h32ddlZddlZddlmZmZddlmZddlmZm Z ddl m Z ddl m Z mZddlmZddlmZd"d Zd"d Zd Zgd gd gZdZdZdZdZdZdZdZdZdZdZ dZ!dZ"dZ#dZ$Gdde%Z&Gdde%Z'd Z(d!Z)dS)#N)unpackpack)crc32)Cipher algorithms)default_backend)orbchb) Dot11TKIP)mac2strctj|}t|dt}|}|r|d|z||S)zQEncrypt data @data with key @key, skipping @skip first bytes of the keystreamN)modebackend)rARC4rr encryptorupdate)keydataskip algorithmcipherrs ^/mounts/lovelace/software/anaconda3/lib/python3.11/site-packages/scapy/modules/krack/crypto.py ARC4_encryptrsr$$I ID/2C2C D D DF  ""I )4(((   D ! !!c$t|||S)zQDecrypt data @data with key @key, skipping @skip first bytes of the keystream)r)rrrs r ARC4_decryptr s T4 ( ((rcd}dt||gt||gz}d}d}d} ||dzdzdzkrntj||t dz|zt |zt j} |dz }| | z} ||dzdzdzkn| d |S) z4Source https://stackoverflow.com/questions/12018920/sPairwise key expansionr@rN)joinsortedhmacnewr hashlibsha1digest) ramacsmacanoncesnonceABbleniRhmacsha1s r customPRF512r5(s!A t %%/?(@(@@AAA D A A CC' ( (8CSYY!2SVV!;W\JJ Q !! ! CC' ( ( UdU8Or(iiiii iiiTiP`iii}ViibiMiiEii@iiiiɎi iAigi_iEi#iSii[iuii=ijLiZliA~iiOi\hiQi4iiisiSbi?*i iRieFi^i(0i7i i/i i6$ii=i&iiNiiiiitXi.4i-6iii[iiMviai}i{Ri>iq^iiihri,i`@iiyiiiFigiKriޔiԘiiJiki*iOiiņiךiUfiiϊiiiiiDxi%iKii]iii?i!iHpiiciwiuicBi0 iiimiLii5&i/ii5ïi9.iWiUiiGziii+2iiiiўiifDi~Ti;i iʌi)iki<(iyiiivi;iVdiNtiiےi ilHii]iniCii9i1i7ii2iCiYniiidiҜiIiiii%iiiGiioiioJir\i$8iWisiQi#i|ii!>iݖiai iiiB|iqiiؐiiiii_jiiiiiXi':i'i8ii+i3"iipii3i-i"<ii iIiixPiziiYi iiei1iƄiiÂi)iwZii{iimi:,(iƥiiii iֽiޱiTi`PiiΩiV}iibiMiiEii@iiiii iAigi_iEi#iSii[iuii=iLjilZi~AiiOih\iQi4iiisibSi*?i iRiFei^i0(i7i i/i i$6ii=i&iNiiiiiiXti4.i6-iܲii[iivMiai}iR{i>i^qiiihri,i@`iiyiiԾiFigirKiiiiJiki*iOiiiifUiiiiiiixDi%iKii]iii?i!ipHiiciwiuiBci 0iiimiLii&5i/ii5ii.9iWiUiizGiȬii2+iiiiiiDfiT~i;i ii)iki(<iyiiivi;idVitNiii iHlii]iniCiĦi9i1i7ii2iCinYiڷiidiiIiشiii%iʯiiGiioiiJoi\ri8$iWisiQi#i|ii>!iiai iii|Biqi̪iiiii£ij_iiiiiXi:'i'i8ii+i"3iһipii3i-i<"ii iIiiPxiziiYi iiei1iiиii)iZwii{iimi,:r c|dz|zS)Nr )b1b2s r_MK16r:s !Gr>rc\td|dztd|dz z S)Nrr#r )_SBOXS)indexs r_SBOX16r?s' !9UT\ "VAY %< <rc|dz dz|dzzS)Nr#ir7rAs r_RotR1rFs