Skip to content

Commit

Permalink
added PROBEREQUEST counter and option to sort by PROBEREQUEST counter…
Browse files Browse the repository at this point in the history 
… (rds=1)
  • Loading branch information
= committed Nov 28, 2023
1 parent 1ff6c12 commit 51ea40c
Show file tree
Hide file tree
Showing 3 changed files with 43 additions and 21 deletions.
3 changes: 3 additions & 0 deletions changelog
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@
==========
hcxdumptool: added full featured BPF compiler
due to additional dependency this feature must be enabled in Makefile
added PROBEREQUEST counter to rcascan mode
added option to sort rcascan display by PROBEREQUEST counter


27.11.2023
==========
Expand Down
48 changes: 27 additions & 21 deletions hcxdumptool.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,8 +86,8 @@ static int fd_socket_tx = 0;
static int fd_timer1 = 0;
static int fd_pcapng = 0;

#ifdef STATUSOUT
static u8 rdsort = 0;
#ifdef STATUSOUT
static long int wecbcount = 0;
static long int wepbcount = 0;
static long int widbcount = 0;
Expand Down Expand Up @@ -543,7 +543,8 @@ static char *pmok = "+";
static char *notime = " ";

if(system("clear") != 0) errorcount++;
qsort(aplist, RCAD_MAX, APLIST_SIZE, sort_aplist_by_tsakt);
if(rdsort == 0) qsort(aplist, RCAD_MAX, APLIST_SIZE, sort_aplist_by_tsakt);
else qsort(aplist, RCAD_MAX, APLIST_SIZE, sort_aplist_by_count);
sprintf(&rtb[0], " CHA FREQ BEACON RESPONSE S MAC-AP ESSID SCAN-FREQUENCY: %6u\n"
"--------------------------------------------------------------------------\n", (scanlist + scanlistindex)->frequency);
p = strlen(rtb);
Expand All @@ -561,14 +562,15 @@ for(i = 0; i < RCAD_MAX ; i++)
strftime(timestring2, TIMESTRING_LEN, "%H:%M:%S", localtime(&tvlastp));
}
else strncpy(timestring2, notime, TIMESTRING_LEN);
sprintf(&rtb[p], " [%3d %5d] %s %s %s %02x%02x%02x%02x%02x%02x %.*s\n",
(aplist +i)->ie.channel, (aplist +i)->count, timestring1, timestring2, ak,
sprintf(&rtb[p], " [%3d %5d] %s %s %s %02x%02x%02x%02x%02x%02x %.*s [%u]\n",
(aplist +i)->ie.channel, (aplist +i)->frequency, timestring1, timestring2, ak,
(aplist +i)->macap[0], (aplist +i)->macap[1], (aplist +i)->macap[2], (aplist +i)->macap[3], (aplist +i)->macap[4], (aplist +i)->macap[5],
(aplist +i)->ie.essidlen, (aplist +i)->ie.essid);
(aplist +i)->ie.essidlen, (aplist +i)->ie.essid, (aplist +i)->count);
p = strlen(rtb);
}
rtb[p] = 0;
fprintf(stdout, "%s", rtb);
if(rdsort > 0) qsort(aplist, RCAD_MAX, APLIST_SIZE, sort_aplist_by_tsakt);
return;
}
/*---------------------------------------------------------------------------*/
Expand Down Expand Up @@ -2297,14 +2299,14 @@ for(i = 0; i < APLIST_MAX - 1; i++)
tagwalk_channel_essid_rsn(&(aplist +i)->ie, proberesponselen, proberesponse->ie);
if((aplist +i)->ie.channel == 0) (aplist +i)->ie.channel = (scanlist + scanlistindex)->channel;
if(((aplist +i)->ie.flags & APIE_ESSID) == APIE_ESSID) (aplist +i)->status |= AP_ESSID;
(aplist +i)->count = (scanlist + scanlistindex)->frequency;
(aplist +i)->frequency = (scanlist + scanlistindex)->frequency;
(aplist +i)->count += 1;
return;
}
memset((aplist + i), 0, APLIST_SIZE);
(aplist +i)->tsakt = tsakt;
(aplist +i)->tshold1 = tsakt;
(aplist +i)->tsauth = tsfirst;
(aplist +i)->count = attemptapmax;
memcpy((aplist +i)->macap, macfrx->addr3, ETH_ALEN);
memcpy((aplist +i)->macclient, &macbc, ETH_ALEN);
packetrcarxcount++;
Expand All @@ -2313,7 +2315,8 @@ tagwalk_channel_essid_rsn(&(aplist +i)->ie, proberesponselen, proberesponse->ie)
if((aplist +i)->ie.channel == 0) (aplist +i)->ie.channel = (scanlist + scanlistindex)->channel;
if((aplist +i)->ie.channel != (scanlist + scanlistindex)->channel) return;
if(((aplist +i)->ie.flags & APIE_ESSID) == APIE_ESSID) (aplist +i)->status |= AP_ESSID;
(aplist +i)->count = (scanlist + scanlistindex)->frequency;
(aplist +i)->frequency = (scanlist + scanlistindex)->frequency;
(aplist +i)->count = 1;
qsort(aplist, i + 1, APLIST_SIZE, sort_aplist_by_tsakt);
return;
}
Expand Down Expand Up @@ -2396,21 +2399,20 @@ for(i = 0; i < APLIST_MAX - 1; i++)
tagwalk_channel_essid_rsn(&(aplist +i)->ie, beaconlen, beacon->ie);
if((aplist +i)->ie.channel == 0) (aplist +i)->ie.channel = (scanlist + scanlistindex)->channel;
if((aplist +i)->ie.channel != (scanlist + scanlistindex)->channel) return;
(aplist +i)->count = (scanlist + scanlistindex)->frequency;
(aplist +i)->frequency = (scanlist + scanlistindex)->frequency;
return;
}
memset((aplist + i), 0, APLIST_SIZE);
(aplist +i)->tsakt = tsakt;
(aplist +i)->tshold1 = tsakt;
(aplist +i)->tsauth = tsfirst;
(aplist +i)->count = attemptapmax;
memcpy((aplist +i)->macap, macfrx->addr3, ETH_ALEN);
memcpy((aplist +i)->macclient, &macbc, ETH_ALEN);
(aplist +i)->status |= AP_BEACON;
tagwalk_channel_essid_rsn(&(aplist +i)->ie, beaconlen, beacon->ie);
if((aplist +i)->ie.channel == 0) (aplist +i)->ie.channel = (scanlist + scanlistindex)->channel;
if((aplist +i)->ie.channel != (scanlist + scanlistindex)->channel) return;
(aplist +i)->count = (scanlist + scanlistindex)->frequency;
(aplist +i)->frequency = (scanlist + scanlistindex)->frequency;
qsort(aplist, i + 1, APLIST_SIZE, sort_aplist_by_tsakt);
return;
}
Expand Down Expand Up @@ -4715,16 +4717,20 @@ fprintf(stdout, "--tot=<digit> : enable timeout timer in minutes\n"
" not in combination with attack modes\n");
#ifdef STATUSOUT
fprintf(stdout, "--rds=<digit> : sort real time display\n"
" default: sort by time (last seen on top)\n"
" 1 = sort by status (last PMKID/EAPOL on top)\n"
" Columns:\n"
" R = + AP display : AP is in TX range or under attack\n"
" S = + AP display : AUTHENTICATION KEY MANAGEMENT PSK\n"
" P = + AP display : got PMKID hashcat / JtR can work on\n"
" 1 = + AP display : got EAPOL M1 (CHALLENGE)\n"
" 3 = + AP display : got EAPOL M1M2M3 (AUTHORIZATION) hashcat / JtR can work on\n"
" E = + CLIENT display : got EAP-START MESSAGE\n"
" 2 = + CLIENT display : got EAPOL M1M2 (ROGUE CHALLENGE) hashcat / JtR can work on\n");
" attack mode:\n"
" default: sort by time (last seen on top)\n"
" 1 = sort by status (last PMKID/EAPOL on top)\n"
" scan mode:\n"
" 1 = sort by PROBERESPONSE count\n"
" Columns:\n"
" R = + AP display : AP is in TX range or under attack\n"
" S = + AP display : AUTHENTICATION KEY MANAGEMENT PSK\n"
" P = + AP display : got PMKID hashcat / JtR can work on\n"
" 1 = + AP display : got EAPOL M1 (CHALLENGE)\n"
" 3 = + AP display : got EAPOL M1M2M3 (AUTHORIZATION) hashcat / JtR can work on\n"
" E = + CLIENT display : got EAP-START MESSAGE\n"
" 2 = + CLIENT display : got EAPOL M1M2 (ROGUE CHALLENGE) hashcat / JtR can work on\n");

