OpenSecurityResearch / hostapd-wpe

Modified hostapd to facilitate AP impersonation attacks
496 stars 97 forks source link

Decimal Username Error While Trying to Connect SSID. Not Capture Challenge and Response #18

Closed ccakgunduz closed 7 years ago

ccakgunduz commented 7 years ago

I use default Kali version of hostapt-wpe. I install it through apt repositories. When I configure and run it it works perfect. if I enter a string username such as 'test' it accepts and print out the challenge and response. If I enter a username between 000000-599999 and 900000-999999 it still accepts and print out the hashes. However when I enter username between 600000-899999 it couldn't printout hashes. For example this is one f the simple output

`onfiguration file: /etc/hostapd-wpe/hostapd-wpe.conf Using interface wlan0 with hwaddr 66:55:44:33:22:11 and ssid "hostapd-wpe" wlan0: interface state UNINITIALIZED->ENABLED wlan0: AP-ENABLED wlan0: STA 11:22:33:44:55:66 IEEE 802.11: authenticated wlan0: STA 11:22:33:44:55:66 IEEE 802.11: associated (aid 1) wlan0: CTRL-EVENT-EAP-STARTED 11:22:33:44:55:66 wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1 wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25

mschapv2: Thu Jul 13 09:47:16 2017 username: test challenge: ec:4f:c3:6d:be:7b:79:75 response: 72:8b:e0:16:0b:25:0e:1a:7a:39:19:2f:47:2f:4a:39:a4:8d:73:94:70:db:56:18 jtr NETNTLM: test:$NETNTLM$ec4fc36dbe7b7975$728be0160b250e1a7a39192f472f4a39a48d739470db5618 wlan0: CTRL-EVENT-EAP-FAILURE 11:22:33:44:55:66 wlan0: STA 11:22:33:44:55:66 IEEE 802.1X: authentication failed - EAP type: 0 (unknown) wlan0: STA 11:22:33:44:55:66 IEEE 802.1X: Supplicant used different EAP type: 25 (PEAP) wlan0: STA 11:22:33:44:55:66 IEEE 802.11: disassociated wlan0: STA 11:22:33:44:55:66 IEEE 802.11: deauthenticated due to local deauth request wlan0: STA 11:22:33:44:55:66 IEEE 802.11: authenticated wlan0: STA 11:22:33:44:55:66 IEEE 802.11: associated (aid 1) wlan0: CTRL-EVENT-EAP-STARTED 11:22:33:44:55:66 wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1 wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25

mschapv2: Thu Jul 13 09:47:31 2017 username: 123456 challenge: 99:4f:26:55:3d:45:ed:1a response: 19:b3:99:49:88:13:39:c8:7b:2b:cf:82:c0:65:ce:e2:64:8d:69:27:c8:02:52:d6 jtr NETNTLM: 123456:$NETNTLM$994f26553d45ed1a$19b39949881339c87b2bcf82c065cee2648d6927c80252d6 wlan0: CTRL-EVENT-EAP-FAILURE 11:22:33:44:55:66 wlan0: STA 11:22:33:44:55:66 IEEE 802.1X: authentication failed - EAP type: 0 (unknown) wlan0: STA 11:22:33:44:55:66 IEEE 802.1X: Supplicant used different EAP type: 25 (PEAP)

########################################################### {I add this line manually. I try to username as 612345 (anything is same between 600000 - 899999) and it gave the result below. I modified mac addresses purposely}

wlan0: STA 11:22:33:44:55:66 IEEE 802.11: authenticated wlan0: STA 11:22:33:44:55:66 IEEE 802.11: associated (aid 1) wlan0: CTRL-EVENT-EAP-STARTED 11:22:33:44:55:66 wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1 EAP-AKA: eap_sim_db not configured wlan0: CTRL-EVENT-EAP-FAILURE 11:22:33:44:55:66 wlan0: STA 11:22:33:44:55:66 IEEE 802.1X: authentication failed - EAP type: 0 (unknown) wlan0: STA 11:22:33:44:55:66 IEEE 802.1X: Supplicant used different EAP type: 1 (Identity) wlan0: STA 11:22:33:44:55:66 IEEE 802.11: authenticated wlan0: STA 11:22:33:44:55:66 IEEE 802.11: associated (aid 1) wlan0: CTRL-EVENT-EAP-STARTED 11:22:33:44:55:66 wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1 EAP-AKA: eap_sim_db not configured wlan0: CTRL-EVENT-EAP-FAILURE 11:22:33:44:55:66 wlan0: STA 11:22:33:44:55:66 IEEE 802.1X: authentication failed - EAP type: 0 (unknown) wlan0: STA 11:22:33:44:55:66 IEEE 802.1X: Supplicant used different EAP type: 1 (Identity) wlan0: STA 11:22:33:44:55:66 IEEE 802.11: authenticated wlan0: STA 11:22:33:44:55:66 IEEE 802.11: associated (aid 1) wlan0: CTRL-EVENT-EAP-STARTED 11:22:33:44:55:66 wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1 EAP-AKA: eap_sim_db not configured wlan0: CTRL-EVENT-EAP-FAILURE 11:22:33:44:55:66 wlan0: STA 11:22:33:44:55:66 IEEE 802.1X: authentication failed - EAP type: 0 (unknown) wlan0: STA 11:22:33:44:55:66 IEEE 802.1X: Supplicant used different EAP type: 1 (Identity) wlan0: STA 11:22:33:44:55:66 IEEE 802.11: deauthenticated due to local deauth request ^Cwlan0: interface state ENABLED->DISABLED wlan0: AP-DISABLED nl80211: deinit ifname=wlan0 disabled_11b_rates=0`

Mister-X- commented 7 years ago

You have the wrong repository. I maintain the patches used in Kali: https://github.com/aircrack-ng/aircrack-ng/tree/master/patches/wpe