Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 609be6f7c0
Branches Tags
krackattacks
/
tests
/
hwsim
/
start.sh

start.sh 6.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239 
  1. #!/bin/sh
    2. 

  2. 

  3. DIR="$( cd "$( dirname "$0" )" && pwd )"
    4. 

  4. WPAS=$DIR/../../wpa_supplicant/wpa_supplicant
    5. 

  5. WPACLI=$DIR/../../wpa_supplicant/wpa_cli
    6. 

  6. HAPD=$DIR/../../hostapd/hostapd
    7. 

  7. HAPD_AS=$DIR/../../hostapd/hostapd
    8. 

  8. HAPDCLI=$DIR/../../hostapd/hostapd_cli
    9. 

  9. WLANTEST=$DIR/../../wlantest/wlantest
    10. 

  10. HLR_AUC_GW=$DIR/../../hostapd/hlr_auc_gw
    11. 

  11. DATE="$(date +%s)"
    12. 

  12. 

  13. if [ -z "$LOGDIR" ] ; then
    14. 

  14.     LOGDIR="$DIR/logs/$DATE"
    15. 

  15.     mkdir -p $LOGDIR
    16. 

  16. else
    17. 

  17.     if [ -e $LOGDIR/alt-wpa_supplicant/wpa_supplicant/wpa_supplicant ]; then
    18. 

  18. 	WPAS=$LOGDIR/alt-wpa_supplicant/wpa_supplicant/wpa_supplicant
    19. 

  19. 	WPACLI=$LOGDIR/alt-wpa_supplicant/wpa_supplicant/wpa_cli
    20. 

  20. 	# extra code coverage
    21. 

  21. 	$WPAS > /dev/null 2>&1
    22. 

  22. 	$WPAS -efoo -Ifoo -mfoo -ofoo -Ofoo -pfoo -Pfoo -h > /dev/null 2>&1
    23. 

  23. 	$WPAS -bfoo -B -Cfoo -q -W -N -L > /dev/null 2>&1
    24. 

  24. 	$WPAS -T -v > /dev/null 2>&1
    25. 

  25. 	$WPAS -u -z > /dev/null 2>&1
    26. 

  26.     fi
    27. 

  27.     if [ -e $LOGDIR/alt-hostapd/hostapd/hostapd ]; then
    28. 

  28. 	HAPD=$LOGDIR/alt-hostapd/hostapd/hostapd
    29. 

  29. 	HAPDCLI=$LOGDIR/alt-hostapd/hostapd/hostapd_cli
    30. 

  30. 	# extra code coverage
    31. 

  31. 	$HAPD > /dev/null 2>&1
    32. 

  32. 	$HAPD -v > /dev/null 2>&1
    33. 

  33. 	$HAPD -B -efoo -Pfoo -T -bfoo -h > /dev/null 2>&1
    34. 

  34. 	$HAPD -ufoo > /dev/null 2>&1
    35. 

  35. 	$HAPD -u00:11:22:33:44:55 > /dev/null 2>&1
    36. 

  36. 	$HAPD -gfoo > /dev/null 2>&1
    37. 

  37. 	$HAPD -Gfoo-not-exists > /dev/null 2>&1
    38. 

  38. 	$HAPD -z > /dev/null 2>&1
    39. 

  39.     fi
    40. 

  40.     if [ -e $LOGDIR/alt-hostapd-as/hostapd/hostapd ]; then
    41. 

  41. 	HAPD_AS=$LOGDIR/alt-hostapd-as/hostapd/hostapd
    42. 

  42.     fi
    43. 

  43.     if [ -e $LOGDIR/alt-hlr_auc_gw/hostapd/hlr_auc_gw ]; then
    44. 

  44. 	HLR_AUC_GW=$LOGDIR/alt-hlr_auc_gw/hostapd/hlr_auc_gw
    45. 

  45. 	# extra code coverage
    46. 

  46. 	$HLR_AUC_GW > /dev/null 2>&1
    47. 

  47. 	$HLR_AUC_GW -Dfoo -i7 -sfoo -h > /dev/null 2>&1
    48. 

  48. 	$HLR_AUC_GW -i100 > /dev/null 2>&1
    49. 