aZ6 !erk 22rc t|dksJt|dksJt|dksJtd||z|zDsJg}|t|d|d|t|d|d|t|d|d |t|d|d|t|d|dt t D]}d|dzz}t |d t|dt|d|z|d |zz z|d <t |dt|d t|d|z|d|zz z|d<t |dt|dt|d |z|d |zz z|d<t |dt|dt|d |z|d |zz z|d<t |dt|dt|d|z|d |zz z|z|d<t|}|t |dt|d|d zt |d t|dt|d|d z z|d <t |dt|d t|d|dz z|d<t |dt|dt|d|dz z|d<t |dt|dt|d|dz z|d<t |dt|dt|d |d z z|d<t |dt|dt|d|dz z|d<t |d t|dt|d |d z z|d <t |dt|d t|d|dz z|d<t |dt|dz|d<t |dt|dz|d<t |dt|dz|d<t |dt|dz|d<g}||d||ddzdz||d ||dt|d|d z dz dzt dD]>}|||dz|||d z ?t|dksJd d|DS)zhImplement TKIP WEPSeed generation TSC: packet IV TA: target addr bytes TK: temporal key c3@K|]}t|tVdSN) isinstanceint.0xs r z#gen_TKIP_RC4_key..s,99az!S!!999999rr#r r  rE r<rc34K|]}t|VdSrK)r rNs rrQz#gen_TKIP_RC4_key..s(,,qCFF,,,,,,r) lenallappendr:rangePHASE1_LOOP_CNTrCr?listrFr$)TSCTATKTTAKr2jPPKWEPSeeds rgen_TKIP_RC4_keyrmsv s88q==== r77a<<<< r77b==== 9938b=999 9 9999 DKKc!fc!f%%&&&KKc!fc!f%%&&&KKbeRU##$$$KKbeRU##$$$KKbeRU##$$$? # #XX QK$q'GDGeBq1uIr!a%y6Q6Q,Q$R$RRSSQ$q'GDGeBq1uIr!a%y6Q6Q,Q$R$RRSSQ$q'GDGeBq1uIr!a%y6Q6Q,Q$R$RRSSQ$q'GDGeBrAvJ2PQ6 6S6S,S$T$TTUUQ$q'GDGeBq1uIr!a%y6Q6Q,Q$R$RRUVVWWQ t**CJJwtAws1vs1v!6!6677888SVgc!fuRUBqE/B/B&BCCC D DCF SVgc!fuRUBqE/B/B&BCCC D DCF SVgc!fuRUBqE/B/B&BCCC D DCF SVgc!fuRUBqE/B/B&BCCC D DCF SVgc!fuRUBqE/B/B&BCCC D DCF SVgc!fuRVRV/D/D&DEEE F FCF SVfSVeBrFBrF.C.C%CDDD E ECF SVfSVeBrFBrF.C.C%CDDD E ECF SVfSVnn, - -CF SVfSVnn, - -CF SVfSVnn, - -CF SVfSVnn, - -CFG NN3q6 NNCFTMT)*** NN3q6 NNSVeBqE2a5111a74?@@@ 1XX$$s1v}%%%s1v{#### w<<2     88,,G,,, , ,,rc0||dzz |d|z dzzzdzSNr]r7rBshifts r_rotate_right32rs) ebj !ErEzR.?$@ @J NNrc0||dzz|d|z dzz zdzSror7rqs r_rotate_left32rvrtrc$|dzdz |dzdzzS)z(Swap 2 least significant bytes of @valuel~r ir7rAs r_XSWAPrxs! Z A %5:+=!*C DDrc|t|dz }||zdz}|t|z }||zdz}|t|dz }||zdz}|t|dz }||zdz}||fS)zDefined in 802.11i p.49lrRrS)rvrxrs)m_lm_rs r _michael_br}s sB'' 'C 9 C s C 9 C sA&& &C 9 C Q'' 'C 9 C 8Orchtt|d\}}|tdzdd|z zz}td|\}}t |dzD]A}td||dz|dzdzd}||z}t ||\}}Bt d||S) zDefined in 802.11i p.48rUZrrYz!? ?DeS!!HC 8a< ((tAE!a%!)O455a8 wc3''SS sC  rcF|jjsJ|t}|j}|jst d|j}|j}|j}|j }|j }|j }|j } |dzdz|ksJdt|jD} |||||| g} | | |fS)z4Extract TSCs, TA and encoded-data from a packet @pktz Extended IV must be set for TKIPr]r^c,g|]}t|Sr7r rOes r z"parse_TKIP_hdr..