sneak0929 / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

Wont compile on the N900 #41

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago

BusyBox v1.10.2 (Debian 3:1.10.2.legal-1osso30+0m5) built-in shell (ash)
Enter 'help' for a list of built-in commands.

~ $ root

BusyBox v1.10.2 (Debian 3:1.10.2.legal-1osso30+0m5) built-in shell (ash)
Enter 'help' for a list of built-in commands.

Nokia-N900:~# cd trunk/src/
Nokia-N900:~/trunk/src# ./configure
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking for pcap_open_live in -lpcap... yes
configure: creating ./config.status
config.status: creating Makefile
Nokia-N900:~/trunk/src# 

BusyBox v1.10.2 (Debian 3:1.10.2.legal-1osso30+0m5) built-in shell (ash)
Enter 'help' for a list of built-in commands.

~ $ root

BusyBox v1.10.2 (Debian 3:1.10.2.legal-1osso30+0m5) built-in shell (ash)
Enter 'help' for a list of built-in commands.

Nokia-N900:~# cd trunk/src/
Nokia-N900:~/trunk/src# make
(cd libwps && make)
make[1]: Entering directory `/root/trunk/src/libwps'
make[1]: `libwps.o' is up to date.
make[1]: Leaving directory `/root/trunk/src/libwps'
(cd utils && make)
make[1]: Entering directory `/root/trunk/src/utils'
Makefile:36: no file name for `-include'
ar crT libutils.a base64.o common.o ip_addr.o radiotap.o trace.o uuid.o 
wpa_debug.o wpabuf.o os_unix.o eloop.o
ar: illegal option -- T
Usage: ar [emulation options] [-]{dmpqrstx}[abcfilNoPsSuvV] [member-name] 
[count] archive-file file...
ar -M [<mri-script]
commands:
d - delete file(s) from the archive
m[ab] - move file(s) in the archive
p - print file(s) found in the archive
q[f] - quick append file(s) to the archive
r[ab][f][u] - replace existing or insert new file(s) into the archive
t - display contents of archive
x[o] - extract file(s) from the archive
command specific modifiers:
[a] - put file(s) after [member-name]
[b] - put file(s) before [member-name] (same as [i])
[N] - use instance [count] of name
[f] - truncate inserted file names
[P] - use full path names when matching
[o] - preserve original dates
[u] - only replace files that are newer than current archive contents
generic modifiers:
[c] - do not warn if the library had to be created
[s] - create an archive index (cf. ranlib)
[S] - do not build a symbol table
[v] - be verbose
[V] - display the version number
@<file> - read options from <file>
emulation options:
No emulation specific options
ar: supported targets: elf32-littlearm elf32-bigarm elf32-little elf32-big srec 
symbolsrec tekhex binary ihex
make[1]: *** [libutils.a] Error 1
make[1]: Leaving directory `/root/trunk/src/utils'
make: *** [libutils] Error 2
Nokia-N900:~/trunk/src#

What is the expected output? What do you see instead?

What version of the product are you using? On what operating system?
r35

Please provide any additional information below.

Original issue reported on code.google.com by g...@watchingyou.info on 31 Dec 2011 at 7:18

GoogleCodeExporter commented 8 years ago
try removing T argument from ar command in makefile

Original comment by jcdento...@gmail.com on 31 Dec 2011 at 8:44

GoogleCodeExporter commented 8 years ago
You need to edit all Makefiles in subfolders:
crypto
utils
tls

at the end of those Makefiles you will see ... crT ... remove the T.

I compiled it in scratchbox maemo sdk but it wasn't working for me and others, 
see here:
http://talk.maemo.org/showthread.php?t=81219

Original comment by FritzBox...@gmail.com on 1 Jan 2012 at 9:35

GoogleCodeExporter commented 8 years ago
            I compiled natively and removed the T argument from ar command in the makefile's
makefile in root
makefile in tls
makefile in utils
makefile in crypto

and it has all compiled and installed

But it does not seem to be working when I start the program off it appears to 
start but only gets up the point where it shows the first and second line :-

