Comments (21)
I looked into this and it seems pretty doable. Here is the install script I used for testing:
cd /tmp
git clone https://github.com/OpenSecurityResearch/hostapd-wpe
wget http://w1.fi/releases/hostapd-2.2.tar.gz
tar -zxf hostapd-2.2.tar.gz
cd hostapd-2.2
patch -p1 < ../hostapd-wpe/hostapd-wpe.patch
cd hostapd
sed -i 's/#CONFIG_LIBNL32=y/CONFIG_LIBNL32=y/g' .config
make
chmod 755 hostapd-wpe
cp hostapd-wpe /usr/bin/hostapd-wpe
mkdir -p /usr/share/hostapd-wpe/certs
cp hostapd.eap_user /usr/share/hostapd-wpe/hostapd.eap_user
cd /tmp/hostapd-wpe/
cp -rf certs /usr/share/hostapd-wpe
chmod 755 /usr/share/hostapd-wpe/certs/bootstrap
#cd /usr/share/hostapd-wpe/certs/
#./bootstrap
The configuration file I moved to Nethunter application configuration files and pointed it to the certificates and user file to where we copied it.
Adding the above to the chroot build would be easy (just copy and paste). The Nethunter app changes shouldn't be terribly difficult either since it uses nearly the same file as hostapd-mana. Just needs some slight changes to regex/ui.
I think the biggest challenge would be making sure the certificates get generated by bootstrap along with how to run it smoothly.
from nethunter-app.
Nice, any idea how soon this could be implemented?
On Apr 6, 2016 6:31 PM, "binkybear" [email protected] wrote:
I looked into this and it seems pretty doable. Here is the install script
I used for testing:cd /tmp
git clone https://github.com/OpenSecurityResearch/hostapd-wpe
wget http://w1.fi/releases/hostapd-2.2.tar.gz
tar -zxf hostapd-2.2.tar.gzcd hostapd-2.2
patch -p1 < ../hostapd-wpe/hostapd-wpe.patch cd hostapd
sed -i 's/#CONFIG_LIBNL32=y/CONFIG_LIBNL32=y/g' .config
make
chmod 755 hostapd-wpe
cp hostapd-wpe /usr/bin/hostapd-wpe
cp hostapd-wpe.eap_user /usr/share/hostapd-wpe/hostapd-wpe.eap_usercd /tmp/hostapd-wpe/
mkdir -p /usr/share/hostapd-wpe/certs
cp -rf certs /usr/share/hostapd-wpe
chmod 755 /usr/share/hostapd-wpe/certs/bootstrap#cd /usr/share/hostapd-wpe/certs/#./bootstrapThe configuration file I moved to Nethunter application configuration
files and pointed it to the certificates and user file to where we copied
it.Adding the above to the chroot build would be easy (just copy and paste).
The Nethunter app changes shouldn't be terribly difficult either since it
uses nearly the same file as hostapd-mana. Just needs some slight changes
to regex/ui.I think the biggest challenge would be making sure the certificates get
generated by bootstrap along with how to run it smoothly.—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
#128 (comment)
from nethunter-app.
OK - so maybe you can help with testing. Install hostapd-wpe using instructions above. Then install apk:
https://transfer.sh/pDNCa/nethunter-app-release.apk
Under mana-toolkit you can modify hostapd-wpe in the second tab and generate certificates. When you are ready, hit "start mana" and select hostapd-wpe. Let me know what needs to be fixed/added.
from nethunter-app.
Will check that out in a bit, just signed on to work.
-----Original Message-----
From: binkybear [mailto:[email protected]]
Sent: Wednesday, April 6, 2016 10:22 PM
To: offensive-security/nethunter-app
Cc: thesle3p
Subject: Re: [offensive-security/nethunter-app] [suggestion] hostapd-wpe front end (#128)
OK - so maybe you can help with testing. Install hostapd-wpe using instructions above. Then install apk:
https://transfer.sh/pDNCa/nethunter-app-release.apk
Under mana-toolkit you can modify hostapd-wpe in the second tab and generate certificates. When you are ready, hit "start mana" and select hostapd-wpe. Let me know what needs to be fixed/added.
—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub #128 (comment) https://github.com/notifications/beacon/AIqhyFHdNvLrSyBZbixQrLUe3lGoQkPHks5p1GpXgaJpZM4IBH_B.gif
from nethunter-app.
