patronus_fati 0.9.32 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/patronus_fati/consts.rb +12 -14
- data/lib/patronus_fati/message_models/ssid.rb +14 -1
- data/lib/patronus_fati/message_parser.rb +26 -2
- data/lib/patronus_fati/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3f6f3ad421d728ab9ad441d5863d7fb3ddb05182
|
|
4
|
+
data.tar.gz: e04b299336bb0630b70b21cd5c8a516ec7a859b2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6776c2501935b588b7b7fc64d0885718407c783aaebd65c55a0e08619599c24c1e2c4d65a6671a69834b542dd5fe3debeb98616f5fa7b72bf8eaf8a41e299b93
|
|
7
|
+
data.tar.gz: c9ca33dc0d16de2317557c17f6b82ec50dffc4dfaab68e16c50d8dc912715df1402b0b330814968a57ed34425285ad4f31695c81efc80c25930e22a98805a370
|
data/lib/patronus_fati/consts.rb
CHANGED
|
@@ -34,23 +34,21 @@ module PatronusFati
|
|
|
34
34
|
(1 << 3) => 'WEP40',
|
|
35
35
|
(1 << 4) => 'WEP104',
|
|
36
36
|
(1 << 5) => 'WPA+TKIP',
|
|
37
|
-
(1 << 6) => 'WPA', # Appears deprecated but still in the kismet source
|
|
38
37
|
(1 << 7) => 'WPA+PSK',
|
|
39
38
|
(1 << 8) => 'WPA+AES-OCB',
|
|
40
39
|
(1 << 9) => 'WPA+AES-CCM',
|
|
41
|
-
(1 << 10) => 'WPA
|
|
42
|
-
(1 << 11) => 'WPA+
|
|
43
|
-
(1 << 12) => 'WPA+
|
|
44
|
-
(1 << 13) => 'WPA+
|
|
45
|
-
(1 << 14) => '
|
|
46
|
-
(1 << 15) => '
|
|
47
|
-
(1 <<
|
|
48
|
-
(1 <<
|
|
49
|
-
(1 <<
|
|
50
|
-
(1 <<
|
|
51
|
-
(1 <<
|
|
52
|
-
(1 <<
|
|
53
|
-
(1 << 26) => 'WPS'
|
|
40
|
+
(1 << 10) => 'WPA+LEAP',
|
|
41
|
+
(1 << 11) => 'WPA+TTLS',
|
|
42
|
+
(1 << 12) => 'WPA+TLS',
|
|
43
|
+
(1 << 13) => 'WPA+PEAP',
|
|
44
|
+
(1 << 14) => 'ISAKMP',
|
|
45
|
+
(1 << 15) => 'PPTP',
|
|
46
|
+
(1 << 16) => 'Fortress',
|
|
47
|
+
(1 << 17) => 'Keyguard',
|
|
48
|
+
(1 << 18) => 'Unknown_NonWEP',
|
|
49
|
+
(1 << 19) => 'WPA Migration Mode',
|
|
50
|
+
(1 << 20) => 'WPA',
|
|
51
|
+
(1 << 21) => 'WPA2',
|
|
54
52
|
}
|
|
55
53
|
|
|
56
54
|
SSID_CRYPT_MAP_INVERTED = Hash[SSID_CRYPT_MAP.map { |k, v| [v, k] }]
|
|
@@ -1,8 +1,11 @@
|
|
|
1
1
|
module PatronusFati
|
|
2
2
|
module MessageModels
|
|
3
|
+
# NOTE: If you change these fields the SSID message parser needs to be
|
|
4
|
+
# manually updated since these fields are very broken.
|
|
3
5
|
Ssid = CapStruct.new(
|
|
4
6
|
:mac, :checksum, :type, :ssid, :beaconinfo, :cryptset, :cloaked,
|
|
5
|
-
:firsttime, :lasttime, :
|
|
7
|
+
:maxrate, :beaconrate, :firsttime, :lasttime, :wps, :wps_device_name,
|
|
8
|
+
:wps_manuf, :wps_model_name, :wps_model_number
|
|
6
9
|
)
|
|
7
10
|
Ssid.set_data_filter(:mac) { |val| val.downcase }
|
|
8
11
|
Ssid.set_data_filter(:checksum, :firsttime, :lasttime, :maxrate,
|
|
@@ -20,6 +23,16 @@ module PatronusFati
|
|
|
20
23
|
|
|
21
24
|
SSID_CRYPT_MAP.select { |k, _| (k & val) != 0 }.map { |_, v| v }
|
|
22
25
|
end
|
|
26
|
+
Ssid.set_data_filter(:wps) do |val|
|
|
27
|
+
next WPS_SETTING_MAP[0] unless val
|
|
28
|
+
next WPS_SETTING_MAP[0] if val.ord == 0
|
|
29
|
+
|
|
30
|
+
WPS_SETTING_MAP.select { |k, _| (k & val.ord) != 0 }.map { |_, v| v}.first
|
|
31
|
+
end
|
|
32
|
+
Ssid.set_data_filter(:wps_device_name) do |val|
|
|
33
|
+
next if val.nil? || val.empty?
|
|
34
|
+
val
|
|
35
|
+
end
|
|
23
36
|
|
|
24
37
|
# Attempt to map the returned SSID type to one we know about it and convert
|
|
25
38
|
# it to a string. In the event we don't know it will leave this as an
|
|
@@ -27,6 +27,27 @@ module PatronusFati
|
|
|
27
27
|
data_line.scan(PatronusFati::DATA_DELIMITER).map { |a, b| (a || b).tr("\x01", '') }
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
+
def self.extract_ssid_data(data_line)
|
|
31
|
+
data_scanner = StringScanner.new(data_line.force_encoding(Encoding::BINARY))
|
|
32
|
+
|
|
33
|
+
# We can use our normal scanner for the first 11 fields, the remainder
|
|
34
|
+
# are the WPS specific fields which are just bad...
|
|
35
|
+
results = 11.times.map do
|
|
36
|
+
field = data_scanner.scan(PatronusFati::DATA_DELIMITER).tr("\x01", '')
|
|
37
|
+
data_scanner.skip(/\s/)
|
|
38
|
+
field
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
# We need to grab the WPS state as a byte
|
|
42
|
+
results << data_scanner.get_byte
|
|
43
|
+
data_scanner.skip(/\s/)
|
|
44
|
+
|
|
45
|
+
# Put everything else in the 'wps_info' field
|
|
46
|
+
results << data_scanner.rest.strip
|
|
47
|
+
|
|
48
|
+
results
|
|
49
|
+
end
|
|
50
|
+
|
|
30
51
|
def self.get_model(mdl)
|
|
31
52
|
return unless PatronusFati::MessageModels.const_defined?(model_name(mdl))
|
|
32
53
|
PatronusFati::MessageModels.const_get(model_name(mdl))
|
|
@@ -37,8 +58,11 @@ module PatronusFati
|
|
|
37
58
|
return unless resp
|
|
38
59
|
|
|
39
60
|
h = Hash[resp.names.zip(resp.captures)]
|
|
40
|
-
|
|
41
|
-
|
|
61
|
+
if h['header'] == 'SSID'
|
|
62
|
+
[h['header'], extract_ssid_data(h['data'])]
|
|
63
|
+
else
|
|
64
|
+
[h['header'], extract_data(h['data'])]
|
|
65
|
+
end
|
|
42
66
|
end
|
|
43
67
|
|
|
44
68
|
def self.model_name(hdr)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: patronus_fati
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sam Stelfox
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-04-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dm-constraints
|