Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

krackattack: note that HANDSHAKE_TRANSMIT_INTERVAL must be same in script and hostapd

Mathy 7 years ago
parent
5764131e50
commit
60ebdeb4ba
2 changed files with 6 additions and 4 deletions
Split View Show Diff Stats
  1. 2 1
      krackattack/krack-test-client.py
  2. 4 3
      src/ap/wpa_auth.c

+ 2 - 1
krackattack/krack-test-client.py
View File 

@@ -109,6 +109,7 @@ the 4-way handshake or group key handshake, take the following steps:
 
 # - Individual test to see if the client accepts replayed broadcast traffic (without performing key reinstallation)
 
 
 # After how many seconds a new message 3, or new group key message 1, is sent.
 
+# This value must match the one in `../src/ap/wpa_auth.c` (same variable name).
 
 HANDSHAKE_TRANSMIT_INTERVAL = 2
 
 
 #### Basic output and logging functionality ####
 
@@ -280,7 +281,7 @@ class ClientState():
 
 		if payload.startswith("\xAA\xAA\x03\x00\x00\x00"):
 
 			# On some kernels, the virtual interface associated to the real AP interface will return
 
 			# frames where the payload is already decrypted. So if the payload seems decrypted, just
 
-			# extract the full plaintext of the frame.
 
+			# extract the full plaintext from the frame.
 
 			plaintext = payload
 
 		else:
 
 			client    = self.mac

+ 4 - 3
src/ap/wpa_auth.c
View File 

@@ -55,10 +55,11 @@ static void wpa_group_put(struct wpa_authenticator *wpa_auth,
 
 			  struct wpa_group *group);
 
 
 #ifdef KRACK_TEST_CLIENT
 
+#define HANDSHAKE_TRANSMIT_INTERVAL 2
 
 static const u32 dot11RSNAConfigGroupUpdateCount = 4000;
 
 static const u32 dot11RSNAConfigPairwiseUpdateCount = 4000;
 
-static const u32 eapol_key_timeout_first = 2000; /* ms */
 
-static const u32 eapol_key_timeout_subseq = 2000; /* ms */
 
+static const u32 eapol_key_timeout_first = HANDSHAKE_TRANSMIT_INTERVAL * 1000; /* ms */
 
+static const u32 eapol_key_timeout_subseq = HANDSHAKE_TRANSMIT_INTERVAL * 1000; /* ms */
 
 #else
 
 static const u32 dot11RSNAConfigGroupUpdateCount = 4;
 
 static const u32 dot11RSNAConfigPairwiseUpdateCount = 4;
 
@@ -335,7 +336,7 @@ static void wpa_rekey_gtk(void *eloop_ctx, void *timeout_ctx)
 
 void poc_start_testing_group_handshake(struct wpa_authenticator *wpa_auth)
 
 {
 
 	// Start to periodically execute the group key handshake every 2 seconds
 
-	wpa_auth->conf.wpa_group_rekey = 2;
 
+	wpa_auth->conf.wpa_group_rekey = HANDSHAKE_TRANSMIT_INTERVAL;
 
 	eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL);
 
 	eloop_register_timeout(wpa_auth->conf.wpa_group_rekey,
 
 			       0, wpa_rekey_gtk, wpa_auth, NULL);