search

vanhoefm / krackattacks-scripts

Other
3.3k stars 770 forks source link

krack-test-client.py --tptk Crashes #79

Closed mdalag closed 3 years ago

mdalag commented 3 years ago

There were two bugs:

  1. AttributeError: module 'Crypto.Cipher.AES' has no attribute 'MODE_CCM' I've changed Crypto.Cipher.AES to Cryptodome.Cipher.AES to fix it

  2. After 'IV reuse detected (IV=9, seq=5). Client reinstalls the pairwise key in the 4-way handshake (this is bad)' message script crashes: Traceback (most recent call last): File "/home/kali/Tools/Wireless/krackattacks-scripts-research/krackattack/./krack-test-client.py", line 610, in <module> attack.run(options=options) File "/home/kali/Tools/Wireless/krackattacks-scripts-research/krackattack/./krack-test-client.py", line 470, in run if self.sock_mon in sel[0]: self.handle_mon_rx() File "/home/kali/Tools/Wireless/krackattacks-scripts-research/krackattack/./krack-test-client.py", line 347, in handle_mon_rx self.handle_replay(p) File "/home/kali/Tools/Wireless/krackattacks-scripts-research/krackattack/./krack-test-client.py", line 313, in handle_replay decap = header/plaintext[SNAP].payload TypeError: byte indices must be integers or slices, not Packet_metaclass I've printed out plaintext, here's it b'\xaa\xaa\x03\x00\x00\x00\x88\x8e\x02\x03\x00u\x02\x01\n\x00\x10\x00\x00\x00\x00\x00\x00\x00\tx\xd4\x1a\x9fS\xf7\xc0\x86\xf7\x92\r\xa4%\xb5IM\xd6S5\x95Y_\xd4\x10}\xeb\xbdm\xd6\xdb\x92@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00~\x9a\xce\xc8\xfe\x97\xc6Vu\xcb/\xc2\xd6\t\xa7\xfa\x00\x160\x14\x01\x00\x00\x0f\xac\x04\x01\x00\x00\x0f\xac\x04\x01\x00\x00\x0f\xac\x02\x88\x00\xe6\xc7\x19\xb1\xc6\x99\x07H'

vanhoefm commented 3 years ago

  1. You have to use the virtual python environment as mentioned in the README. Execute the following once:

    cd krackattack
./pysetup.sh

    And every time you use the script:

    sudo su
source venv/bin/activate

  2. Hopefully also solved by the above.

mdalag commented 3 years ago

  1. Seems that the first issue was because of my wrong set up. Thanks

  2. The second issue is still present.

vanhoefm commented 3 years ago

Try the latest code.

And remember to run ./disable-hwcrypto.sh: it seems your network card was using hardware decryption. The script tries to handle this, but there was a bug in that part, likely causing it to crash.

mdalag commented 3 years ago

Should I disable encryption every time I want to use the tests? Because I disabled it once

vanhoefm commented 3 years ago

Disabling it once should be enough. It might be that for your network card hardware decryption cannot be disabled (or the script fails at doing that). Can you test whether the updated code is working? If not, which network card are you using?

mdalag commented 3 years ago

Updated code is working. There's no crash after IV reuse detected (IV=3, seq=1) message. Thanks

vanhoefm commented 3 years ago

Great to hear, thanks for reporting!