static void Main(string[] args) { using WiFiMonitor wiFiMonitor = new WiFiMonitor(constructNetworkGraph: true); wiFiMonitor.PacketArrived += (object sender, PacketArrivedEventArgs e) => { DataFrame dataFrame = e.ArrivedPacket.Extract <DataFrame>(); if (dataFrame?.PayloadData == null) { return; } wiFiMonitor.NetworkGraph.GetDestinationAndSource( dataFrame, out AccessPoint accessPoint, out Station station); if (station.PairwiseTransientKey == null) { return; } Console.WriteLine("Attempting to decrypt"); byte[] decryptedBytes = WPA2CryptographyTools.CCMPTryDecryptDataFrame( dataFrame, station.PairwiseTransientKey[32..48]); string decodedText = Encoding.UTF8.GetString(decryptedBytes); Console.WriteLine(decodedText); };
/// <summary> /// Adds a Pairwise Master Key (PMK) to the access point with the specified BSSID. /// In WPA2, the PMK is derived from the access point BSSID and password and used to /// create other keys used in encryption. /// </summary> /// <param name="bssid">The BSSID of the access point.</param> /// <param name="ssid">The SSID of the access point.</param> /// <param name="password">The password of the access point.</param> public void AddPassword(PhysicalAddress bssid, string ssid, string password) { byte[] pmk = WPA2CryptographyTools.GeneratePairwiseMasterKey(password, ssid); if (AccessPoints.ContainsKey(bssid) == false) { AccessPoints[bssid] = new AccessPoint(bssid); } AccessPoints[bssid].PairwiseMasterKey = pmk; }
public void GeneratePairwiseMasterKey_WithValidInput_ShouldGenerateCorrectKey() { // Arrange and Act byte[] pmk = WPA2CryptographyTools.GeneratePairwiseMasterKey(_passphrase, _ssid); bool pmkIsCorrect = HelperMethods.CompareBuffers(pmk, _pmk1, _pmk1.Length) == 0; // Assert Assert.IsTrue(pmkIsCorrect); }
public void GeneratePairwiseTransientKey_WithValidInput_ShouldGenerateCorrectKey() { // NB! The current version of the test relies on old TKIP // test vectors // TODO: Find WPA2 test vectors // Arrange and Act byte[] ptk = WPA2CryptographyTools.GeneratePairwiseTransientKey( _pairwiseMasterKey, _AA, _SA, _sNonce, _aNonce); bool ptkIsCorrect = HelperMethods.CompareBuffers( ptk, _pairwiseTransientKey, 48) == 0; // Assert Assert.IsTrue(ptkIsCorrect); }
public void CCMPTryDecryptDataFrame_WithValidInput_ShouldDecryptCorrectly(int i) { // Arrange Packet encryptedPacket = Packet.ParsePacket(LinkLayers.Ieee80211, _ciphertextMPDUs[i]); DataFrame encryptedDataFrame = encryptedPacket.Extract <DataFrame>(); // Act byte[] actualDecryptedBody = WPA2CryptographyTools.CCMPTryDecryptDataFrame(encryptedDataFrame, _tks[i]); bool decryptedCorrectly = HelperMethods.CompareBuffers( _plaintextDatas[i], actualDecryptedBody, _plaintextDatas[i].Length) == 0; // Assert Assert.IsTrue(decryptedCorrectly); }
private void HandleDataFrame(DataFrame dataFrame) { GetDestinationAndSource( dataFrame, out AccessPoint accessPoint, out Station station); int handshakeNum = FrameParser.TryToParse4WayHandshake(dataFrame, out EAPOLKeyFormat keyFormat); switch (handshakeNum) { case 1: System.Console.WriteLine("Setting ANonce"); station.ANonce = keyFormat.KeyNonce; break; case 2: System.Console.WriteLine("Setting SNonce"); station.SNonce = keyFormat.KeyNonce; if ((station.ANonce != null) && (accessPoint.PairwiseMasterKey != null)) { byte[] ptk = WPA2CryptographyTools.GeneratePairwiseTransientKey( accessPoint.PairwiseMasterKey, dataFrame.DestinationAddress.GetAddressBytes(), dataFrame.SourceAddress.GetAddressBytes(), station.ANonce, station.SNonce); System.Console.WriteLine("Setting ptk"); station.PairwiseTransientKey = ptk; } break; case 3: System.Console.WriteLine("4whs case 3"); break; case 4: System.Console.WriteLine("4whs case 4"); break; default: break; } }