  49. 	$HLR_AUC_GW -z > /dev/null 2>&1
    50. 

  50.     fi
    51. 

  51. fi
    52. 

  52. 

  53. if test -w "$DIR/logs" ; then
    54. 

  54.     rm -rf $DIR/logs/current
    55. 

  55.     ln -sf $DATE $DIR/logs/current
    56. 

  56. fi
    57. 

  57. 

  58. if groups | tr ' ' "\n" | grep -q ^admin$; then
    59. 

  59.     GROUP=admin
    60. 

  60. else
    61. 

  61.     GROUP=adm
    62. 

  62. fi
    63. 

  63. 

  64. for i in 0 1 2; do
    65. 

  65.     sed "s/ GROUP=.*$/ GROUP=$GROUP/" "$DIR/p2p$i.conf" > "$LOGDIR/p2p$i.conf"
    66. 

  66. done
    67. 

  67. 

  68. sed "s/group=admin/group=$GROUP/;s%LOGDIR%$LOGDIR%g" "$DIR/auth_serv/as.conf" > "$LOGDIR/as.conf"
    69. 

  69. sed "s/group=admin/group=$GROUP/;s%LOGDIR%$LOGDIR%g" "$DIR/auth_serv/as2.conf" > "$LOGDIR/as2.conf"
    70. 

  70. 

  71. if [ "$1" = "valgrind" ]; then
    72. 

  72.     VALGRIND=y
    73. 

  73.     VALGRIND_WPAS="valgrind --log-file=$LOGDIR/valgrind-wlan%d"
    74. 

  74.     VALGRIND_HAPD="valgrind --log-file=$LOGDIR/valgrind-hostapd"
    75. 

  75.     chmod -f a+rx $WPAS
    76. 

  76.     chmod -f a+rx $HAPD
    77. 

  77.     chmod -f a+rx $HAPD_AS
    78. 

  78.     HAPD_AS="valgrind --log-file=$LOGDIR/valgrind-auth-serv $HAPD_AS"
    79. 

  79.     shift
    80. 

  80. else
    81. 

  81.     unset VALGRIND
    82. 

  82.     VALGRIND_WPAS=
    83. 

  83.     VALGRIND_HAPD=
    84. 

  84. fi
    85. 

  85. 

  86. if [ "$1" = "trace" ]; then
    87. 

  87.     TRACE="T"
    88. 

  88.     shift
    89. 

  89. else
    90. 

  90.     TRACE=""
    91. 

  91. fi
    92. 

  92. 

  93. $DIR/stop.sh
    94. 

  94. 

  95. TMP=$1
    96. 

  96. if [ x${TMP%=[0-9]*} = "xchannels" ]; then
    97. 

  97. 	NUM_CH=${TMP#channels=}
    98. 

  98. 	shift
    99. 

  99. else
    100. 

  100. 	NUM_CH=1
    101. 

  101. fi
    102. 

  102. 

  103. test -f /proc/modules && sudo modprobe mac80211_hwsim radios=7 channels=$NUM_CH support_p2p_device=0
    104. 

  104. 

  105. sudo ifconfig hwsim0 up
    106. 

  106. sudo $WLANTEST -i hwsim0 -n $LOGDIR/hwsim0.pcapng -c -dtN -L $LOGDIR/hwsim0 &
    107. 

  107. for i in 0 1 2; do
    108. 

  108.     DBUSARG=""
    109. 

  109.     if [ $i = "0" -a -r /var/run/dbus/pid -a -r /var/run/dbus/hwsim-test ]; then
    110. 

  110. 	if $WPAS | grep -q -- -u; then
    111. 

  111. 	    DBUSARG="-u"
    112. 

  112. 	fi
    113. 

  113.     fi
    114. 

  114.     sudo $(printf -- "$VALGRIND_WPAS" $i) $WPAS -g /tmp/wpas-wlan$i -G$GROUP -Dnl80211 -iwlan$i -c $LOGDIR/p2p$i.conf \
    115. 

  115.          -ddKt$TRACE -f $LOGDIR/log$i $DBUSARG &
    116. 

  116. done
    117. 

