search

secdev / scapy

Scapy: the Python-based interactive packet manipulation program & library.
https://scapy.net
GNU General Public License v2.0
10.67k stars 2.02k forks source link

Wrong FCS checkum in Dot11FCS #2579

Closed ash09 closed 4 years ago

ash09 commented 4 years ago

Brief description

Checksum is not calculated properly in Dot11FCS. The payload given to compute_fcs() contains the 4-bytes FCS field initialized with zeros.

Environment

How to reproduce

In [19]: pkt = RadioTap() / Dot11FCS() / Dot11Beacon()                                                                  

In [20]: pkt.show()                                                                                                     
###[ RadioTap dummy ]### 
  version   = 0
  pad       = 0
  len       = None
  present   = Flags
  Flags     = FCS
  notdecoded= ''
###[ 802.11-FCS ]### 
     subtype   = 8
     type      = Management
     proto     = 0
     FCfield   = 
     ID        = 0
     addr1     = 00:00:00:00:00:00
     addr2     = 00:00:00:00:00:00
     addr3     = 00:00:00:00:00:00
     SC        = 0
     fcs       = None
###[ 802.11 Beacon ]### 
        timestamp = 0
        beacon_interval= 100
        cap       = 

In [21]: wireshark(Raw(pkt), linktype=DLT_IEEE802_11_RADIO)

Actual result

capture

Fix

scapy/layers/dot11.py

     def post_build(self, p, pay):
         p += pay
         if self.fcs is None:
-            p = p[:-4] + self.compute_fcs(p)
+            p = p[:-4] + self.compute_fcs(p[:-4])
         return p
gpotter2 commented 4 years ago

Thanks for the note. Would you mind making a PR to fix that? Thanks