | enum _state state; 315 | struct _hlist { _hash *hash; struct _hlist *next; } *hlist; 316 | struct _wlist { _wpa *wpa; struct _wlist *next; } *wlist; 317 | pthread_mutex_t lock; 318 | struct t_info *next; 319 | }; 320 | 321 | struct _bins 322 | { 323 | char *jtr, 324 | *cow, 325 | *oclhashcat, 326 | *pyrit, 327 | *rcrack; 328 | }; 329 | 330 | // odb tuple 331 | typedef struct _odb_t 332 | { 333 | const char *name,*value; 334 | struct _odb_t *next; 335 | } odb_t; 336 | 337 | enum _method {GET,POST}; 338 | 339 | // odb type binding 340 | typedef struct _odb_type 341 | { 342 | enum _type type; 343 | const char *value; 344 | struct _odb_type *next; 345 | } odb_type; 346 | 347 | // defining online_db struct 348 | typedef struct _odb 349 | { 350 | const char *host,*file,*patrn,*detected; 351 | enum _method method; 352 | odb_type *types; 353 | odb_t *tuples; 354 | pthread_t thread; // the thread that is using this host 355 | struct _odb *next; 356 | } odb; 357 | 358 | struct _globals { 359 | enum _log_level log_level; 360 | bool online,rain,dict,gpu; 361 | char *err_buff; 362 | const char *essid,*rt_root,*outfile,*pcap,*wordlist,*hccap; 363 | struct _bins bins; 364 | struct _wpa *wpa_list; 365 | odb *odb; 366 | _hash *hash_list; 367 | struct t_info *tpool; 368 | }; 369 | 370 | #define regexpn(s,r,n) (w_regexp((s),(r),(n+1),__FILE__,__LINE__,__func__)) 371 | #define regexp(s,r) (w_regexp((s),(r),1,__FILE__,__LINE__,__func__)) 372 | #define unbind_hash(h) (w_unbind_h_w((h),NULL,__FILE__,__LINE__)) 373 | #define unbind_wpa(w) (w_unbind_h_w(NULL,(w),__FILE__,__LINE__)) 374 | #define wpa_write_out(w) (w_write_out(NULL,(w),__FILE__,__LINE__,__func__)) 375 | #define hash_write_out(h) (w_write_out((h),NULL,__FILE__,__LINE__,__func__)) 376 | #define fflush(s) ({if(isatty(fileno((s)))){fflush((s));}}) 377 | 378 | // prototypes 379 | void destroy_all(); 380 | void *engine_malloc(size_t, const char *, int); 381 | void engine_del_opt(); 382 | 383 | // pthread mutexes 384 | pthread_mutex_t pool_lock; 385 | 386 | 387 | // internal online database 388 | odb internal_odb = 389 | (odb) 390 | { 391 | "www.onlinehashcrack.com","free-hash-reverse.php", 392 | ".*Plain text :[^>]*>([^<]*)<.*","Slow down little bot.", 393 | POST, 394 | &(odb_type){md5,NULL, 395 | &(odb_type){MYSQL,NULL, 396 | &(odb_type){NT,NULL, 397 | &(odb_type){sha1,NULL,NULL} 398 | } 399 | } 400 | }, 401 | &(odb_t){"hashToSearch",ODB_HASH_UP, 402 | &(odb_t){"searchHash","Search",NULL} 403 | }, 404 | 0, 405 | &(odb){ 406 | "www.tobtu.com","md5.php", 407 | "[A-Fa-f0-9]{32}:[^:]+:(.+)","Exceeded rate limit try again later.", 408 | GET, 409 | &(odb_type){md5,NULL,NULL}, 410 | &(odb_t){"h",ODB_HASH_UP,NULL}, 411 | 0, 412 | &(odb){ 413 | "www.netmd5crack.com","cgi-bin/Crack.py", 414 | "Plain Text:.+[a-fA-F0-9]{32}.+border>(.+)([^<]+)",NULL, 422 | POST, 423 | &(odb_type){md5,NULL, 424 | &(odb_type){MYSQL3,"mysql", 425 | &(odb_type){MYSQL,"mysql5", 426 | &(odb_type){NT,"NTLM", 427 | &(odb_type){sha1,NULL, 428 | &(odb_type){sha256,NULL,NULL} 429 | } 430 | } 431 | } 432 | } 433 | }, 434 | &(odb_t){"ctl00$ContentPlaceHolder1$TextBoxInput",ODB_HASH_DN, 435 | &(odb_t){"ctl00$ContentPlaceHolder1$InputHashType",ODB_TYPE_DN,NULL} 436 | }, 437 | 0, 438 | &(odb){ 439 | "tools.benramsey.com","md5/md5.php", 440 | "","SLOW DOWN COWBOY!", 441 | GET, 442 | &(odb_type){md5,NULL,NULL}, 443 | &(odb_t){"hash",ODB_HASH_DN,NULL}, 444 | 0, 445 | &(odb){ 446 | "md5.gromweb.com","", 447 | "name=\"string\" value=\"([^\"]+)\" id=\"form_string\"","You made too many queries.", 448 | GET, 449 | &(odb_type){md5,NULL,NULL}, 450 | &(odb_t){"md5",ODB_HASH_DN,NULL}, 451 | 0, 452 | &(odb){ 453 | "md5.hashcracking.com","search.php", 454 | "Cleartext of [a-f0-9]{32} is (.+)",NULL, 455 | GET, 456 | &(odb_type){md5,NULL,NULL}, 457 | &(odb_t){"md5",ODB_HASH_DN,NULL}, 458 | 0, 459 | &(odb){ 460 | "md5.thekaine.de","", 461 | "

not found|

([^<]+)",NULL, 462 | GET, 463 | &(odb_type){md5,NULL,NULL}, 464 | &(odb_t){"hash",ODB_HASH_DN,NULL}, 465 | 0, 466 | &(odb){ 467 | "md5.my-addr.com","md5_decrypt-md5_cracker_online/md5_decoder_tool.php", 468 | "class='middle_title'>Hashed string: ([^<]+)",NULL, 469 | POST, 470 | &(odb_type){md5,NULL,NULL}, 471 | &(odb_t){"md5",ODB_HASH_DN,NULL}, 472 | 0, 473 | &(odb){ 474 | "md5pass.info","", 475 | "Password - ([^<]+)",NULL, 476 | POST, 477 | &(odb_type){md5,NULL,NULL}, 478 | &(odb_t){"hash",ODB_HASH_DN, 479 | &(odb_t){"get_pass","Get+Pass",NULL} 480 | }, 481 | 0, 482 | &(odb){ 483 | "md5decryption.com","", 484 | "Decrypted Text: ([^<]+)",NULL, 485 | POST, 486 | &(odb_type){md5,NULL,NULL}, 487 | &(odb_t){"hash",ODB_HASH_DN, 488 | &(odb_t){"submit","Descypt+It%21",NULL} 489 | }, 490 | 0, 491 | &(odb){ 492 | "md5crack.com","crackmd5.php", 493 | "Found: md5\\(\"(.+)\"\\) = [a-f0-9]{32}",NULL, 494 | POST, 495 | &(odb_type){md5,NULL,NULL}, 496 | &(odb_t){"term",ODB_HASH_DN, 497 | &(odb_t){"crackbtn","Crack+that+hash+baby%21",NULL} 498 | }, 499 | 0, 500 | &(odb){ 501 | "md5online.net","", 502 | "[a-f0-9]{32}
pass : (.+)

",NULL, 503 | POST, 504 | &(odb_type){md5,NULL,NULL}, 505 | &(odb_t){"pass",ODB_HASH_DN, 506 | &(odb_t){"option","hash2text", 507 | &(odb_t){"send","Submit",NULL} 508 | } 509 | }, 510 | 0, 511 | &(odb){ 512 | "md5-decrypter.com","", 513 | "Decrypted text:[ \n]+(.+)",NULL, 514 | POST, 515 | &(odb_type){md5,NULL,NULL}, 516 | &(odb_t){"data[Row][cripted]",ODB_HASH_DN,NULL}, 517 | 0, 518 | &(odb){ 519 | "www.authsecu.com","decrypter-dechiffrer-cracker-hash-md5/script-hash-md5.php", 520 | "correspondante :

[ \n\t]+

(.+)

"," cutions du script dans le temps imparti.", 521 | POST, 522 | &(odb_type){md5,NULL,NULL}, 523 | &(odb_t){"valeur_bouton","dechiffrage", 524 | &(odb_t){"champ1","", 525 | &(odb_t){"champ2",ODB_HASH_DN,NULL} 526 | } 527 | }, 528 | 0, 529 | &(odb){ 530 | "objectif-securite.ch","products.php", 531 | "Password:Not found !|Password:(.+)",NULL, 532 | GET, 533 | &(odb_type){LM,NULL, 534 | &(odb_type){NT,NULL,NULL} 535 | }, 536 | &(odb_t){"hash",ODB_HASH_DN,NULL}, 537 | 0, 538 | &(odb){ 539 | "md5.rednoize.com","", 540 | "(.+)",NULL, 541 | GET, 542 | &(odb_type){md5,NULL, 543 | &(odb_type){sha1,NULL,NULL} 544 | }, 545 | &(odb_t){"p","", 546 | &(odb_t){"s",ODB_TYPE_DN, 547 | &(odb_t){"q",ODB_HASH_DN,NULL} 548 | } 549 | }, 550 | 0, 551 | &(odb){ 552 | "hashchecker.com","index.php", 553 | "
  • Your md5 hash is :
  • [a-f0-9]{32} is (.+) used charlist",NULL, 554 | POST, 555 | &(odb_type){md5,NULL,NULL}, 556 | &(odb_t){"search_field",ODB_HASH_DN, 557 | &(odb_t){"Submit","search",NULL} 558 | }, 559 | 0, 560 | &(odb){ 561 | "joomlaaa.com","component/option,com_md5/Itemid,31/", 562 | "Equivelant[ \n]*not available|Equivelant[ \n]*(.+)",NULL, 563 | POST, 564 | &(odb_type){md5,NULL,NULL}, 565 | &(odb_t){"md5",ODB_HASH_DN, 566 | &(odb_t){"decode","Submit",NULL} 567 | }, 568 | 0, 569 | &(odb){ 570 | "_type_-lookup.com","index.php", 571 | "(.+)[ \n\t]+[a-f0-9]+",NULL, 572 | GET, 573 | &(odb_type){md5,NULL, 574 | &(odb_type){sha1,NULL, 575 | &(odb_type){sha256,"sha-256.sha1",NULL} 576 | } 577 | }, 578 | &(odb_t){"q",ODB_HASH_DN,NULL}, 579 | 0, 580 | &(odb){ 581 | "md5.myinfosec.net","md5.php", 582 | "
    [a-f0-9]{32}:(.+)
    ",NULL, 583 | POST, 584 | &(odb_type){md5,NULL,NULL}, 585 | &(odb_t){"md5hash",ODB_HASH_DN,NULL}, 586 | 0, 587 | &(odb){ 588 | "md5.net","cracker.php", 589 | "Result:
    [ \n\t]+",NULL, 590 | POST, 591 | &(odb_type){md5,NULL,NULL}, 592 | &(odb_t){"hash",ODB_HASH_DN,NULL}, 593 | 0, 594 | &(odb){ 595 | "md5.noisette.ch","index.php", 596 | "[a-f0-9]{32}\" = md5\\(\"(.+)\"\\)",NULL, 597 | GET, 598 | &(odb_type){md5,NULL,NULL}, 599 | &(odb_t){"hash",ODB_HASH_DN,NULL}, 600 | 0, 601 | &(odb){ 602 | "md5hood.com","index.php/cracker/crack", 603 | "
    (.+)
    ",NULL, 604 | POST, 605 | &(odb_type){md5,NULL,NULL}, 606 | &(odb_t){"md5",ODB_HASH_DN, 607 | &(odb_t){"submit","Go",NULL} 608 | }, 609 | 0, 610 | &(odb){ 611 | "www.stringfunction.com","_type_-decrypter.html", 612 | "",NULL, 613 | POST, 614 | &(odb_type){md5,NULL, 615 | &(odb_type){sha1,NULL,NULL} 616 | }, 617 | &(odb_t){"string",ODB_HASH_DN, 618 | &(odb_t){"submit","Decrypt", 619 | &(odb_t){"result","",NULL} 620 | } 621 | }, 622 | 0, 623 | &(odb){ 624 | "https://goog.li","", 625 | "plaintext(.+)",NULL,// not checked, SSL + wireshark = not good. 626 | GET, 627 | &(odb_type){md5,"", 628 | &(odb_type){MYSQL,"*", 629 | &(odb_type){MYSQL3,"", 630 | &(odb_type){NT,"", 631 | &(odb_type){sha1,"", 632 | &(odb_type){sha256,"", 633 | &(odb_type){sha384,"", 634 | &(odb_type){sha512,"",NULL} 635 | } 636 | } 637 | } 638 | } 639 | } 640 | } 641 | }, 642 | &(odb_t){"q",ODB_TYPE_DN ODB_HASH_DN,NULL}, 643 | 0, 644 | NULL 645 | } 646 | } 647 | } 648 | } 649 | } 650 | } 651 | } 652 | } 653 | } 654 | } 655 | } 656 | } 657 | } 658 | } 659 | } 660 | } 661 | } 662 | } 663 | } 664 | } 665 | } 666 | } 667 | } 668 | } 669 | } 670 | }; 671 | 672 | -------------------------------------------------------------------------------- /common/common_macro.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Autocrack - automatically crack everything throught CPU and GPU 3 | * Copyright (C) 2012 Massimo Dragano 4 | * 5 | * Autocrack is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * Autocrack is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with Autocrack. If not, see . 17 | */ 18 | 19 | #define socket(domain, type, protocol) (w_socket((domain),(type),(protocol),__FILE__,__LINE__)) 20 | #define listen(sockfd, backlog) (w_listen((sockfd),(backlog),__FILE__,__LINE__)) 21 | #define bind(sockfd, addr, len) (w_bind((sockfd),(addr),(len),__FILE__,__LINE__)) 22 | #define malloc(bytes) (w_malloc((bytes),__FILE__,__LINE__)) 23 | #define report_error(msg,p,f,l) (w_report_error((msg),__FILE__,__LINE__,__func__,(p),(f),(l))) 24 | #define add_hash(type,hash) (w_add_hash((type),(hash),__FILE__,__LINE__)) 25 | #define del_hash(h) (w_del_hash((h),__FILE__,__LINE__)) 26 | #define get_mime(f) (w_get_mime((f),__FILE__,__LINE__)) 27 | #define argcpy(d,s,l) (w_argcpy((d),(s),(l),__func__,__FILE__,__LINE__)) 28 | #define str2low(s) (w_str2low((s),__FILE__,__LINE__)) 29 | #define str2up(s) (w_str2up((s),__FILE__,__LINE__)) 30 | #define add_odb_t(l,a,e) (w_add_odb_t((l),(a),(e))) 31 | #define add_odb_type(l,a) (w_add_odb_type((l),(a))) 32 | #define fgets_fix(s) (w_fgets_fix((s),__FILE__,__LINE__,__func__)) 33 | #define prog_wait(a,f,w) (w_prog_call((a),(f),(w),__FILE__,__LINE__)) 34 | #define prog_call(a,f) (w_prog_call((a),(f),NULL,__FILE__,__LINE__)) 35 | #define make_hash_file(t) (w_make_hash_file((t),__FILE__,__LINE__,__func__)) 36 | #define make_wordlist(m) (w_make_wordlist((m),__FILE__,__LINE__)) 37 | #define get_full_path(f) (w_get_full_path((f),__FILE__,__LINE__,__func__)) 38 | #define tmpnam(s) (w_tmpnam((s),__FILE__,__LINE__,__func__)) 39 | #define add_wpa(e,h) (w_add_wpa((e),(h),__FILE__,__LINE__)) 40 | #define add_wpa_key(t,k) (w_add_wpa_key((t),(k),__FILE__,__LINE__)) 41 | #define bind_thr2hash(t,h) (w_bind_thr((t),NULL,NONE,(h),__FILE__,__LINE__)) 42 | #define bind_thr2htype(t,ht) (w_bind_thr((t),NULL,(ht),NULL,__FILE__,__LINE__)) 43 | #define bind_thr2wpa(t,w) (w_bind_thr((t),(w),NONE,NULL,__FILE__,__LINE__)) 44 | #define unbind_thr(t) (w_unbind_thr((t))) 45 | #define add_hash_plain(h,hsh,t,p) (w_add_hash_plain((h),(hsh),(t),(p),__FILE__,__LINE__)) 46 | #define report(log, form, arg...) (w_report_error(globals.err_buff,__FILE__,__LINE__,__func__,(snprintf(globals.err_buff,MAX_BUFF,form,##arg)) & 0,0,(log))) 47 | #define odb_sub_str(s,t,h,l) (w_odb_sub_str((s),(t),(h),(l),__FILE__,__LINE__)) 48 | -------------------------------------------------------------------------------- /common/conio.h: -------------------------------------------------------------------------------- 1 | /* conio.h 2 | 3 | Direct MSDOS console input/output. 4 | 5 | Copyright (c) 1987, 1992 by Borland International 6 | All Rights Reserved. 7 | 8 | Modified by [massimo.dragano@gmail.com] for [crack_server]. 9 | All Rights Released. ;) 10 | */ 11 | 12 | #if !defined(__CONIO_H) 13 | #define __CONIO_H 14 | 15 | #if !defined(___DEFS_H) 16 | #include <_defs.h> 17 | #endif 18 | 19 | #if !defined(_Windows) 20 | 21 | #define _NOCURSOR 0 22 | #define _SOLIDCURSOR 1 23 | #define _NORMALCURSOR 2 24 | 25 | struct text_info { 26 | unsigned char winleft; 27 | unsigned char wintop; 28 | unsigned char winright; 29 | unsigned char winbottom; 30 | unsigned char attribute; 31 | unsigned char normattr; 32 | unsigned char currmode; 33 | unsigned char screenheight; 34 | unsigned char screenwidth; 35 | unsigned char curx; 36 | unsigned char cury; 37 | }; 38 | 39 | enum text_modes { LASTMODE=-1, BW40=0, C40, BW80, C80, MONO=7, C4350=64 }; 40 | 41 | #if !defined(__COLORS) 42 | #define __COLORS 43 | 44 | enum COLORS { 45 | BLACK, /* dark colors */ 46 | BLUE, 47 | GREEN, 48 | CYAN, 49 | RED, 50 | MAGENTA, 51 | BROWN, 52 | LIGHTGRAY, 53 | DARKGRAY, /* light colors */ 54 | LIGHTBLUE, 55 | LIGHTGREEN, 56 | LIGHTCYAN, 57 | LIGHTRED, 58 | LIGHTMAGENTA, 59 | YELLOW, 60 | WHITE 61 | }; 62 | #endif 63 | 64 | #define BLINK 128 /* blink bit */ 65 | 66 | extern int _Cdecl directvideo; 67 | extern int _Cdecl _wscroll; 68 | 69 | #endif /* !_Windows */ 70 | 71 | #ifdef __cplusplus 72 | extern "C" { 73 | #endif 74 | 75 | void _Cdecl clreol( void ); 76 | void _Cdecl clrscr( void ); 77 | void _Cdecl gotoxy( int __x, int __y ); 78 | int _Cdecl wherex( void ); 79 | int _Cdecl wherey( void ); 80 | int _Cdecl getch( void ); 81 | int _Cdecl getche( void ); 82 | int _Cdecl kbhit( void ); 83 | int _Cdecl putch( int __c ); 84 | 85 | #ifndef _PORT_DEFS 86 | unsigned char _Cdecl inportb( unsigned __portid ); 87 | unsigned _Cdecl inport ( unsigned __portid ); 88 | int _Cdecl inp( unsigned __portid ); 89 | unsigned _Cdecl inpw( unsigned __portid ); 90 | void _Cdecl outportb( unsigned __portid, unsigned char __value ); 91 | void _Cdecl outport ( unsigned __portid, unsigned __value ); 92 | int _Cdecl outp( unsigned __portid, int __value ); 93 | unsigned _Cdecl outpw( unsigned __portid, unsigned __value ); 94 | #endif /* !_PORT_DEFS */ 95 | 96 | #if !defined(_Windows) 97 | 98 | void _Cdecl delline( void ); 99 | int _Cdecl gettext( int __left, int __top, 100 | int __right, int __bottom, 101 | void *__destin); 102 | void _Cdecl gettextinfo (struct text_info *__r ); 103 | void _Cdecl highvideo( void ); 104 | void _Cdecl insline( void ); 105 | void _Cdecl lowvideo( void ); 106 | int _Cdecl movetext( int __left, int __top, 107 | int __right, int __bottom, 108 | int __destleft, int __desttop ); 109 | void _Cdecl normvideo( void ); 110 | int _Cdecl puttext( int __left, int __top, 111 | int __right, int __bottom, 112 | void *__source ); 113 | void _Cdecl textattr( int __newattr ); 114 | void _Cdecl textbackground( int __newcolor ); 115 | void _Cdecl textcolor( int __newcolor ); 116 | void _Cdecl textmode( int __newmode ); 117 | void _Cdecl window( int __left, int __top, int __right, int __bottom); 118 | 119 | void _Cdecl _setcursortype( int __cur_t ); 120 | char * _Cdecl cgets( char *__str ); 121 | int _Cdecl cprintf( const char *__format, ... ); 122 | int _Cdecl cputs( const char *__str ); 123 | int _Cdecl cscanf( const char *__format, ... ); 124 | char * _Cdecl getpass( const char *__prompt ); 125 | int _Cdecl ungetch( int __ch ); 126 | 127 | #endif /* !_Windows */ 128 | 129 | #ifndef _PORT_DEFS 130 | #define _PORT_DEFS 131 | 132 | /* These are in-line functions. These prototypes just clean up 133 | some syntax checks and code generation. 