  117. sudo $(printf -- "$VALGRIND_WPAS" 5) $WPAS -g /tmp/wpas-wlan5 -G$GROUP \
    118. 

  118.     -ddKt$TRACE -f $LOGDIR/log5 &
    119. 

  119. sudo $VALGRIND_HAPD $HAPD -ddKt$TRACE -g /var/run/hostapd-global -G $GROUP -f $LOGDIR/hostapd &
    120. 

  120. 

  121. if [ -x $HLR_AUC_GW ]; then
    122. 

  122.     cp $DIR/auth_serv/hlr_auc_gw.milenage_db $LOGDIR/hlr_auc_gw.milenage_db
    123. 

  123.     sudo $HLR_AUC_GW -u -m $LOGDIR/hlr_auc_gw.milenage_db -g $DIR/auth_serv/hlr_auc_gw.gsm > $LOGDIR/hlr_auc_gw &
    124. 

  124. fi
    125. 

  125. 

  126. openssl ocsp -index $DIR/auth_serv/index.txt \
    127. 

  127.     -rsigner $DIR/auth_serv/ocsp-responder.pem \
    128. 

  128.     -rkey $DIR/auth_serv/ocsp-responder.key \
    129. 

  129.     -CA $DIR/auth_serv/ca.pem \
    130. 

  130.     -issuer $DIR/auth_serv/ca.pem \
    131. 

  131.     -verify_other $DIR/auth_serv/ca.pem -trust_other \
    132. 

  132.     -ndays 7 \
    133. 

  133.     -reqin $DIR/auth_serv/ocsp-req.der \
    134. 

  134.     -respout $LOGDIR/ocsp-server-cache.der > $LOGDIR/ocsp.log 2>&1
    135. 

  135. if [ ! -r $LOGDIR/ocsp-server-cache.der ]; then
    136. 

  136.     cp $DIR/auth_serv/ocsp-server-cache.der $LOGDIR/ocsp-server-cache.der
    137. 

  137. fi
    138. 

  138. 

  139. cp $DIR/auth_serv/ocsp-multi-server-cache.der $LOGDIR/ocsp-multi-server-cache.der
    140. 

  140. 

  141. openssl ocsp -index $DIR/auth_serv/index.txt \
    142. 

  142.     -rsigner $DIR/auth_serv/ocsp-responder.pem \
    143. 

  143.     -rkey $DIR/auth_serv/ocsp-responder.key \
    144. 

  144.     -resp_key_id \
    145. 

  145.     -CA $DIR/auth_serv/ca.pem \
    146. 

  146.     -issuer $DIR/auth_serv/ca.pem \
    147. 

  147.     -verify_other $DIR/auth_serv/ca.pem -trust_other \
    148. 

  148.     -ndays 7 \
    149. 

  149.     -reqin $DIR/auth_serv/ocsp-req.der \
    150. 

  150.     -respout $LOGDIR/ocsp-server-cache-key-id.der > $LOGDIR/ocsp.log 2>&1
    151. 

  151. 

  152. for i in unknown revoked; do
    153. 

  153.     openssl ocsp -index $DIR/auth_serv/index-$i.txt \
    154. 

  154. 	-rsigner $DIR/auth_serv/ocsp-responder.pem \
    155. 

  155. 	-rkey $DIR/auth_serv/ocsp-responder.key \
    156. 

  156. 	-CA $DIR/auth_serv/ca.pem \
    157. 

  157. 	-issuer $DIR/auth_serv/ca.pem \
    158. 

  158. 	-verify_other $DIR/auth_serv/ca.pem -trust_other \
    159. 

  159. 	-ndays 7 \
    160. 

  160. 	-reqin $DIR/auth_serv/ocsp-req.der \
    161. 

  161. 	-respout $LOGDIR/ocsp-server-cache-$i.der >> $LOGDIR/ocsp.log 2>&1
    162. 

  162. done
    163. 

  163. 

  164. openssl ocsp -reqout $LOGDIR/ocsp-req.der -issuer $DIR/auth_serv/ca.pem \
    165. 

  165.     -serial 0xD8D3E3A6CBE3CCE9 -no_nonce -sha256 >> $LOGDIR/ocsp.log 2>&1
    166. 

