static void Main(string[] args)
{
using WiFiMonitor wiFiMonitor = new WiFiMonitor(constructNetworkGraph: true);
wiFiMonitor.PacketArrived += (object sender, PacketArrivedEventArgs e) =>
{
DataFrame dataFrame = e.ArrivedPacket.Extract <DataFrame>();
if (dataFrame?.PayloadData == null)
{
return;
}
wiFiMonitor.NetworkGraph.GetDestinationAndSource(
dataFrame, out AccessPoint accessPoint, out Station station);
if (station.PairwiseTransientKey == null)
{
return;
}
Console.WriteLine("Attempting to decrypt");
byte[] decryptedBytes = WPA2CryptographyTools.CCMPTryDecryptDataFrame(
dataFrame, station.PairwiseTransientKey[32..48]);
string decodedText = Encoding.UTF8.GetString(decryptedBytes);
Console.WriteLine(decodedText);
};
/// <summary>
/// Adds a Pairwise Master Key (PMK) to the access point with the specified BSSID.
/// In WPA2, the PMK is derived from the access point BSSID and password and used to
/// create other keys used in encryption.
/// </summary>
/// <param name="bssid">The BSSID of the access point.</param>
/// <param name="ssid">The SSID of the access point.</param>
/// <param name="password">The password of the access point.</param>
public void AddPassword(PhysicalAddress bssid, string ssid, string password)
{
byte[] pmk =
WPA2CryptographyTools.GeneratePairwiseMasterKey(password, ssid);
if (AccessPoints.ContainsKey(bssid) == false)
{
AccessPoints[bssid] = new AccessPoint(bssid);
}
AccessPoints[bssid].PairwiseMasterKey = pmk;
}
public void GeneratePairwiseMasterKey_WithValidInput_ShouldGenerateCorrectKey()
{
// Arrange and Act
byte[] pmk =
WPA2CryptographyTools.GeneratePairwiseMasterKey(_passphrase, _ssid);
bool pmkIsCorrect =
HelperMethods.CompareBuffers(pmk, _pmk1, _pmk1.Length) == 0;
// Assert
Assert.IsTrue(pmkIsCorrect);
}
public void GeneratePairwiseTransientKey_WithValidInput_ShouldGenerateCorrectKey()
{
// NB! The current version of the test relies on old TKIP
// test vectors
// TODO: Find WPA2 test vectors
// Arrange and Act
byte[] ptk = WPA2CryptographyTools.GeneratePairwiseTransientKey(
_pairwiseMasterKey, _AA, _SA, _sNonce, _aNonce);
bool ptkIsCorrect = HelperMethods.CompareBuffers(
ptk, _pairwiseTransientKey, 48) == 0;
// Assert
Assert.IsTrue(ptkIsCorrect);
}
public void CCMPTryDecryptDataFrame_WithValidInput_ShouldDecryptCorrectly(int i)
{
// Arrange
Packet encryptedPacket = Packet.ParsePacket(LinkLayers.Ieee80211, _ciphertextMPDUs[i]);
DataFrame encryptedDataFrame = encryptedPacket.Extract <DataFrame>();
// Act
byte[] actualDecryptedBody =
WPA2CryptographyTools.CCMPTryDecryptDataFrame(encryptedDataFrame, _tks[i]);
bool decryptedCorrectly = HelperMethods.CompareBuffers(
_plaintextDatas[i], actualDecryptedBody, _plaintextDatas[i].Length) == 0;
// Assert
Assert.IsTrue(decryptedCorrectly);
}
private void HandleDataFrame(DataFrame dataFrame)
{
GetDestinationAndSource(
dataFrame, out AccessPoint accessPoint, out Station station);
int handshakeNum =
FrameParser.TryToParse4WayHandshake(dataFrame, out EAPOLKeyFormat keyFormat);
switch (handshakeNum)
{
case 1:
System.Console.WriteLine("Setting ANonce");
station.ANonce = keyFormat.KeyNonce;
break;
case 2:
System.Console.WriteLine("Setting SNonce");
station.SNonce = keyFormat.KeyNonce;
if ((station.ANonce != null) && (accessPoint.PairwiseMasterKey != null))
{
byte[] ptk = WPA2CryptographyTools.GeneratePairwiseTransientKey(
accessPoint.PairwiseMasterKey,
dataFrame.DestinationAddress.GetAddressBytes(),
dataFrame.SourceAddress.GetAddressBytes(),
station.ANonce,
station.SNonce);
System.Console.WriteLine("Setting ptk");
station.PairwiseTransientKey = ptk;
}
break;
case 3:
System.Console.WriteLine("4whs case 3");
break;
case 4:
System.Console.WriteLine("4whs case 4");
break;
default:
break;
}
}