Reaver v1.2 Wifi xxxxxxxxxxxxxxxxxxx
Copywrite (c) 2011, Tacxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

then nothing else 

Original comment by g...@watchingyou.info on 1 Jan 2012 at 9:51

GoogleCodeExporter commented 8 years ago
Nokia-N900:~# strace -f reaver -i wlan0 -b 00:21:63:71:B5:B6 -vv
execve("/usr/local/bin/reaver", ["reaver", "-i", "wlan0", "-b", 
"00:21:63:71:B5:B6", "-vv"], [/* 58 vars */]) = 0
brk(0) = 0x64000
uname({sys="Linux", node="Nokia-N900", ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0x4001c000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=43058, ...}) = 0
mmap2(NULL, 43058, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40025000
close(3) = 0
open("/usr/lib/libpcap.so.0.8", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\\)\0\0004\0\0\0"..., 
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=194648, ...}) = 0
mmap2(NULL, 228344, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 
0x40030000
mprotect(0x4005f000, 28672, PROT_NONE) = 0
mmap2(0x40066000, 8192, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2e) = 0x40066000
close(3) = 0
open("/lib/libm.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\2601\0\0004\0\0\0"..., 
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=448316, ...}) = 0
mmap2(NULL, 479392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 
0x40068000
mprotect(0x400d5000, 28672, PROT_NONE) = 0
mmap2(0x400dc000, 8192, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6c) = 0x400dc000
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0hK\1\0004\0\0\0"..., 
512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1160576, ...}) = 0
mmap2(NULL, 1196468, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 
0x400de000
mprotect(0x401f5000, 32768, PROT_NONE) = 0
mmap2(0x401fd000, 12288, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x117) = 0x401fd000
mmap2(0x40200000, 8628, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40200000
close(3) = 0
open("/lib/libgcc_s.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\220!\0\0004\0\0\0"..., 
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=41356, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0x4001d000
mmap2(NULL, 72744, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 
0x40203000
mprotect(0x4020d000, 28672, PROT_NONE) = 0
mmap2(0x40214000, 4096, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9) = 0x40214000
close(3) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0x4001e000
set_tls(0x4001da20, 0x4001f000, 0x4001e178, 0x4001e0f8, 0x40024050) = 0
mprotect(0x401fd000, 4096, PROT_READ) = 0
mprotect(0x400dc000, 4096, PROT_READ) = 0
munmap(0x40025000, 43058) = 0
brk(0) = 0x64000
brk(0x8f000) = 0x8f000
write(2, "\nReaver v1.2 WiFi Protected Setu"..., 46
Reaver v1.2 WiFi Protected Setup Attack Tool
) = 46
write(2, "Copyright (c) 2011, Tactical Net"..., 88Copyright (c) 2011, Tactical 
Network Solutions, Craig Heffner <cheffner@tacnetsol.com>

) = 88

Original comment by g...@watchingyou.info on 1 Jan 2012 at 10:02

GoogleCodeExporter commented 8 years ago
We probably are not going to officially support the N900, or any other embedded 
devices/phones/etc., at least not right now. But if getting Reaver to work on 
the N900 is a relatively simple fix that someone who actually has an N900 can 
troubleshoot, we may be able to add support for it. I know that aircrack works 
on it, though my understanding is that it requires special drivers. @gg, I 
assume you have aircrack capture and injection working fine on your N900?

Original comment by cheff...@tacnetsol.com on 2 Jan 2012 at 3:40

GoogleCodeExporter commented 8 years ago
Yes injection ( aireplay-ng mon0 -9 ) is working fine with bleeding edge driver.
airmon-ng start wlan0 is creating the mon0 device.
Airodump-ng mon0 is working fine.

reaver never gets to the point where it normally shows "waiting for beacon 
...", but is running with ~99 % cpu constantly.

Original comment by FritzBox...@gmail.com on 2 Jan 2012 at 6:53

GoogleCodeExporter commented 8 years ago

Original comment by cheff...@tacnetsol.com on 2 Jan 2012 at 3:11

GoogleCodeExporter commented 8 years ago
The drivers which allow injection are now just part of the N900 repository so 
available to anyone who wants them. Aircrack-ng works well on the N900 and so 
does wifite which uses Aircrack-ng.

Original comment by g...@watchingyou.info on 2 Jan 2012 at 6:10

GoogleCodeExporter commented 8 years ago
Given that the strace just stops after printing out the copyright line, I don't 
think it's even getting to the point where it is trying to inject. Without 
access to the device, it's hard to say. Can you run it in gdb and try to coax 
some more info out of it?