  166. for i in "" "-unknown" "-revoked"; do
    167. 

  167.     openssl ocsp -index $DIR/auth_serv/index$i.txt \
    168. 

  168. 	-rsigner $DIR/auth_serv/ca.pem \
    169. 

  169. 	-rkey $DIR/auth_serv/ca-key.pem \
    170. 

  170. 	-CA $DIR/auth_serv/ca.pem \
    171. 

  171. 	-ndays 7 \
    172. 

  172. 	-reqin $LOGDIR/ocsp-req.der \
    173. 

  173. 	-resp_no_certs \
    174. 

  174. 	-respout $LOGDIR/ocsp-resp-ca-signed$i.der >> $LOGDIR/ocsp.log 2>&1
    175. 

  175. done
    176. 

  176. openssl ocsp -index $DIR/auth_serv/index.txt \
    177. 

  177.     -rsigner $DIR/auth_serv/server.pem \
    178. 

  178.     -rkey $DIR/auth_serv/server.key \
    179. 

  179.     -CA $DIR/auth_serv/ca.pem \
    180. 

  180.     -ndays 7 \
    181. 

  181.     -reqin $LOGDIR/ocsp-req.der \
    182. 

  182.     -respout $LOGDIR/ocsp-resp-server-signed.der >> $LOGDIR/ocsp.log 2>&1
    183. 

  183. 

  184. touch $LOGDIR/hostapd.db
    185. 

  185. sudo $HAPD_AS -ddKt $LOGDIR/as.conf $LOGDIR/as2.conf > $LOGDIR/auth_serv &
    186. 

  186. 

  187. # wait for programs to be fully initialized
    188. 

  188. for i in 0 1 2 3 4 5 6 7 8 9; do
    189. 

  189.     if [ -e /tmp/wpas-wlan0 ]; then
    190. 

  190. 	break
    191. 

  191.     fi
    192. 

  192.     sleep 0.05
    193. 

  193. done
    194. 

  194. for i in 0 1 2; do
    195. 

  195.     for j in `seq 1 10`; do
    196. 

  196. 	if $WPACLI -g /tmp/wpas-wlan$i ping | grep -q PONG; then
    197. 

  197. 	    break
    198. 

  198. 	fi
    199. 

  199. 	if [ $j = "10" ]; then
    200. 

  200. 	    echo "Could not connect to /tmp/wpas-wlan$i"
    201. 

  201. 	    exit 1
    202. 

  202. 	fi
    203. 

  203. 	sleep 1
    204. 

  204.     done
    205. 

  205. done
    206. 

  206. 

  207. for j in `seq 1 10`; do
    208. 

  208.     if $WPACLI -g /var/run/hostapd-global ping | grep -q PONG; then
    209. 

  209. 	break
    210. 

  210.     fi
    211. 

  211.     if [ $j = "10" ]; then
    212. 

  212. 	echo "Could not connect to /var/run/hostapd-global"
    213. 

  213. 	exit 1
    214. 

  214.     fi
    215. 

  215.     sleep 1
    216. 

  216. done
    217. 

  217. 

  218. for j in `seq 1 10`; do
    219. 

  219.     if $HAPDCLI -i as ping | grep -q PONG; then
    220. 

  220. 	break
    221. 

  221.     fi
    222. 

  222.     if [ $j = "10" ]; then
    223. 

  223. 	echo "Could not connect to hostapd-as-RADIUS-server"
    224. 

  224. 	exit 1
    225. 

  225.     fi
    226. 

  226.     sleep 1
    227. 

  227. done
    228. 

  228. 

  229. if [ $USER = "0" -o $USER = "root" ]; then
    230. 

  230.     exit 0
    231. 

  231. fi
    232. 

  232. 

  233. sleep 0.75
    234. 

  234. sudo chown -f $USER $LOGDIR/hwsim0.pcapng $LOGDIR/hwsim0 $LOGDIR/log* $LOGDIR/hostapd
    235. 

  235. if [ "x$VALGRIND" = "xy" ]; then
    236. 

  236.     sudo chown -f $USER $LOGDIR/*valgrind*
    237. 

  237. fi
    238. 

  238. 

  239. exit 0
    240.