134 | */ 135 | unsigned char _Cdecl __inportb__ (unsigned __portid); 136 | unsigned _Cdecl __inportw__ (unsigned __portid); 137 | unsigned char _Cdecl __outportb__(unsigned __portid, unsigned char __value); 138 | unsigned _Cdecl __outportw__(unsigned __portid, unsigned __value); 139 | 140 | #define inportb(__portid) __inportb__(__portid) 141 | #define outportb(__portid, __value) ((void) __outportb__(__portid, __value)) 142 | #define inport(__portid) __inportw__(__portid) 143 | #define outport(__portid, __value) ((void) __outportw__(__portid, __value)) 144 | 145 | /* MSC-compatible macros for port I/O */ 146 | #define inp(__portid) __inportb__ (__portid) 147 | #define outp(__portid, __value) __outportb__(__portid, (unsigned char)__value) 148 | #define inpw(__portid) __inportw__ (__portid) 149 | #define outpw(__portid, __value) __outportw__(__portid, __value) 150 | 151 | #endif /* _PORT_DEFS */ 152 | 153 | /* starting custom conio.h */ 154 | 155 | #define NULL_FILE "nul" 156 | 157 | void usleep(int waitTime){ 158 | __int64 time1 = 0, time2 = 0, sysFreq = 0; 159 | 160 | QueryPerformanceCounter((LARGE_INTEGER *)&time1); 161 | QueryPerformanceFrequency((LARGE_INTEGER *)&freq); 162 | do{ 163 | QueryPerformanceCounter((LARGE_INTEGER *)&time2); 164 | 165 | // }while((((time2-time1)*1.0)/sysFreq)> 29); 107 | d += (c ^ (a & (b ^ c))) + nt_buffer[1] ;d = (d << 7 ) | (d >> 25); 108 | c += (b ^ (d & (a ^ b))) + nt_buffer[2] ;c = (c << 11) | (c >> 21); 109 | b += (a ^ (c & (d ^ a))) + nt_buffer[3] ;b = (b << 19) | (b >> 13); 110 | 111 | a += (d ^ (b & (c ^ d))) + nt_buffer[4] ;a = (a << 3 ) | (a >> 29); 112 | d += (c ^ (a & (b ^ c))) + nt_buffer[5] ;d = (d << 7 ) | (d >> 25); 113 | c += (b ^ (d & (a ^ b))) + nt_buffer[6] ;c = (c << 11) | (c >> 21); 114 | b += (a ^ (c & (d ^ a))) + nt_buffer[7] ;b = (b << 19) | (b >> 13); 115 | 116 | a += (d ^ (b & (c ^ d))) + nt_buffer[8] ;a = (a << 3 ) | (a >> 29); 117 | d += (c ^ (a & (b ^ c))) + nt_buffer[9] ;d = (d << 7 ) | (d >> 25); 118 | c += (b ^ (d & (a ^ b))) + nt_buffer[10] ;c = (c << 11) | (c >> 21); 119 | b += (a ^ (c & (d ^ a))) + nt_buffer[11] ;b = (b << 19) | (b >> 13); 120 | 121 | a += (d ^ (b & (c ^ d))) + nt_buffer[12] ;a = (a << 3 ) | (a >> 29); 122 | d += (c ^ (a & (b ^ c))) + nt_buffer[13] ;d = (d << 7 ) | (d >> 25); 123 | c += (b ^ (d & (a ^ b))) + nt_buffer[14] ;c = (c << 11) | (c >> 21); 124 | b += (a ^ (c & (d ^ a))) + nt_buffer[15] ;b = (b << 19) | (b >> 13); 125 | 126 | /* Round 2 */ 127 | a += ((b & (c | d)) | (c & d)) + nt_buffer[0] +sqrt2; a = (a<<3 ) | (a>>29); 128 | d += ((a & (b | c)) | (b & c)) + nt_buffer[4] +sqrt2; d = (d<<5 ) | (d>>27); 129 | c += ((d & (a | b)) | (a & b)) + nt_buffer[8] +sqrt2; c = (c<<9 ) | (c>>23); 130 | b += ((c & (d | a)) | (d & a)) + nt_buffer[12]+sqrt2; b = (b<<13) | (b>>19); 131 | 132 | a += ((b & (c | d)) | (c & d)) + nt_buffer[1] +sqrt2; a = (a<<3 ) | (a>>29); 133 | d += ((a & (b | c)) | (b & c)) + nt_buffer[5] +sqrt2; d = (d<<5 ) | (d>>27); 134 | c += ((d & (a | b)) | (a & b)) + nt_buffer[9] +sqrt2; c = (c<<9 ) | (c>>23); 135 | b += ((c & (d | a)) | (d & a)) + nt_buffer[13]+sqrt2; b = (b<<13) | (b>>19); 136 | 137 | a += ((b & (c | d)) | (c & d)) + nt_buffer[2] +sqrt2; a = (a<<3 ) | (a>>29); 138 | d += ((a & (b | c)) | (b & c)) + nt_buffer[6] +sqrt2; d = (d<<5 ) | (d>>27); 139 | c += ((d & (a | b)) | (a & b)) + nt_buffer[10]+sqrt2; c = (c<<9 ) | (c>>23); 140 | b += ((c & (d | a)) | (d & a)) + nt_buffer[14]+sqrt2; b = (b<<13) | (b>>19); 141 | 142 | a += ((b & (c | d)) | (c & d)) + nt_buffer[3] +sqrt2; a = (a<<3 ) | (a>>29); 143 | d += ((a & (b | c)) | (b & c)) + nt_buffer[7] +sqrt2; d = (d<<5 ) | (d>>27); 144 | c += ((d & (a | b)) | (a & b)) + nt_buffer[11]+sqrt2; c = (c<<9 ) | (c>>23); 145 | b += ((c & (d | a)) | (d & a)) + nt_buffer[15]+sqrt2; b = (b<<13) | (b>>19); 146 | 147 | /* Round 3 */ 148 | a += (d ^ c ^ b) + nt_buffer[0] + sqrt3; a = (a << 3 ) | (a >> 29); 149 | d += (c ^ b ^ a) + nt_buffer[8] + sqrt3; d = (d << 9 ) | (d >> 23); 150 | c += (b ^ a ^ d) + nt_buffer[4] + sqrt3; c = (c << 11) | (c >> 21); 151 | b += (a ^ d ^ c) + nt_buffer[12] + sqrt3; b = (b << 15) | (b >> 17); 152 | 153 | a += (d ^ c ^ b) + nt_buffer[2] + sqrt3; a = (a << 3 ) | (a >> 29); 154 | d += (c ^ b ^ a) + nt_buffer[10] + sqrt3; d = (d << 9 ) | (d >> 23); 155 | c += (b ^ a ^ d) + nt_buffer[6] + sqrt3; c = (c << 11) | (c >> 21); 156 | b += (a ^ d ^ c) + nt_buffer[14] + sqrt3; b = (b << 15) | (b >> 17); 157 | 158 | a += (d ^ c ^ b) + nt_buffer[1] + sqrt3; a = (a << 3 ) | (a >> 29); 159 | d += (c ^ b ^ a) + nt_buffer[9] + sqrt3; d = (d << 9 ) | (d >> 23); 160 | c += (b ^ a ^ d) + nt_buffer[5] + sqrt3; c = (c << 11) | (c >> 21); 161 | b += (a ^ d ^ c) + nt_buffer[13] + sqrt3; b = (b << 15) | (b >> 17); 162 | 163 | a += (d ^ c ^ b) + nt_buffer[3] + sqrt3; a = (a << 3 ) | (a >> 29); 164 | d += (c ^ b ^ a) + nt_buffer[11] + sqrt3; d = (d << 9 ) | (d >> 23); 165 | c += (b ^ a ^ d) + nt_buffer[7] + sqrt3; c = (c << 11) | (c >> 21); 166 | b += (a ^ d ^ c) + nt_buffer[15] + sqrt3; b = (b << 15) | (b >> 17); 167 | 168 | output[0] += a; 169 | output[1] += b; 170 | output[2] += c; 171 | output[3] += d; 172 | //Iterate the integer 173 | for(i=0;i<4;i++) 174 | for(j=0,n=output[i];j<4;j++) 175 | { 176 | unsigned int convert=n%256; 177 | hex_format[i*8+j*2+1]=itoa16[convert%16]; 178 | convert=convert/16; 179 | hex_format[i*8+j*2+0]=itoa16[convert%16]; 180 | n=n/256; 181 | } 182 | //null terminate the string 183 | hex_format[33]=0; 184 | return hex_format; 185 | } 186 | 187 | char *md5_crypt(unsigned char *string) 188 | { 189 | unsigned char *digest; 190 | static char hex_format[33]; 191 | int i; 192 | digest = MD5(string,strlen((char *) string),NULL); 193 | for(i=0;i<16;i++) 194 | sprintf(&hex_format[i*2],"%02x",(unsigned int) digest[i]); 195 | hex_format[32] = '\0'; 196 | return hex_format; 197 | } 198 | 199 | char *sha1_crypt(unsigned char *string) 200 | { 201 | unsigned char *digest; 202 | static char hex_format[41]; 203 | int i; 204 | digest = SHA1(string,strlen((char *) string),NULL); 205 | for(i=0;i<20;i++) 206 | sprintf(&hex_format[i*2],"%02x",(unsigned int) digest[i]); 207 | hex_format[40] = '\0'; 208 | return hex_format; 209 | } 210 | 211 | char *sha256_crypt(unsigned char *string) 212 | { 213 | static char hex_format[65]; 214 | unsigned char hash[SHA256_DIGEST_LENGTH]; 215 | int i; 216 | SHA256_CTX sha256; 217 | SHA256_Init(&sha256); 218 | SHA256_Update(&sha256, string, strlen((char *) string)); 219 | SHA256_Final(hash, &sha256); 220 | for(i = 0; i < SHA256_DIGEST_LENGTH; i++) 221 | sprintf(&hex_format[i*2], "%02x", (unsigned int) hash[i]); 222 | hex_format[64] = '\0'; 223 | return hex_format; 224 | } 225 | 226 | char *sha384_crypt(unsigned char *string) 227 | { 228 | static char hex_format[99]; 229 | unsigned char hash[SHA384_DIGEST_LENGTH]; 230 | int i; 231 | SHA512_CTX sha384; 232 | SHA384_Init(&sha384); 233 | SHA384_Update(&sha384, string, strlen((char *) string)); 234 | SHA384_Final(hash, &sha384); 235 | for(i=0;i 2 | #include 3 | #include 4 | 5 | #define uchar unsigned char -------------------------------------------------------------------------------- /configure.ac: -------------------------------------------------------------------------------- 1 | AC_INIT([autocrack], [0.0.1], [massimo.dragano@gmail.com],,[https://github.com/tux-mind/autocrack]) 2 | AM_INIT_AUTOMAKE([-Wall -Werror]) 3 | AC_PROG_CC 4 | AM_PROG_CC_C_O 5 | AC_FUNC_FNMATCH 6 | AC_FUNC_FORK 7 | AC_HEADER_DIRENT 8 | AC_HEADER_RESOLV 9 | AC_HEADER_STAT 10 | AC_HEADER_STDBOOL 11 | AC_HEADER_STDC 12 | AC_HEADER_SYS_WAIT 13 | AC_HEADER_TIME 14 | AC_HEADER_TIOCGWINSZ 15 | AC_FUNC_MALLOC 16 | AC_FUNC_REALLOC 17 | 18 | AC_CHECK_HEADERS([sys/socket.h]) 19 | AC_CHECK_HEADERS([regex.h]) 20 | AC_CHECK_LIB([pthread],[main]) 21 | AC_CHECK_LIB([curl],[main]) 22 | AC_CHECK_LIB([crypto],[main]) 23 | AC_CHECK_LIB([magic],[main]) 24 | 25 | debug_default="yes" 26 | AC_ARG_ENABLE(debug, [ --enable-debug=[no/YES] write debugging symbols and turn off optimization.],enable_debug=$enableval, enable_debug=$debug_default) 27 | if test "x$enable_debug" == "xyes"; then 28 | CFLAGS="$CFLAGS -ggdb -O0" 29 | #AC_MSG_RESULT([yes]) 30 | else 31 | CFLAGS="$CFLAGS -g -O2 -ffast-math -fomit-frame-pointer -pipe" 32 | #AC_MSG_RESULT([no]) 33 | fi 34 | AC_DEFUN([AC_SET_DEFAULT_PATHS_SYSTEM], 35 | [AC_REQUIRE([AC_CANONICAL_HOST]) # -------------------------------------------- 36 | case "$prefix:$ac_default_prefix" in 37 | NONE:/usr/local) 38 | result="" 39 | AC_MSG_CHECKING(default prefix path) 40 | case "${target_os}" in 41 | *cygwin* | *mingw* | *uwin* | *djgpp | *emx* ) 42 | if test "${host_os}" = "${target_os}" ; then 43 | ac_default_prefix="/programs" 44 | result="(win/dos target)" 45 | else 46 | case "$PATH" in 47 | *:/usr/local/cross-tools/$target_alias/bin:*) 48 | ac_default_prefix="/usr/local/cross-tools/$target_alias" ;; 49 | *:/usr/local/$target_alias/bin:*) 50 | ac_default_prefix="/usr/local/$target_alias" ;; 51 | *:/usr/local/$target_cpu-$target_os/bin:*) 52 | ac_default_prefix="/usr/local/$target_cpu-$target_os" ;; 53 | *) 54 | ac_default_prefix="/programs" ;; 55 | esac 56 | result="(win/dos cross-compiler)" 57 | fi 58 | ;; 59 | esac 60 | AC_MSG_RESULT($ac_default_prefix $result) 61 | ;; 62 | esac 63 | AC_MSG_CHECKING(default prefix system) 64 | result="$prefix" ; test "$result" = "NONE" && result="$ac_default_prefix" 65 | case ${result} in 66 | /programs | /programs/*) result="is win-/programs" 67 | # on win/dos, .exe .dll and .cfg live in the same directory 68 | libdir=`echo $libdir |sed -e 's:^..exec_prefix./lib$:${bindir}:'` 69 | sbindir=`echo $sbindir |sed -e 's:^..exec_prefix./sbin$:${libdir}:'` 70 | sysconfdir=`echo $sysconfdir |sed -e 's:^..prefix./etc$:${sbindir}:'` 71 | libexecdir=`echo $libexecdir |sed -e 's:/libexec$:/system:'` 72 | # help-files shall be set with --infodir, docprefix is datadir 73 | docprefix="${datadir}" 74 | mandir=`echo $mandir \ 75 | |sed -e 's:^..prefix./man$:${datadir}/info:'` 76 | includedir=`echo $includedir \ 77 | |sed -e 's:^..prefix./include$:${datadir}/include:'` 78 | # other state files (but /etc) are moved to datadir 79 | sharedstatedir=`echo $sharedstatedir \ 80 | |sed -e 's:^..prefix./com$:${datadir}/default:'` 81 | localstatedir=`echo $localstatedir \ 82 | |sed -e 's:^..prefix./var$:${datadir}/current:'` 83 | ;; 84 | /usr) result="is /usr-shipped" 85 | # doc files are left at prefix 86 | docprefix="${prefix}" 87 | # state files go under /top 88 | sysconfdir=`echo $sysconfdir |sed -e 's:^..prefix./etc$:/etc:'` 89 | sharedstatedir=`echo $sharedstatedir \ 90 | |sed -e 's:^..prefix./com$:/etc/default:'` 91 | # $prefix/var is going to end up in /var/lib 92 | localstatedir=`echo $localstatedir \ 93 | |sed -e 's:^..prefix./var$:/var/lib:'` 94 | ;; 95 | /opt | /opt/*) result="is /opt-package" 96 | # state files go under /top/prefix 97 | sysconfdir=`echo $sysconfdir \ 98 | |sed -e 's:^..prefix./etc$:/etc${prefix}:'` 99 | sharedstatedir=`echo $sharedstatedir \ 100 | |sed -e 's:^..prefix./com$:/etc/default${prefix}:'` 101 | # $prefix/var is going to to be /var$prefix... once again 102 | localstatedir=`echo $localstatedir \ 103 | |sed -e 's:^..prefix./var$:/var${prefix}:'` 104 | # doc files are left at prefix 105 | docprefix="${prefix}" 106 | ;; 107 | *) result="is /local-package" 108 | # doc files are moved from prefix down to datadir 109 | docprefix="${datadir}" 110 | mandir=`echo $mandir \ 111 | |sed -e 's:^..prefix./man$:${datadir}/man:'` 112 | infodir=`echo $infodir \ 113 | |sed -e 's:^..prefix./infodir$:${datadir}/info:'` 114 | # never use $prefix/com - that is no good idea 115 | sharedstatedir=`echo $sharedstatedir \ 116 | |sed -e 's:^..prefix./com$:${sysconfdir}/default:'` 117 | sysconfdir=`echo $sysconfdir |sed -e 's:^..prefix./etc$:/etc:'` 118 | ;; 119 | esac 120 | AC_MSG_RESULT($result) 121 | # -------------------------------------------------------- 122 | ]) 123 | 124 | 125 | AC_PATH_PROG([JTR], [john],"", [$PATH:/usr/sbin]) 126 | AC_PATH_PROG([COWPATTY], [cowpatty],"") 127 | AC_PATH_PROG([PYRIT],[pyrit],"") 128 | AC_PATH_PROG([OCLHASHCAT], [oclHashcat-plus64.bin],"") 129 | if test -z "$OCLHASHCAT"; then 130 | AC_PATH_PROG([OCLHASHCAT], [oclhashcat-plus],"") 131 | fi 132 | AC_PATH_PROG([RCRACK], [rcracki_mt], "") 133 | 134 | TMPLOG=/tmp/test.log 135 | 136 | if test -n "$JTR"; then 137 | AC_MSG_CHECKING([john the ripper]) 138 | TESTOUT=/tmp/john.pot 139 | rm -f "$TESTOUT" 140 | $JTR --wordlist=test/uword --format=raw-md5 test/hash.md5 --pot="$TESTOUT" &>"$TMPLOG" 141 | if test ! -f "$TESTOUT"; then 142 | AC_MSG_RESULT([FAILED]) 143 | AC_MSG_WARN([usually you must install it in SYSTEMWIDE mode.]) 144 | AC_MSG_WARN([program output:]) 145 | cat "$TMPLOG" 146 | JTR="" 147 | else 148 | AC_MSG_RESULT([success]) 149 | rm "$TESTOUT" 150 | fi 151 | else 152 | AC_MSG_WARN([Cannot found john the ripper, many features will be disabled.]) 153 | fi 154 | if test -n "$COWPATTY"; then 155 | AC_MSG_CHECKING([coWPAtty]) 156 | $COWPATTY -f test/uword -r test/wpa2psk-MOM1.dump -s MOM1 &>"$TMPLOG" 157 | PSK=$( grep -oe "MOM12345" "$TMPLOG") 158 | if test -n "$PSK"; then 159 | AC_MSG_RESULT([success]) 160 | else 161 | COWPATTY="" 162 | AC_MSG_RESULT([FAILED]) 163 | AC_MSG_WARN([program ouput:]) 164 | cat "$TMPLOG" 165 | fi 166 | else 167 | COWPATTY="" 168 | AC_MSG_WARN([Cannot found cowpatty, CPU wpa rainbowtable attack will be disabled.]) 169 | fi 170 | if test -n "$OCLHASHCAT"; then 171 | TESTOUT=/tmp/ocl.out 172 | AC_MSG_CHECKING([oclhashcat-plus]) 173 | $OCLHASHCAT -m 0 -a 0 -o "$TESTOUT" --outfile-format=3 test/uword test/hash.md5 &>"$TMPLOG" 174 | PSWD=$(grep -o password "$TESTOUT") 175 | if test -n "$PSWD"; then 176 | AC_MSG_RESULT([success]) 177 | rm "$TESTOUT" 178 | else 179 | if test -f "$TESTOUT"; then 180 | rm "$TESTOUT" 181 | fi 182 | OCLHASHCAT="" 183 | AC_MSG_RESULT([FAILED]) 184 | AC_MSG_WARN([program output is:]) 185 | cat "$TMPLOG" 186 | fi 187 | else 188 | AC_MSG_WARN([oclhashcat-plus not found.]) 189 | fi 190 | if test -n "$PYRIT" ; then 191 | TESTOUT=/tmp/pyr.out 192 | AC_MSG_CHECKING([pyrit.]) 193 | $PYRIT -i test/uword -o "$TESTOUT" -r test/wpa2psk-MOM1.dump -e MOM1 attack_passthrough &>"$TMPLOG" 194 | PSK=$(grep -o MOM12345 "$TESTOUT") 195 | if test -n "$PSK"; then 196 | AC_MSG_RESULT([success]) 197 | rm "$TESTOUT" 198 | else 199 | if test -f "$TESTOUT"; then 200 | rm "$TESTOUT" 201 | fi 202 | PYRIT="" 203 | AC_MSG_RESULT([FAILED]) 204 | AC_MSG_WARN([program output is:]) 205 | cat "$TMPOUT" 206 | fi 207 | else 208 | AC_MSG_WARN([cannot find pyrit.]) 209 | fi 210 | if test -n "$RCRACK"; then 211 | #AC_MSG_CHECKING([rcracki_mt]) 212 | #AC_MSG_RESULT([FUNCTION NOT AVAILABLE]) 213 | echo "TODO: rcracki_mt checking" 214 | else 215 | AC_MSG_WARN([Cannot find rcracki_mt.]) 216 | fi 217 | 218 | if test -f "$TMPLOG" ; then 219 | rm "$TMPLOG" 220 | fi 221 | 222 | if test -z "$OCLHASHCAT$PYRIT$JTR$RCRACK$COWPATTY" ; then 223 | AC_MSG_ERROR([Hei guy! seems that you havn't anything installed on your machine! Please install al least one of the programs above.]) 224 | fi 225 | AC_SET_DEFAULT_PATHS_SYSTEM 226 | CONFDIR="$ac_default_prefix$sysconfdir/autocrack" 227 | AC_DEFINE_UNQUOTED([CONFDIR],"$CONFDIR","config dir") 228 | # if you edit the next line remember that if you provide less then (sizeof(struct _bins)/sizeof(char *)) strings, probably the function parser_path will recieve a SIGSEGV signal while try to evaluate the legth of a string that you havn't give.. 229 | AC_DEFINE_UNQUOTED([BINS],[ { "$JTR", "$COWPATTY", "$OCLHASHCAT", "$PYRIT", "$RCRACK" }],"external binaries") 230 | AC_CONFIG_HEADER([config.h]) 231 | AC_CONFIG_FILES([Makefile]) 232 | AC_OUTPUT 233 | -------------------------------------------------------------------------------- /engine/engine.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Autocrack - automatically crack everything throught CPU and GPU 3 | * Copyright (C) 2012 Massimo Dragano 4 | * 5 | * Autocrack is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * Autocrack is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with Autocrack. If not, see . 