Ok, so two things first to compile hostapd-wpe needs two dependencies that you missed
sudo apt-get install libnl-3-dev
and
sudo apt-get install libnl-genl-3-dev
Also when I try and connect to the honey-net hostapd-wpe seems to want a EAP type different then what ever eap type I specify in the config, a example below:
Configuration file: /sdcard/nh_files/configs/hostapd-wpe.conf
Using interface wlan1 with hwaddr 00:11:22:33:44:00 and ssid "Free_Internet"
wlan1: interface state UNINITIALIZED->ENABLED
wlan1: AP-ENABLED
wlan1: STA <redacted> IEEE 802.11: authenticated
wlan1: STA <redacted> IEEE 802.11: associated (aid 1)
wlan1: CTRL-EVENT-EAP-STARTED <redacted>
wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
wlan1: CTRL-EVENT-EAP-FAILURE <redacted>
wlan1: STA <redacted> IEEE 802.1X: authentication failed - EAP type: 0 ((null))
wlan1: STA <redacted> IEEE 802.1X: Supplicant used different EAP type: 1 (Identity)
wlan1: STA <redacted> IEEE 802.11: deauthenticated due to local deauth request
I never saw this error on x86 Kali or stock debian, not sure what's going on there.
from nethunter-app.
Thanks for testing. You can get better debugging results with a -dd. So the command to run would be:
ifconfig wlan1 up && /usr/bin/hostapd-wpe -dd /sdcard/nh_files/configs/hostapd-wpe.conf
Or if you just want a new apk with -dd built it:
https://transfer.sh/VxxYP/nethunter-app-release.apk
edit
Testing shows maybe its a bit to much on the debugging....best to do it do it from ssh and pipe out a log...
edit2
Maybe it would be better/easier to just use built in mana eap attack and modify start-noupstream-eap.sh.
from nethunter-app.
I think everything is working now:
https://transfer.sh/YJHkL/nethunter-app-release.apk
I've also used the patch for 2.5 hostapd instead. I've submitted a pull request with the updated binary and cert files: offensive-security/nethunter-utils#15
Eventually you should only need to run an apt-get update/upgrade and install latest apk. I took a screenshot to confirm it worked in link below:
Tested on OnePlus1 using TL-WN722N:
from nethunter-app.
That version bricks the HID attack menu in the app and makes
nethunter/android no longer see wlan1.
On 04/06/2016 10:22 PM, binkybear wrote:
OK - so maybe you can help with testing. Install hostapd-wpe using
instructions above. Then install apk:https://transfer.sh/pDNCa/nethunter-app-release.apk
Under mana-toolkit you can modify hostapd-wpe in the second tab and
generate certificates. When you are ready, hit "start mana" and select
hostapd-wpe. Let me know what needs to be fixed/added.—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
#128 (comment)
from nethunter-app.
Are you sure the kernel didn't get updated? There were no changes to hid and theres no possible way the app removed ability to detect wlan1. (Feel free to check git history)
from nethunter-app.
When i go to the HID attack menu the app crashes. I was able to fix the
wlan1 detection issue with a reboot.
On Apr 14, 2016 9:03 PM, "binkybear" [email protected] wrote:
Are you sure the kernel didn't get updated? There were no changes to hid
and theres no possible way the app removed ability to detect wlan1. (Feel
free to check git history)—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
#128 (comment)
from nethunter-app.
Ah I see now on the hid app crash. Will look for problem/fix and upload. Thanks for the good eye!
For my reference logcat:
04-14 21:07:18.577 23733 23733 E AndroidRuntime: FATAL EXCEPTION: main
04-14 21:07:18.577 23733 23733 E AndroidRuntime: Process: com.offsec.nethunter, PID: 23733
04-14 21:07:18.577 23733 23733 E AndroidRuntime: java.lang.NullPointerException: Attempt to read from field 'java.lang.String com.offsec.nethunter.utils.NhPaths.CHROOT_PATH' on a null object reference
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at com.offsec.nethunter.HidFragment.onActivityCreated(HidFragment.java:69)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at android.support.v4.app.Fragment.performActivityCreated(Fragment.java:1983)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at android.support.v4.app.FragmentManagerImpl.moveToState(FragmentManager.java:1092)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at android.support.v4.app.FragmentManagerImpl.moveToState(FragmentManager.java:1252)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at android.support.v4.app.BackStackRecord.run(BackStackRecord.java:742)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at android.support.v4.app.FragmentManagerImpl.execPendingActions(FragmentManager.java:1617)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at android.support.v4.app.FragmentManagerImpl$1.run(FragmentManager.java:517)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at android.os.Handler.handleCallback(Handler.java:739)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at android.os.Handler.dispatchMessage(Handler.java:95)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at android.os.Looper.loop(Looper.java:148)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at android.app.ActivityThread.main(ActivityThread.java:5466)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at java.lang.reflect.Method.invoke(Native Method)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
04-14 21:07:18.577 23733 23733 E AndroidRuntime: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
04-14 21:07:18.579 1076 3136 W ActivityManager: Force finishing activity com.offsec.nethunter/.AppNavHomeActivity
04-14 21:07:18.635 1076 23614 I OpenGLRenderer: Initialized EGL, version 1.4
04-14 21:07:19.095 1076 1695 W ActivityManager: Activity pause timeout for ActivityRecord{7ceffe0 u0 com.offsec.nethunter/.AppNavHomeActivity t206 f}
from nethunter-app.
