Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 61a56c1480
Branches Tags
krackattacks
/
tests
/
hwsim
/
start.sh

start.sh 7.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242 
  1. #!/bin/sh
    2. 

  2. 

  3. DIR="$( cd "$( dirname "$0" )" && pwd )"
    4. 

  4. WPAS=$DIR/../../wpa_supplicant/wpa_supplicant
    5. 

  5. WPACLI=$DIR/../../wpa_supplicant/wpa_cli
    6. 

  6. HAPD=$DIR/../../hostapd/hostapd
    7. 

  7. HAPD_AS=$DIR/../../hostapd/hostapd
    8. 

  8. HAPDCLI=$DIR/../../hostapd/hostapd_cli
    9. 

  9. WLANTEST=$DIR/../../wlantest/wlantest
    10. 

  10. HLR_AUC_GW=$DIR/../../hostapd/hlr_auc_gw
    11. 

  11. DATE="$(date +%s)"
    12. 

  12. 

  13. if [ -z "$LOGDIR" ] ; then
    14. 

  14.     LOGDIR="$DIR/logs/$DATE"
    15. 

  15.     mkdir -p $LOGDIR
    16. 

  16. else
    17. 

  17.     if [ -e $LOGDIR/alt-wpa_supplicant/wpa_supplicant/wpa_supplicant ]; then
    18. 

  18. 	WPAS=$LOGDIR/alt-wpa_supplicant/wpa_supplicant/wpa_supplicant
    19. 

  19. 	WPACLI=$LOGDIR/alt-wpa_supplicant/wpa_supplicant/wpa_cli
    20. 

  20. 	# extra code coverage
    21. 

  21. 	$WPAS > /dev/null 2>&1
    22. 

  22. 	$WPAS -efoo -Ifoo -mfoo -ofoo -Ofoo -pfoo -Pfoo -h > /dev/null 2>&1
    23. 

  23. 	$WPAS -bfoo -B -Cfoo -q -W -N -L > /dev/null 2>&1
    24. 

  24. 	$WPAS -T -v > /dev/null 2>&1
    25. 

  25. 	$WPAS -u -z > /dev/null 2>&1
    26. 

  26.     fi
    27. 

  27.     if [ -e $LOGDIR/alt-hostapd/hostapd/hostapd ]; then
    28. 

  28. 	HAPD=$LOGDIR/alt-hostapd/hostapd/hostapd
    29. 

  29. 	HAPDCLI=$LOGDIR/alt-hostapd/hostapd/hostapd_cli
    30. 

  30. 	# extra code coverage
    31. 

  31. 	$HAPD > /dev/null 2>&1
    32. 

  32. 	$HAPD -v > /dev/null 2>&1
    33. 

  33. 	$HAPD -B -efoo -Pfoo -T -bfoo -h > /dev/null 2>&1
    34. 

  34. 	$HAPD -ufoo > /dev/null 2>&1
    35. 

  35. 	$HAPD -u00:11:22:33:44:55 > /dev/null 2>&1
    36. 

  36. 	$HAPD -gfoo > /dev/null 2>&1
    37. 

  37. 	$HAPD -Gfoo-not-exists > /dev/null 2>&1
    38. 

  38. 	$HAPD -z > /dev/null 2>&1
    39. 

  39. 	$HAPD -i foo1,foo2,foo3 > /dev/null 2>&1
    40. 

  40.     fi
    41. 

  41.     if [ -e $LOGDIR/alt-hostapd-as/hostapd/hostapd ]; then
    42. 

  42. 	HAPD_AS=$LOGDIR/alt-hostapd-as/hostapd/hostapd
    43. 

  43.     fi
    44. 

  44.     if [ -e $LOGDIR/alt-hlr_auc_gw/hostapd/hlr_auc_gw ]; then
    45. 

  45. 	HLR_AUC_GW=$LOGDIR/alt-hlr_auc_gw/hostapd/hlr_auc_gw
    46. 

  46. 	# extra code coverage
    47. 

  47. 	$HLR_AUC_GW > /dev/null 2>&1
    48. 

  48. 	$HLR_AUC_GW -Dfoo -i7 -sfoo -h > /dev/null 2>&1
    49. 