17 | */ 18 | 19 | #include "engine.h" 20 | 21 | extern struct _globals globals; 22 | 23 | struct engine_settings 24 | { 25 | struct { struct {const char *cpu,*gpu;} hash,wpa; } dict; 26 | unsigned int mem_counter; // number of addresses to free 27 | void *to_free[MAX_POINTERS]; 28 | } E_opt; 29 | 30 | /* keep a trace of allocated memory into E_opt.to_free */ 31 | void *engine_malloc(size_t bytes, const char *file, int line_no) 32 | { 33 | if(E_opt.mem_counter >= MAX_POINTERS) 34 | { 35 | engine_del_opt(); 36 | report(verbose,"more then #%d memory locations has been allocated.",MAX_POINTERS); 37 | report_error("memory overload!",0,1,error); 38 | } 39 | return E_opt.to_free[E_opt.mem_counter++] = malloc(bytes); 40 | } 41 | 42 | /* GPU binaries must run alone, otherwise GPU will overheat and the program will crash. */ 43 | void gpu_handler( char **args, char *outfile, struct _wpa *wpa, enum _type hash_type) 44 | { 45 | static struct my_call { char *bin, *outfile, **args; struct _wpa *wpa; enum _type htype; struct my_call *next; } *call_db=NULL; 46 | struct my_call *iter=NULL,*prev=NULL; 47 | static int n_args=0; 48 | struct t_info *told=NULL; 49 | 50 | if(args==NULL) // start attack 51 | { 52 | if(n_args<=0) 53 | return; 54 | for(iter=call_db;iter!=NULL;prev=iter,iter=iter->next,free((void *) prev)) 55 | { 56 | told = prog_wait(iter->args,iter->outfile,told); // calling prog_wait with told==NULL is equal to prog_call 57 | if(iter->wpa==NULL) 58 | bind_thr2htype(told,iter->htype); 59 | else 60 | bind_thr2wpa(told,iter->wpa); 61 | } 62 | return; 63 | } 64 | 65 | if(call_db==NULL) 66 | iter = call_db = malloc(sizeof(struct my_call)); 67 | else 68 | { 69 | for(iter=call_db;iter->next!=NULL;iter=iter->next); 70 | iter = iter->next = malloc(sizeof(struct my_call)); 71 | } 72 | 73 | iter->args = args; 74 | iter->bin = *args; 75 | iter->outfile = outfile; 76 | iter->wpa = wpa; 77 | iter->htype = hash_type; 78 | iter->next = NULL; 79 | n_args++; 80 | 81 | return; 82 | } 83 | 84 | void rain_hash_cpu_crack() 85 | { 86 | char *outfile, **args; 87 | const char *infile; 88 | int threads; 89 | size_t len; 90 | struct t_info *iter=NULL; 91 | 92 | if((infile = make_hash_file(UNKNOWN)) == NULL) 93 | return; 94 | outfile = E_malloc(L_tmpnam*sizeof(char)); 95 | tmpnam(outfile); 96 | for(threads=get_n_cpus(),iter=globals.tpool;iter!=NULL && threads>1;iter=iter->next) 97 | if(iter->state == running) 98 | threads--; 99 | 100 | len = snprintf(NULL,0,"%d",threads)+1; 101 | args = E_malloc(9*sizeof(char *)); 102 | args[0] = (char *) globals.bins.rcrack; 103 | args[1] = "-l"; 104 | args[2] = (char *) infile; 105 | args[3] = "-t"; 106 | args[4] = E_malloc(len*sizeof(char)); 107 | snprintf(args[4],len,"%d",threads); 108 | args[5] = "-o"; 109 | args[6] = outfile; 110 | args[7] = (char *) globals.rt_root; 111 | args[8] = NULL; 112 | iter = prog_call(args,outfile); 113 | bind_thr2htype(iter,UNKNOWN); 114 | 115 | return; 116 | } 117 | 118 | void rain_wpa_cpu_crack(_wpa *wpa) 119 | { 120 | char **args; 121 | 122 | args = E_malloc(8*sizeof(char *)); 123 | args[0] = globals.bins.cow; 124 | args[1] = "-s"; 125 | args[2] = wpa->essid; 126 | args[3] = "-r"; 127 | args[4] = (char *) globals.pcap; 128 | args[5] = "-d"; 129 | args[6] = wpa->genpmk; 130 | 131 | bind_thr2wpa(prog_call(args,NULL),wpa); 132 | 133 | return; 134 | } 135 | 136 | void dict_wpa_cpu_crack(const char *wordlist, struct _wpa *wpa) 137 | { 138 | char **args; 139 | struct t_info *thread; 140 | 141 | args = E_malloc(8*sizeof(char *)); 142 | args[0] = globals.bins.cow; 143 | args[1] = "-f"; 144 | args[2] = (char *) wordlist; 145 | args[3] = "-r"; 146 | args[4] = (char *) globals.pcap; 147 | args[5] = "-s"; 148 | args[6] = wpa->essid; 149 | args[7] = NULL; 150 | 151 | thread = prog_call(args,NULL); // redirect stdout 152 | bind_thr2wpa(thread,wpa); 153 | return; 154 | } 155 | 156 | void dict_wpa_gpu_crack(const char *wordlist, struct _wpa *wpa) 157 | { 158 | char ***ocl_args,**pyr_args,*outfile; 159 | 160 | 161 | outfile = E_malloc(L_tmpnam*sizeof(char)); 162 | tmpnam(outfile); 163 | 164 | if(globals.bins.oclhashcat != NULL) 165 | { 166 | /* oclhashcat-plus -m 2500 -a 0/1 -o oufile --outfile-format=3 infile.hccap wordlist */ 167 | 168 | ocl_args = E_malloc(2*sizeof(char **)); 169 | ocl_args[0] = E_malloc(11*sizeof(char *)); 170 | ocl_args[1] = E_malloc(11*sizeof(char *)); 171 | ocl_args[0][0] = ocl_args[1][0] = (char *) globals.bins.oclhashcat; 172 | ocl_args[0][1] = ocl_args[1][1] = "-m"; 173 | ocl_args[0][2] = ocl_args[1][2] = "2500"; 174 | ocl_args[0][3] = ocl_args[1][3] = "-a"; 175 | ocl_args[0][4] = "0"; 176 | ocl_args[1][4] = "1"; 177 | ocl_args[0][5] = ocl_args[1][5] = "-o"; 178 | ocl_args[0][6] = outfile; 179 | outfile = E_malloc(L_tmpnam*sizeof(char)); 180 | tmpnam(outfile); 181 | ocl_args[1][6] = outfile; 182 | ocl_args[0][7] = ocl_args[1][7] = "--outfile-format=3"; 183 | ocl_args[0][8] = ocl_args[1][8] = (char *) globals.hccap; 184 | ocl_args[0][9] = ocl_args[1][9] = (char *) wordlist; 185 | ocl_args[0][10] = ocl_args[1][10] = NULL; 186 | 187 | wpa_gpu_handler(ocl_args[0],ocl_args[0][6],wpa); 188 | wpa_gpu_handler(ocl_args[1],ocl_args[1][6],wpa); 189 | } 190 | else 191 | { 192 | /* pyrit -r file.pcap -i wordlist -o outfile attack_passthrough */ 193 | 194 | pyr_args = E_malloc(11*sizeof(char *)); 195 | pyr_args[0] = (char *) globals.bins.pyrit; 196 | pyr_args[1] = "-r"; 197 | pyr_args[2] = (char *) globals.pcap; 198 | pyr_args[3] = "-i"; 199 | pyr_args[4] = (char *) wordlist; 200 | pyr_args[5] = "-o"; 201 | pyr_args[6] = outfile; 202 | pyr_args[7] = "-e"; 203 | pyr_args[8] = wpa->essid; 204 | pyr_args[9] = "attack_passthrough"; 205 | pyr_args[10] = NULL; 206 | wpa_gpu_handler(pyr_args,outfile,wpa); 207 | } 208 | 209 | return; 210 | } 211 | 212 | void dict_hash_cpu_crack(const char *wordlist) 213 | { 214 | char ***args,*outfile; 215 | const char *infile; 216 | int j; 217 | enum _type i; 218 | size_t len; 219 | struct t_info *thread; 220 | 221 | report_error("starting dictionary hash crack using CPU.",0,0,info); 222 | 223 | // N_TYPE count also NONE and UNKNOWN that not concern us. ( we keep one more for the NULL pointer) 224 | args = E_malloc((N_TYPE-1)*sizeof(char **)); 225 | thread=NULL; // passing 'NULL' to prog_wait make it work as prog_call 226 | for(i=NONE+1,j=0;igenpmk==NULL;wtmp=wtmp->next); 299 | if(wtmp!=NULL && globals.bins.cow != NULL) 300 | { 301 | report_error("starting rainbowtable attack against wpa handshakes.",0,0,info); 302 | //skip the first check. 303 | rain_wpa_cpu_crack(wtmp); 304 | for(wtmp=wtmp->next;wtmp!=NULL;wtmp=wtmp->next) 305 | if(wtmp->genpmk!=NULL) 306 | rain_wpa_cpu_crack(wtmp); 307 | } 308 | return; 309 | } 310 | 311 | void dict_crack() 312 | { 313 | struct _wpa *wpa_cur=NULL; 314 | 315 | if(E_opt.dict.hash.cpu != NULL) 316 | dict_hash_cpu_crack(E_opt.dict.hash.cpu); 317 | if(E_opt.dict.hash.gpu != NULL) 318 | dict_hash_gpu_crack(E_opt.dict.hash.gpu); 319 | if(E_opt.dict.wpa.cpu != NULL) 320 | { 321 | report_error("starting dictionary wpa crack using CPU.",0,0,info); 322 | for(wpa_cur=globals.wpa_list;wpa_cur!=NULL;wpa_cur=wpa_cur->next) 323 | dict_wpa_cpu_crack(E_opt.dict.wpa.cpu, wpa_cur); 324 | } 325 | if(E_opt.dict.wpa.gpu != NULL) 326 | { 327 | report_error("starting dictionary wpa crack using GPU.",0,0,info); 328 | if(globals.bins.oclhashcat!=NULL) 329 | dict_wpa_gpu_crack(E_opt.dict.wpa.gpu,NULL); /* and probably also oclhashcat wont a specific essid...or a single hccap file for every AP */ 330 | else 331 | for(wpa_cur=globals.wpa_list;wpa_cur!=NULL;wpa_cur=wpa_cur->next) 332 | dict_wpa_gpu_crack(E_opt.dict.wpa.gpu,wpa_cur); 333 | } 334 | 335 | if(E_opt.dict.hash.gpu != NULL || E_opt.dict.wpa.gpu != NULL) 336 | start_gpu(); 337 | return; 338 | } 339 | 340 | static void online_thread_cleanup(void *arg) 341 | { 342 | struct _free_me 343 | { 344 | struct curl_slist *headerlist; 345 | struct curl_httppost *formpost; 346 | CURL *curl; 347 | struct _mem 348 | { 349 | char *memory; 350 | size_t size; 351 | } chunk; 352 | char *pswd; 353 | const char *value; 354 | } mem = *((struct _free_me *) arg); 355 | 356 | // this can happen: add_hash_plain => unbind_hash => pthread_mutex_lock 357 | pthread_mutex_unlock(&pool_lock); 358 | if(mem.formpost!=NULL) 359 | curl_formfree(mem.formpost); 360 | if(mem.headerlist!=NULL) 361 | curl_slist_free_all(mem.headerlist); 362 | if(mem.curl!=NULL) 363 | curl_easy_cleanup(mem.curl); 364 | if(mem.chunk.memory!=NULL) 365 | free((void *) mem.chunk.memory); 366 | if(mem.pswd!=NULL) 367 | free((void *) mem.pswd); 368 | if(mem.value != NULL) 369 | free((void *) mem.value); 370 | } 371 | 372 | void *online_crack_thread(void *garbage) 373 | { 374 | struct curl_httppost *lastptr=NULL; 375 | static const char buf[] = "Expect:";//us 376 | CURLcode res; 377 | int i,a; 378 | //long timeout = CURL_TIMEOUT; 379 | char url[MAX_LINE],buffer[MAX_LINE]; // must use an internal buffer since globals.err_buff isn't for threads 380 | const char *agent; 381 | float rnd_gap; 382 | odb *self=NULL; 383 | odb_t *ttmp=NULL; 384 | odb_type *tp_tmp=NULL; 385 | _hash *htmp=NULL; 386 | 387 | /* this function use an huge amount of memory, 388 | * so we must free it all if someone cancel this thread.*/ 389 | struct _free_me 390 | { 391 | struct curl_slist *headerlist; 392 | struct curl_httppost *formpost; 393 | CURL *curl; 394 | struct _mem 395 | { 396 | char *memory; 397 | size_t size; 398 | } chunk; 399 | char *pswd, *value; 400 | } mem; 401 | 402 | memset(&mem,0,sizeof(struct _free_me)); 403 | mem.chunk.memory = NULL; // must be sure ont this thing! 404 | 405 | pthread_cleanup_push(online_thread_cleanup, &mem); // look parser_online for help on this function. 406 | 407 | for(self=globals.odb;self!=NULL && !pthread_equal(pthread_self(),self->thread);self=self->next); 408 | 409 | mem.curl = curl_easy_init(); 410 | 411 | if(self==NULL) 412 | report_error("cannot find myself in the online servers database.",0,1,error); 413 | if(mem.curl == NULL) 414 | report_error("unable to init libcurl Handler.",0,1,error); 415 | 416 | mem.headerlist = curl_slist_append(mem.headerlist, buf); 417 | mem.chunk.memory = malloc(1); 418 | mem.chunk.size = 0; 419 | srand(time(NULL)); 420 | 421 | for(a=0,htmp=globals.hash_list;htmp!=NULL;htmp=htmp->next,a++) 422 | { 423 | if((agent = uagents[a])==NULL) 424 | agent = uagents[(a=0)]; 425 | for(tp_tmp = self->types;tp_tmp!=NULL && tp_tmp->type != htmp->type; tp_tmp = tp_tmp->next); 426 | 427 | if(tp_tmp == NULL || htmp->type != tp_tmp->type || htmp->plain != NULL) 428 | continue; 429 | 430 | snprintf(url,MAX_LINE-1,"%s/%s",self->host,self->file); 431 | odb_sub_str(url,tp_tmp,htmp,MAX_LINE); 432 | if(self->method==GET) 433 | { 434 | curl_easy_setopt(mem.curl, CURLOPT_REFERER, url); 435 | strncat(url,"?",1); 436 | } 437 | mem.value = malloc(MAX_LINE*sizeof(char)); 438 | for(ttmp=self->tuples;ttmp;ttmp=ttmp->next) 439 | { 440 | strncpy(mem.value,ttmp->value,MAX_LINE); 441 | odb_sub_str(mem.value,tp_tmp,htmp,MAX_LINE); 442 | 443 | if(self->method == POST) 444 | curl_formadd(&(mem.formpost), &lastptr, 445 | CURLFORM_COPYNAME, ttmp->name, 446 | CURLFORM_COPYCONTENTS, mem.value, 447 | CURLFORM_END); 448 | else 449 | { 450 | strncpy(buffer,url,MAX_LINE); 451 | snprintf(url,MAX_LINE,"%s%s=%s&",buffer,ttmp->name,mem.value); 452 | } 453 | } 454 | free((void *) mem.value); 455 | mem.value = NULL; 456 | if(self->method==POST) 457 | curl_easy_setopt(mem.curl, CURLOPT_HTTPPOST, mem.formpost); 458 | else 459 | { 460 | url[strlen(url)-1]='\0'; // remove the last '&' 461 | curl_easy_setopt(mem.curl, CURLOPT_POST, 0); 462 | } 463 | curl_easy_setopt(mem.curl, CURLOPT_WRITEFUNCTION, memory_writer); 464 | curl_easy_setopt(mem.curl, CURLOPT_URL, url); 465 | curl_easy_setopt(mem.curl, CURLOPT_FOLLOWLOCATION, 1); 466 | curl_easy_setopt(mem.curl, CURLOPT_WRITEDATA, (void *)&(mem.chunk)); 467 | curl_easy_setopt(mem.curl, CURLOPT_USERAGENT, agent); 468 | curl_easy_setopt(mem.curl, CURLOPT_TIMEOUT, CURL_TIMEOUT); 469 | curl_easy_setopt(mem.curl, CURLOPT_CONNECTTIMEOUT , CURL_TIMEOUT/2); 470 | pthread_setcancelstate(PTHREAD_CANCEL_DISABLE,NULL); // cannot cancel now, or we will lost memory 471 | for(i=0;ihost,curl_easy_strerror(res)); 475 | report_error(buffer,0,0,error); 476 | sleep(2); 477 | pthread_setcancelstate(PTHREAD_CANCEL_DISABLE,NULL); 478 | } 479 | pthread_setcancelstate(PTHREAD_CANCEL_ENABLE,NULL); 480 | if(i==BOT_RETRY) 481 | continue; 482 | mem.pswd = regexpn(mem.chunk.memory,self->patrn,1); 483 | // try to avoid bot detection 484 | for(i=0;idetected != NULL && strstr(mem.chunk.memory,self->detected) != NULL;i++) 485 | { 486 | if(i==0) 487 | { 488 | snprintf(buffer,MAX_LINE,"defeating anti-bot system on host \"%s\".",self->host); 489 | report_error(buffer,0,0,verbose); 490 | } 491 | rnd_gap = (float) rand() / RAND_MAX; 492 | usleep(((4+i+rnd_gap)*1000000)); 493 | snprintf(buffer,MAX_LINE,"retry #%d.",i+1); 494 | report_error(buffer,0,0,verbose3); 495 | pthread_setcancelstate(PTHREAD_CANCEL_DISABLE,NULL); 496 | res = curl_easy_perform(mem.curl); 497 | pthread_setcancelstate(PTHREAD_CANCEL_ENABLE,NULL); 498 | if(res!=CURLE_OK) 499 | { 500 | snprintf(buffer,MAX_LINE,"on host \"%s\": %s.",self->host,curl_easy_strerror(res)); 501 | report_error(buffer,0,0,error); 502 | continue; 503 | } 504 | mem.pswd = regexpn(mem.chunk.memory,self->patrn,1); 505 | } 506 | if(self->method==POST) 507 | { 508 | curl_formfree(mem.formpost); 509 | mem.formpost=NULL; 510 | lastptr=NULL; 511 | } 512 | if( (mem.chunk.memory = realloc(mem.chunk.memory,1)) == NULL) 513 | report_error("realloc()",1,1,error); 514 | mem.chunk.size = 0; 515 | if(mem.pswd != NULL) 516 | { 517 | snprintf(buffer,MAX_LINE,"found \"%s\" on host \"%s\".",mem.pswd,self->host); 518 | report_error(buffer,0,0,debug); 519 | // avoid multiple adds, maybe while we get online content another thraed have yet found it. 520 | if(htmp->plain==NULL) 521 | add_hash_plain(htmp,NULL,NULL, mem.pswd); 522 | free((void *) mem.pswd); 523 | mem.pswd = NULL; 524 | } 525 | sleep(2); // wait 2 senconds 526 | } 527 | 528 | pthread_cleanup_pop(1); 529 | 530 | pthread_exit(&i);// don't care about the value. 531 | } 532 | 533 | static void online_crack_cleanup(void *arg) 534 | { 535 | struct t_info *self = (struct t_info *) arg; 536 | bool kill_done; 537 | odb *otmp=NULL; 538 | for(otmp=globals.odb;otmp!=NULL;otmp=otmp->next) 539 | if(otmp->thread != 0) // if thread is running 540 | pthread_cancel(otmp->thread); 541 | for(kill_done=false;kill_done==false;usleep(10)) 542 | for(kill_done=true,otmp=globals.odb;otmp!=NULL && kill_done == true;otmp=otmp->next) 543 | if(otmp->thread != 0 && pthread_kill(otmp->thread,0) == 0) 544 | kill_done = false; 545 | for(otmp=globals.odb;otmp!=NULL;otmp->thread=0,otmp=otmp->next) 546 | if(otmp->thread!=0) // thread is already done, we kill it before 547 | pthread_join(otmp->thread,NULL); 548 | curl_global_cleanup(); 549 | self->state = done; 550 | } 551 | 552 | void *online_crack_handler(void *garbage) 553 | { 554 | odb *otmp=NULL; 555 | struct t_info *self; 556 | curl_global_init(CURL_GLOBAL_ALL); 557 | 558 | for(self=globals.tpool;self!=NULL && !pthread_equal(self->thread,pthread_self());self=self->next); 559 | 560 | pthread_cleanup_push(online_crack_cleanup,self); 561 | // start attack 562 | for(otmp=globals.odb;otmp!=NULL;otmp=otmp->next) 563 | pthread_create(&(otmp->thread),NULL,online_crack_thread,NULL); 564 | // wait that all threads finish 565 | for(otmp=globals.odb;otmp!=NULL;otmp->thread=0,otmp=otmp->next) 566 | if(otmp->thread!=0) 567 | pthread_join(otmp->thread,NULL); 568 | 569 | self->state = done; 570 | pthread_cleanup_pop(0); 571 | curl_global_cleanup(); 572 | pthread_exit(&self); 573 | } 574 | 575 | void online_crack() 576 | { 577 | enum _type cur_type; 578 | struct t_info *online_thr=NULL; 579 | odb *otmp=NULL; 580 | odb_type *tp_tmp=NULL; 581 | bool en_types[N_TYPE]; 582 | 583 | pthread_mutex_lock(&pool_lock); 584 | if(globals.tpool==NULL) 585 | online_thr = globals.tpool = malloc(sizeof(struct t_info)); 586 | else 587 | { 588 | for(online_thr=globals.tpool;online_thr->next!=NULL;online_thr=online_thr->next); 589 | online_thr = online_thr->next = malloc(sizeof(struct t_info)); 590 | } 591 | memset(online_thr,0,sizeof(struct t_info)); 592 | online_thr->state = running; 593 | pthread_mutex_unlock(&pool_lock); 594 | report_error("starting online crack.",0,0,info); 595 | memset(&en_types,(int) ((bool) false),N_TYPE*sizeof(bool)); 596 | for(otmp=globals.odb;otmp!=NULL;otmp=otmp->next) 597 | for(tp_tmp=otmp->types;tp_tmp!=NULL;tp_tmp=tp_tmp->next) 598 | en_types[tp_tmp->type] = true; // fill enabled_types with all types that can be cracked online. 