Now that I fixed the wlan1 detection issue I will try the host apd issue
On Apr 14, 2016 9:05 PM, "binkybear" [email protected] wrote:
Ah I see now on the hid app crash. Will look for problem/fix and upload.
Thanks for the good eye!—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
#128 (comment)
from nethunter-app.
Tried using the apk you sent and hostapd-wpe 2.5 with the patch from the repo you used with the same authentication problem.
from nethunter-app.
Fixed HID error:
9ba2798
New APK with HID fix:
https://transfer.sh/IJod2/nethunter-app-release.apk
The crash is occurring I believe because of some changes in Android API.
So back to your authentication issue, I assume its exactly same error as before? Did you also try "forgetting" network then joining? Just trying to rule out what could be causing issue.
from nethunter-app.
I tried that. I also tried from both android and Debian.
from nethunter-app.
Did you try off the 2.5 hostapd? Here is the binary I used (which worked for me):
https://github.com/binkybear/nethunter-utils/blob/master/usr/bin/hostapd-wpe
(I used TPLINK in testing)
from nethunter-app.
Ok, so that binary seems to require different libssl binaries then apt-get install provides and the app crash bug is present in the kali services and duck hunter tabs as well.
from nethunter-app.
Reverted API back to earlier appears to fix issues with app crashes. However, we will one day have to upgrade to latest api and will probably encounter these issues again:
https://transfer.sh/4EvQ7/nethunter-app-release.apk
from nethunter-app.
Great, but so far I have been unable to get hostapd-wpe to capture creds, once hostapd-wpe is pushed to the nethunter repo I will try again. Also just a suggestion maybe the app should parse hostapd-wpe's output and log captured creds to a file?
-----Original Message-----
From: binkybear [mailto:[email protected]]
Sent: Friday, April 15, 2016 7:14 AM
To: offensive-security/nethunter-app
Cc: thesle3p
Subject: Re: [offensive-security/nethunter-app] [suggestion] hostapd-wpe front end (#128)
Reverted API back to earlier appears to fix issues with app crashes. However, we will one day have to upgrade to latest api and will probably encounter these issues again:
https://transfer.sh/4EvQ7/nethunter-app-release.apk
—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub #128 (comment) https://github.com/notifications/beacon/AIqhyDxhA8pc7ggCEybaAGmvCm6Wyf2Qks5p33L6gaJpZM4IBH_B.gif
from nethunter-app.
Any idea when hostapd-wpe will be pushed to the Nethunter Repo?
from nethunter-app.
Flashing nethunter again and compiling hostapd-wpe worked, only suggestion is to have the app parse hostapd-wpe's log file and save it's contents to a external file to make offline cracking easier.
from nethunter-app.
Related Issues (20)
- hostapd-wpe.eap_user - Where? HOT 1
- "Script to execute:" - Where edit? HOT 2
- Services won't start on new builds of Nethunter (e.g. 3.15.4) on OnePlus One HOT 2
- Nethunter App does not have permission to send to NetHunter erminal! & "error launching intent. install android terminal" HOT 2
- New Feature Suggestion: Kernel Modules HOT 1
- DuckHunter Support: PT-BR Keyboards HOT 3
- glitch: ANDROID_DAILY_OVERRIDE environment variable Gradle build
- './
- Wardriving and Deauth issues HOT 3
- Not allowed to start service Intent HOT 2
- Certificate pinning change yet HOT 1
- SearchSploit Not Working After Update HOT 6
- is it possible to add language/keyboard layout for ducky script (duckhunther) HOT 1
- SearchSploit and CustomCommands causes the app crash HOT 2
- chroot download/install fails [Android 9] HOT 6
- Creation of new logo
- New fragment "InstallApk.java" required HOT 4
- Reactivate "Check App Update" button HOT 1
- Latest nethunter.apk not working on Android 6.0 Marshmallow HOT 5
- TODO LIST HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nethunter-app.