dwpa icon indicating copy to clipboard operation
dwpa copied to clipboard

Published 20 hours ago verified publisher icon RealEnder

BSSIDs not properly recognized

Open strasharo opened this issue 8 years ago • 2 comments

Hello. I deployed the latest dwpa on Debian Jessie with 7.0.17-1~dotdeb+8.1. For some reason all of the uploaded networks appear to be listed with BSSID 00:00:7f:ff:ff:ff , which prevents them from being properly cracked by the workers. I checked manually the handshakes in the CAP directory and they appear to be fine. Prior upgrading to PHP7 I tried with the stock PHP5 shipped with Jessie - for the first uploaded network in the database the BSSID was shown as all zeroes and for the others only the second half of the bssid was correct while the first one was all zeroes.

strasharo avatar Apr 02 '17 00:04 strasharo

Turns out the issue is that I'm running on 32 bit install and the integer size is not sufficient to hold the value from hex2dec, so it converts it to float: https://github.com/RealEnder/dwpa/blob/master/web/common.php#L393

I assembled a quick fix for it using some functions from bcmath (I'm not experienced with php, so there's probably a better approach to do this:

<?php

function bchexdec($hex)
{
    $dec = 0;
    $len = strlen($hex);
    for ($i = 1; $i <= $len; $i++) {
        $dec = bcadd($dec, bcmul(strval(hexdec($hex[$i - 1])), bcpow('16', strval($len - $i))));
    }
    return $dec;
}

function bcdechex($dec) {
        $last = bcmod($dec, 16);
        $remain = bcdiv(bcsub($dec, $last), 16);

        if($remain == 0) {
            return dechex($last);
        } else {
            return bcdechex($remain).dechex($last);
        }
}

function mac2long($mac) {
    return hexdec(str_replace(':', '', $mac));
}

function long2mac($lmac) {
    $pmac = str_pad(dechex($lmac), 12, '0', STR_PAD_LEFT);
    return "{$pmac[0]}{$pmac[1]}:{$pmac[2]}{$pmac[3]}:{$pmac[4]}{$pmac[5]}:{$pmac[6]}{$pmac[7]}:{$pmac[8]}{$pmac[9]}:{$pmac[10]}{$pmac[11]}";
}


function mac2longfix($mac) {
    return bchexdec(str_replace(':', '', $mac));
}

function long2macfix($lmac) {
    $pmac = str_pad(bcdechex($lmac), 12, '0', STR_PAD_LEFT);
    return "{$pmac[0]}{$pmac[1]}:{$pmac[2]}{$pmac[3]}:{$pmac[4]}{$pmac[5]}:{$pmac[6]}{$pmac[7]}:{$pmac[8]}{$pmac[9]}:{$pmac[10]}{$pmac[11]}";
}


$longmac = mac2long("84:16:93:EB:B0:8C");
$hexmac = long2mac($longmac);
$longmacfix = mac2longfix("84:16:93:EB:B0:8C");
$hexmacfix = long2macfix($longmacfix);

echo "Default functs\n";
echo "$longmac\n";
echo "$hexmac\n";
echo "With BCmath\n";
echo "$longmacfix\n";
echo "$hexmacfix\n";
?>

And the output on a 32bit platform:

root@dwpa:~# php test.php 
Default functs
1.4523250584385E+14
00:00:93:eb:b0:8c
With BCmath
145232505843852
84:16:93:eb:b0:8c
root@dwpa:~#

strasharo avatar Apr 16 '17 23:04 strasharo

Haven't seen 32bit srv install in years :) Looks like this is the case here. Will try to find out a better way, since I don't want to pull additional deps just for that. Also search function has some logic for partial BSSID lookup, which have to be checked as well.

RealEnder avatar Apr 17 '17 07:04 RealEnder