Accueil Explorer Aide
S'inscrire Connexion
wareck
/
krackattacks
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Branche: research
Branches Tags
krackattacks
/
tests
/
hwsim
/
start.sh

start.sh 7.1 KB
Lien permanent Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244 
  1. #!/bin/sh
    2. 

  2. 

  3. DIR="$( cd "$( dirname "$0" )" && pwd )"
    4. 

  4. WPAS=$DIR/../../wpa_supplicant/wpa_supplicant
    5. 

  5. WPACLI=$DIR/../../wpa_supplicant/wpa_cli
    6. 

  6. HAPD=$DIR/../../hostapd/hostapd
    7. 

  7. HAPD_AS=$DIR/../../hostapd/hostapd
    8. 

  8. HAPDCLI=$DIR/../../hostapd/hostapd_cli
    9. 

  9. WLANTEST=$DIR/../../wlantest/wlantest
    10. 

  10. HLR_AUC_GW=$DIR/../../hostapd/hlr_auc_gw
    11. 

  11. DATE="$(date +%s)"
    12. 

  12. 

  13. if [ -z "$LOGDIR" ] ; then
    14. 

  14.     LOGDIR="$DIR/logs/$DATE"
    15. 

  15.     mkdir -p $LOGDIR
    16. 

  16. else
    17. 

  17.     if [ -e $LOGDIR/alt-wpa_supplicant/wpa_supplicant/wpa_supplicant ]; then
    18. 

  18. 	WPAS=$LOGDIR/alt-wpa_supplicant/wpa_supplicant/wpa_supplicant
    19. 

  19. 	WPACLI=$LOGDIR/alt-wpa_supplicant/wpa_supplicant/wpa_cli
    20. 

  20. 	# extra code coverage
    21. 

  21. 	$WPAS > /dev/null 2>&1
    22. 

  22. 	$WPAS -efoo -Ifoo -mfoo -ofoo -Ofoo -pfoo -Pfoo -h > /dev/null 2>&1
    23. 

  23. 	$WPAS -bfoo -B -Cfoo -q -W -N -L > /dev/null 2>&1
    24. 

  24. 	$WPAS -T -v > /dev/null 2>&1
    25. 

  25. 	$WPAS -u -z > /dev/null 2>&1
    26. 

  26.     fi
    27. 

  27.     if [ -e $LOGDIR/alt-hostapd/hostapd/hostapd ]; then
    28. 

  28. 	HAPD=$LOGDIR/alt-hostapd/hostapd/hostapd
    29. 

  29. 	HAPDCLI=$LOGDIR/alt-hostapd/hostapd/hostapd_cli
    30. 

  30. 	# extra code coverage
    31. 

  31. 	$HAPD > /dev/null 2>&1
    32. 

  32. 	$HAPD -v > /dev/null 2>&1
    33. 

  33. 	$HAPD -B -efoo -Pfoo -T -bfoo -h > /dev/null 2>&1
    34. 

  34. 	$HAPD -ufoo > /dev/null 2>&1
    35. 

  35. 	$HAPD -u00:11:22:33:44:55 > /dev/null 2>&1
    36. 

  36. 	$HAPD -gfoo > /dev/null 2>&1
    37. 

  37. 	$HAPD -Gfoo-not-exists > /dev/null 2>&1
    38. 

  38. 	$HAPD -z > /dev/null 2>&1
    39. 

  39. 	$HAPD -i foo1,foo2,foo3 > /dev/null 2>&1
    40. 

  40.     fi
    41. 

  41.     if [ -e $LOGDIR/alt-hostapd-as/hostapd/hostapd ]; then
    42. 

  42. 	HAPD_AS=$LOGDIR/alt-hostapd-as/hostapd/hostapd
    43. 

  43.     fi
    44. 

  44.     if [ -e $LOGDIR/alt-hlr_auc_gw/hostapd/hlr_auc_gw ]; then
    45. 

  45. 	HLR_AUC_GW=$LOGDIR/alt-hlr_auc_gw/hostapd/hlr_auc_gw
    46. 

  46. 	# extra code coverage
    47. 

  47. 	$HLR_AUC_GW > /dev/null 2>&1
    48. 

  48. 	$HLR_AUC_GW -Dfoo -i7 -sfoo -h > /dev/null 2>&1
    49. 