599 | for(cur_type=(NONE+1);cur_typethread),NULL,online_crack_handler,NULL); 603 | return; 604 | } 605 | 606 | void engine_init_opt() 607 | { 608 | // init memory 609 | memset(&(E_opt),0,sizeof(struct engine_settings)); 610 | 611 | // check globals binaries and flags for divide the workload between GPU and CPU 612 | if(globals.dict==true) 613 | { 614 | make_wordlist(compute); 615 | if(globals.gpu==true) 616 | { 617 | if(globals.bins.jtr!=NULL && globals.bins.cow!=NULL) 618 | { 619 | if(globals.bins.oclhashcat!=NULL) 620 | { 621 | E_opt.dict.hash.cpu = E_opt.dict.wpa.cpu = make_wordlist(cpu); 622 | E_opt.dict.hash.gpu = E_opt.dict.wpa.gpu = make_wordlist(gpu); 623 | } 624 | else // pyrit is present, because globals.gpu == true 625 | { 626 | E_opt.dict.hash.cpu = globals.wordlist; 627 | E_opt.dict.wpa.cpu = make_wordlist(cpu); 628 | E_opt.dict.wpa.gpu = make_wordlist(gpu); 629 | } 630 | } 631 | else if(globals.bins.jtr!=NULL) 632 | { 633 | if(globals.bins.oclhashcat!=NULL) 634 | { 635 | E_opt.dict.hash.cpu = make_wordlist(cpu); 636 | E_opt.dict.hash.gpu = make_wordlist(gpu); 637 | E_opt.dict.wpa.gpu = globals.wordlist; 638 | } 639 | else 640 | { 641 | E_opt.dict.hash.cpu = globals.wordlist; 642 | E_opt.dict.wpa.gpu = globals.wordlist; 643 | } 644 | } 645 | else if(globals.bins.cow != NULL) 646 | { 647 | if(globals.bins.oclhashcat!=NULL) 648 | { 649 | E_opt.dict.hash.gpu = globals.wordlist; 650 | E_opt.dict.wpa.cpu = make_wordlist(cpu); 651 | E_opt.dict.wpa.gpu = make_wordlist(gpu); 652 | } 653 | else 654 | { 655 | E_opt.dict.wpa.cpu = make_wordlist(cpu); 656 | E_opt.dict.wpa.gpu = make_wordlist(gpu); 657 | } 658 | } 659 | else 660 | { 661 | if(globals.bins.oclhashcat!=NULL) 662 | { 663 | E_opt.dict.hash.gpu = globals.wordlist; 664 | E_opt.dict.wpa.gpu = globals.wordlist; 665 | } 666 | else 667 | E_opt.dict.wpa.gpu = globals.wordlist; 668 | } 669 | } 670 | else // no pyrit or oclhashcat available 671 | { 672 | if(globals.bins.jtr!=NULL && globals.bins.cow!=NULL) 673 | E_opt.dict.hash.cpu = E_opt.dict.wpa.cpu = globals.wordlist; 674 | else if(globals.bins.jtr!=NULL) 675 | E_opt.dict.hash.cpu = globals.wordlist; 676 | else if(globals.bins.cow!=NULL) 677 | E_opt.dict.wpa.cpu = globals.wordlist; 678 | } 679 | 680 | if(globals.hash_list==NULL) 681 | E_opt.dict.hash.cpu = E_opt.dict.hash.gpu = NULL; 682 | if(globals.wpa_list==NULL) 683 | E_opt.dict.wpa.cpu = E_opt.dict.wpa.gpu = NULL; 684 | 685 | } 686 | return; 687 | } 688 | 689 | void engine_del_opt() 690 | { 691 | while(E_opt.mem_counter > 0) 692 | free(E_opt.to_free[--E_opt.mem_counter]); 693 | return; 694 | } 695 | 696 | void engine() 697 | { 698 | int iter,run,active; 699 | struct t_info *ttmp=NULL; 700 | struct winsize term; 701 | bool print_status; 702 | 703 | engine_init_opt(); 704 | 705 | if(globals.rain == true) 706 | rt_crack(); 707 | if(globals.online == true) 708 | online_crack(); 709 | if(globals.dict == true) 710 | dict_crack(); 711 | 712 | 713 | for(active=0,ttmp=globals.tpool;ttmp!=NULL;ttmp=ttmp->next) 714 | if(ttmp->state!=done) 715 | active++; 716 | if(globals.log_level >= info && isatty(STDOUT_FILENO)) 717 | print_status = true; 718 | else 719 | print_status = false; 720 | for(;active>0;usleep(250 * 1000)) 721 | { 722 | if(print_status == true) 723 | { 724 | ioctl(STDOUT_FILENO, TIOCGWINSZ,&term); 725 | printf("%-*c\r",term.ws_col,' '); // clean stdout 726 | fflush(stdout); 727 | } 728 | 729 | pthread_mutex_lock(&pool_lock); 730 | for(run=active=0,ttmp=globals.tpool;ttmp!=NULL;) 731 | { 732 | if(ttmp->state == done) 733 | { 734 | //pthread_join(ttmp->thread,NULL); 735 | if(ttmp->bin != NULL && ttmp->outfile != NULL) // otherwise is online_crack 736 | { 737 | pthread_mutex_unlock(&pool_lock); 738 | P_prog_output(ttmp); 739 | remove(ttmp->outfile); 740 | ttmp->outfile=NULL; // so destroy_all don't try to remove this 741 | pthread_mutex_lock(&pool_lock); 742 | } 743 | ttmp->state = parsed; 744 | } 745 | else 746 | { 747 | if(ttmp->state == running) 748 | { 749 | run++; 750 | active++; 751 | } 752 | else if(ttmp->state == waiting) 753 | active++; 754 | ttmp = ttmp->next; 755 | } 756 | } 757 | pthread_mutex_unlock(&pool_lock); 758 | 759 | if(print_status == true) 760 | { 761 | ioctl(STDOUT_FILENO, TIOCGWINSZ,&term); 762 | iter = printf("running threads: %d/%d",run,active); 763 | printf("%-*c\r",(term.ws_col)-iter,' '); 764 | fflush(stdout); 765 | } 766 | } 767 | if(print_status == true) 768 | { 769 | ioctl(STDOUT_FILENO, TIOCGWINSZ,&term); 770 | printf("%-*c\r",term.ws_col,' '); // clean stdout 771 | } 772 | 773 | return; 774 | } -------------------------------------------------------------------------------- /engine/engine.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Autocrack - automatically crack everything throught CPU and GPU 3 | * Copyright (C) 2012 Massimo Dragano 4 | * 5 | * Autocrack is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * Autocrack is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with Autocrack. If not, see . 17 | */ 18 | 19 | #define MAX_POINTERS 255 20 | 21 | #define E_malloc(b) (engine_malloc((b),__FILE__,__LINE__)) 22 | #define wpa_gpu_handler(a,o,w) (gpu_handler((a),(o),(w),NONE)) 23 | #define hash_gpu_handler(a,o,t) (gpu_handler((a),(o),NULL,(t))) 24 | #define start_gpu() (gpu_handler(NULL,NULL,NULL,NONE)) 25 | 26 | const char *uagents[] = 27 | { 28 | "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.20 Safari/535.1", 29 | "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.36 (KHTML, like Gecko) Chrome/13.0.766.0 Safari/534.36", 30 | "Mozilla/5.0 ArchLinux (X11; U; Linux x86_64; en-US) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.100 Safari/534.30", 31 | "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.24 (KHTML, like Gecko) Ubuntu/10.10 Chromium/12.0.703.0 Chrome/12.0.703.0 Safari/534.24", 32 | "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.34 Safari/534.24", 33 | "Mozilla/5.0 (X11; U; Linux armv7l; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16", 34 | "Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.11 Safari/534.16", 35 | "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.15 (KHTML, like Gecko) Chrome/10.0.612.1 Safari/534.15", 36 | "Mozilla/5.0 (X11; Linux x86_64; rv:2.0.1) Gecko/20110506 Firefox/4.0.1", 37 | "Mozilla/5.0 (X11; Arch Linux i686; rv:2.0) Gecko/20110321 Firefox/4.0", 38 | "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.2) Gecko/2008092313 Ubuntu/9.25 (jaunty) Firefox/3.8", 39 | "Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.9.2.9) Gecko/20100913 Firefox/3.6.9", 40 | "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.8) Gecko/20100723 SUSE/3.6.8-0.1.1 Firefox/3.6.8", 41 | "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.7) Gecko/20100723 Fedora/3.6.7-1.fc13 Firefox/3.6.7", 42 | "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.4) Gecko/20100625 Gentoo Firefox/3.6.4", 43 | "Opera/9.80 (X11; Linux i686; U; en-US) Presto/2.8.131 Version/11.11", 44 | "Opera/9.80 (X11; Linux i686; U; en-US) Presto/2.7.62 Version/11.01", 45 | "Opera/9.80 (X11; Linux i686; U; en) Presto/2.5.27 Version/10.60", 46 | "Opera/9.80 (X11; Linux i686; U; en) Presto/2.2.15 Version/10.00", 47 | "Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.7 (like Gecko) SUSE", 48 | "Mozilla/5.0 (compatible; Konqueror/3.5; Linux; X11; i686; en_US) KHTML/3.5.6 (like Gecko) (Debian)", 49 | "Mozilla/5.0 (compatible; Konqueror/4.0; Linux) KHTML/4.0.82 (like Gecko)", 50 | "Mozilla/5.0 (compatible; Konqueror/4.1; Linux 2.6.27.7-134.fc10.x86_64; X11; x86_64) KHTML/4.1.3 (like Gecko) Fedora/4.1.3-4.fc10", 51 | "Mozilla/5.0 (compatible; Konqueror/4.1; OpenBSD) KHTML/4.1.4 (like Gecko)", 52 | "Mozilla/5.0 (compatible; Konqueror/4.2; Linux) KHTML/4.2.4 (like Gecko) Slackware/13.0", 53 | "Mozilla/5.0 (compatible; Konqueror/4.2; Linux; X11; x86_64) KHTML/4.2.4 (like Gecko) Fedora/4.2.4-2.fc11", 54 | "Mozilla/5.0 (compatible; Konqueror/4.3; Linux) KHTML/4.3.1 (like Gecko) Fedora/4.3.1-3.fc11", 55 | "Mozilla/5.0 (compatible; Konqueror/4.4; Linux) KHTML/4.4.1 (like Gecko) Fedora/4.4.1-1.fc12", 56 | "Mozilla/5.0 (compatible; Konqueror/4.5; FreeBSD) KHTML/4.5.4 (like Gecko)", 57 | NULL 58 | }; 59 | 60 | // prototypes 61 | void engine_del_opt(); 62 | -------------------------------------------------------------------------------- /include/byteorder.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Compatibility header 3 | * 4 | * Copyright (C) 2009 Thomas d'Otreppe 5 | * 6 | * This program is free software; you can redistribute it and/or modify 7 | * it under the terms of the GNU General Public License as published by 8 | * the Free Software Foundation; either version 2 of the License, or 9 | * (at your option) any later version. 10 | * 11 | * This program is distributed in the hope that it will be useful, 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | * GNU General Public License for more details. 15 | * 16 | * You should have received a copy of the GNU General Public License 17 | * along with this program; if not, write to the Free Software 18 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 19 | * 20 | * 21 | * In addition, as a special exception, the copyright holders give 22 | * permission to link the code of portions of this program with the 23 | * OpenSSL library under certain conditions as described in each 24 | * individual source file, and distribute linked combinations 25 | * including the two. 26 | * You must obey the GNU General Public License in all respects 27 | * for all of the code used other than OpenSSL. * If you modify 28 | * file(s) with this exception, you may extend this exception to your 29 | * version of the file(s), but you are not obligated to do so. * If you 30 | * do not wish to do so, delete this exception statement from your 31 | * version. * If you delete this exception statement from all source 32 | * files in the program, then also delete it here. 33 | */ 34 | 35 | #ifndef _AIRCRACK_NG_BYTEORDER_H_ 36 | #define _AIRCRACK_NG_BYTEORDER_H_ 37 | 38 | #define ___my_swab16(x) \ 39 | ((u_int16_t)( \ 40 | (((u_int16_t)(x) & (u_int16_t)0x00ffU) << 8) | \ 41 | (((u_int16_t)(x) & (u_int16_t)0xff00U) >> 8) )) 42 | #define ___my_swab32(x) \ 43 | ((u_int32_t)( \ 44 | (((u_int32_t)(x) & (u_int32_t)0x000000ffUL) << 24) | \ 45 | (((u_int32_t)(x) & (u_int32_t)0x0000ff00UL) << 8) | \ 46 | (((u_int32_t)(x) & (u_int32_t)0x00ff0000UL) >> 8) | \ 47 | (((u_int32_t)(x) & (u_int32_t)0xff000000UL) >> 24) )) 48 | #define ___my_swab64(x) \ 49 | ((u_int64_t)( \ 50 | (u_int64_t)(((u_int64_t)(x) & (u_int64_t)0x00000000000000ffULL) << 56) | \ 51 | (u_int64_t)(((u_int64_t)(x) & (u_int64_t)0x000000000000ff00ULL) << 40) | \ 52 | (u_int64_t)(((u_int64_t)(x) & (u_int64_t)0x0000000000ff0000ULL) << 24) | \ 53 | (u_int64_t)(((u_int64_t)(x) & (u_int64_t)0x00000000ff000000ULL) << 8) | \ 54 | (u_int64_t)(((u_int64_t)(x) & (u_int64_t)0x000000ff00000000ULL) >> 8) | \ 55 | (u_int64_t)(((u_int64_t)(x) & (u_int64_t)0x0000ff0000000000ULL) >> 24) | \ 56 | (u_int64_t)(((u_int64_t)(x) & (u_int64_t)0x00ff000000000000ULL) >> 40) | \ 57 | (u_int64_t)(((u_int64_t)(x) & (u_int64_t)0xff00000000000000ULL) >> 56) )) 58 | 59 | 60 | /* 61 | * Linux 62 | */ 63 | #if defined(linux) || defined(Linux) || defined(__linux__) || defined(__linux) || defined(__gnu_linux__) 64 | #include 65 | #include 66 | #include 67 | 68 | #ifndef __int8_t_defined 69 | typedef uint64_t u_int64_t; 70 | typedef uint32_t u_int32_t; 71 | typedef uint16_t u_int16_t; 72 | typedef uint8_t u_int8_t; 73 | #endif 74 | 75 | #endif 76 | 77 | /* 78 | * Cygwin 79 | */ 80 | #if defined(__CYGWIN32__) 81 | #include 82 | #include 83 | 84 | #define __be64_to_cpu(x) ___my_swab64(x) 85 | #define __be32_to_cpu(x) ___my_swab32(x) 86 | #define __be16_to_cpu(x) ___my_swab16(x) 87 | #define __cpu_to_be64(x) ___my_swab64(x) 88 | #define __cpu_to_be32(x) ___my_swab32(x) 89 | #define __cpu_to_be16(x) ___my_swab16(x) 90 | #define __le64_to_cpu(x) (x) 91 | #define __le32_to_cpu(x) (x) 92 | #define __le16_to_cpu(x) (x) 93 | #define __cpu_to_le64(x) (x) 94 | #define __cpu_to_le32(x) (x) 95 | #define __cpu_to_le16(x) (x) 96 | 97 | #define AIRCRACK_NG_BYTE_ORDER_DEFINED 98 | 99 | #endif 100 | 101 | /* 102 | * Windows (DDK) 103 | */ 104 | #if defined(__WIN__) 105 | 106 | #include 107 | 108 | #define __be64_to_cpu(x) ___my_swab64(x) 109 | #define __be32_to_cpu(x) ___my_swab32(x) 110 | #define __be16_to_cpu(x) ___my_swab16(x) 111 | #define __cpu_to_be64(x) ___my_swab64(x) 112 | #define __cpu_to_be32(x) ___my_swab32(x) 113 | #define __cpu_to_be16(x) ___my_swab16(x) 114 | #define __le64_to_cpu(x) (x) 115 | #define __le32_to_cpu(x) (x) 116 | #define __le16_to_cpu(x) (x) 117 | #define __cpu_to_le64(x) (x) 118 | #define __cpu_to_le32(x) (x) 119 | #define __cpu_to_le16(x) (x) 120 | 121 | #define AIRCRACK_NG_BYTE_ORDER_DEFINED 122 | 123 | #endif 124 | 125 | /* 126 | * MAC (Darwin) 127 | */ 128 | #if defined(__APPLE_CC__) 129 | #if defined(__x86_64__) && defined(__APPLE__) 130 | 131 | #include 132 | 133 | #define __swab64(x) (unsigned long long) OSSwapInt64((uint64_t)x) 134 | #define __swab32(x) (unsigned long) OSSwapInt32((uint32_t)x) 135 | #define __swab16(x) (unsigned short) OSSwapInt16((uint16_t)x) 136 | #define __be64_to_cpu(x) (unsigned long long) OSSwapBigToHostInt64((uint64_t)x) 137 | #define __be32_to_cpu(x) (unsigned long) OSSwapBigToHostInt32((uint32_t)x) 138 | #define __be16_to_cpu(x) (unsigned short) OSSwapBigToHostInt16((uint16_t)x) 139 | #define __le64_to_cpu(x) (unsigned long long) OSSwapLittleToHostInt64((uint64_t)x) 140 | #define __le32_to_cpu(x) (unsigned long) OSSwapLittleToHostInt32((uint32_t)x) 141 | #define __le16_to_cpu(x) (unsigned short) OSSwapLittleToHostInt16((uint16_t)x) 142 | #define __cpu_to_be64(x) (unsigned long long) OSSwapHostToBigInt64((uint64_t)x) 143 | #define __cpu_to_be32(x) (unsigned long) OSSwapHostToBigInt32((uint32_t)x) 144 | #define __cpu_to_be16(x) (unsigned short) OSSwapHostToBigInt16((uint16_t)x) 145 | #define __cpu_to_le64(x) (unsigned long long) OSSwapHostToLittleInt64((uint64_t)x) 146 | #define __cpu_to_le32(x) (unsigned long) OSSwapHostToLittleInt32((uint32_t)x) 147 | #define __cpu_to_le16(x) (unsigned short) OSSwapHostToLittleInt16((uint16_t)x) 148 | 149 | #else 150 | 151 | #include 152 | 153 | #define __swab64(x) NXSwapLongLong(x) 154 | #define __swab32(x) NXSwapLong(x) 155 | #define __swab16(x) NXSwapShort(x) 156 | #define __be64_to_cpu(x) NXSwapBigLongLongToHost(x) 157 | #define __be32_to_cpu(x) NXSwapBigLongToHost(x) 158 | #define __be16_to_cpu(x) NXSwapBigShortToHost(x) 159 | #define __le64_to_cpu(x) NXSwapLittleLongLongToHost(x) 160 | #define __le32_to_cpu(x) NXSwapLittleLongToHost(x) 161 | #define __le16_to_cpu(x) NXSwapLittleShortToHost(x) 162 | #define __cpu_to_be64(x) NXSwapHostLongLongToBig(x) 163 | #define __cpu_to_be32(x) NXSwapHostLongToBig(x) 164 | #define __cpu_to_be16(x) NXSwapHostShortToBig(x) 165 | #define __cpu_to_le64(x) NXSwapHostLongLongToLittle(x) 166 | #define __cpu_to_le32(x) NXSwapHostLongToLittle(x) 167 | #define __cpu_to_le16(x) NXSwapHostShortToLittle(x) 168 | 169 | #endif 170 | 171 | #define __LITTLE_ENDIAN 1234 172 | #define __BIG_ENDIAN 4321 173 | #define __PDP_ENDIAN 3412 174 | #define __BYTE_ORDER __BIG_ENDIAN 175 | 176 | #define AIRCRACK_NG_BYTE_ORDER_DEFINED 177 | 178 | #endif 179 | 180 | /* 181 | * Solaris 182 | * ------- 183 | */ 184 | #if defined(__sparc__) 185 | #include 186 | #include 187 | #include 188 | 189 | #define __be64_to_cpu(x) (x) 190 | #define __be32_to_cpu(x) (x) 191 | #define __be16_to_cpu(x) (x) 192 | #define __cpu_to_be64(x) (x) 193 | #define __cpu_to_be32(x) (x) 194 | #define __cpu_to_be16(x) (x) 195 | #define __le64_to_cpu(x) ___my_swab64(x) 196 | #define __le32_to_cpu(x) ___my_swab32(x) 197 | #define __le16_to_cpu(x) ___my_swab16(x) 198 | #define __cpu_to_le64(x) ___my_swab64(x) 199 | #define __cpu_to_le32(x) ___my_swab32(x) 200 | #define __cpu_to_le16(x) ___my_swab16(x) 201 | 202 | typedef uint64_t u_int64_t; 203 | typedef uint32_t u_int32_t; 204 | typedef uint16_t u_int16_t; 205 | typedef uint8_t u_int8_t; 206 | 207 | #define AIRCRACK_NG_BYTE_ORDER_DEFINED 208 | 209 | #endif 210 | 211 | /* 212 | * Custom stuff 213 | */ 214 | #if defined(__MACH__) && !defined(__APPLE_CC__) 215 | #include 216 | #define __cpu_to_be64(x) = OSSwapHostToBigInt64(x) 217 | #define __cpu_to_be32(x) = OSSwapHostToBigInt32(x) 218 | 219 | #define AIRCRACK_NG_BYTE_ORDER_DEFINED 220 | 221 | #endif 222 | 223 | 224 | // FreeBSD 225 | #ifdef __FreeBSD__ 226 | #include 227 | #endif 228 | 229 | // XXX: Is there anything to include on OpenBSD/NetBSD/DragonFlyBSD/...? 