diff --git a/docs/changes.txt b/docs/changes.txt index 3989799b3..efc0f9f88 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -1,5 +1,11 @@ * changes v6.2.5 -> v6.2.x +## +## Bugs +## + +- Fixed functional error when nonce-error-corrections that were set on the command line in hash-mode 22000/22001 were not accepted + ## ## Technical ## diff --git a/src/modules/module_22000.c b/src/modules/module_22000.c index 942b02703..382ace959 100644 --- a/src/modules/module_22000.c +++ b/src/modules/module_22000.c @@ -192,6 +192,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE memset (hashes_buf[hashes_cnt].esalt, 0, sizeof (wpa_t)); + /* moved to module_hash_decode_postprocess() wpa_t *wpa = (wpa_t *) hashes_buf[hashes_cnt].esalt; wpa->message_pair_chgd = user_options->hccapx_message_pair_chgd; @@ -199,6 +200,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE wpa->nonce_error_corrections_chgd = user_options->nonce_error_corrections_chgd; wpa->nonce_error_corrections = user_options->nonce_error_corrections; + */ hash_t *hash = &hashes_buf[hashes_cnt]; @@ -225,6 +227,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE memset (hashes_buf[hashes_cnt].esalt, 0, sizeof (wpa_t)); + /* moved to module_hash_decode_postprocess() wpa_t *wpa = (wpa_t *) hashes_buf[hashes_cnt].esalt; wpa->message_pair_chgd = user_options->hccapx_message_pair_chgd; @@ -232,6 +235,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE wpa->nonce_error_corrections_chgd = user_options->nonce_error_corrections_chgd; wpa->nonce_error_corrections = user_options->nonce_error_corrections; + */ hash_t *hash = &hashes_buf[hashes_cnt]; @@ -1044,6 +1048,9 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE const u8 message_pair = hex_to_u8 (message_pair_pos); + wpa->message_pair = message_pair; + + /* moved to module_hash_decode_postprocess() if (wpa->message_pair_chgd == true) { // we can filter some message types here @@ -1080,6 +1087,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE } } } + */ // now some optimization related to replay counter endianess // hcxtools has techniques to detect them @@ -1273,6 +1281,53 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE return line_len; } +int module_hash_decode_postprocess (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + wpa_t *wpa = (wpa_t *) esalt_buf; + + wpa->message_pair_chgd = user_options->hccapx_message_pair_chgd; + //wpa->message_pair = user_options->hccapx_message_pair; + + wpa->nonce_error_corrections_chgd = user_options->nonce_error_corrections_chgd; + //wpa->nonce_error_corrections = user_options->nonce_error_corrections; + + if (wpa->message_pair_chgd == true) + { + // we can filter some message types here + + if (user_options->hccapx_message_pair != (wpa->message_pair & 0x7f)) return (PARSER_HCCAPX_MESSAGE_PAIR); + } + + if (wpa->nonce_error_corrections_chgd == true) + { + wpa->nonce_error_corrections = user_options->nonce_error_corrections; + } + else + { + wpa->nonce_error_corrections = NONCE_ERROR_CORRECTIONS; + } + + if (wpa->message_pair & (1 << 4)) + { + // ap-less attack detected, nc not needed + + wpa->nonce_error_corrections = 0; + } + else + { + if (wpa->message_pair & (1 << 7)) + { + // replaycount not checked, nc needed + } + else + { + wpa->nonce_error_corrections = 0; + } + } + + return (PARSER_OK); +} + void module_init (module_ctx_t *module_ctx) { module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; @@ -1300,7 +1355,7 @@ void module_init (module_ctx_t *module_ctx) module_ctx->module_hash_binary_count = module_hash_binary_count; module_ctx->module_hash_binary_parse = module_hash_binary_parse; module_ctx->module_hash_binary_save = module_hash_binary_save; - module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = module_hash_decode_postprocess; module_ctx->module_hash_decode_potfile = module_hash_decode_potfile; module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; module_ctx->module_hash_decode = module_hash_decode; diff --git a/src/modules/module_22001.c b/src/modules/module_22001.c index 22eced6a1..f9aed27e2 100644 --- a/src/modules/module_22001.c +++ b/src/modules/module_22001.c @@ -193,6 +193,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE memset (hashes_buf[hashes_cnt].esalt, 0, sizeof (wpa_t)); + /* moved to module_hash_decode_postprocess() wpa_t *wpa = (wpa_t *) hashes_buf[hashes_cnt].esalt; wpa->message_pair_chgd = user_options->hccapx_message_pair_chgd; @@ -200,6 +201,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE wpa->nonce_error_corrections_chgd = user_options->nonce_error_corrections_chgd; wpa->nonce_error_corrections = user_options->nonce_error_corrections; + */ hash_t *hash = &hashes_buf[hashes_cnt]; @@ -226,6 +228,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE memset (hashes_buf[hashes_cnt].esalt, 0, sizeof (wpa_t)); + /* moved to module_hash_decode_postprocess() wpa_t *wpa = (wpa_t *) hashes_buf[hashes_cnt].esalt; wpa->message_pair_chgd = user_options->hccapx_message_pair_chgd; @@ -233,6 +236,7 @@ int module_hash_binary_parse (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE wpa->nonce_error_corrections_chgd = user_options->nonce_error_corrections_chgd; wpa->nonce_error_corrections = user_options->nonce_error_corrections; + */ hash_t *hash = &hashes_buf[hashes_cnt]; @@ -1044,6 +1048,9 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE const u8 message_pair = hex_to_u8 (message_pair_pos); + wpa->message_pair = message_pair; + + /* moved to module_hash_decode_postprocess() if (wpa->message_pair_chgd == true) { // we can filter some message types here @@ -1080,6 +1087,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE } } } + */ // now some optimization related to replay counter endianess // hcxtools has techniques to detect them @@ -1273,6 +1281,53 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE return line_len; } +int module_hash_decode_postprocess (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + wpa_t *wpa = (wpa_t *) esalt_buf; + + wpa->message_pair_chgd = user_options->hccapx_message_pair_chgd; + //wpa->message_pair = user_options->hccapx_message_pair; + + wpa->nonce_error_corrections_chgd = user_options->nonce_error_corrections_chgd; + //wpa->nonce_error_corrections = user_options->nonce_error_corrections; + + if (wpa->message_pair_chgd == true) + { + // we can filter some message types here + + if (user_options->hccapx_message_pair != (wpa->message_pair & 0x7f)) return (PARSER_HCCAPX_MESSAGE_PAIR); + } + + if (wpa->nonce_error_corrections_chgd == true) + { + wpa->nonce_error_corrections = user_options->nonce_error_corrections; + } + else + { + wpa->nonce_error_corrections = NONCE_ERROR_CORRECTIONS; + } + + if (wpa->message_pair & (1 << 4)) + { + // ap-less attack detected, nc not needed + + wpa->nonce_error_corrections = 0; + } + else + { + if (wpa->message_pair & (1 << 7)) + { + // replaycount not checked, nc needed + } + else + { + wpa->nonce_error_corrections = 0; + } + } + + return (PARSER_OK); +} + void module_init (module_ctx_t *module_ctx) { module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; @@ -1300,7 +1355,7 @@ void module_init (module_ctx_t *module_ctx) module_ctx->module_hash_binary_count = module_hash_binary_count; module_ctx->module_hash_binary_parse = module_hash_binary_parse; module_ctx->module_hash_binary_save = module_hash_binary_save; - module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; + module_ctx->module_hash_decode_postprocess = module_hash_decode_postprocess; module_ctx->module_hash_decode_potfile = module_hash_decode_potfile; module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; module_ctx->module_hash_decode = module_hash_decode;