  49. 	$HLR_AUC_GW -i100 > /dev/null 2>&1
    50. 

  50. 	$HLR_AUC_GW -z > /dev/null 2>&1
    51. 

  51.     fi
    52. 

  52. fi
    53. 

  53. 

  54. if test -w "$DIR/logs" ; then
    55. 

  55.     rm -rf $DIR/logs/current
    56. 

  56.     ln -sf $DATE $DIR/logs/current
    57. 

  57. fi
    58. 

  58. 

  59. if groups | tr ' ' "\n" | grep -q ^admin$; then
    60. 

  60.     GROUP=admin
    61. 

  61. elif groups | tr ' ' "\n" | grep -q ^wheel$; then
    62. 

  62.     GROUP=wheel
    63. 

  63. else
    64. 

  64.     GROUP=adm
    65. 

  65. fi
    66. 

  66. 

  67. for i in 0 1 2; do
    68. 

  68.     sed "s/ GROUP=.*$/ GROUP=$GROUP/" "$DIR/p2p$i.conf" > "$LOGDIR/p2p$i.conf"
    69. 

  69. done
    70. 

  70. 

  71. sed "s/group=admin/group=$GROUP/;s%LOGDIR%$LOGDIR%g" "$DIR/auth_serv/as.conf" > "$LOGDIR/as.conf"
    72. 

  72. sed "s/group=admin/group=$GROUP/;s%LOGDIR%$LOGDIR%g" "$DIR/auth_serv/as2.conf" > "$LOGDIR/as2.conf"
    73. 

  73. 

  74. if [ "$1" = "valgrind" ]; then
    75. 

  75.     VALGRIND=y
    76. 

  76.     VALGRIND_WPAS="valgrind --log-file=$LOGDIR/valgrind-wlan%d"
    77. 

  77.     VALGRIND_HAPD="valgrind --log-file=$LOGDIR/valgrind-hostapd"
    78. 

  78.     chmod -f a+rx $WPAS
    79. 

  79.     chmod -f a+rx $HAPD
    80. 

  80.     chmod -f a+rx $HAPD_AS
    81. 

  81.     HAPD_AS="valgrind --log-file=$LOGDIR/valgrind-auth-serv $HAPD_AS"
    82. 

  82.     shift
    83. 

  83. else
    84. 

  84.     unset VALGRIND
    85. 

  85.     VALGRIND_WPAS=
    86. 

  86.     VALGRIND_HAPD=
    87. 

  87. fi
    88. 

  88. 

  89. if [ "$1" = "trace" ]; then
    90. 

  90.     TRACE="T"
    91. 

  91.     shift
    92. 

  92. else
    93. 

  93.     TRACE=""
    94. 

  94. fi
    95. 

  95. 

  96. $DIR/stop.sh
    97. 

  97. 

  98. TMP=$1
    99. 

  99. if [ x${TMP%=[0-9]*} = "xchannels" ]; then
    100. 

  100. 	NUM_CH=${TMP#channels=}
    101. 

  101. 	shift
    102. 

  102. else
    103. 

  103. 	NUM_CH=1
    104. 

  104. fi
    105. 

  105. 

  106. test -f /proc/modules && sudo modprobe mac80211_hwsim radios=7 channels=$NUM_CH support_p2p_device=0 dyndbg=+p
    107. 

  107. 

  108. sudo ifconfig hwsim0 up
    109. 

  109. sudo $WLANTEST -i hwsim0 -n $LOGDIR/hwsim0.pcapng -c -dtN -L $LOGDIR/hwsim0 &
    110. 

  110. for i in 0 1 2; do
    111. 

  111.     DBUSARG=""
    112. 

  112.     if [ $i = "0" ] && ([ -r /var/run/dbus/pid ] || [ -r /var/run/dbus/system_bus_socket ]); then
    113. 

  113. 	if $WPAS | grep -q -- -u; then
    114. 

  114. 	    DBUSARG="-u"
    115. 

  115. 	fi
    116. 

  116.     fi
    117. 

  117.     sudo $(printf -- "$VALGRIND_WPAS" $i) $WPAS -g /tmp/wpas-wlan$i -G$GROUP -Dnl80211 -iwlan$i -c $LOGDIR/p2p$i.conf \
    118. 