230 | 231 | 232 | // XXX: Mac: Check http://www.opensource.apple.com/source/CF/CF-476.18/CFByteOrder.h 233 | // http://developer.apple.com/DOCUMENTATION/CoreFoundation/Reference/CFByteOrderUtils/Reference/reference.html 234 | // Write to apple to ask what should be used. 235 | 236 | #if defined(LITTLE_ENDIAN) 237 | #define AIRCRACK_NG_LITTLE_ENDIAN LITTLE_ENDIAN 238 | #elif defined(__LITTLE_ENDIAN) 239 | #define AIRCRACK_NG_LITTLE_ENDIAN __LITTLE_ENDIAN 240 | #elif defined(_LITTLE_ENDIAN) 241 | #define AIRCRACK_NG_LITTLE_ENDIAN _LITTLE_ENDIAN 242 | #endif 243 | 244 | #if defined(BIG_ENDIAN) 245 | #define AIRCRACK_NG_BIG_ENDIAN BIG_ENDIAN 246 | #elif defined(__BIG_ENDIAN) 247 | #define AIRCRACK_NG_BIG_ENDIAN __BIG_ENDIAN 248 | #elif defined(_BIG_ENDIAN) 249 | #define AIRCRACK_NG_BIG_ENDIAN _BIG_ENDIAN 250 | #endif 251 | 252 | #if !defined(AIRCRACK_NG_LITTLE_ENDIAN) && !defined(AIRCRACK_NG_BIG_ENDIAN) 253 | #error Impossible to determine endianness (Little or Big endian), please contact the author. 254 | #endif 255 | 256 | #if defined(BYTE_ORDER) 257 | #if (BYTE_ORDER == AIRCRACK_NG_LITTLE_ENDIAN) 258 | #define AIRCRACK_NG_BYTE_ORDER AIRCRACK_NG_LITTLE_ENDIAN 259 | #elif (BYTE_ORDER == AIRCRACK_NG_BIG_ENDIAN) 260 | #define AIRCRACK_NG_BYTE_ORDER AIRCRACK_NG_BIG_ENDIAN 261 | #endif 262 | #elif defined(__BYTE_ORDER) 263 | #if (__BYTE_ORDER == AIRCRACK_NG_LITTLE_ENDIAN) 264 | #define AIRCRACK_NG_BYTE_ORDER AIRCRACK_NG_LITTLE_ENDIAN 265 | #elif (__BYTE_ORDER == AIRCRACK_NG_BIG_ENDIAN) 266 | #define AIRCRACK_NG_BYTE_ORDER AIRCRACK_NG_BIG_ENDIAN 267 | #endif 268 | #elif defined(_BYTE_ORDER) 269 | #if (_BYTE_ORDER == AIRCRACK_NG_LITTLE_ENDIAN) 270 | #define AIRCRACK_NG_BYTE_ORDER AIRCRACK_NG_LITTLE_ENDIAN 271 | #elif (_BYTE_ORDER == AIRCRACK_NG_BIG_ENDIAN) 272 | #define AIRCRACK_NG_BYTE_ORDER AIRCRACK_NG_BIG_ENDIAN 273 | #endif 274 | #endif 275 | 276 | #ifndef AIRCRACK_NG_BYTE_ORDER 277 | #error Impossible to determine endianness (Little or Big endian), please contact the author. 278 | #endif 279 | 280 | #if (AIRCRACK_NG_BYTE_ORDER == AIRCRACK_NG_LITTLE_ENDIAN) 281 | 282 | #ifndef AIRCRACK_NG_BYTE_ORDER_DEFINED 283 | #define __be64_to_cpu(x) ___my_swab64(x) 284 | #define __be32_to_cpu(x) ___my_swab32(x) 285 | #define __be16_to_cpu(x) ___my_swab16(x) 286 | #define __cpu_to_be64(x) ___my_swab64(x) 287 | #define __cpu_to_be32(x) ___my_swab32(x) 288 | #define __cpu_to_be16(x) ___my_swab16(x) 289 | #define __le64_to_cpu(x) (x) 290 | #define __le32_to_cpu(x) (x) 291 | #define __le16_to_cpu(x) (x) 292 | #define __cpu_to_le64(x) (x) 293 | #define __cpu_to_le32(x) (x) 294 | #define __cpu_to_le16(x) (x) 295 | #endif 296 | 297 | #ifndef htobe16 298 | #define htobe16 ___my_swab16 299 | #endif 300 | #ifndef htobe32 301 | #define htobe32 ___my_swab32 302 | #endif 303 | #ifndef htobe64 304 | #define htobe64 ___my_swab64 305 | #endif 306 | #ifndef betoh16 307 | #define betoh16 ___my_swab16 308 | #endif 309 | #ifndef betoh32 310 | #define betoh32 ___my_swab32 311 | #endif 312 | #ifndef betoh64 313 | #define betoh64 ___my_swab64 314 | #endif 315 | 316 | #ifndef htole16 317 | #define htole16(x) (x) 318 | #endif 319 | #ifndef htole32 320 | #define htole32(x) (x) 321 | #endif 322 | #ifndef htole64 323 | #define htole64(x) (x) 324 | #endif 325 | #ifndef letoh16 326 | #define letoh16(x) (x) 327 | #endif 328 | #ifndef letoh32 329 | #define letoh32(x) (x) 330 | #endif 331 | #ifndef letoh64 332 | #define letoh64(x) (x) 333 | #endif 334 | 335 | #endif 336 | 337 | #if (AIRCRACK_NG_BYTE_ORDER == AIRCRACK_NG_BIG_ENDIAN) 338 | 339 | #ifndef AIRCRACK_NG_BYTE_ORDER_DEFINED 340 | #define __be64_to_cpu(x) (x) 341 | #define __be32_to_cpu(x) (x) 342 | #define __be16_to_cpu(x) (x) 343 | #define __cpu_to_be64(x) (x) 344 | #define __cpu_to_be32(x) (x) 345 | #define __cpu_to_be16(x) (x) 346 | #define __le64_to_cpu(x) ___my_swab64(x) 347 | #define __le32_to_cpu(x) ___my_swab32(x) 348 | #define __le16_to_cpu(x) ___my_swab16(x) 349 | #define __cpu_to_le64(x) ___my_swab64(x) 350 | #define __cpu_to_le32(x) ___my_swab32(x) 351 | #define __cpu_to_le16(x) ___my_swab16(x) 352 | #endif 353 | 354 | #ifndef htobe16 355 | #define htobe16(x) (x) 356 | #endif 357 | #ifndef htobe32 358 | #define htobe32(x) (x) 359 | #endif 360 | #ifndef htobe64 361 | #define htobe64(x) (x) 362 | #endif 363 | #ifndef betoh16 364 | #define betoh16(x) (x) 365 | #endif 366 | #ifndef betoh32 367 | #define betoh32(x) (x) 368 | #endif 369 | #ifndef betoh64 370 | #define betoh64(x) (x) 371 | #endif 372 | 373 | #ifndef htole16 374 | #define htole16 ___my_swab16 375 | #endif 376 | #ifndef htole32 377 | #define htole32 ___my_swab32 378 | #endif 379 | #ifndef htole64 380 | #define htole64 ___my_swab64 381 | #endif 382 | #ifndef letoh16 383 | #define letoh16 ___my_swab16 384 | #endif 385 | #ifndef letoh32 386 | #define letoh32 ___my_swab32 387 | #endif 388 | #ifndef letoh64 389 | #define letoh64 ___my_swab64 390 | #endif 391 | 392 | #endif 393 | 394 | // Common defines 395 | #define cpu_to_le64 __cpu_to_le64 396 | #define le64_to_cpu __le64_to_cpu 397 | #define cpu_to_le32 __cpu_to_le32 398 | #define le32_to_cpu __le32_to_cpu 399 | #define cpu_to_le16 __cpu_to_le16 400 | #define le16_to_cpu __le16_to_cpu 401 | #define cpu_to_be64 __cpu_to_be64 402 | #define be64_to_cpu __be64_to_cpu 403 | #define cpu_to_be32 __cpu_to_be32 404 | #define be32_to_cpu __be32_to_cpu 405 | #define cpu_to_be16 __cpu_to_be16 406 | #define be16_to_cpu __be16_to_cpu 407 | 408 | #ifndef le16toh 409 | #define le16toh le16_to_cpu 410 | #endif 411 | #ifndef be16toh 412 | #define be16toh be16_to_cpu 413 | #endif 414 | #ifndef le32toh 415 | #define le32toh le32_to_cpu 416 | #endif 417 | #ifndef be32toh 418 | #define be32toh be32_to_cpu 419 | #endif 420 | 421 | 422 | #ifndef htons 423 | #define htons be16_to_cpu 424 | #endif 425 | #ifndef htonl 426 | #define htonl cpu_to_be16 427 | #endif 428 | #ifndef ntohs 429 | #define ntohs cpu_to_be16 430 | #endif 431 | #ifndef ntohl 432 | #define ntohl cpu_to_be32 433 | #endif 434 | 435 | #endif 436 | -------------------------------------------------------------------------------- /include/crypto.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | 5 | /* great part of this function is taken from aircrack-ng suite source code. 6 | * derive the PMK from the passphrase and the essid 7 | */ 8 | unsigned char *calc_pmk( char *essid_pre, char *key ) 9 | { 10 | int i, j, slen; 11 | unsigned char buffer[65],*pmk; 12 | char essid[33+4]; 13 | SHA_CTX ctx_ipad; 14 | SHA_CTX ctx_opad; 15 | SHA_CTX sha1_ctx; 16 | 17 | if(key == NULL || essid_pre == NULL) 18 | { 19 | report_error("called with NULL argument.",0,0,error); 20 | return NULL; 21 | } 22 | pmk = malloc(40*sizeof(unsigned char)); 23 | memset(essid, 0, sizeof(essid)); 24 | memcpy(essid, essid_pre, strlen(essid_pre)); 25 | slen = strlen( essid ) + 4; 26 | 27 | /* setup the inner and outer contexts */ 28 | 29 | memset( buffer, 0, sizeof( buffer ) ); 30 | strncpy( (char *) buffer, key, sizeof( buffer ) - 1 ); 31 | 32 | for( i = 0; i < 64; i++ ) 33 | buffer[i] ^= 0x36; 34 | 35 | SHA1_Init( &ctx_ipad ); 36 | SHA1_Update( &ctx_ipad, buffer, 64 ); 37 | 38 | for( i = 0; i < 64; i++ ) 39 | buffer[i] ^= 0x6A; 40 | 41 | SHA1_Init( &ctx_opad ); 42 | SHA1_Update( &ctx_opad, buffer, 64 ); 43 | 44 | /* iterate HMAC-SHA1 over itself 8192 times */ 45 | 46 | essid[slen - 1] = '\1'; 47 | HMAC(EVP_sha1(), (uchar *)key, strlen(key), (uchar*)essid, slen, pmk, NULL); 48 | memcpy( buffer, pmk, 20 ); 49 | 50 | for( i = 1; i < 4096; i++ ) 51 | { 52 | memcpy( &sha1_ctx, &ctx_ipad, sizeof( sha1_ctx ) ); 53 | SHA1_Update( &sha1_ctx, buffer, 20 ); 54 | SHA1_Final( buffer, &sha1_ctx ); 55 | 56 | memcpy( &sha1_ctx, &ctx_opad, sizeof( sha1_ctx ) ); 57 | SHA1_Update( &sha1_ctx, buffer, 20 ); 58 | SHA1_Final( buffer, &sha1_ctx ); 59 | 60 | for( j = 0; j < 20; j++ ) 61 | pmk[j] ^= buffer[j]; 62 | } 63 | 64 | essid[slen - 1] = '\2'; 65 | HMAC(EVP_sha1(), (uchar *)key, strlen(key), (uchar*)essid, slen, pmk+20, NULL); 66 | memcpy( buffer, pmk + 20, 20 ); 67 | 68 | for( i = 1; i < 4096; i++ ) 69 | { 70 | memcpy( &sha1_ctx, &ctx_ipad, sizeof( sha1_ctx ) ); 71 | SHA1_Update( &sha1_ctx, buffer, 20 ); 72 | SHA1_Final( buffer, &sha1_ctx ); 73 | 74 | memcpy( &sha1_ctx, &ctx_opad, sizeof( sha1_ctx ) ); 75 | SHA1_Update( &sha1_ctx, buffer, 20 ); 76 | SHA1_Final( buffer, &sha1_ctx ); 77 | 78 | for( j = 0; j < 20; j++ ) 79 | pmk[j + 20] ^= buffer[j]; 80 | } 81 | return pmk; 82 | } -------------------------------------------------------------------------------- /include/pcap.h: -------------------------------------------------------------------------------- 1 | /* 2 | * 3 | * Copyright (C) 2001-2004 Christophe Devine 4 | * 5 | * This program is free software; you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation; either version 2 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program; if not, write to the Free Software 17 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 18 | * 19 | * In addition, as a special exception, the copyright holders give 20 | * permission to link the code of portions of this program with the 21 | * OpenSSL library under certain conditions as described in each 22 | * individual source file, and distribute linked combinations 23 | * including the two. 24 | * You must obey the GNU General Public License in all respects 25 | * for all of the code used other than OpenSSL. If you modify 26 | * file(s) with this exception, you may extend this exception to your 27 | * version of the file(s), but you are not obligated to do so. If you 28 | * do not wish to do so, delete this exception statement from your 29 | * version. If you delete this exception statement from all source 30 | * files in the program, then also delete it here. 31 | 32 | */ 33 | #ifndef _AIRCRACK_NG_PCAP_H_ 34 | #define _AIRCRACK_NG_PCAP_H_ 35 | 36 | #define FORMAT_CAP 1 37 | #define FORMAT_IVS 2 38 | #define FORMAT_IVS2 3 39 | 40 | #define TCPDUMP_MAGIC 0xA1B2C3D4 41 | #define TCPDUMP_CIGAM 0xD4C3B2A1 42 | #define IVSONLY_MAGIC "\xBF\xCA\x84\xD4" 43 | #define IVS2_MAGIC "\xAE\x78\xD1\xFF" 44 | #define IVS2_EXTENSION "ivs" 45 | #define IVS2_VERSION 1 46 | 47 | #define PCAP_VERSION_MAJOR 2 48 | #define PCAP_VERSION_MINOR 4 49 | 50 | #define LINKTYPE_ETHERNET 1 51 | #define LINKTYPE_IEEE802_11 105 52 | #define LINKTYPE_PRISM_HEADER 119 53 | #define LINKTYPE_RADIOTAP_HDR 127 54 | #define LINKTYPE_PPI_HDR 192 55 | 56 | #define uchar unsigned char 57 | #define ushort unsigned short 58 | #define uint unsigned int 59 | #define ulong unsigned long 60 | 61 | //BSSID const. length of 6 bytes; can be together with all the other types 62 | #define IVS2_BSSID 0x0001 63 | 64 | //ESSID var. length; alone, or with BSSID 65 | #define IVS2_ESSID 0x0002 66 | 67 | //wpa structure, const. length; alone, or with BSSID 68 | #define IVS2_WPA 0x0004 69 | 70 | //IV+IDX+KEYSTREAM, var. length; alone or with BSSID 71 | #define IVS2_XOR 0x0008 72 | 73 | /* [IV+IDX][i][l][XOR_1]..[XOR_i][weight] * 74 | * holds i possible keystreams for the same IV with a length of l for each keystream (l max 32) * 75 | * and an array "int weight[16]" at the end */ 76 | #define IVS2_PTW 0x0010 77 | 78 | //unencrypted packet 79 | #define IVS2_CLR 0x0020 80 | 81 | struct pcap_file_header 82 | { 83 | uint magic; 84 | ushort version_major; 85 | ushort version_minor; 86 | int thiszone; 87 | uint sigfigs; 88 | uint snaplen; 89 | uint linktype; 90 | }; 91 | 92 | struct pcap_pkthdr 93 | { 94 | int tv_sec; 95 | int tv_usec; 96 | uint caplen; 97 | uint len; 98 | }; 99 | 100 | struct ivs2_filehdr 101 | { 102 | unsigned short version; 103 | }; 104 | 105 | struct ivs2_pkthdr 106 | { 107 | unsigned short flags; 108 | unsigned short len; 109 | }; 110 | 111 | #endif /* common.h */ 112 | -------------------------------------------------------------------------------- /install-sh: -------------------------------------------------------------------------------- 1 | autoreconf --install 2 | ./configure 3 | -------------------------------------------------------------------------------- /parser/cap2hccap.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Autocrack - automatically crack everything throught CPU and GPU 3 | * Copyright (C) 2012 Massimo Dragano 4 | * 5 | * Autocrack is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * Autocrack is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with Autocrack. If not, see . 17 | */ 18 | 19 | #ifdef UINT16 20 | #define u_int16_t UINT16; 21 | #endif 22 | #include "pcap.h" 23 | #include "byteorder.h" 24 | #define BROADCAST (uchar*)"\xFF\xFF\xFF\xFF\xFF\xFF" 25 | #define SWAP32(x) \ 26 | x = ( ( ( x >> 24 ) & 0x000000FF ) | \ 27 | ( ( x >> 8 ) & 0x0000FF00 ) | \ 28 | ( ( x << 8 ) & 0x00FF0000 ) | \ 29 | ( ( x << 24 ) & 0xFF000000 ) ); 30 | /* workaround for arm compiling */ 31 | #ifndef O_BINARY 32 | #define O_BINARY 0 33 | #endif 34 | #ifndef F_SETFL 35 | #define F_SETFL 4 36 | #endif 37 | #ifndef O_NONBLOCK 38 | #define O_NONBLOCK 04000 39 | #endif 40 | typedef struct 41 | { 42 | int off1; 43 | int off2; 44 | void *buf1; 45 | void *buf2; 46 | } 47 | read_buf; 48 | 49 | struct wpa_hdsk 50 | { 51 | unsigned char stmac[6]; 52 | unsigned char snonce[32]; 53 | unsigned char anonce[32]; 54 | unsigned char keymic[16]; 55 | unsigned char eapol[256]; 56 | int eapol_size; 57 | int keyver; 58 | int state; 59 | }; 60 | 61 | struct apoint 62 | { 63 | unsigned char bssid[6]; 64 | char essid[33]; 65 | int crypt; 66 | struct station *st_lst; 67 | hccap_t wpa; 68 | struct pcap_pkthdr pkts[5]; 69 | struct apoint *next; 70 | }; 71 | 72 | struct station 73 | { 74 | unsigned char mac[6]; 75 | struct apoint *parent; 76 | struct wpa_hdsk wpa; 77 | struct station *next; 78 | }; 79 | 80 | struct good_pkt 81 | { 82 | struct pcap_pkthdr *pkh; 83 | struct good_pkt *next; 84 | }; 85 | 86 | int atomic_read( read_buf *rb, int fd, int len, void *buf ) 87 | { 88 | int n; 89 | 90 | if( rb->buf1 == NULL ) 91 | { 92 | rb->buf1 = malloc( 65536 ); 93 | rb->buf2 = malloc( 65536 ); 94 | 95 | rb->off1 = 0; 96 | rb->off2 = 0; 97 | } 98 | 99 | if( len > 65536 - rb->off1 ) 100 | { 101 | rb->off2 -= rb->off1; 102 | 103 | memcpy( rb->buf2, rb->buf1 + rb->off1, rb->off2 ); 104 | memcpy( rb->buf1, rb->buf2, rb->off2 ); 105 | 106 | rb->off1 = 0; 107 | } 108 | 109 | if( rb->off2 - rb->off1 >= len ) 110 | { 111 | memcpy( buf, rb->buf1 + rb->off1, len ); 112 | rb->off1 += len; 113 | return( 1 ); 114 | } 115 | else 116 | { 117 | n = read( fd, rb->buf1 + rb->off2, 65536 - rb->off2 ); 118 | 119 | if( n <= 0 ) 120 | return( 0 ); 121 | 122 | rb->off2 += n; 123 | 124 | if( rb->off2 - rb->off1 >= len ) 125 | { 126 | memcpy( buf, rb->buf1 + rb->off1, len ); 127 | rb->off1 += len; 128 | return( 1 ); 129 | } 130 | } 131 | 132 | return( 0 ); 133 | } 134 | 135 | void add_pkh(struct good_pkt **list, struct pcap_pkthdr *pkh) 136 | { 137 | struct good_pkt *iter=NULL,*prev=NULL; 138 | size_t pkh_sz; 139 | 140 | static uchar ZERO[32] = 141 | "\x00\x00\x00\x00\x00\x00\x00\x00" 142 | "\x00\x00\x00\x00\x00\x00\x00\x00" 143 | "\x00\x00\x00\x00\x00\x00\x00\x00" 144 | "\x00\x00\x00\x00\x00\x00\x00\x00"; 145 | 146 | pkh_sz = sizeof(struct pcap_pkthdr); 147 | 148 | if(!memcmp(pkh,ZERO,pkh_sz)) 149 | return; 150 | 151 | if(*list==NULL) 152 | { 153 | *list = iter = malloc(sizeof(struct good_pkt)); 154 | iter->pkh = malloc(pkh_sz); 155 | memcpy(iter->pkh,pkh,pkh_sz); 156 | iter->next = NULL; 157 | return; 158 | } 159 | 160 | for(iter=*list;iter!=NULL && memcmp(iter->pkh,pkh,pkh_sz);prev=iter,iter=iter->next); 161 | if(iter!