search

intrig-unicamp / mininet-wifi

Emulator for Software-Defined Wireless Networks
https://mn-wifi.readthedocs.io/
Other
432 stars 239 forks source link

WPA2 encryption does work - user did it wrong #382

Closed Zusanoo closed 3 years ago

Zusanoo commented 3 years ago

Hi all,

I would need to simulate and encrypt a simple WIFI network. Therefore I have installed mininet 2.3.0 and mininet-WIFI. Both work just fine so far (Debian 10 VM). I have tried to use the example for authentification (https://github.com/intrig-unicamp/mininet-wifi/blob/master/examples/authentication.py) from mininet-WIFIs repo. But when executing it, the network traffic does not appear to be encrypted. I have checked this via 'sta1 iwconfig'. There it is clearly stated that the Encryption key is off.

Expected/Desired Behavior:

I need the network traffic to be WPA2 encrypted.

Actual Behavior:

No encryption is done.

Detailed Steps to Reproduce the Behavior:

Just starting the demo example for authentication and checking iwconfig.

I am thankful for any help I can get!

BR

Zusanoo commented 3 years ago

It does also not work with the given example wps-auth (https://github.com/intrig-unicamp/mininet-wifi/blob/master/examples/wps_auth.py)

ramonfontes commented 3 years ago

But when executing it, the network traffic does not appear to be encrypted.

What?? Did you check any data traffic? I can see no data traffic here.

iwconfig is not really the best way to do that and it is being replaced by iw. However, I invite you to use wpa_cli and eventually use wireshark to correctly check the data traffic.

ramonfontes commented 3 years ago

topology.py

#!/usr/bin/python

'This example shows how to work with authentication'

from mininet.log import setLogLevel, info
from mn_wifi.cli import CLI
from mn_wifi.net import Mininet_wifi

def topology():
    "Create a network."
    net = Mininet_wifi()

    info("*** Creating nodes\n")
    sta1 = net.addStation('sta1', passwd='123456789a', encrypt='wpa2')
    sta2 = net.addStation('sta2', passwd='123456789a', encrypt='wpa2')
    sta3 = net.addStation('sta3', passwd='1234567891', encrypt='wpa2')
    ap1 = net.addAccessPoint('ap1', ssid="simplewifi", mode="g", channel="1",
                             passwd='123456789a', encrypt='wpa2',
                             failMode="standalone", datapath='user')

    info("*** Configuring wifi nodes\n")
    net.configureWifiNodes()

    info("*** Associating Stations\n")
    net.addLink(sta1, ap1)
    net.addLink(sta2, ap1)

    info("*** Starting network\n")
    net.build()
    ap1.start([])

    sta3.cmd('iw dev sta3-wlan0 interface add mon0 type monitor')
    sta3.cmd('ip link set mon0 up')

    info("*** Running CLI\n")
    CLI(net)

    info("*** Stopping network\n")
    net.stop()

if __name__ == '__main__':
    setLogLevel('info')
    topology()

sender.py

#! /usr/bin/env python

from scapy.all import send, IP, ICMP

send(IP(src="10.0.0.1",dst="10.0.0.2")/ICMP()/"Hello World")

Encrypted scenario:

sudo python topology.py
mininet-wifi> xterm sta3

Sniffing from sta3 on mon0 and then:

mininet-wifi> sta1 python sender.py

Result:

image

Clear text scenario:

Run topology.py without WPA encryption and repeat the same steps.

Result:

image

I get very sad and upset with this type of issue. It seems that you opened a similar thread in the Mininet mailing list a week ago. Well, you are running a code that works and doing everything wrong for days.

Please rename the issue because WPA2 encryption works! :(

Zusanoo commented 3 years ago

@ramonfontes thank you very much for your help!

I am sorry I got it wrong, I did not mean to upset you.