  49. 	$HLR_AUC_GW -i100 > /dev/null 2>&1
    50. 

  50. 	$HLR_AUC_GW -z > /dev/null 2>&1
    51. 

  51.     fi
    52. 

  52. fi
    53. 

  53. 

  54. if test -w "$DIR/logs" ; then
    55. 

  55.     rm -rf $DIR/logs/current
    56. 

  56.     ln -sf $DATE $DIR/logs/current
    57. 

  57. fi
    58. 

  58. 

  59. if groups | tr ' ' "\n" | grep -q ^admin$; then
    60. 

  60.     GROUP=admin
    61. 

  61. else
    62. 

  62.     GROUP=adm
    63. 

  63. fi
    64. 

  64. 

  65. for i in 0 1 2; do
    66. 

  66.     sed "s/ GROUP=.*$/ GROUP=$GROUP/" "$DIR/p2p$i.conf" > "$LOGDIR/p2p$i.conf"
    67. 

  67. done
    68. 

  68. 

  69. sed "s/group=admin/group=$GROUP/;s%LOGDIR%$LOGDIR%g" "$DIR/auth_serv/as.conf" > "$LOGDIR/as.conf"
    70. 

  70. sed "s/group=admin/group=$GROUP/;s%LOGDIR%$LOGDIR%g" "$DIR/auth_serv/as2.conf" > "$LOGDIR/as2.conf"
    71. 

  71. 

  72. if [ "$1" = "valgrind" ]; then
    73. 

  73.     VALGRIND=y
    74. 

  74.     VALGRIND_WPAS="valgrind --log-file=$LOGDIR/valgrind-wlan%d"
    75. 

  75.     VALGRIND_HAPD="valgrind --log-file=$LOGDIR/valgrind-hostapd"
    76. 

  76.     chmod -f a+rx $WPAS
    77. 

  77.     chmod -f a+rx $HAPD
    78. 

  78.     chmod -f a+rx $HAPD_AS
    79. 

  79.     HAPD_AS="valgrind --log-file=$LOGDIR/valgrind-auth-serv $HAPD_AS"
    80. 

  80.     shift
    81. 

  81. else
    82. 

  82.     unset VALGRIND
    83. 

  83.     VALGRIND_WPAS=
    84. 

  84.     VALGRIND_HAPD=
    85. 

  85. fi
    86. 

  86. 

  87. if [ "$1" = "trace" ]; then
    88. 

  88.     TRACE="T"
    89. 

  89.     shift
    90. 

  90. else
    91. 

  91.     TRACE=""
    92. 

  92. fi
    93. 

  93. 

  94. $DIR/stop.sh
    95. 

  95. 

  96. TMP=$1
    97. 

  97. if [ x${TMP%=[0-9]*} = "xchannels" ]; then
    98. 

  98. 	NUM_CH=${TMP#channels=}
    99. 

  99. 	shift
    100. 

  100. else
    101. 

  101. 	NUM_CH=1
    102. 

  102. fi
    103. 

  103. 

  104. test -f /proc/modules && sudo modprobe mac80211_hwsim radios=7 channels=$NUM_CH support_p2p_device=0
    105. 

  105. 

  106. sudo ifconfig hwsim0 up
    107. 

  107. sudo $WLANTEST -i hwsim0 -n $LOGDIR/hwsim0.pcapng -c -dtN -L $LOGDIR/hwsim0 &
    108. 

  108. for i in 0 1 2; do
    109. 

  109.     DBUSARG=""
    110. 

  110.     if [ $i = "0" ] && ([ -r /var/run/dbus/pid ] || [ -r /var/run/dbus/system_bus_socket ]); then
    111. 

  111. 	if $WPAS | grep -q -- -u; then
    112. 

  112. 	    DBUSARG="-u"
    113. 

  113. 	fi
    114. 

  114.     fi
    115. 

  115.     sudo $(printf -- "$VALGRIND_WPAS" $i) $WPAS -g /tmp/wpas-wlan$i -G$GROUP -Dnl80211 -iwlan$i -c $LOGDIR/p2p$i.conf \
    116. 

  116.          -ddKt$TRACE -f $LOGDIR/log$i $DBUSARG &
    117. 

  117. done
    118. 