=NULL) // pkh is already in list 162 | return; 163 | prev->next = iter = malloc(sizeof(struct good_pkt)); 164 | iter->pkh = malloc(pkh_sz); 165 | memcpy(iter->pkh,pkh,pkh_sz); 166 | iter->next=NULL; 167 | return; 168 | } 169 | 170 | void del_pkh(struct good_pkt **list, struct pcap_pkthdr *pkh) 171 | { 172 | struct good_pkt *iter=NULL,*prev=NULL; 173 | size_t pkh_sz; 174 | 175 | pkh_sz = sizeof(struct pcap_pkthdr); 176 | 177 | if((iter=*list)==NULL) 178 | return; 179 | while(iter!=NULL) 180 | if(!memcmp(iter->pkh,pkh,pkh_sz)) 181 | if(prev==NULL) // remove the first item of the list 182 | { 183 | prev = iter; 184 | *list = iter = iter->next; 185 | free((void *) prev->pkh); 186 | free((void *) prev); 187 | prev = NULL; 188 | } 189 | else 190 | { 191 | prev->next = iter->next; 192 | free((void *) iter->pkh); 193 | free((void *) iter); 194 | iter=prev->next; 195 | } 196 | else 197 | { 198 | prev=iter; 199 | iter=iter->next; 200 | } 201 | return; 202 | } 203 | 204 | void write_pcap(struct good_pkt *good_pkts, const char *file) 205 | { 206 | int fd,outfile,n; 207 | read_buf rb; 208 | uchar *buffer,*h80211; 209 | struct pcap_pkthdr pkh; 210 | struct good_pkt *iter=NULL,*prev=NULL; 211 | struct pcap_file_header pfh; 212 | size_t pkh_sz; 213 | 214 | pkh_sz = sizeof(struct pcap_pkthdr); 215 | 216 | // errors not checked, because the caller check them first. ( except globals.pcap ) 217 | memset( &rb, 0, sizeof( rb ) ); 218 | fd = open( file, O_RDONLY | O_BINARY ); 219 | atomic_read( &rb, fd, 24, &pfh ); 220 | 221 | if(globals.pcap==NULL) 222 | { 223 | globals.pcap = malloc(L_tmpnam*sizeof(char)); 224 | tmpnam((char *) globals.pcap); 225 | if((outfile = open(globals.pcap,O_BINARY | O_CREAT | O_WRONLY , S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) == -1) 226 | { 227 | report_error(globals.pcap,1,0,error); 228 | return; 229 | } 230 | write(outfile,&pfh,sizeof(pfh)); 231 | } 232 | else if((outfile = open(globals.pcap,O_BINARY | O_WRONLY | O_APPEND, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) == -1) 233 | { 234 | report_error(globals.pcap,1,0,error); 235 | return; 236 | } 237 | 238 | buffer = malloc(65536); 239 | 240 | while( atomic_read( &rb, fd, sizeof( pkh ), &pkh )) 241 | { 242 | atomic_read( &rb, fd, pkh.caplen, buffer ); 243 | 244 | h80211 = buffer; 245 | 246 | if( pfh.linktype == LINKTYPE_PRISM_HEADER ) 247 | { 248 | if( h80211[7] == 0x40 ) 249 | n = 64; 250 | else 251 | { 252 | n = *(int *)( h80211 + 4 ); 253 | if( pfh.magic == TCPDUMP_CIGAM ) 254 | SWAP32( n ); 255 | } 256 | if( n < 8 || n >= (int) pkh.caplen ) 257 | continue; 258 | h80211 += n; pkh.caplen -= n; 259 | } 260 | 261 | if( pfh.linktype == LINKTYPE_RADIOTAP_HDR ) 262 | { 263 | n = *(unsigned short *)( h80211 + 2 ); 264 | if( n <= 0 || n >= (int) pkh.caplen ) 265 | continue; 266 | h80211 += n; pkh.caplen -= n; 267 | } 268 | 269 | if( pfh.linktype == LINKTYPE_PPI_HDR ) 270 | { 271 | n = le16_to_cpu(*(unsigned short *)( h80211 + 2)); 272 | if( n <= 0 || n>= (int) pkh.caplen ) 273 | continue; 274 | if ( n == 24 && le16_to_cpu(*(unsigned short *)(h80211 + 8)) == 2 ) 275 | n = 32; 276 | if( n <= 0 || n>= (int) pkh.caplen ) 277 | continue; 278 | h80211 += n; pkh.caplen -= n; 279 | } 280 | 281 | if( pkh.caplen < 24 ) 282 | continue; 283 | for(iter=good_pkts;iter!=NULL;iter=iter->next) 284 | if(!memcmp(iter->pkh,&pkh,pkh_sz)) 285 | break; 286 | if(iter!=NULL) 287 | { 288 | write(outfile,&pkh,pkh_sz); 289 | write(outfile,buffer,pkh.caplen); 290 | del_pkh(&good_pkts,&pkh); 291 | } 292 | } 293 | 294 | close(fd); 295 | close(outfile); 296 | free((void *) buffer); 297 | for(iter=good_pkts;iter!=NULL;prev=iter,iter=iter->next,free((void *) prev)) 298 | free((void *) iter->pkh); 299 | if(rb.buf1!=NULL) 300 | free((void *) rb.buf1); 301 | if(rb.buf2!=NULL) 302 | free((void *) rb.buf2); 303 | return; 304 | } 305 | 306 | void cap2hccap(const char *arg) 307 | { 308 | int fd, n, z; 309 | read_buf rb; 310 | FILE *fp_hccap; 311 | uchar *buffer, 312 | *h80211, 313 | *p; 314 | char *name_hccap; 315 | static uchar ZERO[32] = 316 | "\x00\x00\x00\x00\x00\x00\x00\x00" 317 | "\x00\x00\x00\x00\x00\x00\x00\x00" 318 | "\x00\x00\x00\x00\x00\x00\x00\x00" 319 | "\x00\x00\x00\x00\x00\x00\x00\x00"; 320 | unsigned char bssid[6],dest[6],stmac[6]; 321 | 322 | struct pcap_pkthdr pkh; 323 | struct good_pkt *good_pkts=NULL; 324 | struct pcap_file_header pfh; 325 | struct apoint *ap_lst=NULL,*ap_cur,*ap_prev; 326 | struct station *st_cur,*st_prev; 327 | size_t pkh_sz; 328 | 329 | pkh_sz = sizeof(struct pcap_pkthdr); 330 | 331 | memset( &rb, 0, sizeof( rb ) ); 332 | fd = 0; 333 | 334 | buffer = (uchar *) malloc( 65536 ); 335 | 336 | h80211 = buffer; 337 | globals.err_buff[0] = '\0'; 338 | 339 | if( arg == NULL ) 340 | report_error("called with NULL argument.",0,1,error); 341 | else if( ( fd = open( arg, O_RDONLY | O_BINARY ) ) < 0 ) 342 | strncpy(globals.err_buff, arg,MAX_BUFF); 343 | else if( ! atomic_read( &rb, fd, 4, &pfh ) ) 344 | strncpy(globals.err_buff, arg,MAX_BUFF); 345 | else if( pfh.magic != TCPDUMP_MAGIC && pfh.magic != TCPDUMP_CIGAM ) 346 | snprintf(globals.err_buff,MAX_BUFF,"file \"%s\" is not a valid pcap file.", arg); 347 | else if( ! atomic_read( &rb, fd, 20, (uchar *) &pfh + 4 ) ) 348 | snprintf(globals.err_buff,MAX_BUFF,"reading header from file \"%s\".", arg); 349 | else if( fcntl( fd, F_SETFL, O_NONBLOCK ) < 0 ) 350 | snprintf(globals.err_buff,MAX_BUFF,"setting non blocking access on file \"%s\".", arg); 351 | else 352 | { 353 | if( pfh.magic == TCPDUMP_CIGAM ) 354 | SWAP32( pfh.linktype ); 355 | 356 | if( pfh.linktype != LINKTYPE_IEEE802_11 && 357 | pfh.linktype != LINKTYPE_PRISM_HEADER && 358 | pfh.linktype != LINKTYPE_RADIOTAP_HDR && 359 | pfh.linktype != LINKTYPE_PPI_HDR ) 360 | snprintf(globals.err_buff,MAX_BUFF,"file \"%s\" is not a 802.11 (wireless) capture.", arg); 361 | } 362 | 363 | if(globals.err_buff[0] != '\0') 364 | { 365 | if(strncmp(globals.err_buff,arg,MAX_BUFF) == 0) 366 | { 367 | snprintf(globals.err_buff,MAX_BUFF,"\"%s\"",arg); 368 | report_error(globals.err_buff,1,0,error); 369 | } 370 | else 371 | report_error(globals.err_buff,0,0,error); 372 | 373 | if(fd != 0) 374 | close(fd); 375 | free(buffer); 376 | if(rb.buf1!=NULL) 377 | free(rb.buf1); 378 | if(rb.buf2!=NULL) 379 | free(rb.buf2); 380 | return; 381 | } 382 | 383 | while( atomic_read( &rb, fd, sizeof( pkh ), &pkh )) 384 | { 385 | if( pfh.magic == TCPDUMP_CIGAM ) 386 | SWAP32( pkh.caplen ); 387 | 388 | if( pkh.caplen <= 0 || pkh.caplen > 65535 ) 389 | { 390 | report_error("invalid packet capture length.",0,0,error); 391 | report_error("probably capture file is corrupted.",0,0,verbose); 392 | break; 393 | } 394 | 395 | if( ! atomic_read( &rb, fd, pkh.caplen, buffer ) ) 396 | { 397 | report_error("cannot read packet data.",0,0,error); 398 | break; 399 | } 400 | 401 | h80211 = buffer; 402 | 403 | if( pfh.linktype == LINKTYPE_PRISM_HEADER ) 404 | { 405 | /* remove the prism header */ 406 | 407 | if( h80211[7] == 0x40 ) 408 | n = 64; 409 | else 410 | { 411 | n = *(int *)( h80211 + 4 ); 412 | 413 | if( pfh.magic == TCPDUMP_CIGAM ) 414 | SWAP32( n ); 415 | } 416 | 417 | if( n < 8 || n >= (int) pkh.caplen ) 418 | continue; 419 | 420 | h80211 += n; pkh.caplen -= n; 421 | } 422 | 423 | if( pfh.linktype == LINKTYPE_RADIOTAP_HDR ) 424 | { 425 | /* remove the radiotap header */ 426 | 427 | n = *(unsigned short *)( h80211 + 2 ); 428 | 429 | if( n <= 0 || n >= (int) pkh.caplen ) 430 | continue; 431 | 432 | h80211 += n; pkh.caplen -= n; 433 | } 434 | 435 | if( pfh.linktype == LINKTYPE_PPI_HDR ) 436 | { 437 | /* Remove the PPI header */ 438 | 439 | n = le16_to_cpu(*(unsigned short *)( h80211 + 2)); 440 | 441 | if( n <= 0 || n>= (int) pkh.caplen ) 442 | continue; 443 | 444 | /* for a whole Kismet logged broken PPI headers */ 445 | if ( n == 24 && le16_to_cpu(*(unsigned short *)(h80211 + 8)) == 2 ) 446 | n = 32; 447 | 448 | if( n <= 0 || n>= (int) pkh.caplen ) 449 | continue; 450 | 451 | h80211 += n; pkh.caplen -= n; 452 | } 453 | 454 | /* skip packets smaller than a 802.11 header */ 455 | 456 | if( pkh.caplen < 24 ) 457 | continue; 458 | 459 | /* skip (uninteresting) control frames */ 460 | 461 | if( ( h80211[0] & 0x0C ) == 0x04 ) 462 | continue; 463 | 464 | /* locate the access point's MAC address */ 465 | 466 | switch( h80211[1] & 3 ) 467 | { 468 | case 0: memcpy( bssid, h80211 + 16, 6 ); break; //Adhoc 469 | case 1: memcpy( bssid, h80211 + 4, 6 ); break; //ToDS 470 | case 2: memcpy( bssid, h80211 + 10, 6 ); break; //FromDS 471 | case 3: memcpy( bssid, h80211 + 10, 6 ); break; //WDS -> Transmitter taken as BSSID 472 | } 473 | 474 | switch( h80211[1] & 3 ) 475 | { 476 | case 0: memcpy( dest, h80211 + 4, 6 ); break; //Adhoc 477 | case 1: memcpy( dest, h80211 + 16, 6 ); break; //ToDS 478 | case 2: memcpy( dest, h80211 + 4, 6 ); break; //FromDS 479 | case 3: memcpy( dest, h80211 + 16, 6 ); break; //WDS -> Transmitter taken as BSSID 480 | } 481 | 482 | if( memcmp( bssid, BROADCAST, 6 ) == 0 ) 483 | continue; 484 | 485 | /* locate the station MAC in the 802.11 header */ 486 | 487 | memcpy(stmac,BROADCAST,6); // used as flag 488 | 489 | switch( h80211[1] & 3 ) 490 | { 491 | case 0: memcpy( stmac, h80211 + 10, 6 ); break; 492 | case 1: memcpy( stmac, h80211 + 10, 6 ); break; 493 | case 2: 494 | if( (h80211[4]%2) == 0 ) /* if is a broadcast packet */ 495 | memcpy( stmac, h80211 + 4, 6 ); 496 | break; 497 | } 498 | 499 | /* search if access point already exist */ 500 | 501 | ap_prev = NULL; 502 | ap_cur = ap_lst; 503 | for(ap_cur=ap_lst;ap_cur!=NULL;ap_prev=ap_cur,ap_cur=ap_cur->next) 504 | if( ! memcmp( ap_cur->bssid, bssid, 6 ) ) 505 | break; 506 | 507 | if(ap_cur == NULL) 508 | { 509 | ap_cur = malloc(sizeof(struct apoint)); 510 | if(ap_lst == NULL) 511 | ap_lst = ap_cur; 512 | else 513 | ap_prev->next = ap_cur; 514 | 515 | memcpy(ap_cur->bssid,bssid,6); 516 | ap_cur->crypt = -1; 517 | } 518 | 519 | /* search if station already exist */ 520 | 521 | st_cur = NULL; 522 | 523 | if(memcmp(stmac,BROADCAST,6) != 0 && memcmp(ap_cur->bssid, stmac,6) != 0) 524 | { 525 | 526 | for(st_prev = NULL, st_cur=ap_cur->st_lst; 527 | st_cur != NULL; st_prev = st_cur, st_cur = st_cur->next) 528 | if( ! memcmp( st_cur->mac, stmac, 6) ) 529 | break; 530 | 531 | /* if it's a new supplicant, add it */ 532 | 533 | if( st_cur == NULL ) 534 | { 535 | st_cur = malloc(sizeof(struct station)); 536 | 537 | if( ap_cur->st_lst == NULL ) 538 | ap_cur->st_lst = st_cur; 539 | else 540 | st_prev->next = st_cur; 541 | 542 | memcpy( st_cur->mac, stmac, 6 ); 543 | } 544 | } 545 | 546 | /* packet parsing: Beacon or Probe Response */ 547 | 548 | if( h80211[0] == 0x80 || 549 | h80211[0] == 0x50 ) 550 | { 551 | if( ap_cur->crypt < 0 ) 552 | ap_cur->crypt = ( h80211[34] & 0x10 ) >> 4; 553 | 554 | p = h80211 + 36; 555 | 556 | while( p < h80211 + pkh.caplen ) 557 | { 558 | if( p + 2 + p[1] > h80211 + pkh.caplen ) 559 | break; 560 | 561 | if( p[0] == 0x00 && p[1] > 0 && p[2] != '\0' ) 562 | { 563 | /* found a non-cloaked ESSID */ 564 | if(!memcmp(&(ap_cur->pkts[0]),ZERO,pkh_sz)) 565 | memcpy(&(ap_cur->pkts[0]),&pkh,pkh_sz); 566 | n = ( p[1] > 32 ) ? 32 : p[1]; 567 | memset( ap_cur->essid, 0, 33 ); 568 | memcpy( ap_cur->essid, p + 2, n ); 569 | } 570 | p += 2 + p[1]; 571 | } 572 | } 573 | 574 | /* packet parsing: Association Request */ 575 | 576 | if( h80211[0] == 0x00 ) 577 | { 578 | p = h80211 + 28; 579 | while( p < h80211 + pkh.caplen ) 580 | { 581 | if( p + 2 + p[1] > h80211 + pkh.caplen ) 582 | break; 583 | if( p[0] == 0x00 && p[1] > 0 && p[2] != '\0' ) 584 | { 585 | if(!memcmp(&(ap_cur->pkts[0]),ZERO,pkh_sz)) 586 | memcpy(&(ap_cur->pkts[0]),&pkh,pkh_sz); 587 | n = ( p[1] > 32 ) ? 32 : p[1]; 588 | memset( ap_cur->essid, 0, 33 ); 589 | memcpy( ap_cur->essid, p + 2, n ); 590 | } 591 | st_cur->wpa.state = 0; 592 | p += 2 + p[1]; 593 | } 594 | } 595 | 596 | /* packet parsing: Association Response */ 597 | 598 | if( h80211[0] == 0x10 ) 599 | if(st_cur != NULL) 600 | st_cur->wpa.state = 0; 601 | 602 | /* check if data and station isn't the bssid */ 603 | 604 | if( ( h80211[0] & 0x0C ) != 0x08 || st_cur == NULL ) 605 | continue; 606 | 607 | /* check minimum size */ 608 | 609 | z = ( ( h80211[1] & 3 ) != 3 ) ? 24 : 30; 610 | if ( ( h80211[0] & 0x80 ) == 0x80 ) 611 | z+=2; /* 802.11e QoS */ 612 | 613 | if( z + 16 > (int) pkh.caplen ) 614 | continue; 615 | 616 | /* check the SNAP header to see if data is WEP encrypted */ 617 | 618 | if( ( h80211[z] != h80211[z + 1] || h80211[z + 2] != 0x03 ) && (h80211[z + 3] & 0x20) != 0) 619 | ap_cur->crypt = 3; 620 | 621 | /* no encryption */ 622 | if( ap_cur->crypt < 0 ) 623 | ap_cur->crypt = 0; 624 | 625 | z += 6; 626 | 627 | /* check ethertype == EAPOL */ 628 | 629 | if( h80211[z] != 0x88 || h80211[z + 1] != 0x8E ) 630 | continue; 631 | 632 | z += 2; 633 | 634 | /* type == 3 (key), desc. == 254 (WPA) or 2 (RSN) */ 635 | 636 | if( h80211[z + 1] != 0x03 || 637 | ( h80211[z + 4] != 0xFE && h80211[z + 4] != 0x02 ) ) 638 | continue; 639 | 640 | ap_cur->crypt = 3; /* set WPA */ 641 | 642 | /* frame 1: Pairwise == 1, Install == 0, Ack == 1, MIC == 0 */ 643 | 644 | if( ( h80211[z + 6] & 0x08 ) != 0 && 645 | ( h80211[z + 6] & 0x40 ) == 0 && 646 | ( h80211[z + 6] & 0x80 ) != 0 && 647 | ( h80211[z + 5] & 0x01 ) == 0 ) 648 | { 649 | memcpy( st_cur->wpa.anonce, &h80211[z + 17], 32 ); 650 | memcpy(&(ap_cur->pkts[1]),&pkh,pkh_sz); 651 | /* authenticator nonce set */ 652 | st_cur->wpa.state = 1; 653 | } 654 | 655 | /* frame 2 or 4: Pairwise == 1, Install == 0, Ack == 0, MIC == 1 */ 656 | 657 | if(( h80211[z + 6] & 0x08 ) != 0 && 658 | ( h80211[z + 6] & 0x40 ) == 0 && 659 | ( h80211[z + 6] & 0x80 ) == 0 && 660 | ( h80211[z + 5] & 0x01 ) != 0 ) 661 | { 662 | if( memcmp( &h80211[z + 17], ZERO, 32 ) != 0 ) 663 | { 664 | memcpy( st_cur->wpa.snonce, &h80211[z + 17], 32 ); 665 | memcpy(&(ap_cur->pkts[2]),&pkh,pkh_sz); 666 | /* supplicant nonce set */ 667 | st_cur->wpa.state |= 2; 668 | } 669 | 670 | if( (st_cur->wpa.state & 4) != 4 ) 671 | { 672 | /* copy the MIC & eapol frame */ 673 | 674 | st_cur->wpa.eapol_size = ( h80211[z + 2] << 8 ) 675 | + h80211[z + 3] + 4; 676 | 677 | if ((int)pkh.len - z < st_cur->wpa.eapol_size ) 678 | // Ignore the packet trying to crash us. 679 | continue; 680 | 681 | memcpy( st_cur->wpa.keymic, &h80211[z + 81], 16 ); 682 | memcpy( st_cur->wpa.eapol, &h80211[z], st_cur->wpa.eapol_size ); 683 | memset( st_cur->wpa.eapol + 81, 0, 16 ); 684 | 685 | /* eapol frame & keymic set */ 686 | memcpy(&(ap_cur->pkts[4]),&pkh,pkh_sz); 687 | st_cur->wpa.state |= 4; 688 | 689 | /* copy the key descriptor version */ 690 | 691 | st_cur->wpa.keyver = h80211[z + 6] & 7; 692 | } 693 | } 694 | 695 | /* frame 3: Pairwise == 1, Install == 1, Ack == 1, MIC == 1 */ 696 | 697 | if( ( h80211[z + 6] & 0x08 ) != 0 && 698 | ( h80211[z + 6] & 0x40 ) != 0 && 699 | ( h80211[z + 6] & 0x80 ) != 0 && 700 | ( h80211[z + 5] & 0x01 ) != 0 ) 701 | { 702 | if( memcmp( &h80211[z + 17], ZERO, 32 ) != 0 ) 703 | { 704 | memcpy( st_cur->wpa.anonce, &h80211[z + 17], 32 ); 705 | 706 | /* authenticator nonce set */ 707 | memcpy(&(ap_cur->pkts[3]),&pkh,pkh_sz); 708 | st_cur->wpa.state |= 1; 709 | } 710 | 711 | if( (st_cur->wpa.state & 4) != 4 ) 712 | { 713 | /* copy the MIC & eapol frame */ 714 | 715 | st_cur->wpa.eapol_size = ( h80211[z + 2] << 8 ) 716 | + h80211[z + 3] + 4; 717 | 718 | if ((int)pkh.len - z < st_cur->wpa.eapol_size ) 719 | continue; 720 | 721 | memcpy( st_cur->wpa.keymic, &h80211[z + 81], 16 ); 722 | memcpy( st_cur->wpa.eapol, &h80211[z], st_cur->wpa.eapol_size ); 723 | memset( st_cur->wpa.eapol + 81, 0, 16 ); 724 | 725 | /* eapol frame & keymic set */ 726 | memcpy(&(ap_cur->pkts[4]),&pkh,pkh_sz); 727 | st_cur->wpa.state |= 4; 728 | 729 | /* copy the key descriptor version */ 730 | 731 | st_cur->wpa.keyver = h80211[z + 6] & 7; 732 | } 733 | } 734 | 735 | if( st_cur->wpa.state == 7 ) 736 | { 737 | /* got one valid handshake */ 738 | /* TODO: write this handshake only if it's quality ( how to know it ? ) is better then the previous one. */ 739 | 740 | memcpy (&(ap_cur->wpa.essid), &ap_cur->essid, sizeof (ap_cur->essid)); 741 | memcpy (&(ap_cur->wpa.mac1), &ap_cur->bssid, sizeof (ap_cur->bssid)); 742 | memcpy (&(ap_cur->wpa.mac2), &stmac, sizeof (st_cur->wpa.stmac)); 743 | memcpy (&(ap_cur->wpa.nonce1), &st_cur->wpa.snonce, sizeof (st_cur->wpa.snonce)); 744 | memcpy (&(ap_cur->wpa.nonce2), &st_cur->wpa.anonce, sizeof (st_cur->wpa.anonce)); 745 | memcpy (&(ap_cur->wpa.eapol), &st_cur->wpa.eapol, sizeof (st_cur->wpa.eapol)); 746 | memcpy (&(ap_cur->wpa.eapol_size), &st_cur->wpa.eapol_size, sizeof (st_cur->wpa.eapol_size)); 747 | memcpy (&(ap_cur->wpa.keyver), &st_cur->wpa.keyver, sizeof (st_cur->wpa.keyver)); 748 | memcpy (&(ap_cur->wpa.keymic), &st_cur->wpa.keymic, sizeof (st_cur->wpa.keymic)); 749 | if(memcmp(ap_cur->essid,ZERO,32)) // if a valid essid has been found for this handshake. 