  118.          -ddKt$TRACE -f $LOGDIR/log$i $DBUSARG &
    119. 

  119. done
    120. 

  120. sudo $(printf -- "$VALGRIND_WPAS" 5) $WPAS -g /tmp/wpas-wlan5 -G$GROUP \
    121. 

  121.     -ddKt$TRACE -f $LOGDIR/log5 &
    122. 

  122. sudo $VALGRIND_HAPD $HAPD -ddKt$TRACE -g /var/run/hostapd-global -G $GROUP -f $LOGDIR/hostapd &
    123. 

  123. HPID=$!
    124. 

  124. echo $HPID > $LOGDIR/hostapd-test.pid
    125. 

  125. 

  126. if [ -x $HLR_AUC_GW ]; then
    127. 

  127.     cp $DIR/auth_serv/hlr_auc_gw.milenage_db $LOGDIR/hlr_auc_gw.milenage_db
    128. 

  128.     sudo $HLR_AUC_GW -u -m $LOGDIR/hlr_auc_gw.milenage_db -g $DIR/auth_serv/hlr_auc_gw.gsm > $LOGDIR/hlr_auc_gw &
    129. 

  129. fi
    130. 

  130. 

  131. openssl ocsp -index $DIR/auth_serv/index.txt \
    132. 

  132.     -rsigner $DIR/auth_serv/ocsp-responder.pem \
    133. 

  133.     -rkey $DIR/auth_serv/ocsp-responder.key \
    134. 

  134.     -CA $DIR/auth_serv/ca.pem \
    135. 

  135.     -issuer $DIR/auth_serv/ca.pem \
    136. 

  136.     -verify_other $DIR/auth_serv/ca.pem -trust_other \
    137. 

  137.     -ndays 7 \
    138. 

  138.     -reqin $DIR/auth_serv/ocsp-req.der \
    139. 

  139.     -respout $LOGDIR/ocsp-server-cache.der > $LOGDIR/ocsp.log 2>&1
    140. 

  140. if [ ! -r $LOGDIR/ocsp-server-cache.der ]; then
    141. 

  141.     cp $DIR/auth_serv/ocsp-server-cache.der $LOGDIR/ocsp-server-cache.der
    142. 

  142. fi
    143. 

  143. 

  144. cp $DIR/auth_serv/ocsp-multi-server-cache.der $LOGDIR/ocsp-multi-server-cache.der
    145. 

  145. 

  146. openssl ocsp -index $DIR/auth_serv/index.txt \
    147. 

  147.     -rsigner $DIR/auth_serv/ocsp-responder.pem \
    148. 

  148.     -rkey $DIR/auth_serv/ocsp-responder.key \
    149. 

  149.     -resp_key_id \
    150. 

  150.     -CA $DIR/auth_serv/ca.pem \
    151. 

  151.     -issuer $DIR/auth_serv/ca.pem \
    152. 

  152.     -verify_other $DIR/auth_serv/ca.pem -trust_other \
    153. 

  153.     -ndays 7 \
    154. 

  154.     -reqin $DIR/auth_serv/ocsp-req.der \
    155. 

  155.     -respout $LOGDIR/ocsp-server-cache-key-id.der > $LOGDIR/ocsp.log 2>&1
    156. 

  156. 

  157. for i in unknown revoked; do
    158. 

  158.     openssl ocsp -index $DIR/auth_serv/index-$i.txt \
    159. 

  159. 	-rsigner $DIR/auth_serv/ocsp-responder.pem \
    160. 

  160. 	-rkey $DIR/auth_serv/ocsp-responder.key \
    161. 

  161. 	-CA $DIR/auth_serv/ca.pem \
    162. 

  162. 	-issuer $DIR/auth_serv/ca.pem \
    163. 

  163. 	-verify_other $DIR/auth_serv/ca.pem -trust_other \
    164. 

  164. 	-ndays 7 \
    165. 

  165. 	-reqin $DIR/auth_serv/ocsp-req.der \
    166. 

  166. 	-respout $LOGDIR/ocsp-server-cache-$i.der >> $LOGDIR/ocsp.log 2>&1
    167. 

  167. done
    168. 

  168. 

  169. openssl ocsp -reqout $LOGDIR/ocsp-req.der -issuer $DIR/auth_serv/ca.pem \
    170. 