  118. sudo $(printf -- "$VALGRIND_WPAS" 5) $WPAS -g /tmp/wpas-wlan5 -G$GROUP \
    119. 

  119.     -ddKt$TRACE -f $LOGDIR/log5 &
    120. 

  120. sudo $VALGRIND_HAPD $HAPD -ddKt$TRACE -g /var/run/hostapd-global -G $GROUP -f $LOGDIR/hostapd &
    121. 

  121. HPID=$!
    122. 

  122. echo $HPID > $LOGDIR/hostapd-test.pid
    123. 

  123. 

  124. if [ -x $HLR_AUC_GW ]; then
    125. 

  125.     cp $DIR/auth_serv/hlr_auc_gw.milenage_db $LOGDIR/hlr_auc_gw.milenage_db
    126. 

  126.     sudo $HLR_AUC_GW -u -m $LOGDIR/hlr_auc_gw.milenage_db -g $DIR/auth_serv/hlr_auc_gw.gsm > $LOGDIR/hlr_auc_gw &
    127. 

  127. fi
    128. 

  128. 

  129. openssl ocsp -index $DIR/auth_serv/index.txt \
    130. 

  130.     -rsigner $DIR/auth_serv/ocsp-responder.pem \
    131. 

  131.     -rkey $DIR/auth_serv/ocsp-responder.key \
    132. 

  132.     -CA $DIR/auth_serv/ca.pem \
    133. 

  133.     -issuer $DIR/auth_serv/ca.pem \
    134. 

  134.     -verify_other $DIR/auth_serv/ca.pem -trust_other \
    135. 

  135.     -ndays 7 \
    136. 

  136.     -reqin $DIR/auth_serv/ocsp-req.der \
    137. 

  137.     -respout $LOGDIR/ocsp-server-cache.der > $LOGDIR/ocsp.log 2>&1
    138. 

  138. if [ ! -r $LOGDIR/ocsp-server-cache.der ]; then
    139. 

  139.     cp $DIR/auth_serv/ocsp-server-cache.der $LOGDIR/ocsp-server-cache.der
    140. 

  140. fi
    141. 

  141. 

  142. cp $DIR/auth_serv/ocsp-multi-server-cache.der $LOGDIR/ocsp-multi-server-cache.der
    143. 

  143. 

  144. openssl ocsp -index $DIR/auth_serv/index.txt \
    145. 

  145.     -rsigner $DIR/auth_serv/ocsp-responder.pem \
    146. 

  146.     -rkey $DIR/auth_serv/ocsp-responder.key \
    147. 

  147.     -resp_key_id \
    148. 

  148.     -CA $DIR/auth_serv/ca.pem \
    149. 

  149.     -issuer $DIR/auth_serv/ca.pem \
    150. 

  150.     -verify_other $DIR/auth_serv/ca.pem -trust_other \
    151. 

  151.     -ndays 7 \
    152. 

  152.     -reqin $DIR/auth_serv/ocsp-req.der \
    153. 

  153.     -respout $LOGDIR/ocsp-server-cache-key-id.der > $LOGDIR/ocsp.log 2>&1
    154. 

  154. 

  155. for i in unknown revoked; do
    156. 

  156.     openssl ocsp -index $DIR/auth_serv/index-$i.txt \
    157. 

  157. 	-rsigner $DIR/auth_serv/ocsp-responder.pem \
    158. 

  158. 	-rkey $DIR/auth_serv/ocsp-responder.key \
    159. 

  159. 	-CA $DIR/auth_serv/ca.pem \
    160. 

  160. 	-issuer $DIR/auth_serv/ca.pem \
    161. 

  161. 	-verify_other $DIR/auth_serv/ca.pem -trust_other \
    162. 

  162. 	-ndays 7 \
    163. 

  163. 	-reqin $DIR/auth_serv/ocsp-req.der \
    164. 

  164. 	-respout $LOGDIR/ocsp-server-cache-$i.der >> $LOGDIR/ocsp.log 2>&1
    165. 

  165. done
    166. 

  166. 

  167. openssl ocsp -reqout $LOGDIR/ocsp-req.der -issuer $DIR/auth_serv/ca.pem \
    168. 

  168.     -serial 0xD8D3E3A6CBE3CCE9 -no_nonce -sha256 >> $LOGDIR/ocsp.log 2>&1
    169. 