750 | for(n=0;n<5;n++) 751 | add_pkh(&good_pkts,&(ap_cur->pkts[n])); 752 | memset(&(ap_cur->pkts), 0, 5*sizeof(struct pcap_pkthdr)); 753 | /* reset wpa handshake completation */ 754 | st_cur->wpa.state = 0; 755 | } 756 | } 757 | 758 | /* find the first valid handshake */ 759 | for(ap_cur=ap_lst;ap_cur!=NULL;ap_prev=ap_cur,ap_cur=ap_cur->next,free((void *) ap_prev)) 760 | { 761 | if( memcmp(&(ap_cur->wpa), ZERO, 32) != 0) 762 | break; 763 | for(st_cur=ap_cur->st_lst;st_cur!=NULL;st_prev=st_cur,st_cur=st_cur->next,free((void *) st_prev)); 764 | } 765 | 766 | name_hccap = NULL; 767 | if(ap_cur!=NULL) 768 | { 769 | if(globals.hccap==NULL) 770 | { 771 | name_hccap = malloc(L_tmpnam*sizeof(char)); 772 | tmpnam(name_hccap); 773 | argcpy((const char **) &(globals.hccap),name_hccap,L_tmpnam+1); 774 | } 775 | else 776 | { 777 | pkh_sz = strlen(globals.hccap)+1; 778 | argcpy((const char **) &name_hccap,globals.hccap,pkh_sz); 779 | } 780 | if(good_pkts!=NULL) 781 | write_pcap(good_pkts,arg); 782 | } 783 | 784 | /* write unique handshakes to file and free access point data */ 785 | for(;ap_cur!=NULL;ap_prev=ap_cur,ap_cur=ap_cur->next,free((void *) ap_prev)) 786 | { 787 | if(memcmp(&(ap_cur->wpa), ZERO, 32) != 0) 788 | { 789 | /* there is a valid handshake for this access point */ 790 | snprintf(globals.err_buff,MAX_BUFF,"found handshake for \"%s\".",ap_cur->wpa.essid); 791 | report_error(globals.err_buff,0,0,verbose); 792 | add_wpa(ap_cur->wpa.essid,&(ap_cur->wpa)); 793 | 794 | if( (fp_hccap = fopen(name_hccap,"a")) == NULL) 795 | report_error(name_hccap,1,0,error); 796 | else if(fwrite(&(ap_cur->wpa),sizeof(hccap_t),1,fp_hccap) != 1) 797 | { 798 | snprintf(globals.err_buff,MAX_BUFF,"failed to write on file \"%s\".",name_hccap); 799 | report_error(globals.err_buff,0,0,error); 800 | } 801 | else 802 | { 803 | if(globals.hccap==NULL) 804 | argcpy(&(globals.hccap),name_hccap,L_tmpnam); 805 | fclose(fp_hccap); 806 | fp_hccap = NULL; 807 | } 808 | if(fp_hccap != NULL) 809 | fclose(fp_hccap); 810 | } 811 | for(st_cur=ap_cur->st_lst;st_cur!=NULL;st_prev=st_cur,st_cur=st_cur->next,free((void *) st_prev)); 812 | } 813 | 814 | if(name_hccap!=NULL) 815 | free((void *) name_hccap); 816 | 817 | if(rb.buf1 != NULL) 818 | { 819 | free(rb.buf1); 820 | rb.buf1 = NULL; 821 | } 822 | if(rb.buf2 != NULL) 823 | { 824 | free(rb.buf2); 825 | rb.buf2 = NULL; 826 | } 827 | if(buffer != NULL) 828 | { 829 | free((void *) buffer); 830 | buffer = NULL; 831 | } 832 | 833 | return; 834 | 835 | } 836 | -------------------------------------------------------------------------------- /parser/parser.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Autocrack - automatically crack everything throught CPU and GPU 3 | * Copyright (C) 2012 Massimo Dragano 4 | * 5 | * Autocrack is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * Autocrack is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with Autocrack. If not, see . 17 | */ 18 | 19 | #include "parser.h" 20 | 21 | extern struct _globals globals; 22 | 23 | enum _type parser_type(const char *arg, const char *file,int line_no) 24 | { 25 | char *str; 26 | enum _type i; 27 | size_t len; 28 | 29 | if(arg==NULL) 30 | w_report_error("called with NULL argument.",file,line_no,__func__,0,1,error); 31 | 32 | // convert type to uppercase 33 | str = str2up(arg); 34 | len = strlen(arg); 35 | 36 | // search type in type_str 37 | for( i=NONE+1; i NONE && type < UNKNOWN) 56 | str = regexp(arg,type_rgx[type]); 57 | else 58 | //try all regex against given hash 59 | for(i=NONE+1;itype >= UNKNOWN || tmp->type <= NONE ) 86 | { 87 | if(tmp->hash != NULL) 88 | { 89 | report(info,"unknown type for hash \"%s\" .",tmp->hash); 90 | snprintf( globals.err_buff,MAX_BUFF,"hash: \"%s\" deleted.",tmp->hash); 91 | } 92 | else 93 | { 94 | report(info,"missing hash for entry #%u .", tmp->id); 95 | snprintf( globals.err_buff,MAX_BUFF,"entry #%u deleted.",tmp->id); 96 | } 97 | old=tmp; 98 | tmp = tmp->next; 99 | w_del_hash(old,file,line_no); 100 | w_report_error(globals.err_buff,file,line_no,__func__,0,0,warning); 101 | } 102 | else if( (hashtest = (char *) parser_hash(tmp->type,tmp->hash,file,line_no)) == NULL ) 103 | { 104 | report(info,"hash \"%s\" is not in \"%s\" format.",tmp->hash,type_str[tmp->type]); 105 | report(warning,"hash \"%s\" deleted.",tmp->hash); 106 | old=tmp; 107 | tmp = tmp->next; 108 | w_del_hash(old,file,line_no); 109 | } 110 | else 111 | { 112 | free((void *) hashtest); 113 | tmp = tmp->next; 114 | } 115 | } 116 | 117 | if(globals.outfile!=NULL && (fout = fopen(globals.outfile,"r")) != NULL) // check for hash that are already found 118 | { 119 | fgets(buffer,MAX_LINE,fout); 120 | while(!feof(fout)) 121 | { 122 | len = strlen(buffer); 123 | if(buffer[len-1] == '\n') 124 | { 125 | value = regexpn(buffer,"\\$([^$]+)\\$([^:]+):(.*)",1); 126 | if(value != NULL) 127 | { 128 | if(strncmp(value,"WPA",4) && (cur_type=P_type(value))!=UNKNOWN) 129 | { 130 | free((void *) value); 131 | value = regexpn(buffer,"\\$([^$]+)\\$([^:]+):(.*)",2); 132 | len = strlen(value)+1; 133 | for(tmp=globals.hash_list;tmp!=NULL;tmp=tmp->next) 134 | if(tmp->type == cur_type && !strncmp(tmp->hash,value,len)) 135 | { 136 | report(verbose2,"hash \"%s\" already found.",tmp->hash); 137 | tmp->plain = regexpn(buffer,"\\$([^$]+)\\$([^:]+):(.*)",3); 138 | break; 139 | } 140 | } 141 | free((void *) value); 142 | } 143 | } 144 | fgets(buffer,MAX_LINE,fout); 145 | } 146 | fclose(fout); 147 | } 148 | 149 | return; 150 | } 151 | 152 | void parser_infile(const char *infile) 153 | { 154 | FILE *fin; 155 | char line[MAX_LINE],buffer[MAX_LINE],*type,*path,*prehash; 156 | const char *hash,*patrn="^\\$([a-zA-Z0-9]+)\\$([a-fA-F0-9]+)$"; 157 | enum _type my_type; 158 | int inline_no; 159 | bool first_error; 160 | struct stat infile_stat; // were you known that fopen() can open directories ?? uff! 161 | 162 | path = type = prehash = NULL; // if a stat error occours we need to be sure that char pointers are NULL 163 | hash = NULL; 164 | if(infile == NULL) 165 | report_error("called with NULL argument.",0,1,error); 166 | else if(stat(infile, &infile_stat) != 0) 167 | report_error(infile,1,0,error); 168 | else if(!S_ISREG(infile_stat.st_mode)) 169 | report(error,"\"%s\" is not a regular file.",infile); 170 | else if( (path = get_full_path(infile)) == NULL || 171 | access(path,R_OK) || 172 | (fin = fopen(path,"r")) == NULL 173 | ) 174 | report_error(infile,1,0,error); 175 | else 176 | { 177 | inline_no = 0; 178 | first_error = true; 179 | my_type = UNKNOWN; 180 | 181 | fgets( line, MAX_LINE, fin); 182 | while( !feof(fin) ) 183 | { 184 | inline_no++; 185 | 186 | fgets_fix(line); 187 | hash = type = NULL; 188 | buffer[0] = '\0'; 189 | if((type = regexpn(line,patrn,1)) == NULL || (prehash = regexpn(line,patrn,2)) == NULL) 190 | strncpy(buffer,"format error.",MAX_LINE); 191 | else if( (my_type = P_type(type) ) == UNKNOWN ) 192 | strncpy(buffer,"unknown type.",MAX_LINE); 193 | else if((hash = P_hash(my_type,prehash)) == NULL) 194 | snprintf(buffer,MAX_LINE,"hash \"%s\" not in \"%s\" format.",prehash,type_str[my_type]); 195 | else 196 | add_hash(my_type,hash); 197 | fgets( line, MAX_LINE, fin); 198 | 199 | if(buffer[0] != '\0') 200 | { 201 | if(first_error==true) 202 | { 203 | report(warning,"in file \"%s\":",infile); 204 | first_error=false; 205 | } 206 | report(warning,"\tat line #%d: %s",inline_no,buffer); 207 | } 208 | 209 | if(type!=NULL) 210 | free((void *) type); 211 | if(prehash!=NULL) 212 | free((void *) prehash); 213 | if(hash!=NULL) 214 | free((void *) hash); 215 | } 216 | fclose(fin); 217 | } 218 | 219 | if(path!=NULL) 220 | free(path); 221 | 222 | return; 223 | } 224 | 225 | void parser_outfile(const char *arg) 226 | { 227 | struct stat out_stat; 228 | char *path=NULL; 229 | FILE *fout; 230 | 231 | if(arg == NULL) 232 | report_error("called with NULL argument.",0,1,error); 233 | else if(stat(arg,&out_stat) == 0) 234 | { 235 | if(S_ISREG(out_stat.st_mode)) 236 | { 237 | path = get_full_path(arg); 238 | if(access(path,W_OK) == 0) 239 | argcpy(&(globals.outfile),path,strlen(path)+1); 240 | else 241 | report_error(path,1,0,error); 242 | } 243 | else 244 | report(error,"file \"%s\" isn't a regular file.",arg); 245 | } 246 | else if(errno == ENOENT) 247 | { 248 | if((fout = fopen(arg,"w+")) != NULL) 249 | { 250 | fclose(fout); 251 | parser_outfile(arg); // restart 252 | } 253 | else 254 | report_error(arg,1,0,error); 255 | } 256 | else 257 | report_error(arg,1,0,error); 258 | 259 | if(path!=NULL) 260 | free((void *) path); 261 | 262 | return; 263 | } 264 | 265 | void parser_essid(const char *arg, const char *file, int line_no) 266 | { 267 | if(arg == NULL) 268 | w_report_error("called with NULL argument.",file,line_no,__func__,0,1,error); 269 | else 270 | add_wpa((char *) arg,NULL); 271 | return; 272 | 273 | } 274 | 275 | void parser_rt_root(const char *arg, const char *file, int line_no) 276 | { 277 | struct stat rt_root_stat; 278 | struct _wpa *iter=NULL; 279 | 280 | if(arg == NULL) 281 | w_report_error("called with NULL argument.",file,line_no,__func__,0,1,error); 282 | else if(stat(arg,&rt_root_stat) != 0) // if couldn't get argument stats 283 | w_report_error(arg,file,line_no,__func__,1,0,error); 284 | else if(!S_ISDIR(rt_root_stat.st_mode)) // if isn't a directory or a link 285 | { 286 | snprintf( globals.err_buff,MAX_BUFF, 287 | "\"%s\" is not a directory.",arg); 288 | report_error(globals.err_buff,0,0,error); 289 | } 290 | else if(access(arg,R_OK) != 0) // if cannot access to argument 291 | report(error,"\"%s\" ",arg); 292 | else 293 | { 294 | globals.rt_root = (const char *) get_full_path(arg); 295 | if(globals.wpa_list != NULL) 296 | for(iter=globals.wpa_list;iter!=NULL;iter=iter->next) 297 | P_essid((const char *) iter->essid); 298 | return; 299 | } 300 | 301 | if(globals.rt_root == NULL && globals.rain == true) // if there is no rt_root 302 | { 303 | report_error("switching OFF rainbow tables features.",0,0,info); 304 | globals.rain = false; 305 | } 306 | return; 307 | } 308 | 309 | void parser_wordlist(const char *arg, const char *file, int line_no) 310 | { 311 | struct stat wrd_stat; 312 | #ifdef HAVE_LIBMAGIC 313 | const char *target_mime = "text/plain;"; 314 | #endif 315 | 316 | 317 | if(arg == NULL) 318 | report_error("called with NULL argument.",0,1,error); 319 | else if( stat(arg,&wrd_stat) ) // if can't get file stats 320 | w_report_error(arg,file,line_no,__func__,1,0,error); 321 | else if( S_ISREG(wrd_stat.st_mode) == 0 ) // if isn't a regular file 322 | report(error,"\"%s\" is not a regular file.",arg); 323 | else if( access(arg,R_OK) != 0) 324 | w_report_error(arg,file,line_no,__func__,1,0,error); 325 | else 326 | { 327 | #ifdef HAVE_LIBMAGIC 328 | if(strncmp(get_mime(arg),target_mime,strlen(target_mime)) != 0) 329 | report(warning,"\"%s\" is not a \"%s\" file.",arg,target_mime); 330 | #endif 331 | 332 | if(globals.dict == false) 333 | { 334 | report_error("switching ON dictionary features...",0,0,info); 335 | globals.dict = true; 336 | } 337 | globals.wordlist = (const char *) get_full_path(arg); 338 | } 339 | 340 | if(globals.wordlist == NULL ) 341 | { 342 | w_report_error("switching OFF dictionary features.",file,line_no,__func__,0,0,info); 343 | globals.dict = false; 344 | } 345 | return; 346 | } 347 | 348 | void parser_capture(const char *arg, const char*file, int line_no) 349 | { 350 | struct stat cap_stat; 351 | 352 | if(arg == NULL) 353 | report_error("called with NULL argument.",0,1,error); 354 | else if( stat(arg,&cap_stat) ) // if can't get file stats 355 | w_report_error(arg,file,line_no,__func__,1,0,error); 356 | else if( S_ISREG(cap_stat.st_mode) == 0 ) // if isn't a regular file 357 | report(warning,"\"%s\" is not a regular file.",arg); 358 | else if( access(arg,R_OK) != 0) 359 | w_report_error(arg,file,line_no,__func__,1,0,error); 360 | else 361 | cap2hccap(arg); // it add essid and hccap to globals.wpa_list, and setup globals.pcap 362 | 363 | return; 364 | } 365 | 366 | void parser_path(const char *argv0 ) 367 | { 368 | char my_path[PATH_MAX], 369 | bin_path[PATH_MAX], 370 | *buff, 371 | **ptr, 372 | *bins[] = BINS ; // provided by ./configure 373 | int i,n_bins; 374 | size_t len; 375 | 376 | if(realpath(argv0,my_path) == NULL) 377 | report_error(argv0,1,1,error); 378 | buff = dirname(my_path); // use as buffer 379 | if(buff!=my_path) // maybe realpath do yet it's work 380 | strncpy(my_path,buff,PATH_MAX); 381 | 382 | n_bins = sizeof(struct _bins) / sizeof(char *); 383 | memset(&(globals.bins),0,sizeof(struct _bins)); 384 | 385 | for(i=0;iai_family,result->ai_socktype,result->ai_protocol)) != -1) 438 | { 439 | val = 1; 440 | if(result->ai_protocol == IPPROTO_TCP) 441 | setsockopt(sockfd,result->ai_protocol,TCP_NODELAY, (char *) &val, sizeof(val)); 442 | if(setsockopt(sockfd,SOL_SOCKET,SO_REUSEADDR, (char *) &val, sizeof(val)) == 0) 443 | { 444 | if(connect(sockfd,result->ai_addr,result->ai_addrlen) == 0) 445 | val = 0; 446 | else 447 | val=errno; 448 | } 449 | else 450 | val=errno; 451 | } 452 | else 453 | val=errno; 454 | } 455 | else 456 | val=-1; 457 | 458 | // execute celanup function ( if don't do this an extra '{' is insert by pthread_cleanup_push ) 459 | pthread_cleanup_pop(1); 460 | pthread_exit((void *) val); 461 | } 462 | 463 | int parser_odb_head(char *line, int entry, odb *record) 464 | { 465 | size_t line_len; 466 | int exit = EXIT_FAILURE; 467 | char *buff; 468 | static const char *url_patrn = "([a-zA-Z0-9:#%;$()~_?=.&\\-]+)/([a-zA-Z0-9:/#%;$()~_=.&\\-]*)([?])?"; 469 | 470 | 471 | if(line == NULL || record == NULL) 472 | snprintf(globals.err_buff,MAX_BUFF,"called with NULL argument."); 473 | else if(entry < 1 || entry > ODB_HEAD) 474 | snprintf(globals.err_buff,MAX_BUFF,"called with invalid index."); 475 | else if((line_len=strlen(line)) == 0 && entry != 4) 476 | snprintf(globals.err_buff,MAX_BUFF,"line is empty."); 477 | else 478 | { 479 | exit = EXIT_SUCCESS; 480 | switch(entry) 481 | { 482 | case 1: 483 | if((record->host = regexpn(line,url_patrn,1)) == NULL) 484 | { 485 | strncpy(globals.err_buff,"bad URL at entry #1.",MAX_BUFF); 486 | exit = EXIT_FAILURE; 487 | } 488 | else 489 | { 490 | record->file = regexpn(line,url_patrn,2); 491 | buff = regexpn(line,url_patrn,3); 492 | if(buff!=NULL) 493 | { 494 | free(buff); 495 | record->method = GET; 496 | } 497 | else 498 | record->method = POST; 499 | } 500 | break; 501 | case 2: 502 | for(record->types = NULL, buff = strtok(line,","); buff != NULL && exit == EXIT_SUCCESS; buff = strtok(NULL,",") ) 503 | { 504 | if(strchr(buff,ODB_SKIP_CHR)!