Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Update disable HW encryption script and README

Mathy Vanhoef 3 years ago
parent
f8db52f37c
commit
a6914795ee
2 changed files with 17 additions and 6 deletions
Split View Show Diff Stats
  1. 2 0
      README.md
  2. 15 6
      krackattack/disable-hwcrypto.sh

+ 2 - 0
README.md
View File 

@@ -42,6 +42,8 @@ Every time before you use the scripts you must **disable Wi-Fi** in your network
 
 After doing this you can executing the scripts multiple times as long as you don't close the terminal.
 
 
 
+If you want to undo the effects of the `disable-hwcrypto.sh` then delete the file `/etc/modprobe.d/nohwcrypt.conf`.
 
+
 
 # Testing Clients
 
 
 First modify `hostapd/hostapd.conf` and **edit the line `interface=` to specify the Wi-Fi interface** that will be used to execute the tests. Note that for all tests, once the script is running, you must let the device being tested connect to the **SSID testnetwork using the password abcdefgh**. You can change settings of the AP by modifying `hostapd/hostapd.conf`. In all tests the **client must use DHCP to get an IP** after connecting to the Wi-Fi network. This is because some tests only start after the client has requested an IP using DHCP!

+ 15 - 6
krackattack/disable-hwcrypto.sh
View File 

@@ -10,23 +10,31 @@ set -e
 
 NOHWCRYPT="ath5k ath9k ath9k_htc rt2800usb carl9170 b43 p54common rt2500usb rt2800pci rt73usb"
 
 SWCRYPTO="iwlwifi iwl3945 iwl4965"
 
 HWCRYPTO="ipw2200"
 
+MODFILE="/etc/modprobe.d/nohwcrypt.conf"
 
+
 
+# 0. Check if we have root privileges
 
+if [[ $EUID -ne 0 ]]; then
 
+   echo "This script must be run as root"
 
+   exit 1
 
+fi
 
 
 
 # 1. Create nohwcrypt.conf options file
 
 
-rm /etc/modprobe.d/nohwcrypt.conf 2> /dev/null || true
 
+rm $MODFILE 2> /dev/null || true
 
 
 for MODULE in $NOHWCRYPT
 
-do echo "options $MODULE nohwcrypt=1" >> /etc/modprobe.d/nohwcrypt.conf; done
 
+do echo "options $MODULE nohwcrypt=1" >> $MODFILE; done
 
 
 for MODULE in $SWCRYPTO
 
-do echo "options $MODULE swcrypto=1" >> /etc/modprobe.d/nohwcrypt.conf; done
 
+do echo "options $MODULE swcrypto=1" >> $MODFILE; done
 
 
 for MODULE in $HWCRYPTO
 
-do echo "options $MODULE hwcrypto=0" >> /etc/modprobe.d/nohwcrypt.conf; done
 
+do echo "options $MODULE hwcrypto=0" >> $MODFILE; done
 
 
 
-# 2. Remove loaded modules so they'll reload parameters
 
+# 2. Remove loaded modules so they'll reload parameters. Note that modules that
 
+#    are in use by others won't be removed (e.g. iwlwifi won't be removed).
 
 
 for MODULE in $NOHWCRYPT $SWCRYPTO $HWCRYPTO
 
 do rmmod $MODULE 2> /dev/null || true; done
 
@@ -34,4 +42,5 @@ do rmmod $MODULE 2> /dev/null || true; done
 
 
 # 3. Done. To be sure parameters are reloaded, reboot computer.
 
 
-echo "Hardware decryption disabled. Reboot your computer."
 
+echo "Created config file $MODFILE to disable hardware decryption."
 
+echo "Reboot your computer to apply the changes."