  170.     -sha256 -serial 0xD8D3E3A6CBE3CD12 -no_nonce >> $LOGDIR/ocsp.log 2>&1
    171. 

  171. for i in "" "-unknown" "-revoked"; do
    172. 

  172.     openssl ocsp -index $DIR/auth_serv/index$i.txt \
    173. 

  173. 	-rsigner $DIR/auth_serv/ca.pem \
    174. 

  174. 	-rkey $DIR/auth_serv/ca-key.pem \
    175. 

  175. 	-CA $DIR/auth_serv/ca.pem \
    176. 

  176. 	-ndays 7 \
    177. 

  177. 	-reqin $LOGDIR/ocsp-req.der \
    178. 

  178. 	-resp_no_certs \
    179. 

  179. 	-respout $LOGDIR/ocsp-resp-ca-signed$i.der >> $LOGDIR/ocsp.log 2>&1
    180. 

  180. done
    181. 

  181. openssl ocsp -index $DIR/auth_serv/index.txt \
    182. 

  182.     -rsigner $DIR/auth_serv/server.pem \
    183. 

  183.     -rkey $DIR/auth_serv/server.key \
    184. 

  184.     -CA $DIR/auth_serv/ca.pem \
    185. 

  185.     -ndays 7 \
    186. 

  186.     -reqin $LOGDIR/ocsp-req.der \
    187. 

  187.     -respout $LOGDIR/ocsp-resp-server-signed.der >> $LOGDIR/ocsp.log 2>&1
    188. 

  188. 

  189. touch $LOGDIR/hostapd.db
    190. 

  190. sudo $HAPD_AS -ddKt $LOGDIR/as.conf $LOGDIR/as2.conf > $LOGDIR/auth_serv &
    191. 

  191. 

  192. # wait for programs to be fully initialized
    193. 

  193. for i in 0 1 2 3 4 5 6 7 8 9; do
    194. 

  194.     if [ -e /tmp/wpas-wlan0 ]; then
    195. 

  195. 	break
    196. 

  196.     fi
    197. 

  197.     sleep 0.05
    198. 

  198. done
    199. 

  199. for i in 0 1 2; do
    200. 

  200.     for j in `seq 1 10`; do
    201. 

  201. 	if $WPACLI -g /tmp/wpas-wlan$i ping | grep -q PONG; then
    202. 

  202. 	    break
    203. 

  203. 	fi
    204. 

  204. 	if [ $j = "10" ]; then
    205. 

  205. 	    echo "Could not connect to /tmp/wpas-wlan$i"
    206. 

  206. 	    exit 1
    207. 

  207. 	fi
    208. 

  208. 	sleep 1
    209. 

  209.     done
    210. 

  210. done
    211. 

  211. 

  212. for j in `seq 1 10`; do
    213. 

  213.     if $WPACLI -g /var/run/hostapd-global ping | grep -q PONG; then
    214. 

  214. 	break
    215. 

  215.     fi
    216. 

  216.     if [ $j = "10" ]; then
    217. 

  217. 	echo "Could not connect to /var/run/hostapd-global"
    218. 

  218. 	exit 1
    219. 

  219.     fi
    220. 

  220.     sleep 1
    221. 

  221. done
    222. 

  222. 

  223. for j in `seq 1 10`; do
    224. 

  224.     if $HAPDCLI -i as ping | grep -q PONG; then
    225. 

  225. 	break
    226. 

  226.     fi
    227. 

  227.     if [ $j = "10" ]; then
    228. 

  228. 	echo "Could not connect to hostapd-as-RADIUS-server"
    229. 

  229. 	exit 1
    230. 

  230.     fi
    231. 

  231.     sleep 1
    232. 

  232. done
    233. 

  233. 

  234. if [ $USER = "0" -o $USER = "root" ]; then
    235. 

  235.     exit 0
    236. 

  236. fi
    237. 

  237. 

  238. sleep 0.75
    239. 

  239. sudo chown -f $USER $LOGDIR/hwsim0.pcapng $LOGDIR/hwsim0 $LOGDIR/log* $LOGDIR/hostapd
    240. 

  240. if [ "x$VALGRIND" = "xy" ]; then
    241. 

  241.     sudo chown -f $USER $LOGDIR/*valgrind*
    242. 

  242. fi
    243. 

  243. 

  244. exit 0
    245.