=NULL) // comment has been found 505 | break; 506 | globals.err_buff[0] = '\0'; 507 | record->types = add_odb_type(record->types,buff); 508 | if(globals.err_buff[0] != '\0') 509 | exit = EXIT_FAILURE; 510 | } 511 | break; 512 | case 3: 513 | argcpy(&(record->patrn),line,line_len); 514 | break; 515 | case 4: 516 | if(line_len==0) 517 | record->detected = NULL; 518 | else 519 | argcpy(&(record->detected),line,line_len); 520 | break; 521 | default: 522 | report_error("!!!SECURITY BREACH!!!",0,1,quiet); 523 | } 524 | } 525 | return exit; 526 | } 527 | 528 | void parser_odb( const char *arg, const char *file, int line_no ) 529 | { 530 | odb *otmp=NULL,*oold=NULL; 531 | int ec,ln,count; 532 | size_t odb_len,sep_len,str_len; 533 | bool good; 534 | struct stat odb_stat; 535 | #ifdef HAVE_LIBMAGIC 536 | const char *target_mime = "text/plain;"; 537 | #endif 538 | char *line,*tmp_err_buff,*buff; 539 | FILE *db_file; 540 | 541 | line = tmp_err_buff = buff = NULL; 542 | 543 | if(arg == NULL) 544 | report_error("called with NULL argument.",0,1,error); 545 | else if(globals.odb != NULL) 546 | report_error("online servers database yet loaded.",0,0,warning); 547 | else if( stat(arg,&odb_stat) ) // if can't get file stats 548 | w_report_error(arg,file,line_no,__func__,1,0,error); 549 | else if( S_ISREG(odb_stat.st_mode) == 0 ) // if isn't a regular file 550 | report(warning,"\"%s\" is not a regular file.",arg); 551 | else if( access(arg,R_OK) != 0 || (db_file = fopen(arg,"r")) == NULL) 552 | w_report_error(arg,file,line_no,__func__,1,0,error); 553 | else 554 | { 555 | #ifdef HAVE_LIBMAGIC 556 | if(strncmp(get_mime(arg),target_mime,strlen(target_mime)) != 0) 557 | report(info,"\"%s\" is not a \"%s\" file.",arg,target_mime); 558 | #endif 559 | odb_len = sizeof(odb); 560 | sep_len = strlen(ODB_SEP); 561 | tmp_err_buff = malloc((MAX_BUFF+1) * sizeof(char)); 562 | line = malloc((MAX_LINE+1) * sizeof(char)); 563 | ln=count=ec=0; 564 | otmp=globals.odb=malloc(odb_len); 565 | 566 | while(counthost == NULL || otmp->file == NULL || otmp->patrn == NULL || otmp->types == NULL || otmp->tuples == NULL) 603 | { 604 | free_odb(otmp); 605 | if(oold==NULL) // first 606 | globals.odb = otmp = malloc(odb_len); 607 | else 608 | otmp = oold->next = malloc(odb_len); 609 | } 610 | else 611 | { 612 | count++; 613 | oold=otmp; 614 | otmp=otmp->next=malloc(odb_len); 615 | } 616 | ec=0; 617 | } 618 | else 619 | good=true; 620 | 621 | if(good==false) 622 | continue; 623 | good=false; 624 | ec++; 625 | if(ec <= ODB_HEAD) 626 | { 627 | if(parser_odb_head(line,ec,otmp)!=EXIT_SUCCESS) 628 | strncpy(tmp_err_buff,globals.err_buff,MAX_BUFF); 629 | else 630 | good=true; 631 | } 632 | else 633 | { 634 | globals.err_buff[0]='\0'; 635 | otmp->tuples = add_odb_t(otmp->tuples,line,ec); 636 | if(globals.err_buff[0]!='\0') 637 | strncpy(tmp_err_buff,globals.err_buff,MAX_BUFF); 638 | else 639 | good=true; 640 | } 641 | 642 | if(good==false) 643 | report(warning,"at line #%d: %s",ln,tmp_err_buff); 644 | } 645 | fclose(db_file); 646 | } 647 | 648 | // check otmp consintency 649 | if(otmp!=NULL && (otmp->host == NULL || otmp->file == NULL || otmp->patrn == NULL || otmp->types == NULL || otmp->tuples == NULL)) 650 | { 651 | if(oold==NULL)//first 652 | globals.odb=NULL; 653 | else 654 | oold->next = NULL; 655 | free_odb(otmp); 656 | } 657 | 658 | if(tmp_err_buff!=NULL) 659 | free((void *) tmp_err_buff); 660 | if(line!=NULL) 661 | free((void *) line); 662 | 663 | // globals flags Handler 664 | if(globals.odb==NULL && globals.online != false) 665 | { 666 | report_error("switching OFF online features.",0,0,info); 667 | globals.online=false; 668 | } 669 | 670 | return; 671 | } 672 | 673 | void parser_wpa_list() 674 | { 675 | struct _wpa *iter=NULL,*prev=NULL; 676 | 677 | for(iter=globals.wpa_list;iter!=NULL;iter=iter->next) 678 | if(iter->manual==true) 679 | break; 680 | if(iter==NULL) 681 | return; // exit if no essid has been manually added 682 | 683 | // delete AP which has been auto-founded or without valid handshake 684 | for(iter=globals.wpa_list;iter!=NULL;) 685 | if(iter->manual==false || iter->hccap == NULL) 686 | { 687 | if(prev==NULL) // iter is globals.wpa_list 688 | { 689 | globals.wpa_list = iter->next; 690 | free_wpa(iter); 691 | iter = globals.wpa_list; 692 | prev = NULL; 693 | } 694 | else 695 | { 696 | prev->next = iter->next; 697 | free_wpa(iter); 698 | iter = prev->next; 699 | } 700 | } 701 | else 702 | { 703 | prev = iter; 704 | iter = iter->next; 705 | } 706 | 707 | return; 708 | } 709 | 710 | void parser_jtr(struct t_info *thread) 711 | { 712 | FILE *fp; 713 | unsigned int line_no; 714 | static const char *pattern="\\$([a-f0-9]+):(.*)"; 715 | char *line,*found_hash,*found_pswd; 716 | bool first_error; 717 | 718 | if(thread->hlist == NULL) // there's nothing to do here without hash to compare. 719 | return; 720 | else if((fp = fopen(thread->outfile,"r")) == NULL) 721 | { 722 | if(errno == ENOENT) // JTR don't found anything 723 | return; 724 | else 725 | report_error(thread->outfile,1,0,error); 726 | } 727 | else 728 | { 729 | line_no = 0; 730 | line = malloc((MAX_LINE+1)*sizeof(char)); 731 | first_error = true; 732 | fgets(line,MAX_LINE,fp); 733 | fgets_fix(line); 734 | while(!feof(fp)) 735 | { 736 | line_no++; 737 | if((found_hash = regexpn(line,pattern,1)) != NULL) 738 | { 739 | if((found_pswd = regexpn(line,pattern,2)) != NULL) 740 | { 741 | add_hash_plain(NULL,found_hash,thread,found_pswd); 742 | free(found_pswd); 743 | } 744 | free(found_hash); 745 | } 746 | else 747 | { 748 | if(first_error==true) 749 | { 750 | report_error("john the ripper output file is corrupted or invalid.",0,0,error); 751 | first_error=false; 752 | } 753 | report(verbose,"\tline #%d is wrong.",line_no); 754 | } 755 | fgets(line,MAX_LINE,fp); 756 | fgets_fix(line); 757 | } 758 | fclose(fp); 759 | free(line); 760 | } 761 | return; 762 | } 763 | 764 | void parser_cow(struct t_info *thread) 765 | { 766 | FILE *fp; 767 | char *line,*pswd; 768 | static const char *pattern="The PSK is \"(.*)\"\\."; 769 | 770 | if(globals.wpa_list == NULL) 771 | return; 772 | else if((fp = fopen(thread->outfile,"r")) == NULL) 773 | report_error(thread->outfile,1,0,error); 774 | else 775 | { 776 | pswd = NULL; 777 | line = malloc(MAX_LINE*sizeof(char)); 778 | fgets(line,MAX_LINE,fp); 779 | fgets_fix(line); 780 | while(!feof(fp)) 781 | { 782 | if((pswd = regexpn(line,pattern,1)) != NULL) 783 | if(strlen(pswd) == 0) 784 | { 785 | free((void *) pswd); 786 | pswd = NULL; 787 | } 788 | else 789 | add_wpa_key(thread,pswd); 790 | free((void *) pswd); 791 | pswd = NULL; 792 | fgets(line,MAX_LINE,fp); 793 | fgets_fix(line); 794 | } 795 | fclose(fp); 796 | free((void *) line); 797 | } 798 | return; 799 | } 800 | 801 | void parser_ocl(struct t_info *thread) 802 | { 803 | FILE *fp; 804 | unsigned int line_no; 805 | static const char *pattern="^([a-fA-F0-9]+):(.+)$"; 806 | char *line,*found_hash,*found_pswd; 807 | bool first_error; 808 | 809 | if(thread->hlist == NULL) // there's nothing to do here without hash to compare. 810 | return; 811 | else if((fp = fopen(thread->outfile,"r")) == NULL) 812 | { 813 | if(errno == ENOENT) // OCL don't found anything 814 | return; 815 | else 816 | report_error(thread->outfile,1,0,error); 817 | } 818 | else 819 | { 820 | line_no = 0; 821 | first_error = true; 822 | line = malloc((MAX_LINE+1)*sizeof(char)); 823 | fgets(line,MAX_LINE,fp); 824 | fgets_fix(line); 825 | while(!feof(fp)) 826 | { 827 | line_no++; 828 | if((found_hash = regexpn(line,pattern,1)) != NULL) 829 | { 830 | if((found_pswd = regexpn(line,pattern,2)) != NULL) 831 | { 832 | add_hash_plain(NULL,found_hash,thread,found_pswd); 833 | free(found_pswd); 834 | } 835 | free(found_hash); 836 | } 837 | else 838 | { 839 | if(first_error==true) 840 | { 841 | report_error("oclhashcat output file is corrupted or invalid.",0,0,error); 842 | first_error=false; 843 | } 844 | report(verbose,"\tline #%d is wrong.",line_no); 845 | } 846 | fgets(line,MAX_LINE,fp); 847 | fgets_fix(line); 848 | } 849 | fclose(fp); 850 | free(line); 851 | } 852 | return; 853 | } 854 | 855 | void parser_pyrit(struct t_info *thread) 856 | { 857 | char *line; 858 | FILE *fp; 859 | 860 | if((fp = fopen(thread->outfile,"r")) == NULL) 861 | { 862 | if(errno == ENOENT) 863 | return; 864 | else 865 | report_error(thread->outfile,1,0,error); 866 | } 867 | else 868 | { 869 | line = malloc(MAX_LINE*sizeof(char)); 870 | do // pyrit don't write '\n' at the and of file, so the last line is read but EOF is reached. 871 | { 872 | fgets(line,MAX_LINE,fp); 873 | fgets_fix(line); 874 | if(strlen(line) > 0) 875 | add_wpa_key(thread,line); 876 | } 877 | while(!feof(fp)); 878 | fclose(fp); 879 | free((void *) line); 880 | } 881 | return; 882 | } 883 | 884 | void parser_rcrack(struct t_info *thread) 885 | { 886 | const char *patrn = "^([a-fA-F0-9]+):(.*):[a-fA-F0-9]+$"; 887 | char line[MAX_LINE],*pswd,*hash; 888 | FILE *fd; 889 | int ln; 890 | size_t len; 891 | bool first_error; 892 | 893 | if((fd = fopen(thread->outfile,"r")) == NULL) 894 | { 895 | report_error(thread->outfile,1,0,error); 896 | return; 897 | } 898 | line[0] = '\0'; 899 | first_error=true; 900 | do 901 | { 902 | fgets(line,MAX_LINE,fd); 903 | ln++; 904 | globals.err_buff[0] = '\0'; 905 | if((len = strlen(line)) == 0 && ln == 1) 906 | strncpy(globals.err_buff,"file is empty.",MAX_LINE); 907 | else if(len==0 && !feof(fd)) 908 | snprintf(globals.err_buff,MAX_BUFF,"\tline #%d is empty.",ln); 909 | else if(len == MAX_LINE) 910 | snprintf(globals.err_buff,MAX_BUFF,"\tline #%d is more long then #%d chars and will be skipped.",ln,MAX_LINE); 911 | else 912 | { 913 | fgets_fix(line); 914 | pswd = regexpn(line,patrn,2); 915 | if(pswd!=NULL) 916 | { 917 | hash = regexpn(line,patrn,1); // cannot be NULL 918 | add_hash_plain(NULL,hash,thread,pswd); 919 | free((void *) pswd); 920 | free((void *) hash); 921 | } 922 | else 923 | snprintf(globals.err_buff,MAX_BUFF,"\tline #%d not in rcrack format, maybe file is corrupted.",ln); 924 | } 925 | if(globals.err_buff[0] != '\0') 926 | { 927 | if(first_error==true) 928 | { 929 | strncpy(line,globals.err_buff,MAX_LINE); 930 | report(verbose,"in file \"%s\":",thread->outfile); 931 | report_error(line,0,0,verbose); 932 | first_error=false; 933 | } 934 | else 935 | report_error(globals.err_buff,0,0,verbose); 936 | } 937 | }while(!feof(fd)); 938 | fclose(fd); 939 | 940 | return; 941 | } 942 | 943 | void parser_prog_output(struct t_info *thread, const char *file, int line_no) 944 | { 945 | if(thread==NULL) 946 | w_report_error("called with NULL argument.",file,line_no,__func__,0,1,error); 947 | else if(thread->bin == NULL || thread->outfile == NULL) 948 | return; 949 | else if(thread->bin == globals.bins.jtr) 950 | parser_jtr(thread); 951 | else if(thread->bin == globals.bins.cow) 952 | parser_cow(thread); 953 | else if(thread->bin == globals.bins.oclhashcat) 954 | parser_ocl(thread); 955 | else if(thread->bin == globals.bins.pyrit) 956 | parser_pyrit(thread); 957 | else if(thread->bin == globals.bins.rcrack) 958 | parser_rcrack(thread); 959 | else 960 | w_report_error("unknown program to parse.",file,line_no,__func__,0,0,warning); 961 | return; 962 | } 963 | 964 | void parser_defaults() 965 | { 966 | char buff[MAX_BUFF]; 967 | 968 | if(globals.hash_list==NULL) 969 | { 970 | globals.online=false; 971 | if(globals.wpa_list==NULL) 972 | globals.rain = globals.dict = false; 973 | } 974 | 975 | if(globals.rain != false && globals.bins.cow == NULL && globals.bins.rcrack == NULL) 976 | { 977 | report_error("cannot find programs that can be used for rainbow table crack.",0,0,verbose2); 978 | report_error("switching OFF rainbowtables attacks.",0,0,verbose); 979 | globals.rain = false; 980 | } 981 | if(globals.bins.oclhashcat == NULL && globals.bins.pyrit == NULL) 982 | { 983 | if(globals.gpu!=false) 984 | { 985 | report_error("no oclhashcat-plus or pyrit found on your system by './configure'.",0,0,warning); 986 | report_error("switching OFF GPU features.",0,0,info); 987 | globals.gpu = false; 988 | } 989 | if(globals.bins.jtr == NULL && globals.bins.cow == NULL) 990 | globals.dict = false; 991 | } 992 | 993 | if(globals.dict == true && globals.wordlist == NULL ) 994 | { 995 | snprintf(buff,MAX_BUFF,"%s/%s",CONFDIR,DEF_WRDLST); 996 | P_wordlist(buff); 997 | } 998 | 999 | if(globals.rain == true && globals.rt_root == NULL ) 1000 | { 1001 | snprintf(buff,MAX_BUFF,"%s/%s",CONFDIR,DEF_RT_ROOT); 1002 | P_rt_root(buff); 1003 | } 1004 | 1005 | if(globals.online == true && globals.odb == NULL) 1006 | { 1007 | snprintf(buff,MAX_BUFF,"%s/%s",CONFDIR,DEF_ODB); 1008 | if(access(buff,R_OK)) // if cannot read file 1009 | globals.odb = &internal_odb; 1010 | else 1011 | P_odb(buff); 1012 | } 1013 | return; 1014 | } 1015 | -------------------------------------------------------------------------------- /parser/parser.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Autocrack - automatically crack everything throught CPU and GPU 3 | * Copyright (C) 2012 Massimo Dragano 4 | * 5 | * Autocrack is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * Autocrack is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with Autocrack. If not, see . 17 | */ 18 | 19 | #include "cap2hccap.c" 20 | 21 | #define P_type(t) (parser_type((t),__FILE__,__LINE__)) 22 | #define P_hash(t,h) (parser_hash((t),(h),__FILE__,__LINE__)) 23 | #define P_hash_list() (parser_hash_list(__FILE__,__LINE__)) 24 | #define P_infile(f) (parser_infile((f))) 25 | #define P_essid(e) (parser_essid((e),__FILE__,__LINE__)) 26 | #define P_rt_root(r) (parser_rt_root((r),__FILE__,__LINE__)) 27 | #define P_wordlist(w) (parser_wordlist((w),__FILE__,__LINE__)) 28 | #define P_capture(c) (parser_capture((c),__FILE__,__LINE__)) 29 | #define P_path(p) (parser_path((p))) 30 | #define P_odb(f) (parser_odb((f),__FILE__,__LINE__)) 31 | #define P_defaults() (parser_defaults()) 32 | #define P_prog_output(t) (parser_prog_output((t),__FILE__,__LINE__)) 33 | #define P_wpa_list() (parser_wpa_list()) 34 | #define P_online (parser_online) 35 | #define P_outfile(f) (parser_outfile((f))) 36 | // prototypes 37 | void parser_rt_root(const char *,const char *,int); 38 | -------------------------------------------------------------------------------- /test/hash.md5: -------------------------------------------------------------------------------- 1 | D8CD5923AE704AA80001BFE2E0ABF35D 2 | 463C8A7593A8A79078CB5C119424E62A 3 | 5f4dcc3b5aa765d61d8327deb882cf99 4 | -------------------------------------------------------------------------------- /test/hash.md5.in: -------------------------------------------------------------------------------- 1 | $MD5$D8CD5923AE704AA80001BFE2E0ABF35D 2 | $MD5$463C8A7593A8A79078CB5C119424E62A 3 | $MD5$5f4dcc3b5aa765d61d8327deb882cf99 4 | -------------------------------------------------------------------------------- /test/test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | if test "x$(pwd)" != "xtest" ;then cd test; fi 4 | ../autocrack -i hash.md5.in -w uword 5 | for f in *.dump; do CAPS="$CAPS -c $f"; done 6 | ../autocrack -w uword $CAPS 7 | -------------------------------------------------------------------------------- /test/uword: -------------------------------------------------------------------------------- 1 | password 2 | MOM12345 3 | dictionary 4 | crack 5 | helium02 6 | preinstall 7 | -------------------------------------------------------------------------------- /test/wpa2psk-2WIRE972.dump: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tux-mind/autocrack/02b23209e883a984ee129f40a8830b14fdd9a0d7/test/wpa2psk-2WIRE972.dump -------------------------------------------------------------------------------- /test/wpa2psk-MOM1.dump: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tux-mind/autocrack/02b23209e883a984ee129f40a8830b14fdd9a0d7/test/wpa2psk-MOM1.dump -------------------------------------------------------------------------------- /test/wpa2psk-Red_Apple.dump: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tux-mind/autocrack/02b23209e883a984ee129f40a8830b14fdd9a0d7/test/wpa2psk-Red_Apple.dump -------------------------------------------------------------------------------- /test/wpa2psk-linksys.dump: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tux-mind/autocrack/02b23209e883a984ee129f40a8830b14fdd9a0d7/test/wpa2psk-linksys.dump -------------------------------------------------------------------------------- /test/wpapsk-linksys.dump: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tux-mind/autocrack/02b23209e883a984ee129f40a8830b14fdd9a0d7/test/wpapsk-linksys.dump -------------------------------------------------------------------------------- /test/wpapsk-virgin_broadband.dump: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tux-mind/autocrack/02b23209e883a984ee129f40a8830b14fdd9a0d7/test/wpapsk-virgin_broadband.dump --------------------------------------------------------------------------------