Original comment by cheff...@tacnetsol.com on 2 Jan 2012 at 6:22

GoogleCodeExporter commented 8 years ago
never used gdb before, but if i run:
gdb reaver
run -i mon0 -b xx:xx... -vv

and then press ctrl + c to stop it, it displays:

Program received signal SIGINT, Interrupt.
0x40180218 in _getopt_internal_r () from /lib/libc.so.6
0x40180218 <_getopt_internal_r+296>:    ldr    r2, [r3, #32]

Original comment by FritzBox...@gmail.com on 2 Jan 2012 at 7:57

GoogleCodeExporter commented 8 years ago
Starting program: /usr/local/bin/reaver -i mon0

Reaver v1.2 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

^C
Program received signal SIGINT, Interrupt.
0x0000aeec in process_arguments (argc=3, argv=0xbea0b704) at argsparser.c:76
76  argsparser.c: No such file or directory.
    in argsparser.c
(gdb) quit
The program is running.  Quit anyway (and kill it)? (y or n) yes
Nokia-N900:~# gdb reaver
GNU gdb (GDB) 6.8.50.20090417-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "arm-linux-gnueabi".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
(gdb) run -i mon0 -b 00:xx:xx:xx:xx:xx -vv
Starting program: /usr/local/bin/reaver -i mon0 -b 00:xx:xx:xx:xx:xx -vv

Reaver v1.2 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

^C
Program received signal SIGINT, Interrupt.
0x40180928 in _getopt_internal_r () from /lib/libc.so.6
0x40180928 <_getopt_internal_r+2104>:   cmp r2, r6
(gdb) list
36  wpscrack.c: No such file or directory.
    in wpscrack.c
(gdb) quit
The program is running.  Quit anyway (and kill it)? (y or n) y
Nokia-N900:~# gdb reaver
GNU gdb (GDB) 6.8.50.20090417-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "arm-linux-gnueabi".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
(gdb) run -i mon0 -b 00:xx:xx:xx:xx:xx -vv
Starting program: /usr/local/bin/reaver -i mon0 -b 00:xx:xx:xx:xx:xx -vv

Reaver v1.2 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

^C
Program received signal SIGINT, Interrupt.
0x4018060c in _getopt_internal_r () from /lib/libc.so.6
0x4018060c <_getopt_internal_r+1308>:   b   0x40180654 <_getopt_internal_r+1380>
(gdb) list
36  wpscrack.c: No such file or directory.
    in wpscrack.c
(gdb) next
Single stepping until exit from function _getopt_internal_r, 
which has no line number information.
0x40181300 in _getopt_internal () from /lib/libc.so.6
0x40181300 <_getopt_internal+80>:   ldr r3, [pc, #56]   ; 0x40181340 
<_getopt_internal+144>
(gdb) next
Single stepping until exit from function _getopt_internal, 
which has no line number information.
0x40181408 in getopt_long () from /lib/libc.so.6
0x40181408 <getopt_long+28>:    sub sp, r11, #8 ; 0x8
(gdb) next
Single stepping until exit from function getopt_long, 
which has no line number information.
process_arguments (argc=6, argv=0xbef6f6e4) at argsparser.c:76
76  argsparser.c: No such file or directory.
    in argsparser.c
(gdb) next
74  in argsparser.c
(gdb) next
76  in argsparser.c
(gdb) next
74  in argsparser.c
(gdb) next
76  in argsparser.c
(gdb) list
71  in argsparser.c
(gdb) next
74  in argsparser.c
(gdb) next
76  in argsparser.c
(gdb) next
74  in argsparser.c
(gdb) next
76  in argsparser.c
(gdb) next
74  in argsparser.c
(gdb) next
76  in argsparser.c
(gdb) next
74  in argsparser.c
(gdb) quit
The program is running.  Quit anyway (and kill it)? (y or n) y

Original comment by FritzBox...@gmail.com on 2 Jan 2012 at 8:25

GoogleCodeExporter commented 8 years ago
So I would thin it is an endless loop in:

argsparser.c:76

?

        while((c = getopt_long(argc, argv, short_options, long_options, &long_opt_index)) != -1)
        {

...

A line print with all params given would be helpful now I think, have no access 
to my maemo sdk scratchbox vm now :( ... 
                swit

Original comment by FritzBox...@gmail.com on 2 Jan 2012 at 8:36

GoogleCodeExporter commented 8 years ago
argparser.c, line 40 & wpsmon.c, line 4 -- change char to int. :)

Original comment by maciej.s...@gmail.com on 3 Jan 2012 at 6:42

GoogleCodeExporter commented 8 years ago
seems to work thx! i had to setup a new vm for my sdk and compiled it right 
now, it starts and shows waiting for beacon ;)

Original comment by FritzBox...@gmail.com on 3 Jan 2012 at 11:18

GoogleCodeExporter commented 8 years ago
Latest SVN code uses int instead of char.

Original comment by cheff...@tacnetsol.com on 3 Jan 2012 at 2:02