  169. for i in "" "-unknown" "-revoked"; do
    170. 

  170.     openssl ocsp -index $DIR/auth_serv/index$i.txt \
    171. 

  171. 	-rsigner $DIR/auth_serv/ca.pem \
    172. 

  172. 	-rkey $DIR/auth_serv/ca-key.pem \
    173. 

  173. 	-CA $DIR/auth_serv/ca.pem \
    174. 

  174. 	-ndays 7 \
    175. 

  175. 	-reqin $LOGDIR/ocsp-req.der \
    176. 

  176. 	-resp_no_certs \
    177. 

  177. 	-respout $LOGDIR/ocsp-resp-ca-signed$i.der >> $LOGDIR/ocsp.log 2>&1
    178. 

  178. done
    179. 

  179. openssl ocsp -index $DIR/auth_serv/index.txt \
    180. 

  180.     -rsigner $DIR/auth_serv/server.pem \
    181. 

  181.     -rkey $DIR/auth_serv/server.key \
    182. 

  182.     -CA $DIR/auth_serv/ca.pem \
    183. 

  183.     -ndays 7 \
    184. 

  184.     -reqin $LOGDIR/ocsp-req.der \
    185. 

  185.     -respout $LOGDIR/ocsp-resp-server-signed.der >> $LOGDIR/ocsp.log 2>&1
    186. 

  186. 

  187. touch $LOGDIR/hostapd.db
    188. 

  188. sudo $HAPD_AS -ddKt $LOGDIR/as.conf $LOGDIR/as2.conf > $LOGDIR/auth_serv &
    189. 

  189. 

  190. # wait for programs to be fully initialized
    191. 

  191. for i in 0 1 2 3 4 5 6 7 8 9; do
    192. 

  192.     if [ -e /tmp/wpas-wlan0 ]; then
    193. 

  193. 	break
    194. 

  194.     fi
    195. 

  195.     sleep 0.05
    196. 

  196. done
    197. 

  197. for i in 0 1 2; do
    198. 

  198.     for j in `seq 1 10`; do
    199. 

  199. 	if $WPACLI -g /tmp/wpas-wlan$i ping | grep -q PONG; then
    200. 

  200. 	    break
    201. 

  201. 	fi
    202. 

  202. 	if [ $j = "10" ]; then
    203. 

  203. 	    echo "Could not connect to /tmp/wpas-wlan$i"
    204. 

  204. 	    exit 1
    205. 

  205. 	fi
    206. 

  206. 	sleep 1
    207. 

  207.     done
    208. 

  208. done
    209. 

  209. 

  210. for j in `seq 1 10`; do
    211. 

  211.     if $WPACLI -g /var/run/hostapd-global ping | grep -q PONG; then
    212. 

  212. 	break
    213. 

  213.     fi
    214. 

  214.     if [ $j = "10" ]; then
    215. 

  215. 	echo "Could not connect to /var/run/hostapd-global"
    216. 

  216. 	exit 1
    217. 

  217.     fi
    218. 

  218.     sleep 1
    219. 

  219. done
    220. 

  220. 

  221. for j in `seq 1 10`; do
    222. 

  222.     if $HAPDCLI -i as ping | grep -q PONG; then
    223. 

  223. 	break
    224. 

  224.     fi
    225. 

  225.     if [ $j = "10" ]; then
    226. 

  226. 	echo "Could not connect to hostapd-as-RADIUS-server"
    227. 

  227. 	exit 1
    228. 

  228.     fi
    229. 

  229.     sleep 1
    230. 

  230. done
    231. 

  231. 

  232. if [ $USER = "0" -o $USER = "root" ]; then
    233. 

  233.     exit 0
    234. 

  234. fi
    235. 

  235. 

  236. sleep 0.75
    237. 

  237. sudo chown -f $USER $LOGDIR/hwsim0.pcapng $LOGDIR/hwsim0 $LOGDIR/log* $LOGDIR/hostapd
    238. 

  238. if [ "x$VALGRIND" = "xy" ]; then
    239. 

  239.     sudo chown -f $USER $LOGDIR/*valgrind*
    240. 

  240. fi
    241. 

  241. 

  242. exit 0
    243.