#endif
fprintf(stdout, "--help : show additional help (example and trouble shooting)\n"
"--version : show version\n\n");
Expand Down
13 changes: 13 additions & 0 deletions include/hcxdumptool.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,6 +165,7 @@ typedef struct __attribute__((__packed__))
u64 tshold1;
u64 tsauth;
u32 count;
u32 frequency;
u8 macap[6];
u8 macclient[6];
u8 status;
Expand All @@ -189,6 +190,18 @@ static int sort_aplist_by_tsakt(const void *a, const void *b)
const aplist_t *ai = (const aplist_t *)a;
const aplist_t *bi = (const aplist_t *)b;

if(ai->tsakt < bi->tsakt) return 1;
else if(ai->tsakt > bi->tsakt) return -1;
return 0;
}
/*---------------------------------------------------------------------------*/
static int sort_aplist_by_count(const void *a, const void *b)
{
const aplist_t *ai = (const aplist_t *)a;
const aplist_t *bi = (const aplist_t *)b;

if(ai->count < bi->count) return 1;
else if(ai->count > bi->count) return -1;
if(ai->tsakt < bi->tsakt) return 1;
else if(ai->tsakt > bi->tsakt) return -1;
return 0;
Expand Down

0 comments on commit 51ea40c

Please sign in to comment.