&s - - -Q#a&& - - -r)FCfield protectedr rext_iv ValueErrorTSC0TSC1rlTSC2TSC3TSC4TSC5r addr2) pkt tkip_layerpayloadrrWEPseedrrrrrgrfs rparse_TKIP_hdrr s ;    YJoG  =;<<< ?D ?D G ?D ?D ?D ?D 4K4 7 * * * * - -'#),, - - -B tT4 .C G rc|dz dz|dz dz|dz dz|dz dz|dz dz|dzf\}}}}}} d} t|t|dzdzzt| zt| z} | t|t|zt|zt|zz } dt|D} | |||||g} d |D}t| | |}| t||zS) zaBuild a TKIP header for IV @iv and mac @mac, and encrypt @data based on temporal key @tk (r<r]rIr r^c,g|]}t|Sr7rrs rrz&build_TKIP_payload..<s ' ' 'Q#a&& ' ' 'rc,g|]}t|Sr7rrNs rrz&build_TKIP_payload..>   Q#a&&   r)r r rmr)rivmactkrrrrrrbitfieldTKIP_hdrrgrfrhrc4_keys rbuild_TKIP_payloadr,s. rT rT rT rT qD T *&D$dD$H4yy3t t3444s4yy@3x==PH D CII%D 1CII==H ' ''#,, ' ' 'B tT4 .C  "   BsB++G l7D11 11rct|\}}}d|D}t|||}t||S)z9Extract data from a WPA packet @pkt with temporal key @tkc,g|]}t|Sr7rrNs rrz"parse_data_pkt..Grr)rrmr)rrrfrgrrhrs rparse_data_pktrDsI"3''MCT  "   BsB++G  & &&rceZdZdZdS)ICVErrorz(The expected ICV is not the computed oneN__name__ __module__ __qualname____doc__r7rrrrM22DrrceZdZdZdS)MICErrorz(The expected MIC is not the computed oneNrr7rrrrRrrrcpt|dksJ|dd}|dd}|dd}tdt||zdz}||krtt |}t |} t || |zdz|z} | |krt |S)z=Check MIC, ICV & return the data from a decrypted TKIP packetrXNirrps)r`rrrr rr) rmic_keysourcedestICVMIC data_clear expected_ICVsada expected_MICs r check_MIC_ICVrWs t99r>>>> rss)C s2v,CdsdJeJ$455 BCCLsjj B B7BGk$9J$FGGLsjj rct|}t|}t|||zdzdz|z}tdt||zdz}||z|zS)z0Compute and return the data with its MIC and ICVrsrrp)r rrr)rrrrrrrrs r build_MIC_ICVrpsk B B '27W,{:TA B BC tU4#:&&3 4 4C #: r)r)*r(r&structrrzlibr&cryptography.hazmat.primitives.ciphersrrcryptography.hazmat.backendsr scapy.compatr r scapy.layers.dot11r scapy.utilsr rrr5r=rdr:r?rCrFrmrsrvrxr}rrrr Exceptionrrrrr7rrrs]  EEEEEEEE888888!!!!!!!!(((((( " " " "))))   (!!!D!!!GE P===333B-B-B-POOOOOOEEE   !!!(@2220'''     y        y   2     r